Input output access controller
First Claim
1. A cryptographic device for processing classified information having a plurality of different classification levels, the cryptographic device comprising:
- a processing circuit configured to;
access a plurality of peripherals, andexecute software programs;
an access controller, communicatively coupled to the processing circuit and configured to;
access a plurality of rules which the access controller applies for a plurality of states of the processing circuit;
regulate which of the plurality of states the processing circuit is allowed to transition to from each of the plurality of states, based on the plurality of rules, andtake or request remedial action when at least one of the plurality of rules is violated while the processing circuit is in one of the plurality of states;
wherein;
the plurality of rules specify, for each of the plurality of states;
which of the plurality of peripherals are allowed to be accessed by the processing circuit,which operations are allowed to be performed by the processing circuit with each of the plurality of peripherals accessible to the processing circuit, the operations including at least one of read, write, or read and write, andwhich of the plurality of states the processing circuit is allowed to transition to;
the plurality of rules are not fixed;
the plurality of rules may be changed, but cannot be changed;
by the processing circuit, orduring operation of the cryptographic device;
the access controller is not programmable by the processing circuit; and
the plurality of states comprise;
an idle state;
at least one operational state capable of being transitioned to from the idle state; and
a clean-up state during which data is purged from memory, the clean-up state capable of being transitioned to by the processing circuit at least once after the processing circuit transitions from the at least one operational state and before the processing circuit transitions back to the idle state.
5 Assignments
0 Petitions
Accused Products
Abstract
A device for high-assurance processing is disclosed. A processing circuit uses an access controller to assure that the processing circuit operates properly. The processing circuit runs software programs and is programmable. The access controller is programmable, but not programmable by the processing circuit. Peripherals or segments of the address space of the processing circuit is regulated. In a particular state, the peripherals that are available are regulated by the access controller. In some embodiments, the transition from state-to-state can also be regulated by the access controller.
65 Citations
16 Claims
-
1. A cryptographic device for processing classified information having a plurality of different classification levels, the cryptographic device comprising:
-
a processing circuit configured to; access a plurality of peripherals, and execute software programs; an access controller, communicatively coupled to the processing circuit and configured to; access a plurality of rules which the access controller applies for a plurality of states of the processing circuit; regulate which of the plurality of states the processing circuit is allowed to transition to from each of the plurality of states, based on the plurality of rules, and take or request remedial action when at least one of the plurality of rules is violated while the processing circuit is in one of the plurality of states; wherein; the plurality of rules specify, for each of the plurality of states; which of the plurality of peripherals are allowed to be accessed by the processing circuit, which operations are allowed to be performed by the processing circuit with each of the plurality of peripherals accessible to the processing circuit, the operations including at least one of read, write, or read and write, and which of the plurality of states the processing circuit is allowed to transition to; the plurality of rules are not fixed; the plurality of rules may be changed, but cannot be changed; by the processing circuit, or during operation of the cryptographic device; the access controller is not programmable by the processing circuit; and the plurality of states comprise; an idle state; at least one operational state capable of being transitioned to from the idle state; and a clean-up state during which data is purged from memory, the clean-up state capable of being transitioned to by the processing circuit at least once after the processing circuit transitions from the at least one operational state and before the processing circuit transitions back to the idle state. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A high-security device for processing information, the high-security device comprising:
-
a processing circuit configured to; access a plurality of peripherals, and execute software programs an access controller to prevent unauthorized use of a plurality of address ranges, communicatively coupled to the processing circuit and configured to; access a plurality of rules which the access controller applies for a plurality of states of the processing circuit; regulate which of the plurality of states the processing circuit is allowed to transition to from each of the plurality of states, based on the plurality of rules, and take or request remedial action when at least one of the plurality of rules is violated while the processing circuit is in one of the plurality of states; wherein; the plurality of rules specify, for each of the plurality of states; which of the plurality of peripherals are allowed to be accessed by the processing circuit, which operations are allowed to be performed by the processing circuit with each of the plurality of peripherals accessible to the processing circuit, the operations including at least one of read, write, or read and write, and which of the plurality of states the processing circuit is allowed to transition to; the access controller is not programmable by the processing circuit; the plurality of rules may be changed, but cannot be changed; by the processing circuit or during operation of the high-security device; and the plurality of states comprise; an idle state; at least one operational state capable of being transitioned to from the idle state; and a clean-up state during which data is purged from memory, the clean-up state capable of being transitioned to by the processing circuit at least once after the processing circuit transitions from the at least one operational state and before the processing circuit transitions back to the idle state. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification