A hardware secure element is described. The hardware secure element includes a microprocessor and a memory, such as a non-volatile memory. The memory stores a plurality of software routines executable by the microprocessor. Each software routine starts at a respective memory start address. The hardware secure element also includes a receiver circuit and a hardware message handler module. The receiver circuit is configured to receive command data that includes a command. The hardware message handler module is configured to determine a software routine to be executed by the microprocessor as a function of the command, and also configured to provide address data to the microprocessor that indicates the software routine to be executed.

A tamper responsive sensor comprising: a carrier printed circuit board (carrier PCB), holding a mesh of one or more electrically conductive tracks, a pressure or force sensitive switch contact arranged on top of the carrier PCB and having first and second electrical contact connections, tamper detecting circuitry arranged at the carrier PCB and being powered via two electrical power lines and connected to one or more electrically conductive signal lines, wherein one of said power lines or one of said signal lines is electrically connected to the tamper detecting circuitry via a first tamper line holding the switch contact, and wherein one of said power lines or one of said signal lines is electrically connected to the tamper detecting circuitry via a second tamper line holding a conductive track of the carrier PCB mesh.

A method and system of enforcing a computer policy uses a central server to manage user profiles, policies and encryption keys. The server securely supplies the keys to client devices only after checking that the policy has been complied with. The checks include both the identity of the user and the machine identity of the client device. The keys are held in a secure environment of the client device, for example in a Trusted Platform Module (TPM), and remain inaccessible at all times to the end user. Theft or loss of a portable client device does not result in any encrypted data being compromised since the keys needed to decrypt that data are not extractable from the secure environment.

The invention relates to a method for computer systems based on the ARM processor, for example mobile devices, wherein the ARM processor provides fully hardware isolated runtime environments for an operating system (OS) and Trusted Execution Environment (TEE) including an embedded trusted network security perimeter. The isolation is performed by hardware ARM Security Extensions added to ARMv6 processors and greater and controlled by TrustWall software. The invention therefore comprises an embedded network security perimeter running in TEE on one or more processor cores with dedicated memory and storage and used to secure all external network communications of the host device. The invention addresses network communications control and protection for Rich OS Execution Environments and describes minimal necessary and sufficient actions to prevent unauthorized access to or from external networks. The present invention uses hardware platform security capabilities which significantly increase protection of the embedded network security perimeter itself from targeted attacks, in contrast to existing, and representing an improvement of, end-point software firewalls. In addition, embodiments of the invention do not require any modification to the OS system code or network application software.

A secured system includes at least one semiconductor chip comprising information processing circuitry. An array of contact pads is disposed on a surface of the chip and is electrically coupled to the information processing circuitry. The secured system includes one or more semiconductor chiplets. Each chiplet comprises at least a portion of at least one hardware trusted platform module that cryptographically secures the information processing circuitry. An array of electrically conductive microsprings is disposed on a surface of the chiplet and is electrically coupled between the hardware trusted platform module and the contact pads.

Technologies for securely exchanging sensor information include an in-vehicle computing system of a vehicle to establish a trusted execution environment and a secure communication channel between the trusted execution environment and a corresponding trusted execution environment of a coordination server. A private key is bound to the trusted execution environment of the in-vehicle computing system. The in-vehicle computing system confirms the authenticity of the coordination server, receives sensor data generated by a sensor of the vehicle, and generates an attestation quote based on the trusted execution environment of the in-vehicle computing system. The in-vehicle computing system further transmits, to the coordination server over the secure communication channel, the sensor data, the attestation quote, and a cryptographically-signed communication signed with the private key.

A method of trust provisioning a device, including: receiving, by a hardware security module (HSM), a list of instructions configured to produce trust provisioning information; performing, by the HSM, a constraint check on the list of instructions including performing a symbolic execution of the list of instructions; receiving confidential inputs; executing, by the HSM, the list of instructions on the confidential inputs when the list of instructions passes the constraint check; outputting, by the HSM, trust provisioning information.

A device, system, and method protects cryptographic keying material. The method is performed at an electronic device including a plurality of components housed in an enclosure. The method includes determining a tamper state of the enclosure, the tamper state being one of a secure state in which the enclosure has not been physically tampered or an unsecure state in which the enclosure has been physically tampered. When the tamper state is the secure state, the method includes associating a first value with the application. When the tamper state is the unsecure state, the method includes associating a second value with the application. The first value is configured to enable access to the data in the data storage unit. The second value prevents access to the data in the data storage unit.

In an embodiment, a security engine of a processor includes an identity provider logic to generate a first key pair of a key pairing associating system user and a service provider that provides a web service and having a second system coupled to the system via a network, to perform a secure communication with the second system to enable the second system to verify that the identity provider logic is executing in a trusted execution environment, and responsive to the verification, to send a first key of the first key pair to the second system. This key may enable the second system to verify an assertion communicated by the identity provider logic that the user has been authenticated to the system according to a multi-factor authentication. Other embodiments are described and claimed.

Systems and methods for protecting symmetric encryption keys when performing encryption are described. In one embodiment, a computer-implemented method includes retrieving at least one real key from a secure area and executing, with a processor, a key transform instruction to generate at least one transformed key based on receiving the at least one real key. The at least one transformed key is an encrypted version of at least one round key that is encrypted by the processor using the at least one real key. The processor is able to decrypt the at least one transformed key and encrypt the at least one round key.