Secure virtual machine manager
First Claim
1. A secure processing system comprising:
- a host processor;
a virtual machine instantiated on the host processor;
a virtual unified security hub (USH) instantiated on the virtual machine, wherein the virtual USH emulates a hardware-based USH and provides a plurality of security services to an application executing on the host processor; and
a plurality of authentication input devices coupled to the virtual USH, wherein each of the plurality of authentication input devices are included in a separate integrated circuit chip coupled to the host processor;
wherein the virtual machine includes an application programming interface (API) configured to expose the plurality of secure services provided by the virtual USH to the application and the API is configured to provide, to a plurality of applications, a unified interface for enrolling or provisioning a user credential in a credential container.
7 Assignments
0 Petitions
Accused Products
Abstract
Secure processing systems providing host-isolated security are provided. An exemplary secure processing system includes a host processor and a virtual machine instantiated on the host processor. A virtual unified security hub (USH) is instantiated on the virtual machine to provide security services to applications executing on the host processor. The virtual USH may further include an application programming interface (API) operable to expose the security services to the applications. A further exemplary secure processing system includes a host processor running a windows operating system for example, a low power host processor, and a USH processor configured to provide secure services to both the host processor and the low power host processor isolating the secure services from the host processor and the low power processor. The USH processor may also include an API to expose the security services to applications executing on the host processor and/or the low power host processor.
14 Citations
63 Claims
-
1. A secure processing system comprising:
-
a host processor; a virtual machine instantiated on the host processor; a virtual unified security hub (USH) instantiated on the virtual machine, wherein the virtual USH emulates a hardware-based USH and provides a plurality of security services to an application executing on the host processor; and a plurality of authentication input devices coupled to the virtual USH, wherein each of the plurality of authentication input devices are included in a separate integrated circuit chip coupled to the host processor; wherein the virtual machine includes an application programming interface (API) configured to expose the plurality of secure services provided by the virtual USH to the application and the API is configured to provide, to a plurality of applications, a unified interface for enrolling or provisioning a user credential in a credential container. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A secure processing system comprising:
-
a host processor; a low power host processor coupled to the host processor; and a unified security hub (USH) processor coupled to the host processor and the low power host processor, wherein the USH processor is configured to provide a plurality of security services to the host processor and the low power host processor, and wherein the plurality of security services are isolated from the host processor and the low power host processor. - View Dependent Claims (33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63)
-
Specification