TWI331288B - Memory card and security method therefor - Google Patents

Description

1331288 _July 30, revised amendment page IX. Description of the invention: 'Technical field to which the invention pertains. The present invention relates to a content card, and more particularly to a memory card and a security method thereof. [Prior Art] In the past few decades, computer storage media technology has developed rapidly. Some new applications have emerged in computer storage devices, many of which contain the need for information security stored in computer storage devices. Please refer to FIG. 1 to illustrate a prior art secure flash memory device. As shown in FIG. 1, secure flash memory device 10 is coupled to computer 40 using port 14. The secure flash memory device 10 further includes a flash memory 20 and a microcontroller 22, wherein the flash memory 20 can be segmented and used to store data. Microcontroller 22 includes a small memory 24 that can be either random access memory (RAM) or read only memory (ROM). The flash memory device 10 is controlled by accepting commands and requests from the computer 40 and controlling and adjusting the access of the computer 40 to the flash memory 20. More specifically, the microcontroller 22 interprets the flash memory access requirements issued by the computer -40 and controls the flash memory 20. The security program 28 is stored in the flash memory 20, wherein the security program 28 uses a small amount of space, and the space left by the flash memory 20 is used as the large-capacity storage area 30. The security program 28 cooperates with the preset passcode 32 stored in the memory 24 of the controller 22, and directs the microcontroller 22 to allow or prevent the circulation of data during the connection to the 5 1331288, July 30, 1999 correction of the replacement page port 埠 14 flashing Memory 20 is between the computer and the computer 40. The preset passcode 32 can be encrypted to further prevent unauthorized access to the flash memory 20. The security program 28 may also include a code that allows the preset passcode 32 to be modified by the user. In addition, the security program 28 can control the graphical user interface (GUI) of the computer 40 to provide a user friendly interface. When the user wants to use the secure flash memory device 10, the user simply inserts the port 14 into the corresponding port of the computer 40. In practical applications, computer 40 performs a number of procedures to ensure proper attachment to secure flash memory device 10; however, technology is well known in the related art. The prior art provides a security program that controls how the microcontroller accesses the flash memory. When the user wants to read data or write data from the secure flash memory device 10, the user only needs to read or write to access the flash memory 20 through the computer 40. The microcontroller 22 detects the request and the microcontroller 22 instructs the computer 40 to execute the security program 28. The security program 28 then actively prompts the user to enter a passcode. The pass code entered by the user compares the preset pass code 32 stored in the memory 24 of the microcontroller 22. If the entered passcode conforms to the preset passcode 32, the microcontroller 22 allows the computer 40 to access the flash memory 20. The user can now read or write information from the mass storage area 30 of the flash memory 20. If the entered passcode does not conform to the preset passcode 32, the microcontroller 22 prevents the computer 40 from accessing the flash memory 20. The user cannot access the large number of access areas 30 of the flash memory 20. According to the prior art, the security program 28 compares the entered passcode with the preset passcode 32. The microcontroller 22, according to the input passcode, is connected to the 6 1331288 July 30, 99 revision replacement page to allow or restrict access to the flash memory 2 大 large capacity ^ to execute the security program 28 or to perform another similar action The use of ^ can require a read or write access to the flash memory 20. However, the security program continues to filter the computer's operating system. After the large-capacity storage area 30 of the flash memory button is accessed, the operating system of the computer can operate the flash memory 2 without further restrictions. In this case, since the preset pass code 32 of the prior art allows the user to modify, the content of the preset passcode 32 or the flash memory 2 can be obtained or modified. Obviously, the security system of the memory card can be easily removed according to the prior art. Therefore, in fact, the prior art may not be able to provide a memory card with complete security. Therefore, it is necessary to provide a memory card with an effective security method to avoid the risk of personal confidential information. Different from the conventional memory encryption device (for example, (3) (10), et al., in the U.S. Patent Application Serial No. 64, 4 Μ memory device, the present invention does not allow arbitrary reading or writing as #, and corrects the disadvantages of the prior art and solves the above. [Explanation] The prior art is limited by the above problems. The object of the present invention is to provide a memory card, which is installed (4) (4) (4), wherein when the memory card is inserted into the computer, the decryption is required. The system and the content protection program of the operating system are used to allow or prevent the circulation of data between the memory card and the computer. 