Techniques for coordinating device boot security

Techniques for coordinating device boot security

Techniques for providing and maintaining protection of firmware routines that form part of a chain of trust through successive processing environments. An apparatus may include a first processor component (550); a volatile storage (562) coupled to the first processor component; an enclave component...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Poornachandran, Rajesh, Zimmer, Vincent J, Yao, Jiewen, Mudusuru, Giri P, Li, Wei
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title
container_volume
creator Poornachandran, Rajesh
Zimmer, Vincent J
Yao, Jiewen
Mudusuru, Giri P
Li, Wei
description Techniques for providing and maintaining protection of firmware routines that form part of a chain of trust through successive processing environments. An apparatus may include a first processor component (550); a volatile storage (562) coupled to the first processor component; an enclave component to, in a pre-OS operating environment, generate a secure enclave within a portion of the volatile storage to restrict access to a secured firmware loaded into the secure enclave; a first firmware driver (646) to, in the pre-OS operating environment, provide a first API to enable unsecured firmware to call a support routine of the secured firmware from outside the secure enclave; and a second firmware driver (647) to, in an OS operating environment that replaces the pre-OS operating environment, provide a second API to enable an OS of the OS operating environment to call the support routine from outside the secure enclave.
format Patent
fullrecord <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US10747884B2</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US10747884B2</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US10747884B23</originalsourceid><addsrcrecordid>eNrjZDAISU3OyMssLE0tVkjLL1JIzs8vSsnMSyzJzEtXSEkty0xOVUjKzy9RKE5NLi3KLKnkYWBNS8wpTuWF0twMim6uIc4euqkF-fGpxQWJyal5qSXxocGGBuYm5hYWJk5GxsSoAQCVMiv2</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Techniques for coordinating device boot security</title><source>esp@cenet</source><creator>Poornachandran, Rajesh ; Zimmer, Vincent J ; Yao, Jiewen ; Mudusuru, Giri P ; Li, Wei</creator><creatorcontrib>Poornachandran, Rajesh ; Zimmer, Vincent J ; Yao, Jiewen ; Mudusuru, Giri P ; Li, Wei</creatorcontrib><description>Techniques for providing and maintaining protection of firmware routines that form part of a chain of trust through successive processing environments. An apparatus may include a first processor component (550); a volatile storage (562) coupled to the first processor component; an enclave component to, in a pre-OS operating environment, generate a secure enclave within a portion of the volatile storage to restrict access to a secured firmware loaded into the secure enclave; a first firmware driver (646) to, in the pre-OS operating environment, provide a first API to enable unsecured firmware to call a support routine of the secured firmware from outside the secure enclave; and a second firmware driver (647) to, in an OS operating environment that replaces the pre-OS operating environment, provide a second API to enable an OS of the OS operating environment to call the support routine from outside the secure enclave.</description><language>eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC DIGITAL DATA PROCESSING ; PHYSICS</subject><creationdate>2020</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20200818&amp;DB=EPODOC&amp;CC=US&amp;NR=10747884B2$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,309,782,887,25571,76555</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20200818&amp;DB=EPODOC&amp;CC=US&amp;NR=10747884B2$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Poornachandran, Rajesh</creatorcontrib><creatorcontrib>Zimmer, Vincent J</creatorcontrib><creatorcontrib>Yao, Jiewen</creatorcontrib><creatorcontrib>Mudusuru, Giri P</creatorcontrib><creatorcontrib>Li, Wei</creatorcontrib><title>Techniques for coordinating device boot security</title><description>Techniques for providing and maintaining protection of firmware routines that form part of a chain of trust through successive processing environments. An apparatus may include a first processor component (550); a volatile storage (562) coupled to the first processor component; an enclave component to, in a pre-OS operating environment, generate a secure enclave within a portion of the volatile storage to restrict access to a secured firmware loaded into the secure enclave; a first firmware driver (646) to, in the pre-OS operating environment, provide a first API to enable unsecured firmware to call a support routine of the secured firmware from outside the secure enclave; and a second firmware driver (647) to, in an OS operating environment that replaces the pre-OS operating environment, provide a second API to enable an OS of the OS operating environment to call the support routine from outside the secure enclave.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>PHYSICS</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2020</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZDAISU3OyMssLE0tVkjLL1JIzs8vSsnMSyzJzEtXSEkty0xOVUjKzy9RKE5NLi3KLKnkYWBNS8wpTuWF0twMim6uIc4euqkF-fGpxQWJyal5qSXxocGGBuYm5hYWJk5GxsSoAQCVMiv2</recordid><startdate>20200818</startdate><enddate>20200818</enddate><creator>Poornachandran, Rajesh</creator><creator>Zimmer, Vincent J</creator><creator>Yao, Jiewen</creator><creator>Mudusuru, Giri P</creator><creator>Li, Wei</creator><scope>EVB</scope></search><sort><creationdate>20200818</creationdate><title>Techniques for coordinating device boot security</title><author>Poornachandran, Rajesh ; Zimmer, Vincent J ; Yao, Jiewen ; Mudusuru, Giri P ; Li, Wei</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US10747884B23</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2020</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>PHYSICS</topic><toplevel>online_resources</toplevel><creatorcontrib>Poornachandran, Rajesh</creatorcontrib><creatorcontrib>Zimmer, Vincent J</creatorcontrib><creatorcontrib>Yao, Jiewen</creatorcontrib><creatorcontrib>Mudusuru, Giri P</creatorcontrib><creatorcontrib>Li, Wei</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Poornachandran, Rajesh</au><au>Zimmer, Vincent J</au><au>Yao, Jiewen</au><au>Mudusuru, Giri P</au><au>Li, Wei</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Techniques for coordinating device boot security</title><date>2020-08-18</date><risdate>2020</risdate><abstract>Techniques for providing and maintaining protection of firmware routines that form part of a chain of trust through successive processing environments. An apparatus may include a first processor component (550); a volatile storage (562) coupled to the first processor component; an enclave component to, in a pre-OS operating environment, generate a secure enclave within a portion of the volatile storage to restrict access to a secured firmware loaded into the secure enclave; a first firmware driver (646) to, in the pre-OS operating environment, provide a first API to enable unsecured firmware to call a support routine of the secured firmware from outside the secure enclave; and a second firmware driver (647) to, in an OS operating environment that replaces the pre-OS operating environment, provide a second API to enable an OS of the OS operating environment to call the support routine from outside the secure enclave.</abstract><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier
ispartof
issn
language eng
recordid cdi_epo_espacenet_US10747884B2
source esp@cenet
subjects CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
title Techniques for coordinating device boot security
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-03T21%3A32%3A45IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Poornachandran,%20Rajesh&rft.date=2020-08-18&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS10747884B2%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true