JP6321023B2 - 内部不揮発性メモリを有しないデバイスにおいてアンチロールバック保護を与えるための方法 - Google Patents

内部不揮発性メモリを有しないデバイスにおいてアンチロールバック保護を与えるための方法 Download PDF

Info

Publication number
JP6321023B2
JP6321023B2 JP2015540903A JP2015540903A JP6321023B2 JP 6321023 B2 JP6321023 B2 JP 6321023B2 JP 2015540903 A JP2015540903 A JP 2015540903A JP 2015540903 A JP2015540903 A JP 2015540903A JP 6321023 B2 JP6321023 B2 JP 6321023B2
Authority
JP
Japan
Prior art keywords
lafvn
firmware
fvn
secure element
nfc device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
JP2015540903A
Other languages
English (en)
Japanese (ja)
Other versions
JP2015533444A5 (https=
JP2015533444A (ja
Inventor
クリシュナムルシー、スリレカー
オドノギュー、ジェレミー・アール.
バーティア、ネーラジ
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of JP2015533444A publication Critical patent/JP2015533444A/ja
Publication of JP2015533444A5 publication Critical patent/JP2015533444A5/ja
Application granted granted Critical
Publication of JP6321023B2 publication Critical patent/JP6321023B2/ja
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operations
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1415Saving, restoring, recovering or retrying at system level
    • G06F11/1433Saving, restoring, recovering or retrying at system level during software upgrading
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Stored Programmes (AREA)
JP2015540903A 2012-11-07 2013-11-07 内部不揮発性メモリを有しないデバイスにおいてアンチロールバック保護を与えるための方法 Expired - Fee Related JP6321023B2 (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/670,932 US9910659B2 (en) 2012-11-07 2012-11-07 Methods for providing anti-rollback protection of a firmware version in a device which has no internal non-volatile memory
US13/670,932 2012-11-07
PCT/US2013/068874 WO2014074674A1 (en) 2012-11-07 2013-11-07 Methods for providing anti-rollback protection in a device which has no internal non-volatile memory

Publications (3)

Publication Number Publication Date
JP2015533444A JP2015533444A (ja) 2015-11-24
JP2015533444A5 JP2015533444A5 (https=) 2016-12-01
JP6321023B2 true JP6321023B2 (ja) 2018-05-09

Family

ID=49641863

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2015540903A Expired - Fee Related JP6321023B2 (ja) 2012-11-07 2013-11-07 内部不揮発性メモリを有しないデバイスにおいてアンチロールバック保護を与えるための方法

Country Status (6)

Country Link
US (1) US9910659B2 (https=)
EP (1) EP2917828A1 (https=)
JP (1) JP6321023B2 (https=)
KR (1) KR20150083878A (https=)
CN (1) CN104798040A (https=)
WO (1) WO2014074674A1 (https=)

