Connect public, paid and private patent data with Google Patents Public Datasets

Secure yet flexible system architecture for secure devices with flash mass storage memory

Download PDF

Info

Publication number
US20070061597A1
US20070061597A1 US11317339 US31733905A US2007061597A1 US 20070061597 A1 US20070061597 A1 US 20070061597A1 US 11317339 US11317339 US 11317339 US 31733905 A US31733905 A US 31733905A US 2007061597 A1 US2007061597 A1 US 2007061597A1
Authority
US
Grant status
Application
Patent type
Prior art keywords
firmware
memory
device
storage
system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US11317339
Inventor
Micky Holtzman
Hagai Bar-El
Ronen Greenspan
Rony Shapiro
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
DISCRETIX TECHNOLOGIES Ltd
SanDisk Technologies LLC
Original Assignee
Micky Holtzman
Hagai Bar-El
Ronen Greenspan
Rony Shapiro
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/0223User address space allocation, e.g. contiguous or non contiguous base addressing
    • G06F12/023Free address space management
    • G06F12/0238Memory management in non-volatile memory, e.g. resistive RAM or ferroelectric memory
    • G06F12/0246Memory management in non-volatile memory, e.g. resistive RAM or ferroelectric memory in block erasable memory, e.g. flash memory
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/20Employing a main memory using a specific memory technology
    • G06F2212/202Non-volatile memory
    • G06F2212/2022Flash memory
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Abstract

A device with mass storage capability that uses a readily available non secure memory for the mass storage but has firmware (and hardware) that provides security against unauthorized copying of data. This is true even though the firmware itself is stored in the non secure mass storage memory, and therefore potentially vulnerable to hacking. An indication of the authenticity of the firmware must be present before it will be executed by the device. This protects the device contents from unauthorized duplication or tampering. Additional functionality can be added to the device with additional firmware applications, and the authenticity of those additional applications will also be verified before they will be executed. This further prevents unauthorized copying or tampering of secure content through any mechanisms that may be unscrupulously introduced. Any data within the mass storage memory may also be encrypted.