4 The invention can effectively avoid the replacement of the page without the (4) or unintentional 7 1331288 July 30, 1999. According to the present invention, the memory card includes a protected memory area for storing a key code and encrypting the content with the key code, and a (10) (4) material for carrying the decryption application. The towel decryption program should be used to decrypt the encrypted content and use the operating system limit program to disable the operating system default function. - The content protection program decryption application and operating system restrictions Download to the operating system, after the decryption helper retrieves the encrypted code from the protected memory area, the operating system can access the encrypted content. In addition, the operating system is controlled by the operating system limit program. The memory card preferably includes -USB portable Disc, - Secure Digital (SD) card, a multimedia memory card MMC) 'and a flash drive. The protected memory area preferably contains a hidden area for storing the gold recording code. Undoubtedly, encrypted content is encrypted according to Advanced Encryption Standard (AES), Data Encryption Standard (DES), and Triple Data Encryption Standard (Triple DES). It is best to disable the "Print Screen" button on the keyboard, or to copy the application system's "Copy", "Paste", "Save", "Save New File" application interface (eight! >1) invalid. Another object of the present invention is to provide a content card and a security method thereof. [When a memory card is inserted into a computer, the content protection program having the decryption application and the operating system restriction program introduces the memory card and executes, allowing 8 丄W1288 On July 30, 1999, the replacement page was corrected or the data was prevented from being circulated between the memory card and the computer, and the goal of ^ _ 内谷 and reaching the complete security of the card was corrected, and the shortcomings and solutions of the first month 1J technology could be corrected. The above question. According to another aspect of the present invention, the method of the memory card security method comprises: a) inserting a memory card containing the content encrypted by the key code into a computer on which the operating system is installed; b) verifying the unique authentication code of the memory card Whether it is true, c) if the authentication code is true, download the content protection program from the memory card; d) execute the content protection program; e) decrypt the encrypted content with the key code; disable the default function of the operating system; ) Dismount the content protection program. The content protection program preferably includes a decryption application for performing step e). Preferably, each protection program in v includes an operating system restriction program for performing step f). Preferably, the memory card includes a hidden area for storing the key code and a protected memory area for storing the public area of the encrypted content. The content is preferably encrypted in accordance with Advanced Encryption Standard (AES), Data Encryption Standard (DES), and Triple Content Encryption Standard (1>1). The memory card preferably includes a USB flash drive, an SD card, an MMC, and a flash drive. Undoubtedly, the content protection program and key code can be preloaded to the memory card through the following steps. A) Insert the memory card into the production computer; & 2) On the production page 9 1331288, July 30, 1999 Execute the appending application to generate the key code; a3 - content to obtain the encrypted content; a4) store the key code and the encrypted content to the memory card 'a5) to store the inner file to the memory card. [Embodiment] Some embodiments embodying the features and advantages of the present invention will be described in detail in the following description. It is to be understood that the invention is not limited by the scope of the invention. Referring to Figure 2, the security architecture of the memory card of the present invention connected to a computer on which the operating system is installed is shown. As shown in Fig. 2, the memory card 丨 includes a memory module 51 and a controller 52 for communication between the host computer 53 on which the operating system is installed and the memory card 1. The memory module 51 includes a protected memory area 512 and a storage area 515. The protected memory area 512 further includes a public area 513 and a hidden area 514 for storing encrypted content and money code, respectively. The storage 1515 contains the content protection program (not shown in the picture). The program contains the - decryption application. After the memory card i is connected to the main 4 53 'the controller 52 immediately sends a request to the memory module 51 to download the storage area 515 _ _ (four) program to the system #, release the decryption application system and on the operating system carried out. Therefore, after the decryption application is executed and executed on the operating system, the system can access the memory module $ and output the encrypted content 513 to various readings such as MS (10) (3), etc. And 'from the hidden area 5i4 of the protection memory area 512 to obtain the gold record code. In addition, a content protection program stored in the memory card, after the operating system restriction program is downloaded to the operating system, may further include an operating system % invalid job (4) limit program. In fact, the memory card can be: brain flash drive, - SD card, - mmc, and - flash flash drive. The security system of the present invention can be applied as a USB flash drive, a card MMC and a flash flash drive. The protected memory area 512 can store the gold code in the hidden area 514 to exclude the opportunity for the gold code to be found, invaded or cracked, and also to store the encrypted area of the public area (1) of the protected memory area 512. Encrypted content can be encrypted in accordance with Advanced Encryption Standard (AM), Data Plus (10) s, and Triple Content Encryption (Tripie DEs). On the other hand, after the decryption application is downloaded to the job line, when the operating system limit program restricts some functions of the operating system, the decryption application is decrypted and added, and the encryption is read under the protection of the content protection program. content. The operating system limit program disables the "Print Screen" button on the keyboard, or disables the "Copy", "Paste", "Save", "Save New File" applications of the operating system. . According to the present invention, the encrypted content 'in the public area 513 of the protected memory area can be decrypted, outputted, and (4) via different reading programs, for example: MS〇fflee, pDF, HTML^, etc.; Copying and modifying operations are prohibited. Please refer to step 3 to illustrate the preferred implementation steps of the memory card security method of the present invention. The memory card inserted into the encrypted content of the gold recording code is inserted into the host computer 53 on which the operating system is installed, on July 3, 1999. As the figure is like step S62 of Fig. 3, once the memory card! Link to the host computer 53,.