Invention Grant
- Patent Title: Apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment
- Patent Title (中): 在多处理器环境中单方面加载安全操作系统的装置和方法
-
Application No.: US11340181Application Date: 2006-01-24
-
Publication No.: US07921293B2Publication Date: 2011-04-05
- Inventor: Michael A. Kozuch , James A. Sutton, II , David Grawrock , Gilbert Neiger , Richard A. Uhlig , Bradley G. Burgess , David I. Poisner , Clifford D. Hall , Andy Glew , Lawrence O. Smith, III , Robert George
- Applicant: Michael A. Kozuch , James A. Sutton, II , David Grawrock , Gilbert Neiger , Richard A. Uhlig , Bradley G. Burgess , David I. Poisner , Clifford D. Hall , Andy Glew , Lawrence O. Smith, III , Robert George
- Applicant Address: US CA Santa Clara
- Assignee: Intel Corporation
- Current Assignee: Intel Corporation
- Current Assignee Address: US CA Santa Clara
- Agency: Blakely, Sokoloff, Taylor & Zafman LLP
- Main IPC: H04L9/00
- IPC: H04L9/00 ; G06F21/00
Abstract:
An apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment are described. The method includes disregarding a received load secure region instruction when a currently active load secure region operation is detected. Otherwise, a memory protection element is directed, in response to the received load secure region instruction, to form a secure memory environment. Once directed, unauthorized read/write access to one or more protected memory regions are prohibited. Finally, a cryptographic hash value of the one or more protected memory regions is stored within a digest information repository as a secure software identification value. Once stored, outside agents may request access to a digitally signed software identification value to establish security verification of secure software within the secure memory environment.
Public/Granted literature
Information query
