- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Is it possible to run a protected (MLE) and standard environment concurrently or is it always sequential? (concurrent would be similar to two virtual machines). From my understanding, an MLE can be launched either at boot time or via late launch (using SENTER).
Also does anyone know the differences between the protected environments that are produced as a result of SENTER and ENTERACCS commands?
Thank you for your help!
Gelareh
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello - hopefully this will answer your question:
All processors are required to join the measured launch environment. Letting processors with physical access to memory remain outside of the MLE would be a security violation.
The measured launch environment is always invoked using SENTER.
ENTERACCS is used to invoke the BIOS Authenticated Control Module during boot. SENTER is used to invoke the SINIT Authenticated Control module and provide a late launch of a measured launch environment.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page