The Intel® Dynamic Application Loader (Intel® DAL) is a unique feature of Intel® platforms that allows you to run small portions of Java* code on Intel® Converged Security and Management Engine (Intel® CSME) firmware. It is available on most Intel® Core™ and Intel Atom® processors.
Secure Digital Rights Management (DRM)
A user downloads a video file from your company and pays a rental fee that allows the user to play it for the next three days. If you store the number of days remaining on the user’s computer, malware or the users themselves can try to corrupt it. If you store it on a server, users cannot watch the video if they are offline. By storing these small pieces of user data in the Intel DAL storage layer, and consulting it each time the video plays, you can limit who can play the video, when, and how it's played.
Secure Login (Intel® Authenticate Solution)
Although the world is moving away from cumbersome passwords, verifying a user's identity before login is still essential. Your trusted application creates the image of a keypad or other password entry interface, encrypting it so the operating system cannot read it. The operating system sends this encrypted image to the graphics hardware that decrypts it using a key that it received directly from Intel DAL. Only the user can see the resulting protected transaction display (PTD) window. From the point of view of the operating system or any malware that may be running on it, that portion of the screen is blank.
Secure Transactions Using Intel® Identity Protection Technology
Your online storefront may be secure, but your customers might be infected with spyware. To protect your users’ sensitive information during transit, you communicate with them via a trusted application (an applet) that runs in the Intel DAL environment. This applet can securely establish a connection with your website. Since the handshake takes place in the isolated Intel DAL environment, your customers’ credit card data is transmitted securely.
Intel® Secure Device Onboard (Intel® SDO)
A manufacturer has millions of IoT devices to provision, and the provisioning cannot be performed during manufacturing. Manual provisioning is an unrealistic option. Intel® SDO uses the Intel EPID inserted in the silicon during manufacturing to enable zero-touch provisioning without a technician's assistance. Intel SDO uses Intel DAL to ensure that the communication between the device and the provisioning service is secure.
Intel® Software Guard Extensions (Intel® SGX)
This Intel® architecture extension increases the security of application code and data. Application developers use Intel® SGX to protect select code and data from disclosure or modification. The software makes protections possible through enclaves, which are protected areas of execution in memory, and uses Intel DAL for anti-replay and protected time.
In-Vehicle Infotainment (IVI) Systems
Intel DAL can be used to implement digital rights management (DRM) functionality according to the digital TV standard. In this scenario, the Intel DAL applet provides DRM key storage and secure cryptographic computation using the DRM key.