CN100423013C - 加载可信操作系统的方法和装置 - Google Patents

加载可信操作系统的方法和装置 Download PDF

Info

Publication number
CN100423013C
CN100423013C CNB03804546XA CN03804546A CN100423013C CN 100423013 C CN100423013 C CN 100423013C CN B03804546X A CNB03804546X A CN B03804546XA CN 03804546 A CN03804546 A CN 03804546A CN 100423013 C CN100423013 C CN 100423013C
Authority
CN
China
Prior art keywords
processor
zone
cpu
safe operation
storer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
CNB03804546XA
Other languages
English (en)
Other versions
CN1723465A (zh
Inventor
詹姆斯·萨顿二世
迈克尔·科祖克
戴维·克劳罗克
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Intel Corp
Original Assignee
Intel Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel Corp filed Critical Intel Corp
Publication of CN1723465A publication Critical patent/CN1723465A/zh
Application granted granted Critical
Publication of CN100423013C publication Critical patent/CN100423013C/zh
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances

Abstract

本发明提供了一种方法和装置,可将可信操作系统加载到存储器的一个区域中。在多处理器计算机中,起始安全操作(SSO)触发连接安全操作(JSO),以停顿除一个中央处理单元(CPU)之外的所有其他CPU。SSO使得活动的CPU将操作系统的组件加载到存储器中的指定区域中,通过在存储器中记录所指定的区域的内容的加密哈希来注册所加载的操作系统的身份,在所指定的区域中的已知入口点处开始运行,并触发JSO来使得被停顿的CPU同样在所述已知入口点处开始运行。