Description

    CROSS REFERENCE TO RELATED APPLICATIONS
  • [0001]
    This application claims priority to provisional Application No. 60/717,164 entitled “Secure Yet Flexible System Architecture for Secure Devices With Flash Mass Storage Memory” filed Sep. 14, 2005 to Micky Holtzman et al.
  • [0002]
    This application is related to the following applications, each of which is hereby incorporated by this reference in its entirety: “Methods Used in a Secure Yet Flexible System Architecture for Secure Devices With Flash Mass Storage Memory” to Micky Holtzman et al., Attorney Docket No.: SNDK.470US2; “Method of Hardware Driver Integrity Check Of Memory Card Controller Firmware” to Micky Holtzman et al., application Ser. No. 11/284,623, Attorney Docket No. SNDK.408US1; “Hardware Driver Integrity Check Of Memory Card Controller Firmware” to Micky Holtzman et al., application Ser. No. 11/285,600, Attorney Docket No. SNDK.408US2; “Methods Used in a Secure Memory Card With Life Cycle Phases” to Micky Holtzman, et al. Attorney Docket No. SNDK.383US2; and “Secure Memory Card With Life Cycle Phases” to Micky Holtzman et al., Attorney Docket No. SNDK.383US3.
  • FIELD OF THE INVENTION
  • [0003]
    The present application is generally related to the operation of flash based mass storage devices, and in particular those with copy protection of secure content.
  • BACKGROUND OF THE INVENTION
  • [0004]
    Flash based mass storage devices are used to store very large amounts of content, such as pictures and music or software programs. Examples of these mass storage devices include memory cards, universal serial bus (“USB”) flash drives, flash based music and/or video players, and other portable computing devices that rely on flash for the mass storage of content or files.
  • [0005]
    User files are frequently updated and modified. This is particularly the case when dealing with photos, music, and documents. Flash memory has a limited number of read/write cycles, and a great deal of research and development has gone into distributing the cycles among the flash memory cells in order to maximize the lifespan and reliability of the devices. For instance, wear leveling techniques such as those taught in U.S. Pat. No. 6,230,233 entitled “Wear Leveling Techniques For Flash EEPROM Systems” to Lofgren et al., U.S. Pat. No. 5,268,870 entitled “Flash EEPROM System and Intelligent Programming and Erasing Methods Therefore” to Harari, PCT Publication No. WO2004040578A2 entitled “Wear Leveling In Non-Volatile Storage Systems” to Chang et al., and U.S. Patent Publication No. 20040083335A1, entitled “Automated Wear Leveling In Non-Volatile Storage Systems” to Gonzalez et al., which are hereby incorporated by this reference in their entireties, are commonly implemented in these devices. These techniques generally involve changing the logical/physical mapping so that physical locations of the memory are used roughly the same amount.
  • [0006]
    In addition, as the usage of flash based mass storage devices is proliferating, the number of different things that can be done with them is also increasing.
  • [0007]
    Therefore, there exists a need for a new device operating system architecture that provides flexibility to store and run a wide range of firmware that can be updated and changed to accommodate the range of increasing functionality. In addition to being flexible, this architecture must provide a highly secure and reliable environment for both firmware and content. As is always the case, all of this should be done for the lowest possible cost, using standard components whenever possible.
  • SUMMARY OF INVENTION
  • [0008]
    The present invention allows a device to be both secure in operation and flexible in terms of functionality. This means functionality can be tailored to users' desires and added over time all the while maintaining a high level of security. Therefore the device can be used to store confidential and limited access information such as transactional data and copyrighted artistic works.
  • [0009]
    The present invention also allows for the device to boot quickly and reliably while still providing for reliable long term data storage through the use of wear leveling techniques where appropriate.
  • [0010]
    Firmware that is not authentic, and that may potentially compromise the security of the device will not be executed. An indication of the authenticity is verified before execution. In a preferred embodiment, multiple different levels of such indications are provided and are associated with the particular controller of the device that created the indications. In this preferred embodiment, one or more of the different levels of indications can be verified. Without the properly associated indication the firmware will not be executed.
  • [0011]
    Another aspect of the present invention is that this security is achieved despite the fact that the device utilizes readily available memory without built in security for the mass storage of the data, including the firmware.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • [0012]
    FIG. 1A is a schematic diagram of secure device 100A, an embodiment of the present invention.
  • [0013]
    FIG. 1B is a schematic diagram of secure device 100B, an embodiment of the present invention.
  • [0014]
    FIG. 2 is a diagram illustrating various pieces of firmware in a portion of memory space 108.
  • [0015]
    FIG. 3 is a schematic diagram illustrating software structure and hardware access according an embodiment of the present invention.
  • [0016]
    FIG. 4 is a flowchart illustrating some steps of firmware integrity verification.
  • [0017]
    FIG. 5 is a flowchart of operation of an embodiment of the present invention.
  • [0018]
    FIG. 6 is a flowchart illustrating integrity checking of physically stored data such as the firmware 200.
  • [0019]
    FIG. 7 is a flowchart illustrating integrity checking of logically stored data such as user files and the application firmware 202A, B, . . . X.
  • DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
  • [0020]
    Devices incorporating flash memory for mass storage purposes must store large amounts of content that is written and read relatively often. For instance, digital photo and music libraries are regularly updated by users of such devices. With the increase of protected content and the desire to protect content generally, such devices must also provide robust security to prevent unauthorized copying of such “secure” or protected content. At the same time, security should not come at the cost of flexibility. The present invention provides for a device that allows functionality to be added over time, while maintaining a high level of security. This flexibility is essential in a world where devices are expected to provide ever increasing functionality.
  • [0021]
    A secure device is one that protects the contents of the device from unauthorized copying or alteration. Secure content includes any content or data that it is desirable to safeguard from unauthorized copying or tampering. In addition to billing, transaction and other traditionally confidential personal information, artistic content must also be secured from access and copying by those other than the owner or other authorized persons.
  • [0022]
    Depending on the architecture of the device, a hacker may try to gain access to the content via data buses, or by directly accessing the mass storage memory. In some prior devices, directly accessing the memory storage unit was difficult as the memory storage unit was often protected by placing it an environment that was logistically hard to access. For instance, Smart Cards utilized programmable read only memories (PROMS) that incorporated a small amount of non volatile memory that was made secure in part by physically isolating it from access.
  • [0023]
    However, it is desirable to utilize unsecure mass storage memory, that is, among other things, more standardized, readily available, and/or economical. An unsecure memory or storage unit is one where authorization is not required in order to gain (read/write) access to the (encrypted or unencrypted) data stored therein, or one where there are no built in protection mechanisms that prevent copying of the stored data. While this memory may be packaged in a multi functional package with other non-memory components such as a processor, it is commonly in the form of a dedicated memory package with one or more memory chips.
  • [0024]
    Typically, a device or system incorporating mass storage flash memory utilizes a processor to control the data storage and retrieval operations of the memory. Such a processor is part of a controller and is often referred to as a controller. A controller executes software instructions to control the device. The software that runs and controls the hardware of a device is often referred to as firmware. The firmware is typically executed from random access memory (RAM) after having been copied from some other memory where it is normally stored. Shadowing or copying to RAM is advantageous because although flash is easily updated it is slower and not inherently executable because it does not have random access capability, and because read only memory is not easily updated.
  • [0025]
    In the case where some amount of security is to be provided in the firmware, there must be some mechanism to prevent execution of the other than the proper firmware that has the requisite security mechanisms. This is especially true when the firmware is stored in an unsecure memory. As mentioned above, it is the firmware that controls the operation of the device, and therefore it is not a simple matter to have the firmware essentially protect itself. Nor is it a simple matter to protect execution of compromised or unauthentic firmware when such firmware is stored in an otherwise unsecure memory package.
  • [0026]
    The present invention provides for a secure system with mass storage capability even though it uses unsecure memory for the mass storage unit. Furthermore, it creates a secure system where the firmware for running the secure system is stored in the unsecure memory. In order to be able to store the firmware in the unsecure mass storage memory, the present invention employs a system that prevents execution of inauthentic firmware.
  • [0027]
    Reference will now be made to preferred embodiments depicted in the figures. FIG. 1A illustrates secure device (“SD”) 100A, an embodiment of the present invention. SD 100A comprises a secure controller 104 and unsecure memory 108.
  • [0028]
    Memory 108 is preferably flash type memory and is used for mass storage purposes. This means that the memory is used for general purpose storage of user files, such as audio, video, and picture files, among other things. It is a principal memory storage unit of device 108 and can be used to store any type of file a user wishes to store in it. It is designed to allow a user to frequently update and access his library of files. A mass storage memory is generally larger than other random access memory (“RAM”) and read only memory (“ROM”) that SD 100A may also comprise (not shown) in this and other embodiments. Also, as a general file storage device, a mass storage memory is distinct from code storage devices that are designed to store comparatively small amounts of operating code that are infrequently updated. A ROM or flash memory may be used as a code storage device, but it should be understood that a code storage device is different in purpose and generally in size than a mass storage device.
  • [0029]
    SD 100A also comprises a data or memory bus 106 and a host bus 102. SD 100A may be a complete electronic device such as a digital camera or music player, cellular telephone etc. It may also have the form factor of a memory card or universal serial bus (“USB”) drive designed to be used in conjunction with any type of processor controlled electronic device. For simplicity in describing SD100A and the other embodiments depicted in the figures, the embodiments may often be referred to as a memory card, but it should be understood that such reference is to a preferred embodiment and should not limit the scope of the present invention which is defined by the appended claims. Currently, the preferred form factor for a memory card in which the present invention is especially useful is the well known Secure Digital (“SD”) Card.
  • [0030]
    Data and commands are communicated to and from SD100A via host bus 102. The host, which is not shown, may be a personal computer or other electronic device. Secure controller 104 controls the read and write operations to and from unsecure memory 108 via memory bus 106. In doing so, it also limits access to the contents of the unsecure memory 108. As mentioned above, the firmware that runs the device is stored in unsecure memory 108. This firmware, which will be described in more detail later with regard to FIGS. 2-7, in conjunction with controller 104, provides the security that makes device 100A a secure device. Therefore, it is essential that the firmware that is executed by secure controller 104 is authentic, or the security of the system could be compromised.
  • [0031]
    Ensuring the authenticity of the firmware is much more difficult when it is in an unsecure memory. However, given that the unsecure memory 108 is used for mass storage purposes, it is quite large and is easily updated. Therefore, it makes sense to use the capacity of the unsecure memory to store the firmware. This may eliminate or a least reduce the size of a code storage device dedicated to storing the firmware. Alternatively it reduces the need for such storage within the controller. This cost saving is important in a competitive market. There are 3 main paths to the contents stored in memory 108: reading the contents of the memory 108 directly; monitoring the signals on bus 102; and monitoring the signals on bus 106. Even though any or all of the information in the unsecure memory 108 or on buses 102 and 106 may be in an encrypted format, there is always the danger that the encryption key(s) could be compromised. If the firmware were to be compromised and replaced with another firmware that lacked the security features of the authentic firmware, and then executed by the system, restricted or limited access files and private data on the mass storage memory could be copied or tampered with. For example, a user's banking or social security information could be copied or altered without authorization, with obvious negative ramifications. In another example, copyrighted or otherwise protected content could also be copied without authorization. Digital rights management schemes could be thwarted. As another example, cryptographic codes or user passwords could also be compromised.
  • [0032]
    FIG. 1B illustrates secure device 100B. Secure controller 104 comprises cryptographic engine 110, one or more encryption keys 112 stored in a non volatile memory of controller 104, and an indication 114 of the device operating state that is also stored in a non volatile memory of controller 104. In certain embodiments of the invention, numerous states or life cycle phases are entered and passed through during the life of the card. Depending on the phase, logic in the card enables or disables the encryption engine, controls access to hardware (before and after card assembly) and software testing mechanisms, and controls key generation. These phases not only allow both the hardware and software of the card to be thoroughly tested before and after manufacture, but also make it virtually impossible to access the encrypted keys and thus the encrypted content when the card is in a secure phase, the operating phase that the card is in when it is shipped to the user. For more information on the states or life cycle phases please refer to an application having attorney docket No. SNDK.383US3 “Secure Memory Card With Life Cycle Phases” to Micky Holtzman et al., which is hereby incorporated by this reference in its entirety.
  • [0033]
    The cryptographic engine 110 is hardware based and can encrypt and/or decrypt data as it passes through secure controller 104. For example, data encrypted with a first encryption algorithm as it arrives at the controller from host bus 102 can be decrypted and then encrypted with a second algorithm before it is sent to flash memory 108 via data bus 106. Of course, data encrypted in memory 108 can be decrypted by engine 110 and passed in a decrypted state over host bus 102 although it is preferably in an encrypted format as it passes over host bust 102 so as to avoid potential unauthorized copying of the data.
  • [0034]
    The cryptographic engine 110, also referred to as encryption engine 110, may comprise numerous sub engines and is capable of utilizing numerous encryption standards and algorithms. Examples of the various encryption techniques and algorithms include: Message Authentication Codes (“MACs”); Data Encryption Standard (“DES”), Triple DES, Advanced Encryption Standard (“AES”), RSA and Diffie-Helman that are often used in a Public Key Infrastructure (“PKI”), and other hash based encryption such as SHA-1 and MD5. The encryption engine may use other currently available algorithms and techniques and others yet to be developed or well accepted, and the aforementioned list is only meant to provide some examples.
  • [0035]
    A Message Authentication Code is a hash computed from a message and some secret data. It is difficult to forge without knowing the secret data. The MAC is computed using an algorithm based on the DES or AES ciphers, which use a secret key. The secret key 112, or one or more keys derived from the secret key are stored in controller 104, and therefore the hash or message authentication code created by the controller is associated with that controller, and cannot be duplicated by another controller. Therefore hash values from a particular controller are associated with the controller and can act as a type of signature of the controller and device, because the signature is unique and cannot be duplicated.
  • [0036]
    Although the aforementioned standards and various other algorithms and/or standards are well known to those skilled in cryptography, the following publications are informative and are hereby incorporated by reference in their entireties: RFC 3566—The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec by Sheila Frankel, NIST—National Institute of Standards and Technology, 820 West Diamond Ave, Room 677, Gaithersburg, Md. 20899, available at http://www.faqs.org/rfcs/rfc3566.html; Performance Comparison of Message Authentication Code (MAC) Algorithms for the Internet Protocol Security (IPSEC) by Janaka Deepakumara, Howard M. Heys and R. Venkatesan, Electrical and Computer Engineering, Memorial University of Newfoundland, St. John's, NL, Canada, A1B3S7 available at http://www.engr.mun.ca/˜howard/PAPERS/necec2003b.pdf; and Comments to NIST concerning AES Modes of Operations: A Suggestion for Handling Arbitrary-Length Messages with the CBC MAC by John Black, University of Nevada, Reno, Phillip Rogaway, University of California at Davis, available at http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes/xcbc-mac/xcbc-mac-spec.pdf.
  • [0037]
    FIG. 2 is an illustration of the memory space of the flash memory 108 that includes firmware 200 that runs devices 100A or 100B. The system firmware 200 comprises a boot loader (BLR) portion 200 a that resides in flash memory 108 and is preferably not changeable, and system firmware 200 b that resides in flash memory 108 and can be changed from time to time if necessary. The size of system firmware 200 is larger than the RAM module it is executed from, so the system firmware is divided into smaller portions referred to as overlays. Each overlay preferably has its own hash value and within system firmware 200 is a table 200 c of those hash values. Table 200 c is not loaded as part of system firmware 200 b, but the pre-stored values are compared with calculated values as will be discussed in more detail below. Any hash value can be used, but MAC or SHA-1 values are currently preferable. Generally, SHA-1 digests may alternatively be used in place of MAC values, and vice versa. The advantage of using MAC values is that they are associated with the hardware and the key of the hardware that created them. While SHA-1 values can be created for a given data set simply based upon the data itself, MAC values cannot be recreated without the key, and thus provide for more robust security. Specifically, because key 104 (or a key derived therefrom) stored in the non volatile memory of encryption engine 110 must be used to create the MAC values, another processor cannot be utilized to recreate the MAC values. For example, a hacker cannot use another processor outside of the system to duplicate the firmware and the associated MAC values.
  • [0038]
    As a further security precaution, the hash values themselves can be encrypted one or more times. In the example of MAC values, a MAC entry that protects the MAC table 200 c 2 is created so even if a hacker finds a way to switch or alter the firmware and recalculate the appropriate MACs, he is still facing a problem because he must calculate the MAC of MACs (or MAC of SHA-1s). Furthermore, in one embodiment the MAC of MACs is again encrypted and stored in another (different) memory field, for example the non volatile memory of encryption engine 110 or the controller 104. This multi-level distributed hierarchy ensures that the signatures cannot be forged, or rather, that a forged signature will not be accepted as authentic. As an illustration, if one were to access the flash memory 108 and replace the firmware and table 200 c, the system would then check one level up the hierarchy and see if the MAC of table 200 c indicates that table 200 c has not been tampered with. If the stored MAC of the table does not match the calculated MAC, this indicates a problem with the authenticity. However, if the MAC of table 200 c has also been altered to match the replaced table 200 c, then the system would verify the signature in error. This error is avoided by storing a copy of the MAC of table 200C in another (inaccessible) memory, and comparing the copy in the other (inaccessible) memory with the value in the flash memory 108. If the values do not match, this indicates an authenticity problem. Although only a few levels were illustrated, this multi-level distributed structure may have numerous levels and incorporate numerous different memories depending on the size and complexity of the firmware to be protected.
  • [0039]
    This multi-level distributed hierarchy employed in conjunction with the overlay structure of the firmware also results in a very efficient and rapid authentication process. Dividing the firmware into overlays and signing each overlay greatly speeds up the overall authentication process. This is because it is much faster to verify the signature of a smaller amount of code. In order to calculate a hash value, all of the data for which the hash is to be calculated must be read. The larger the portion of firmware to be read, the longer it will take to calculate the signature, and then verify that the signature is authentic. Calculating the signature for a large amount of data is potentially very time consuming and inefficient.
  • [0040]
    Also stored within the flash memory are various firmware applications 202A . . . X, shown as APP FW 1, 2 . . . X, and, of course, user files (not shown). The firmware applications may be configured differently for various product configurations. The number and type of these applications will vary from one product to another. The firmware applications are also preferably divided into overlays if the applications are larger than the RAM module. A map of the application firmware overlays 201A indicates the location in memory of the various overlays. A table of hash values (SHA-1 digests or MAC values etc . . . ) 201B for the various firmware applications, encrypted with a secret key, which may be secret key 104 or a key derived from secret key 104, is also stored in the flash memory. A firmware application is akin to other applications that run on a base system, e.g. a word processing application in the Windows® environment running on the Windows® operating system.
  • [0041]
    As discussed in the background, flash memory cells have a limited lifetime and the cells degrade with each read and write operation. Therefore data in the flash memory is generally moved from time to time in order to distribute the read and write operations evenly among the cells and distribute the “wear” evenly amongst the cells. This wear leveling, along with all read/write operations, is controlled by the firmware 200, and in particular by the system firmware 200B. In order to be able to easily move data, the data is logically stored. This means that a logical address is mapped to a physical address, and that while the logical address remains the same, it can be mapped to a different physical address. Again, this logical to physical mapping is carried out by the system firmware.
  • [0042]
    It presents some difficulty if the firmware is in charge of moving itself. This is especially true when the firmware is responsible for copy protection of the data in the flash memory, and should therefore preferably be verified as authentic before execution. Also, while it is true that the system firmware may be updated from time to time, it will be written very infrequently when compared with other data stored in the flash memory 108. Therefore, the firmware 200, including the boot loader 200 a is physically (without logical mapping) written to and read from flash memory 108.
  • [0043]
    The application firmware provides additional functionality not present in the system firmware, and may be loaded into the device at any time. It is unknown how much application firmware may be loaded into the device, and when each application may be loaded. Therefore space within the physical partition is not allocated and the application firmware is stored in the logical partition 214 and logically addressed like any other user files and data in the flash memory 108.
  • [0044]
    FIG. 3 illustrates the functional structure of the software of the device and how it accesses the mass storage memory 108. As mentioned before, the preferred embodiments comprise flash type memory for mass storage memory 108 and for simplicity, during this description of the preferred embodiments the terms may be used interchangeably. The portion of the software that is concerned with flash memory operations is referred to generally as the back end, while the portion of the software that involves the applications and the user interface is known as the front end. Firmware applications 202A, 202B . . . 202X run on top of firmware 200 which includes system firmware 200B. Although the BLR 200 a is a separate component of firmware 200, the BLR bootstraps the system firmware and may in essence generally be thought of as part of system firmware 200. The system firmware 200 has physical sector address routines or block 206 and logical/physical mapper or mapping routines 208. The mass storage memory 108 is partitioned into physical storage area 212 and logical storage area 214. Physical/logical partition 216 is used to illustrate the division or partitioning of the mass storage memory 108 into areas 212 and 214. Each of areas 212 and 216 can be further partitioned into smaller areas, and it is common in the art to use the term partitions to refer to these smaller areas also. The physical sector access routines or functional block 206 controls reading and writing in the physical area or partition 212, and the logical/physical mapper block controls reading and writing in the logical storage area 214.
  • [0045]
    Firmware 200, including system firmware 200B, is stored in physical area 212. Application firmware 202A . . . X is stored in logical area 214 where the user files are also stored. The application firmware and all other data in logical area 214 is moved around from time to time by the wear leveling routines of the system firmware.
  • [0046]
    The authenticity of all of the firmware is preferably checked before it is executed. This is done because, as discussed earlier, the mass storage memory 108 does not have its own built in protection mechanisms. The flowchart of FIG. 4 applies to any piece of firmware, including application firmware. In step 304, the firmware is signed. This is typically done at the time of loading of the firmware, but a signed record can be updated by overwriting the record with a new one. The signature comprises one or more hash values of at least a portion of the firmware. The hash values are preferably of the MAC variety, because, as discussed earlier, a MAC value is created with a key used with and/or stored within the controller that created the MAC value, and cannot be recreated by another processor. Each portion or piece of firmware may be signed using a different key. For example, BLR 200A may be signed with a first key, while system firmware 200B is signed with a second key. Various portions (e.g. overlays) of firmware 200 can also be signed with various different keys. As another example, each piece of application firmware 202A . . . X can be signed with a different key.
  • [0047]
    Hash values for BLR 200A are stored and calculated in a unique process that is described in copending application entitled “Hardware Driver Integrity Check Of Memory Card Controller Firmware” to Micky Holtzman et al. having attorney docket number SNDK.408US2. Please refer to that application for further information on that process.
  • [0048]
    In one preferred embodiment involving the aforementioned life cycle phases or states, the firmware can only be signed in certain states, and unsigned firmware cannot be executed. In particular, in state 150 (not shown), which is the secure operating state that the device will generally be in while in the hands of the consumer, firmware update and signing will not be allowed. This prevents installation of substitute firmware that may not be authentic. The system in that embodiment only enables the encryption engine to sign the firmware in states other than the secure state. In other embodiments, updating of the firmware is allowed in the field (i.e. while in state 150) as long as the firmware is signed before it is loaded and that signature can be verified by the card. The source of the firmware can also be identified and verified, as well as verifying the signature of the firmware itself. The firmware should be supplied by a trusted entity before it is loaded, and in a preferred embodiment the trust is established using a public key infrastructure (“PKI”) certificate. This certificate could be in addition to or alternatively in lieu of the hash based signature. For example, if trust is established (by the certificate in this illustrative embodiment) then the encryption engine would sign the firmware. As another added precaution, a secure connection can be established with the supplier of the firmware. The secure connection would be encrypted to protect the data passing between the device and the supplier. The secure connection would preferably be encrypted according to the aforementioned AES standard, but could employ any known encryption standard.
  • [0049]
    As mentioned previously, the system firmware is broken up into overlays of smaller size so that each overly can be loaded into RAM for execution. A map 200 c 1 of the various overlays is stored in the flash memory. Each overlay is individually signed. A table 200 c 2 of the signatures, which are preferably MAC values, is also stored in the flash memory as part of firmware 200. The system or device 200 allocates sufficient room in the RAM for complete table 200 c 2 to be loaded, and the entire table is loaded and resident in RAM during operation of the device.
  • [0050]
    Each firmware application 202A . . . X is also broken up into overlays, and each overlay is likewise signed. Currently, as with the system firmware, it is preferable to calculate key dependent hash (e.g. MAC) values to sign the firmware applications, although as mentioned previously, other hash values may be used. Table 201B contains the signatures for each application firmware overlay in map 201A. A one sector buffer is pre-allocated in the RAM as a workspace for the application firmware signatures.
  • [0051]
    Although it is preferable to sign each overlay of any of the firmware because this prevents replacement of a piece of firmware that may have critical decision making functionality, any amount of firmware can rely on one signature. For example, although not preferred, one signature could be used for all the firmware. Furthermore, the size of the overlays or portions to be signed may also vary. Referring again to FIG. 4, after the firmware is signed in step 304 as described above, each signature is verified in step 308. When each piece, e.g. each overlay, of the firmware is read from the flash memory, it passes through the encryption engine 110, and the hash value of the piece is created “on the fly” by the encryption engine. This calculated value is compared to the stored value, and if the values do not match there is a problem with the authenticity of the piece of the firmware. If there is a match, then the next level of the hierarchical structure described earlier with regard to FIG. 2 will preferably be checked. Preferably all the levels will be checked as will the copy stored in the additional memory. As mentioned previously, this distributed hierarchical structure assures that the firmware and signature are authentic.
  • [0052]
    FIG. 5 is a flowchart illustrating firmware execution. In step 504, the system verifies the signature of the boot loader portion (“BLR”). This can be done as mentioned above in regard to the system firmware, but is preferably done in another process described in a co-pending application entitled “Hardware Driver Integrity Check of Memory Card Controller Firmware” to Micky Holtzman et al. with attorney docket No. SNDK.408US2. After the signature of the BLR has been verified it is executed in step 506. Next in step 508 the system verifies the signature of the system firmware. It then executes it in step 510. If any application firmware is present, its signature is verified in step 512 and then once verified it is executed in step 514. This is done for each piece of application firmware. As mentioned above, any of the verification steps 506, 508, and 510 are preferably done for each overlay of the entity being verified before or as it is loaded into the RAM.
  • [0053]
    FIG. 6 is a flowchart illustrating the reading and verification of firmware 200, which is stored in the physical storage area 212. This corresponds to steps 504 and 508 of FIG. 5. In step 604 the data (firmware in this case) is read from the physical address where it is stored. Again, this physical read is performed without any logical mapping beforehand. Next, in step 604, hash value(s) are created for the firmware. These value(s) are temporarily stored in a register of the controller. Next in step 608 the value(s) calculated in step 606 are compared with the stored hash value(s). In the embodiments described, the stored value(s) are in tables in the flash memory, and may themselves be encrypted.
  • [0054]
    FIG. 7 is a flowchart illustrating the reading and verification of the firmware applications 202A . . . X. In step 704 the data is read from the logical address where it is stored. This comprises requesting logically addressed data from the system firmware in step 704A. It also comprises step 704B where the system firmware then maps the logical address with its corresponding physical address at that given time. After the data (firmware in this case) is read, hash values are calculated for the overlay or other quantity of firmware in step 706. Then in step 708 the calculated has value(s) are compared with the stored hash value(s). Again, in the embodiments described the stored hash values are in tables in the flash memory and may themselves be encrypted.
  • [0055]
    Although the various aspects of the present invention have been described with respect to exemplary embodiments thereof, it will be understood that the present invention is entitled to protection within the full scope of the appended claims.