Families Citing this family (54)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9110761B2 (en) * 2012-06-27 2015-08-18 Microsoft Technology Licensing, Llc Resource data structures for firmware updates
US9235404B2 (en) 2012-06-27 2016-01-12 Microsoft Technology Licensing, Llc Firmware update system
US8972973B2 (en) 2012-06-27 2015-03-03 Microsoft Technology Licensing, Llc Firmware update discovery and distribution
US8949818B2 (en) * 2012-06-29 2015-02-03 Intel Corporation Mechanism for facilitating dynamic and trusted cloud-based extension upgrades for computing systems
US9287935B2 (en) * 2013-08-01 2016-03-15 Blackberry Limited Method and apparatus for anti-eavesdropping in vunerable NFC applications
US9756579B2 (en) * 2013-10-18 2017-09-05 Board Of Trustees Of Michigan State University Near field communication system and method for controlling transmission power of near field communication system
US9448888B2 (en) * 2013-11-15 2016-09-20 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Preventing a rollback attack in a computing system that includes a primary memory bank and a backup memory bank
US9875092B2 (en) * 2014-04-17 2018-01-23 Mistral Mobile Viral distribution of mobile application software
US10657262B1 (en) * 2014-09-28 2020-05-19 Red Balloon Security, Inc. Method and apparatus for securing embedded device firmware
US9830217B2 (en) * 2015-01-29 2017-11-28 Qualcomm Incorporated Selective block-based integrity protection techniques
JP6433844B2 (ja) * 2015-04-09 2018-12-05 株式会社ソニー・インタラクティブエンタテインメント 情報処理装置、中継装置、情報処理システム、およびソフトウェアアップデート方法
JP6595822B2 (ja) * 2015-07-07 2019-10-23 キヤノン株式会社 情報処理装置及びその制御方法
KR102453705B1 (ko) * 2015-09-25 2022-10-11 삼성전자주식회사 호스트의 정당성 여부에 따라 선택적으로 결제 기능을 온(on)하는 결제 장치의 동작 방법
EP3176695A1 (en) * 2015-12-04 2017-06-07 Gemalto Sa Method for managing a package in a secure element
CN105574720A (zh) * 2015-12-14 2016-05-11 联想(北京)有限公司 安全的信息处理方法以及信息处理装置
US20190104415A1 (en) * 2016-04-01 2019-04-04 Pcms Holdings, Inc. Internet of things software security configuration
US20180004502A1 (en) * 2016-06-30 2018-01-04 Dell Products L.P. Basic input/output system (bios) update control
US10754988B2 (en) * 2016-08-30 2020-08-25 Winbond Electronics Corporation Anti-rollback version upgrade in secured memory chip
CN106406939A (zh) * 2016-09-05 2017-02-15 惠州Tcl移动通信有限公司 一种基于emmc芯片的移动终端防回滚方法及系统
US10346152B2 (en) * 2016-09-20 2019-07-09 At&T Intellectual Property I, L.P. Facilitating use of a universal integrated circuit card (UICC) for secure device updates
US9899053B1 (en) 2016-10-11 2018-02-20 Seagate Technology Llc Protecting against unauthorized firmware updates using induced servo errors
WO2018091093A1 (en) 2016-11-17 2018-05-24 Huawei Technologies Co., Ltd. Electronic device, software provisioning server and methods thereof
IT201600117182A1 (it) * 2016-11-21 2018-05-21 Futura Spa Ribobinatrice.
CN110023941B (zh) 2016-12-29 2021-04-09 华为技术有限公司 一种实现安全操作系统切换的片上系统和方法
US20170124353A1 (en) * 2017-01-12 2017-05-04 Mediatek Inc. Method And Apparatus For Preventing Rollback Of Secure Data
US10069860B1 (en) 2017-02-14 2018-09-04 International Business Machines Corporation Protection for computing systems from revoked system updates
TWI700627B (zh) 2017-05-23 2020-08-01 慧榮科技股份有限公司 認證韌體資料之資料儲存裝置與資料儲存方法
CA3071288C (en) * 2017-08-22 2021-03-09 Absolute Software Corporation Firmware integrity check using silver measurements
CN109508534A (zh) * 2017-09-14 2019-03-22 厦门雅迅网络股份有限公司 防止通过软件降级进行攻击的方法、嵌入式系统
US10810311B2 (en) * 2017-09-21 2020-10-20 Samsung Electronics Co., Ltd. Internet-of-things module
CN107678762B (zh) * 2017-09-26 2020-08-14 杭州中天微系统有限公司 一种系统版本升级方法及装置
EP3688581A4 (en) * 2017-09-27 2021-05-12 INTEL Corporation FIRMWARE COMPONENT WITH SELF-DESCRIPTIVE DEPENDENCY INFORMATION
WO2019147288A1 (en) 2018-01-29 2019-08-01 Hewlett-Packard Development Company, L.P. Data protection in a pre-operating system environment
US10659054B2 (en) * 2018-02-23 2020-05-19 Nxp B.V. Trusted monotonic counter using internal and external non-volatile memory
US10394542B1 (en) * 2018-04-16 2019-08-27 Infineon Technologies Ag Low-power device recovery using a backup firmware image
US10713364B2 (en) * 2018-05-08 2020-07-14 WhiteSource Ltd. System and method for identifying vulnerabilities in code due to open source usage
CN108985049A (zh) * 2018-06-06 2018-12-11 晶晨半导体(上海)股份有限公司 防回滚方法及系统
CN109271185A (zh) * 2018-08-30 2019-01-25 郑州云海信息技术有限公司 一种cpld版本更新方法、装置、设备及存储介质
US11397815B2 (en) * 2018-09-21 2022-07-26 Hewlett Packard Enterprise Development Lp Secure data protection
US11100228B2 (en) * 2018-10-25 2021-08-24 Dell Products, L.P. System and method to recover FPGA firmware over a sideband interface
CN109673009B (zh) * 2018-11-13 2022-06-21 浙江合众新能源汽车有限公司 一种vcu软件空中升级方法及装置
CN111417926A (zh) * 2018-12-13 2020-07-14 深圳市大疆软件科技有限公司 无人飞行器及其固件升级方法
CN110134545B (zh) * 2019-04-03 2020-12-22 上海交通大学 基于可信执行环境的提供虚拟nvram的方法及系统
US11222490B2 (en) * 2019-06-14 2022-01-11 International Business Machines Corporation Physical modification of circuits for automotive security
US11301566B2 (en) * 2019-07-03 2022-04-12 Ati Technologies Ulc Firmware anti-rollback
US11507666B2 (en) * 2019-08-27 2022-11-22 Red Hat, Inc. Trusted execution environment verification of a software package
US11216597B2 (en) * 2020-05-14 2022-01-04 Nuvoton Technology Corporation Security system and method for preventing rollback attacks on silicon device firmware
CN113486360B (zh) * 2021-07-14 2022-11-11 上海瓶钵信息科技有限公司 基于risc-v的安全启动方法及系统
CN113849821B (zh) * 2021-09-27 2025-07-22 联想(北京)有限公司 一种信息处理方法
EP4325729A1 (en) * 2022-08-17 2024-02-21 Renesas Design Austria GmbH Dynamic function loading
WO2024071861A1 (ko) * 2022-09-30 2024-04-04 삼성전자 주식회사 업데이트 방법 및 이를 위한 전자 장치
US12602236B2 (en) 2022-12-29 2026-04-14 Schneider Electric USA, Inc. Device customization while remaining in an integral outer package using NFC or RFID to update or upgrade firmware prior to initial power-up
CN118779863B (zh) * 2024-06-18 2025-07-04 湖南开鸿智谷数字产业发展有限公司 一种基于可信凭据的固件回滚保护方法及系统
CN118551389B (zh) * 2024-06-28 2025-09-02 湖南开鸿智谷数字产业发展有限公司 一种轻设备固件校验方法、装置、设备、介质及产品