Description

加载可信操作系统的方法和装置
技术领域
本发明涉及微处理器.具体地说,本发明涉及处理器安全性。
背景技术
微处理器和通信技术的进展已经为超越传统经商方法的应用提供了许多机会。电子商务和“企业到企业”交易正变得非常普及,以很快的速度达到了全球市场。不幸的是,尽管现代微处理器系统向用户提供了方便而有效的经商、通信和交易方法,但是它们也容易受到肆无忌惮的攻击。这些攻击的例子包括病毒、入侵、安全性破坏以及篡改等等。因此,计算机安全性对于保护计算机系统的完整性并增加用户的信任来说都变得越来越重要。
在操作系统的上下文中,计算机安全性最初是由确认“你正在加载(或已经加载了)一个可信操作系统”来确定的。在可信操作系统中,用户或第三方随后可检查该系统,并确定是否已加载了给定的操作系统,如果是的话,则确定该系统是否已加载到安全的环境中。
然而,当引导普通操作系统时,必须引导多种代码组件。即使你可以选择应该加载哪个代码组件,操作系统仍包含了极大量的代码,以致难于确认该操作系统的具体身份,也难于确认你是否应信任它,即它是否已被加载到安全的环境中。
在多处理器环境中,确定是否可信任操作系统尤其困难.这是因为每个中央处理单元(CPU)(有时甚至是一个系统设备)都可以执行可能会改变并损害已加载的代码的完整性的代码流。因此,经常需要至少在操作系统级别来假设该操作系统是可信的.这一假设可能是错误的,并可导致计算机安全中的灾难性故障.
附图说明
在附图中以示例性实施例而非限制性地描述了本发明,类似的标号表示类似的元件,其中:
图1示出了典型的操作系统组件及对应的特权级的组织的一般性概要;
图2的框图示出了包含本发明的计算机系统的一个通用实施例,其中可实施本发明的某些方面;
图3的流程图示出了一种方法的某些方面,该方法将由执行图2所示的本发明一个实施例的计算设备所执行;
图4的流程图示出了一种方法的某些其他方面,该方法将由执行图2所示的本发明一个实施例的计算设备所执行;
图5的流程图示出了一种方法的某些方面,该方法将由执行图2所示的本发明另一个实施例的计算设备所执行;并且
图6的框图示出了一种计算机系统的一个通用实施例,在其中可实施本发明在图2-5中所示的某些方面.
具体实施方式
在下面对本发明若干方面的描述中,将描述用于加载可信操作系统的方法和装置。将给出具体细节以透彻地理解本发明。然而,对本领域内的技术人员来说,很清楚利用(或没有)所有这些具体细节(或其中一些),并且只是利用本发明在此描述的一些或所有方面,也可以实施本发明。在一些情形下,省略或简化了一些公知特征,以免混淆本发明。
本说明书的一些部分所使用的术语是本领域内的技术人员用来向其同行描述其工作的本质时采用的术语,包括计算机系统所执行的操作及其操作数的术语,例如发送、接收、检索、确定、生成、记录、存储等等。本领域内的技术人员将会理解到,这些操作数采用了电、磁或光信号的形式,所述操作涉及通过系统的电、磁或光组件来存储、传输、结合以及操作这些信号。所述系统包括这些组件的通用及专用设置,所述组件可以是单独的、附属的或嵌入式的。
若干操作将被描述为依次执行的多个分离步骤,该描述方式对理解本发明来说是很有帮助的。然而,所述描述顺序不应被理解为意味着这些操作必须以提供它们的顺序来执行,也不一定是顺序相关的。最后,重复使用的短语“在一个实施例中”未必指的是相同的实施例,尽管可能是相同的实施例。
在计算机系统或平台中提供安全性的一个原理是“实施特权级”这一概念.特权级限制了特定软件组件可以访问哪些系统资源(例如特权指令、存储器、输入/输出设备等等).图1示出了典型的操作系统组件及对应的特权级的组织的一般性概要。在没有虚拟机(VM)技术的系统100中,操作系统120包括一个称为特权软件核125的小驻留程序组件,其以最高特权级170运行,即特权软件核125可以执行特权和非特权指令,并可访问存储器和I/O设备.另一类系统组件,即设备驱动程序130也可以以高特权级170运行,尤其是在系统支持直接存储器访问(DMA)事务的情况下,在DMA事务中,设备驱动程序130可以将其设备的内容直接写到存储器而不涉及处理器(例如不使用用于访问存储器的特权软件核125)。其他类型的系统组件例如应用程序140以较低的特权级180运行,只能执行非特权或较低特权指令,或者可在操作系统120中对特权软件核125作出管理性调用(SVC)以执行特权指令,或者更一般地说是代表应用程序140访问特权系统资源。
在具有VM技术的系统110中,另一类系统组件以最高特权运行:虚拟机监控器(VMM)150。在VM系统110中,操作系统120实际运行的特权低于VMM 150。在一些VMM实现中,VMM 150可被分割成VMM核心组件150和一个或多个VMM扩展160,VMM扩展160的运行特权低于VMM核心组件150但高于操作系统120.按照这种方式,VMM核心组件150在出现有问题的VMM扩展160时也可保持其完整性。
图2的框图示出了包含本发明的计算机系统200的一个通用实施例,其中可实施本发明的某些方面。应理解到,计算机系统200的各个组件之间的差别仅仅是逻辑上的差别;在实际中,这些组件中的任一个都可被集成到同一硅管芯(die)上、被划分成多个管芯或以上二者的组合,而不偏离本发明的范围。在所示出的计算机系统200中,中央处理单元(CPU)210/220/230或设备240/245/250具有使它们可启动存储器270中的事务所需的高特权级170。存储器控制器260负责将来自存储器270的存储器事务转发到适当的目的地。
计算机系统200还包括加密哈希值的哈希摘要280,所述哈希值标识出已被加载到存储器270的多个区域中的一个或多个操作系统组件的内容.应注意,加密哈希值在本领域中公知为由一个单向数学或其他函数生成,该函数具有一个称为预映射(pre-image)的可变长度输入串,并将之转换成固定长度的输出串,该输出串称为哈希值,一般较小。哈希函数是单向的,这是因为难于生成与另一个预映射的哈希值相匹配的预映射.哈希摘要签名引擎290具有可访问哈希摘要280的的安全通道,并在接收到请求时对哈希摘要280的内容进行签名。对哈希摘要280的内容进行签名在本领域中是公知的,并被用来产生数字签名,该签名以后可用来认证签名者的身份,并确保哈希摘要280的内容未被篡改。通过请求这一签名,外部实体可观测系统组件由所述哈希报告的状态,并决定是否信任计算机系统200,即哈希摘要280的签名内容是否与所述系统组件的预期签名相匹配。
为了确保由所述哈希报告的所述组件状态使得可信任计算机系统200,该计算机系统的各个CPU 210/220/230都包含或都能够包含本发明的方法和装置的实施例,以促进可信操作系统的安装(或加载)。
在一个实施例中,本发明的方法和装置包括起始安全操作(startsecure operation,SSO)206和连接安全操作(join secure operation,JSO)204,二者都能够运行在该计算机系统的任一CPU 210/220/230上.SSO206和JSO 204是原子性地执行、以确保计算机系统200的完整性的逻辑操作.SSO 206和JSO 204可被实现为在软件、硬件或其结合中执行的一系列特权指令,而不偏离本发明的范围。
在一个实施例中,SSO 206取得存储器270在存储器区域参数202中已指定的一个区域(或多个区域),并使得计算机系统200执行多个操作,所述操作使得CPU 210/220/230中的一个将操作系统代码中的一个或多个组件加载并注册到存储器270的指定区域中,而JSO 204防止其他CPU进行干预.加载所述一个或多个操作系统组件后,JSO 204和SSO206还迫使CPU 210/220/230跳转到存储器270中现在已确保其安全性的指定区域中的已知入口点(也称为安全性内核275),该入口点处于已知的特权状态中,即根据所述CPU的对应的高特权级170,可访问计算机系统200的资源的状态。
在一个实施例中,在通过存储器区域参数202或以其他方式标识出存储器270中将确保其安全性的区域或多个区域后,SSO 206将要确保其安全性的代码置入存储器270中所标识出的区域中,即将所述操作系统代码(或其一部分)置入安全性内核275中。所述代码可以是任何希望被信任的代码,例如操作系统120的特权软件核125,或者在具有VM的系统110中,所述代码是VMM核心150,即VM监控器核心代码。
在一个实施例中,将所述代码置入安全性内核275之后,SSO 206通过注册所述操作系统代码(例如特权软件核125或VMM核心150)的身份来安全地启动该操作系统.SSO 206通过计算并记录所述代码的哈希摘要280,并使用哈希摘要签名引擎290来对哈希摘要280进行密码签名,从而注册所述代码的身份.注册后,所述操作系统成为可信操作系统,能够被外部实体所验证。
在具有多个CPU的计算机系统200中,如图2所示,计算机系统200必须还能够防止执行SSO 206的CPU 210之外的CPU 220/230干预可信操作系统的安全启动。因此,每个CPU 210/220/230都还设置了JSO 204。当在CPU 210上启动SSO 206时,SSO 206通知其他CPU 220/230执行JSO204。
在一个实施例中,JSO 204迫使各CPU 220/230进入一个专用停顿状态,并将它们进入停顿状态这一事件发信号通知给启动SSO的CPU 210。当启动SSO的CPU 210接收到来自所有其他CPU 220/230的停顿信号时,SSO 206通过将所期望的代码置入安全性内核275并注册它,从而开始加载可信操作系统。启动SSO 206的CPU 210完成可信操作系统的加载后,即当已在安全性内核275中注册所述代码的身份时,SSO 206迫使CPU210跳转到安全性内核275中的已知入口点,由于SSO 206的操作,安全性内核275此时已具有已知的特权状态。另外,SSO 206发信号通知其他CPU 220/230退出它们各自的专用停顿状态.在退出停顿状态后,JSO 204迫使CPU 220/230也跳转到安全性内核275中的已知入口点。
在一个实施例中,将存储器区域参数202指定为存储器270中的一个地址范围,该参数包括一个或多个起始地址和停止地址对。然而,也可采用其他方式来指定将确保存储器270中的哪个或哪些区域的安全性,而不偏离本发明的范围。例如,存储器区域参数202的另一个实施例也可被指定为起始地址和区域长度。
现在参考图3-5,参考一系列流程图,以计算机软件的方式来描述本发明的特定方法。将由计算机执行的所述方法构成了由计算机可执行指令组成的计算机程序。通过参考流程图来描述所述方法,这使得本领域内的技术人员可开发包括这些指令的程序,以在适当配置的计算机上执行所述方法(所述计算机的处理器执行来自计算机可访问介质的指令)。所述计算机可执行指令可以计算机编程语言来编写,或可以包含在固件逻辑或微引擎代码中等等。如果以遵从公认标准的编程语言编写,则这些指令可以在多种硬件平台上运行,并可接口到多种操作系统.另外,本发明并非是参考任何特定的编程语言来描述的。将可认识到,可使用多种编程语言来实现本发明在此的教导.而且,本领域中将具有多种形式(例如程序、过程、进程、应用程序等等)的软件视作为采取一个动作或造成某种结果是很常见的。这些表述仅仅是“计算机对软件的执行使得计算机的处理器执行一个动作或产生某种结果”的便捷表达方式。
图3的流程图示出了一种方法的某些方面,该方法将由执行图2所示的本发明一个实施例的计算设备所执行。具体地说,图3示出了将由执行SSO 206的计算机执行的一些动作,其中SSO 206包含了本发明的一个实施例.处理开始于过程305,在此,计算机系统200的CPU之一例如CPU210通过在过程310确保计算机系统200的所有其他CPU 220/230已执行204,从而准备执行SSO 206。JSO 204使得计算机系统200的其他CPU220/230进入停顿状态,因此它们在可信操作系统的加载期间不能干预SSO 206和CPU 210.在一个实施例中,在已停顿所有其他CPU 220/230之后,SSO 206在过程315处继续,使得CPU 210(或者在其他情形下是存储器控制器260)阻止计算机系统200的设备240/245/250访问存储器270在存储器区域参数202中指定的区域(即安全性内核275)。在SSO206的持续期间阻止设备访问安全性内核275一般只是在支持直接存储器访问(DMA)的计算机系统200中才是必需的。在一个实施例中,阻止设备访问安全性内核275也可由标准芯片集来执行。
在一个实施例中,在过程320,SSO 206清除哈希摘要280的当前内容,以准备记录当前的平台和哈希摘要信息。在过程325,SSO 206将所述平台信息记录在哈希摘要280中。平台信息的记录可以是也可不是必需的,这取决于计算机系统200的体系结构,并可包括执行SSO 206的CPU210的版本号等等。在过程330,SSO 206还计算当前出现在安全性内核275中的代码(即特权软件核125或VMM核心150)的加密哈希摘要.SSO 206还将这一信息记录在哈希摘要280中.在过程335,在哈希摘要280中记录必要的信息后,SSO 206将CPU 210置入到已知的特权状态中。一旦CPU 210处于已知的特权状态,SSO 206就可以进一步迫使CPU210跳转到安全性内核275中的已知入口点。所述已知的入口点可以是安全性内核275的任意可寻址区域。CPU 210跳转到已知入口点后,SSO206完成,发信号通知其他CPU 220/230恢复活动并将控制权返回给CPU210。
SSO 206完成后,外部实体可向哈希摘要签名引擎290发送请求,以激活可访问哈希摘要280的安全通道,并使得哈希摘要签名引擎290读取SSO 206所记录的摘要280的内容并对之进行密码签名。如前所述,通过请求这一签名,外部实体可观测由所述哈希报告的组件状态,并决定是否信任计算机系统200,即是否已加载可信操作系统。
图4的流程图示出了一种方法的某些方面,该方法将由执行图2所示的本发明一个实施例的计算设备所执行。具体地说,图4示出了运行JSO204的计算机执行的一些动作,其中JSO 204包含了本发明的一个实施例.处理开始于过程405,在此,计算机系统200的每一个非SSO CPU例如CPU 220/230响应于CPU 210上的SSO 206的动作而进入专用停顿状态.所述停顿状态防止CPU 220/230在可信操作系统的加载期间干预SSO206和CPU 210。CPU 220/230中的每一个都在进入停顿状态时发信号通知CPU 210上的SSO 206.JSO 204继续过程415处的判定,一直等到接收到“CPU 210上的SSO 206已完成可信操作系统的初始化”这一信号为止。所述初始化一完成,JSO 204就继续过程420,使得CPU 220/230退出所述专用停顿状态。在过程425,JSO 204使得CPU 220/230跳转到安全性内核275中的已知入口点,之后,JSO 204在终点430处完成处理,并将控制权返回给各CPU 220/230。
图3-4描述了SSO 206和JSO 204的处理的通用实施例,图5描述了SSO 206和JSO 204在具有VM的计算机系统200(包括具有32位CPU的VM系统和VMM扩展160)上的示例性实现.处理开始于过程505,在此,计算机系统200的CPU之一(例如CPU 210)上的SSO 206接收存储器区域参数202,该参数具有表示为参数EAX的起始物理地址和表示为ECX的结束物理地址的形式。EAX和ECX中指定的地址一起指定了存储器270中将确保其安全性的区域.SSO 206在过程510采取准备性动作,以提供SSO 206将在其中运行的所需环境.所述准备性动作取决于计算机系统200的体系结构,并可包括(但不局限于)确保所述起始物理地址EAX具有小于结束物理地址ECX的值.另外,SSO 206可确保启用了CPU 210的保护模式并禁止了调页(paging)、物理地址扩展和VM扩展模式,并将CPU 210的特权级暂时设置为零。其他可能的准备性动作可包括禁止对存储器270中将确保其安全性的一个区域或多个区域(即安全性内核275)的直接存储器访问(DMA),以及禁止到CPU 210的硬件中断。禁止硬件中断有助于确保原子性地执行SSO 206和JSO 204.更重要的是,SSO 206使得其他CPU 220/230中的每一个启动JSO 204以确保所有其他非SSO CPU都停顿,从而防止其干预SSO 206的操作,这样,SSO206就提供加载可信操作系统所需的环境.
完成所述准备性动作后,SSO 206在过程515处继续,为存储器270中的指定区域创建加密哈希280,所述区域开始于地址EAX,结束于地址ECX.当确保存储器270中的多个区域的安全性时,重复过程515,直到其安全性受确保的所有区域即整个安全性内核275都被包含在加密哈希280中。在过程520,SSO 206将加密哈希280记录在作为哈希摘要280的芯片集寄存器中.SSO 206继续过程525,引导CPU 210进入已知状态,并进一步继续过程530,使得CPU 210跳转到存储器270中的哈希(即其安全性受确保的)区域,即安全性内核275。SSO 206结束在过程535,在此CPU 210将处于所引导的已知状态,所有的中断被禁止,并且将确保安全性内核275的安全性。
图6示出了一种通用计算机系统600的一个实施例,在其中可实施本发明在图2-5中所示的一个实施例。本发明的一个实施例可实现在个人计算机(PC)体系结构上。然而,对本领域内的普通技术人员来说,很清楚也可采用其他计算机系统体系结构或其他处理器、可编程或电子设备。
一般地,图6所示的计算机系统包括一个或多个处理器602,其通过总线601耦合到随机访问存储器(RAM)603、只读存储器(ROM)604和大容量存储设备607。大容量存储设备607表示持久性数据存储设备,例如软盘驱动器、(例如磁、光、磁光等等的)固定盘驱动器,或者流式磁带驱动器。处理器602表示任意体系结构类型的中央处理单元,例如复杂指令集计算机(CISC)、精简指令集计算机(RISC)、超长指令字(VLIW)或混杂式体系结构。在一个实施例中,处理器602与英特尔体系结构(IA)处理器(例如PentiumTM系列、IA-32TM和IA-64TM)兼容。在一个实施例中,计算机系统600包括任意数量的处理器,例如图2所示的CPU 210/220/230.
显示设备605通过总线601耦合到(多个)处理器602,并提供计算机系统600的图形输出。输入设备606例如键盘或鼠标耦合到总线601,以传送信息和命令选择到处理器602。输入/输出接口610也通过总线601耦合到处理器602,该接口可用于控制连接到计算机系统600的电子设备(打印机、其他计算机等等)并向其传输数据。计算机系统600包括网络设备608,用于将计算系统600连接到网络614,可通过该网络从例如远程设备612接收数据.网络设备608可包括以太网设备、电话插孔和卫星链路.对本领域内的普通技术人员来说很清楚也可利用其他网络设备。
本发明的一个实施例可全部存储为大容量存储设备607上的软件产品.本发明的另一个实施例可嵌入在硬件产品上,例如印刷电路板中、专用处理器中或可通信地耦合到总线601的专用编程逻辑设备中。本发明的其他实施例可部分实现为软件产品而部分实现为硬件产品。
当本发明的实施例被表示为存储在机器可访问介质(也称为计算机可访问介质或处理器可访问介质)例如大容量存储设备607上的软件产品时,该机器可访问介质可以是任何类型的磁、光或电存储设备,包括磁盘、CD-ROM、存储器设备(易失性或非易失性的)或类似的存储机构。所述机器可访问介质可包含指令、代码序列、配置信息或其他数据的各种集合.本领域内的技术人员将会认识到,实现在此描述的本发明所需的其他指令和操作也可存储在所述机器可访问介质上。在本发明的一个实施例中,所述机器可访问介质包括一些指令,所述指令被机器执行时可使得该机器执行包含SSO 206和JSO 204在内的操作。
因此,在此描述了一种用于加载可信操作系统的新方法。从前面的描述中,本领域内的技术人员将会认识到可对本发明作出许多变动.例如,当在大型机或可比较的机器类型上实现本发明时,可以不必禁止对存储器270中将确保其安全性的一个区域或多个区域(即安全性内核275)的直接存储器访问(DMA),或者不必禁止到CPU 210的硬件中断。另一方面,当在具有PC体系结构的机器上实现本发明时,可能需要这些附加的保护机制来提供可在其中实施本发明的操作环境。因此,本发明并不受限于所描述的细节。相反,在所附权利要求的精神和范围之内,可以对本发明进行修正和改动来实施本发明。

Claims (28)

1. 一种加载可信操作系统的方法,包括:
由多个处理器中的第一处理器执行起始安全操作;
由所述多个处理器中除所述第一处理器之外的其余处理器执行连接安全操作,所述连接安全操作防止所述多个处理器中的所述其余处理器干预所述第一处理器的操作;
所述多个处理器中的所述第一处理器标识出计算机的存储器中的一个区域;
在所述第一处理器的控制下将内容加载到所标识区域中;
注册所标识区域的所述内容的身份,所述注册包括:
记录所标识区域的所述内容的哈希摘要,以及
由具有可访问所述哈希摘要的安全通道的摘要签名引擎来签名所述哈希摘要,该签名的哈希摘要存储在所述计算机的存储器中的寄存器中,其可由外部实体访问以验证所述内容是否可被信任;
使得所述第一处理器跳转到所述内容中的已知入口点;以及
所述第一处理器完成所述起始安全操作,并且发信号通知所述其余处理器恢复活动。
2. 如权利要求1所述的方法,还包括:
当所述第一处理器正在将所述内容加载到所标识区域中时,防止所述多个处理器中的至少第二处理器干预所述标识、加载和注册。
3. 如权利要求2所述的方法,其中防止干预包括停顿所述多个处理器中的至少所述第二处理器,直到所述标识、加载和注册完成。
4. 如权利要求2所述的方法,还包括:
使得所述多个处理器中的至少所述第二处理器跳转到所述内容中的已知入口点。
5. 如权利要求1所述的方法,其中“标识”包括接收一个区域参数,该区域参数指定了所述区域的位置。
6. 如权利要求5所述的方法,其中所述位置是所述计算机的存储器中可定位所述区域的地址范围。
7. 如权利要求5所述的方法,其中所述位置包括所述计算机的存储器中可定位所述区域的起始地址和长度。
8. 如权利要求1所述的方法,其中所述内容是将操作所述计算机的操作系统的组件。
9. 如权利要求8所述的方法,其中所述操作系统是Windows操作系统、Windows 95操作系统、Windows 98操作系统、Windows NT操作系统、Windows 2000操作系统、虚拟机监控器以及特权软件核中之一。
10. 如权利要求1所述的方法,其中所述标识、加载和注册不可中断。
11. 一种确保计算机的存储器中某个区域的安全性的方法,包括:
在计算机中的多个CPU中,停顿除一个CPU之外的所有其他CPU;
阻止除了所述未被停顿的CPU之外的所有其他资源访问该计算机的存储器中的某个区域;
记录所述区域的加密哈希;以及
将所述未被停顿的CPU置入已知的特权状态。
12. 如权利要求11所述的方法,还包括使得所述未被停顿的CPU跳转到所述区域中的已知入口点。
13. 如权利要求11所述的方法,其中“停顿”包括使得多个CPU中除一个CPU之外的所有其他CPU进入专用停顿状态。
14. 如权利要求13所述的方法,还包括:使得所述被停顿的CPU在所述未被停顿的CPU已被置入所述已知特权状态后退出所述专用停顿状态。
15. 如权利要求14所述的方法,还包括:使得以前被停顿的CPU在退出所述专用停顿状态后在所述区域中的已知入口点处开始运行。
16. 如权利要求11所述的方法,其中记录所述加密哈希包括:
清除所述计算机的存储器中的哈希摘要区域;
将所需的平台信息记录在所述哈希摘要区域中;
计算所述区域的内容的加密哈希;以及
将所计算的加密哈希记录在所述哈希摘要区域中。
17. 如权利要求16所述的方法,其中所述哈希摘要区域是所述计算机的存储器中的寄存器。
18. 如权利要求16所述的方法,其中计算所述区域的内容的加密哈希由耦合到所述计算机的存储器的摘要签名引擎执行。
19. 如权利要求11所述的方法,其中在至少一个区域参数中指定所述区域。
20. 如权利要求19所述的方法,其中所述至少一个区域参数是所述计算机的存储器中其安全性将受确保的区域的地址。
21. 如权利要求19所述的方法,其中所述至少一个区域参数是所述计算机的存储器中其安全性将受确保的区域的长度。
22. 一种加载可信操作系统的装置,包括:
具有起始安全操作的第一处理器,所述起始安全操作具有存储器区域参数,其中所述第一处理器执行所述起始安全操作,以阻止对所述存储器区域参数中指定的存储器区域的访问,并将内容置入所指定的区域中;
摘要签名引擎,具有可访问哈希摘要的安全通道,该摘要签名引擎签名所述哈希摘要,并将该签名的哈希摘要存储在所述计算机的存储器中的寄存器中,其可由物理地独立于所述装置的外部实体访问以验证所述内容是否可被信任;以及
其中,所述第一处理器还执行所述起始安全操作,以便(i)清除所述哈希摘要的当前内容,并在所述哈希摘要中记录所指定的区域的内容的加密哈希,以及(ii)解除对所指定的区域的访问禁止,并跳转到所指定的区域的内容中的已知入口点。
23. 如权利要求22所述的装置,还包括:
第二处理器,所述第二处理器具有连接安全操作,其中所述第二处理器执行所述连接安全操作来防止所述第二处理器干预所述第一处理器对所述起始安全操作的执行。
24. 如权利要求23所述的装置,其中当所述第一处理器开始执行所述起始安全操作时,所述第二处理器开始执行所述连接安全操作。
25. 如权利要求23所述的装置,其中,为了防止所述第二处理器干预所述第一处理器对起始安全操作的执行,所述连接安全操作使得所述第二处理器进入停顿状态,直到所述第一处理器完成所述起始安全操作的执行。
26. 如权利要求25所述的装置,其中所述第一处理器执行连接安全操作来进一步使得所述第二处理器退出所述停顿状态,所述退出发生在所述第一处理器完成所述起始安全操作的执行并在所指定的区域的内容中的已知入口点处开始运行后。
27. 如权利要求22所述的装置,还包括具有可访问所述哈希摘要的安全通道的摘要签名引擎,该摘要签名引擎响应于执行所述起始安全操作的所述第一处理器的请求,计算所指定的区域中的内容的加密哈希。
28. 如权利要求22所述的装置,其中所述哈希摘要是所述装置的存储器中所指定的区域之外的寄存器。
CNB03804546XA 2002-02-25 2003-02-13 加载可信操作系统的方法和装置 Expired - Lifetime CN100423013C (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/085,839 2002-02-25
US10/085,839 US7631196B2 (en) 2002-02-25 2002-02-25 Method and apparatus for loading a trustable operating system

Publications (2)

Publication Number Publication Date
CN1723465A CN1723465A (zh) 2006-01-18
CN100423013C true CN100423013C (zh) 2008-10-01

Family

ID=27753730

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB03804546XA Expired - Lifetime CN100423013C (zh) 2002-02-25 2003-02-13 加载可信操作系统的方法和装置

Country Status (7)

Country Link
US (3) US7631196B2 (zh)
CN (1) CN100423013C (zh)
AU (1) AU2003213080A1 (zh)
DE (4) DE10397004A5 (zh)
GB (1) GB2402521B (zh)
HK (1) HK1068178A1 (zh)
WO (1) WO2003073269A2 (zh)

