Security Protocols for Processor-Based Systems
Abstract
A processor-based system such as a wireless communication module may implement security functions in a cost effective fashion by providing a virtual memory space whose addresses may be recognized. The memory is integrated with an application processor. When those addresses are recognized, access to special security protocols may be allowed. In another embodiment, a variety of dedicated hardware cryptographic accelerators may be provided to implement security protocols in accordance with a variety of different standards. By optimizing the hardware for specific standards, greater performance may be achieved.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . An apparatus comprising:
a processor, said processor to execute first and second code sequences, said processor including a storage having a virtual memory space and said processor adapted to detect instructions directed to addresses associated with said virtual memory space, to identify which of said first and second code sequences issued said instructions to an address associated with said virtual memory space and to allow the first code sequence that issued instructions to said address but not the second code sequence that did not issue instructions to said address, access to a resource; and a memory coupled to said processor.
2 . The apparatus of claim 1 wherein said apparatus detects instructions directed to said memory space by comparing the addresses of said instructions to the addresses corresponding to said virtual memory space.
3 . The apparatus of claim 1 wherein said apparatus only allows instructions directed to said memory space to access cryptographic functions.
4 . The apparatus of claim 1 wherein said resource including a plurality of cryptographic accelerators each for different cryptographic techniques.
5 . The apparatus of claim 4 including a data encryption standard algorithm accelerator.
6 . The apparatus of claim 5 including a Rijndael algorithm accelerator.
7 . The apparatus of claim 5 including at least three different hardware cryptographic algorithm accelerators..
8 . The apparatus of claim 7 including an integrated circuit including all of said cryptographic accelerators.
9 . The apparatus of claim 1 wherein said resource to implement a security protocol to accomplish a subscriber identity module function.
10 . The apparatus of claim 1 wherein said apparatus is a cellular telephone.
11 . The apparatus of claim 1 wherein said processor is an application processor and said code sequences are applications.
12 . The apparatus of claim 11 wherein said apparatus is a cellular telephone.
13 . The apparatus of claim 12 including a die containing said application processor wherein said function is implemented on said die.
14 . The apparatus of claim 12 wherein said function and said processor are on the same die.
15 . The apparatus of claim 12 wherein said function is integrated with an application processor.
16 . The apparatus of claim 12 wherein the function is integrated as a portion of the application processor.
17 . A method comprising:
integrating a processor with a storage having a virtual memory space associated with a particular address; detecting instructions directed to said address associated with said virtual memory space; detecting whether a first or a second code sequence is directing instructions to access said address; and granting access to the first code sequence that directed instructions to said address access to a resource and denying access to the second code sequence that did not direct instructions to said address.
18 . The method of claim 17 including assigning an address range to said virtual memory space.
19 . The method of claim 17 including detecting instructions directed to said memory space by comparing the addresses of said instructions to the addresses corresponding to said virtual memory space.
20 . The method of claim 17 including allowing only instructions addressed to said memory space to access a resource including cryptographic functions.
21 . The method of claim 20 including providing separate cryptographic accelerators for a plurality of cryptographic techniques.
22 . The method of claim 21 including providing a data encryption standard algorithm accelerator.
23 . The method of claim 22 including providing a Rijndael algorithm accelerator.
24 . The method of claim 21 including providing at least three different hardware cryptographic algorithm accelerators.
25 . The method of claim 24 including providing said cryptographic accelerators on the same integrated circuit.
26 . The method of claim 17 including using said virtual memory space to implement a subscriber identity module function.Join the waitlist — get patent alerts
Track US2013080791A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.