Trusted security zone enhanced with trusted hardware drivers
First Claim
1. An electronic device, comprising:
- at least one processor that includes;
a normal partition of the at least one processor that is associated with a permissive sector, anda secure partition of the at least one processor that is associated with a trusted security zone, the trusted security zone providing a hardware root of trust and an operating system for the secure partition that runs separate from a normal partition operating system, wherein the trusted security zone ceases execution of non-trusted applications in the permissive sector during execution of at least one trusted application in the secure partition;
a non-transitory memory that includes;
a normal partition of the non-transitory memory that is associated with the permissive sector, the permissive sector allowing non-trusted applications to invoke hardware drivers stored in the normal partition, anda secure partition of the non-transitory memory that is associated with the trusted security zone and comprises a trusted version of a hardware driver that provides information about an uncompromised state associated with the hardware driver, wherein the trusted security zone is separate from the permissive sector;
the hardware driver associated with a version that is stored in the non-transitory memory and comprises a current state, wherein the hardware driver is at least initially stored in the normal partition of the non-transitory memory;
a first trusted application, stored in the secure partition of the non-transitory memory associated with the trusted security zone, configured to invoke the hardware driver in response to activation instructions; and
a second trusted application, stored in the secure partition of the non-transitory memory associated with the trusted security zone, that when executed by the secure partition of the at least one processor, configures the secure partition of the at least one processor to;
amass the information about the uncompromised state associated with the hardware driver,store, in the secure partition of the non-transitory memory, the information about the uncompromised state associated with the hardware driver,perform, in response to receipt of the activation instructions by the first trusted application, a confidence check on the version of the hardware driver stored in the permissive sector and compare, in response to receipt of the activation instructions by the first trusted application, the trusted version of the hardware driver with the version of the hardware driver stored in the permissive sector and the information about the uncompromised state associated with the hardware driver with the current state of the hardware driver, andenable, based on the confidence check and in response to a result of the comparison indicating that the version of the hardware driver stored in the permissive sector corresponds with the trusted version of the hardware driver and the current state of the hardware driver corresponds to the uncompromised state associated with the hardware driver, the first trusted application stored and executed in the secure partition of the trusted security zone to invoke the hardware driver, wherein the hardware driver is invoked by the first trusted application responsive to the enablement by the second trusted application.
6 Assignments
0 Petitions
Accused Products
Abstract
An electronic device comprises a processor, a permissive sector, a trusted security zone that is separate from the permissive sector, a hardware driver, a first trusted application, stored in the trusted security zone, that is configured to invoke the hardware driver in response to activation instructions, and a second trusted application, stored in the trusted security zone, that when executed on the processor, configures the processor to: amass information about an uncompromised state of the hardware driver, store the information about the uncompromised state of the hardware driver in the trusted security zone, and compare, in response to receipt of activation instructions by the first trusted application, the information about the uncompromised state of the hardware driver with a current state of the hardware driver, and perform an action in response to a result of the comparison.
485 Citations
17 Claims
-
1. An electronic device, comprising:
-
at least one processor that includes; a normal partition of the at least one processor that is associated with a permissive sector, and a secure partition of the at least one processor that is associated with a trusted security zone, the trusted security zone providing a hardware root of trust and an operating system for the secure partition that runs separate from a normal partition operating system, wherein the trusted security zone ceases execution of non-trusted applications in the permissive sector during execution of at least one trusted application in the secure partition; a non-transitory memory that includes; a normal partition of the non-transitory memory that is associated with the permissive sector, the permissive sector allowing non-trusted applications to invoke hardware drivers stored in the normal partition, and a secure partition of the non-transitory memory that is associated with the trusted security zone and comprises a trusted version of a hardware driver that provides information about an uncompromised state associated with the hardware driver, wherein the trusted security zone is separate from the permissive sector; the hardware driver associated with a version that is stored in the non-transitory memory and comprises a current state, wherein the hardware driver is at least initially stored in the normal partition of the non-transitory memory; a first trusted application, stored in the secure partition of the non-transitory memory associated with the trusted security zone, configured to invoke the hardware driver in response to activation instructions; and a second trusted application, stored in the secure partition of the non-transitory memory associated with the trusted security zone, that when executed by the secure partition of the at least one processor, configures the secure partition of the at least one processor to; amass the information about the uncompromised state associated with the hardware driver, store, in the secure partition of the non-transitory memory, the information about the uncompromised state associated with the hardware driver, perform, in response to receipt of the activation instructions by the first trusted application, a confidence check on the version of the hardware driver stored in the permissive sector and compare, in response to receipt of the activation instructions by the first trusted application, the trusted version of the hardware driver with the version of the hardware driver stored in the permissive sector and the information about the uncompromised state associated with the hardware driver with the current state of the hardware driver, and enable, based on the confidence check and in response to a result of the comparison indicating that the version of the hardware driver stored in the permissive sector corresponds with the trusted version of the hardware driver and the current state of the hardware driver corresponds to the uncompromised state associated with the hardware driver, the first trusted application stored and executed in the secure partition of the trusted security zone to invoke the hardware driver, wherein the hardware driver is invoked by the first trusted application responsive to the enablement by the second trusted application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for invoking a hardware driver on an electronic device, comprising:
-
storing, by an electronic device in a secure partition of a non-transitory memory of an electronic device, a trusted version of a hardware driver that provides information about an uncompromised state associated with the hardware driver, wherein the secure partition is associated with a trusted security zone providing a hardware root of trust to the electronic device and an operating system for the secure partition that runs separate from a normal partition operating system; activating, by at least one processor of the electronic device, a first trusted application stored in the secure partition of the non-transitory memory of the electronic device associated with a trusted security zone providing a hardware root of trust to the electronic device and an operating system for the secure partition that runs separate from a normal partition operating system, wherein the first trusted application is configured to invoke the hardware driver that is initially stored in a normal partition of the non-transitory memory associated with a permissive sector of the electronic device, and wherein the hardware driver is associated with a version; performing, by a second trusted application stored in the secure partition of the non-transitory memory associated with the trusted security zone and executed by a secure partition of the at least one processor of the electronic device in response to activating the first trusted application, a confidence check on the version of the hardware driver stored in the permissive sector and comparing, by the second trusted application, the trusted version of the hardware driver with the version of the hardware driver stored in the permissive sector and the information about the uncompromised state associated with the hardware driver with a current state of the hardware driver, wherein the permissive sector allows non-trusted applications to invoke hardware drivers stored in the normal partition, and wherein the trusted security zone ceases execution of non-trusted applications in the permissive sector during execution of at least one trusted application in the secure partition; evaluating, by the second trusted application electronic device, the integrity of the hardware driver based on the confidence check and the comparing; and enabling, by the second trusted application in response to the evaluation indicating that the version of the hardware driver stored in the permissive sector corresponds with the trusted version of the hardware driver and the current state of the hardware driver corresponds to the uncompromised state associated with the trusted hardware driver, the first trusted application stored and executed in the secure partition of the trusted security zone to invoke the hardware drive, wherein the hardware driver is invoked by the first trusted application responsive to the enablement. - View Dependent Claims (14, 15, 16, 17)
-
Specification