FR3079044B1 - Traitement securise de donnees - Google Patents
Traitement securise de donnees Download PDFInfo
- Publication number
- FR3079044B1 FR3079044B1 FR1870286A FR1870286A FR3079044B1 FR 3079044 B1 FR3079044 B1 FR 3079044B1 FR 1870286 A FR1870286 A FR 1870286A FR 1870286 A FR1870286 A FR 1870286A FR 3079044 B1 FR3079044 B1 FR 3079044B1
- Authority
- FR
- France
- Prior art keywords
- memory
- data processing
- rom
- ram
- read
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 239000013256 coordination polymer Substances 0.000 abstract 1
- 230000006870 function Effects 0.000 abstract 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0602—Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
- G06F3/062—Securing storage systems
- G06F3/0622—Securing storage systems in relation to access
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0628—Interfaces specially adapted for storage systems making use of a particular technique
- G06F3/0655—Vertical data movement, i.e. input-output transfer; data movement between one or more hosts and one or more storage devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0668—Interfaces specially adapted for storage systems adopting a particular infrastructure
- G06F3/0671—In-line storage system
- G06F3/0673—Single storage device
- G06F3/0679—Non-volatile semiconductor memory device, e.g. flash memory, one time programmable memory [OTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Human Computer Interaction (AREA)
- Computing Systems (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
Un processeur de sécurité (PS) comprenant au moins une mémoire morte (ROM), une mémoire vive (RAM), un calculateur (UE) apte à réaliser des fonctions cryptographiques, une unité de gestion (UG) de compteur monotone associée à un ou plusieurs compteurs monotones (CM), est tel qu'il ne comprend aucune autre mémoire de stockage, de sorte que le processeur de sécurité (PS) ne stocke aucun programme ou données extérieures, une clé publique (CP) permettant d'authentifier au moins un administrateur enrôlé initial (AI) est stockée avant sa première utilisation dans sa mémoire morte (ROM), sa mémoire vive (RAM) est apte à charger un ensemble de données et d'instructions pouvant être authentifié par un module cryptographique (MC) à clé publique, l'exécution par le calculateur (UE), après leur authentification, de certaines instructions incrémente l'un des compteurs monotones (CM), de sorte à pouvoir exécuter automatiquement une séquence d'opérations de manière sécurisée, un tel processeur de sécurité (PS) étant compris dans un ensemble ou une infrastructure de traitement sécurisé de données.
Priority Applications (10)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR1870286A FR3079044B1 (fr) | 2018-03-14 | 2018-03-14 | Traitement securise de donnees |
KR1020207029483A KR102625023B1 (ko) | 2018-03-14 | 2019-03-13 | 보안 데이터 처리 |
AU2019233753A AU2019233753B2 (en) | 2018-03-14 | 2019-03-13 | Secure data processing |
CN201980029491.3A CN112470153A (zh) | 2018-03-14 | 2019-03-13 | 安全数据处理 |
EP19714232.6A EP3765984A1 (fr) | 2018-03-14 | 2019-03-13 | Traitement sécurisé de données |
SG11202008989UA SG11202008989UA (en) | 2018-03-14 | 2019-03-13 | Secure data processing |
CA3093385A CA3093385A1 (fr) | 2018-03-14 | 2019-03-13 | Traitement securise de donnees |
PCT/FR2019/000033 WO2019175482A1 (fr) | 2018-03-14 | 2019-03-13 | Traitement sécurisé de données |
US16/980,327 US11822795B2 (en) | 2018-03-14 | 2019-03-13 | Secure data processing |
JP2020548761A JP7374112B2 (ja) | 2018-03-14 | 2019-03-13 | セキュアデータ処理 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR1870286 | 2018-03-14 | ||
FR1870286A FR3079044B1 (fr) | 2018-03-14 | 2018-03-14 | Traitement securise de donnees |
Publications (2)
Publication Number | Publication Date |
---|---|
FR3079044A1 FR3079044A1 (fr) | 2019-09-20 |
FR3079044B1 true FR3079044B1 (fr) | 2020-05-22 |
Family
ID=63145118
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
FR1870286A Active FR3079044B1 (fr) | 2018-03-14 | 2018-03-14 | Traitement securise de donnees |
Country Status (10)
Country | Link |
---|---|
US (1) | US11822795B2 (fr) |
EP (1) | EP3765984A1 (fr) |
JP (1) | JP7374112B2 (fr) |
KR (1) | KR102625023B1 (fr) |
CN (1) | CN112470153A (fr) |
AU (1) | AU2019233753B2 (fr) |
CA (1) | CA3093385A1 (fr) |
FR (1) | FR3079044B1 (fr) |
SG (1) | SG11202008989UA (fr) |
WO (1) | WO2019175482A1 (fr) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102019108049A1 (de) * | 2019-03-28 | 2020-10-01 | Pilz Gmbh & Co. Kg | Zugriffssteuerungssystem zur Steuerung eines Zugriffs eines Nutzers auf eine oder mehrere Betriebsfunktionen einer technischen Anlage |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7325130B2 (en) | 2003-03-21 | 2008-01-29 | International Business Machines Corporation | Method for guaranteeing freshness of results for queries against a non-secure data store |
