Computer architecture for an electronic device providing SLS access to MLS file system with trusted loading and protection of program execution memory
US8041947B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 23, 2006 |
| Grant date | Oct 18, 2011 |
| Priority date | — |
| Expiry date | Oct 8, 2028 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/78
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
System for providing a secure file service includes an MLS file service module (300) comprised of a cryptographic processor (302). The MLS file service module also includes an MLS file system (301) hosted by the cryptographic processor. A secure user processor (402) includes programming and communications hardware for requesting at least one classified file from the MLS file service module. The cryptographic processor includes cryptographic hardware and software to decrypt the classified file. The cryptographic processor is also performs an integrity check on the classified file. Once the file is decrypted and its integrity checked by the cryptographic processor, the MLS file service module serves the classified file to the secure user processor in decrypted form. If the classified file is an executable file, the method also includes selectively enabling a write function for program memory of the secure user processor. This write function is disabled immediately after the classified executable file has been loaded into the program memory to guard against self modifying programs.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.