CRYPTOGRAPHIC COMPUTING IN MULTITENANT ENVIRONMENTS
| Registre | Brevet USPTO |
|---|---|
| Numéro d'application | 17791000 |
| Statut | En instance |
| Date de dépôt | 2020-12-26 |
| Date de la première publication | 2023-01-26 |
| Date de publication | 2023-01-26 |
| Propriétaire | Intel Corporation (USA) |
| Inventeur(s) |
|
Abrégé
A processor, a system, a machine readable medium, and a method. The processor comprises first circuitry to: encrypt a first code image using a first code key; load the encrypted first code image into a memory area allocated in memory for the first code image by an operating system miming on the processor; and send to the operating system a substitute key that corresponds to the first code key, wherein the first code key is concealed from the operating system; and an instruction cache including control circuitry; and second circuitry coupled to the instruction cache, the second circuitry to: receive the substitute key from the operating system; in response to a first request from the operating system to execute the first code image to instantiate a first process, perform a first cryptographic function using a hardware key to generate the first code key from the substitute key; and program the control circuitry of the instruction cache with the first code key to enable the first code image to be decrypted using the first code key.Classes IPC ?
- G06F 21/60 - Protecting data
- G06F 21/79 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
- G06F 21/54 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by adding security routines or objects to programs