Claims (26)

1. A flash memory based device comprising:
a mass storage repository comprising flash memory;
a first level of the firmware stored in a physical access partition of the mass storage repository;
a second level of the firmware stored in a logical access partition of the mass storage repository;
a logical to physical interface routine that maps logical addresses to physical addresses in the logical access partition; and
a controller that executes the first level of firmware in the physical access partition without use of the logical to physical interface routine, but executes the second level of firmware through the logical to physical interface routine.
2. The flash memory based device of claim 1, wherein the logical to physical interface routine is part of the first level of firmware.
3. The flash memory based device of claim 2, wherein a location of the second level of firmware is mapped by the first level of firmware.
4. A device with mass storage capabilities, comprising:
mass storage comprising flash memory cells;
a controller having encryption hardware;
random access memory; and
a first level of firmware stored in the mass storage flash memory cells that controls writing data to and reading data from the flash memory cells;
wherein the authenticity of the first level of firmware is verified with hash values that are associated with the controller of the device.
5. The device of claim 4, wherein a key within the controller is needed to create the hash values, and wherein the hash values are associated with said key of the controller.
6. The device of claim 4, wherein the first level of firmware is stored in an encrypted format.
7. The device of claim 6, wherein the firmware is encrypted with the encryption hardware using a key stored in a non volatile memory of the controller.
8. The device of claim 4, further comprising a first table of the hash values associated with the first level of firmware, the table stored within the mass storage flash memory cells.
9. The device of claim 8, further comprising a second table, the second table comprising one or more hash values of the data of the first table.
10. The device of claim 9, wherein one or more of the hash values of the second table are associated with the controller of the device.
11. The device of claim 9, wherein a copy of the second table is stored in a non volatile memory of the controller.
12. The device of claim 11, wherein if the copy of the second table does not match the second table then the authenticity will not be verified.
13. The device of claim 4, further comprising a second level of firmware comprising one or more firmware applications, the second level of firmware stored in the mass storage flash memory cells.
14. The device of claim 13, further comprising a third table, the third table comprising hash values associated with the second level of firmware.
15. The device of claim 14, wherein the third table is encrypted.
16. The device of claim 15, wherein the third table is encrypted with the controller encryption hardware using a key stored in a non volatile memory of the controller.
17. The device of claim 14, wherein one or more of the hash values of the third table are correlated to a controller of the device, and wherein the device will not function unless one or more of the hash values is correlated to the controller.
18. A device comprising:
a mass storage repository comprising flash memory;
random access memory;
system firmware stored in a first area of the mass storage repository; and
application firmware stored in a second area of the mass storage repository, wherein the system firmware controls reading and writing of data in the second area, including reading and writing of the application firmware.
19. The device of claim 18, further comprising an encryption mechanism that verifies the system firmware and the application firmware.
20. The device of claim 18, further comprising encryption hardware, the encryption hardware calculating hash values traceable to the particular hardware that created the values.
21. A secure system comprising:
a non-secure mass storage memory;
a secure controller; and
firmware comprising security mechanisms of the secure system, said firmware stored in the non-secure mass storage memory,
wherein the controller is operable to verify the integrity of at least a portion of the firmware without using the security mechanisms of the firmware, thereby preventing unauthorized alteration of the firmware although it is stored in the non-secure mass storage memory.
22. The secure system of claim 21, wherein the firmware is correlated with the controller of the system, and wherein the device will not function unless correlation between the firmware and the controller is established.
23. The secure system of claim 21, wherein the firmware comprises a group of layers, and wherein the authenticity of at least one layer is verified by hardware.
24. The system of claim 21, further comprising a plurality of states, one or more of the plurality used during production, and one or more of the states used for secure operation by a consumer.
25. The system of claim 24, wherein if the system is in a secure state a source of the firmware must be identified before the firmware can be stored in the non-secure mass storage memory.
26. The system of claim 24, wherein one or more of the plurality of states may be used for fault analysis, and wherein in a fault analysis state of the plurality, firmware from an unidentified source may be stored in the non-secure mass storage memory, and wherein the secure controller will not allow operation of the system in a secure state of the plurality.
US11317339 2005-09-14 2005-12-22 Secure yet flexible system architecture for secure devices with flash mass storage memory Abandoned US20070061597A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US71716405 true 2005-09-14 2005-09-14
US11317339 US20070061597A1 (en) 2005-09-14 2005-12-22 Secure yet flexible system architecture for secure devices with flash mass storage memory

Applications Claiming Priority (7)

Application Number Priority Date Filing Date Title
US11317339 US20070061597A1 (en) 2005-09-14 2005-12-22 Secure yet flexible system architecture for secure devices with flash mass storage memory
CN 200680033896 CN101273363B (en) 2005-09-14 2006-09-13 Flash mass storage memory and operation method thereof
EP20060814654 EP1934879B1 (en) 2005-09-14 2006-09-13 Secure yet flexible system architecture for secure devices with flash mass storage memory
JP2008531323A JP4891324B2 (en) 2005-09-14 2006-09-13 For reliable device with large-capacity flash memory, a flexible system architectures, yet secure
KR20087006257A KR101014179B1 (en) 2005-09-14 2006-09-13 Secure yet flexible system architecture for secure devices with flash mass storage memory
PCT/US2006/035839 WO2007033321A3 (en) 2005-09-14 2006-09-13 Secure yet flexible system architecture for secure devices with flash mass storage memory
US12122412 US20080215847A1 (en) 2005-09-14 2008-05-16 Secure yet flexible system architecture for secure devices with flash mass storage memory

Publications (1)

Publication Number Publication Date
US20070061597A1 true true US20070061597A1 (en) 2007-03-15

Family

ID=40006403

Family Applications (3)

Application Number Title Priority Date Filing Date
US11317341 Active 2026-03-12 US7934049B2 (en) 2005-09-14 2005-12-22 Methods used in a secure yet flexible system architecture for secure devices with flash mass storage memory
US11317339 Abandoned US20070061597A1 (en) 2005-09-14 2005-12-22 Secure yet flexible system architecture for secure devices with flash mass storage memory
US12122412 Abandoned US20080215847A1 (en) 2005-09-14 2008-05-16 Secure yet flexible system architecture for secure devices with flash mass storage memory

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US11317341 Active 2026-03-12 US7934049B2 (en) 2005-09-14 2005-12-22 Methods used in a secure yet flexible system architecture for secure devices with flash mass storage memory

Family Applications After (1)

Application Number Title Priority Date Filing Date
US12122412 Abandoned US20080215847A1 (en) 2005-09-14 2008-05-16 Secure yet flexible system architecture for secure devices with flash mass storage memory

Country Status (2)

Country Link
US (3) US7934049B2 (en)
CN (1) CN101273363B (en)

