Virtualized trusted storage
First Claim
1. At least one non-transitory machine-readable medium comprising one or more instructions that when executed by a processor, cause the processor to:
- receive a request from a process to access data in a system;
determine whether the data is in a virtualized protected area of memory in the system, wherein the virtualized protected area of memory is a secured storage area;
responsive to determining that the data is in the virtualized protected area of memory, determine whether the process is a trusted process; and
display an untrusted view of the location of the data based on a determination that the process is an untrusted process, wherein the untrusted view includes only data stored in an unprotected area of memory;
ordisplay a trusted view of the location of the data and allow access to the data based on a determination that the process is a trusted process, wherein the trusted view includes data stored in the unprotected and the virtualized protected areas of memory.
2 Assignments
0 Petitions
Accused Products
Abstract
Particular embodiments described herein provide for an electronic device that can be configured to receive a request from a process to access data is a system, determine if the data is in a virtualized protected area of memory in the system, and allow access to the data if the data is in the virtualized protected area of memory and the process is a trusted process. The electronic device can also be configured to determine if new data should be protected, store the new data in the virtualized protected area of memory in the system if the new data should be protected, and store the new data in an unprotected area of memory in the system if the new data should not be protected.
-
Citations
20 Claims
-
1. At least one non-transitory machine-readable medium comprising one or more instructions that when executed by a processor, cause the processor to:
-
receive a request from a process to access data in a system; determine whether the data is in a virtualized protected area of memory in the system, wherein the virtualized protected area of memory is a secured storage area; responsive to determining that the data is in the virtualized protected area of memory, determine whether the process is a trusted process; and display an untrusted view of the location of the data based on a determination that the process is an untrusted process, wherein the untrusted view includes only data stored in an unprotected area of memory;
ordisplay a trusted view of the location of the data and allow access to the data based on a determination that the process is a trusted process, wherein the trusted view includes data stored in the unprotected and the virtualized protected areas of memory. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An apparatus comprising:
a hardware processor configured to; receive a request from a process to access data in a system; determine whether the data is in a virtualized protected area of memory in the system, wherein the virtualized protected area of memory is a secure storage area; responsive to determining that the data is in the virtualized protected area of memory, determine whether the process is a trusted process; and display an untrusted view of the location of the data based on a determination that the process is an untrusted process, wherein the untrusted view includes only data stored in an unprotected area of memory;
ordisplay a trusted view of the location of the data and allow access to the data based on a determination that the process is a trusted process, wherein the trusted view includes data stored in the unprotected and the virtualized protected areas of memory. - View Dependent Claims (7, 8, 9, 10)
-
11. A method comprising:
-
receiving a request from a process to access data in a system; determining whether the data is in a virtualized protected area of memory in the system, wherein the virtualized protected area of memory is a secured storage area; responsive to determining that the data is in a virtualized protected area of memory, determining whether the process is a trusted process; and displaying an untrusted view of the location of the data based on a determination that the process is an untrusted process, wherein the untrusted view includes only data stored in an unprotected area of memory;
ordisplaying a trusted view of the location of the data and allowing access to the data based on a determination that the process is a trusted process, wherein the trusted view includes data stored in the unprotected and the virtualized protect areas of memory. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A system for virtualized trusted secure storage, the system comprising:
a hardware processor configured to; receive a request from a process to access data in a system; determine whether the data is in a virtualized protected area of memory in the system, wherein the virtualized protected area of memory is a secured storage area; responsive to determining that the data is in a virtualized protected area of memory, determine whether the process is a trusted process; and display an untrusted view of the location of the data based on a determination that the process is an untrusted process, wherein the untrusted view includes only data stored in an unprotected area of memory;
ordisplay a trusted view of the location of the data and allow access to the data based on a determination that the process is a trusted process, wherein the trusted view includes data stored in the unprotected and the virtualized protected areas of memory. - View Dependent Claims (17, 18, 19, 20)
Specification