Binding a hardware security module (HSM) to protected software

摘要

Aspects of the present disclosure relate to binding a hardware security module to a software component. A secret can be cryptographically linked to the software component. The secret linked to the software component can be protected such that the secret is only accessible by a trusted firmware. The software component can then be installed in a secure software context. The protected secret can be transferred to the trusted firmware. A control block can be maintained by the trusted firmware in the secure software context, wherein the control block comprises the secret. The hardware security module can then be configured by the trusted firmware such that the hardware security module only responds to requests from a component having access to the secret.