Secure encryption key management in trust domains
US11138320B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 20, 2018 |
| Grant date | Oct 5, 2021 |
| Priority date | — |
| Expiry date | Mar 31, 2040 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2212/657
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Implementations describe providing secure encryption key management in trust domains. In one implementation, a processing device includes a key ownership table (KOT) that is protected against software access. The processing device further includes a processing core to execute a trust domain resource manager (TDRM) to create a trust domain (TD) and a randomly-generated encryption key corresponding to the TD, the randomly-generated encryption key identified by a guest key identifier (GKID) and protected against software access from at least one of the TDRM or other TDs, the TDRM is to reference the KOT to obtain at least one unassigned host key identifier (HKID) utilized to encrypt a TD memory, the TDRM is to assign the HKID to the TD by marking the HKID in the KOT as assigned, and configure the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the HKID.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.