SECURE SENSOR DATA TRANSPORT AND PROCESSING
First Claim
1. A device including sensor-based security, comprising:
- one or more secured resources;
sensor circuitry to generate sensor data;
a trusted execution environment comprising access control circuitry to control access to the secured resources based on the generated sensor data, the access control circuitry including;
matching circuitry to compare the generated sensor data to previously captured sensor data associated with one or more authorized users permitted to access the one or more secured resources; and
output circuitry to, based at least in part on results of the comparison;
permit a user of the device to access the one or more secured resources;
orprevent the user of the device from accessing the one or more secured resources; and
processing circuitry to;
initiate a temporary suspension of execution in the device; and
<
during the temporary suspension, transfer the generated sensor data from memory circuitry associated with the sensor circuitry to the trusted execution environment.
0 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure is directed to secure sensor data transport and processing. End-to-end security may prevent attackers from altering data during the sensor-based security procedure. For example, following sensor data capture execution in a device may be temporarily suspended. During the suspension of execution, sensor interface circuitry in the device may copy the sensor data from a memory location associated with the sensor to a trusted execution environment (TEE) within the device. The TEE may provide a secure location in which the sensor data may be processed and a determination may be made as to whether to grant access to the secure resources. The TEE may comprise, for example, match circuitry to compare the sensor data to previously captured sensor data for users that are allowed to access the secured resources and output circuitry to grant access to the secured resources or to perform activities associated with a security exception.
-
Citations
20 Claims
-
1. A device including sensor-based security, comprising:
-
one or more secured resources; sensor circuitry to generate sensor data; a trusted execution environment comprising access control circuitry to control access to the secured resources based on the generated sensor data, the access control circuitry including; matching circuitry to compare the generated sensor data to previously captured sensor data associated with one or more authorized users permitted to access the one or more secured resources; and output circuitry to, based at least in part on results of the comparison; permit a user of the device to access the one or more secured resources;
orprevent the user of the device from accessing the one or more secured resources; and processing circuitry to; initiate a temporary suspension of execution in the device; and
<
during the temporary suspension, transfer the generated sensor data from memory circuitry associated with the sensor circuitry to the trusted execution environment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for sensor-based security, comprising:
-
capturing sensor data using at least one sensor in a device; initiating, via processing circuitry of the device, a temporary suspension of execution in the device; transferring, during the temporary suspension and via the processing circuitry of the device, the captured sensor data from memory circuitry associated with the at least one sensor to a trusted execution environment of the device; comparing, within the trusted execution environment, the captured sensor data to previously stored sensor data associated with one or more authorized users permitted to access one or more secured resources; and based at least in part on results of the comparing; permitting a user of the device to access the one or more secured resources;
orpreventing the user of the device from accessing the one or more secured resources. - View Dependent Claims (12, 13, 14, 15)
-
-
16. One or more non-transitory machine-readable storage devices having instructions stored thereon which, when executed by at least one processor, cause the at least one processor to perform operations associated with a secured resource access protocol, the operations comprising:
-
capturing, via at least one sensor of a device, sensor data from a user; initiating a temporary suspension of execution; transferring, during the temporary suspension of execution, the captured sensor data from memory circuitry associated with the at least one sensor to a trusted execution environment of the device; comparing, within the trusted execution environment, the captured sensor data with previously stored sensor data associated with one or more authorized users permitted to access a secured resource; and based at least in part on the comparing; permitting a user of the device to access the secured resource;
or preventing the user of the device from accessing the secured resource. - View Dependent Claims (17, 18, 19, 20)
-
Specification