摘要 |
Aspects of a virtualized security processor are described herein. In various embodiments, one or more virtual security modules may be instantiated at a port interface between a security module and a processing environment of a host device. In one embodiment, a virtual security module is instantiated for each service of the host device. Each virtual security module is configured for at least one command supported by the security module for an associated service of the host device. After being configured, a virtual security module may receive a security command request from an associated service and, before submitting the security command request to the security module, verify and prioritize the security command request. In certain aspects, the use of virtual security modules assists the host device to interface multiple services with the security module, while prioritizing tasks for and offloading certain tasks from the security module. |
主权项 |
1. A method, comprising:
initializing, with a host device, an interface between the host device and a security module; instantiating, for a service of the host device, a virtual security module of the interface; configuring, for at least one command supported by the security module for the service of the host device, a command for the virtual security module; receiving, by the virtual security module, a security command request from the service; and before submitting the security command request to the security module, verifying and prioritizing the security command request with the virtual security module. |