System and Method for Providing a Secure Application Fragmentation Environment
First Claim
1. A system comprising:
- a secure fragmentation manager coupled to an application fragments store;
an external memory interface coupled to the secure fragmentation manager, the secure fragmentation manager obtaining a required code fragment from an external memory via the external memory interface, if the required code fragment is not present in the application fragments store;
a cryptographic engine coupled to the application fragments store and a secure key store, the cryptographic engine decrypting the required code fragment, if necessary, using a secure key and verifying the integrity of a code fragment; and
an execution engine coupled to the cryptographic engine and application fragments store, the execution engine executing a decrypted code fragment.
1 Assignment
0 Petitions
Accused Products
Abstract
System and method for providing and using expanded memory resources secure application environment is disclosed. An embodiment comprises a system and method for providing secure application functionality comprising receiving a request for a secure operation; determining if required application code for the secure operation is present in an application fragment store; sequentially loading a plurality of fragments of the required application code from an external memory, if the required application code is not present in the application fragment store; sequentially executing the plurality of fragments of the required application code; and sending a reply to the request for the secure operation. The system and method may further comprise decrypting each of the plurality of fragments of the required application code using a secure key prior to execution of the fragment and verifying the integrity of the code fragment.
-
Citations
27 Claims
-
1. A system comprising:
-
a secure fragmentation manager coupled to an application fragments store; an external memory interface coupled to the secure fragmentation manager, the secure fragmentation manager obtaining a required code fragment from an external memory via the external memory interface, if the required code fragment is not present in the application fragments store; a cryptographic engine coupled to the application fragments store and a secure key store, the cryptographic engine decrypting the required code fragment, if necessary, using a secure key and verifying the integrity of a code fragment; and an execution engine coupled to the cryptographic engine and application fragments store, the execution engine executing a decrypted code fragment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for providing secure application functionality, comprising:
-
receiving a request for a secure operation; determining if a required application code fragment for the secure operation is present in an application fragment store; loading the required application code fragment from an external memory, if the required application code fragment is not present in the application fragment store; decrypting the required application code fragment using a secure key; verifying the integrity of a required application code fragment; executing the decrypted required application code fragment; and sending a reply to the request for the secure operation. - View Dependent Claims (20, 21, 22, 23, 24, 25)
-
-
26. A method for providing secure application functionality, comprising:
-
receiving a request for a secure operation; determining if required application code for the secure operation is present in an application fragment store; sequentially loading a plurality of fragments of the required application code from an external memory, if the required application code is not present in the application fragment store; sequentially executing the plurality of fragments of the required application code; and sending a reply to the request for the secure operation. - View Dependent Claims (27)
-
Specification