CN100533330C - 用于个人计算机存储器区域的外部锁固机构 - Google Patents

用于个人计算机存储器区域的外部锁固机构 Download PDF

Info

Publication number
CN100533330C
CN100533330C CNB028124871A CN02812487A CN100533330C CN 100533330 C CN100533330 C CN 100533330C CN B028124871 A CNB028124871 A CN B028124871A CN 02812487 A CN02812487 A CN 02812487A CN 100533330 C CN100533330 C CN 100533330C
Authority
CN
China
Prior art keywords
memory
smm
block
locking
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB028124871A
Other languages
English (en)
Chinese (zh)
Other versions
CN1524206A (zh
Inventor
F·D·韦伯
D·E·古利克
G·S·斯特劳金
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
GlobalFoundries Inc
Original Assignee
Advanced Micro Devices Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US09/852,372 external-priority patent/US7065654B1/en
Application filed by Advanced Micro Devices Inc filed Critical Advanced Micro Devices Inc
Publication of CN1524206A publication Critical patent/CN1524206A/zh
Application granted granted Critical
Publication of CN100533330C publication Critical patent/CN100533330C/zh
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F1/00Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C16/00Erasable programmable read-only memories
    • G11C16/02Erasable programmable read-only memories electrically programmable
    • G11C16/04Erasable programmable read-only memories electrically programmable using variable threshold transistors, e.g. FAMOS
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2147Locking files

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Storage Device Security (AREA)
CNB028124871A 2001-05-10 2002-04-17 用于个人计算机存储器区域的外部锁固机构 Expired - Fee Related CN100533330C (zh)

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US85294201A 2001-05-10 2001-05-10
US09/852,942 2001-05-10
US09/852,372 2001-05-10
US09/852,372 US7065654B1 (en) 2001-05-10 2001-05-10 Secure execution box
US09/870,889 2001-05-30
US09/870,889 US7149854B2 (en) 2001-05-10 2001-05-30 External locking mechanism for personal computer memory locations

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN 200710004315 Division CN101118583A (zh) 2001-05-10 2002-04-17 用于个人计算机存储器区域的外部锁固机构

Publications (2)

Publication Number Publication Date
CN1524206A CN1524206A (zh) 2004-08-25
CN100533330C true CN100533330C (zh) 2009-08-26

Family

ID=27420361

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB028124871A Expired - Fee Related CN100533330C (zh) 2001-05-10 2002-04-17 用于个人计算机存储器区域的外部锁固机构

Country Status (8)

Country Link
US (1) US7149854B2 (https=)
EP (1) EP1428095A2 (https=)
JP (1) JP2005515517A (https=)
KR (2) KR100902398B1 (https=)
CN (1) CN100533330C (https=)
AU (1) AU2002254625A1 (https=)
TW (1) TWI222285B (https=)
WO (1) WO2002093335A2 (https=)