Families Citing this family (50)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7653710B2 (en) 2002-06-25 2010-01-26 Qst Holdings, Llc. Hardware task manager
US7962716B2 (en) 2001-03-22 2011-06-14 Qst Holdings, Inc. Adaptive integrated circuitry with heterogeneous and reconfigurable matrices of diverse and adaptive computational units having fixed, application specific computational elements
US7752419B1 (en) 2001-03-22 2010-07-06 Qst Holdings, Llc Method and system for managing hardware resources to implement system functions using an adaptive computing architecture
US7249242B2 (en) 2002-10-28 2007-07-24 Nvidia Corporation Input pipeline registers for a node in an adaptive computing engine
US6836839B2 (en) 2001-03-22 2004-12-28 Quicksilver Technology, Inc. Adaptive integrated circuitry with heterogeneous and reconfigurable matrices of diverse and adaptive computational units having fixed, application specific computational elements
US6577678B2 (en) 2001-05-08 2003-06-10 Quicksilver Technology Method and system for reconfigurable channel coding
US7046635B2 (en) 2001-11-28 2006-05-16 Quicksilver Technology, Inc. System for authorizing functionality in adaptable hardware devices
US6986021B2 (en) 2001-11-30 2006-01-10 Quick Silver Technology, Inc. Apparatus, method, system and executable module for configuration and operation of adaptive integrated circuitry having fixed, application specific computational elements
US8412915B2 (en) 2001-11-30 2013-04-02 Altera Corporation Apparatus, system and method for configuration of adaptive integrated circuitry having heterogeneous computational elements
US7215701B2 (en) 2001-12-12 2007-05-08 Sharad Sambhwani Low I/O bandwidth method and system for implementing detection and identification of scrambling codes
US7403981B2 (en) 2002-01-04 2008-07-22 Quicksilver Technology, Inc. Apparatus and method for adaptive multimedia reception and transmission in communication environments
US7631196B2 (en) 2002-02-25 2009-12-08 Intel Corporation Method and apparatus for loading a trustable operating system
US7069442B2 (en) 2002-03-29 2006-06-27 Intel Corporation System and method for execution of a secured environment initialization instruction
US7660984B1 (en) * 2003-05-13 2010-02-09 Quicksilver Technology Method and system for achieving individualized protected space in an operating system
US7328414B1 (en) 2003-05-13 2008-02-05 Qst Holdings, Llc Method and system for creating and programming an adaptive computing engine
US8108656B2 (en) 2002-08-29 2012-01-31 Qst Holdings, Llc Task definition for specifying resource requirements
US7937591B1 (en) 2002-10-25 2011-05-03 Qst Holdings, Llc Method and system for providing a device which can be adapted on an ongoing basis
US8276135B2 (en) 2002-11-07 2012-09-25 Qst Holdings Llc Profiling of software and circuit designs utilizing data operation analyses
US7225301B2 (en) 2002-11-22 2007-05-29 Quicksilver Technologies External memory controller node
US20050044408A1 (en) * 2003-08-18 2005-02-24 Bajikar Sundeep M. Low pin count docking architecture for a trusted platform
US7496961B2 (en) * 2003-10-15 2009-02-24 Intel Corporation Methods and apparatus to provide network traffic support and physical security support
US8239673B2 (en) * 2004-04-08 2012-08-07 Texas Instruments Incorporated Methods, apparatus and systems with loadable kernel architecture for processors
GB0411654D0 (en) * 2004-05-25 2004-06-30 Hewlett Packard Development Co A generic trusted platform architecture
US7698552B2 (en) * 2004-06-03 2010-04-13 Intel Corporation Launching a secure kernel in a multiprocessor system
US7694121B2 (en) * 2004-06-30 2010-04-06 Microsoft Corporation System and method for protected operating system boot using state validation
US7886293B2 (en) * 2004-07-07 2011-02-08 Intel Corporation Optimizing system behavior in a virtual machine environment
US7370189B2 (en) 2004-09-30 2008-05-06 Intel Corporation Method and apparatus for establishing safe processor operating points in connection with a secure boot
US7647589B1 (en) * 2005-02-07 2010-01-12 Parallels Software International, Inc. Methods and systems for safe execution of guest code in virtual machine context
JP4606339B2 (ja) * 2005-02-07 2011-01-05 株式会社ソニー・コンピュータエンタテインメント セキュアなプロセッサの処理の移行を実施する方法および装置
JP4522372B2 (ja) * 2005-02-07 2010-08-11 株式会社ソニー・コンピュータエンタテインメント プロセッサと外部のデバイスとの間にセキュアセッションを実現する方法および装置
JP4489030B2 (ja) * 2005-02-07 2010-06-23 株式会社ソニー・コンピュータエンタテインメント プロセッサ内にセキュアな起動シーケンスを提供する方法および装置
US7895651B2 (en) 2005-07-29 2011-02-22 Bit 9, Inc. Content tracking in a network security system
US8984636B2 (en) 2005-07-29 2015-03-17 Bit9, Inc. Content extractor and analysis system
US8272058B2 (en) 2005-07-29 2012-09-18 Bit 9, Inc. Centralized timed analysis in a network security system
CN100345112C (zh) * 2005-11-25 2007-10-24 中国科学院软件研究所 操作系统的构件化扩充方法
DE102006008248A1 (de) * 2006-02-22 2007-08-23 Giesecke & Devrient Gmbh Betriebssystem für eine Chipkarte mit einem Multi-Tasking Kernel
US7840795B2 (en) * 2006-10-17 2010-11-23 Zachary Nathaniel Joseph Peterson Method and apparatus for limiting access to sensitive data
JP5990466B2 (ja) 2010-01-21 2016-09-14 スビラル・インコーポレーテッド ストリームに基づく演算を実装するための汎用複数コアシステムのための方法および装置
US20120047580A1 (en) * 2010-08-18 2012-02-23 Smith Ned M Method and apparatus for enforcing a mandatory security policy on an operating system (os) independent anti-virus (av) scanner
US9830163B2 (en) * 2012-06-08 2017-11-28 Advanced Micro Devices, Inc. Control flow in a heterogeneous computer system
US8938796B2 (en) 2012-09-20 2015-01-20 Paul Case, SR. Case secure computer architecture
US9854841B2 (en) 2012-10-08 2018-01-02 Rai Strategic Holdings, Inc. Electronic smoking article and associated method
US9275248B1 (en) * 2013-02-13 2016-03-01 Amazon Technologies, Inc. Updating processor microcode
US9563457B2 (en) 2013-11-18 2017-02-07 Bitdefender IPR Management Ltd. Enabling a secure environment through operating system switching
US9117081B2 (en) 2013-12-20 2015-08-25 Bitdefender IPR Management Ltd. Strongly isolated malware scanning using secure virtual containers
US9652631B2 (en) * 2014-05-05 2017-05-16 Microsoft Technology Licensing, Llc Secure transport of encrypted virtual machines with continuous owner access
US9519787B2 (en) 2014-11-14 2016-12-13 Microsoft Technology Licensing, Llc Secure creation of encrypted virtual machines from encrypted templates
US10395039B2 (en) * 2016-09-12 2019-08-27 Dell Products, L.P. Customer-owned trust of device firmware
CN108595981B (zh) * 2018-05-09 2021-07-20 深圳市桑格尔科技股份有限公司 加密安卓系统的方法
US11537421B1 (en) * 2019-06-07 2022-12-27 Amazon Technologies, Inc. Virtual machine monitor providing secure cryptographic operations

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0849657A1 (en) * 1996-12-18 1998-06-24 NCR International, Inc. Secure data processing method and system
US5953502A (en) * 1997-02-13 1999-09-14 Helbig, Sr.; Walter A Method and apparatus for enhancing computer system security
WO2000010283A1 (en) * 1998-08-14 2000-02-24 Intel Corporation Digital content protection using a secure booting method and apparatus
WO2002003196A2 (en) * 2000-06-30 2002-01-10 Intel Corporation Protection of boot block data and accurate reporting of boot block contents
CN1334521A (zh) * 2000-07-24 2002-02-06 索尼公司 信息处理方法、任务间通信方法及其计算机可执行程序

