| CPC G06F 12/1458 (2013.01) [G06F 12/0835 (2013.01); G06F 12/0882 (2013.01); G06F 12/1433 (2013.01); G06F 12/145 (2013.01)] | 45 Claims |
|
1. A system for secure computing, comprising:
a processor comprised of circuitry; and
a memory, the memory being arranged into blocks;
wherein each memory block stores content therein;
wherein the content is one of data and code;
wherein the code comprises instructions for execution by the processor;
wherein each memory block is associated with a security class assigned to the content stored in the memory block from amongst a plurality of security classes;
wherein the associated security class of each memory block travels in the system together with the content of the associated memory block;
wherein the processor employs at least one matrix;
wherein the at least one matrix defines interactions between the security classes of memory blocks of content as the content of the memory blocks are being processed by the processor; and
wherein the security classes include data classes which are security classes for data and the security classes include code classes which are security classes for processor instructions, and wherein the at least one matrix defines i) memory blocks associated with which data classes can be mixed in an operation, as well as determining a result of each such mixing; ii) whether code in a memory block associated with a code class can process content of a memory block associated with a specific data class, as well as determining a resulting class for the memory page resulting from the processing when such processing occurs; and iii) whether a memory block associated with one code class can call a memory block associated with another code class.
|