JTAG fuse vulnerability determination and protection using a trusted execution environment
First Claim
1. A method of configuring a trusted security zone into a portable electronic device, comprising:
- executing instructions on a processor of the portable electronic device that determine the state of a Joint Test Action Group (JTAG) port of the portable electronic device;
responsive to a determination that the JTAG port is enabled, executing instructions on the processor preventing configuration of the trusted security zone into the portable electronic device;
responsive to a determination that the JTAG port is disabled, configuring the trusted security zone into the portable electronic device, wherein the trusted security zone provides hardware assisted trust, wherein configuring the trusted security zone comprises installing the trusted security zone in a secure portion of a memory in the portable electronic device; and
after the trusted security zone is configured into the portable electronic device, executing instructions on the processor creating a JTAG port inspected certificate and storing the JTAG port inspected certificate into a trusted memory area of the trusted security zone,wherein executing instructions on the processor preventing configuration of the trusted security zone into the portable electronic device responsive to the determination that the JTAG port is enabled reduces a vulnerability to hacking the trusted security zone via the enabled JTAG port.
6 Assignments
0 Petitions
Accused Products
Abstract
A method of configuring a trusted security zone into a portable electronic device. The method comprises executing instructions on a processor of the portable electronic device that determine the state of a JTAG (JTAG) port of the portable electronic device, if the JTAG port is determined to be enabled, executing instructions on the processor preventing configuration of the trusted security zone into the portable electronic device, and if the JTAG port is determined to be disabled, configuring the trusted security zone into the portable electronic device, whereby a vulnerability to hacking the trusted security zone via an enabled JTAG port is reduced.
336 Citations
15 Claims
-
1. A method of configuring a trusted security zone into a portable electronic device, comprising:
-
executing instructions on a processor of the portable electronic device that determine the state of a Joint Test Action Group (JTAG) port of the portable electronic device; responsive to a determination that the JTAG port is enabled, executing instructions on the processor preventing configuration of the trusted security zone into the portable electronic device; responsive to a determination that the JTAG port is disabled, configuring the trusted security zone into the portable electronic device, wherein the trusted security zone provides hardware assisted trust, wherein configuring the trusted security zone comprises installing the trusted security zone in a secure portion of a memory in the portable electronic device; and after the trusted security zone is configured into the portable electronic device, executing instructions on the processor creating a JTAG port inspected certificate and storing the JTAG port inspected certificate into a trusted memory area of the trusted security zone, wherein executing instructions on the processor preventing configuration of the trusted security zone into the portable electronic device responsive to the determination that the JTAG port is enabled reduces a vulnerability to hacking the trusted security zone via the enabled JTAG port. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of protecting an electronic device from a hacking attack that exploits a Joint Test Action Group (JTAG) port of the electronic device that has not been disabled, comprising:
-
executing instructions on a processor of the electronic device that determine the state of a JTAG port of the electronic device; responsive to a determination that the JTAG port is enabled, executing instructions on the processor of the electronic device to detect a physical connection to the JTAG port; responsive to detecting a physical connection to the JTAG port, executing instructions on the processor preventing execution of trusted applications; responsive to a determination that the JTAG port is enabled, executing instructions on the processor preventing execution of software that reads from the JTAG port; and responsive to a determination that the JTAG port is enabled, preventing downloading of at least one of confidential information, financial applications, a credit card number, or a credit card payment application, wherein executing instructions on the processor preventing execution of the trusted applications responsive to detecting the physical connection to the JTAG port, executing instructions on the processor preventing execution of the software that reads from the JTAG port responsive to the determination that the JTAG port is enabled, and preventing downloading of at least one of confidential information, financial applications, a credit card number, or a credit card payment application responsive to the determination that the JTAG port is enabled reduces a vulnerability of the electronic device to a hacking attack that exploits the enabled JTAG. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A method of thwarting a hacking attack on a mobile phone via an enabled Joint Test Action Group (JTAG) port of the mobile phone, comprising:
-
executing instructions on a processor of the mobile phone that detect the state of the JTAG port as one of enabled or disabled; responsive to a determination that the JTAG port is enabled, taking a first action to reduce vulnerability to hacking attacks via the enabled JTAG port, wherein the first action comprises preventing downloading of at least one of confidential information, financial applications, a credit card number, or a credit card payment application; responsive to a determination that the JTAG port is disabled, configuring a trusted security zone into the mobile phone, wherein configuring the trusted security zone comprises installing the trusted security zone in a secure portion of a memory in the mobile phone; and after the trusted security zone is configured into the mobile phone, executing instructions on the processor creating a JTAG port inspected certificate and storing the JTAG port inspected certificate into a trusted memory area of the trusted security zone. - View Dependent Claims (15)
-
Specification