Families Citing this family (44)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030196100A1 (en) * 2002-04-15 2003-10-16 Grawrock David W. Protection against memory attacks following reset
US6948041B2 (en) * 2002-10-24 2005-09-20 Micron Technology, Inc. Permanent memory block protection in a flash memory device
AU2003900764A0 (en) * 2003-02-20 2003-03-06 Secure Systems Limited Bus bridge security system and method for computers
US7334123B2 (en) * 2003-05-02 2008-02-19 Advanced Micro Devices, Inc. Computer system including a bus bridge for connection to a security services processor
CN101115072B (zh) * 2003-07-28 2012-11-14 索尼株式会社 信息处理设备和方法
US7308102B2 (en) * 2003-08-05 2007-12-11 Dell Products L.P. System and method for securing access to memory modules
DE102005014837B4 (de) * 2004-08-02 2007-08-30 Mahltig, Holger Sicherheitsmodul und Verfahren zum Steuern und Kontrollieren eines Datenverkehrs eines Personalcomputers
US7552341B2 (en) * 2004-09-01 2009-06-23 Microsoft Corporation Licensing the use of software on a particular CPU
US7702907B2 (en) * 2004-10-01 2010-04-20 Nokia Corporation System and method for safe booting electronic devices
CN101091168B (zh) * 2004-12-31 2011-12-28 英特尔公司 实现多阶段软件的方法和装置
WO2007023457A2 (en) * 2005-08-22 2007-03-01 Nxp B.V. Embedded memory protection
US8683158B2 (en) * 2005-12-30 2014-03-25 Intel Corporation Steering system management code region accesses
US7610464B2 (en) * 2006-02-22 2009-10-27 Sony Computer Entertainment Inc. Methods and apparatus for providing independent logical address space and access management
US7886099B2 (en) * 2006-06-16 2011-02-08 Superspeed Llc Systems and methods for providing a personal computer with non-volatile system memory
US8108692B1 (en) * 2006-06-27 2012-01-31 Siliconsystems, Inc. Solid-state storage subsystem security solution
US7925815B1 (en) * 2006-06-29 2011-04-12 David Dunn Modifications to increase computer system security
US8661265B1 (en) 2006-06-29 2014-02-25 David Dunn Processor modifications to increase computer system security
US7610426B1 (en) * 2006-12-22 2009-10-27 Dunn David A System management mode code modifications to increase computer system security
US8316414B2 (en) * 2006-12-29 2012-11-20 Intel Corporation Reconfiguring a secure system
TWI335509B (en) * 2007-03-07 2011-01-01 Via Tech Inc A method for accessing memory data
US8438652B2 (en) * 2007-03-23 2013-05-07 Seagate Technology Llc Restricted erase and unlock of data storage devices
US8984653B2 (en) * 2008-04-03 2015-03-17 Microsoft Technology Licensing, Llc Client controlled lock for electronic devices
US8356184B1 (en) 2009-06-25 2013-01-15 Western Digital Technologies, Inc. Data storage device comprising a secure processor for maintaining plaintext access to an LBA table
TW201113754A (en) * 2009-10-15 2011-04-16 Acer Inc Multi-directional input method and electronic system thereof
US8484450B2 (en) * 2009-12-02 2013-07-09 Bally Gaming, Inc. Authentication system for gaming machines and related methods
US10482254B2 (en) * 2010-07-14 2019-11-19 Intel Corporation Domain-authenticated control of platform resources
US8539245B2 (en) * 2010-08-06 2013-09-17 Intel Corporation Apparatus and method for accessing a secure partition in non-volatile storage by a host system enabled after the system exits a first instance of a secure mode
KR101205056B1 (ko) * 2010-11-29 2012-11-26 에스케이하이닉스 주식회사 반도체 메모리의 블록 제어 장치 및 방법
US9305142B1 (en) 2011-12-19 2016-04-05 Western Digital Technologies, Inc. Buffer memory protection unit
US9483426B2 (en) 2012-01-31 2016-11-01 Hewlett-Packard Development Company, L.P. Locking a system management interrupt (SMI) enable register of a chipset
US20140280412A1 (en) * 2013-03-15 2014-09-18 Nvidia Corporation System, method, and computer program product for determining a random value
US9323502B2 (en) 2013-03-15 2016-04-26 Nvidia Corporation System, method, and computer program product for altering a line of code
US9171115B2 (en) 2013-04-10 2015-10-27 Nvidia Corporation System, method, and computer program product for translating a common hardware database into a logic code model
EP2894588B1 (en) * 2014-01-13 2018-08-15 Nxp B.V. Data processing device, method for executing an application and computer program product
US9740492B2 (en) * 2015-03-23 2017-08-22 Intel Corporation System management mode trust establishment for OS level drivers
US10101928B2 (en) * 2016-02-19 2018-10-16 Dell Products L.P. System and method for enhanced security and update of SMM to prevent malware injection
US10585608B2 (en) * 2017-03-22 2020-03-10 Oracle International Corporation System and method for securely isolating a system feature
US10997296B2 (en) * 2017-03-22 2021-05-04 Oracle International Corporation System and method for restoration of a trusted system firmware state
US11783064B2 (en) * 2017-07-10 2023-10-10 Intel Corporation Techniques to provide hardware enforced protection environment for a system management mode
CN108334351A (zh) * 2017-08-31 2018-07-27 郑州云海信息技术有限公司 一种修改启动顺序的方法及装置
US11188685B2 (en) 2019-02-22 2021-11-30 Google Llc Secure transient buffer management
US11354415B2 (en) * 2019-06-29 2022-06-07 Intel Corporation Warm boot attack mitigations for non-volatile memory modules
WO2021118520A1 (en) * 2019-12-09 2021-06-17 Hewlett-Packard Development Company, L.P. Secure operating modes for computing devices
CN113986788B (zh) * 2021-10-28 2024-07-12 昆仑芯(北京)科技有限公司 数据处理方法和装置、芯片、电子设备及介质

