Processing

Please wait...

Settings

Settings

Goto Application

1. CN112352220 - METHOD AND SYSTEM FOR PROTECTING DATA PROCESSED BY DATA PROCESSING ACCELERATORS

Office
China
Application Number 201980038708.7
Application Date 04.01.2019
Publication Number 112352220
Publication Date 09.02.2021
Publication Kind A
IPC
G06F 9/30
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
30Arrangements for executing machine instructions, e.g. instruction decode
CPC
G06F 21/53
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
52during program execution, e.g. stack integrity ; ; Preventing unwanted data erasure; Buffer overflow
53by executing in a restricted environment, e.g. sandbox or secure virtual machine
G06F 21/575
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
575Secure boot
G06F 21/6245
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
60Protecting data
62Protecting access to data via a platform, e.g. using keys or access control rules
6218to a system of files or objects, e.g. local or distributed file system or database
6245Protecting personal data, e.g. for financial or medical purposes
G06F 9/3017
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
30Arrangements for executing machine instructions, e.g. instruction decode
3017Runtime instruction translation, e.g. macros
G06F 9/3877
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
30Arrangements for executing machine instructions, e.g. instruction decode
38Concurrent instruction execution, e.g. pipeline, look ahead
3877using a slave processor, e.g. coprocessor
G06F 9/4411
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
44Arrangements for executing specific programs
4401Bootstrapping
4411Configuring for operating with peripheral devices; Loading of device drivers
Applicants BAIDU.COM TIMES TECHNOLOGY (BEIJING) CO., LTD.
百度时代网络技术(北京)有限公司
BAIDU USA LLC
百度(美国)有限责任公司
Inventors CHENG YUEQIANG
程越强
LIU YONG
刘勇
WEI TAO
韦韬
OUYANG JIAN
欧阳剑
Agents 北京英赛嘉华知识产权代理有限责任公司 11204
北京英赛嘉华知识产权代理有限责任公司 11204
Title
(EN) METHOD AND SYSTEM FOR PROTECTING DATA PROCESSED BY DATA PROCESSING ACCELERATORS
(ZH) 保护由数据处理加速器处理的数据的方法和系统
Abstract
(EN)
A data processing system performs a secure boot using a security module (e. g., a trusted platform module (TPM)) of a host system (301). The system verifies that an operating system (OS) and one or more drivers including an accelerator driver associated with a data processing (DP) accelerator is provided by a trusted source (302). The system launches the accelerator driver within the OS (303). Thesystem generates a trusted execution environment (TEE) associated with one or more processors of the host system (304). The system launches an application and a runtime library within the TEE, wherethe application communicates with the DP accelerator via the runtime library and the accelerator driver (305).

(ZH)
数据处理系统使用主机系统(301)的安全模块(例如,可信平台模块(TPM))执行安全引导。该系统确认操作系统(OS)和包括与数据处理(DP)加速器相关联的加速器驱动器的一个或多个驱动器是由可信源(302)提供的。该系统启动OS(303)中的加速器驱动器。该系统生成与主机系统(304)的一个或多个处理器相关联的可信执行环境(TEE)。该系统启动TEE中的应用和运行时间库,其中,应用经由运行时间库和加速器驱动器(305)与DP加速器进行通信。

Related patent documents