JP6321023B2 - 内部不揮発性メモリを有しないデバイスにおいてアンチロールバック保護を与えるための方法 - Google Patents

内部不揮発性メモリを有しないデバイスにおいてアンチロールバック保護を与えるための方法 Download PDF

Info

Publication number
JP6321023B2
JP6321023B2 JP2015540903A JP2015540903A JP6321023B2 JP 6321023 B2 JP6321023 B2 JP 6321023B2 JP 2015540903 A JP2015540903 A JP 2015540903A JP 2015540903 A JP2015540903 A JP 2015540903A JP 6321023 B2 JP6321023 B2 JP 6321023B2
Authority
JP
Japan
Prior art keywords
lafvn
firmware
fvn
secure element
nfc device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
JP2015540903A
Other languages
English (en)
Japanese (ja)
Other versions
JP2015533444A5 (https=
JP2015533444A (ja
Inventor
クリシュナムルシー、スリレカー
オドノギュー、ジェレミー・アール.
バーティア、ネーラジ
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of JP2015533444A publication Critical patent/JP2015533444A/ja
Publication of JP2015533444A5 publication Critical patent/JP2015533444A5/ja
Application granted granted Critical
Publication of JP6321023B2 publication Critical patent/JP6321023B2/ja
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operations
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1415Saving, restoring, recovering or retrying at system level
    • G06F11/1433Saving, restoring, recovering or retrying at system level during software upgrading
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Stored Programmes (AREA)
JP2015540903A 2012-11-07 2013-11-07 内部不揮発性メモリを有しないデバイスにおいてアンチロールバック保護を与えるための方法 Expired - Fee Related JP6321023B2 (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/670,932 2012-11-07
US13/670,932 US9910659B2 (en) 2012-11-07 2012-11-07 Methods for providing anti-rollback protection of a firmware version in a device which has no internal non-volatile memory
PCT/US2013/068874 WO2014074674A1 (en) 2012-11-07 2013-11-07 Methods for providing anti-rollback protection in a device which has no internal non-volatile memory

Publications (3)

Publication Number Publication Date
JP2015533444A JP2015533444A (ja) 2015-11-24
JP2015533444A5 JP2015533444A5 (https=) 2016-12-01
JP6321023B2 true JP6321023B2 (ja) 2018-05-09

Family

ID=49641863

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2015540903A Expired - Fee Related JP6321023B2 (ja) 2012-11-07 2013-11-07 内部不揮発性メモリを有しないデバイスにおいてアンチロールバック保護を与えるための方法

Country Status (6)

Country Link
US (1) US9910659B2 (https=)
EP (1) EP2917828A1 (https=)
JP (1) JP6321023B2 (https=)
KR (1) KR20150083878A (https=)
CN (1) CN104798040A (https=)
WO (1) WO2014074674A1 (https=)

Families Citing this family (55)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8972973B2 (en) 2012-06-27 2015-03-03 Microsoft Technology Licensing, Llc Firmware update discovery and distribution
US9110761B2 (en) * 2012-06-27 2015-08-18 Microsoft Technology Licensing, Llc Resource data structures for firmware updates
US9235404B2 (en) 2012-06-27 2016-01-12 Microsoft Technology Licensing, Llc Firmware update system
US8949818B2 (en) * 2012-06-29 2015-02-03 Intel Corporation Mechanism for facilitating dynamic and trusted cloud-based extension upgrades for computing systems
US9287935B2 (en) * 2013-08-01 2016-03-15 Blackberry Limited Method and apparatus for anti-eavesdropping in vunerable NFC applications
US9756579B2 (en) * 2013-10-18 2017-09-05 Board Of Trustees Of Michigan State University Near field communication system and method for controlling transmission power of near field communication system
US9448888B2 (en) * 2013-11-15 2016-09-20 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Preventing a rollback attack in a computing system that includes a primary memory bank and a backup memory bank
US9875092B2 (en) * 2014-04-17 2018-01-23 Mistral Mobile Viral distribution of mobile application software
US10657262B1 (en) * 2014-09-28 2020-05-19 Red Balloon Security, Inc. Method and apparatus for securing embedded device firmware
US9830217B2 (en) * 2015-01-29 2017-11-28 Qualcomm Incorporated Selective block-based integrity protection techniques
JP6433844B2 (ja) * 2015-04-09 2018-12-05 株式会社ソニー・インタラクティブエンタテインメント 情報処理装置、中継装置、情報処理システム、およびソフトウェアアップデート方法
JP6595822B2 (ja) * 2015-07-07 2019-10-23 キヤノン株式会社 情報処理装置及びその制御方法
KR102453705B1 (ko) * 2015-09-25 2022-10-11 삼성전자주식회사 호스트의 정당성 여부에 따라 선택적으로 결제 기능을 온(on)하는 결제 장치의 동작 방법
EP3176695A1 (en) * 2015-12-04 2017-06-07 Gemalto Sa Method for managing a package in a secure element
CN105574720A (zh) * 2015-12-14 2016-05-11 联想(北京)有限公司 安全的信息处理方法以及信息处理装置
WO2017172434A1 (en) * 2016-04-01 2017-10-05 Pcms Holdings, Inc. Internet of things software securtiy configuration
US20180004502A1 (en) * 2016-06-30 2018-01-04 Dell Products L.P. Basic input/output system (bios) update control
US10754988B2 (en) * 2016-08-30 2020-08-25 Winbond Electronics Corporation Anti-rollback version upgrade in secured memory chip
CN106406939A (zh) * 2016-09-05 2017-02-15 惠州Tcl移动通信有限公司 一种基于emmc芯片的移动终端防回滚方法及系统
US10346152B2 (en) * 2016-09-20 2019-07-09 At&T Intellectual Property I, L.P. Facilitating use of a universal integrated circuit card (UICC) for secure device updates
US9899053B1 (en) 2016-10-11 2018-02-20 Seagate Technology Llc Protecting against unauthorized firmware updates using induced servo errors
CN109691060B (zh) 2016-11-17 2021-01-29 华为技术有限公司 电子设备、软件发放服务器及其方法
IT201600117182A1 (it) * 2016-11-21 2018-05-21 Futura Spa Ribobinatrice.
EP3547195B1 (en) * 2016-12-29 2020-11-25 Huawei Technologies Co., Ltd. System-on-chip and method for switching secure operating systems
US20170124353A1 (en) * 2017-01-12 2017-05-04 Mediatek Inc. Method And Apparatus For Preventing Rollback Of Secure Data
US10069860B1 (en) 2017-02-14 2018-09-04 International Business Machines Corporation Protection for computing systems from revoked system updates
TWI700627B (zh) 2017-05-23 2020-08-01 慧榮科技股份有限公司 認證韌體資料之資料儲存裝置與資料儲存方法
AU2018321586B2 (en) * 2017-08-22 2023-03-09 Absolute Software Corporation Firmware integrity check using silver measurements
CN109508534A (zh) * 2017-09-14 2019-03-22 厦门雅迅网络股份有限公司 防止通过软件降级进行攻击的方法、嵌入式系统
US10810311B2 (en) * 2017-09-21 2020-10-20 Samsung Electronics Co., Ltd. Internet-of-things module
US11640288B2 (en) * 2017-09-26 2023-05-02 C-Sky Microsystems Co., Ltd. System version upgrading method and apparatus
CN107678762B (zh) * 2017-09-26 2020-08-14 杭州中天微系统有限公司 一种系统版本升级方法及装置
US11249748B2 (en) * 2017-09-27 2022-02-15 Intel Corporation Firmware component with self-descriptive dependency information
WO2019147288A1 (en) 2018-01-29 2019-08-01 Hewlett-Packard Development Company, L.P. Data protection in a pre-operating system environment
US10659054B2 (en) * 2018-02-23 2020-05-19 Nxp B.V. Trusted monotonic counter using internal and external non-volatile memory
US10394542B1 (en) * 2018-04-16 2019-08-27 Infineon Technologies Ag Low-power device recovery using a backup firmware image
US10713364B2 (en) * 2018-05-08 2020-07-14 WhiteSource Ltd. System and method for identifying vulnerabilities in code due to open source usage
CN108985049A (zh) * 2018-06-06 2018-12-11 晶晨半导体(上海)股份有限公司 防回滚方法及系统
CN109271185A (zh) * 2018-08-30 2019-01-25 郑州云海信息技术有限公司 一种cpld版本更新方法、装置、设备及存储介质
US11397815B2 (en) * 2018-09-21 2022-07-26 Hewlett Packard Enterprise Development Lp Secure data protection
US11100228B2 (en) * 2018-10-25 2021-08-24 Dell Products, L.P. System and method to recover FPGA firmware over a sideband interface
CN109673009B (zh) * 2018-11-13 2022-06-21 浙江合众新能源汽车有限公司 一种vcu软件空中升级方法及装置
WO2020118639A1 (zh) * 2018-12-13 2020-06-18 深圳市大疆软件科技有限公司 无人飞行器及其固件升级方法
CN110134545B (zh) * 2019-04-03 2020-12-22 上海交通大学 基于可信执行环境的提供虚拟nvram的方法及系统
US11222490B2 (en) * 2019-06-14 2022-01-11 International Business Machines Corporation Physical modification of circuits for automotive security
US11301566B2 (en) * 2019-07-03 2022-04-12 Ati Technologies Ulc Firmware anti-rollback
US11507666B2 (en) * 2019-08-27 2022-11-22 Red Hat, Inc. Trusted execution environment verification of a software package
US11216597B2 (en) * 2020-05-14 2022-01-04 Nuvoton Technology Corporation Security system and method for preventing rollback attacks on silicon device firmware
CN113486360B (zh) * 2021-07-14 2022-11-11 上海瓶钵信息科技有限公司 基于risc-v的安全启动方法及系统
CN113849821B (zh) * 2021-09-27 2025-07-22 联想(北京)有限公司 一种信息处理方法
EP4325729A1 (en) * 2022-08-17 2024-02-21 Renesas Design Austria GmbH Dynamic function loading
EP4567590A4 (en) * 2022-09-30 2025-10-08 Samsung Electronics Co Ltd UPDATE METHOD AND ASSOCIATED ELECTRONIC DEVICE
US12602236B2 (en) 2022-12-29 2026-04-14 Schneider Electric USA, Inc. Device customization while remaining in an integral outer package using NFC or RFID to update or upgrade firmware prior to initial power-up
CN118779863B (zh) * 2024-06-18 2025-07-04 湖南开鸿智谷数字产业发展有限公司 一种基于可信凭据的固件回滚保护方法及系统
CN118551389B (zh) * 2024-06-28 2025-09-02 湖南开鸿智谷数字产业发展有限公司 一种轻设备固件校验方法、装置、设备、介质及产品

Family Cites Families (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6996817B2 (en) * 2001-12-12 2006-02-07 Valve Corporation Method and system for upgrading and rolling back versions
US20030115469A1 (en) * 2001-12-14 2003-06-19 Intel Corporation Systems and methods for detecting and deterring rollback attacks
US20030217357A1 (en) * 2002-05-14 2003-11-20 Parry Travis J. Monitoring firmware
DE10240584A1 (de) 2002-08-28 2004-03-11 Pilz Gmbh & Co. Sicherheitssteuerung zum fehlersicheren Steuern von sicherheitskritischen Prozessen sowie Verfahren zum Aufspielen eines neuen Betriebsprogrammes auf eine solche
US8250562B2 (en) * 2002-08-30 2012-08-21 Sun Microsystems, Inc. Barrier mechanism for firmware upgrade
US7907729B2 (en) * 2002-09-13 2011-03-15 Bally Gaming, Inc. Rollback attack prevention system and method
US20050132351A1 (en) * 2003-12-12 2005-06-16 Randall Roderick K. Updating electronic device software employing rollback
US7797693B1 (en) * 2003-12-12 2010-09-14 Hewlett-Packard Development Company, L.P. NAND mobile devices capable of updating firmware or software in a manner analogous to NOR mobile devices
US7222340B2 (en) * 2004-01-27 2007-05-22 Research In Motion Limited Software-delivered dynamic persistent data
US7907531B2 (en) * 2005-06-13 2011-03-15 Qualcomm Incorporated Apparatus and methods for managing firmware verification on a wireless device
GB2430774B (en) * 2005-10-03 2007-08-08 Nec Technologies Method of software updating and related device
US7844721B2 (en) * 2005-11-23 2010-11-30 Qualcomm Incorporated Method for delivery of software upgrade notification to devices in communication systems
US8588756B2 (en) * 2005-11-30 2013-11-19 Telecom Italia S.P.A. Method and system for updating applications in mobile communications terminals
DE602006014801D1 (de) * 2006-04-24 2010-07-22 Ericsson Telefon Ab L M Prüfung der Berechtigung der Installation einer Softwareversion
CN101507248B (zh) 2006-09-07 2012-04-11 诺基亚公司 管理涉及安全模块应用的信息
US8520850B2 (en) * 2006-10-20 2013-08-27 Time Warner Cable Enterprises Llc Downloadable security and protection methods and apparatus
US8888597B2 (en) * 2007-01-09 2014-11-18 Bally Gaming, Inc. Systems for providing amusement
EP3211553B1 (en) 2007-01-31 2019-03-06 Nokia Technologies Oy Managing applications related to secure modules
US20080196024A1 (en) * 2007-02-08 2008-08-14 Ibm Corporation Method and Apparatus for Changing Software Components in an Information Handling System
KR101430279B1 (ko) * 2007-03-02 2014-08-14 파나소닉 주식회사 재생장치, 시스템 lsi, 초기화방법
US8578166B2 (en) 2007-08-06 2013-11-05 Morgamon SA System and method for authentication, data transfer, and protection against phishing
US7929959B2 (en) * 2007-09-01 2011-04-19 Apple Inc. Service provider activation
US20110143661A1 (en) 2007-11-30 2011-06-16 Nokia Corporation Method, device and system for firmware update by near-field communication
US7860836B1 (en) * 2007-12-26 2010-12-28 Emc (Benelux) B.V., S.A.R.L. Method and apparatus to recover data in a continuous data protection environment using a journal
US8725123B2 (en) 2008-06-05 2014-05-13 Headwater Partners I Llc Communications device with secure data path processing agents
US8275858B2 (en) * 2008-09-18 2012-09-25 Mitac Technology Corp. Method for updating firmware of radio frequency identification reader through network system
CA2686796C (en) 2008-12-03 2017-05-16 Trend Micro Incorporated Method and system for real time classification of events in computer integrity system
US8385818B2 (en) 2009-05-11 2013-02-26 Qualcomm Incorporated Delay control to improve frequency domain channel estimation in an echo cancellation repeater
US8811897B2 (en) * 2010-07-23 2014-08-19 Panasonic Intellectual Property Corporation Of America Near field communication device and method of controlling the same
US8522322B2 (en) * 2010-09-22 2013-08-27 Intel Corporation Platform firmware armoring technology
EP2651107B1 (en) * 2010-12-06 2016-08-17 Panasonic Intellectual Property Corporation of America Communication device, communication method and communication system
US8745612B1 (en) * 2011-01-14 2014-06-03 Google Inc. Secure versioning of software packages
WO2012122994A1 (en) * 2011-03-11 2012-09-20 Kreft Heinz Off-line transfer of electronic tokens between peer-devices
US20130125108A1 (en) * 2011-11-16 2013-05-16 General Electric Company System and method for upgrading firmware
CN102662699A (zh) 2012-03-27 2012-09-12 惠州Tcl移动通信有限公司 一种更新移动终端nfc固件的方法及其移动终端
US9068858B2 (en) * 2012-04-13 2015-06-30 Elster Solutions, Llc Generic and secure AMI end device configuration
US9110761B2 (en) * 2012-06-27 2015-08-18 Microsoft Technology Licensing, Llc Resource data structures for firmware updates
GB2507596B (en) * 2012-10-30 2014-09-17 Barclays Bank Plc Secure computing device and method
US20140250290A1 (en) * 2013-03-01 2014-09-04 St-Ericsson Sa Method for Software Anti-Rollback Recovery

Also Published As

Publication number Publication date
CN104798040A (zh) 2015-07-22
US9910659B2 (en) 2018-03-06
WO2014074674A1 (en) 2014-05-15
EP2917828A1 (en) 2015-09-16
JP2015533444A (ja) 2015-11-24
KR20150083878A (ko) 2015-07-20
US20140130151A1 (en) 2014-05-08

Similar Documents

Publication Publication Date Title
JP6321023B2 (ja) 内部不揮発性メモリを有しないデバイスにおいてアンチロールバック保護を与えるための方法
US20200265418A1 (en) Electronic device and method for providing digital signature service of block chain using the same
US12095914B2 (en) Method for storing digital key and electronic device
CN109643282B (zh) 用于生成、存储、管理和使用与便携式电子设备相关联的一个或多个数字机密的系统和方法
US9348575B2 (en) Update of a data-carrier application
CN114450663B (zh) 使用安全集成电路来更新固件的电子装置及其操作方法
KR102244465B1 (ko) 불활성 모듈을 포함하는 전자 어셈블리
US20170286873A1 (en) Electronic ticket management
US11722307B2 (en) Electronic device for processing digital key, and operation method therefor
CN104794388A (zh) 应用程序存取保护方法及应用程序存取保护装置
JP6926349B2 (ja) 商用オフザシェルフ又はモノのインターネットデバイスを使用して安全な金融取引を処理するための方法
JP2000011101A (ja) Icカードおよび記録媒体
US12518016B2 (en) Information processing device, information processing method, mobile terminal, and information processing system
CN112422281B (zh) 一种更改安全模块中密钥的方法及系统
CN112954656B (zh) 用于近场通信功能的访问控制
US12346456B2 (en) Method and system for blocking a ticket-based computer system
KR101385723B1 (ko) 금융거래를 수행할 수 있는 디지털 시스템, 상기 디지털 시스템과 페어를 이루는 페어 시스템, 및 금융거래 방법
HK1178335B (en) Security architecture for using host memory in the design of a secure element
HK1178335A1 (zh) 在安全元件的设计中使用主存储器的安全架构

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20161014

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20161014

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20170808

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20171013

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20171121

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20180131

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20180306

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20180404

R150 Certificate of patent or registration of utility model

Ref document number: 6321023

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

LAPS Cancellation because of no payment of annual fees