SECURE DATA PROCESSING

摘要

A secure data processing apparatus and a method are disclosed. The secure data processing apparatus is operable to securely process user data provided by a user and includes a trusted domain having a trusted bus; a trusted domain controller coupling the trusted bus with an untrusted bus of an untrusted domain, the trusted domain controller being operable to ensure that encrypted incoming user data received over the untrusted bus is decrypted and provided over the trusted bus as the incoming user data and to ensure that outgoing user data is encrypted and provided over the untrusted bus as encrypted outgoing data. The trusted domain controller that only encrypted data is provided in the untrusted domain reducing the chance of the data being compromised. The trusted domain controller ensures that access to the unencrypted data within the trusted domain can be avoided. The confidentiality of the data can be assured without performance shortfalls.

主权项

1. A secure data processing apparatus operable to securely process user data provided by a user, said secure data processing apparatus comprising:
a trusted domain comprising a trusted bus coupled with a trusted data processing apparatus operable to process incoming user data received over said trusted bus and to generate outgoing user data; a trusted domain controller coupling said trusted bus with an untrusted bus of an untrusted domain, said trusted domain controller being operable to ensure that encrypted incoming user data received over said untrusted bus is decrypted and provided over said trusted bus as said incoming user data and to ensure that outgoing user data is encrypted and provided over said untrusted bus as encrypted outgoing data, wherein said trusted domain controller is operable, in response to a request to reconfigure said trusted domain, to delete user data within said trusted domain.