Patent
Firmware-based trusted platform module for arm processor architectures and trustzone security extensions
Stefan Thom,Jeremiah Cox,David J. Linsley,Magnus Nystrom,Himanshu Raj,David Robinson,Stefan Saroiu,Rob Spiger,Alastair Wolman +8 more
- 29 Jul 2011
140
TL;DR: In this paper, the authors propose a "firmware-based TPM" to ensure that secure code execution is isolated to prevent a wide variety of potential security breaches without the use of dedicated security processor hardware or silicon.
read more
Abstract: A “Firmware-Based TPM” or “fTPM” ensures that secure code execution is isolated to prevent a wide variety of potential security breaches. Unlike a conventional hardware based Trusted Platform Module (TPM), isolation is achieved without the use of dedicated security processor hardware or silicon. In general, the fTPM is first instantiated in a pre-OS boot environment by reading the fTPM from system firmware or firmware accessible memory or storage and placed into read-only protected memory of the device. Once instantiated, the fTPM enables execution isolation for ensuring secure code execution. More specifically, the fTPM is placed into protected read-only memory to enable the device to use hardware such as the ARM® architecture's TrustZone™ extensions and security primitives (or similar processor architectures), and thus the devices based on such architectures, to provide secure execution isolation within a “firmware-based TPM” without requiring hardware modifications to existing devices.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Trusted Execution Environment: What It is, and What It is Not
Mohamed Sabt,Mohammed Achemlal,Abdelmadjid Bouabdallah +2 more
- 20 Aug 2015
TL;DR: A precise definition of TEE is proposed and important concepts related to TEE, such as trust and formal verification are discussed, as well as its wide use to guarantee security in diverse applications.
426
Patent
Micro-virtualization architecture for threat-aware microvisor deployment in a node of a network environment
Osman Abdoul Ismael,Ashar Aziz +1 more
- 28 Mar 2014
TL;DR: In this paper, the authors propose a micro-virtualization architecture that deploys a threat-aware microvisor as a module of a virtualization system configured to facilitate real-time security analysis of operating system processes executing in a memory of a node in a network environment.
109
Patent
End-to-End Trusted Communications Infrastructure
Leo Michael Mcroberts,Lyle W. Paczkowski,David E. Rondeau +2 more
- 25 Jun 2013
TL;DR: In this article, the authors proposed a method of delivery of medical data via a trusted end-to-end communication link to a medical data server, where an application that receives the message executes in a trusted security zone of the server.
93
Patent
Malware detection appliance architecture
Osman Abdoul Ismael
- 08 Dec 2015
TL;DR: In this article, a threat-aware virtualization module is deployed in a malware detection appliance architecture and execute on the malware detection system (MDS) appliance to provide exploit and malware detection within a network environment.
87
Patent
Trusted security zone access to peripheral devices
Lyle W. Paczkowski,William M. Parsel,Carl J. Persson,Matthew C. Schlesener +3 more
- 24 Jul 2013
TL;DR: In this paper, the authors propose a trusted data communication protocol for a processor, where the processor is a component of a computer, and the controller is a peripheral device or a user interface device.
82
References
Patent
Privacy of data on a computer platform
Graeme John Proudler
- 26 Jul 2002
TL;DR: In this article, a trust mechanism adapted to assure third parties interacting with a computer platform that the computer platform operates according to an indicated specification and a trusted execution area for execution of operations upon data is presented.
103
Patent
Local secure service partitions for operating system security
Thekkthalackal Varugis Kurien,Paul England,Ravindra Nath Pandya,Niels T. Ferguson +3 more
- 01 Apr 2005
TL;DR: Local secure service partitions (LSSPs) as mentioned in this paper host those high assurance services that require strict security isolation, where the service can be shared across partitions and accessed even when the user is not connected to a network.
101
Patent
Virtualization of software configuration registers of the TPM cryptographic processor
Paul England,Matthew C. Setzer +1 more
- 15 Mar 2005
TL;DR: In this article, a virtual PCR (VPCR) construct is provided that can be cryptographically tagged as optionally resettable or as enduring for the life of a client (process, virtual machine, and the like).
76
Patent
Method and apparatus for sequential hypervisor invocation
Vincent J. Zimmer,Jiewen Yao +1 more
- 31 Mar 2008
TL;DR: In this paper, a cache-as-RAM (CAR) based hypervisor, executing directly from Flash memory manages sequential invocation of a next hypervisor on a platform, is described and claimed.
68
Patent
System and method for component authentication of a secure client hosted virtualization in an information handling system
Yuan-Chang Lo,Shree Dandekar +1 more
- 10 May 2011
TL;DR: A client hosted virtualization system (CHVS) as mentioned in this paper includes a processor to execute code, a security processor, a component that includes a certificate, and a non-volatile memory.
64