Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Information assurance system for secure program execution

一种安全地、安全的技术,应用在程序控制装置、数字数据保护、内部/外围计算机组件保护等方向,能够解决大量、成本高、范围限制等问题

Active Publication Date: 2017-11-14
THE BOEING CO
View PDF10 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, secure cryptographic processors are typically used to protect relatively small amounts of information, and are often limited in the extent of information they can protect
Scaling a secure cryptographic processor to larger applications would be cost-prohibitive and require significant dedicated resources
Additionally, secure cryptographic processors are fixed in silicon, presenting maintenance and update challenges
Any successful attack on the system will require the redevelopment and modification of a large amount of potentially expensive hardware

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Information assurance system for secure program execution
  • Information assurance system for secure program execution
  • Information assurance system for secure program execution

Examples

Experimental program
Comparison scheme
Effect test

example

[0077] This example will assume a 128-bit block size with 64-bit data, 32-bit checksum and 32-bit random data. For example, plaintext blocks can be arranged as follows: [64 bits of data] [32 bits of random] [32 bits of checksum]. These selections are for illustration only. Different values ​​can be chosen in practical implementations to achieve different security and performance goals.

[0078] 1. Issue a CPU instruction to store 32 bits in storage location 0x100.

[0079] 2. The memory used by the Enhanced Security CPU emulator is divided into 128-bit (ie 16-byte) chunks. Each chunk contains eight bytes of actual data.

[0080] 3. Since we store 32 bits, we know that the bytes 0x100, 0x101, 0x102, and 0x103 are involved. This is what the program sees.

[0081] 4. More specifically, we know that due to the message expansion factor, the actual memory locations 0x200, 0x202, 0x204, and 0x206 are involved.

[0082] 5. From 128-bit encryption, we know that 0x0-0xF is one blo...

Embodiment approach

[0163] Item 1. A computer system for securely executing software instructions, the computer system comprising:

[0164] a first processor having a plurality of hardware registers;

[0165] storage; and

[0166] An emulator program, comprising a plurality of instructions stored in memory, executable by the first processor to:

[0167] emulating a second processor;

[0168] emulating execution of a plurality of native machine instructions on the second processor, the native machine instructions being native to the second processor; and

[0169] Emulating execution of a plurality of secure machine instructions on a second processor, the secure machine instructions being non-native to the second processor and including one or more opcodes configured to ensure that operands associated with the opcodes The unencrypted value of the data is only stored in one or more of the first processor's hardware registers.

[0170] Item 2. The computer system of item 1, wherein the emulated s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

An information assurance system for secure program execution is disclosed. The enhanced information assurance system may comprise an improved computer (12) including a central processing unit (CPU) (16) emulator configured to extend the available machine instruction set. The CPU emulator may be configured to emulate machine language instructions taken from a nonnative set of secure opcodes. The CPU emulator may ensure that instructions and data (36) in a random access memory (RAM) (14) remain encrypted at all times when in RAM, for example by storing the instructions (38) and data (36) in CPU registers (18) when decrypted on an as-needed basis.

Description

technical field [0001] The present disclosure relates to apparatus and methods for maintaining data and program security during code execution. Background technique [0002] In modern computer programs, whether on standard desktops or critical real-time embedded systems, protecting critical data and technology is paramount in today's threat-rich environment. This task becomes increasingly difficult when potential attackers have large budgets, direct access to target systems, and ample time. [0003] Computer programs that perform critical functions (e.g., control of nuclear power plants, surgical robots, autonomous weapon systems, etc.) are generally protected by isolation from other computers and computer programs that could extract critical data or impair their behavior and performance. In practice, the "criticality" of computer programs ranges from jeopardy that may cause inconvenience to users, to jeopardy that may cause temporary loss of critical infrastructure and ser...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/74G06F21/72
CPCG06F21/72G06F21/74G06F21/71G06F2221/2107G06F2221/2125G06F9/455G06F21/109G06F21/53G06F21/64G06F2221/2149
Inventor 罗伯特·W·德尼尔
Owner THE BOEING CO
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com