Family Cites Families (283)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3699532A (en) * 1970-04-21 1972-10-17 Singer Co Multiprogramming control for a data handling system
US3996449A (en) 1975-08-25 1976-12-07 International Business Machines Corporation Operating system authenticator
US4162536A (en) 1976-01-02 1979-07-24 Gould Inc., Modicon Div. Digital input/output system and method
US4037214A (en) 1976-04-30 1977-07-19 International Business Machines Corporation Key register controlled accessing system
US4247905A (en) 1977-08-26 1981-01-27 Sharp Kabushiki Kaisha Memory clear system
US4278837A (en) 1977-10-31 1981-07-14 Best Robert M Crypto microprocessor for executing enciphered programs
US4276594A (en) 1978-01-27 1981-06-30 Gould Inc. Modicon Division Digital computer with multi-processor capability utilizing intelligent composite memory and input/output modules and method for performing the same
US4207609A (en) * 1978-05-08 1980-06-10 International Business Machines Corporation Method and means for path independent device reservation and reconnection in a multi-CPU and shared device access system
JPS5823570B2 (ja) * 1978-11-30 1983-05-16 国産電機株式会社 液面検出装置
JPS5576447A (en) 1978-12-01 1980-06-09 Fujitsu Ltd Address control system for software simulation
US4307447A (en) 1979-06-19 1981-12-22 Gould Inc. Programmable controller
US4529870A (en) * 1980-03-10 1985-07-16 David Chaum Cryptographic identification, financial transaction, and credential device
US4319323A (en) 1980-04-04 1982-03-09 Digital Equipment Corporation Communications device for data processing system
US4419724A (en) * 1980-04-14 1983-12-06 Sperry Corporation Main bus interface package
US4366537A (en) 1980-05-23 1982-12-28 International Business Machines Corp. Authorization mechanism for transfer of program control or data between different address spaces having different storage protect keys
US4403283A (en) * 1980-07-28 1983-09-06 Ncr Corporation Extended memory system and method
DE3034581A1 (de) 1980-09-13 1982-04-22 Robert Bosch Gmbh, 7000 Stuttgart Auslesesicherung bei einchip-mikroprozessoren
JPS58140862A (ja) * 1982-02-16 1983-08-20 Toshiba Corp 相互排他方式
US4521852A (en) 1982-06-30 1985-06-04 Texas Instruments Incorporated Data processing device formed on a single semiconductor substrate having secure memory
JPS59111561A (ja) 1982-12-17 1984-06-27 Hitachi Ltd 複合プロセツサ・システムのアクセス制御方式
US4759064A (en) 1985-10-07 1988-07-19 Chaum David L Blind unanticipated signature systems
US4571972A (en) * 1984-02-27 1986-02-25 Kinefac Corp. Skewed-axis cylindrical die rolling
US4975836A (en) 1984-12-19 1990-12-04 Hitachi, Ltd. Virtual computer system
JPS61206057A (ja) 1985-03-11 1986-09-12 Hitachi Ltd アドレス変換装置
FR2592510B1 (fr) * 1985-12-31 1988-02-12 Bull Cp8 Procede et appareil pour certifier des services obtenus a l'aide d'un support portatif tel qu'une carte a memoire
FR2601476B1 (fr) * 1986-07-11 1988-10-21 Bull Cp8 Procede pour authentifier une donnee d'habilitation externe par un objet portatif tel qu'une carte a memoire
FR2601525B1 (fr) 1986-07-11 1988-10-21 Bull Cp8 Dispositif de securite interdisant le fonctionnement d'un ensemble electronique apres une premiere coupure de son alimentation electrique
FR2601535B1 (fr) * 1986-07-11 1988-10-21 Bull Cp8 Procede pour certifier l'authenticite d'une donnee echangee entre deux dispositifs connectes en local ou a distance par une ligne de transmission
FR2618002B1 (fr) * 1987-07-10 1991-07-05 Schlumberger Ind Sa Procede et systeme d'authentification de cartes a memoire electronique
US4843541A (en) * 1987-07-29 1989-06-27 International Business Machines Corporation Logical resource partitioning of a data processing system
FR2620248B1 (fr) 1987-09-07 1989-11-24 France Etat Procedes d'authentification d'accreditations ou de messages a apport nul de connaissance et de signature de messages
US5007082A (en) 1988-08-03 1991-04-09 Kelly Services, Inc. Computer software encryption apparatus
US4974159A (en) * 1988-09-13 1990-11-27 Microsoft Corporation Method of transferring control in a multitasking computer system
US5079737A (en) 1988-10-25 1992-01-07 United Technologies Corporation Memory management unit for the MIL-STD 1750 bus
US5434999A (en) 1988-11-09 1995-07-18 Bull Cp8 Safeguarded remote loading of service programs by authorizing loading in protected memory zones in a terminal
FR2640798B1 (fr) 1988-12-20 1993-01-08 Bull Cp8 Dispositif de traitement de donnees comportant une memoire non volatile electriquement effacable et reprogrammable
JPH02171934A (ja) 1988-12-26 1990-07-03 Hitachi Ltd 仮想計算機システム
JPH02208740A (ja) 1989-02-09 1990-08-20 Fujitsu Ltd 仮想計算機制御方式
US5781753A (en) 1989-02-24 1998-07-14 Advanced Micro Devices, Inc. Semi-autonomous RISC pipelines for overlapped execution of RISC-like instructions within the multiple superscalar execution units of a processor having distributed pipeline control for speculative and out-of-order execution of complex instructions
US5442645A (en) 1989-06-06 1995-08-15 Bull Cp8 Method for checking the integrity of a program or data, and apparatus for implementing this method
JP2590267B2 (ja) 1989-06-30 1997-03-12 株式会社日立製作所 仮想計算機における表示制御方式
US5022077A (en) 1989-08-25 1991-06-04 International Business Machines Corp. Apparatus and method for preventing unauthorized access to BIOS in a personal computer system
JP2825550B2 (ja) 1989-09-21 1998-11-18 株式会社日立製作所 多重仮想空間アドレス制御方法および計算機システム
CA2010591C (en) 1989-10-20 1999-01-26 Phillip M. Adams Kernels, description tables and device drivers
CA2027799A1 (en) 1989-11-03 1991-05-04 David A. Miller Method and apparatus for independently resetting processors and cache controllers in multiple processor systems
US5075842A (en) 1989-12-22 1991-12-24 Intel Corporation Disabling tag bit recognition and allowing privileged operations to occur in an object-oriented memory protection mechanism
EP0473913A3 (en) 1990-09-04 1992-12-16 International Business Machines Corporation Method and apparatus for providing a service pool of virtual machines for a plurality of vm users
US5108590A (en) 1990-09-12 1992-04-28 Disanto Dennis Water dispenser
US5230069A (en) 1990-10-02 1993-07-20 International Business Machines Corporation Apparatus and method for providing private and shared access to host address and data spaces by guest programs in a virtual machine computer system
US5317705A (en) 1990-10-24 1994-05-31 International Business Machines Corporation Apparatus and method for TLB purge reduction in a multi-level machine system
US5287363A (en) * 1991-07-01 1994-02-15 Disk Technician Corporation System for locating and anticipating data storage media failures
US5437033A (en) 1990-11-16 1995-07-25 Hitachi, Ltd. System for recovery from a virtual machine monitor failure with a continuous guest dispatched to a nonguest mode
US5255379A (en) 1990-12-28 1993-10-19 Sun Microsystems, Inc. Method for automatically transitioning from V86 mode to protected mode in a computer system using an Intel 80386 or 80486 processor
US5453003A (en) * 1991-01-09 1995-09-26 Pfefferle; William C. Catalytic method
US5446904A (en) * 1991-05-17 1995-08-29 Zenith Data Systems Corporation Suspend/resume capability for a protected mode microprocessor
JPH04348434A (ja) 1991-05-27 1992-12-03 Hitachi Ltd 仮想計算機システム
US5276863A (en) * 1991-06-28 1994-01-04 Digital Equipment Corporation Computer system console
US5522075A (en) 1991-06-28 1996-05-28 Digital Equipment Corporation Protection ring extension for computers having distinct virtual machine monitor and virtual machine address spaces
US5319760A (en) 1991-06-28 1994-06-07 Digital Equipment Corporation Translation buffer for virtual machines with address space match
US5455909A (en) * 1991-07-05 1995-10-03 Chips And Technologies Inc. Microprocessor with operation capture facility
JPH06236284A (ja) 1991-10-21 1994-08-23 Intel Corp コンピュータシステム処理状態を保存及び復元する方法及びコンピュータシステム
WO1993009494A1 (en) * 1991-10-28 1993-05-13 Digital Equipment Corporation Fault-tolerant computer processing using a shadow virtual processor
US5627987A (en) 1991-11-29 1997-05-06 Kabushiki Kaisha Toshiba Memory management and protection system for virtual memory in computer system
US5574936A (en) 1992-01-02 1996-11-12 Amdahl Corporation Access control mechanism controlling access to and logical purging of access register translation lookaside buffer (ALB) in a computer system
US5486529A (en) * 1992-04-16 1996-01-23 Zeneca Limited Certain pyridyl ketones for treating diseases involving leukocyte elastase
US5421006A (en) 1992-05-07 1995-05-30 Compaq Computer Corp. Method and apparatus for assessing integrity of computer system software
US5237616A (en) * 1992-09-21 1993-08-17 International Business Machines Corporation Secure computer system having privileged and unprivileged memories
US5293424A (en) 1992-10-14 1994-03-08 Bull Hn Information Systems Inc. Secure memory card
US5796835A (en) 1992-10-27 1998-08-18 Bull Cp8 Method and system for writing information in a data carrier making it possible to later certify the originality of this information
JP2765411B2 (ja) 1992-11-30 1998-06-18 株式会社日立製作所 仮想計算機方式
EP0600112A1 (de) 1992-11-30 1994-06-08 Siemens Nixdorf Informationssysteme Aktiengesellschaft Datenverarbeitungsanlage mit virtueller Speicheradressierung und schlüsselgesteuertem Speicherzugriff
US5668971A (en) * 1992-12-01 1997-09-16 Compaq Computer Corporation Posted disk read operations performed by signalling a disk read complete to the system prior to completion of data transfer
EP0602867A1 (en) 1992-12-17 1994-06-22 NCR International, Inc. An apparatus for securing a system platform
JPH06187178A (ja) 1992-12-18 1994-07-08 Hitachi Ltd 仮想計算機システムの入出力割込み制御方法
FR2700430B1 (fr) 1992-12-30 1995-02-10 Jacques Stern Procédé d'authentification d'au moins un dispositif d'identification par un dispositif de vérification et dispositif pour sa mise en Óoeuvre.
US5483656A (en) * 1993-01-14 1996-01-09 Apple Computer, Inc. System for managing power consumption of devices coupled to a common bus
US5469557A (en) 1993-03-05 1995-11-21 Microchip Technology Incorporated Code protection in microcontroller with EEPROM fuses
FR2703800B1 (fr) 1993-04-06 1995-05-24 Bull Cp8 Procédé de signature d'un fichier informatique, et dispositif pour la mise en Óoeuvre.
US5628023A (en) * 1993-04-19 1997-05-06 International Business Machines Corporation Virtual storage computer system having methods and apparatus for providing token-controlled access to protected pages of memory via a token-accessible view
FR2704341B1 (fr) 1993-04-22 1995-06-02 Bull Cp8 Dispositif de protection des clés d'une carte à puce.
JPH06348867A (ja) 1993-06-04 1994-12-22 Hitachi Ltd マイクロコンピュータ
FR2706210B1 (fr) 1993-06-08 1995-07-21 Bull Cp8 Procédé d'authentification d'un objet portatif par un terminal hors ligne, objet portatif et terminal correspondants.
US5444850A (en) * 1993-08-04 1995-08-22 Trend Micro Devices Incorporated Method and apparatus for controlling network and workstation access prior to workstation boot
US5555385A (en) 1993-10-27 1996-09-10 International Business Machines Corporation Allocation of address spaces within virtual machine compute system
FR2714780B1 (fr) 1993-12-30 1996-01-26 Stern Jacques Procédé d'authentification d'au moins un dispositif d'identification par un dispositif de vérification.
US5825880A (en) * 1994-01-13 1998-10-20 Sudia; Frank W. Multi-step digital signature method and system
US5459869A (en) 1994-02-17 1995-10-17 Spilo; Michael L. Method for providing protected mode services for device drivers and other resident software
US5604805A (en) * 1994-02-28 1997-02-18 Brands; Stefanus A. Privacy-protected transfer of electronic information
FR2717286B1 (fr) * 1994-03-09 1996-04-05 Bull Cp8 Procédé et dispositif pour authentifier un support de données destiné à permettre une transaction ou l'accès à un service ou à un lieu, et support correspondant.
US5684881A (en) 1994-05-23 1997-11-04 Matsushita Electric Industrial Co., Ltd. Sound field and sound image control apparatus and method
US5539828A (en) 1994-05-31 1996-07-23 Intel Corporation Apparatus and method for providing secured communications
US5473692A (en) 1994-09-07 1995-12-05 Intel Corporation Roving software license for a hardware agent
US5533123A (en) 1994-06-28 1996-07-02 National Semiconductor Corporation Programmable distributed personal security
FR2752122B1 (fr) 1994-07-28 1998-11-27 France Telecom Procede d'authentification a nombre reduit de bits transmis
US5978481A (en) 1994-08-16 1999-11-02 Intel Corporation Modem compatible method and apparatus for encrypting data that is transparent to software applications
