Method and apparatus for trusted processing

US 5,841,869 A
Filed: 08/23/1996
Issued: 11/24/1998
Est. Priority Date: 08/23/1996
Status: Expired due to Term

First Claim

Patent Images

1. A trusted processor, comprising:

a process that executes a task within a system, said process having one or more partitions that define trusted modules;

a trust boundary established by a trusted element; and

a trusted computing base, including a trusted execution area;

wherein said trusted computing base is separated from said process by said trust boundary, and wherein each of said trusted modules separately access said trusted computing base and are each executed locally within said trusted execution area.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Trusted processing capability, for example for a cryptographic unit element in an International Cryptography Framework, secures one or more tasks or processes associated with application code. Trusted processing is assured by a trusted element, where use of the trusted element is based upon the principles of separation and locality, i.e. where the trusted element is associated with a trusted computing base that is separated from the operating system and/or data by a trust boundary, and where protected mechanisms are used to access the trusted element, such that trusted execution occurs only locally in a trusted execution area. The trust processing capability also encompasses a policy controlled main CPU.

220 Citations

38 Claims

1. A trusted processor, comprising:
- a process that executes a task within a system, said process having one or more partitions that define trusted modules;
  
  a trust boundary established by a trusted element; and
  
  a trusted computing base, including a trusted execution area;
  
  wherein said trusted computing base is separated from said process by said trust boundary, and wherein each of said trusted modules separately access said trusted computing base and are each executed locally within said trusted execution area.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13, 14, 15)
- - 2. The trusted processor of claim 1, said trusted element comprising:
    - a policy.
  - 3. The trusted processor of claim 2, wherein said policy implements a processor personality.
  - 4. The trusted processor of claim 3, wherein said personality defines a level of trust and/or privilege to be afforded a user of said trusted processor.
  - 5. The trusted processor of claim 1, further comprising:
    - a envelope for conveying information across said trust boundary.
  - 6. The trusted processor of claim 1, further comprising:
    - a cryptographic unit; and
      
      a policy;
      
      wherein said cryptographic unit is controlled by said policy, said policy comprising said trusted element.
  - 7. The trusted processor of claim 1, said trust boundary comprising:
    - a physical, electrical, and/or logical barrier.
  - 8. The trusted processor of claim 1, said trusted element comprising:
    - a hardware element that cannot be duplicated because of the manner in which it is manufactured and/or personalized.
  - 9. The trusted processor of claim 1, wherein said trusted element controls the use of cryptography within said trusted execution area.
  - 11. The trusted processor of claim 1, further comprising:
    - a challenge/response mechanism for securing communications across said trust boundary.
  - 12. The trusted processor of claim 11, said challenge/response mechanism further comprising:
    - a decay function for dynamically altering a challenge/response key.
  - 13. The trusted processor of claim 12, said decay function further comprising:
    - means within or associated with said trusted computing base for randomly altering said challenge/response key.
  - 14. The trusted processor of claim 12, said decay function further comprising:
    - a fixed value offset that defines a range of acceptable values for said challenge/response key.
  - 15. The trusted processor of claim 11, wherein said challenge/response mechanism is non-repeating and/or non-predictable.

10. The trusted processor of claim 10, wherein said trusted element defines a level of trust and/or privilege to be afforded a user of said trusted processor.

16. A trusted processor, comprising:
- a process that executes a task within a system, said process having one or more partitions that define trusted modules;
  
  a trust boundary established by a trusted element, said trusted element comprising a policy that implements a processor personality; and
  
  a trusted computing base, including a trusted execution area;
  
  wherein said trusted computing base is separates from said process by said trust boundary, and wherein each of said trusted modules separately access said trusted computing base and are each executed locally within said trusted execution area.
- View Dependent Claims (17)
- - 17. The trusted processor of claim 16, wherein said processor further comprises:
    - at least one application having at least one adaptive kernel, wherein said adaptation is in response to a personality imposed by said policy.

