17949163. ACCESS CONTROL SYSTEMS AND METHODS FOR LOGICAL SECURE ELEMENTS RUNNING ON THE SAME SECURE HARDWARE simplified abstract (Oracle International Corporation)
Contents
- 1 ACCESS CONTROL SYSTEMS AND METHODS FOR LOGICAL SECURE ELEMENTS RUNNING ON THE SAME SECURE HARDWARE
- 1.1 Organization Name
- 1.2 Inventor(s)
- 1.3 ACCESS CONTROL SYSTEMS AND METHODS FOR LOGICAL SECURE ELEMENTS RUNNING ON THE SAME SECURE HARDWARE - A simplified explanation of the abstract
- 1.4 Simplified Explanation
- 1.5 Potential Applications
- 1.6 Problems Solved
- 1.7 Benefits
- 1.8 Potential Commercial Applications
- 1.9 Possible Prior Art
- 1.10 Original Abstract Submitted
ACCESS CONTROL SYSTEMS AND METHODS FOR LOGICAL SECURE ELEMENTS RUNNING ON THE SAME SECURE HARDWARE
Organization Name
Oracle International Corporation
Inventor(s)
Nicolas Michel Raphaël Ponsini of Mougins (FR)
Patrick Van Haver of La Cadiere d'Azur (FR)
Sebastian Jürgen Hans of Berlin (DE)
ACCESS CONTROL SYSTEMS AND METHODS FOR LOGICAL SECURE ELEMENTS RUNNING ON THE SAME SECURE HARDWARE - A simplified explanation of the abstract
This abstract first appeared for US patent application 17949163 titled 'ACCESS CONTROL SYSTEMS AND METHODS FOR LOGICAL SECURE ELEMENTS RUNNING ON THE SAME SECURE HARDWARE
Simplified Explanation
Techniques are described for applying access controls to logical secure elements (LSEs) running on the same secure element hardware platform. Embodiments include a firmware component that determines whether a message targeting an LSE is authorized to trigger an operation. The firmware component may verify a signature of the received message using a public key, shared secret, or other access control key. Access control policies may be defined to constrain the load of the LSEs on the SE platform hardware and/or to prioritize LSE access. For example, the access control policies may define usage thresholds, such as maximum threshold memory and/or processor utilization rates. As another example, the access controls may restrict the active time for an LSE to a threshold duration. If access constraints are violated or the message cannot be verified, then the firmware component may delay or deny the operation.
- Techniques for applying access controls to logical secure elements (LSEs) on the same hardware platform
- Firmware component verifies message authorization using public key, shared secret, or access control key
- Access control policies define usage thresholds and restrict active time for LSEs
- Firmware component may delay or deny operation if access constraints are violated
Potential Applications
The technology described in this patent application could be applied in various industries such as cybersecurity, IoT devices, smart cards, and secure communications systems.
Problems Solved
This technology helps in securing logical secure elements (LSEs) running on the same hardware platform by applying access controls and verifying message authorization, thus preventing unauthorized operations and ensuring system integrity.
Benefits
The benefits of this technology include enhanced security for LSEs, improved control over system resources, and the ability to prioritize access to logical secure elements based on defined policies.
Potential Commercial Applications
One potential commercial application of this technology could be in the development of secure payment systems, where access controls are crucial to prevent unauthorized transactions and protect sensitive financial data.
Possible Prior Art
One possible prior art for this technology could be access control mechanisms used in operating systems or network security protocols to restrict access to resources based on predefined policies.
Unanswered Questions
How does this technology compare to existing access control mechanisms in terms of performance and scalability?
This article does not provide a direct comparison with existing access control mechanisms in terms of performance and scalability. It would be interesting to know how this technology stacks up against traditional access control systems in real-world scenarios.
What are the potential challenges in implementing these access controls on a large-scale hardware platform?
The article does not address the potential challenges in implementing these access controls on a large-scale hardware platform. Understanding the obstacles and limitations in deploying this technology in practical settings would be valuable for further evaluation.
Original Abstract Submitted
Techniques are described herein for applying access controls to logical secure elements (LSEs) running on the same secure element hardware platform. Embodiments include a firmware component that determines whether a message targeting an LSE is authorized to trigger an operation. For example, the firmware component may verify a signature of the received message using a public key, shared secret, or other access control key. Additionally or alternatively, access control policies may be defined to constrain the load of the LSEs on the SE platform hardware and/or to prioritize LSE access. For example, the access control policies may define usage thresholds, such as maximum threshold memory and/or processor utilization rates. As another example, the access controls may restrict the active time for an LSE to a threshold duration. If access constraints are violated or the message cannot be verified, then the firmware component may delay or deny the operation.