JPH0883211A (ja) * 1994-09-12 1996-03-26 Mitsubishi Electric Corp データ処理装置
DE69534757T2 (de) 1994-09-15 2006-08-31 International Business Machines Corp. System und Verfahren zur sicheren Speicherung und Verteilung von Daten unter Verwendung digitaler Unterschriften
US6058478A (en) * 1994-09-30 2000-05-02 Intel Corporation Apparatus and method for a vetted field upgrade
FR2725537B1 (fr) 1994-10-11 1996-11-22 Bull Cp8 Procede de chargement d'une zone memoire protegee d'un dispositif de traitement de l'information et dispositif associe
US5903752A (en) * 1994-10-13 1999-05-11 Intel Corporation Method and apparatus for embedding a real-time multi-tasking kernel in a non-real-time operating system
US5606617A (en) 1994-10-14 1997-02-25 Brands; Stefanus A. Secret-key certificates
US5564040A (en) 1994-11-08 1996-10-08 International Business Machines Corporation Method and apparatus for providing a server function in a logically partitioned hardware machine
US6269392B1 (en) 1994-11-15 2001-07-31 Christian Cotichini Method and apparatus to monitor and locate an electronic device using a secured intelligent agent
US5560013A (en) * 1994-12-06 1996-09-24 International Business Machines Corporation Method of using a target processor to execute programs of a source architecture that uses multiple address spaces
US5555414A (en) 1994-12-14 1996-09-10 International Business Machines Corporation Multiprocessing system including gating of host I/O and external enablement to guest enablement at polling intervals
US5615263A (en) 1995-01-06 1997-03-25 Vlsi Technology, Inc. Dual purpose security architecture with protected internal operating system
US5764969A (en) 1995-02-10 1998-06-09 International Business Machines Corporation Method and system for enhanced management operation utilizing intermixed user level and supervisory level instructions with partial concept synchronization
FR2731536B1 (fr) * 1995-03-10 1997-04-18 Schlumberger Ind Sa Procede d'inscription securisee d'informations dans un support portable
US5717903A (en) 1995-05-15 1998-02-10 Compaq Computer Corporation Method and appartus for emulating a peripheral device to allow device driver development before availability of the peripheral device
KR0146438B1 (ko) 1995-05-17 1998-09-15 조백제 인증교환 방법과 복원형 전자서명 방법 및 부가형 전자서명 방법
JP3451595B2 (ja) 1995-06-07 2003-09-29 インターナショナル・ビジネス・マシーンズ・コーポレーション 二つの別個の命令セット・アーキテクチャへの拡張をサポートすることができるアーキテクチャ・モード制御を備えたマイクロプロセッサ
US5684948A (en) * 1995-09-01 1997-11-04 National Semiconductor Corporation Memory management circuit which provides simulated privilege levels
US5633929A (en) * 1995-09-15 1997-05-27 Rsa Data Security, Inc Cryptographic key escrow system having reduced vulnerability to harvesting attacks
US5737760A (en) 1995-10-06 1998-04-07 Motorola Inc. Microcontroller with security logic circuit which prevents reading of internal memory by external program
US6093213A (en) * 1995-10-06 2000-07-25 Advanced Micro Devices, Inc. Flexible implementation of a system management mode (SMM) in a processor
JP3693721B2 (ja) 1995-11-10 2005-09-07 Necエレクトロニクス株式会社 フラッシュメモリ内蔵マイクロコンピュータ及びそのテスト方法
IL116708A (en) 1996-01-08 2000-12-06 Smart Link Ltd Real-time task manager for a personal computer
WO1997025798A1 (en) 1996-01-11 1997-07-17 Mrj, Inc. System for controlling access and distribution of digital property
US5657445A (en) 1996-01-26 1997-08-12 Dell Usa, L.P. Apparatus and method for limiting access to mass storage devices in a computer system
US5835594A (en) 1996-02-09 1998-11-10 Intel Corporation Methods and apparatus for preventing unauthorized write access to a protected non-volatile storage
US5815665A (en) * 1996-04-03 1998-09-29 Microsoft Corporation System and method for providing trusted brokering services over a distributed network
US5978484A (en) 1996-04-25 1999-11-02 Microsoft Corporation System and method for safety distributing executable objects
US5978892A (en) 1996-05-03 1999-11-02 Digital Equipment Corporation Virtual memory allocation in a virtual address space having an inaccessible gap
US5809546A (en) * 1996-05-23 1998-09-15 International Business Machines Corporation Method for managing I/O buffers in shared storage by structuring buffer table having entries including storage keys for controlling accesses to the buffers
US6205550B1 (en) * 1996-06-13 2001-03-20 Intel Corporation Tamper resistant methods and apparatus
US6178509B1 (en) * 1996-06-13 2001-01-23 Intel Corporation Tamper resistant methods and apparatus
US6175925B1 (en) * 1996-06-13 2001-01-16 Intel Corporation Tamper resistant player for scrambled contents
US5729760A (en) 1996-06-21 1998-03-17 Intel Corporation System for providing first type access to register if processor in first mode and second type access to register if processor not in first mode
US5944821A (en) * 1996-07-11 1999-08-31 Compaq Computer Corporation Secure software registration and integrity assessment in a computer system
US6199152B1 (en) * 1996-08-22 2001-03-06 Transmeta Corporation Translated memory protection apparatus for an advanced microprocessor
US5740178A (en) * 1996-08-29 1998-04-14 Lucent Technologies Inc. Software for controlling a reliable backup memory
US6055637A (en) * 1996-09-27 2000-04-25 Electronic Data Systems Corporation System and method for accessing enterprise-wide resources by presenting to the resource a temporary credential
US5844986A (en) 1996-09-30 1998-12-01 Intel Corporation Secure BIOS
US5937063A (en) 1996-09-30 1999-08-10 Intel Corporation Secure boot
US5935242A (en) * 1996-10-28 1999-08-10 Sun Microsystems, Inc. Method and apparatus for initializing a device
JPH10134008A (ja) * 1996-11-05 1998-05-22 Mitsubishi Electric Corp 半導体装置およびコンピュータシステム
US5852717A (en) * 1996-11-20 1998-12-22 Shiva Corporation Performance optimizations for computer networks utilizing HTTP
DE19649292A1 (de) * 1996-11-28 1998-06-04 Deutsche Telekom Ag Verfahren zum Sichern eines durch eine Schlüsselhierarchie geschützten Systems
US5901225A (en) 1996-12-05 1999-05-04 Advanced Micro Devices, Inc. System and method for performing software patches in embedded systems
US5757919A (en) 1996-12-12 1998-05-26 Intel Corporation Cryptographically protected paging subsystem
US5818939A (en) 1996-12-18 1998-10-06 Intel Corporation Optimized security functionality in an electronic system
US5953422A (en) * 1996-12-31 1999-09-14 Compaq Computer Corporation Secure two-piece user authentication in a computer network
US6412035B1 (en) 1997-02-03 2002-06-25 Real Time, Inc. Apparatus and method for decreasing the response times of interrupt service routines
EP1013023B1 (en) * 1997-02-13 2005-10-26 Walter A. Helbig, Sr. Security coprocessor for enhancing computer system security
JP4000654B2 (ja) 1997-02-27 2007-10-31 セイコーエプソン株式会社 半導体装置及び電子機器
US5867658A (en) * 1997-04-04 1999-02-02 International Business Machines Corporation Method and apparatus for implementing a stop state for a processor in a multiprocessor system
US6272637B1 (en) 1997-04-14 2001-08-07 Dallas Semiconductor Corporation Systems and methods for protecting access to encrypted information
US6557104B2 (en) * 1997-05-02 2003-04-29 Phoenix Technologies Ltd. Method and apparatus for secure processing of cryptographic keys
FR2763452B1 (fr) 1997-05-13 1999-06-18 France Telecom Procede d'identification a cle publique
US6044478A (en) * 1997-05-30 2000-03-28 National Semiconductor Corporation Cache with finely granular locked-down regions
US6307214B1 (en) 1997-06-06 2001-10-23 Semiconductor Energy Laboratory Co., Ltd. Semiconductor thin film and semiconductor device
US6075938A (en) 1997-06-10 2000-06-13 The Board Of Trustees Of The Leland Stanford Junior University Virtual machine monitors for scalable multiprocessors
US5987557A (en) 1997-06-19 1999-11-16 Sun Microsystems, Inc. Method and apparatus for implementing hardware protection domains in a system with no memory management unit (MMU)
US6175924B1 (en) * 1997-06-20 2001-01-16 International Business Machines Corp. Method and apparatus for protecting application data in secure storage areas
US6035374A (en) * 1997-06-25 2000-03-07 Sun Microsystems, Inc. Method of executing coded instructions in a multiprocessor having shared execution resources including active, nap, and sleep states in accordance with cache miss latency
US6584565B1 (en) 1997-07-15 2003-06-24 Hewlett-Packard Development Company, L.P. Method and apparatus for long term verification of digital signatures
US6014745A (en) * 1997-07-17 2000-01-11 Silicon Systems Design Ltd. Protection for customer programs (EPROM)
US6212635B1 (en) * 1997-07-18 2001-04-03 David C. Reardon Network security system allowing access and modification to a security subsystem after initial installation when a master token is in place
US5978475A (en) 1997-07-18 1999-11-02 Counterpane Internet Security, Inc. Event auditing system
US5919257A (en) * 1997-08-08 1999-07-06 Novell, Inc. Networked workstation intrusion detection system
DE19735948C1 (de) * 1997-08-19 1998-10-01 Siemens Nixdorf Inf Syst Verfahren zur Verbesserung der Steuerungsmöglichkeit in Datenverarbeitungsanlagen mit Adreßübersetzung
US6282657B1 (en) 1997-09-16 2001-08-28 Safenet, Inc. Kernel mode protection
US5935247A (en) * 1997-09-18 1999-08-10 Geneticware Co., Ltd. Computer system having a genetic code that cannot be directly accessed and a method of maintaining the same
US6148379A (en) 1997-09-19 2000-11-14 Silicon Graphics, Inc. System, method and computer program product for page sharing between fault-isolated cells in a distributed shared memory system
US6182089B1 (en) * 1997-09-23 2001-01-30 Silicon Graphics, Inc. Method, system and computer program product for dynamically allocating large memory pages of different sizes
US6357004B1 (en) * 1997-09-30 2002-03-12 Intel Corporation System and method for ensuring integrity throughout post-processing
US6061794A (en) * 1997-09-30 2000-05-09 Compaq Computer Corp. System and method for performing secure device communications in a peer-to-peer bus architecture
US5970147A (en) 1997-09-30 1999-10-19 Intel Corporation System and method for configuring and registering a cryptographic device
US6085296A (en) 1997-11-12 2000-07-04 Digital Equipment Corporation Sharing memory pages and page tables among computer processes
US6219787B1 (en) 1997-12-22 2001-04-17 Texas Instruments Incorporated Method and apparatus for extending security model to native code
US6378072B1 (en) * 1998-02-03 2002-04-23 Compaq Computer Corporation Cryptographic system
US6308270B1 (en) 1998-02-13 2001-10-23 Schlumberger Technologies, Inc. Validating and certifying execution of a software program with a smart card
US6108644A (en) * 1998-02-19 2000-08-22 At&T Corp. System and method for electronic transactions
US6131166A (en) * 1998-03-13 2000-10-10 Sun Microsystems, Inc. System and method for cross-platform application level power management
US6192455B1 (en) * 1998-03-30 2001-02-20 Intel Corporation Apparatus and method for preventing access to SMRAM space through AGP addressing
US6374286B1 (en) * 1998-04-06 2002-04-16 Rockwell Collins, Inc. Real time processor capable of concurrently running multiple independent JAVA machines
US6298443B1 (en) 1998-04-24 2001-10-02 Dell Usa, L.P. Method and system for supplying a custom software image to a computer system
US6173417B1 (en) * 1998-04-30 2001-01-09 Intel Corporation Initializing and restarting operating systems
US6795966B1 (en) * 1998-05-15 2004-09-21 Vmware, Inc. Mechanism for restoring, porting, replicating and checkpointing computer systems using state extraction
US6496847B1 (en) * 1998-05-15 2002-12-17 Vmware, Inc. System and method for virtualizing computer systems
US6397242B1 (en) 1998-05-15 2002-05-28 Vmware, Inc. Virtualization system including a virtual machine monitor for a computer with a segmented architecture
FR2778998B1 (fr) 1998-05-20 2000-06-30 Schlumberger Ind Sa Procede d'authentification d'un code personnel d'un utilisateur d'une carte a circuit integre
EP0961193B1 (en) 1998-05-29 2010-09-01 Texas Instruments Incorporated Secure computing device
US6421702B1 (en) 1998-06-09 2002-07-16 Advanced Micro Devices, Inc. Interrupt driven isochronous task scheduler system
US6473800B1 (en) * 1998-07-15 2002-10-29 Microsoft Corporation Declarative permission requests in a computer system
US6339815B1 (en) * 1998-08-14 2002-01-15 Silicon Storage Technology, Inc. Microcontroller system having allocation circuitry to selectively allocate and/or hide portions of a program memory address space
