Patent · US Active

Secure memory isolation for secure endpoints

US12045471B2 · kind B2 · utility

2Cited by

7References

20Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Debapriya Chatterjee · Austin, US
Guerney D. H. Hunt · Yorktown Heights, US
Eric N. Lais · Tillson, US

Key dates

Filing date	Jul 27, 2021
Grant date	Jul 23, 2024
Priority date	—
Expiry date	Oct 7, 2041

Classification

Technology area (CPC G)Physics
CPC primaryG06F2213/28
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A single input/output (I/O) controller for both secure partitionable endpoints (PEs) and non-secure PEs is enabled in a trusted execution environment (TEE) where secure memory portions are isolated from non-secure PEs. Security attributes for certain endpoints indicate secure memory access privilege of owning entities of the certain endpoints. A security monitor has exclusive access to the address translation control tables (TCE) stored in secure memory associated with a secure endpoint. When owning entity reassignment occurs, the endpoints are reinitialized to support a change in ownership from an outgoing owning entity having secure memory access and an incoming owning entity not having secure memory access.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.