Patent
Software-based trusted platform module
Stefan Thom,Jeremiah Cox,David J. Linsley,Magnus Nystrom,Himanshu Raj,David Robinson,Stefan Saroiu,Rob Spiger,Alastair Wolman +8 more
- 11 Feb 2013
8
TL;DR: In this paper, the authors propose a "firmware-based TPM" to ensure that secure code execution is isolated to prevent a wide variety of potential security breaches without the use of dedicated security processor hardware or silicon.
read more
Abstract: A “Firmware-Based TPM” or “fTPM” ensures that secure code execution is isolated to prevent a wide variety of potential security breaches. Unlike a conventional hardware based Trusted Platform Module (TPM), isolation is achieved without the use of dedicated security processor hardware or silicon. In general, the fTPM is first instantiated in a pre-OS boot environment by reading the fTPM from system firmware or firmware accessible memory or storage and placed into read-only protected memory of the device. Once instantiated, the fTPM enables execution isolation for ensuring secure code execution. More specifically, the fTPM is placed into protected read-only memory to enable the device to use hardware such as the ARM® architecture's TrustZone™ extensions and security primitives (or similar processor architectures), and thus the devices based on such architectures, to provide secure execution isolation within a “firmware-based TPM” without requiring hardware modifications to existing devices.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Patent
Protection scheme for remotely-stored data
Hariprasad Nellitheertha,S Deepak,Thanunathan Rangarajan,Anil S. Keshavamurthy +3 more
- 27 Sep 2013
TL;DR: In this paper, the authors present a protection scheme for remotely-stored data, which includes an encryption service to encrypt or decrypt data received from the at least one VM and a trusted execution environment (TEE).
31
Patent
Methods and apparatus for protecting software from unauthorized copying
Bin Xing,Bo Zhang,Mark W. Shanahan,James D. Beaney +3 more
- 24 Oct 2013
TL;DR: In this article, a processing device provides a method for protecting a program from unauthorized copying by generating a decrypted version of the program in a secure enclave by decrypting the encrypted program in the secure enclave.
16
Patent
Method and apparatus for accessing storage space
Han Peng,Li Hui,Wang Xiaopu +2 more
- 30 Mar 2016
TL;DR: In this article, a method and apparatus for accessing a storage space, so as to improve the storage security of private data on a terminal is presented, which is applied to the terminal configured with the storage space and a running environment of an operating system of the terminal.
16
Patent
Trusted execution environment virtual machine cloning
Mark F. Novak,Andrew J. Layman,Magnus Nystrom,Stefan Thom +3 more
- 01 Aug 2013
TL;DR: In this paper, the authors propose to clone a virtual machine having a trusted executed environment such as a software-based trusted platform module (SBP) by copying the virtual machine state of the source virtual machine to a target virtual machine.
13
Patent
Process security validation
Ronen Bachar,Roee Hay,Erez Rokah,Yoav Shany +3 more
- 22 Dec 2014
TL;DR: In this article, techniques for process security validation are described, which can include detecting, via the processor, that the first idle state of a process transitions to an active state of the process based at least in part on the system activity or the process activity being above the activity threshold.
10
References
Patent
Method and system to support a trusted set of operational environments using emulated trusted hardware
Gundrala D. Goud,Vincent J. Zimmer +1 more
- 23 Dec 2003
TL;DR: In this article, a method and system to emulate a trusted platform module to execute trusted operations is presented, where an operating system is loaded into the virtual machine session and the trusted platform is emulated to hold a key associated with the virtual session.
146
Patent
Technique for supporting multiple secure enclaves
Simon P. Johnson,Uday R. Savagaonkar,Vincent R. Scarlata,Francis X. McKeen,Carlos V. Rozas +4 more
- 02 Dec 2011
TL;DR: Secure enclaves as discussed by the authors is a technique to enable secure application and data integrity within a computer system, in which one or more secure enclaves are established in which an application or data may be stored and executed.
142
Patent
Providing a secure execution mode in a pre-boot environment
Vincent J. Zimmer,Bryant Bigbee,Andrew J. Fish,Mark S. Doran +3 more
- 20 Oct 2003
TL;DR: In this paper, the authors present a method to establish a secure pre-boot environment in a computer system; and perform at least one secure operation in the secure environment; and the secure operation may be storage of a secret in the security preboot environment.
78
Patent
Methods and apparatus for secure collection and display of user interface information in a pre-boot environment
Vincent J. Zimmer,Michael A. Rothman +1 more
- 25 Jun 2003
TL;DR: In this article, the authors describe a pre-boot environment in which user interface information can be stored in the secure area of memory of a processor and the processor can directly access an area that normally cannot be accessed.
74
Patent
Method and apparatus for sequential hypervisor invocation
Vincent J. Zimmer,Jiewen Yao +1 more
- 31 Mar 2008
TL;DR: In this paper, a cache-as-RAM (CAR) based hypervisor, executing directly from Flash memory manages sequential invocation of a next hypervisor on a platform, is described and claimed.
68