DEVICE WITH A SECURE VIRTUAL MACHINE
First Claim
1. A secure computing device comprising:
- a secure cryptographic module, including an input, a key generation unit for generating a cryptographic key in dependence on received input and an output for producing the cryptographic key;
a processor;
a storage including a virtual machine that is executable on the processor, and at least one program that is executable on the virtual machine; and
a virtual machine manager including;
means for determining an identifier associated with the virtual machine;
means for supplying a representation of the identifier to the secure cryptographic module and retrieving a cryptographic key from the secure cryptographic module; and
means for, under control of the cryptographic key, decrypting at least a part of data input to the processor and encrypting at least part of data output from the processor when the processor executes the virtual machine.
11 Assignments
0 Petitions
Accused Products
Abstract
A secure computing device (100) includes a secure cryptographic module (120) with a key generation unit (124) for generating a cryptographic key in dependence on received input. A storage (140) is used for storing a virtual machine (142) that is executable on a processor (110) and at least one program (144) that is executable on the virtual machine. A virtual machine manager (130) including means 132 for determining an identifier associated 5 with the virtual machine, means 134 for supplying a representation of the identifier to the secure cryptographic module and retrieving a cryptographic key from the secure cryptographic module; and means 136 for, under control of the cryptographic key, decrypting at least a part of data input to the processor and encrypting at least part of data output from the processor when the processor executes the virtual machine.
66 Citations
15 Claims
-
1. A secure computing device comprising:
-
a secure cryptographic module, including an input, a key generation unit for generating a cryptographic key in dependence on received input and an output for producing the cryptographic key; a processor; a storage including a virtual machine that is executable on the processor, and at least one program that is executable on the virtual machine; and a virtual machine manager including; means for determining an identifier associated with the virtual machine; means for supplying a representation of the identifier to the secure cryptographic module and retrieving a cryptographic key from the secure cryptographic module; and means for, under control of the cryptographic key, decrypting at least a part of data input to the processor and encrypting at least part of data output from the processor when the processor executes the virtual machine. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of securing data being exchanged with a processor in a secure computing device;
- the method comprising;
loading a virtual machine in the processor and executing the virtual machine; loading at least one program into the processor that is executable on the virtual machine; determining an identifier associated with the virtual machine, in a secure cryptographic module generating a cryptographic key in dependence on a representation of the identifier; and under control of the cryptographic key, decrypting at least a part of data input to the processor and encrypting at least part of data output from the processor when the processor executes the virtual machine. - View Dependent Claims (15)
- the method comprising;
Specification