公开(公告)号：HK1050253A1

公开(公告)日：2003-06-13

申请号：HK03102193

申请日：2003-03-26

Applicant: INTEL CORP

Inventor： ELLISON CARL M ,  GOLLIVER ROGER A ,  HERBERT HOWARD C ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

IPC: G06F21/00 ,  G06F

Abstract: An access transaction generated by a processor is configured using a configuration storage containing a configuration setting. The processor has a normal execution mode and an isolated execution mode. The access transaction has access information. Access to the configuration storage is controlled. An access grant signal is generated using the configuration setting and the access information. The access grant signal indicates if the access transaction is valid.

公开(公告)号：HK1049721A1

公开(公告)日：2003-05-23

申请号：HK03102699

申请日：2003-04-14

Applicant: INTEL CORP

Inventor： ELLISON CARL M ,  GOLLIVER ROGER A ,  HERBERT HOWARD C ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  GILBERT NEIGER ,  KEN RENERIS ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MILLIND MITTAL

IPC: G06F21/22 ,  G06F21/00 ,  G09C1/00 ,  H04L9/08 ,  H04L9/10 ,  G06F

Abstract: The present invention is a method, apparatus, and system to generate a key hierarchy for use in an isolated execution environment of a protected platform. In order to bind secrets to particular code operating in isolated execution, a key hierarchy comprising a series of symmetric keys for a standard symmetric cipher is utilized. The protected platform includes a processor that is configured in one of a normal execution mode and an isolated execution mode. A key storage stores an initial key that is unique for the platform. A cipher key creator located in the protected platform creates the hierarchy of keys based upon the initial key. The cipher key creator creates a series of symmetric cipher keys to protect the secrets of loaded software code.

公开(公告)号：GB2377795A

公开(公告)日：2003-01-22

申请号：GB0225052

申请日：2001-03-23

Applicant: INTEL CORP

Inventor： ELLISON CARL M ,  GOLLIVER ROGER A ,  HERBERT HOWARD C ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

IPC: G06F9/46 ,  G06F1/00 ,  G06F9/48 ,  G06F21/00

Abstract: A technique is provided to execute isolated instructions according to an embodiment of the present invention. An execution unit executes an isolated instruction in a processor operating in a platform. The processor is configured in one of a normal execution mode and an isolated execution mode. A parameter storage containing at least one parameter to support execution of the isolated instruction when the processor is configured in the isolated execution mode.

公开(公告)号：GB2377793A

公开(公告)日：2003-01-22

申请号：GB0225049

申请日：2001-03-14

Applicant: INTEL CORP

Inventor： ELLISON CARL M ,  GOLLIVER ROGER A ,  HERBERT HOWARD C ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  PORSCHE AKTIENGESELLSCHAFT DR ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

IPC: G06F21/00 ,  G06F12/14

Abstract: An access transaction generated by a processor is configured using a configuration storage containing a configuration setting. The processor has a normal execution mode and an isolated execution mode. The access transaction has access information. Access to the configuration storage is controlled. An access grant signal is generated using the configuration setting and the access information. The access grant signal indicates if the access transaction is valid.

公开(公告)号：AU4939501A

公开(公告)日：2001-10-15

申请号：AU4939501

申请日：2001-03-23

Applicant: INTEL CORP

Inventor： ELLISON CARL M ,  GOLLIVER ROGER A ,  HERBERT HOWARD C ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

IPC: G06F9/46 ,  G06F1/00 ,  G06F9/48 ,  G06F21/00

Abstract: A technique is provided to execute isolated instructions according to an embodiment of the present invention. An execution unit executes an isolated instruction in a processor operating in a platform. The processor is configured in one of a normal execution mode and an isolated execution mode. A parameter storage containing at least one parameter to support execution of the isolated instruction when the processor is configured in the isolated execution mode.

公开(公告)号：DE19782169C2

公开(公告)日：2001-09-06

申请号：DE19782169

申请日：1997-11-25

Applicant: INTEL CORP

Inventor： HERBERT HOWARD C ,  DAVIS DEREK L

IPC: G06F12/10 ,  G06F1/00 ,  G06F12/14 ,  G06F21/00 ,  G06F21/22 ,  G06F21/24 ,  G09C1/00 ,  H04L9/00 ,  H04L9/10 ,  H04L9/32

Abstract: A method and system for maintaining integrity and confidentiality of pages paged to an external storage unit from a physically secure environment. An outgoing page is selected to be exported from a physically secure environment to an insecure environment. An integrity check value is generated and stored for the outgoing page. In one embodiment, this takes the form of taking a one-way hash of the page using a well-known one-way hash function. The outgoing page is then encrypted using a cryptographically strong encryption algorithm. Among the algorithms that might be used in one embodiment of the invention are IDEA and DES. The encrypted outgoing page is then exported to the external storage. By virtue of the encryption and integrity check, the security of the data on the outgoing page is maintained in the insecure environment.