Binary translation of a trusted binary with input tagging

US 9,996,690 B2
Filed: 12/27/2014
Issued: 06/12/2018
Est. Priority Date: 12/27/2014
Status: Active Grant

First Claim

Patent Images

1. A computing apparatus comprising:

a trusted execution environment (TEE);

one or more logic elements comprising an input verification engine (IVE) within the TEE, the IVE operable for;

receiving a trusted first binary object in a first format, the first binary object being a signed binary object;

analyzing the trusted first binary object to identify portions that perform input/output operations comprising signed and validated input from a peripheral;

tagging the portions to create a tagged trusted binary object with tagged portions; and

providing the portions to a binary translation engine (BTE);

one or more logic elements comprising the (BTE) within the TEE, the BTE operable for;

receiving the tagged trusted binary object in the first format, the first format not suitable for use on the computing apparatus;

translating the tagged trusted binary object into a second binary object in a second format suitable for use on the computing apparatus, wherein translating comprises reserving the tagged portions for execution within an enclave;

signing the second binary object in the second format; and

consulting a certificate expiration or revocation list before signing the second binary object.

View all claims

13 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In an example, a computing device includes a trusted execution environment (TEE), including an enclave. The enclave may include both a binary translation engine (BTE) and an input verification engine (IVE). In one embodiment, the IVE receives a trusted binary as an input, and analyzes the trusted binary to identify functions, classes, and variables that perform input/output operations. To ensure the security of these interfaces, those operations may be performed within the enclave. The IVE tags the trusted binary and provides the binary to the BTE. The BTE then translates the trusted binary into a second format, including designating the tagged portion for execution within the enclave. The BTE may also sign the new binary in the second format and export it out of the enclave.

Citations

23 Claims

1. A computing apparatus comprising:
- a trusted execution environment (TEE);
  
  one or more logic elements comprising an input verification engine (IVE) within the TEE, the IVE operable for;
  
  receiving a trusted first binary object in a first format, the first binary object being a signed binary object;
  
  analyzing the trusted first binary object to identify portions that perform input/output operations comprising signed and validated input from a peripheral;
  
  tagging the portions to create a tagged trusted binary object with tagged portions; and
  
  providing the portions to a binary translation engine (BTE);
  
  one or more logic elements comprising the (BTE) within the TEE, the BTE operable for;
  
  receiving the tagged trusted binary object in the first format, the first format not suitable for use on the computing apparatus;
  
  translating the tagged trusted binary object into a second binary object in a second format suitable for use on the computing apparatus, wherein translating comprises reserving the tagged portions for execution within an enclave;
  
  signing the second binary object in the second format; and
  
  consulting a certificate expiration or revocation list before signing the second binary object.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The computing apparatus of claim 1, wherein the IVE is further operable for:
    - provisioning an enclave within the TEE; and
      
      performing at least some of the IVE'"'"'s functions within the enclave.
  - 3. The computing apparatus of claim 2, wherein the IVE is further operable for provisioning the BTE within the enclave.
  - 4. The computing apparatus of claim 3, wherein the BTE comprises a binary translator selected from the group consisting of a runtime engine, an interpreter, a just-in-time compiler, ahead-of-time compiler, a virtual machine, a compiler, a linker, and a toolchain utility.
  - 5. The computing apparatus of claim 3, wherein the BTE comprises a Java Virtual Machine, and wherein the IVE is at least partly implemented in Java and configured to operate within the BTE.
  - 6. The computing apparatus of claim 1, wherein the IVE is further operable for performing input verification.
  - 7. The computing apparatus of claim 6, wherein the IVE comprises a module selected from the group consisting of a secure network stack, a secure graphics engine, a secure human input device interface engine, a secure audio engine, a secure image processing engine, a secure telemetry engine, a secure global positioning system receiver, and a binary input analyzer.
  - 8. The computing apparatus of claim 1, wherein the BTE is further operable for signing the trusted first binary object.
  - 9. The computing apparatus of claim 8, wherein the trusted first binary object is to be signed by a key, and wherein signing the second binary object comprises signing the second binary object with the key.
  - 10. The computing apparatus of claim 8, wherein the trusted first binary object is to be signed with a first key, and wherein signing the second binary object comprises signing the second binary object with a second key signed by a common issuer of the first key.
  - 11. The computing apparatus of claim 8, wherein the trusted first binary object is to be signed with a first key, and wherein signing the second binary object comprises signing the second binary object with a second key provided by a vendor of the trusted binary object.
  - 12. The computing apparatus of claim 8, wherein the trusted first binary object is to be signed with a first key, and wherein signing the second binary object comprises signing the second binary object with a second key having a common provenance with the first key.