18. A method for trusted processing, comprising the steps of:
- providing a process that executes a task within a system, said process having one or more partitions that define trusted modules;
  
  providing a trust boundary established by a trusted element; and
  
  providing a trusted computing base, including a trusted execution area;
  
  wherein said trusted computing base is separated from said process by said trust boundary, and wherein each of said trusted modules separately access said trusted computing base and are each executed locally within said trusted execution area.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
- - 19. The method of claim 18, said trusted element comprising:
    - a policy.
  - 20. The method of claim 19, wherein said policy is a tamper-resistant smart card.
  - 21. The method of claim 19, wherein said policy implements a processor personality.
  - 22. The method of claim 21, wherein said personality defines a level of trust and/or privilege to be afforded a user of said trusted processor.
  - 23. The method of claim 18, further comprising the step of:
    - providing a envelope for conveying information across said trust boundary.
  - 24. The method of claim 18, further comprising the step of:
    - storing information in a personal token.
  - 25. The method of claim 24, wherein said personal token is a tamper-resistant smart card.
  - 26. The method of claim 18, further comprising the step of:
    - providing a cryptographic unit; and
      
      providing a policy;
      
      wherein said cryptographic unit is controlled by said policy, said policy comprising said trusted element.
  - 27. The method of claim 18, said trust boundary comprising:
    - a physical, electrical, and/or logical barrier.
  - 28. The method of claim 18, said trusted element comprising:
    - a hardware element that cannot be duplicated because of the manner in which it is manufactured and/or personalized.
  - 29. The method of claim 18, wherein said trusted element controls the use of cryptography within said trusted execution area.
  - 30. The method of claim 18, wherein said trusted element defines a level of trust and/or privilege to be afforded a user of said trusted processor.
  - 31. The method of claim 18, further comprising the step of:
    - providing a challenge/response mechanism for securing communications across said trust boundary.
  - 32. The method of claim 31, said challenge/response mechanism further comprising the step of:
    - providing a decay function for dynamically altering a challenge/response key.
  - 33. The method of claim 32, said decay function further comprising the step of:
    - providing means within or associated with said trusted computing base for randomly altering said challenge/response key.
  - 34. The method of claim 32, said decay function further comprising the step of:
    - providing a fixed value offset that defines a range of acceptable values for said challenge/response key.
  - 35. The trusted processor of claim 31, wherein said challenge/response mechanism is non-repeating and/or non-predictable.

36. A method for trusted processing, comprising the steps of:
- providing a process that executes a task within a system, said process having one or more partitions that define trusted modules;
  
  providing a trust boundary established by a trusted element, said trusted element comprising a policy that implements a processor personality; and
  
  providing a trusted computing base, including a trusted execution area;
  
  wherein said trusted computing base is separated from said process by said trust boundary, and wherein each of said trusted modules separately access said trusted computing base and are each executed locally within said trusted execution area.
- View Dependent Claims (37)
- - 37. The method of claim 36, wherein said processor further comprises:
    - at least one application having at least one adaptive kernel, wherein said adaptation is in response to a personality imposed by said policy.

38. A method for trusted processing, comprising the steps of:
- providing a process that executes a task within a system, said process having one or more partitions that define trusted modules;
  
  providing a trust boundary established by a trusted element; and
  
  providing a trusted computing base, including a trusted execution area;
  
  wherein said trusted computing base is separated from data by said trust boundary, wherein said data are collected and/or transferred to said trusted computing base for processing; and
  
  wherein each of said trusted modules separately access said trusted computing base.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cheyenne Property Trust
Original Assignee
Cheyenne Property Trust
Inventors
Klemba, Keith, Fieres, Helmut, Merkling, Roger
Primary Examiner(s)
CANGIALOSI, SALVATORE A

Application Number

US08/702,332
Time in Patent Office

823 Days
Field of Search

380/4, 380/23, 380/25, 380/30, 340/825.31
US Class Current

713/164
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/62   Protecting access to data v...

G06F 21/71   to assure secure computing ...

G06F 2211/009   Trust

G06F 2221/2113   Multi-level security, e.g. ...

Method and apparatus for trusted processing

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

220 Citations

38 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for trusted processing

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

220 Citations

38 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others