Abstract: An electronic circuit 120 includes a more-secure processor (600) having hardware based security (138) for storing data. A less-secure processor (200) eventually utilizes the data. By a data transfer request-response arrangement (2010, 2050, 2070, 2090) between the more-secure processor (600) and the less-secure processor (200), the more-secure processor (600) confers greater security of the data on the less-secure processor (200). A manufacturing process makes a handheld device (110) having a storage space (222), a less-secure processor (200) for executing modem software and a more-secure processor (600) having a protected application (2090) and a secure storage (2210).

Abstract: An electronic circuit 120 includes a more-secure processor (600) having hardware based security (138) for storing data. A less-secure processor (200) eventually utilizes the data. By a data transfer request-response arrangement (2010, 2050, 2070, 2090) between the more-secure processor (600) and the less-secure processor (200), the more-secure processor (600) confers greater security of the data on the less-secure processor (200). A manufacturing process makes a handheld device (110) having a storage space (222), a less-secure processor (200) for executing modem software and a more-secure processor (600) having a protected application (2090) and a secure storage (2210).

Abstract: An electronic circuit includes a more-secure processor having hardware based security for storing data. A less-secure processor eventually utilizes the data. By a data transfer request-response arrangement between the more-secure processor and the less-secure processor, the more-secure processor confers greater security of the data on the less-secure processor. A manufacturing process makes a handheld device having a storage space, a less-secure processor for executing modem software and a more-secure processor having a protected application and a secure storage. A manufacturing process involves generating a per-device private key and public key pair, storing the private key in a secure storage where it can be accessed by the protected application, combining the public key with the modem software to produce a combined software, signing the combined software; and storing the signed combined software into the storage space.

Abstract: A secure demand paging (SDP) system includes a dynamic random access memory (DRAM), a microprocessor having a secure internal memory and coupled to said DRAM, and a non-volatile memory storing a representation of operations accessible by the microprocessor. The stored representation of operations includes a coded physical representation of operations to configure an SDP space in the DRAM, to organize the SDP space into virtual machine contexts, to organize at least one of the virtual machine contexts into block book keeping blocks and book keeping spaces in the block book keeping blocks, and to execute a secure demand paging process between said secure internal memory and said DRAM.

Abstract: An electronic circuit includes a more-secure processor having hardware based security for storing data. A less-secure processor eventually utilizes the data. By a data transfer request-response arrangement between the more-secure processor and the less-secure processor, the more-secure processor confers greater security of the data on the less-secure processor. A manufacturing process makes a handheld device having a storage space, a less-secure processor for executing modem software and a more-secure processor having a protected application and a secure storage. A manufacturing process involves generating a per-device private key and public key pair, storing the private key in a secure storage where it can be accessed by the protected application, combining the public key with the modem software to produce a combined software, signing the combined software; and storing the signed combined software into the storage space.

Abstract: Systems and methods for providing a battery module 110 with secure identity information and authentication of the identity of the battery 110 by a host 120. In one embodiment, the system for providing a battery module with secure identity information includes: (1) a tamper resistant processing environment 200 located within the battery module 110 and (2) a key generator configured to generate a key based on an identity of the battery module 110 and cause the key to be stored within the tamper resistant processing environment 200.

Abstract: An electronic circuit includes a more-secure processor having hardware based security for storing data. A less-secure processor eventually utilizes the data. By a data transfer request-response arrangement between the more-secure processor and the less-secure processor, the more-secure processor confers greater security of the data on the less-secure processor. A manufacturing process makes a handheld device having a storage space, a less-secure processor for executing modem software and a more-secure processor having a protected application and a secure storage. A manufacturing process involves generating a per-device private key and public key pair, storing the private key in a secure storage where it can be accessed by the protected application, combining the public key with the modem software to produce a combined software, signing the combined software; and storing the signed combined software into the storage space.

Abstract: Systems and methods for providing a battery module 110 with secure identity information and authentication of the identity of the battery 110 by a host 120. In one embodiment, the system for providing a battery module with secure identity information includes: (1) a tamper resistant processing environment 200 located within the battery module 110 and (2) a key generator configured to generate a key based on an identity of the battery module 110 and cause the key to be stored within the tamper resistant processing environment 200.

Abstract: A device (200, 2200) for improved security includes a processor (200) and a secure writeable memory (2245) coupled to said processor (200) and including code (2240) to download a loadable security kernel to the processor (200), authenticate the loadable security kernel, and transfer the kernel so that the kernel begins at a predetermined address inside the secure writeable memory (2245) only if the authentication is successful. A process (2400) of manufacturing a target communication device (2310) having a memory space having a secure writable portion (2245) of the memory space, the manufacturing process (2400) using a host machine (2330). The manufacturing process (2400) includes downloading (2540) the loadable security kernel from the host machine (2330) to the memory space at the target (2310). The loadable security kernel has a flashing entry point.

