Secure host communications

摘要

A trusted device includes a secure interface and a host interface, the secure interface being isolated from the host interface by an isolated environment. A user provides a communication to the trusted device via the secure interface. A processor of the isolated environment encrypts the communication and transmits the encrypted communication to a read file of the host interface. A host device connected to the trusted device via the host interface receives the encrypted communication. The host device transmits the encrypted communication to a second host device that is connected to a second trusted device via a second host interface. The second host device transmits the encrypted communication to a write file of the second host interface. A processor in an isolated environment of the second trusted device decrypts the communication and provides the decrypted communication to a second user via a secure interface of the second trusted device.

主权项

1. A computer-implemented method for secure communication, comprising:
receiving, by a first trusted computing device associated with a first host computing device, a first communication from a first user, the first communication being received through a first secure interface of the first trusted computing device, wherein the first secure interface is isolated from a host interface of the first trusted computing device; encrypting, by the first trusted computing device and in a first isolated environment of the first trusted computing device, the first communication from the first user, wherein the first isolated environment is not directly accessible to the first host device; transmitting, by the first trusted computing, the encrypted first communication to a first read file of the host interface of the first trusted computing device, wherein the encrypted first communication is available to the first host computing device in the first read file of the first trusted computing device; receiving, by a second trusted computing device associated with a second host computing device, the encrypted first communication, wherein the encrypted first communication is received in a first write file of a host interface of the second trusted computing device and wherein the second host computing device is separate from the first host computing device; decrypting, by the second trusted computing device, the encrypted first communication of the first user received in the first write file of a host interface of the second trusted computing device, wherein the encrypted first communication is decrypted in a second isolated environment of the second trusted computing device, the second isolated environment being not directly accessible to the host interface of the second trusted computing device and transmitting, by the second trusted computing device, the decrypted first communication to a second user, wherein the decrypted first communication is transmitted to the second user through a second secure interface of the second trusted computing device, the second secure interface being isolated from the host interface of the second trusted computing device.