Cited By (114)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060176068A1 (en) * 2005-02-07 2006-08-10 Micky Holtzman Methods used in a secure memory card with life cycle phases
US20060177064A1 (en) * 2005-02-07 2006-08-10 Micky Holtzman Secure memory card with life cycle phases
US20070061570A1 (en) * 2005-09-14 2007-03-15 Michael Holtzman Method of hardware driver integrity check of memory card controller firmware
US20070061581A1 (en) * 2005-09-14 2007-03-15 Micky Holtzman Methods used in a secure yet flexible system architecture for secure devices with flash mass storage memory
US20070188183A1 (en) * 2005-02-07 2007-08-16 Micky Holtzman Secure memory card with life cycle phases
US20070239748A1 (en) * 2006-03-29 2007-10-11 Smith Ned M Management of reference data for platform verification
US20070260616A1 (en) * 2006-05-08 2007-11-08 Eran Shen Media with Pluggable Codec Methods
US20070260615A1 (en) * 2006-05-08 2007-11-08 Eran Shen Media with Pluggable Codec
WO2007139516A1 (en) * 2006-05-31 2007-12-06 Datamark Technologies Pte Ltd A secure media storage device and method of securing media storage devices
US20070294494A1 (en) * 2006-06-16 2007-12-20 Texas Instruments Incorporated Page processing circuits, devices, methods and systems for secure demand paging and other operations
US20070294496A1 (en) * 2006-06-19 2007-12-20 Texas Instruments Incorporated Methods, apparatus, and systems for secure demand paging and other paging operations for processor devices
US20080082447A1 (en) * 2006-08-08 2008-04-03 Fabrice Jogand-Coulomb Portable Mass Storage Device With Virtual Machine Activation
US20080114981A1 (en) * 2006-11-13 2008-05-15 Seagate Technology Llc Method and apparatus for authenticated data storage
US20080117679A1 (en) * 2006-11-19 2008-05-22 Pramila Srinivasan Securing a flash memory block in a secure device system and method
US20080126705A1 (en) * 2006-08-08 2008-05-29 Fabrice Jogand-Coulomb Methods Used In A Portable Mass Storage Device With Virtual Machine Activation
US20080141381A1 (en) * 2006-05-24 2008-06-12 Walkoe Wilbur J Integrated delivery and protection device for digital objects
US20080162947A1 (en) * 2006-12-28 2008-07-03 Michael Holtzman Methods of upgrading a memory card that has security mechanisms that prevent copying of secure content and applications
US20080247546A1 (en) * 2007-04-06 2008-10-09 Samsung Electronics Co., Ltd. Method and apparatus for protecting digital content stored in usb mass storage device using time information
US20080301466A1 (en) * 2007-05-30 2008-12-04 Mediatek Inc. Methods for program verification and apparatuses using the same
US20090055660A1 (en) * 2007-08-22 2009-02-26 Chih-Wen Cheng Security flash memory, data encryption device and method for accessing security flash memory
US20090063756A1 (en) * 2007-08-31 2009-03-05 Microsoft Corporation Using flash storage device to prevent unauthorized use of software
US20090113116A1 (en) * 2007-10-30 2009-04-30 Thompson E Earle Digital content kiosk and methods for use therewith
WO2009062965A2 (en) * 2007-11-12 2009-05-22 Gemalto Sa System and method for secure firmware update of a secure token having a flash memory controller and a smart card
US20090150605A1 (en) * 2007-12-06 2009-06-11 David Flynn Apparatus, system, and method for converting a storage request into an append data storage command
US20090172259A1 (en) * 2007-12-27 2009-07-02 Pliant Technology, Inc. Mass storage controller volatile memory containing metadata related to flash memory storage
US20090193261A1 (en) * 2008-01-25 2009-07-30 Mediatek Inc. Apparatus and method for authenticating a flash program
US20090210615A1 (en) * 2008-02-14 2009-08-20 Vadzim Struk Overlay management in a flash memory storage device
FR2930065A1 (en) * 2008-04-11 2009-10-16 Thales Sa Smart card data securing method for computer ticketing system, involves decrypting encrypted seal variable, disassembling variable for obtaining seals corresponding to data, and verifying coherence of each seal with corresponding data
US20090290712A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc On-die cryptographic apparatus in a secure microprocessor
US20090293130A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Microprocessor having a secure execution mode with provisions for monitoring, indicating, and managing security levels
US20090327743A1 (en) * 2008-01-18 2009-12-31 Aridian Technology Company, Inc. Secure portable data transport & storage system
US20100023673A1 (en) * 2008-07-22 2010-01-28 Sandisk Corporation Avoidance of self eviction caused by dynamic memory allocation in a flash memory storage device
US20100122017A1 (en) * 2007-03-28 2010-05-13 Masayuki Toyama Memory controller, non-volatile memory system, and host device
US7743409B2 (en) 2005-07-08 2010-06-22 Sandisk Corporation Methods used in a mass storage device with automated credentials loading
US20100318720A1 (en) * 2009-06-16 2010-12-16 Saranyan Rajagopalan Multi-Bank Non-Volatile Memory System with Satellite File System
WO2012009318A1 (en) 2010-07-13 2012-01-19 Sandisk Technologies Inc. Dynamic optimization of back-end memory system interface
US8161353B2 (en) 2007-12-06 2012-04-17 Fusion-Io, Inc. Apparatus, system, and method for validating that a correct data segment is read from a data storage device
US8365041B2 (en) 2010-03-17 2013-01-29 Sandisk Enterprise Ip Llc MLC self-raid flash data protection scheme
US8464135B2 (en) 2010-07-13 2013-06-11 Sandisk Technologies Inc. Adaptive flash interface
US20130173900A1 (en) * 2011-12-28 2013-07-04 Huawei Technologies Co., Ltd. Key transmission method and device of a virtual machine under full disk encryption during pre-boot
US8675868B1 (en) 2008-07-01 2014-03-18 Maxim Integrated Products, Inc. Encrypting an address-dependent value along with code to prevent execution or use of moved code
US8793543B2 (en) 2011-11-07 2014-07-29 Sandisk Enterprise Ip Llc Adaptive read comparison signal generation for memory systems
US20140250291A1 (en) * 2013-03-01 2014-09-04 Nicholas J. Adams Continuation of trust for platform boot firmware
US8891303B1 (en) 2014-05-30 2014-11-18 Sandisk Technologies Inc. Method and system for dynamic word line based configuration of a three-dimensional memory device
US8909982B2 (en) 2011-06-19 2014-12-09 Sandisk Enterprise Ip Llc System and method for detecting copyback programming problems
US8910020B2 (en) 2011-06-19 2014-12-09 Sandisk Enterprise Ip Llc Intelligent bit recovery for flash memory
US8924815B2 (en) 2011-11-18 2014-12-30 Sandisk Enterprise Ip Llc Systems, methods and devices for decoding codewords having multiple parity segments
US8954822B2 (en) 2011-11-18 2015-02-10 Sandisk Enterprise Ip Llc Data encoder and decoder using memory-specific parity-check matrix
US9003264B1 (en) 2012-12-31 2015-04-07 Sandisk Enterprise Ip Llc Systems, methods, and devices for multi-dimensional flash RAID data protection
US9009576B1 (en) 2013-03-15 2015-04-14 Sandisk Enterprise Ip Llc Adaptive LLR based on syndrome weight
US9043517B1 (en) 2013-07-25 2015-05-26 Sandisk Enterprise Ip Llc Multipass programming in buffers implemented in non-volatile data storage systems
US9048876B2 (en) 2011-11-18 2015-06-02 Sandisk Enterprise Ip Llc Systems, methods and devices for multi-tiered error correction
US9070481B1 (en) 2014-05-30 2015-06-30 Sandisk Technologies Inc. Internal current measurement for age measurements
US9069688B2 (en) 2011-04-15 2015-06-30 Sandisk Technologies Inc. Dynamic optimization of back-end memory system interface
US9092350B1 (en) 2013-03-15 2015-07-28 Sandisk Enterprise Ip Llc Detection and handling of unbalanced errors in interleaved codewords
US9092370B2 (en) 2013-12-03 2015-07-28 Sandisk Enterprise Ip Llc Power failure tolerant cryptographic erase
US9093160B1 (en) 2014-05-30 2015-07-28 Sandisk Technologies Inc. Methods and systems for staggered memory operations
US9122636B2 (en) 2013-11-27 2015-09-01 Sandisk Enterprise Ip Llc Hard power fail architecture
US9129665B2 (en) 2013-12-17 2015-09-08 Sandisk Enterprise Ip Llc Dynamic brownout adjustment in a storage device
US9136877B1 (en) 2013-03-15 2015-09-15 Sandisk Enterprise Ip Llc Syndrome layered decoding for LDPC codes
US9141291B2 (en) 2013-11-26 2015-09-22 Sandisk Technologies Inc. Adaptive context disbursement for improved performance in non-volatile memory systems
US9152555B2 (en) 2013-11-15 2015-10-06 Sandisk Enterprise IP LLC. Data management with modular erase in a data storage system
US9158349B2 (en) 2013-10-04 2015-10-13 Sandisk Enterprise Ip Llc System and method for heat dissipation
US9159437B2 (en) 2013-06-11 2015-10-13 Sandisk Enterprise IP LLC. Device and method for resolving an LM flag issue
US9170941B2 (en) 2013-04-05 2015-10-27 Sandisk Enterprises IP LLC Data hardening in a storage system
US9214965B2 (en) 2013-02-20 2015-12-15 Sandisk Enterprise Ip Llc Method and system for improving data integrity in non-volatile storage
US9235509B1 (en) 2013-08-26 2016-01-12 Sandisk Enterprise Ip Llc Write amplification reduction by delaying read access to data written during garbage collection
US9235245B2 (en) 2013-12-04 2016-01-12 Sandisk Enterprise Ip Llc Startup performance and power isolation
US9236886B1 (en) 2013-03-15 2016-01-12 Sandisk Enterprise Ip Llc Universal and reconfigurable QC-LDPC encoder
US9239751B1 (en) 2012-12-27 2016-01-19 Sandisk Enterprise Ip Llc Compressing data from multiple reads for error control management in memory systems
US9244763B1 (en) 2013-03-15 2016-01-26 Sandisk Enterprise Ip Llc System and method for updating a reading threshold voltage based on symbol transition information
US9244785B2 (en) 2013-11-13 2016-01-26 Sandisk Enterprise Ip Llc Simulated power failure and data hardening
US9250676B2 (en) 2013-11-29 2016-02-02 Sandisk Enterprise Ip Llc Power failure architecture and verification
US9263156B2 (en) 2013-11-07 2016-02-16 Sandisk Enterprise Ip Llc System and method for adjusting trip points within a storage device
US9280429B2 (en) 2013-11-27 2016-03-08 Sandisk Enterprise Ip Llc Power fail latching based on monitoring multiple power supply voltages in a storage device
US9298608B2 (en) 2013-10-18 2016-03-29 Sandisk Enterprise Ip Llc Biasing for wear leveling in storage systems
US9323637B2 (en) 2013-10-07 2016-04-26 Sandisk Enterprise Ip Llc Power sequencing and data hardening architecture
US9329928B2 (en) 2013-02-20 2016-05-03 Sandisk Enterprise IP LLC. Bandwidth optimization in a non-volatile memory system
US9348377B2 (en) 2014-03-14 2016-05-24 Sandisk Enterprise Ip Llc Thermal isolation techniques
US9367246B2 (en) 2013-03-15 2016-06-14 Sandisk Technologies Inc. Performance optimization of data transfer for soft information generation
US9384128B2 (en) 2014-04-18 2016-07-05 SanDisk Technologies, Inc. Multi-level redundancy code for non-volatile memory controller
US9384126B1 (en) 2013-07-25 2016-07-05 Sandisk Technologies Inc. Methods and systems to avoid false negative results in bloom filters implemented in non-volatile data storage systems
US9390021B2 (en) 2014-03-31 2016-07-12 Sandisk Technologies Llc Efficient cache utilization in a tiered data structure
US9390814B2 (en) 2014-03-19 2016-07-12 Sandisk Technologies Llc Fault detection and prediction for data storage elements
US9436831B2 (en) 2013-10-30 2016-09-06 Sandisk Technologies Llc Secure erase in a memory device
US9442662B2 (en) 2013-10-18 2016-09-13 Sandisk Technologies Llc Device and method for managing die groups
US9443601B2 (en) 2014-09-08 2016-09-13 Sandisk Technologies Llc Holdup capacitor energy harvesting
US9442670B2 (en) 2013-09-03 2016-09-13 Sandisk Technologies Llc Method and system for rebalancing data stored in flash memory devices
US9448876B2 (en) 2014-03-19 2016-09-20 Sandisk Technologies Llc Fault detection and prediction in storage devices
US9454420B1 (en) 2012-12-31 2016-09-27 Sandisk Technologies Llc Method and system of reading threshold voltage equalization
US9454448B2 (en) 2014-03-19 2016-09-27 Sandisk Technologies Llc Fault testing in storage devices
US9485851B2 (en) 2014-03-14 2016-11-01 Sandisk Technologies Llc Thermal tube assembly structures
US9497889B2 (en) 2014-02-27 2016-11-15 Sandisk Technologies Llc Heat dissipation for substrate assemblies
US9501398B2 (en) 2012-12-26 2016-11-22 Sandisk Technologies Llc Persistent storage device with NVRAM for staging writes
US9520197B2 (en) 2013-11-22 2016-12-13 Sandisk Technologies Llc Adaptive erase of a storage device
US9520162B2 (en) 2013-11-27 2016-12-13 Sandisk Technologies Llc DIMM device controller supervisor
US9519577B2 (en) 2013-09-03 2016-12-13 Sandisk Technologies Llc Method and system for migrating data between flash memory devices
US9519319B2 (en) 2014-03-14 2016-12-13 Sandisk Technologies Llc Self-supporting thermal tube structure for electronic assemblies
US9524235B1 (en) 2013-07-25 2016-12-20 Sandisk Technologies Llc Local hash value generation in non-volatile data storage systems
US9549457B2 (en) 2014-02-12 2017-01-17 Sandisk Technologies Llc System and method for redirecting airflow across an electronic assembly
US9582058B2 (en) 2013-11-29 2017-02-28 Sandisk Technologies Llc Power inrush management of storage devices
US9612948B2 (en) 2012-12-27 2017-04-04 Sandisk Technologies Llc Reads and writes between a contiguous data block and noncontiguous sets of logical address blocks in a persistent storage device
US9626399B2 (en) 2014-03-31 2017-04-18 Sandisk Technologies Llc Conditional updates for reducing frequency of data modification operations
US9626400B2 (en) 2014-03-31 2017-04-18 Sandisk Technologies Llc Compaction of information in tiered data structure
US9639463B1 (en) 2013-08-26 2017-05-02 Sandisk Technologies Llc Heuristic aware garbage collection scheme in storage systems
US9645749B2 (en) 2014-05-30 2017-05-09 Sandisk Technologies Llc Method and system for recharacterizing the storage density of a memory device or a portion thereof
US9652381B2 (en) 2014-06-19 2017-05-16 Sandisk Technologies Llc Sub-block garbage collection
US9697267B2 (en) 2014-04-03 2017-07-04 Sandisk Technologies Llc Methods and systems for performing efficient snapshots in tiered data structures
US9699263B1 (en) 2012-08-17 2017-07-04 Sandisk Technologies Llc. Automatic read and write acceleration of data accessed by virtual machines
US9703636B2 (en) 2014-03-01 2017-07-11 Sandisk Technologies Llc Firmware reversion trigger and control
US9703491B2 (en) 2014-05-30 2017-07-11 Sandisk Technologies Llc Using history of unaligned writes to cache data and avoid read-modify-writes in a non-volatile storage device
US9703816B2 (en) 2013-11-19 2017-07-11 Sandisk Technologies Llc Method and system for forward reference logging in a persistent datastore
US9747220B2 (en) 2004-04-08 2017-08-29 Texas Instruments Incorporated Methods, apparatus, and systems for secure demand paging and other paging operations for processor devices
US9870830B1 (en) 2013-03-14 2018-01-16 Sandisk Technologies Llc Optimal multilevel sensing for reading data from a storage medium

Families Citing this family (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2837944B1 (en) * 2002-03-26 2004-07-09 Oberthur Card Syst Sa Method and automatic validation device of a computer program using cryptographic functions
DE102004013176B4 (en) * 2004-03-17 2007-09-06 Atmel Germany Gmbh Method and apparatus for executing a program
DE102004062592B3 (en) * 2004-12-24 2006-06-08 Leica Microsystems Jena Gmbh Disk-shaped substrate testing system, has suction unit arranged at side of housing and spaced from mounting plate, and opening provided in suction unit, where opening has width that corresponds to distance of plate to wall of housing
US8560823B1 (en) 2007-04-24 2013-10-15 Marvell International Ltd. Trusted modular firmware update using digital certificate
US20090199014A1 (en) * 2008-02-04 2009-08-06 Honeywell International Inc. System and method for securing and executing a flash routine
US8332931B1 (en) * 2008-09-04 2012-12-11 Marvell International Ltd. Processing commands according to authorization
US8412880B2 (en) * 2009-01-08 2013-04-02 Micron Technology, Inc. Memory system controller to manage wear leveling across a plurality of storage nodes
WO2011080720A3 (en) * 2009-12-31 2011-08-25 Infinite Memory Ltd. Methods circuits apparatuses and systems for secure content duplication distribution and access
US8613074B2 (en) 2010-09-30 2013-12-17 Micron Technology, Inc. Security protection for memory content of processor main memory
US9501399B2 (en) 2011-02-04 2016-11-22 Kabushiki Kaisha Toshiba Memory system capable of controlling wireless communication function
JP5372049B2 (en) * 2011-02-04 2013-12-18 株式会社東芝 Memory system
JP5395824B2 (en) 2011-02-16 2014-01-22 株式会社東芝 Memory system
US8281119B1 (en) * 2011-11-22 2012-10-02 Google Inc. Separate normal firmware and developer firmware
US8856536B2 (en) * 2011-12-15 2014-10-07 GM Global Technology Operations LLC Method and apparatus for secure firmware download using diagnostic link connector (DLC) and OnStar system
KR20130098641A (en) 2012-02-28 2013-09-05 삼성전자주식회사 Storage device and memory controller thereof
KR20130126843A (en) 2012-05-04 2013-11-21 삼성전자주식회사 System on chip, operation method thereof, and devices having the same
EP2909783A4 (en) * 2012-10-19 2016-09-28 Mcafee Inc Secure disk access control
US20140237263A1 (en) * 2013-02-19 2014-08-21 Kabushiki Kaisha Toshiba Nonvolatile semiconductor memory device and memory system using the same
WO2014177904A1 (en) * 2013-04-29 2014-11-06 Freescale Semiconductor, Inc. Memory controller
KR20150033895A (en) 2013-09-25 2015-04-02 삼성전자주식회사 crum chip mauntable in comsumable unit, image forming apparatus for authentificating the crum chip, and method thereof
US20150286585A1 (en) * 2014-04-08 2015-10-08 Micron Technology, Inc. Apparatuses and methods for securing an access protection scheme
US9678760B2 (en) 2014-08-01 2017-06-13 Samsung Electronics Co., Ltd. Memory card and storage system having authentication program and method for operating thereof
US20160261412A1 (en) * 2015-03-04 2016-09-08 Avaya Inc. Two-Step Authentication And Activation of Quad Small Form Factor Pluggable (QFSP+) Transceivers

Citations (97)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6371377B1 (en) *
US4590552A (en) * 1982-06-30 1986-05-20 Texas Instruments Incorporated Security bit for designating the security status of information stored in a nonvolatile memory
US4797853A (en) * 1985-11-15 1989-01-10 Unisys Corporation Direct memory access controller for improved system security, memory to memory transfers, and interrupt processing
US4907268A (en) * 1986-11-03 1990-03-06 Enigma Logic, Inc. Methods and apparatus for controlling access to information processed a multi-user-accessible digital computer
US5006823A (en) * 1988-10-28 1991-04-09 Thomson-Csf Microwave phase shifter with 0 or π phase shift
US5235641A (en) * 1990-03-13 1993-08-10 Hitachi, Ltd. File encryption method and file cryptographic system
US5293424A (en) * 1992-10-14 1994-03-08 Bull Hn Information Systems Inc. Secure memory card
US5311595A (en) * 1989-06-07 1994-05-10 Kommunedata I/S Method of transferring data, between computer systems using electronic cards
US5319765A (en) * 1990-11-29 1994-06-07 Mitsubishi Denki Kabushiki Kaisha Semiconductor memory unit utilizing a security code generator for selectively inhibiting memory access
US5327563A (en) * 1992-11-13 1994-07-05 Hewlett-Packard Method for locking software files to a specific storage device
US5404485A (en) * 1993-03-08 1995-04-04 M-Systems Flash Disk Pioneers Ltd. Flash file system
US5438575A (en) * 1992-11-16 1995-08-01 Ampex Corporation Data storage system with stale data detector and method of operation
US5442704A (en) * 1994-01-14 1995-08-15 Bull Nh Information Systems Inc. Secure memory card with programmed controlled security access control
US5596738A (en) * 1992-01-31 1997-01-21 Teac Corporation Peripheral device control system using changeable firmware in a single flash memory
US5606660A (en) * 1994-10-21 1997-02-25 Lexar Microsystems, Inc. Method and apparatus for combining controller firmware storage and controller logic in a mass storage system
US5629513A (en) * 1994-03-04 1997-05-13 Gemplus Card International Method for the functioning of a chip card, and chip card in accordance therewith
US5710639A (en) * 1996-01-25 1998-01-20 Kuznicki; William Joseph Scan line compressed facsimile communication system
US5857020A (en) * 1995-12-04 1999-01-05 Northern Telecom Ltd. Timed availability of secured content provisioned on a storage medium
US5860082A (en) * 1996-03-28 1999-01-12 Datalight, Inc. Method and apparatus for allocating storage in a flash memory
USRE36181E (en) * 1993-06-30 1999-04-06 United Technologies Automotive, Inc. Pseudorandom number generation and crytographic authentication
US5917909A (en) * 1992-12-23 1999-06-29 Gao Gesellschaft Fur Automation Und Organisation Mbh System for testing the authenticity of a data carrier
US5933854A (en) * 1995-05-31 1999-08-03 Mitsubishi Denki Kabushiki Kaisha Data security system for transmitting and receiving data between a memory card and a computer using a public key cryptosystem
US5943423A (en) * 1995-12-15 1999-08-24 Entegrity Solutions Corporation Smart token system for secure electronic transactions and identification
US6026402A (en) * 1998-01-07 2000-02-15 Hewlett-Packard Company Process restriction within file system hierarchies
US6028933A (en) * 1997-04-17 2000-02-22 Lucent Technologies Inc. Encrypting method and apparatus enabling multiple access for multiple services and multiple transmission modes over a broadband communication network
US6073234A (en) * 1997-05-07 2000-06-06 Fuji Xerox Co., Ltd. Device for authenticating user's access rights to resources and method
US6101588A (en) * 1997-09-25 2000-08-08 Emc Corporation Device level busy arrangement for mass storage subsystem including a plurality of devices
US6182229B1 (en) * 1996-03-13 2001-01-30 Sun Microsystems, Inc. Password helper using a client-side master password which automatically presents the appropriate server-side password in a particular remote server
US6181252B1 (en) * 1996-08-23 2001-01-30 Denso Corporation Remote control system and method having a system-specific code
US6230223B1 (en) * 1998-06-01 2001-05-08 Compaq Computer Corporation Dual purpose apparatus method and system for accelerated graphics or second memory interface
US6230233B1 (en) * 1991-09-13 2001-05-08 Sandisk Corporation Wear leveling techniques for flash EEPROM systems
US6243816B1 (en) * 1998-04-30 2001-06-05 International Business Machines Corporation Single sign-on (SSO) mechanism personal key manager
US6253328B1 (en) * 1998-02-12 2001-06-26 A. James Smith, Jr. Method and apparatus for securing passwords and personal identification numbers
US6353888B1 (en) * 1997-07-07 2002-03-05 Fuji Xerox Co., Ltd. Access rights authentication apparatus
US20020029343A1 (en) * 2000-09-05 2002-03-07 Fujitsu Limited Smart card access management system, sharing method, and storage medium
US6356941B1 (en) * 1999-02-22 2002-03-12 Cyber-Ark Software Ltd. Network vaults
US20020034303A1 (en) * 2000-01-21 2002-03-21 The Chamberlain Group, Inc. Rolling code security system
US6370251B1 (en) * 1998-06-08 2002-04-09 General Dynamics Decision Systems, Inc. Traffic key access method and terminal for secure communication without key escrow facility
US6371377B2 (en) * 1997-12-10 2002-04-16 Fujitsu Limited Card type recording medium and access control method for card type recording medium and computer-readable recording medium having access control program for card type recording medium recorded
US6385729B1 (en) * 1998-05-26 2002-05-07 Sun Microsystems, Inc. Secure token device access to services provided by an internet service provider (ISP)
US6389542B1 (en) * 1999-10-27 2002-05-14 Terence T. Flyntz Multi-level secure computer with token-based access control
US6393565B1 (en) * 1998-08-03 2002-05-21 Entrust Technologies Limited Data management system and method for a limited capacity cryptographic storage unit
US20020065730A1 (en) * 2000-11-30 2002-05-30 Naoaki Nii Method of and a system for distributing electronic content
US6422460B1 (en) * 1999-01-29 2002-07-23 Verisign, Inc. Authorization system using an authorizing device
US20020099666A1 (en) * 2000-11-22 2002-07-25 Dryer Joseph E. System for maintaining the security of client files
US6434700B1 (en) * 1998-12-22 2002-08-13 Cisco Technology, Inc. Authentication and authorization mechanisms for Fortezza passwords
US20030018889A1 (en) * 2001-07-20 2003-01-23 Burnett Keith L. Automated establishment of addressability of a network device for a target network enviroment
US20030028514A1 (en) * 2001-06-05 2003-02-06 Lord Stephen Philip Extended attribute caching in clustered filesystem
US20030028797A1 (en) * 1999-01-15 2003-02-06 Rainbow Technologies, Inc. Integrated USB connector for personal token
US6522655B1 (en) * 1998-05-12 2003-02-18 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus in a telecommunications system
US20030061504A1 (en) * 2001-08-13 2003-03-27 Sprigg Stephen A. Application level access privilege to a storage area on a computer device
US20030070083A1 (en) * 2001-09-28 2003-04-10 Kai-Wilhelm Nessler Method and device for encryption/decryption of data on mass storage device
US20030101327A1 (en) * 2001-11-16 2003-05-29 Samsung Electronics Co., Ltd. Flash memory management method
US6577734B1 (en) * 1995-10-31 2003-06-10 Lucent Technologies Inc. Data encryption key management system
US20030110169A1 (en) * 2001-12-12 2003-06-12 Secretseal Inc. System and method for providing manageability to security information for secured items
US20030120938A1 (en) * 2001-11-27 2003-06-26 Miki Mullor Method of securing software against reverse engineering
US20030131210A1 (en) * 2001-12-19 2003-07-10 Detlef Mueller Method and arrangement for the verification of NV fuses as well as a corresponding computer program product and a corresponding computer-readable storage medium
US20030135739A1 (en) * 1999-01-25 2003-07-17 Talton David N. System and method for authentication
US20030149886A1 (en) * 2002-02-04 2003-08-07 Yoshikatsu Ito Digital content management device and digital content management program
US6678828B1 (en) * 2002-07-22 2004-01-13 Vormetric, Inc. Secure network file access control system
US20040044625A1 (en) * 2002-06-10 2004-03-04 Ken Sakamura Digital contents issuing system and digital contents issuing method
US20040059916A1 (en) * 2002-09-11 2004-03-25 Nagamasa Mizushima Memory card
US20040066936A1 (en) * 1995-05-17 2004-04-08 The Chamberlain Group, Ltd. Rolling code security system
US20040083370A1 (en) * 2002-09-13 2004-04-29 Sun Microsystems, Inc., A Delaware Corporation Rights maintenance in a rights locker system for digital content access control
US20040098585A1 (en) * 2002-11-05 2004-05-20 Rainbow Technologies, Inc. Secure authentication using hardware token and computer fingerprint
US6742117B1 (en) * 1997-01-30 2004-05-25 Rohm Co., Ltd. IC card and method of using IC card
US20040103288A1 (en) * 2002-11-27 2004-05-27 M-Systems Flash Disk Pioneers Ltd. Apparatus and method for securing data on a portable storage device
US20040117653A1 (en) * 2001-07-10 2004-06-17 Packet Technologies Ltd. Virtual private network mechanism incorporating security association processor
US6754765B1 (en) * 2001-05-14 2004-06-22 Integrated Memory Logic, Inc. Flash memory controller with updateable microcode
US20040123127A1 (en) * 2002-12-18 2004-06-24 M-Systems Flash Disk Pioneers, Ltd. System and method for securing portable data
US20040128523A1 (en) * 2002-12-27 2004-07-01 Renesas Technology Corp. Information security microcomputer having an information securtiy function and authenticating an external device
US20040132437A1 (en) * 2002-10-24 2004-07-08 Motoji Ohmori Information distribution system and memory card
US6763399B2 (en) * 1998-11-10 2004-07-13 Aladdin Knowledge Systems, Ltd. USB key apparatus for interacting with a USB host via a USB port
US20040139021A1 (en) * 2002-10-07 2004-07-15 Visa International Service Association Method and system for facilitating data access and management on a secure token
US20040148536A1 (en) * 2003-01-23 2004-07-29 Zimmer Vincent J. Methods and apparatus for implementing a secure resume
US20050010783A1 (en) * 1995-10-24 2005-01-13 Phil Libin Access control
US20050010758A1 (en) * 2001-08-10 2005-01-13 Peter Landrock Data certification method and apparatus
US20050015588A1 (en) * 2003-07-17 2005-01-20 Paul Lin Token device that generates and displays one-time passwords and that couples to a computer for inputting or receiving data for generating and outputting one-time passwords and other functions
US6845908B2 (en) * 2002-03-18 2005-01-25 Hitachi Semiconductor (America) Inc. Storage card with integral file system, access control and cryptographic support
US20050033968A1 (en) * 2003-08-08 2005-02-10 Metapass, Inc. Secure digital key for automatic login
US20050050330A1 (en) * 2003-08-27 2005-03-03 Leedor Agam Security token
US20050049931A1 (en) * 2003-08-29 2005-03-03 Wisnudel Marc Brian Digital content kiosk and associated methods for delivering selected digital content to a user
US6865555B2 (en) * 2001-11-21 2005-03-08 Digeo, Inc. System and method for providing conditional access to digital content
US6880079B2 (en) * 2002-04-25 2005-04-12 Vasco Data Security, Inc. Methods and systems for secure transmission of information using a mobile device
US20050091496A1 (en) * 2003-10-23 2005-04-28 Hyser Chris D. Method and system for distributed key management in a secure boot environment
US6892304B1 (en) * 1997-10-09 2005-05-10 Phoenix Technologies Ltd. System and method for securely utilizing basic input and output system (BIOS) services
US20050114620A1 (en) * 2003-11-21 2005-05-26 Justen Jordan L. Using paging to initialize system memory
US6901499B2 (en) * 2002-02-27 2005-05-31 Microsoft Corp. System and method for tracking data stored in a flash memory device
US20050120205A1 (en) * 2003-12-02 2005-06-02 Hitachi, Ltd. Certificate management system and method
US20050137997A1 (en) * 2003-12-11 2005-06-23 Siemens Aktiengesellschaft Method for updating an automation system
US20050160217A1 (en) * 2003-12-31 2005-07-21 Gonzalez Carlos J. Flash memory system startup operation
US7058818B2 (en) * 2002-08-08 2006-06-06 M-Systems Flash Disk Pioneers Ltd. Integrated circuit for digital rights management
US7062616B2 (en) * 2001-06-12 2006-06-13 Intel Corporation Implementing a dual partition flash with suspend/resume capabilities
US20070011724A1 (en) * 2005-07-08 2007-01-11 Gonzalez Carlos J Mass storage device with automated credentials loading
US20070061897A1 (en) * 2005-09-14 2007-03-15 Michael Holtzman Hardware driver integrity check of memory card controller firmware
US20070061581A1 (en) * 2005-09-14 2007-03-15 Micky Holtzman Methods used in a secure yet flexible system architecture for secure devices with flash mass storage memory
US7380275B2 (en) * 2003-02-07 2008-05-27 Broadon Communications Corp. Secure and backward-compatible processor and secure software execution thereon

