System and method for execution of a secured environment initialization instruction
First Claim
Patent Images
1. A computing system comprising:
- a storage device to store a first secure module and a second secure module; and
a processor coupled to the storage device, the processor to establish a root of trust usable to ensure that subsequent operations can be trusted, wherein the processor is to execute the first secure module to initialize a secure processing environment and authenticate the second secure module, and wherein the processor is to execute the second secure module after being authenticated by the first secure module and after the root of trust has been established, the second secure module to prevent direct access to hardware resources in the secure processing environment from an untrusted operating system.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for initiating secure operations in a microprocessor system is described. In one embodiment, one initiating logical processor initiates the process by halting the execution of the other logical processors, and then loading initialization and secure virtual machine monitor software into memory. The initiating processor then loads the initialization software into secure memory for authentication and execution. The initialization software then authenticates and registers the secure virtual machine monitor software prior to secure system operations.
270 Citations
4 Claims
-
1. A computing system comprising:
-
a storage device to store a first secure module and a second secure module; and a processor coupled to the storage device, the processor to establish a root of trust usable to ensure that subsequent operations can be trusted, wherein the processor is to execute the first secure module to initialize a secure processing environment and authenticate the second secure module, and wherein the processor is to execute the second secure module after being authenticated by the first secure module and after the root of trust has been established, the second secure module to prevent direct access to hardware resources in the secure processing environment from an untrusted operating system. - View Dependent Claims (2, 3, 4)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeTahoe Research Limited (f/k/a Learndale Limited) (Vector Capital Corporation)
-
Original AssigneeIntel Corporation
-
InventorsSutton, II, James A., Grawrock, David W.
-
Primary Examiner(s)Smithers, Matthew
-
Application NumberUS15/402,666Publication NumberTime in Patent Office728 DaysField of SearchUS Class CurrentCPC Class CodesG01N 2223/076 X-ray fluorescenceG01N 23/223 by irradiating the sample w...G01N 33/502 for testing non-proliferati...G01N 33/6872 Intracellular protein regul...G06F 12/0802 Addressing of a memory leve...G06F 12/145 the protection being virtua...G06F 12/1458 by checking the subject acc...G06F 13/4282 on a serial bus, e.g. I2C b...G06F 21/57 Certifying or maintaining t...G06F 21/572 Secure firmware programming...G06F 2212/1052 Security improvementG06F 2212/60 Details of cache memoryG06F 2213/0026 PCI expressG06F 2221/033 Test or assess softwareG06F 9/4403 Processor initialisationG06F 9/44505 Configuring for program ini...H04L 9/32 including means for verifyi...H04L 9/3247 involving digital signatures