乜 beer :) j If the exclusive authentication code of the memory card 1 is true, the verification procedure begins to be confirmed. As with step S63 of FIG. 3, if the authentication code proves to be true and continues through verification, the content protection program in the storage area 515 of the memory module 51 will be released to the operating system of the host computer 53; otherwise, the steps will proceed to the figure. Step S64 of 3. That is, the controller 52 will not be instructed to issue a request to the storage area 515 of the memory module 51 to release the content protection program to the operating system. However, the verification procedure for the verification code is optional. Step 3 of the head In such a case, proceed directly to the step plus. Therefore, the gold recording code continues to exist in the hidden area 514 of the protected memory area 512, and the encryption is encrypted. As in step S65 of Fig. 3, when the operating system automatically; after detecting that the content protection program is successfully downloaded and executed, the decryption application, the formula and the program are started. Next, the activated decryption application obtains the gold code in the hidden area 514 of the protected memory area 512, and decrypts the encrypted content with the key code. As in the step of Fig. 3, the decrypted content is read in step (6) of Fig. 3. However, after step S67, the operating system is limited: the program invalidates the preset function of the operating system in step S68 of FIG. 3, so that if the person other than the legitimate user further copies or tampers the content, because of many application interfaces (10) The function is invalid, so the decrypted content cannot be copied or further output from a printer or the like. In the final step of Figure 3, when the internal storage system is removed, the operating system restarts its preset 12 1331288, July 30, 1999. Corrected the replacement page function. The encrypted content is still stored in the protection record invisibly--. The memory card can be a USB flash drive, an SD card, an MMC, and a flash drive. In addition, the operating system restriction program can disable the "Print Screen" button on the keyboard, or invalidate the application interface (API) of the "Re-chlorination", "Save", and "Save New" files of the operating system. , as in step S67 of FIG. Encrypted content is encrypted according to Advanced Encryption Standard (AES), Data Encryption Standard (DES), and Triple Content Encryption Standard (Triple-DES). More specifically, the content protection program and key code can be preloaded on the memory card. Please refer to Figure 4. First, after the memory card is inserted into the production computer in step 87, the application is automatically executed by the production computer and generates a gold code, as in steps S72 and S73. The role of the key code is to encrypt the data and prevent unauthorized access to private content. Next, in step ^3, the content is encrypted by the newly generated gold, to obtain the encrypted content in step S74. In addition, the memory of the memory module is divided into several areas, and the gold recording code and the encrypted content are stored in the hidden area and the public area, respectively, as in steps S75 and S76. Next, the content protection program archives the milk to the storage area of the memory card. The entire unloading operation ends after the process from step S71 to the milk. The conclusion is that this day's confession-time and its security method, by ensuring storage in the memory temporary data (4), (10) the helper program to join the valley protection program to obtain the money code (4), and # system limit program 13 1331288 _ July 30, 1999 Correction of replacement pages invalidates the application interface (API) of the operating system's default functions to significantly enhance the overall security of private digital content. Different from the prior art allowing casual reading or other further work, the present invention provides a comprehensive security memory by prohibiting malicious copying and output of private content stored in the memory card, thereby eliminating potential security breaches. The goal of the card can improve the shortcomings of the prior art and solve the above problems. The present invention has been described in detail by the above-described embodiments, and may be modified by those skilled in the art without departing from the scope of the appended claims. 1331288

[Simple Description of the Drawings] The objectives and advantages of the present invention are mentioned a little above, and after careful consideration of the accompanying pictures, it will become a safe flash memory of the prior art than the common technique 1 in the related art. Figure 2 illustrates a preferred embodiment of the memory card of the present invention for use with a computer having an operating system; Figure 3 illustrates a preferred embodiment of the security method of the memory card of the present invention; and Figure 4 illustrates the preloaded content of the present invention. The steps to protect the program and key code to the memory card. Main component symbol description] 1 Memory card 51 Memory module 10 Secure flash memory device 52 Controller 14 Connection 埠 53 Host 20 Flash memory 512 Protect memory area 22 Microcontroller 513 Public area 24 Memory 514 Hidden area 28 Security Program 515 storage area 30 40 large capacity storage area computer 15

