Security and safety manager implementation in a multi-core processor
First Claim
1. A system comprising:
- a multi-core computer processor;
wherein one or more cores of the multi-core computer processor are configured as a security co-processor for the system and for other cores of the multi-core processor;
wherein an operating system of the security co-processor is independent of operating systems of the other cores of the multi-core processor;
wherein the security co-processor is configured to boot before the other cores and to enforce security policy on the other cores;
wherein the security co-processor is configured to enforce one or more privilege levels including an untrusted level, a user level, a supervisor level, and a maintenance level;
wherein the untrusted level comprises processing downloaded software code from a party other than an administrator of the system;
wherein the user level comprises processing software code and data from a source approved by the administrator of the system;
wherein the supervisor level comprises dynamic management of the system including changing operating system settings and changing hardware settings; and
wherein the maintenance level comprises changes that affect the security of the system including processing kernel updates, updating keys for authentication, and privileged operations.
1 Assignment
0 Petitions
Accused Products
Abstract
A system includes a multi-core computer processor. One or more cores of the multi-core computer processor are configured as a security co-processor for the system and for other cores of the multi-core processor, and one or more cores of the multi-core computer processor are configured as a safety manager co-processor for the system and for other cores of the multi-core processor. An operating system of the security co-processor and an operating system of the safety manager co-processor are independent of operating systems of the other cores of the multi-core processor. The security co-processor and the safety manager co-processor are configured to boot before the other cores and to enforce security policy and/or safety policy on the other cores.
19 Citations
18 Claims
-
1. A system comprising:
-
a multi-core computer processor; wherein one or more cores of the multi-core computer processor are configured as a security co-processor for the system and for other cores of the multi-core processor; wherein an operating system of the security co-processor is independent of operating systems of the other cores of the multi-core processor; wherein the security co-processor is configured to boot before the other cores and to enforce security policy on the other cores; wherein the security co-processor is configured to enforce one or more privilege levels including an untrusted level, a user level, a supervisor level, and a maintenance level; wherein the untrusted level comprises processing downloaded software code from a party other than an administrator of the system; wherein the user level comprises processing software code and data from a source approved by the administrator of the system; wherein the supervisor level comprises dynamic management of the system including changing operating system settings and changing hardware settings; and wherein the maintenance level comprises changes that affect the security of the system including processing kernel updates, updating keys for authentication, and privileged operations. - View Dependent Claims (2, 3, 4, 5, 6, 7, 12)
-
-
8. A system comprising:
-
a multi-core computer processor; wherein one or more cores of the multi-core computer processor are configured as a safety manager co-processor for the system and for other cores of the multi-core processor; wherein an operating system of the safety manager co-processor is independent of operating systems of the other cores of the multi-core processor; wherein the safety manager co-processor is configured to boot before the other cores and to enforce safety policy on the other cores; wherein the safety manager co-processor is configured to enforce one or more privilege levels including an untrusted level, a user level, a supervisor level, and a maintenance level; wherein the untrusted level comprises processing downloaded software code from a party other than an administrator of the system; wherein the user level comprises processing software code and data from a source approved by the administrator of the system; wherein the supervisor level comprises dynamic management of the system including changing operating system settings and changing hardware settings; and wherein the maintenance level comprises changes that affect the security of the system including processing kernel updates, updating keys for authentication, and privileged operations. - View Dependent Claims (9, 10, 11)
-
-
13. A system comprising:
-
a multi-core computer processor; wherein one or more cores of the multi-core computer processor are configured as a security co-processor for the system and for other cores of the multi-core processor; wherein one or more cores of the multi-core computer processor are configured as a safety manager co-processor for the system and for other cores of the multi-core processor; wherein one or more of an operating system of the security co-processor and an operating system of the safety manager co-processor are independent of operating systems of the other cores of the multi-core processor; wherein one or more of the security co-processor and the safety manager co-processor are configured to boot before the other cores and to enforce one or more of security policy and safety policy on the other cores; wherein one or more of the security co-processor and the safety manage processor are configured to enforce one or more privilege levels including an untrusted level, a user level, a supervisor level, and a maintenance level; wherein the untrusted level comprises processing downloaded software code from a party other than an administrator of the system; wherein the user level comprises processing software code and data from a source approved by the administrator of the system; wherein the supervisor level comprises dynamic management of the system including changing operating system settings and changing hardware setting; and wherein the maintenance level comprises changes that affect the security of the system including processing kernel updates, updating keys for authentication, and privileged operations. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification