KR20150083878A - 내부 비-휘발성 메모리를 갖지 않는 디바이스에서 안티-롤백 보호를 제공하기 위한 방법들 - Google Patents

내부 비-휘발성 메모리를 갖지 않는 디바이스에서 안티-롤백 보호를 제공하기 위한 방법들 Download PDF

Info

Publication number
KR20150083878A
KR20150083878A KR1020157014521A KR20157014521A KR20150083878A KR 20150083878 A KR20150083878 A KR 20150083878A KR 1020157014521 A KR1020157014521 A KR 1020157014521A KR 20157014521 A KR20157014521 A KR 20157014521A KR 20150083878 A KR20150083878 A KR 20150083878A
Authority
KR
South Korea
Prior art keywords
lafvn
firmware
providing anti
fvn
secure element
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
KR1020157014521A
Other languages
English (en)
Korean (ko)
Inventor
스릴레카 크리쉬나무르티
제레미 알. 오'도노휴
니라즈 바티아
Original Assignee
퀄컴 인코포레이티드
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 퀄컴 인코포레이티드 filed Critical 퀄컴 인코포레이티드
Publication of KR20150083878A publication Critical patent/KR20150083878A/ko
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1415Saving, restoring, recovering or retrying at system level
    • G06F11/1433Saving, restoring, recovering or retrying at system level during software upgrading
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Stored Programmes (AREA)
KR1020157014521A 2012-11-07 2013-11-07 내부 비-휘발성 메모리를 갖지 않는 디바이스에서 안티-롤백 보호를 제공하기 위한 방법들 Withdrawn KR20150083878A (ko)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US13/670,932 2012-11-07
US13/670,932 US9910659B2 (en) 2012-11-07 2012-11-07 Methods for providing anti-rollback protection of a firmware version in a device which has no internal non-volatile memory

Publications (1)

Publication Number Publication Date
KR20150083878A true KR20150083878A (ko) 2015-07-20

Family

ID=49641863

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020157014521A Withdrawn KR20150083878A (ko) 2012-11-07 2013-11-07 내부 비-휘발성 메모리를 갖지 않는 디바이스에서 안티-롤백 보호를 제공하기 위한 방법들

Country Status (6)

Country Link
US (1) US9910659B2 (enExample)
EP (1) EP2917828A1 (enExample)
JP (1) JP6321023B2 (enExample)
KR (1) KR20150083878A (enExample)
CN (1) CN104798040A (enExample)
WO (1) WO2014074674A1 (enExample)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024071861A1 (ko) * 2022-09-30 2024-04-04 삼성전자 주식회사 업데이트 방법 및 이를 위한 전자 장치

Families Citing this family (53)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9235404B2 (en) 2012-06-27 2016-01-12 Microsoft Technology Licensing, Llc Firmware update system
US8972973B2 (en) 2012-06-27 2015-03-03 Microsoft Technology Licensing, Llc Firmware update discovery and distribution
US9110761B2 (en) * 2012-06-27 2015-08-18 Microsoft Technology Licensing, Llc Resource data structures for firmware updates
US8949818B2 (en) * 2012-06-29 2015-02-03 Intel Corporation Mechanism for facilitating dynamic and trusted cloud-based extension upgrades for computing systems
US9287935B2 (en) * 2013-08-01 2016-03-15 Blackberry Limited Method and apparatus for anti-eavesdropping in vunerable NFC applications
WO2015058082A1 (en) * 2013-10-18 2015-04-23 Board Of Trustees Of Michigan State University Near field communication system and method for controlling transmission power of near field communication system
US9448888B2 (en) * 2013-11-15 2016-09-20 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Preventing a rollback attack in a computing system that includes a primary memory bank and a backup memory bank
US9875092B2 (en) * 2014-04-17 2018-01-23 Mistral Mobile Viral distribution of mobile application software
US10657262B1 (en) * 2014-09-28 2020-05-19 Red Balloon Security, Inc. Method and apparatus for securing embedded device firmware
US9830217B2 (en) * 2015-01-29 2017-11-28 Qualcomm Incorporated Selective block-based integrity protection techniques
JP6433844B2 (ja) * 2015-04-09 2018-12-05 株式会社ソニー・インタラクティブエンタテインメント 情報処理装置、中継装置、情報処理システム、およびソフトウェアアップデート方法
JP6595822B2 (ja) * 2015-07-07 2019-10-23 キヤノン株式会社 情報処理装置及びその制御方法
KR102453705B1 (ko) * 2015-09-25 2022-10-11 삼성전자주식회사 호스트의 정당성 여부에 따라 선택적으로 결제 기능을 온(on)하는 결제 장치의 동작 방법
EP3176695A1 (en) * 2015-12-04 2017-06-07 Gemalto Sa Method for managing a package in a secure element
CN105574720A (zh) * 2015-12-14 2016-05-11 联想(北京)有限公司 安全的信息处理方法以及信息处理装置
WO2017172434A1 (en) * 2016-04-01 2017-10-05 Pcms Holdings, Inc. Internet of things software securtiy configuration
US20180004502A1 (en) * 2016-06-30 2018-01-04 Dell Products L.P. Basic input/output system (bios) update control
US10754988B2 (en) * 2016-08-30 2020-08-25 Winbond Electronics Corporation Anti-rollback version upgrade in secured memory chip
CN106406939A (zh) * 2016-09-05 2017-02-15 惠州Tcl移动通信有限公司 一种基于emmc芯片的移动终端防回滚方法及系统
US10346152B2 (en) * 2016-09-20 2019-07-09 At&T Intellectual Property I, L.P. Facilitating use of a universal integrated circuit card (UICC) for secure device updates
US9899053B1 (en) 2016-10-11 2018-02-20 Seagate Technology Llc Protecting against unauthorized firmware updates using induced servo errors
EP3529971B1 (en) 2016-11-17 2022-06-15 Huawei Technologies Co., Ltd. Electronic device, software provisioning server and methods thereof
IT201600117182A1 (it) * 2016-11-21 2018-05-21 Futura Spa Ribobinatrice.
WO2018119904A1 (zh) * 2016-12-29 2018-07-05 华为技术有限公司 一种实现安全操作系统切换的片上系统和方法
US20170124353A1 (en) * 2017-01-12 2017-05-04 Mediatek Inc. Method And Apparatus For Preventing Rollback Of Secure Data
US10069860B1 (en) 2017-02-14 2018-09-04 International Business Machines Corporation Protection for computing systems from revoked system updates
TWI700627B (zh) 2017-05-23 2020-08-01 慧榮科技股份有限公司 認證韌體資料之資料儲存裝置與資料儲存方法
US11443041B2 (en) * 2017-08-22 2022-09-13 Absolute Software Corporation Firmware integrity check using silver measurements
CN109508534A (zh) * 2017-09-14 2019-03-22 厦门雅迅网络股份有限公司 防止通过软件降级进行攻击的方法、嵌入式系统
US10810311B2 (en) * 2017-09-21 2020-10-20 Samsung Electronics Co., Ltd. Internet-of-things module
US11640288B2 (en) * 2017-09-26 2023-05-02 C-Sky Microsystems Co., Ltd. System version upgrading method and apparatus
CN107678762B (zh) * 2017-09-26 2020-08-14 杭州中天微系统有限公司 一种系统版本升级方法及装置
EP4002099B1 (en) * 2017-09-27 2024-11-13 INTEL Corporation Firmware dependency checking and updating
CN111357003A (zh) 2018-01-29 2020-06-30 惠普发展公司,有限责任合伙企业 预操作系统环境中的数据保护
US10659054B2 (en) * 2018-02-23 2020-05-19 Nxp B.V. Trusted monotonic counter using internal and external non-volatile memory
US10394542B1 (en) * 2018-04-16 2019-08-27 Infineon Technologies Ag Low-power device recovery using a backup firmware image
US10713364B2 (en) * 2018-05-08 2020-07-14 WhiteSource Ltd. System and method for identifying vulnerabilities in code due to open source usage
CN108985049A (zh) * 2018-06-06 2018-12-11 晶晨半导体(上海)股份有限公司 防回滚方法及系统
CN109271185A (zh) * 2018-08-30 2019-01-25 郑州云海信息技术有限公司 一种cpld版本更新方法、装置、设备及存储介质
US11397815B2 (en) * 2018-09-21 2022-07-26 Hewlett Packard Enterprise Development Lp Secure data protection
US11100228B2 (en) * 2018-10-25 2021-08-24 Dell Products, L.P. System and method to recover FPGA firmware over a sideband interface
CN109673009B (zh) * 2018-11-13 2022-06-21 浙江合众新能源汽车有限公司 一种vcu软件空中升级方法及装置
WO2020118639A1 (zh) * 2018-12-13 2020-06-18 深圳市大疆软件科技有限公司 无人飞行器及其固件升级方法
CN110134545B (zh) * 2019-04-03 2020-12-22 上海交通大学 基于可信执行环境的提供虚拟nvram的方法及系统
US11222490B2 (en) * 2019-06-14 2022-01-11 International Business Machines Corporation Physical modification of circuits for automotive security
US11301566B2 (en) * 2019-07-03 2022-04-12 Ati Technologies Ulc Firmware anti-rollback
US11507666B2 (en) * 2019-08-27 2022-11-22 Red Hat, Inc. Trusted execution environment verification of a software package
US11216597B2 (en) * 2020-05-14 2022-01-04 Nuvoton Technology Corporation Security system and method for preventing rollback attacks on silicon device firmware
CN113486360B (zh) * 2021-07-14 2022-11-11 上海瓶钵信息科技有限公司 基于risc-v的安全启动方法及系统
CN113849821B (zh) * 2021-09-27 2025-07-22 联想(北京)有限公司 一种信息处理方法
EP4325729A1 (en) 2022-08-17 2024-02-21 Renesas Design Austria GmbH Dynamic function loading
CN118779863B (zh) * 2024-06-18 2025-07-04 湖南开鸿智谷数字产业发展有限公司 一种基于可信凭据的固件回滚保护方法及系统
CN118551389B (zh) * 2024-06-28 2025-09-02 湖南开鸿智谷数字产业发展有限公司 一种轻设备固件校验方法、装置、设备、介质及产品

Family Cites Families (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6996817B2 (en) * 2001-12-12 2006-02-07 Valve Corporation Method and system for upgrading and rolling back versions
US20030115469A1 (en) * 2001-12-14 2003-06-19 Intel Corporation Systems and methods for detecting and deterring rollback attacks
US20030217357A1 (en) * 2002-05-14 2003-11-20 Parry Travis J. Monitoring firmware
DE10240584A1 (de) * 2002-08-28 2004-03-11 Pilz Gmbh & Co. Sicherheitssteuerung zum fehlersicheren Steuern von sicherheitskritischen Prozessen sowie Verfahren zum Aufspielen eines neuen Betriebsprogrammes auf eine solche
US8250562B2 (en) * 2002-08-30 2012-08-21 Sun Microsystems, Inc. Barrier mechanism for firmware upgrade
US7907729B2 (en) * 2002-09-13 2011-03-15 Bally Gaming, Inc. Rollback attack prevention system and method
US7797693B1 (en) * 2003-12-12 2010-09-14 Hewlett-Packard Development Company, L.P. NAND mobile devices capable of updating firmware or software in a manner analogous to NOR mobile devices
US20050132351A1 (en) * 2003-12-12 2005-06-16 Randall Roderick K. Updating electronic device software employing rollback
US7222340B2 (en) * 2004-01-27 2007-05-22 Research In Motion Limited Software-delivered dynamic persistent data
US7907531B2 (en) * 2005-06-13 2011-03-15 Qualcomm Incorporated Apparatus and methods for managing firmware verification on a wireless device
GB2430774B (en) * 2005-10-03 2007-08-08 Nec Technologies Method of software updating and related device
US7844721B2 (en) 2005-11-23 2010-11-30 Qualcomm Incorporated Method for delivery of software upgrade notification to devices in communication systems
KR101259908B1 (ko) * 2005-11-30 2013-05-02 텔레콤 이탈리아 소시에떼 퍼 아찌오니 이동 통신 단말기에서의 애플리케이션 업데이트 방법 및시스템
DE602006014801D1 (de) * 2006-04-24 2010-07-22 Ericsson Telefon Ab L M Prüfung der Berechtigung der Installation einer Softwareversion
EP2060101B1 (en) 2006-09-07 2018-02-07 Nokia Technologies Oy Managing information relating to secure module applications
US8520850B2 (en) * 2006-10-20 2013-08-27 Time Warner Cable Enterprises Llc Downloadable security and protection methods and apparatus
US8888597B2 (en) * 2007-01-09 2014-11-18 Bally Gaming, Inc. Systems for providing amusement
US11275826B2 (en) 2007-01-31 2022-03-15 Nokia Technologies Oy Managing applications related to secure modules
US20080196024A1 (en) * 2007-02-08 2008-08-14 Ibm Corporation Method and Apparatus for Changing Software Components in an Information Handling System
JP4906913B2 (ja) * 2007-03-02 2012-03-28 パナソニック株式会社 再生装置、システムlsi、初期化方法
CA2697632C (en) 2007-08-06 2015-05-12 Bernard De Monseignat System and method for authentication, data transfer, and protection against phishing
US7929959B2 (en) * 2007-09-01 2011-04-19 Apple Inc. Service provider activation
US20110143661A1 (en) 2007-11-30 2011-06-16 Nokia Corporation Method, device and system for firmware update by near-field communication
US7860836B1 (en) * 2007-12-26 2010-12-28 Emc (Benelux) B.V., S.A.R.L. Method and apparatus to recover data in a continuous data protection environment using a journal
US8725123B2 (en) 2008-06-05 2014-05-13 Headwater Partners I Llc Communications device with secure data path processing agents
US8275858B2 (en) * 2008-09-18 2012-09-25 Mitac Technology Corp. Method for updating firmware of radio frequency identification reader through network system
US8171547B2 (en) 2008-12-03 2012-05-01 Trend Micro Incorporated Method and system for real time classification of events in computer integrity system
US8737911B2 (en) 2009-05-11 2014-05-27 Qualcomm Incorporated Dual-stage echo cancellation in a wireless repeater using an inserted pilot
JP5744004B2 (ja) * 2010-07-23 2015-07-01 パナソニック インテレクチュアル プロパティ コーポレーション オブアメリカPanasonic Intellectual Property Corporation of America Nfc通信装置およびその制御方法
US8522322B2 (en) * 2010-09-22 2013-08-27 Intel Corporation Platform firmware armoring technology
JP5973346B2 (ja) * 2010-12-06 2016-08-23 パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカPanasonic Intellectual Property Corporation of America 通信装置、通信方法及び通信システム
US8745612B1 (en) * 2011-01-14 2014-06-03 Google Inc. Secure versioning of software packages
WO2012122994A1 (en) * 2011-03-11 2012-09-20 Kreft Heinz Off-line transfer of electronic tokens between peer-devices
US20130125108A1 (en) * 2011-11-16 2013-05-16 General Electric Company System and method for upgrading firmware
CN102662699A (zh) 2012-03-27 2012-09-12 惠州Tcl移动通信有限公司 一种更新移动终端nfc固件的方法及其移动终端
US9068858B2 (en) * 2012-04-13 2015-06-30 Elster Solutions, Llc Generic and secure AMI end device configuration
US9110761B2 (en) * 2012-06-27 2015-08-18 Microsoft Technology Licensing, Llc Resource data structures for firmware updates
GB2507596B (en) * 2012-10-30 2014-09-17 Barclays Bank Plc Secure computing device and method
US20140250290A1 (en) * 2013-03-01 2014-09-04 St-Ericsson Sa Method for Software Anti-Rollback Recovery

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024071861A1 (ko) * 2022-09-30 2024-04-04 삼성전자 주식회사 업데이트 방법 및 이를 위한 전자 장치

Also Published As

Publication number Publication date
WO2014074674A1 (en) 2014-05-15
CN104798040A (zh) 2015-07-22
EP2917828A1 (en) 2015-09-16
JP2015533444A (ja) 2015-11-24
US20140130151A1 (en) 2014-05-08
JP6321023B2 (ja) 2018-05-09
US9910659B2 (en) 2018-03-06

Similar Documents

Publication Publication Date Title
US9910659B2 (en) Methods for providing anti-rollback protection of a firmware version in a device which has no internal non-volatile memory
EP3241364B1 (en) Over-the-air provisioning of application library
EP2525595B1 (en) Security architecture for using host memory in the design of a secure element
EP2704053B1 (en) Method and system for updating a firmware of a security module
CN103460186B (zh) 用于更新数据载体的方法
US20050137889A1 (en) Remotely binding data to a user device
US20170286873A1 (en) Electronic ticket management
US9817972B2 (en) Electronic assembly comprising a disabling module
CN105393569A (zh) 在安全元件处进行验证的系统及方法
CN102223441A (zh) 个性化定制手机恢复出厂设置的方法
US12210596B2 (en) Terminal hardware configuration system
KR20180092596A (ko) 임베디드 보안 모듈을 이용한 IoT 디바이스 플랫폼의 보안 부팅 방법 및 시스템
CN104348616A (zh) 一种访问终端安全组件的方法、装置及系统
JP2012094146A (ja) 特に資源の利用に関する利用者の認証によって保護された関数の実行を制御する方法及びシステム
KR20080099117A (ko) 임베디드 시스템에서 이동성 요소의 인증을 위한 방법
CN112166449A (zh) 处理使用商用现货或物联网设备的安全金融交易的方法
US20230385418A1 (en) Information processing device, information processing method, program, mobile terminal, and information processing system
KR20200033560A (ko) 보안 엘리먼트를 이용하여 서비스를 제공하는 전자 장치 및 그의 동작 방법
KR102201218B1 (ko) 모바일 단말의 보안 엔진의 접근 제어 시스템 및 방법
US12022294B2 (en) Access control for Near Field Communication functions
CN117795511A (zh) 更新代理和更新代理中的数据预播种
HK1178335B (en) Security architecture for using host memory in the design of a secure element

Legal Events

Date Code Title Description
PA0105 International application

Patent event date: 20150601

Patent event code: PA01051R01D

Comment text: International Patent Application

PG1501 Laying open of application
PC1203 Withdrawal of no request for examination
WITN Application deemed withdrawn, e.g. because no request for examination was filed or no examination fee was paid