Claims (1)

991(1)o-day correction replacement page X. Patent application scope: --- l A memory card is used in a computer with an operating system, including: a first memory area for storing a gold recording code; a second memory area for recording the encrypted content; and a third memory area for storing the inner valley protection program, the content protection program comprising: a decryption application for downloading the decryption application to the operating system And decrypting the encrypted content; and an operating system restriction program for invalidating the preset function of the operating system after downloading the operating system restriction program to the operating system. 2. The memory card of claim 1, wherein the first memory area is a hidden area. 3. For the memory card of the i-th patent scope, the content is in accordance with Advanced Encryption Standard (AES), Data Encryption Standard (DES), and Triple Content Encryption Standard (Triple-DES). To encrypt. 4. The memory card of claim 1, wherein the operating system restriction program disables the "print screen" button on the keyboard, or causes the operating system to "copy", "stick", " The application interface for "Save" and "Save as new" is invalid. 5. The memory card according to claim 1, wherein the memory card package 1331288 is revised on July 30, 1999. The replacement page includes a USB flash drive, a Secure Digital (SD) card, and a multimedia. Memory card (MMC), and a flash drive. 6. A security method for a memory card, comprising the steps of: a) inserting the memory card storing the encrypted content of the key code into a host computer on which the operating system is installed; b) verifying the exclusive authentication code of the memory card Whether it is true; c) if the authentication code is true, download the content protection program from the memory card, the content protection program includes an operating system restriction program that invalidates the preset function of the operating system; d) execute the content protection program; e) Decrypting the encrypted content with the key code; and f) dismounting the content protection program. 7. The security method of claim 6, wherein the content protection program comprises a decryption application that performs step e). 8. The method of claim 6, wherein prior to step a), further comprising the steps of: a) inserting the memory card into a production computer; a2) executing an encryption application on the production computer to generate the a key code; a3) encrypting the content with the key code to obtain the encrypted content; a4) storing the key code and the encrypted content into the memory card; and a5) archiving the content protection program to the memory card . 17 1331288 9. If the scope of the patent application is 6th, the storage space of the key mother area is separately stored. On July 30, 1999, the security method described in the replacement page item is corrected. ^^ The hidden area of the ~^ card~: and the security method for storing the encrypted content as described in the patent application (4), wherein the content is advanced. Encryption standard (AES), f-encryption standard (DM), and triple-encryption standard (Triple-DES) are used for encryption. The operating system is "replicated" and "applied to the application interface. △ For example, please refer to the security method described in the patent specification (4), wherein the memory card includes a USB flash drive, an SD card, a Mmc, and A flash drive. For example, the security method described in claim 6 wherein the operating system limit program disables the (four) ± "wire" key, or "," "storage", "save new file 13 A security method for a memory card, comprising the steps of: a) inserting the (four) card storing the encrypted content of the key code into a host computer on which the operating system is installed; b) downloading from the memory card - content a protection program comprising: a system restriction program for invalidating the preset function of the (4) system; c) executing the content protection program; d) decrypting the encrypted content with the gold recording code; e) dismounting the content Protection program. 14. The security method according to claim 13 of the patent application, wherein the content 18 1331288 The revised page protection program of July 30, 1999 includes the decryption application of step d). Before the security method described in claim 13 of the patent application, the method further includes the following steps: in step a) al) Inserting the card into the production computer; a2) executing the encryption application on the production computer to generate the gold code; a3) encrypting the content with the gold record code to obtain the encrypted content; a4) storing the key code and the encryption Content to the memory card; and a5) storing the content protection program to the memory card. A security method as claimed in claim 13 wherein the hidden area storing the key code and the gambling space storing the encrypted area of the encrypted content are separately included. The security method of claim 13, wherein the content is encrypted according to Advanced Encryption Standard (AES), Data Encryption Standard (DES), and Triple Content Encryption Standard (Triple-DES). 18. The security method of claim 13, wherein the memory card comprises a USB flash drive, an SD card, an MM (:, and a flash flash drive. 1331288 _ July 30, 1999 amendment Replace page VII, designated representative map: (1) The representative representative map of this case is: (2). (2) The symbol of the representative figure is simple: 1 Memory card 51 Memory module 52 Controller 53 Host 512 Protection memory Area 513 Public Area 514 Hidden Area 515 Storage Area 8. If there is a chemical formula in this case, please reveal the chemical formula that best shows the characteristics of the invention: 4