Secure processing environment
First Claim
1. A method of modifying an embedded processing system to incorporate security functionality, comprising:
- providing an embedded processing system to be modified;
incorporating at least one security peripheral into the embedded processing system;
defining at least one secure operating mode and at least one open operating mode for the embedded processing system; and
providing open operating mode access restrictions for at least a portion of the security peripherals.
6 Assignments
0 Petitions
Accused Products
Abstract
Secure operations and components may be integrated into a conventional processing system executing a standard operating system. A secure processing environment where trusted secure application code is executed may be provided for performing secure operations. In this environment, the applications and components may access all of the components in the system including secure components. An open processing environment is provided for performing conventional operations. Conventional application code may be executed in the open environment. In the open environment, access may only be provided to open components. That is, open applications and components may not be allowed to access the secure components in the system. In this way, a secure processing environment may be provided that allows secure and non-secure applications to be simultaneously executed while protecting sensitive data and operations. For example, encrypted and authenticated secure application code may be securely executed on a general purpose processor along with other, non-secure application code. In addition, access to components that use or store sensitive information may be restricted to selected secure components such as those that execute secure code.
-
Citations
45 Claims
-
1. A method of modifying an embedded processing system to incorporate security functionality, comprising:
-
providing an embedded processing system to be modified;
incorporating at least one security peripheral into the embedded processing system;
defining at least one secure operating mode and at least one open operating mode for the embedded processing system; and
providing open operating mode access restrictions for at least a portion of the security peripherals. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A secure data processing method comprising:
-
defining a secure mode of operation and an open mode of operation;
verifying code to be executed during the secure mode of operation; and
restricting access to at least one secure peripheral in the open mode of operation. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A system on a chip comprising:
-
at least one secure mode controller configured to enforce a secure mode of operation and an open mode of operation;
at least one processor configured to execute code for the secure mode of operation and the open mode of operation;
at least one non-volative memory configured to store cryptographic material for the secure mode of operation;
at least one cryptographic processor configured to process data for the secure mode of operation. - View Dependent Claims (37, 38, 39, 40, 41, 43, 44, 45)
-
-
42. The system on a chip of claim 42 comprising an address decoder configured to enable access to at least one secure peripheral in accordance with the at least one signal indicative of the secure mode of operation.
Specification