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6188602B1 (en) * 2000-01-25 2001-02-13 Dell Usa, L.P. Mechanism to commit data to a memory device with read-only access
US6454819B1 (en) * 1999-01-18 2002-09-24 Kabushiki Kaisha Toshiba Composite particles and production process thereof, aqueous dispersion, aqueous dispersion composition for chemical mechanical polishing, and process for manufacture of semiconductor device

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5421006A (en) * 1992-05-07 1995-05-30 Compaq Computer Corp. Method and apparatus for assessing integrity of computer system software
US5408629A (en) 1992-08-13 1995-04-18 Unisys Corporation Apparatus and method for controlling exclusive access to portions of addressable memory in a multiprocessor system
US5475829A (en) * 1993-03-22 1995-12-12 Compaq Computer Corp. Computer system which overrides write protection status during execution in system management mode
US5442704A (en) * 1994-01-14 1995-08-15 Bull Nh Information Systems Inc. Secure memory card with programmed controlled security access control
DE69505224T2 (de) * 1994-07-22 1999-05-20 Advanced Micro Devices, Inc., Sunnyvale, Calif. Computersystem
US5623673A (en) * 1994-07-25 1997-04-22 Advanced Micro Devices, Inc. System management mode and in-circuit emulation memory mapping and locking method
US5537540A (en) * 1994-09-30 1996-07-16 Compaq Computer Corporation Transparent, secure computer virus detection method and apparatus
US5721877A (en) * 1995-05-31 1998-02-24 Ast Research, Inc. Method and apparatus for limiting access to nonvolatile memory device
US5944821A (en) * 1996-07-11 1999-08-31 Compaq Computer Corporation Secure software registration and integrity assessment in a computer system
US5850559A (en) * 1996-08-07 1998-12-15 Compaq Computer Corporation Method and apparatus for secure execution of software prior to a computer system being powered down or entering a low energy consumption mode
US6343338B1 (en) * 1997-04-01 2002-01-29 Microsoft Corporation System and method for synchronizing disparate processing modes and for controlling access to shared resources
JPH10293684A (ja) * 1997-04-17 1998-11-04 Toshiba Corp コンピュータシステムおよびその立ち上げ制御方法
JP3238097B2 (ja) * 1997-05-30 2001-12-10 株式会社東芝 コンピュータシステムおよびそのシステムにおけるデータセーブ制御方法
US6154819A (en) 1998-05-11 2000-11-28 Intel Corporation Apparatus and method using volatile lock and lock-down registers and for protecting memory blocks
US6026016A (en) * 1998-05-11 2000-02-15 Intel Corporation Methods and apparatus for hardware block locking in a nonvolatile memory
US6122732A (en) 1998-10-23 2000-09-19 Compaq Computer Corporation System management interrupt for a desktop management interface/system management basic input output system interface function
JP3561211B2 (ja) * 2000-06-27 2004-09-02 株式会社東芝 情報処理装置および不揮発性記憶装置の書き換え制御方法
US6816925B2 (en) * 2001-01-26 2004-11-09 Dell Products L.P. Combination personal data assistant and personal computing device with master slave input output

