Programmable security platform
First Claim
Patent Images
1. A dynamically programmable security device comprising:
- a secure nonvolatile read only memory (NVMROM) for securely storing a unique device cipher key;
a secure interface for dynamically loading authenticated application code;
a cryptographic engine for encrypting, decrypting data and authenticating the application code;
a secure random access memory (RAM) for storing the authenticated application code and application data; and
a processor for executing the authenticated application code.
3 Assignments
0 Petitions
Accused Products
Abstract
A dynamically programmable security device. The device includes: a secure nonvolatile read only memory (NVMROM) for securely storing a unique device cipher key; a secure interface for dynamically loading authenticated application code; a cryptographic engine for encrypting, decrypting data and authenticating the application code; a secure random access memory (RAM) for storing the authenticated application code and application data; and a processor for executing the authenticated application code.
-
Citations
20 Claims
-
1. A dynamically programmable security device comprising:
-
a secure nonvolatile read only memory (NVMROM) for securely storing a unique device cipher key;
a secure interface for dynamically loading authenticated application code;
a cryptographic engine for encrypting, decrypting data and authenticating the application code;
a secure random access memory (RAM) for storing the authenticated application code and application data; and
a processor for executing the authenticated application code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 20)
-
-
10. A method for securely executing a dynamically loaded application code in a security module, the method comprising:
-
storing at least one cipher key in a secure memory in the security module;
authenticating the application code using the least one cipher key;
dynamically loading the authenticated application code in the security module;
switching the security module to an execution mode wherein, hardware configuration of the security module cannot be changed by the application code;
securely executing the application code; and
protecting the application data within a security boundary. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A client security module device capable of performing different dynamically loaded security functions, comprising:
-
a secure memory for storing a device identity key in a secure memory in the security module;
a cryptographic engine for authenticating a first and second application codes for a first and second security functions using the least one cipher key;
a secure interface for dynamically loading the authenticated first and second application code in a secure random access memory (RAM) in the client security module;
a processor for executing the authenticated first application code within a first security boundary and executing the authenticated second application code within a second security boundary, wherein the secure interface dynamically loads the authenticated second application code while the first application code is being executed by the processor. - View Dependent Claims (19)
-
Specification