Family Cites Families (102)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA1198826A (en) 1982-02-19 1985-12-31 Roger E. Billings Distributed data processing system
US4549896A (en) 1984-08-27 1985-10-29 Owens-Corning Fiberglas Corporation Apparatus and method for removing gaseous inclusions from molten material
US4780905A (en) 1984-11-26 1988-10-25 Nightwatch, Inc. Computer data encryption system
US4713753A (en) 1985-02-21 1987-12-15 Honeywell Inc. Secure data processing system architecture with format control
US5268870A (en) 1988-06-08 1993-12-07 Eliyahou Harari Flash EEPROM system and intelligent programming and erasing methods therefor
JPH0285927A (en) * 1988-09-22 1990-03-27 Oichi Atoda Memory device
US5065429A (en) 1989-04-03 1991-11-12 Lang Gerald S Method and apparatus for protecting material on storage media
FR2663141B1 (en) 1990-06-11 1992-08-21 France Etat Secret Transfer Method, by exchange of certificates between two microcomputers authenticating vice versa.
FR2667715B1 (en) 1990-10-09 1994-12-30 Gemplus Card Int
DE69204772T2 (en) * 1991-07-19 1996-04-04 Whirlpool Europ Glass ceramic cooking hob with respect to a light and / or heat generator, in particular an air-cooled halogen lamp.
US5530862A (en) * 1992-11-18 1996-06-25 Canon Kabushiki Kaisha In an interactive network board, method and apparatus for loading independently executable modules in prom
FR2698195B1 (en) 1992-11-19 1994-12-16 Gemplus Card Int Method and encryption circuit and authentication for synchronous smart card.
US5455862A (en) 1993-12-02 1995-10-03 Crest Industries, Inc. Apparatus and method for encrypting communications without exchanging an encryption key
EP0771498B1 (en) 1995-05-17 2007-05-09 The Chamberlain Group, Inc. Rolling code security system
JP3747520B2 (en) * 1996-01-30 2006-02-22 富士ゼロックス株式会社 Information processing apparatus and information processing method
US5987134A (en) 1996-02-23 1999-11-16 Fuji Xerox Co., Ltd. Device and method for authenticating user's access rights to resources
US5995965A (en) 1996-11-18 1999-11-30 Humetrix, Inc. System and method for remotely accessing user data records
GB9626241D0 (en) * 1996-12-18 1997-02-05 Ncr Int Inc Secure data processing method and system
US5956405A (en) 1997-01-17 1999-09-21 Microsoft Corporation Implementation efficient encryption and message authentication
EP1004992A3 (en) 1997-03-24 2001-12-05 Visa International Service Association A system and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card
JPH113284A (en) 1997-06-10 1999-01-06 Mitsubishi Electric Corp Information storage medium and its security method
JP3671611B2 (en) 1997-08-05 2005-07-13 富士ゼロックス株式会社 Access rights authentication apparatus and method
JPH11161552A (en) 1997-11-28 1999-06-18 Fujitsu Ltd Data protecting method for reloadable storage medium and storage device applied therewith
WO1999038078A1 (en) 1998-01-21 1999-07-29 Tokyo Electron Limited Storage device, encrypting/decrypting device, and method for accessing nonvolatile memory
US6928547B2 (en) 1998-07-06 2005-08-09 Saflink Corporation System and method for authenticating users in a computer network
US6708274B2 (en) 1998-04-30 2004-03-16 Intel Corporation Cryptographically protected paging subsystem
US6445794B1 (en) 1998-06-24 2002-09-03 Benyamin Ron System and method for synchronizing one time pad encryption keys for secure communication and access control
US6615347B1 (en) 1998-06-30 2003-09-02 Verisign, Inc. Digital certificate cross-referencing
JP2000069541A (en) * 1998-08-26 2000-03-03 Mitsubishi Electric Corp Mobile communication system
EP0992809A1 (en) 1998-09-28 2000-04-12 Siemens Aktiengesellschaft Circuit with deactivatable scan path
US6671808B1 (en) 1999-01-15 2003-12-30 Rainbow Technologies, Inc. USB-compliant personal key
US6571335B1 (en) * 1999-04-01 2003-05-27 Intel Corporation System and method for authentication of off-chip processor firmware code
US6148354A (en) 1999-04-05 2000-11-14 M-Systems Flash Disk Pioneers Ltd. Architecture for a universal serial bus-based PC flash disk
JP4423711B2 (en) 1999-08-05 2010-03-03 ソニー株式会社 Operation setting method of a semiconductor memory device and a semiconductor memory device
JP4009108B2 (en) 1999-08-10 2007-11-14 コロムビアミュージックエンタテインメント株式会社 Memory card
US6804786B1 (en) 1999-09-10 2004-10-12 Canon Kabushiki Kaisha User customizable secure access token and multiple level portable interface
CN100442393C (en) 1999-10-21 2008-12-10 松下电器产业株式会社 A semiconductor memory card access apparatus, a computer-readable recording medium, an initialization method, and a semiconductor memory card
US20020178370A1 (en) 1999-12-30 2002-11-28 Gurevich Michael N. Method and apparatus for secure authentication and sensitive data management
US6629192B1 (en) 1999-12-30 2003-09-30 Intel Corporation Method and apparatus for use of a non-volatile storage management system for PC/AT compatible system firmware
US20010037435A1 (en) * 2000-05-31 2001-11-01 Van Doren Stephen R. Distributed address mapping and routing table mechanism that supports flexible configuration and partitioning in a modular switch-based, shared-memory multiprocessor computer system
US7215771B1 (en) 2000-06-30 2007-05-08 Western Digital Ventures, Inc. Secure disk drive comprising a secure drive key and a drive ID for implementing secure communication over a public network
US7362868B2 (en) 2000-10-20 2008-04-22 Eruces, Inc. Hidden link dynamic key manager for use in computer systems with database structure for storage of encrypted data and method for storage and retrieval of encrypted data
US20020145632A1 (en) 2000-10-27 2002-10-10 Shimon Shmueli Portable interface for computing
KR20030060981A (en) 2000-12-07 2003-07-16 쌘디스크 코포레이션 System, Method, and Device for Playing Back Recorded Audio, Video or Other Content From Non-Volatile Memory Cards, Compact Disks, or Other Media
JP2004524605A (en) 2000-12-14 2004-08-12 クィジッド テクノロジーズ リミテッドQuizid Technologies Limited Authentication system
US6901449B1 (en) * 2000-12-22 2005-05-31 Microsoft Corporation System and method for encapsulating data with a formatted data protocol
US7526795B2 (en) 2001-03-27 2009-04-28 Micron Technology, Inc. Data security for digital data storage
JP3895940B2 (en) 2001-03-27 2007-03-22 三洋電機株式会社 The information terminal device
DE10116773A1 (en) * 2001-04-04 2002-10-17 Bayer Ag Method for determining stress-strain curves by means of spline interpolation on the basis of characteristic points and the use of neural networks
JP2002329180A (en) 2001-04-27 2002-11-15 Toshiba Corp Memory card having radio communication function and its data communication method
US8335915B2 (en) 2002-05-14 2012-12-18 Netapp, Inc. Encryption based security system for network storage
US6591352B2 (en) 2001-05-31 2003-07-08 Intel Corporation Method and apparatus for executing firmware from a valid startup block
FI114416B (en) 2001-06-15 2004-10-15 Nokia Corp A method for ensuring an electronic device, navigation system and electronic device
DE60228027D1 (en) 2001-07-06 2008-09-18 Texas Instruments Inc Safe boot loader for securing digital devices
US7036020B2 (en) 2001-07-25 2006-04-25 Antique Books, Inc Methods and systems for promoting security in a computer system employing attached storage devices
DE10231598A1 (en) * 2001-08-07 2003-02-20 Heidelberger Druckmasch Ag Product web remoistening apparatus e.g. for paper web, has applicator roller and heating element
JP2003067208A (en) 2001-08-23 2003-03-07 Sony Corp Information processing device and the method, recording medium and program
GB0123422D0 (en) 2001-09-28 2001-11-21 Memquest Ltd Improved memory controller
GB0123416D0 (en) 2001-09-28 2001-11-21 Memquest Ltd Non-volatile memory control
KR100533562B1 (en) 2001-11-08 2005-12-06 가부시끼가이샤 도시바 Memory card, contents distribution system, and contents distribution method
US7001481B2 (en) * 2001-11-30 2006-02-21 Micron Technology, Inc. Method and system providing high flux of point of use activated reactive species for semiconductor processing
US20030163633A1 (en) 2002-02-27 2003-08-28 Aasheim Jered Donald System and method for achieving uniform wear levels in a flash memory device
US6912633B2 (en) 2002-03-18 2005-06-28 Sun Microsystems, Inc. Enhanced memory management for portable devices
EP1504424B1 (en) 2002-05-10 2008-09-10 Prism Technologies LLC An authentication token
GB0210692D0 (en) 2002-05-10 2002-06-19 Assendon Ltd Smart card token for remote authentication
GB2391082B (en) 2002-07-19 2005-08-03 Ritech Internat Ltd Portable data storage device with layered memory architecture
US20040025027A1 (en) * 2002-07-30 2004-02-05 Eric Balard Secure protection method for access to protected resources in a processor
US7305668B2 (en) * 2002-07-31 2007-12-04 Intel Corporation Secure method to perform computer system firmware updates
JP4129381B2 (en) * 2002-09-25 2008-08-06 株式会社ルネサステクノロジ Nonvolatile semiconductor memory device
US7108605B2 (en) * 2002-09-30 2006-09-19 Igt EPROM file system in a gaming apparatus
KR101122511B1 (en) 2002-10-28 2012-03-15 쌘디스크 코포레이션 Automated wear leveling in non-volatile storage systems
US6985992B1 (en) 2002-10-28 2006-01-10 Sandisk Corporation Wear-leveling in non-volatile storage systems
US20040093592A1 (en) * 2002-11-13 2004-05-13 Rao Bindu Rama Firmware update in electronic devices employing SIM card for saving metadata information
EP1429224A1 (en) * 2002-12-10 2004-06-16 Texas Instruments France Firmware run-time authentication
US20040168081A1 (en) 2003-02-20 2004-08-26 Microsoft Corporation Apparatus and method simplifying an encrypted network
JP4501349B2 (en) 2003-03-13 2010-07-14 ソニー株式会社 System module execution device
US6843423B2 (en) 2003-03-13 2005-01-18 Stmicroelectronics, Inc. Smart card that can be configured for debugging and software development using secondary communication port
JP4467246B2 (en) 2003-03-13 2010-05-26 パナソニック株式会社 Memory card
US8041878B2 (en) 2003-03-19 2011-10-18 Samsung Electronics Co., Ltd. Flash file system
US20040193925A1 (en) 2003-03-26 2004-09-30 Matnn Safriel Portable password manager
KR101146153B1 (en) 2003-03-28 2012-05-16 시큐어 시스템즈 리미티드 Security system and method for computer operating systems
US8041957B2 (en) 2003-04-08 2011-10-18 Qualcomm Incorporated Associating software with hardware using cryptography
JP4682498B2 (en) 2003-04-09 2011-05-11 ソニー株式会社 Memory management method for a communication apparatus and a communication device
US6783078B1 (en) 2003-05-09 2004-08-31 Stmicroelectronics, Inc. Universal serial bus (USB) smart card having read back testing features and related system, integrated circuit, and methods
US20040230963A1 (en) * 2003-05-12 2004-11-18 Rothman Michael A. Method for updating firmware in an operating system agnostic manner
EP1631960A1 (en) 2003-06-11 2006-03-08 Matsushita Electric Industrial Co., Ltd. Reproduction apparatus, program, integrated circuit
KR100548354B1 (en) 2003-06-14 2006-02-02 엘지전자 주식회사 Client authentication method in synchronization protocol
US6906961B2 (en) * 2003-06-24 2005-06-14 Micron Technology, Inc. Erase block data splitting
WO2005001694A1 (en) * 2003-06-27 2005-01-06 Fujitsu Limited Data transfer method and system
US7491122B2 (en) 2003-07-09 2009-02-17 Wms Gaming Inc. Gaming machine having targeted run-time software authentication
JP4890248B2 (en) 2003-07-18 2012-03-07 コアストリート、 リミテッドCorestreet, Ltd. Control of access to a predetermined area
GB2404748B (en) 2003-08-01 2006-10-04 Symbian Ltd Computing device and method
US20050055530A1 (en) 2003-09-08 2005-03-10 Yuan-Ting Wu Method and apparatus for protecting a specific memory section
JP2005236442A (en) * 2004-02-17 2005-09-02 Sanyo Electric Co Ltd Watermark padding device and method, and watermark extracting device and method
US7318117B2 (en) * 2004-02-26 2008-01-08 Super Talent Electronics, Inc. Managing flash memory including recycling obsolete sectors
US7657886B1 (en) 2004-06-03 2010-02-02 Hewlett-Packard Development Company, L.P. Mobile device with a MMU for faster firmware updates in a wireless network
US20060242151A1 (en) 2004-12-21 2006-10-26 Fabrice Jogand-Coulomb Control structure for versatile content control
US8423788B2 (en) 2005-02-07 2013-04-16 Sandisk Technologies Inc. Secure memory card with life cycle phases
US8108691B2 (en) 2005-02-07 2012-01-31 Sandisk Technologies Inc. Methods used in a secure memory card with life cycle phases
US7493656B2 (en) 2005-06-02 2009-02-17 Seagate Technology Llc Drive security session manager
CN100456747C (en) * 2006-08-02 2009-01-28 华为技术有限公司 Method and network equipment for implementing inspection of reversal path of unicast
DE102007052180A1 (en) 2007-10-31 2009-05-07 Fujitsu Siemens Computers Gmbh A method, computer system and computer program product

