| 发明名称 |
SYSTEM AND METHOD FOR SUPPORTING SECURE OBJECTS USING A MEMORY ACCESS CONTROL MONITOR |
| 摘要 |
A processor in a computer system, the processor including a mechanism supporting a Secure Object that comprises information that is protected so that other software on said computer system cannot access or undetectably tamper with said information, thereby protecting both a confidentiality and an integrity of the Secure Object information while making the Secure Object information available to the Secure Object itself during execution of the Secure Object. The mechanism includes a crypto mechanism that decrypts and integrity-checks Secure Object information as said Secure Object information moves into the computer system from an external storage system, and encrypts and updates an integrity value for Secure Object information as said Secure Object information moves out of the computer system to the external storage system, and a memory protection mechanism that protects the confidentiality and integrity of Secure Object information when that information is in the memory of the computer system. |
| 申请公布号 |
US2016171250(A1) |
申请公布日期 |
2016.06.16 |
| 申请号 |
US201514839691 |
申请日期 |
2015.08.28 |
| 申请人 |
International Business Machines Corporation |
发明人 |
Boivie Richard Harold;Ekanadham Kattamuri;Goldman Kenneth Alan;Hall William Eric;Hunt Guerney D.;Jain Bhushan Pradip;Kapur Mohit;Pendarakis Dimitrios;Safford David Robert;Sandon Peter Anthony;Valdez Enriquillo |
| 分类号 |
G06F21/72;G06F21/64;G06F21/53;G06F21/62 |
主分类号 |
G06F21/72 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A processor in a computer system, said processor comprising a mechanism supporting a Secure Object that comprises information that is protected so that other software on said computer system cannot access or undetectably tamper with said information, thereby protecting both a confidentiality and an integrity of the Secure Object information while making the Secure Object information available to the Secure Object itself during execution of the Secure Object, wherein said mechanism comprises:
a crypto mechanism that decrypts and integrity-checks Secure Object information as said Secure Object information moves into the computer system from an external storage system, and encrypts and updates an integrity value for the Secure Object information as said Secure Object information moves out of the computer system to the external storage system; and a memory protection mechanism that protects the confidentiality and integrity of Secure Object information when that information is in the memory of the computer system. |
| 地址 |
Armonk NY US |