US6505279B1 (en) * 1998-08-14 2003-01-07 Silicon Storage Technology, Inc. Microcontroller system having security circuitry to selectively lock portions of a program memory address space
JP2000076139A (ja) 1998-08-28 2000-03-14 Nippon Telegr & Teleph Corp <Ntt> 携帯型情報記憶媒体
US20020004900A1 (en) * 1998-09-04 2002-01-10 Baiju V. Patel Method for secure anonymous communication
US6363485B1 (en) * 1998-09-09 2002-03-26 Entrust Technologies Limited Multi-factor biometric authenticating device and method
US6463535B1 (en) 1998-10-05 2002-10-08 Intel Corporation System and method for verifying the integrity and authorization of software before execution in a local platform
US6230248B1 (en) 1998-10-12 2001-05-08 Institute For The Development Of Emerging Architectures, L.L.C. Method and apparatus for pre-validating regions in a virtual addressing scheme
US6609199B1 (en) * 1998-10-26 2003-08-19 Microsoft Corporation Method and apparatus for authenticating an open system application to a portable IC device
US6327652B1 (en) * 1998-10-26 2001-12-04 Microsoft Corporation Loading and identifying a digital rights management operating system
US7194092B1 (en) * 1998-10-26 2007-03-20 Microsoft Corporation Key-based secure storage
US6330670B1 (en) * 1998-10-26 2001-12-11 Microsoft Corporation Digital rights management operating system
US6138239A (en) * 1998-11-13 2000-10-24 N★Able Technologies, Inc. Method and system for authenticating and utilizing secure resources in a computer system
US6445797B1 (en) 1998-12-16 2002-09-03 Secure Choice Llc Method and system for performing secure electronic digital streaming
US6473508B1 (en) * 1998-12-22 2002-10-29 Adam Lucas Young Auto-recoverable auto-certifiable cryptosystems with unescrowed signature-only keys
US6463537B1 (en) 1999-01-04 2002-10-08 Codex Technologies, Inc. Modified computer motherboard security and identification system
US6671808B1 (en) 1999-01-15 2003-12-30 Rainbow Technologies, Inc. USB-compliant personal key
US6282650B1 (en) 1999-01-25 2001-08-28 Intel Corporation Secure public digital watermark
US6560627B1 (en) * 1999-01-28 2003-05-06 Cisco Technology, Inc. Mutual exclusion at the record level with priority inheritance for embedded systems using one semaphore
US7111290B1 (en) * 1999-01-28 2006-09-19 Ati International Srl Profiling program execution to identify frequently-executed portions and to assist binary translation
US6188257B1 (en) * 1999-02-01 2001-02-13 Vlsi Technology, Inc. Power-on-reset logic with secure power down capability
EP1030237A1 (en) 1999-02-15 2000-08-23 Hewlett-Packard Company Trusted hardware device in a computer
EP1161716B1 (en) * 1999-02-15 2013-11-27 Hewlett-Packard Development Company, L.P. Trusted computing platform
US6272533B1 (en) 1999-02-16 2001-08-07 Hendrik A. Browne Secure computer system and method of providing secure access to a computer system including a stand alone switch operable to inhibit data corruption on a storage device
US7225333B2 (en) * 1999-03-27 2007-05-29 Microsoft Corporation Secure processor architecture for use with a digital rights management (DRM) system on a computing device
US6615278B1 (en) * 1999-03-29 2003-09-02 International Business Machines Corporation Cross-platform program, system, and method having a global registry object for mapping registry equivalent functions in an OS/2 operating system environment
US6684326B1 (en) * 1999-03-31 2004-01-27 International Business Machines Corporation Method and system for authenticated boot operations in a computer system of a networked computing environment
US6651171B1 (en) * 1999-04-06 2003-11-18 Microsoft Corporation Secure execution of program code
US6389537B1 (en) * 1999-04-23 2002-05-14 Intel Corporation Platform and method for assuring integrity of trusted agent communications
US6275933B1 (en) 1999-04-30 2001-08-14 3Com Corporation Security system for a computerized apparatus
EP1055989A1 (en) 1999-05-28 2000-11-29 Hewlett-Packard Company System for digitally signing a document
EP1056014A1 (en) 1999-05-28 2000-11-29 Hewlett-Packard Company System for providing a trustworthy user interface
US6321314B1 (en) 1999-06-09 2001-11-20 Ati International S.R.L. Method and apparatus for restricting memory access
US6633981B1 (en) 1999-06-18 2003-10-14 Intel Corporation Electronic system and method for controlling access through user authentication
US6158546A (en) 1999-06-25 2000-12-12 Tenneco Automotive Inc. Straight through muffler with conically-ended output passage
US6301646B1 (en) 1999-07-30 2001-10-09 Curl Corporation Pointer verification system and method
US6529909B1 (en) * 1999-08-31 2003-03-04 Accenture Llp Method for translating an object attribute converter in an information services patterns environment
JP2001148344A (ja) 1999-09-09 2001-05-29 Nikon Corp 露光装置、エネルギ源の出力制御方法、該方法を用いるレーザ装置、及びデバイス製造方法
EP1085396A1 (en) 1999-09-17 2001-03-21 Hewlett-Packard Company Operation of trusted state in computing platform
US6535988B1 (en) * 1999-09-29 2003-03-18 Intel Corporation System for detecting over-clocking uses a reference signal thereafter preventing over-clocking by reducing clock rate
US6374317B1 (en) * 1999-10-07 2002-04-16 Intel Corporation Method and apparatus for initializing a computer interface
US6292874B1 (en) 1999-10-19 2001-09-18 Advanced Technology Materials, Inc. Memory management method and apparatus for partitioning homogeneous memory and restricting access of installed applications to predetermined memory ranges
EP1269425A2 (en) 2000-02-25 2003-01-02 Identix Incorporated Secure transaction system
AU2001243365A1 (en) 2000-03-02 2001-09-12 Alarity Corporation System and method for process protection
JP3710671B2 (ja) * 2000-03-14 2005-10-26 シャープ株式会社 1チップマイクロコンピュータ及びそれを用いたicカード、並びに1チップマイクロコンピュータのアクセス制御方法
CA2341931C (en) 2000-03-24 2006-05-30 Contentguard Holdings, Inc. System and method for protection of digital works
US6507904B1 (en) * 2000-03-31 2003-01-14 Intel Corporation Executing isolated mode instructions in a secure system running in privilege rings
US6678825B1 (en) * 2000-03-31 2004-01-13 Intel Corporation Controlling access to multiple isolated memories in an isolated execution environment
US6996710B1 (en) * 2000-03-31 2006-02-07 Intel Corporation Platform and method for issuing and certifying a hardware-protected attestation key
US6633963B1 (en) 2000-03-31 2003-10-14 Intel Corporation Controlling access to multiple memory zones in an isolated execution environment
US7013481B1 (en) * 2000-03-31 2006-03-14 Intel Corporation Attestation key memory device and bus
US6990579B1 (en) * 2000-03-31 2006-01-24 Intel Corporation Platform and method for remote attestation of a platform
US20010056533A1 (en) 2000-06-23 2001-12-27 Peter Yianilos Secure and open computer platform
US6594736B1 (en) * 2000-08-15 2003-07-15 Src Computers, Inc. System and method for semaphore and atomic operation management in a multiprocessor
GB0020416D0 (en) * 2000-08-18 2000-10-04 Hewlett Packard Co Trusted system
GB0020441D0 (en) 2000-08-18 2000-10-04 Hewlett Packard Co Performance of a service on a computing platform
KR100613201B1 (ko) * 2000-08-28 2006-08-18 마이크로코넥트 엘엘씨 씨피유 사용량 측정 방법
ATE479930T1 (de) * 2000-09-21 2010-09-15 Research In Motion Ltd System und verfahren zum unterschreiben eines software-kodes
US6938164B1 (en) * 2000-11-22 2005-08-30 Microsoft Corporation Method and system for allowing code to be securely initialized in a computer
US7036023B2 (en) * 2001-01-19 2006-04-25 Microsoft Corporation Systems and methods for detecting tampering of a computer system by calculating a boot signature
DE10296460T5 (de) * 2001-03-27 2004-04-22 Danfoss A/S Motoraktuator mit Momentregelung
US7272831B2 (en) * 2001-03-30 2007-09-18 Intel Corporation Method and apparatus for constructing host processor soft devices independent of the host processor operating system
FR2822971A1 (fr) * 2001-04-03 2002-10-04 St Microelectronics Sa Systeme et procede de controle d'acces a des donnees protegees stockees dans une memoire
US7631160B2 (en) * 2001-04-04 2009-12-08 Advanced Micro Devices, Inc. Method and apparatus for securing portions of memory
US6976136B2 (en) * 2001-05-07 2005-12-13 National Semiconductor Corporation Flash memory protection scheme for secured shared BIOS implementation in personal computers with an embedded controller
US7676430B2 (en) * 2001-05-09 2010-03-09 Lenovo (Singapore) Ptd. Ltd. System and method for installing a remote credit card authorization on a system with a TCPA complaint chipset
EP1271277A3 (en) 2001-06-26 2003-02-05 Redstrike B.V. Security system and software to prevent unauthorized use of a computing device
US20030002668A1 (en) * 2001-06-30 2003-01-02 Gary Graunke Multi-level, multi-dimensional content protections
US20030018892A1 (en) * 2001-07-19 2003-01-23 Jose Tello Computer with a modified north bridge, security engine and smart card having a secure boot capability and method for secure booting a computer
US7191440B2 (en) * 2001-08-15 2007-03-13 Intel Corporation Tracking operating system process and thread execution and virtual machine execution in hardware or in a virtual machine monitor
US7484105B2 (en) * 2001-08-16 2009-01-27 Lenovo (Singapore) Ptd. Ltd. Flash update using a trusted platform module
FR2830147B1 (fr) 2001-09-24 2003-10-31 Gemplus Card Int Procede et dispositif de la verification de la detention d'une donnee confidentielle sans communication de celle-ci, selon un processus dit de "a divulgation nulle"
US7103529B2 (en) * 2001-09-27 2006-09-05 Intel Corporation Method for providing system integrity and legacy environment emulation
US7191464B2 (en) * 2001-10-16 2007-03-13 Lenovo Pte. Ltd. Method and system for tracking a secure boot in a trusted computing environment
JP4019266B2 (ja) * 2001-10-25 2007-12-12 日本電気株式会社 データ送信方法
DE10158531B4 (de) * 2001-11-29 2006-09-28 Universitätsklinikum Freiburg Verfahren zur Messung der Magnetresonanz (NMR) mittels Spin-Echos
US7103771B2 (en) * 2001-12-17 2006-09-05 Intel Corporation Connecting a virtual token to a physical token
US20030126453A1 (en) * 2001-12-31 2003-07-03 Glew Andrew F. Processor supporting execution of an authenticated code instruction
US7308576B2 (en) * 2001-12-31 2007-12-11 Intel Corporation Authenticated code module
US7107460B2 (en) * 2002-02-15 2006-09-12 International Business Machines Corporation Method and system for securing enablement access to a data security device
US7631196B2 (en) 2002-02-25 2009-12-08 Intel Corporation Method and apparatus for loading a trustable operating system
US7130999B2 (en) * 2002-03-27 2006-10-31 Intel Corporation Using authentication certificates for authorization
US7343493B2 (en) 2002-03-28 2008-03-11 Lenovo (Singapore) Pte. Ltd. Encrypted file system using TCPA
US7028149B2 (en) * 2002-03-29 2006-04-11 Intel Corporation System and method for resetting a platform configuration register
US20030226040A1 (en) * 2002-06-03 2003-12-04 International Business Machines Corporation Controlling access to data stored on a storage device of a trusted computing platform system
US20030231328A1 (en) * 2002-06-07 2003-12-18 Xerox Corporation Multiple printer driver
US6879574B2 (en) 2002-06-24 2005-04-12 Nokia Corporation Mobile mesh Ad-Hoc networking
US6996748B2 (en) 2002-06-29 2006-02-07 Intel Corporation Handling faults associated with operation of guest software in the virtual-machine architecture
US7165181B2 (en) * 2002-11-27 2007-01-16 Intel Corporation System and method for establishing trust without revealing identity
US7318141B2 (en) 2002-12-17 2008-01-08 Intel Corporation Methods and systems to control virtual machines
US20040128345A1 (en) * 2002-12-27 2004-07-01 Robinson Scott H. Dynamic service registry
US7962545B2 (en) * 2002-12-27 2011-06-14 Intel Corporation Dynamic service registry for virtual machines
US7624272B2 (en) * 2003-03-31 2009-11-24 Intel Corporation Platform information for digital signatures
US20050021968A1 (en) * 2003-06-25 2005-01-27 Zimmer Vincent J. Method for performing a trusted firmware/bios update
US7299354B2 (en) * 2003-09-30 2007-11-20 Intel Corporation Method to authenticate clients and hosts to provide secure network boot
US7366305B2 (en) * 2003-09-30 2008-04-29 Intel Corporation Platform and method for establishing trust without revealing identity
US7797544B2 (en) * 2003-12-11 2010-09-14 Microsoft Corporation Attesting to establish trust between computer entities
US20050137889A1 (en) * 2003-12-18 2005-06-23 Wheeler David M. Remotely binding data to a user device
EP1737108A1 (en) * 2005-06-20 2006-12-27 Yi-Yin Lin Bicycle generator with a plurality of wound poles