Patent Citations (99)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6371377B1 (en) *
US4590552A (en) * 1982-06-30 1986-05-20 Texas Instruments Incorporated Security bit for designating the security status of information stored in a nonvolatile memory
US4797853A (en) * 1985-11-15 1989-01-10 Unisys Corporation Direct memory access controller for improved system security, memory to memory transfers, and interrupt processing
US4907268A (en) * 1986-11-03 1990-03-06 Enigma Logic, Inc. Methods and apparatus for controlling access to information processed a multi-user-accessible digital computer
US5006823A (en) * 1988-10-28 1991-04-09 Thomson-Csf Microwave phase shifter with 0 or π phase shift
US5311595A (en) * 1989-06-07 1994-05-10 Kommunedata I/S Method of transferring data, between computer systems using electronic cards
US5235641A (en) * 1990-03-13 1993-08-10 Hitachi, Ltd. File encryption method and file cryptographic system
US5319765A (en) * 1990-11-29 1994-06-07 Mitsubishi Denki Kabushiki Kaisha Semiconductor memory unit utilizing a security code generator for selectively inhibiting memory access
US6230233B1 (en) * 1991-09-13 2001-05-08 Sandisk Corporation Wear leveling techniques for flash EEPROM systems
US5596738A (en) * 1992-01-31 1997-01-21 Teac Corporation Peripheral device control system using changeable firmware in a single flash memory
US5293424A (en) * 1992-10-14 1994-03-08 Bull Hn Information Systems Inc. Secure memory card
US5327563A (en) * 1992-11-13 1994-07-05 Hewlett-Packard Method for locking software files to a specific storage device
US5438575A (en) * 1992-11-16 1995-08-01 Ampex Corporation Data storage system with stale data detector and method of operation
US5917909A (en) * 1992-12-23 1999-06-29 Gao Gesellschaft Fur Automation Und Organisation Mbh System for testing the authenticity of a data carrier
US5404485A (en) * 1993-03-08 1995-04-04 M-Systems Flash Disk Pioneers Ltd. Flash file system
USRE36181E (en) * 1993-06-30 1999-04-06 United Technologies Automotive, Inc. Pseudorandom number generation and crytographic authentication
US5442704A (en) * 1994-01-14 1995-08-15 Bull Nh Information Systems Inc. Secure memory card with programmed controlled security access control
US5629513A (en) * 1994-03-04 1997-05-13 Gemplus Card International Method for the functioning of a chip card, and chip card in accordance therewith
US5606660A (en) * 1994-10-21 1997-02-25 Lexar Microsystems, Inc. Method and apparatus for combining controller firmware storage and controller logic in a mass storage system
US20040066936A1 (en) * 1995-05-17 2004-04-08 The Chamberlain Group, Ltd. Rolling code security system
US5933854A (en) * 1995-05-31 1999-08-03 Mitsubishi Denki Kabushiki Kaisha Data security system for transmitting and receiving data between a memory card and a computer using a public key cryptosystem
US20050010783A1 (en) * 1995-10-24 2005-01-13 Phil Libin Access control
US6577734B1 (en) * 1995-10-31 2003-06-10 Lucent Technologies Inc. Data encryption key management system
US5857020A (en) * 1995-12-04 1999-01-05 Northern Telecom Ltd. Timed availability of secured content provisioned on a storage medium
US5943423A (en) * 1995-12-15 1999-08-24 Entegrity Solutions Corporation Smart token system for secure electronic transactions and identification
US5710639A (en) * 1996-01-25 1998-01-20 Kuznicki; William Joseph Scan line compressed facsimile communication system
US6182229B1 (en) * 1996-03-13 2001-01-30 Sun Microsystems, Inc. Password helper using a client-side master password which automatically presents the appropriate server-side password in a particular remote server
US5860082A (en) * 1996-03-28 1999-01-12 Datalight, Inc. Method and apparatus for allocating storage in a flash memory
US6181252B1 (en) * 1996-08-23 2001-01-30 Denso Corporation Remote control system and method having a system-specific code
US6742117B1 (en) * 1997-01-30 2004-05-25 Rohm Co., Ltd. IC card and method of using IC card
US6028933A (en) * 1997-04-17 2000-02-22 Lucent Technologies Inc. Encrypting method and apparatus enabling multiple access for multiple services and multiple transmission modes over a broadband communication network
US6073234A (en) * 1997-05-07 2000-06-06 Fuji Xerox Co., Ltd. Device for authenticating user's access rights to resources and method
US6353888B1 (en) * 1997-07-07 2002-03-05 Fuji Xerox Co., Ltd. Access rights authentication apparatus
US6101588A (en) * 1997-09-25 2000-08-08 Emc Corporation Device level busy arrangement for mass storage subsystem including a plurality of devices
US6892304B1 (en) * 1997-10-09 2005-05-10 Phoenix Technologies Ltd. System and method for securely utilizing basic input and output system (BIOS) services
US6371377B2 (en) * 1997-12-10 2002-04-16 Fujitsu Limited Card type recording medium and access control method for card type recording medium and computer-readable recording medium having access control program for card type recording medium recorded
US6026402A (en) * 1998-01-07 2000-02-15 Hewlett-Packard Company Process restriction within file system hierarchies
US6253328B1 (en) * 1998-02-12 2001-06-26 A. James Smith, Jr. Method and apparatus for securing passwords and personal identification numbers
US6243816B1 (en) * 1998-04-30 2001-06-05 International Business Machines Corporation Single sign-on (SSO) mechanism personal key manager
US6522655B1 (en) * 1998-05-12 2003-02-18 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus in a telecommunications system
US6385729B1 (en) * 1998-05-26 2002-05-07 Sun Microsystems, Inc. Secure token device access to services provided by an internet service provider (ISP)
US6230223B1 (en) * 1998-06-01 2001-05-08 Compaq Computer Corporation Dual purpose apparatus method and system for accelerated graphics or second memory interface
US6370251B1 (en) * 1998-06-08 2002-04-09 General Dynamics Decision Systems, Inc. Traffic key access method and terminal for secure communication without key escrow facility
US6393565B1 (en) * 1998-08-03 2002-05-21 Entrust Technologies Limited Data management system and method for a limited capacity cryptographic storage unit
US6763399B2 (en) * 1998-11-10 2004-07-13 Aladdin Knowledge Systems, Ltd. USB key apparatus for interacting with a USB host via a USB port
US6434700B1 (en) * 1998-12-22 2002-08-13 Cisco Technology, Inc. Authentication and authorization mechanisms for Fortezza passwords
US6848045B2 (en) * 1999-01-15 2005-01-25 Rainbow Technologies, Inc. Integrated USB connector for personal token
US20030028797A1 (en) * 1999-01-15 2003-02-06 Rainbow Technologies, Inc. Integrated USB connector for personal token
US20030135739A1 (en) * 1999-01-25 2003-07-17 Talton David N. System and method for authentication
US6422460B1 (en) * 1999-01-29 2002-07-23 Verisign, Inc. Authorization system using an authorizing device
US6356941B1 (en) * 1999-02-22 2002-03-12 Cyber-Ark Software Ltd. Network vaults
US6389542B1 (en) * 1999-10-27 2002-05-14 Terence T. Flyntz Multi-level secure computer with token-based access control
US20020034303A1 (en) * 2000-01-21 2002-03-21 The Chamberlain Group, Inc. Rolling code security system
US20020029343A1 (en) * 2000-09-05 2002-03-07 Fujitsu Limited Smart card access management system, sharing method, and storage medium
US20020099666A1 (en) * 2000-11-22 2002-07-25 Dryer Joseph E. System for maintaining the security of client files
US20020065730A1 (en) * 2000-11-30 2002-05-30 Naoaki Nii Method of and a system for distributing electronic content
US6754765B1 (en) * 2001-05-14 2004-06-22 Integrated Memory Logic, Inc. Flash memory controller with updateable microcode
US20030028514A1 (en) * 2001-06-05 2003-02-06 Lord Stephen Philip Extended attribute caching in clustered filesystem
US7062616B2 (en) * 2001-06-12 2006-06-13 Intel Corporation Implementing a dual partition flash with suspend/resume capabilities
US20040117653A1 (en) * 2001-07-10 2004-06-17 Packet Technologies Ltd. Virtual private network mechanism incorporating security association processor
US20030018889A1 (en) * 2001-07-20 2003-01-23 Burnett Keith L. Automated establishment of addressability of a network device for a target network enviroment
US20050010758A1 (en) * 2001-08-10 2005-01-13 Peter Landrock Data certification method and apparatus
US20030061504A1 (en) * 2001-08-13 2003-03-27 Sprigg Stephen A. Application level access privilege to a storage area on a computer device
US20030070083A1 (en) * 2001-09-28 2003-04-10 Kai-Wilhelm Nessler Method and device for encryption/decryption of data on mass storage device
US20030101327A1 (en) * 2001-11-16 2003-05-29 Samsung Electronics Co., Ltd. Flash memory management method
US6865555B2 (en) * 2001-11-21 2005-03-08 Digeo, Inc. System and method for providing conditional access to digital content
US20030120938A1 (en) * 2001-11-27 2003-06-26 Miki Mullor Method of securing software against reverse engineering
US20030110169A1 (en) * 2001-12-12 2003-06-12 Secretseal Inc. System and method for providing manageability to security information for secured items
US20030131210A1 (en) * 2001-12-19 2003-07-10 Detlef Mueller Method and arrangement for the verification of NV fuses as well as a corresponding computer program product and a corresponding computer-readable storage medium
US20030149886A1 (en) * 2002-02-04 2003-08-07 Yoshikatsu Ito Digital content management device and digital content management program
US6901499B2 (en) * 2002-02-27 2005-05-31 Microsoft Corp. System and method for tracking data stored in a flash memory device
US6845908B2 (en) * 2002-03-18 2005-01-25 Hitachi Semiconductor (America) Inc. Storage card with integral file system, access control and cryptographic support
US6880079B2 (en) * 2002-04-25 2005-04-12 Vasco Data Security, Inc. Methods and systems for secure transmission of information using a mobile device
US20040044625A1 (en) * 2002-06-10 2004-03-04 Ken Sakamura Digital contents issuing system and digital contents issuing method
US6678828B1 (en) * 2002-07-22 2004-01-13 Vormetric, Inc. Secure network file access control system
US7058818B2 (en) * 2002-08-08 2006-06-06 M-Systems Flash Disk Pioneers Ltd. Integrated circuit for digital rights management
US20040059916A1 (en) * 2002-09-11 2004-03-25 Nagamasa Mizushima Memory card
US20040083370A1 (en) * 2002-09-13 2004-04-29 Sun Microsystems, Inc., A Delaware Corporation Rights maintenance in a rights locker system for digital content access control
US20040139021A1 (en) * 2002-10-07 2004-07-15 Visa International Service Association Method and system for facilitating data access and management on a secure token
US20040132437A1 (en) * 2002-10-24 2004-07-08 Motoji Ohmori Information distribution system and memory card
US20040098585A1 (en) * 2002-11-05 2004-05-20 Rainbow Technologies, Inc. Secure authentication using hardware token and computer fingerprint
US20040103288A1 (en) * 2002-11-27 2004-05-27 M-Systems Flash Disk Pioneers Ltd. Apparatus and method for securing data on a portable storage device
US20040123127A1 (en) * 2002-12-18 2004-06-24 M-Systems Flash Disk Pioneers, Ltd. System and method for securing portable data
US20040128523A1 (en) * 2002-12-27 2004-07-01 Renesas Technology Corp. Information security microcomputer having an information securtiy function and authenticating an external device
US20040148536A1 (en) * 2003-01-23 2004-07-29 Zimmer Vincent J. Methods and apparatus for implementing a secure resume
US7380275B2 (en) * 2003-02-07 2008-05-27 Broadon Communications Corp. Secure and backward-compatible processor and secure software execution thereon
US20050015588A1 (en) * 2003-07-17 2005-01-20 Paul Lin Token device that generates and displays one-time passwords and that couples to a computer for inputting or receiving data for generating and outputting one-time passwords and other functions
US20050033968A1 (en) * 2003-08-08 2005-02-10 Metapass, Inc. Secure digital key for automatic login
US20050050330A1 (en) * 2003-08-27 2005-03-03 Leedor Agam Security token
US20050049931A1 (en) * 2003-08-29 2005-03-03 Wisnudel Marc Brian Digital content kiosk and associated methods for delivering selected digital content to a user
US20050091496A1 (en) * 2003-10-23 2005-04-28 Hyser Chris D. Method and system for distributed key management in a secure boot environment
US20050114620A1 (en) * 2003-11-21 2005-05-26 Justen Jordan L. Using paging to initialize system memory
US20050120205A1 (en) * 2003-12-02 2005-06-02 Hitachi, Ltd. Certificate management system and method
US20050137997A1 (en) * 2003-12-11 2005-06-23 Siemens Aktiengesellschaft Method for updating an automation system
US20050160217A1 (en) * 2003-12-31 2005-07-21 Gonzalez Carlos J. Flash memory system startup operation
US20070011724A1 (en) * 2005-07-08 2007-01-11 Gonzalez Carlos J Mass storage device with automated credentials loading
US20070061897A1 (en) * 2005-09-14 2007-03-15 Michael Holtzman Hardware driver integrity check of memory card controller firmware
US20070061570A1 (en) * 2005-09-14 2007-03-15 Michael Holtzman Method of hardware driver integrity check of memory card controller firmware
US20070061581A1 (en) * 2005-09-14 2007-03-15 Micky Holtzman Methods used in a secure yet flexible system architecture for secure devices with flash mass storage memory