US8332653B2 (en) * | 2004-10-22 | 2012-12-11 | Broadcom Corporation | Secure processing environment |
FR2906380B1 (fr) | 2006-09-27 | 2008-12-19 | Trusted Logic Sa | Systeme et procede de securisation de donnees. |
JP5001123B2 (ja) * | 2006-12-07 | 2012-08-15 | パナソニック株式会社 | 記録デバイス、集積回路、アクセス制御方法、プログラム記録媒体 |
JP5052878B2 (ja) * | 2006-12-12 | 2012-10-17 | 株式会社バッファロー | 記憶装置及び利用者認証方法 |
US8589667B2 (en) * | 2010-04-19 | 2013-11-19 | Apple Inc. | Booting and configuring a subsystem securely from non-local storage |
CN102270285B (zh) * | 2010-06-01 | 2013-12-04 | 华为技术有限公司 | 密钥授权信息管理方法及装置 |
US9202059B2 (en) * | 2011-03-01 | 2015-12-01 | Apurva M. Bhansali | Methods, systems, and apparatuses for managing a hard drive security system |
US9323950B2 (en) * | 2012-07-19 | 2016-04-26 | Atmel Corporation | Generating signatures using a secure device |
US8839353B2 (en) * | 2012-11-09 | 2014-09-16 | Microsoft Corporation | Attack protection for trusted platform modules |
JP6473674B2 (ja) * | 2015-07-28 | 2019-02-20 | ルネサスエレクトロニクス株式会社 | 通信端末およびプログラム |
US11770373B2 (en) * | 2017-09-25 | 2023-09-26 | Telefonaktiebolaget Lm Ericsson (Publ) | Provisioning of vendor credentials |
-
2018
- 2018-03-14 FR FR1870286A patent/FR3079044B1/fr active Active
-
2019
- 2019-03-13 KR KR1020207029483A patent/KR102625023B1/ko active IP Right Grant
- 2019-03-13 WO PCT/FR2019/000033 patent/WO2019175482A1/fr unknown
- 2019-03-13 AU AU2019233753A patent/AU2019233753B2/en active Active
- 2019-03-13 US US16/980,327 patent/US11822795B2/en active Active
- 2019-03-13 EP EP19714232.6A patent/EP3765984A1/fr active Pending
- 2019-03-13 CN CN201980029491.3A patent/CN112470153A/zh active Pending
- 2019-03-13 JP JP2020548761A patent/JP7374112B2/ja active Active
- 2019-03-13 CA CA3093385A patent/CA3093385A1/fr active Pending
- 2019-03-13 SG SG11202008989UA patent/SG11202008989UA/en unknown
Also Published As
Publication number | Publication date |
---|---|
US11822795B2 (en) | 2023-11-21 |
CA3093385A1 (fr) | 2019-09-19 |
AU2019233753A1 (en) | 2020-10-15 |
AU2019233753B2 (en) | 2024-03-28 |
EP3765984A1 (fr) | 2021-01-20 |
JP7374112B2 (ja) | 2023-11-06 |
US20210042043A1 (en) | 2021-02-11 |
JP2021517688A (ja) | 2021-07-26 |
CN112470153A (zh) | 2021-03-09 |
WO2019175482A1 (fr) | 2019-09-19 |
KR102625023B1 (ko) | 2024-01-15 |
KR20210015757A (ko) | 2021-02-10 |
FR3079044A1 (fr) | 2019-09-20 |
SG11202008989UA (en) | 2020-10-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
TWI683232B (zh) | 用戶身份識別方法、安全保護問題生成方法及裝置 | |
CA2647248C (fr) | Procede et serveur de coffres-forts electroniques avec mutualisation d'informations | |
US20150304302A1 (en) | Method and apparatus of detecting weak password | |
US11888980B2 (en) | Stateless service-mediated security module | |
JP2016527608A5 (fr) | ||
WO2017020427A1 (fr) | Procédé d'accès à un programme d'application, et terminal | |
US20090132816A1 (en) | PC on USB drive or cell phone | |
US20110197276A1 (en) | System and method for validating and controlling applications | |
US8312534B2 (en) | System and method for securely clearing secret data that remain in a computer system memory | |
TW200844787A (en) | Multiple stakeholder secure memory partitioning and access control | |
US9154309B2 (en) | Method and system for running encrypted files | |
CN103038745A (zh) | 扩展完整性测量 | |
WO2020108152A1 (fr) | Procédé, dispositif et équipement électronique pour empêcher l'utilisation abusive de données d'identité | |
US20170201528A1 (en) | Method for providing trusted service based on secure area and apparatus using the same | |
US20080022412A1 (en) | System and method for TPM key security based on use count | |
Akram et al. | Digital trust-trusted computing and beyond: A position paper | |
FR3079044B1 (fr) | Traitement securise de donnees | |
Kaur et al. | Security issues in cloud computing | |
US11251976B2 (en) | Data security processing method and terminal thereof, and server | |
WO2017067513A1 (fr) | Procédé de traitement de données et passerelle de stockage | |
WO2017016115A1 (fr) | Procédé et dispositif de contrôle d'accès | |
CN111090616B (zh) | 一种文件管理方法、对应装置、设备及存储介质 | |
CN107247900B (zh) | 一种获取操作系统登录密码的方法及装置 | |
WO2016155465A1 (fr) | Procédé et appareil de traitement de données, et terminal | |
Kelly et al. | GDPR Article 17: Eradicating personal identifiable information & achieving compliance in a hybrid cloud |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PLFP | Fee payment |
Year of fee payment: 2 |
|
EXTE | Extension to a french territory |
Extension state: PF |
|
PLSC | Publication of the preliminary search report |
Effective date: 20190920 |
|
PLFP | Fee payment |
Year of fee payment: 3 |
|
PLFP | Fee payment |
Year of fee payment: 4 |
|
PLFP | Fee payment |
Year of fee payment: 5 |
|
PLFP | Fee payment |
Year of fee payment: 6 |
|
PLFP | Fee payment |
Year of fee payment: 7 |