System for providing secure and trusted computing environments through a secure computing module
First Claim
1. A system for providing a trusted COTS computing environment for an untrusted host, comprising:
- a first subsystem including authenticated applications software and authenticated operating systems;
a second subsystem for managing and controlling I/O paths to said system, wherein said second subsystem includes a processor for maintaining secure partitions for memory and I/O resources, a plurality of I/O channels, a cryptographic engine, and a secure local memory; and
a trusted agent communicatively coupled to said second subsystem, said trusted agent providing a secure path between an input device and an output device of said untrusted host and said system, said trusted agent residing on said untrusted host,wherein said first subsystem is cleansed and then stored on said secure local memory.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention is directed to a system for providing a trusted environment for untrusted computing systems. The system may include a HAC subsystem managing shared resources and a trusted bus switch for controlling a COTS processor to access the shared resources. The shared resources such as memory and several I/O resources reside on the trusted side of the trusted bus switch. Alternatively, the system may include a SCM as an add-on module to an untrusted host environment. Only authenticated applications including COTS OS execute on the SCM while untrusted applications execute on the untrusted host environment. The SCM may control secure resource access from the untrusted host through a plug-in module interface. All secure resources may be maintained on the trusted side of the plug-in module interface.
-
Citations
38 Claims
-
1. A system for providing a trusted COTS computing environment for an untrusted host, comprising:
-
a first subsystem including authenticated applications software and authenticated operating systems; a second subsystem for managing and controlling I/O paths to said system, wherein said second subsystem includes a processor for maintaining secure partitions for memory and I/O resources, a plurality of I/O channels, a cryptographic engine, and a secure local memory; and a trusted agent communicatively coupled to said second subsystem, said trusted agent providing a secure path between an input device and an output device of said untrusted host and said system, said trusted agent residing on said untrusted host, wherein said first subsystem is cleansed and then stored on said secure local memory. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A secure system, comprising:
-
a secure computing module, the secure computing module including; a first subsystem including authenticated applications, data and code associated with said authenticated applications and authenticated operating systems, and a second subsystem for controlling each I/O path of said secure computing module, said second subsystem including; a trusted processor, the trusted processor configured for maintaining secure partitions for memory and I/O resources; a plurality of I/O channels; a cryptographic engine; and a local storage; a host interface module communicatively coupled to the secure computing module via said second subsystem of said secure computing module, said host interface module configured for interfacing between an untrusted host environment and a trusted environment; and a secure wireless module, said processor of said second subsystem providing a secured wireless interface through said cryptographic engine and said secure wireless module, said host interface module residing on said untrusted environment and said first subsystem and said second subsystem residing on a trusted environment, said first subsystem being cleansed and stored on the local storage. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A secure system, comprising:
-
means for providing an authenticated subsystem, said authenticated subsystem including applications, data and code associated with said applications, and embedded operating systems; means for controlling each I/O path of said secure system, said controlling means including;
means for maintaining secure partitions for memory and I/O resources;
means for encrypting and decrypting information; and
means for storing said authenticated subsystem and said encrypted information;means for creating a secure I/O path for untrusted host input and output devices; means for interfacing between an untrusted host platform and said secured system, wherein said means for creating a secure I/O path is located on said untrusted host platform, wherein said authenticated subsystem is cleansed and then stored on said storing means. - View Dependent Claims (33, 34, 35, 36, 37, 38)
-
Specification