Secure sensor data transport and processing
First Claim
1. A device including sensor-based security, comprising:
- secured resources;
sensor circuitry to generate sensor data;
memory circuitry including at least a trusted execution environment comprising access control circuitry to control access to the secured resources based on the sensor data, the access control circuitry including;
matching circuitry to;
compare the sensor data to previously captured sensor data for users permitted to access the secured resources; and
output a match determination based on the comparison; and
output circuitry to, based on the match determination;
permit a user of the device to access the secured resources;
orperform at least one activity associated with a security exception; and
processing circuitry to;
cause execution in the device to be temporarily suspended; and
transfer the sensor data from a first memory location in the memory circuitry associated with the sensor circuitry to a second memory location within the trusted execution environment during the temporary suspension.
0 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure is directed to secure sensor data transport and processing. End-to-end security may prevent attackers from altering data during the sensor-based security procedure. For example, following sensor data capture execution in a device may be temporarily suspended. During the suspension of execution, sensor interface circuitry in the device may copy the sensor data from a memory location associated with the sensor to a trusted execution environment (TEE) within the device. The TEE may provide a secure location in which the sensor data may be processed and a determination may be made as to whether to grant access to the secure resources. The TEE may comprise, for example, match circuitry to compare the sensor data to previously captured sensor data for users that are allowed to access the secured resources and output circuitry to grant access to the secured resources or to perform activities associated with a security exception.
-
Citations
20 Claims
-
1. A device including sensor-based security, comprising:
-
secured resources; sensor circuitry to generate sensor data; memory circuitry including at least a trusted execution environment comprising access control circuitry to control access to the secured resources based on the sensor data, the access control circuitry including; matching circuitry to; compare the sensor data to previously captured sensor data for users permitted to access the secured resources; and output a match determination based on the comparison; and output circuitry to, based on the match determination; permit a user of the device to access the secured resources;
orperform at least one activity associated with a security exception; and processing circuitry to; cause execution in the device to be temporarily suspended; and transfer the sensor data from a first memory location in the memory circuitry associated with the sensor circuitry to a second memory location within the trusted execution environment during the temporary suspension. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for sensor-based security, comprising:
-
triggering a secured resource access protocol in a device; capturing sensor data using at least one sensor in the device; causing processing circuitry in the device to temporarily suspend execution; and causing the processing circuitry to transfer the sensor data from a first memory location in memory circuitry in the device associated with the at least one sensor to a second memory location in a trusted execution environment in the memory circuitry during the temporary suspension; comparing, within the trusted execution environment, the sensor data to previously captured sensor data for users permitted to access the secured resources; outputting, within the trusted execution environment, a match determination based on the comparison; and based on the match determination; permitting a user of the device to access the secured resources;
orperforming at least one activity associated with a security exception. - View Dependent Claims (12, 13, 14, 15)
-
-
16. One or more non-transitory machine-readable storage devices having instructions stored thereon which, when executed by at least one processor, cause the at least one processor to perform operations for sensor-based security comprising:
-
trigger a secured resource access protocol in a device; capture sensor data using at least one sensor in the device; temporarily suspend execution; transfer the sensor data from a first memory location in memory circuitry in the device associated with the at least one sensor to a second memory location in a trusted execution environment in the memory circuitry during the temporary suspension; compare, within the trusted execution environment, the sensor data to previously captured sensor data for users permitted to access secured resources; output, within the trusted execution environment, a match determination based on the comparison; and based on the match determination; permit a user of the device to access the secured resources;
orperform at least one activity associated with a security exception. - View Dependent Claims (17, 18, 19, 20)
-
Specification