Method and apparatus for the secure processing of confidential content within a virtual machine of a processor

摘要

A secure virtual machine system, method, and computer program product implemented on a processor are provided for processing a third party's content for output. At least one processor is provided. Additionally, at least one secure virtual machine implemented on the processor is provided for interpreting a second party's program that processes and outputs a third party's content. The virtual machine system abstracts the underlying processor hardware allowing implementation variations across products to execute the same program identically. Furthermore, the scope of the programmable operations, the types of input & output variables, and execution of programs within the processor, is deliberately constrained within the virtual machine environment, in order to mitigate potential security leaks by programs, and to ensure confidentiality of second party's secrets, and third party's content as managed by the second party's program.

主权项

1. An apparatus, comprising:
at least one processor; at least one secure virtual machine of a first party implemented on the processor for processing a program of a second party; and a computer readable medium storing the program of the second party for execution by the at least one secure virtual machine of the first party for processing content of a third party for output; wherein the apparatus is operable such that the program of the second party is used within the at least one secure virtual machine of the first party by an application of the second party to decrypt the content of the third party, and wherein the content of the third party is received from the application for the decrypting of the content of the third party by the program of the second party within the at least one secure virtual machine of the first party.