Family Cites Families (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6996817B2 (en) * 2001-12-12 2006-02-07 Valve Corporation Method and system for upgrading and rolling back versions
US20030115469A1 (en) * 2001-12-14 2003-06-19 Intel Corporation Systems and methods for detecting and deterring rollback attacks
US20030217357A1 (en) * 2002-05-14 2003-11-20 Parry Travis J. Monitoring firmware
DE10240584A1 (de) * 2002-08-28 2004-03-11 Pilz Gmbh & Co. Sicherheitssteuerung zum fehlersicheren Steuern von sicherheitskritischen Prozessen sowie Verfahren zum Aufspielen eines neuen Betriebsprogrammes auf eine solche
US8250562B2 (en) * 2002-08-30 2012-08-21 Sun Microsystems, Inc. Barrier mechanism for firmware upgrade
US7907729B2 (en) * 2002-09-13 2011-03-15 Bally Gaming, Inc. Rollback attack prevention system and method
US7797693B1 (en) * 2003-12-12 2010-09-14 Hewlett-Packard Development Company, L.P. NAND mobile devices capable of updating firmware or software in a manner analogous to NOR mobile devices
US20050132351A1 (en) * 2003-12-12 2005-06-16 Randall Roderick K. Updating electronic device software employing rollback
US7222340B2 (en) * 2004-01-27 2007-05-22 Research In Motion Limited Software-delivered dynamic persistent data
US7907531B2 (en) * 2005-06-13 2011-03-15 Qualcomm Incorporated Apparatus and methods for managing firmware verification on a wireless device
GB2430774B (en) * 2005-10-03 2007-08-08 Nec Technologies Method of software updating and related device
US7844721B2 (en) 2005-11-23 2010-11-30 Qualcomm Incorporated Method for delivery of software upgrade notification to devices in communication systems
EP1955564B1 (en) * 2005-11-30 2018-07-04 Telecom Italia S.p.A. Method and system for updating applications in mobile communications terminals
ATE470909T1 (de) * 2006-04-24 2010-06-15 Ericsson Telefon Ab L M Prüfung der berechtigung der installation einer softwareversion
JP5479097B2 (ja) 2006-09-07 2014-04-23 ノキア コーポレイション セキュアモジュールアプリケーションに関連する情報の管理
US8520850B2 (en) * 2006-10-20 2013-08-27 Time Warner Cable Enterprises Llc Downloadable security and protection methods and apparatus
US8888597B2 (en) * 2007-01-09 2014-11-18 Bally Gaming, Inc. Systems for providing amusement
WO2008092985A1 (en) 2007-01-31 2008-08-07 Nokia Corporation Managing applications related to secure modules
US20080196024A1 (en) * 2007-02-08 2008-08-14 Ibm Corporation Method and Apparatus for Changing Software Components in an Information Handling System
JP4906913B2 (ja) * 2007-03-02 2012-03-28 パナソニック株式会社 再生装置、システムlsi、初期化方法
SG183697A1 (en) 2007-08-06 2012-09-27 Monseignat Bernard De System and method for authentication, data transfer, and protection against phishing
US7929959B2 (en) * 2007-09-01 2011-04-19 Apple Inc. Service provider activation
WO2009068931A1 (en) 2007-11-30 2009-06-04 Nokia Corporation Method, device and system for firmware update by near-field communication
US7860836B1 (en) * 2007-12-26 2010-12-28 Emc (Benelux) B.V., S.A.R.L. Method and apparatus to recover data in a continuous data protection environment using a journal
US8725123B2 (en) 2008-06-05 2014-05-13 Headwater Partners I Llc Communications device with secure data path processing agents
US8275858B2 (en) * 2008-09-18 2012-09-25 Mitac Technology Corp. Method for updating firmware of radio frequency identification reader through network system
US8171547B2 (en) 2008-12-03 2012-05-01 Trend Micro Incorporated Method and system for real time classification of events in computer integrity system
US8358969B2 (en) 2009-05-11 2013-01-22 Qualcomm Incorporated Feedback delay control in an echo cancellation repeater
WO2012011289A1 (ja) * 2010-07-23 2012-01-26 パナソニック株式会社 Nfc通信装置およびその制御方法
US8522322B2 (en) * 2010-09-22 2013-08-27 Intel Corporation Platform firmware armoring technology
US8792859B2 (en) * 2010-12-06 2014-07-29 Panasonic Intellectual Property Corporation Of America Communication apparatus, communication method and communication system
US8745612B1 (en) * 2011-01-14 2014-06-03 Google Inc. Secure versioning of software packages
WO2012122994A1 (en) * 2011-03-11 2012-09-20 Kreft Heinz Off-line transfer of electronic tokens between peer-devices
US20130125108A1 (en) * 2011-11-16 2013-05-16 General Electric Company System and method for upgrading firmware
CN102662699A (zh) 2012-03-27 2012-09-12 惠州Tcl移动通信有限公司 一种更新移动终端nfc固件的方法及其移动终端
US9068858B2 (en) * 2012-04-13 2015-06-30 Elster Solutions, Llc Generic and secure AMI end device configuration
US9110761B2 (en) * 2012-06-27 2015-08-18 Microsoft Technology Licensing, Llc Resource data structures for firmware updates
GB2507596B (en) * 2012-10-30 2014-09-17 Barclays Bank Plc Secure computing device and method
US20140250290A1 (en) * 2013-03-01 2014-09-04 St-Ericsson Sa Method for Software Anti-Rollback Recovery