Abstract: A secure demand paging (SDP) system includes a dynamic random access memory (DRAM), a microprocessor having a secure internal memory and coupled to said DRAM, and a non-volatile memory storing a representation of operations accessible by the microprocessor. The stored representation of operations includes a coded physical representation of operations to configure an SDP space in the DRAM, to organize the SDP space into virtual machine contexts, to organize at least one of the virtual machine contexts into block book keeping blocks and book keeping spaces in the block book keeping blocks, and to execute a secure demand paging process between said secure internal memory and said DRAM.

Abstract: A secure demand paging system (1020) includes a processor (1030) operable for executing instructions, an internal memory (1034) for a first page in a first virtual machine context, an external memory (1024) for a second page in a second virtual machine context, and a security circuit (1038) coupled to the processor (1030) and to the internal memory (1034) for maintaining the first page secure in the internal memory (1034).

Abstract: Systems and methods for providing a battery module 110 with secure identity information and authentication of the identity of the battery 110 by a host 120. In one embodiment, the system for providing a battery module with secure identity information includes: (1) a tamper resistant processing environment 200 located within the battery module 110 and (2) a key generator configured to generate a key based on an identity of the battery module 110 and cause the key to be stored within the tamper resistant processing environment 200.

Abstract: Systems and methods for providing a battery module 110 with secure identity information and authentication of the identity of the battery 110 by a host 120. In one embodiment, the system for providing a battery module with secure identity information includes: (1) a tamper resistant processing environment 200 located within the battery module 110 and (2) a key generator configured to generate a key based on an identity of the battery module 110 and cause the key to be stored within the tamper resistant processing environment 200.

Abstract: An electronic circuit includes a more-secure processor having hardware based security for storing data. A less-secure processor eventually utilizes the data. By a data transfer request-response arrangement between the more-secure processor and the less-secure processor, the more-secure processor confers greater security of the data on the less-secure processor. A manufacturing process makes a handheld device having a storage space, a less-secure processor for executing modem software and a more-secure processor having a protected application and a secure storage. A manufacturing process involves generating a per-device private key and public key pair, storing the private key in a secure storage where it can be accessed by the protected application, combining the public key with the modem software to produce a combined software, signing the combined software; and storing the signed combined software into the storage space.

Abstract: An electronic circuit includes a more-secure processor having hardware based security for storing data. A less-secure processor eventually utilizes the data. By a data transfer request-response arrangement between the more-secure processor and the less-secure processor, the more-secure processor confers greater security of the data on the less-secure processor. A manufacturing process makes a handheld device having a storage space, a less-secure processor for executing modem software and a more-secure processor having a protected application and a secure storage. A manufacturing process involves generating a per-device private key and public key pair, storing the private key in a secure storage where it can be accessed by the protected application, combining the public key with the modem software to produce a combined software, signing the combined software; and storing the signed combined software into the storage space.

Abstract: An electronic circuit includes a more-secure processor having hardware based security for storing data. A less-secure processor eventually utilizes the data. By a data transfer request-response arrangement between the more-secure processor and the less-secure processor, the more-secure processor confers greater security of the data on the less-secure processor. A manufacturing process makes a handheld device having a storage space, a less-secure processor for executing modem software and a more-secure processor having a protected application and a secure storage. A manufacturing process involves generating a per-device private key and public key pair, storing the private key in a secure storage where it can be accessed by the protected application, combining the public key with the modem software to produce a combined software, signing the combined software; and storing the signed combined software into the storage space.

Abstract: An electronic circuit 120 includes a more-secure processor (600) having hardware based security (138) for storing data. A less-secure processor (200) eventually utilizes the data. By a data transfer request-response arrangement (2010, 2050, 2070, 2090) between the more-secure processor (600) and the less-secure processor (200), the more-secure processor (600) confers greater security of the data on the less-secure processor (200). A manufacturing process makes a handheld device (110) having a storage space (222), a less-secure processor (200) for executing modem software and a more-secure processor (600) having a protected application (2090) and a secure storage (2210).

Abstract: Systems and methods for providing a battery module 110 with secure identity information and authentication of the identity of the battery 110 by a host 120. In one embodiment, the system for providing a battery module with secure identity information includes: (1) a tamper resistant processing environment 200 located within the battery module 110 and (2) a key generator configured to generate a key based on an identity of the battery module 110 and cause the key to be stored within the tamper resistant processing environment 200.

Abstract: Systems and methods for providing a battery module 110 with secure identity information and authentication of the identity of the battery 110 by a host 120. In one embodiment, the system for providing a battery module with secure identity information includes: (1) a tamper resistant processing environment 200 located within the battery module 110 and (2) a key generator configured to generate a key based on an identity of the battery module 110 and cause the key to be stored within the tamper resistant processing environment 200.

Abstract: Pervasive security is provided by a combination of physical interfaces and network interfaces to a service to a user includes establishing by the user's client device network connectivity to the service, transmitting by the service an identifier to the user's client device, determining by the service whether the user enters the identifier into the service in physical proximity to the service, and invoking the service once the user has entered the identifier into the service while in physical proximity to the service. The service can provide indication that the service has been granted by sending a control page to the user's client device.