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6454819B1 (en) * 1999-01-18 2002-09-24 Kabushiki Kaisha Toshiba Composite particles and production process thereof, aqueous dispersion, aqueous dispersion composition for chemical mechanical polishing, and process for manufacture of semiconductor device
US6188602B1 (en) * 2000-01-25 2001-02-13 Dell Usa, L.P. Mechanism to commit data to a memory device with read-only access

Also Published As

Publication number Publication date
JP2005515517A (ja) 2005-05-26
KR20090060369A (ko) 2009-06-11
US7149854B2 (en) 2006-12-12
KR20030094401A (ko) 2003-12-11
EP1428095A2 (en) 2004-06-16
AU2002254625A1 (en) 2002-11-25
WO2002093335A3 (en) 2004-04-01
KR100902398B1 (ko) 2009-06-11
TWI222285B (en) 2004-10-11
KR100938924B1 (ko) 2010-01-27
WO2002093335A2 (en) 2002-11-21
CN1524206A (zh) 2004-08-25
US20030041248A1 (en) 2003-02-27

Similar Documents

Publication Publication Date Title
CN100533330C (zh) 用于个人计算机存储器区域的外部锁固机构
JP2755828B2 (ja) 複数のマイクロプロセッサ間でアプリケーション・データおよび手続きを共用するための安全なアプリケーション・カード
US6188602B1 (en) Mechanism to commit data to a memory device with read-only access
US7065654B1 (en) Secure execution box
CN100416501C (zh) 采用包括配置成清除内存的内存控制器的信赖的执行环境的计算机系统
JP6137499B2 (ja) 方法および装置
US5944821A (en) Secure software registration and integrity assessment in a computer system
JP2509438B2 (ja) セキュリティ機構を有するコンピュ―タ・システム
US7003676B1 (en) Locking mechanism override and disable for personal computer ROM access protection
EP1410143B1 (en) Processor with protected test and debug mode
US6862641B1 (en) Interruptable and re-enterable system management mode programming code
US8756390B2 (en) Methods and apparatuses for protecting data on mass storage devices
US7007300B1 (en) Secure booting of a personal computer system
JP4391832B2 (ja) コンパートメント化されたセキュリティのための入出力許可ビットマップ
JPH07191776A (ja) 機密保護を実現するパーソナル・コンピュータ・システム
US6405311B1 (en) Method for storing board revision
US7216362B1 (en) Enhanced security and manageability using secure storage in a personal computer system
JP4799822B2 (ja) コンピュータシステム内でのデバイス間アクセスの制御システム及び方法
US20060259674A1 (en) Apparatus and method for granting access to a hardware interface shared between multiple software entities
JP4422717B2 (ja) 信頼プラットフォームにおける物理的存在の判別
KR100606196B1 (ko) 모바일 플랫폼 트랜잭션을 위한 신뢰 입력
US20040205353A1 (en) Physical presence determination in a trusted platform
JP4017149B2 (ja) プログラムの不正実行防止機能付きプロセッサ
CN101118583A (zh) 用于个人计算机存储器区域的外部锁固机构
HK1069230A (en) Trusted input for mobile platform transactions

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
ASS Succession or assignment of patent right

Owner name: ADVANCED MICRO DEVICES INC

Free format text: FORMER OWNER: ADVANCED MICRO DEVICES INC.

Effective date: 20100708

C41 Transfer of patent application or patent right or utility model
COR Change of bibliographic data

Free format text: CORRECT: ADDRESS; FROM: CALIFORNIA, USA TO: GRAND CAYMAN ISLAND RITISH CAYMAN ISLANDS

TR01 Transfer of patent right

Effective date of registration: 20100708

Address after: Grand Cayman, Cayman Islands

Patentee after: Globalfoundries Semiconductor Inc.

Address before: American California

Patentee before: Advanced Micro Devices Inc.

CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20090826

Termination date: 20160417

CF01 Termination of patent right due to non-payment of annual fee