End-to-end security for hardware running verified software

End-to-end security for hardware running verified software

Some embodiments relate to end-to-end security for hardware running verified software. The verified software system may be executable on secure hardware. Before being executed, the software system may be validated as compliant with software specifications. First credentials that prove the identity o...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: ZILL BRIAN D, LORCH JACOB R, PARNO BRYAN, HOWELL JONATHAN R, HAWBLITZEL CHRIS
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Some embodiments relate to end-to-end security for hardware running verified software. The verified software system may be executable on secure hardware. Before being executed, the software system may be validated as compliant with software specifications. First credentials that prove the identity of the software system may be sent to an external application. A second credential signed by the provider of the secure hardware may be sent to the external application. The second credential may attestation the identity of the secure hardware. An external application may securely exchange one or more messages with a software application of a software system. For example, one or more messages may be decrypted only by an external application and a software application to provide confidentiality for each message. As another example, attestation may secure the identity of the sender of each of the one or more messages to attestation the integrity of each message. 一些实施例涉及针对运行已验证软件的硬件的端到端安全性。已验证软件系统可以在安全硬件上可执行。在被执行之前,软件系