US 12,388,802 B2
Secure shell and role isolation for multi-tenant compute
Jaideep Dastidar, San Jose, CA (US); Jason Moore, Albuquerque, NM (US); and Brian S. Martin, Longmont, CO (US)
Assigned to XILINX, INC., San Jose, CA (US)
Filed by XILINX, INC., San Jose, CA (US)
Filed on Apr. 8, 2022, as Appl. No. 17/716,881.
Prior Publication US 2023/0328045 A1, Oct. 12, 2023
Int. Cl. H04L 9/40 (2022.01); H04L 15/16 (2006.01); H04L 45/02 (2022.01)
CPC H04L 63/0435 (2013.01) [H04L 45/02 (2013.01); H04L 63/0407 (2013.01); H04L 63/145 (2013.01); H04L 63/20 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system on a chip (SoC), comprising:
an untrusted tenant portion comprising first circuitry, the untrusted tenant portion is configured to perform tasks for a plurality of tenants;
a secure shell comprising a gatekeeper and second circuitry, the secure shell is configured to encapsulate the untrusted tenant portion to permit the untrusted tenant portion to communicate with other circuitry in the SoC; and
a secure shell launcher that is physically separate from the secure shell and that is configured to establish security protocols in the secure shell to protect confidential information for the plurality of tenants and provide encrypted, authenticated updates to the secure shell, wherein the secure shell launcher is configured to enable communication between an untrusted entry point and a trusted entry point after data is passed through the gatekeeper.