Virtualized trusted storage
First Claim
1. At least one non-transitory machine readable medium comprising one or more instructions that when executed by at least one processor, cause the at least one processor to:
- receive a request from a process to access data in a system;
determine whether the data is in a virtualized protected area of memory in the system, wherein the virtualized protected area of memory is a secure storage area and wherein the data is stored unencrypted; and
responsive to determining that the data is not in a virtualized protected area of memory, allow access to the data;
orresponsive to determining that the data is in a virtualized protected area of memory, determine whether the process is a trusted process; and
allow access to the data based on a determination that the data is in the virtualized protected area of memory and the process is a trusted process.
10 Assignments
0 Petitions
Accused Products
Abstract
Particular embodiments described herein provide for an electronic device that can be configured to receive a request from a process to access data is a system, determine if the data is in a virtualized protected area of memory in the system, and allow access to the data if the data is in the virtualized protected area of memory and the process is a trusted process. The electronic device can also be configured to determine if new data should be protected, store the new data in the virtualized protected area of memory in the system if the new data should be protected, and store the new data in an unprotected area of memory in the system if the new data should not be protected.
52 Citations
20 Claims
-
1. At least one non-transitory machine readable medium comprising one or more instructions that when executed by at least one processor, cause the at least one processor to:
-
receive a request from a process to access data in a system; determine whether the data is in a virtualized protected area of memory in the system, wherein the virtualized protected area of memory is a secure storage area and wherein the data is stored unencrypted; and responsive to determining that the data is not in a virtualized protected area of memory, allow access to the data;
orresponsive to determining that the data is in a virtualized protected area of memory, determine whether the process is a trusted process; and allow access to the data based on a determination that the data is in the virtualized protected area of memory and the process is a trusted process. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An apparatus comprising:
a hardware processor configured to; receive a request from a process to access data in a system; determine whether the data is in a virtualized protected area of memory in the system, wherein the virtualized protected area of memory is a secure storage area and wherein the data is stored unencrypted; and responsive to determining that the data is not in a virtualized protected area of memory, allow access to the data;
orresponsive to determining that the data is in a virtualized protected area of memory, determine whether the process is a trusted process; and allow access to the data based on a determination that the data is in the virtualized protected area of memory and the process is a trusted process. - View Dependent Claims (7, 8, 9, 10)
-
11. A method comprising:
-
receiving a request from a process to access data in a system; determining whether the data is in a virtualized protected area of memory in the system, wherein the virtualized protected area of memory is a secure storage area and wherein the data is stored unencrypted; and responsive to determining that the data is not in a virtualized protected area of memory, allowing access to the data;
orresponsive to determining that the data is in a virtualized protected area of memory, determining whether the process is a trusted process; and allowing access to the data based on a determination that the data is in the virtualized protected area of memory and the process is a trusted process. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A system for virtualized trusted secure storage, the system comprising:
a hardware processor configured to; receive a request from a process to access data in a system; determine whether the data is in a virtualized protected area of memory in the system, wherein the virtualized protected area of memory is a secure storage area and wherein the data is stored unencrypted; and responsive to determining that the data is not in a virtualized protected area of memory, allow access to the data;
orresponsive to determining that the data is in a virtualized protected area of memory, determine whether the process is a trusted process; and allow access to the data based on a determination that the data is in the virtualized protected area of memory and the process is a trusted process. - View Dependent Claims (17, 18, 19, 20)
Specification