Safeguarding electronic information has become an important issue based on the growing variety of transactions that may now be conducted electronically. Various threats including, for example, hackers, malicious software (e.g., malware) such as viruses, rootkits, etc. may share at least one purpose: to circumvent existing protection measures to gain access to, or control over, another users' device. A user employing a device to perform daily transactions may be unaware that their device has been compromised, and may be unknowingly providing sensitive personal, financial and/or proprietary data to a third party. Technology is continually being developed to combat these types of attacks. However, as new virus protections strategies emerge, hackers are finding ways to attack at lower levels within a device, gaining access and/or control at a level in the device having higher priority than the protection software. As a result, device manufacturers are building security measures into the actual hardware of a device. For example, these security features may be enabled an early stage of device initialization, and may ensure that programs loaded later are safe by performing a security check as the programs are loaded into the device.
For example, during initialization a device may reserve a portion of memory that may be accessible only to known-good programs. In this manner, sensitive and/or confidential data that is stored in the portion of memory may be protected from attack. However, a scenario may exist wherein known-good software does not reside in the same device as the protected memory. For example, a known-good program (e.g., a “client” program) in a user device may need to access a portion of protected memory situated in at least one remote computing device (e.g., operating in a cloud architecture). While it may be desirable for a client program to be capable of accessing protected memory that resides in at least one other device, the protected memory may be secured from being accessed by any software other that an “owner” of the protected memory that may be assigned, for example, when the protected portion of memory is first created. This requirement may severely limit the applications to which this type of security technology may be applied.
Although the following Detailed Description will proceed with reference being made to illustrative embodiments, many alternatives, modifications and variations thereof will be apparent to those skilled in the art.