Also Published As

Publication number Publication date
US20140130151A1 (en) 2014-05-08
US9910659B2 (en) 2018-03-06
CN104798040A (zh) 2015-07-22
KR20150083878A (ko) 2015-07-20
EP2917828A1 (en) 2015-09-16
JP2015533444A (ja) 2015-11-24
WO2014074674A1 (en) 2014-05-15

Similar Documents

Publication Publication Date Title
JP6321023B2 (ja) 内部不揮発性メモリを有しないデバイスにおいてアンチロールバック保護を与えるための方法
JP6793216B2 (ja) ソフトウェアアプリケーションの信頼を最初に確立し、かつ定期的に確認するシステム及び方法
US20200265418A1 (en) Electronic device and method for providing digital signature service of block chain using the same
US12095914B2 (en) Method for storing digital key and electronic device
US9348575B2 (en) Update of a data-carrier application
CN114450663B (zh) 使用安全集成电路来更新固件的电子装置及其操作方法
JP2019517229A (ja) ポータブル電子デバイスと関連したデジタルシークレットの生成、格納、管理および使用のためのシステムおよび方法
KR102244465B1 (ko) 불활성 모듈을 포함하는 전자 어셈블리
US20170286873A1 (en) Electronic ticket management
US11722307B2 (en) Electronic device for processing digital key, and operation method therefor
CN104794388A (zh) 应用程序存取保护方法及应用程序存取保护装置
JP6926349B2 (ja) 商用オフザシェルフ又はモノのインターネットデバイスを使用して安全な金融取引を処理するための方法
JP2000011101A (ja) Icカードおよび記録媒体
US12518016B2 (en) Information processing device, information processing method, mobile terminal, and information processing system
CN112422281B (zh) 一种更改安全模块中密钥的方法及系统
CN117098136A (zh) 设备保护方法及相关装置
CN112954656B (zh) 用于近场通信功能的访问控制
US12346456B2 (en) Method and system for blocking a ticket-based computer system
KR101385723B1 (ko) 금융거래를 수행할 수 있는 디지털 시스템, 상기 디지털 시스템과 페어를 이루는 페어 시스템, 및 금융거래 방법
HK1178335B (en) Security architecture for using host memory in the design of a secure element
HK1178335A1 (zh) 在安全元件的设计中使用主存储器的安全架构

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20161014

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20161014

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20170808

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20171013

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20171121

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20180131

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20180306

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20180404

R150 Certificate of patent or registration of utility model

Ref document number: 6321023

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

LAPS Cancellation because of no payment of annual fees