| 主权项 |
1. An apparatus providing for a secure execution environment, comprising:
an x86-compatible microprocessor, capable of executing all of the instructions in the x86 instruction set, and configured to execute non-secure application programs and a secure application program, wherein said non-secure application programs are accessed from a system memory via a system bus, and wherein said x86-compatible microprocessor is also configured to automatically transition to a degraded mode where BIOS instructions are allowed to execute in order to allow for user input and the display of messages, but the execution of more complicated software such as an operating system is not allowed, said x86-compatible microprocessor comprising:
a cryptographic unit, configured to encrypt said secure application program according to a symmetric key algorithm using a processor unique cryptographic key, wherein said processor unique cryptographic key can only be read by said cryptographic unit; anda plurality of timers which are visible and accessible only by said secure application program when executing in a secure execution mode; and a secure non-volatile memory, coupled to said x86-compatible microprocessor via a private bus, configured to store said secure application program in encrypted form, wherein transactions over said private bus between said x86-compatible microprocessor and said secure non-volatile memory are isolated from said system bus, said system memory, and corresponding system bus resources within said x86-compatible microprocessor.
|
