Method and apparatus enhancing computer system security
First Claim
1. In a computer system including a central processor unit, said central processor being plugged into a first socket on a first circuit board, said central processor unit having respective address signals, data signals and a plurality of control signals coupled thereto through said first socket, said plurality of control signals provided to/from said central processor unit on a respective plurality of control signal lines including a first control signal line being one of said respective plurality of control signal lines, said first control signal line including a first control signal, a method for enhancing the security of said computer system, said method comprising:
- removing said central processor unit from said first socket;
replacing said central processor by plugging a second circuit board into said first socket, said second circuit board further having a second socket substantially identical to said first socket;
plugging said central processor unit into said second socket on said second circuit board; and
intercepting said first control signal.
2 Assignments
0 Petitions
Accused Products
Abstract
A security enhanced computer system arrangement includes a coprocessor and a multiprocessor logic controller inserted into the architecture of a conventional computer system. The coprocessor and multiprocessor logic controller is interposed between the CPU of the conventional computer system to intercept and replace control signals that are passed over certain of the critical control signal lines associated with the CPU. The multiprocessor logic controller arrangement thereby isolates the CPU of the conventional computer system from the remainder of the conventional computer system, permitting separate control over the CPU and separate control over the remainder of the computer system. By controlling the control signals that are normally passed between the CPU and the remainder of the computer system, the multiprocessor logic controller permits the coprocessor to perform highly secure operations. These secure operations, selectable by a trusted operator or built in to a cooperating operating system, verify that the computer system is a trusted computing base which can be relied upon to perform its operations properly and without compromise.
-
Citations
22 Claims
-
1. In a computer system including a central processor unit, said central processor being plugged into a first socket on a first circuit board, said central processor unit having respective address signals, data signals and a plurality of control signals coupled thereto through said first socket, said plurality of control signals provided to/from said central processor unit on a respective plurality of control signal lines including a first control signal line being one of said respective plurality of control signal lines, said first control signal line including a first control signal, a method for enhancing the security of said computer system, said method comprising:
-
removing said central processor unit from said first socket; replacing said central processor by plugging a second circuit board into said first socket, said second circuit board further having a second socket substantially identical to said first socket; plugging said central processor unit into said second socket on said second circuit board; and intercepting said first control signal. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer system comprising:
-
a first processor having respective address signals, data signals and a plurality of control signals coupled thereto, said plurality of control signals provided to/from said first processor on a respective plurality of control signal lines including a first control signal line being one of said respective plurality of control signal lines, said first control signal line including a first control signal; a multiprocessor logic controller for capturing said first processor unit; and a second processor, wherein, during said capturing, said multiprocessor logic controller assigns a second memory address space to said second processor and a first memory address space to said first processor, and wherein said second memory address space is non-accessible to said first processor; and
whereinsaid multiprocessor logic controller captures said first processor by isolating said first processor from said second processor through a preventing of reception of said first control signal by said first processor, and wherein said multiprocessor logic selectively enables said second processor. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A multiple processor system comprising:
-
a first processor having a plurality of terminals for receiving a first plurality of control signals coupled thereto; a second processor; a multiprocessor logic controller for preventing reception of at least one of said first plurality of control signals by said first processor and for substituting at least one of a second plurality of control signals in place of said one of said first plurality of control signals, and for selectively enabling said first processor and said second processor, respectively, wherein, during said preventing reception, said multiprocessor logic controller assigns a second memory address space to said second processor and a first memory address space to said first processor, and wherein said second memory address space is non-accessible to said first processor. - View Dependent Claims (18, 19, 20, 21, 22)
-
Specification