Unlock instant, AI-driven research and patent intelligence for your innovation.

Secure data processing

A technology for secure data and secure processing, which is used in electrical digital data processing, secure communication devices, computer security devices, etc.

Inactive Publication Date: 2015-02-04
ALCATEL LUCENT SAS
View PDF5 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] A security solution to the problem of providing trusted remote computing sites must be technically efficient, yet affordable from a practical and implementation standpoint

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Secure data processing
  • Secure data processing
  • Secure data processing

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0078] overview

[0079] figure 1 Firewall enforcement domain 100 is generally shown implemented in system 10 . figure 1 The system shown in includes a firewall execution domain 100 , a common processing unit 20 , a common peripheral 30 and a common RAM 40 . Firewall Enforcement Domain (FDE) 100 includes Trusted Cryptography Unit (TCU) 110 , which is operable to encrypt and decrypt data leaving and entering FDE 100 . The FDE further includes a domain processing unit 120 , domain devices and peripherals 130 , and domain RAM 140 .

[0080] In any of the following CPUs, a peripheral, DMA controller, or general-purpose initiator operable to issue RAM access requests on the memory access bus is called a "host". Hosts inside the FDE 100 are called "domain hosts" and hosts outside the FDE domain are called "public hosts".

[0081] FDE 100 has a plurality of devices 130 (including hosts, such as processors 120 (and DMA channels)) and storage spaces 140 (specified in terms of physi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A secure data processing apparatus and method are disclosed. The secure data processing apparatus is operable to securely process user data provided by a user. The secure data processing apparatus comprises: a trusted domain (200) comprising a trusted bus coupled with a trusted data processing apparatus (220) operable to process incoming user data received over the trusted bus and to generate outgoing user data; a trusted domain controller (210) coupling the trusted bus with an untrusted bus of an untrusted domain, the trusted domain controller (210) being operable to ensure that encrypted incoming user data received over the untrusted bus is decrypted and provided over the trusted bus as the incoming user data and to ensure that outgoing user data is encrypted and provided over the untrusted bus as encrypted outgoing data; and a data store access controller (250) coupling the trusted domain controller (210) and the trusted data processing apparatus (220) with a memory bus (60) of a data store (240), the data store access controller (250) being operable to restrict successful requests to use the data store (240) received from the trusted domain controller (210) and the trusted data processing apparatus (220) to those addressed to a trusted region of the data store (240). By providing a data store access controller (250), it is possible to constrain memory that can be accessed by each device operable to generate access cycles to a data store (240), and a trusted domain (200) can be implemented within a general computing system. The constraint can be implemented by interposing a special component, referred to as an "address firewall" (250), or data store access controller (250), between each hardware element able to access the main RAM memory (240) and a memory bus (60).

Description

technical field [0001] The present invention relates to secure data processing apparatus and methods. Background technique [0002] For cloud computing models, in which computations and data are delivered to remote computers, a need has arisen for better protection of confidential data. In many cloud computing applications, the code sent to the remote computer in the cloud, the data to be remoted, and the data output from the remoting operation must be kept private. [0003] It should be understood that data and code could easily be encrypted during transmission to or from the remote computer. However, the user must trust the remote computer and its system administrator. [0004] System administrators often have access to data and code sent to remote computers. Additionally, untrustworthy potential malware could run on these remote systems and could gain access to data processed by the remote systems. [0005] Even when data and code are sent to a remote system in an enc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06G06F21/74G06F12/14G06F9/455H04L9/00
CPCH04L63/105H04L9/008H04L63/20H04L63/0428G06F9/45558G06F2009/45587G06F21/74G06F13/4221G06F21/602G06F21/606
Inventor T·库奇诺塔D·凯鲁比尼E·B·尤尔
Owner ALCATEL LUCENT SAS