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0849657A1 (en) * 1996-12-18 1998-06-24 NCR International, Inc. Secure data processing method and system
US5953502A (en) * 1997-02-13 1999-09-14 Helbig, Sr.; Walter A Method and apparatus for enhancing computer system security
WO2000010283A1 (en) * 1998-08-14 2000-02-24 Intel Corporation Digital content protection using a secure booting method and apparatus
WO2002003196A2 (en) * 2000-06-30 2002-01-10 Intel Corporation Protection of boot block data and accurate reporting of boot block contents
CN1334521A (zh) * 2000-07-24 2002-02-06 索尼公司 信息处理方法、任务间通信方法及其计算机可执行程序

Also Published As

Publication number Publication date
HK1068178A1 (en) 2005-04-22
DE10397004A5 (de) 2014-01-30
US7631196B2 (en) 2009-12-08
US20030163723A1 (en) 2003-08-28
CN1723465A (zh) 2006-01-18
AU2003213080A8 (en) 2003-09-09
US8386788B2 (en) 2013-02-26
DE10392320T5 (de) 2005-02-17
GB2402521A (en) 2004-12-08
AU2003213080A1 (en) 2003-09-09
WO2003073269A2 (en) 2003-09-04
GB0419314D0 (en) 2004-09-29
DE10397004B4 (de) 2024-01-11
WO2003073269A3 (en) 2004-09-23
US20100058076A1 (en) 2010-03-04
DE10392320B4 (de) 2011-02-24
DE10394383B4 (de) 2014-01-16
US20100058075A1 (en) 2010-03-04
US8407476B2 (en) 2013-03-26
GB2402521B (en) 2005-10-12

Similar Documents

Publication Publication Date Title
CN100423013C (zh) 加载可信操作系统的方法和装置
Williams et al. Device Driver Safety Through a Reference Validation Mechanism.
KR102255767B1 (ko) 가상 머신 감사를 위한 시스템 및 방법들
EP1761850B1 (en) Support for nested faults in a virtual machine environment
TWI230860B (en) Integrated system management memory for system management interrupt handler independent of BIOS and operating system
RU2263343C2 (ru) Механизм для управления внешними прерываниями в системе виртуальных машин
US6480952B2 (en) Emulation coprocessor
KR101740224B1 (ko) 불법 모드 변경처리
US20100257608A1 (en) Apparatus and method for preventing virus code execution
US7730249B2 (en) Device control apparatus that calls an operating system to control a device
WO2015072689A1 (ko) 안티디버깅 방법
CN102592082A (zh) 通过操作码随机化的安全
EP3436947B1 (en) Secure driver platform
US7287197B2 (en) Vectoring an interrupt or exception upon resuming operation of a virtual machine
US5371857A (en) Input/output interruption control system for a virtual machine
US20050114578A1 (en) Secure software SMI dispatching using caller address
JPS60171552A (ja) アドレス変換処理方法
CN113569245A (zh) 处理装置、嵌入式系统、片上系统以及安全控制方法
EP0290942B1 (en) Guest machine execution control system for virtual machine system
US20090007124A1 (en) Method and mechanism for memory access synchronization
EP3646216B1 (en) Methods and devices for executing trusted applications on processor with support for protected execution environments
CN107239415B (zh) 一种执行临界区操作的方法及装置
CN111382107B (zh) 一种应用处理器、协处理器及数据处理设备
US7451300B1 (en) Explicit control of speculation
CN111382442B (zh) 一种应用处理器、协处理器及数据处理设备

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CX01 Expiry of patent term
CX01 Expiry of patent term

Granted publication date: 20081001