Systems and methods for provisioning and using multiple trusted security zones on an electronic device
First Claim
1. A method of changing the memory size of a subordinate trusted security zone in a processor having a trusted security zone, comprising:
- transmitting an indication of memory utilized by a first subordinate trusted security zone of the processor to a master trusted application executing in a master trusted security zone of the processor;
determining an average memory utilized by the first subordinate trusted security zone based on the indication of memory utilized by the first subordinate trusted security zone;
receiving, by the master trusted application from a second subordinate trusted security zone of the processor, a request to increase the memory size of the second subordinate trusted security zone of the processor, wherein the master trusted application is mediating transfer of memory resources to the first subordinate trusted security zone and the second subordinate trusted security zone without accessing or monitoring either of the first subordinate trusted security zone and the second subordinate trusted security zone, and wherein the master trusted application has no visibility into a first memory space associated with the first subordinate trusted security zone and has no visibility into the processing of a first trusted application that executes in the first subordinate trusted security zone;
in response to receiving the request from the second subordinate trusted security zone, reducing, by the master trusted application, the memory size of the first subordinate trusted security zone based at least in part on the indication of memory utilized by the first subordinate trusted security zone and the average memory utilized by the first subordinate trusted security zone; and
increasing, by the master trusted application, the memory size of the second subordinate trusted security zone.
6 Assignments
0 Petitions
Accused Products
Abstract
A method of provisioning a subordinate trusted security zone in a processor having a trusted security zone. The method comprises receiving by a master trusted application executing in a master trusted security zone of the processor a request to provision a subordinate trusted security zone in the processor, wherein the request comprises a master trusted security zone key, wherein the request designates the subordinate trusted security zone, and wherein the request defines an independent key. The method further comprises provisioning by the master trusted application the subordinate trusted security zone to be accessible based on the independent key.
691 Citations
10 Claims
-
1. A method of changing the memory size of a subordinate trusted security zone in a processor having a trusted security zone, comprising:
-
transmitting an indication of memory utilized by a first subordinate trusted security zone of the processor to a master trusted application executing in a master trusted security zone of the processor; determining an average memory utilized by the first subordinate trusted security zone based on the indication of memory utilized by the first subordinate trusted security zone; receiving, by the master trusted application from a second subordinate trusted security zone of the processor, a request to increase the memory size of the second subordinate trusted security zone of the processor, wherein the master trusted application is mediating transfer of memory resources to the first subordinate trusted security zone and the second subordinate trusted security zone without accessing or monitoring either of the first subordinate trusted security zone and the second subordinate trusted security zone, and wherein the master trusted application has no visibility into a first memory space associated with the first subordinate trusted security zone and has no visibility into the processing of a first trusted application that executes in the first subordinate trusted security zone; in response to receiving the request from the second subordinate trusted security zone, reducing, by the master trusted application, the memory size of the first subordinate trusted security zone based at least in part on the indication of memory utilized by the first subordinate trusted security zone and the average memory utilized by the first subordinate trusted security zone; and increasing, by the master trusted application, the memory size of the second subordinate trusted security zone. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
Specification