Tamper-aware virtual TPM
First Claim
1. A method comprising:
- executing a virtual trusted platform module (TPM) thread on a processor to facilitate a virtual TPM; and
executing a security-patrol thread on the processor to detect a physical attack on the processor.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods, software/firmware and apparatus for implementing a tamper-aware virtual trusted platform module (TPM). Under the method, respective threads comprising a virtual TPM thread and a security-patrol threads are executed on a host processor. In one embodiment, the host processor is a multi-threaded processor having multiple logical processors, and the respective threads are executed on different logical processors. While the virtual TPM thread is used to perform various TPM functions, the security-patrol thread monitors for physical attacks on the processor by implementing various numerical calculation loops, wherein an erroneous calculation is indicative of a physical attack. In response to detection of such an attack, various actions can be taken in view of one or more predefined security policies, such as logging the event, shutting down the platform and/or informing a remote management entity.
-
Citations
23 Claims
-
1. A method comprising:
-
executing a virtual trusted platform module (TPM) thread on a processor to facilitate a virtual TPM; and
executing a security-patrol thread on the processor to detect a physical attack on the processor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A machine-readable medium to provide instructions to execute on a processor, the instructions including:
-
a virtual trusted platform module (TPM) thread, to effect virtual TPM functionality; and
a security-patrol thread, to detect a physical attack on the processor. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A computer system, comprising:
-
a multi-threaded processor;
a memory, operatively-coupled to the multi-threaded processor; and
at least one storage device, operatively-coupled to the multi-threaded processor, to store instructions to execute on the multi-threaded processor, the instructions including;
a virtual trusted platform module (TPM) thread, to effect virtual TPM functionality; and
a security-patrol thread, to detect a physical attack on the processor. - View Dependent Claims (20, 21, 22, 23)
-
Specification