Dynamic configuration of a secure processing unit for operations in various environments
First Claim
Patent Images
1. A data structure for a cryptographically secure processing unit (SPU) stored in a computer readable memory comprising:
- a capability table specifying functions that can be executed by said SPU;
a first field related to a time period for which said table is valid; and
a second field authenticating said capability table and said first field.
3 Assignments
0 Petitions
Accused Products
Abstract
A technique to dynamically configure a Secure Processing Unit (SPU) chip in a secure manner using a capability table, which defines the functions that an SPU can perform. The capability table employs a digital signature to ensure the authenticity of the source and contents of the table. It also contains information which identifies the SPU for which the table is intended and a time-stamp indicating the time by which the table must be loaded into an SPU.
-
Citations
39 Claims
-
1. A data structure for a cryptographically secure processing unit (SPU) stored in a computer readable memory comprising:
-
a capability table specifying functions that can be executed by said SPU; a first field related to a time period for which said table is valid; and a second field authenticating said capability table and said first field. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A data structure for a cryptographically secure processing unit (SPU) stored in a computer readable memory comprising:
-
a capability table specifying functions that can be executed by said SPU; a first field identifying said SPU; a second field related to a time period for which said table is valid; and a third field authenticating the source and content of said capability table, said first field, and said second field. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method of configuring a cryptographically secure processing unit (SPU) comprising the steps of:
-
(a) encoding a security policy for said SPU in a capability table stored in a computer readable memory; (b) appending to said table a first field related to a time period for which said table is valid; (c) appending to said table a second field authenticating the source and content of said table; and (d) transmitting said table and said appended fields to said SPU. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
-
-
27. A method of configuring a cryptographically secure processing unit (SPU) comprising the steps of:
-
(a) encoding a security policy for said SPU in a capability table stored in a computer readable memory; (b) appending to said table a first field identifying said table; (c) appending to said table a second field related to a time period for which said table is valid; (d) appending to said table a third field authenticating the source and content of said table; and (e) transmitting said table and said appended fields to said SPU. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
Specification