Method and apparatus for trusted processing
First Claim
1. A trusted processor, comprising:
- a process that executes a task within a system, said process having one or more partitions that define trusted modules;
a trust boundary established by a trusted element; and
a trusted computing base, including a trusted execution area;
wherein said trusted computing base is separated from said process by said trust boundary, and wherein each of said trusted modules separately access said trusted computing base and are each executed locally within said trusted execution area.
1 Assignment
0 Petitions
Accused Products
Abstract
Trusted processing capability, for example for a cryptographic unit element in an International Cryptography Framework, secures one or more tasks or processes associated with application code. Trusted processing is assured by a trusted element, where use of the trusted element is based upon the principles of separation and locality, i.e. where the trusted element is associated with a trusted computing base that is separated from the operating system and/or data by a trust boundary, and where protected mechanisms are used to access the trusted element, such that trusted execution occurs only locally in a trusted execution area. The trust processing capability also encompasses a policy controlled main CPU.
220 Citations
38 Claims
-
1. A trusted processor, comprising:
-
a process that executes a task within a system, said process having one or more partitions that define trusted modules; a trust boundary established by a trusted element; and a trusted computing base, including a trusted execution area; wherein said trusted computing base is separated from said process by said trust boundary, and wherein each of said trusted modules separately access said trusted computing base and are each executed locally within said trusted execution area. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13, 14, 15)
-
-
10. The trusted processor of claim 10, wherein said trusted element defines a level of trust and/or privilege to be afforded a user of said trusted processor.
-
16. A trusted processor, comprising:
-
a process that executes a task within a system, said process having one or more partitions that define trusted modules; a trust boundary established by a trusted element, said trusted element comprising a policy that implements a processor personality; and a trusted computing base, including a trusted execution area; wherein said trusted computing base is separates from said process by said trust boundary, and wherein each of said trusted modules separately access said trusted computing base and are each executed locally within said trusted execution area. - View Dependent Claims (17)
-
-
18. A method for trusted processing, comprising the steps of:
-
providing a process that executes a task within a system, said process having one or more partitions that define trusted modules; providing a trust boundary established by a trusted element; and providing a trusted computing base, including a trusted execution area; wherein said trusted computing base is separated from said process by said trust boundary, and wherein each of said trusted modules separately access said trusted computing base and are each executed locally within said trusted execution area. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A method for trusted processing, comprising the steps of:
-
providing a process that executes a task within a system, said process having one or more partitions that define trusted modules; providing a trust boundary established by a trusted element, said trusted element comprising a policy that implements a processor personality; and providing a trusted computing base, including a trusted execution area; wherein said trusted computing base is separated from said process by said trust boundary, and wherein each of said trusted modules separately access said trusted computing base and are each executed locally within said trusted execution area. - View Dependent Claims (37)
-
-
38. A method for trusted processing, comprising the steps of:
-
providing a process that executes a task within a system, said process having one or more partitions that define trusted modules; providing a trust boundary established by a trusted element; and providing a trusted computing base, including a trusted execution area; wherein said trusted computing base is separated from data by said trust boundary, wherein said data are collected and/or transferred to said trusted computing base for processing; and wherein each of said trusted modules separately access said trusted computing base.
-
Specification