A typical personal computer (PC) includes a host, memory, and user input. The majority of PCs today run Windows on an Intel processor. These systems are referred to as Wintel systems. Wintel systems have security weaknesses that are popular targets for hackers. Therefore, vendors and users are continual trying to develop techniques to make these systems more secure.
Many systems, including Wintel systems, provide encrypted storage where the user and system can store data. When the system is at rest (i.e., data not being used), the data is protected in the encrypted storage. However, the data may be retrieved from the encrypted storage and used by an application running on the host. As soon as the data is removed from the secure storage, the data becomes vulnerable. This unsecure location is where sensitive data is attacked.
What is therefore needed are systems and methods for providing a host isolated security environment in which security services are run and data is stored in a secure trusted domain, isolated from the unsecure host.
The present invention will now be described with reference to the accompanying drawings. In the drawings, like reference numbers can indicate identical or functionally similar elements. Additionally, the left-most digit(s) of a reference number may identify the drawing in which the reference number first appears.