13. One or more non-transitory, computer-readable mediums having stored thereon instructions that, when executed, instruct a processor for:
- providing an input verification engine (IVE) within a TEE, the IVE operable for;
  
  receiving a trusted first binary object in a first format, the first binary object being a signed binary object;
  
  analyzing the trusted first binary object to identify portions that perform input/output operations comprising signed and validated input from a peripheral;
  
  tagging the portions to create a tagged trusted binary object with tagged portions; and
  
  providing the portions to a binary translation engine (BTE);
  
  providing the (BTE) within the TEE, the BTE operable for;
  
  receiving the tagged trusted binary object in the first format, the first format not suitable for use on a target platform of the trusted binary;
  
  translating the tagged trusted binary object into a second binary object in a second format suitable for use on the target platform, wherein translating comprises reserving the tagged portions for execution within an enclave;
  
  signing the second binary object in the second format; and
  
  consulting a certificate expiration or revocation list before signing the second binary object.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 14. The one or more non-transitory, computer-readable mediums of claim 13, wherein the IVE is further operable for:
    - provisioning an enclave within the TEE; and
      
      performing at least some of the IVE'"'"'s functions within the enclave.
  - 15. The one or more non-transitory, computer-readable mediums of claim 14, wherein the IVE is further operable for provisioning the BTE within the enclave.
  - 16. The one or more non-transitory, computer-readable mediums of claim 15, wherein the BTE comprises a Java Virtual Machine, and wherein the IVE is at least partly implemented in Java and configured to operate within the BTE.
  - 17. The one or more non-transitory, computer-readable mediums of claim 13, wherein the IVE is further operable for performing input verification.
  - 18. The one or more non-transitory, computer-readable mediums of claim 13, wherein the BTE is further operable for signing the second binary object.
  - 19. The one or more non-transitory, computer-readable mediums of claim 18, wherein the trusted first binary object is to be signed by a key, and wherein signing the second binary object comprises signing the second binary object with the key.
  - 20. The one or more non-transitory, computer-readable mediums of claim 18, wherein the trusted first binary object is to be signed with a first key, and wherein signing the second binary object comprises signing the second binary object with a second key signed by a common issuer of the first key.
  - 21. The one or more non-transitory, computer-readable mediums of claim 18, wherein the trusted first binary object is to be signed with a first key, and wherein signing the second binary object comprises signing the second binary object with a second key provided by a vendor of the trusted binary object.
  - 22. The one or more non-transitory, computer-readable mediums of claim 18, wherein the trusted first binary object is to be signed with a first key, and wherein signing the second binary object comprises signing the second binary object with a second key having a common provenance with the first key.

23. A computer-implemented method for execution within a trusted execution environment (TEE), comprising:
- receiving a trusted first binary object in a first format, the first binary object being a signed binary object;
  
  analyzing the trusted first binary object to identify portions that perform input/output operations comprising signed and validated input from a peripheral;
  
  tagging the portions to create a tagged trusted binary object with tagged portions;
  
  translating the tagged trusted binary object into a second binary object in a second format suitable for use on the target platform, wherein translating comprises reserving the tagged portions for execution within an enclave;
  
  signing the second binary object in the second format; and
  
  consulting a certificate expiration or revocation list before signing the second binary object.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Musarubra US LLC (Musarubra US SellCo LLC)
Original Assignee
McAfee, LLC
Inventors
Smith, Ned M., Rubakha, Dmitri, Shah, Samir, Martin, Jason, Sheller, Micah J., Chakrabarti, Somnath, Xing, Bin
Primary Examiner(s)
Homayounmehr, Farid
Assistant Examiner(s)
SARKER, SANCHIT K

Application Number

US14/583,620
Publication Number

US 20160188873A1
Time in Patent Office

1,263 Days
Field of Search

726 22
US Class Current
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/53   by executing in a restricte...

G06F 2221/033   Test or assess software

H04L 9/321   involving a third party or ...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

Binary translation of a trusted binary with input tagging

First Claim

13 Assignments

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Binary translation of a trusted binary with input tagging

First Claim

13 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links