Cited By (208)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9438424B2 (en) 2004-04-08 2016-09-06 Texas Instruments Incorporated Methods, apparatus, and systems for secure demand paging and other paging operations for processor devices
US9747220B2 (en) 2004-04-08 2017-08-29 Texas Instruments Incorporated Methods, apparatus, and systems for secure demand paging and other paging operations for processor devices
US9667425B2 (en) 2004-04-08 2017-05-30 Texas Instruments Incorporated Methods, apparatus, and systems for secure demand paging and other paging operations for processor devices
US20060177064A1 (en) * 2005-02-07 2006-08-10 Micky Holtzman Secure memory card with life cycle phases
US8108691B2 (en) 2005-02-07 2012-01-31 Sandisk Technologies Inc. Methods used in a secure memory card with life cycle phases
US20070188183A1 (en) * 2005-02-07 2007-08-16 Micky Holtzman Secure memory card with life cycle phases
US8423788B2 (en) 2005-02-07 2013-04-16 Sandisk Technologies Inc. Secure memory card with life cycle phases
US20060176068A1 (en) * 2005-02-07 2006-08-10 Micky Holtzman Methods used in a secure memory card with life cycle phases
US8321686B2 (en) 2005-02-07 2012-11-27 Sandisk Technologies Inc. Secure memory card with life cycle phases
US7748031B2 (en) 2005-07-08 2010-06-29 Sandisk Corporation Mass storage device with automated credentials loading
US8220039B2 (en) 2005-07-08 2012-07-10 Sandisk Technologies Inc. Mass storage device with automated credentials loading
US7743409B2 (en) 2005-07-08 2010-06-22 Sandisk Corporation Methods used in a mass storage device with automated credentials loading
US20080215847A1 (en) * 2005-09-14 2008-09-04 Sandisk Corporation And Discretix Technologies Ltd. Secure yet flexible system architecture for secure devices with flash mass storage memory
US20070061581A1 (en) * 2005-09-14 2007-03-15 Micky Holtzman Methods used in a secure yet flexible system architecture for secure devices with flash mass storage memory
US20070061570A1 (en) * 2005-09-14 2007-03-15 Michael Holtzman Method of hardware driver integrity check of memory card controller firmware
US20070061897A1 (en) * 2005-09-14 2007-03-15 Michael Holtzman Hardware driver integrity check of memory card controller firmware
US7934049B2 (en) 2005-09-14 2011-04-26 Sandisk Corporation Methods used in a secure yet flexible system architecture for secure devices with flash mass storage memory
US8966284B2 (en) 2005-09-14 2015-02-24 Sandisk Technologies Inc. Hardware driver integrity check of memory card controller firmware
US20070239748A1 (en) * 2006-03-29 2007-10-11 Smith Ned M Management of reference data for platform verification
US20070282747A1 (en) * 2006-05-08 2007-12-06 Eran Shen Secure storage digital kiosk distribution
US20070260616A1 (en) * 2006-05-08 2007-11-08 Eran Shen Media with Pluggable Codec Methods
US20070267474A1 (en) * 2006-05-08 2007-11-22 Eran Shen Secure storage digital kiosk distribution methods
US9680686B2 (en) 2006-05-08 2017-06-13 Sandisk Technologies Llc Media with pluggable codec methods
US20070260615A1 (en) * 2006-05-08 2007-11-08 Eran Shen Media with Pluggable Codec
US20080141381A1 (en) * 2006-05-24 2008-06-12 Walkoe Wilbur J Integrated delivery and protection device for digital objects
US7971071B2 (en) 2006-05-24 2011-06-28 Walkoe Wilbur J Integrated delivery and protection device for digital objects
US20090240955A1 (en) * 2006-05-31 2009-09-24 Datamark Technologies Pte Ltd. Secure media storage device and method of securing media storage devices
WO2007139516A1 (en) * 2006-05-31 2007-12-06 Datamark Technologies Pte Ltd A secure media storage device and method of securing media storage devices
US20070294494A1 (en) * 2006-06-16 2007-12-20 Texas Instruments Incorporated Page processing circuits, devices, methods and systems for secure demand paging and other operations
US9432196B2 (en) 2006-06-19 2016-08-30 Texas Instruments Incorporated Methods, apparatus, and systems for secure demand paging and other paging operations for processor devices
US8108641B2 (en) 2006-06-19 2012-01-31 Texas Instruments Incorporated Methods, apparatus, and systems for secure demand paging and other paging operations for processor devices
US20070294496A1 (en) * 2006-06-19 2007-12-20 Texas Instruments Incorporated Methods, apparatus, and systems for secure demand paging and other paging operations for processor devices
US20100205457A1 (en) * 2006-08-08 2010-08-12 Fabrice Jogand-Coulomb Portable Mass Storage Device with Virtual Machine Activation
US7725614B2 (en) 2006-08-08 2010-05-25 Sandisk Corporation Portable mass storage device with virtual machine activation
US20080126705A1 (en) * 2006-08-08 2008-05-29 Fabrice Jogand-Coulomb Methods Used In A Portable Mass Storage Device With Virtual Machine Activation
US20080082447A1 (en) * 2006-08-08 2008-04-03 Fabrice Jogand-Coulomb Portable Mass Storage Device With Virtual Machine Activation
US8447889B2 (en) 2006-08-08 2013-05-21 Sandisk Technologies Inc. Portable mass storage device with virtual machine activation
US20080114981A1 (en) * 2006-11-13 2008-05-15 Seagate Technology Llc Method and apparatus for authenticated data storage
US8356178B2 (en) * 2006-11-13 2013-01-15 Seagate Technology Llc Method and apparatus for authenticated data storage
US8200961B2 (en) * 2006-11-19 2012-06-12 Igware, Inc. Securing a flash memory block in a secure device system and method
US20080117679A1 (en) * 2006-11-19 2008-05-22 Pramila Srinivasan Securing a flash memory block in a secure device system and method
US8392798B2 (en) 2006-12-06 2013-03-05 Fusion-Io, Inc. Apparatus, system, and method for validating that correct data is read from a storage device
US20080162947A1 (en) * 2006-12-28 2008-07-03 Michael Holtzman Methods of upgrading a memory card that has security mechanisms that prevent copying of secure content and applications
US8423794B2 (en) 2006-12-28 2013-04-16 Sandisk Technologies Inc. Method and apparatus for upgrading a memory card that has security mechanisms for preventing copying of secure content and applications
US20100122017A1 (en) * 2007-03-28 2010-05-13 Masayuki Toyama Memory controller, non-volatile memory system, and host device
US20080247546A1 (en) * 2007-04-06 2008-10-09 Samsung Electronics Co., Ltd. Method and apparatus for protecting digital content stored in usb mass storage device using time information
US20080301466A1 (en) * 2007-05-30 2008-12-04 Mediatek Inc. Methods for program verification and apparatuses using the same
US20090055660A1 (en) * 2007-08-22 2009-02-26 Chih-Wen Cheng Security flash memory, data encryption device and method for accessing security flash memory
US8095805B2 (en) * 2007-08-22 2012-01-10 Ddtic Corporation Ltd. Security flash memory, data encryption device and method for accessing security flash memory
US8452967B2 (en) 2007-08-31 2013-05-28 Microsoft Corporation Using flash storage device to prevent unauthorized use of software
US9213846B2 (en) 2007-08-31 2015-12-15 Microsoft Technology Licensing, Llc Using flash storage device to prevent unauthorized use of software
US20090063756A1 (en) * 2007-08-31 2009-03-05 Microsoft Corporation Using flash storage device to prevent unauthorized use of software
US20090113116A1 (en) * 2007-10-30 2009-04-30 Thompson E Earle Digital content kiosk and methods for use therewith
US8898477B2 (en) 2007-11-12 2014-11-25 Gemalto Inc. System and method for secure firmware update of a secure token having a flash memory controller and a smart card
US20100023777A1 (en) * 2007-11-12 2010-01-28 Gemalto Inc System and method for secure firmware update of a secure token having a flash memory controller and a smart card
WO2009062965A3 (en) * 2007-11-12 2009-07-09 Gemalto Sa System and method for secure firmware update of a secure token having a flash memory controller and a smart card
WO2009062965A2 (en) * 2007-11-12 2009-05-22 Gemalto Sa System and method for secure firmware update of a secure token having a flash memory controller and a smart card
US20090150605A1 (en) * 2007-12-06 2009-06-11 David Flynn Apparatus, system, and method for converting a storage request into an append data storage command
US8151082B2 (en) 2007-12-06 2012-04-03 Fusion-Io, Inc. Apparatus, system, and method for converting a storage request into an append data storage command
US8161353B2 (en) 2007-12-06 2012-04-17 Fusion-Io, Inc. Apparatus, system, and method for validating that a correct data segment is read from a data storage device
US20090172260A1 (en) * 2007-12-27 2009-07-02 Pliant Technology, Inc. Flash memory controller and system including data pipelines incorporating multiple buffers
US8738841B2 (en) 2007-12-27 2014-05-27 Sandisk Enterprise IP LLC. Flash memory controller and system including data pipelines incorporating multiple buffers
US8751755B2 (en) 2007-12-27 2014-06-10 Sandisk Enterprise Ip Llc Mass storage controller volatile memory containing metadata related to flash memory storage
US8621138B2 (en) 2007-12-27 2013-12-31 Sandisk Enterprise Ip Llc Flash storage controller execute loop
US8621137B2 (en) 2007-12-27 2013-12-31 Sandisk Enterprise Ip Llc Metadata rebuild in a flash memory controller following a loss of power
US8762620B2 (en) 2007-12-27 2014-06-24 Sandisk Enterprise Ip Llc Multiprocessor storage controller
US20140237168A1 (en) * 2007-12-27 2014-08-21 Sandisk Enterprise Ip Llc Mass Storage Controller Volatile Memory Containing Metadata Related to Flash Memory Storage
US8533384B2 (en) 2007-12-27 2013-09-10 Sandisk Enterprise Ip Llc Flash memory controller garbage collection operations performed independently in multiple flash memory groups
US8959282B2 (en) 2007-12-27 2015-02-17 Sandisk Enterprise Ip Llc Flash storage controller execute loop
US8959283B2 (en) 2007-12-27 2015-02-17 Sandisk Enterprise Ip Llc Flash storage controller execute loop
US9152556B2 (en) 2007-12-27 2015-10-06 Sandisk Enterprise Ip Llc Metadata rebuild in a flash memory controller following a loss of power
US9158677B2 (en) 2007-12-27 2015-10-13 Sandisk Enterprise Ip Llc Flash storage controller execute loop
US9239783B2 (en) 2007-12-27 2016-01-19 Sandisk Enterprise Ip Llc Multiprocessor storage controller
US9448743B2 (en) * 2007-12-27 2016-09-20 Sandisk Technologies Llc Mass storage controller volatile memory containing metadata related to flash memory storage
US9483210B2 (en) 2007-12-27 2016-11-01 Sandisk Technologies Llc Flash storage controller execute loop
WO2009086404A1 (en) * 2007-12-27 2009-07-09 Pliant Technology, Inc. Mass storage controller volatile memory containing metadata related to flash memory storage
US8245101B2 (en) 2007-12-27 2012-08-14 Sandisk Enterprise Ip Llc Patrol function used in flash storage controller to detect data errors
US20090172308A1 (en) * 2007-12-27 2009-07-02 Pliant Technology, Inc. Storage controller for flash memory including a crossbar switch connecting a plurality of processors with a plurality of internal memories
US20090172261A1 (en) * 2007-12-27 2009-07-02 Pliant Technology, Inc. Multiprocessor storage controller
US20090172499A1 (en) * 2007-12-27 2009-07-02 Pliant Technology, Inc. Patrol function used in flash storage controller to detect data errors
US20090172259A1 (en) * 2007-12-27 2009-07-02 Pliant Technology, Inc. Mass storage controller volatile memory containing metadata related to flash memory storage
US8386700B2 (en) 2007-12-27 2013-02-26 Sandisk Enterprise Ip Llc Flash memory controller garbage collection operations performed independently in multiple flash memory groups
US8775717B2 (en) 2007-12-27 2014-07-08 Sandisk Enterprise Ip Llc Storage controller for flash memory including a crossbar switch connecting a plurality of processors with a plurality of internal memories
US8479013B2 (en) * 2008-01-18 2013-07-02 Photonic Data Security, Llc Secure portable data transport and storage system
US20090327743A1 (en) * 2008-01-18 2009-12-31 Aridian Technology Company, Inc. Secure portable data transport & storage system
US20090193261A1 (en) * 2008-01-25 2009-07-30 Mediatek Inc. Apparatus and method for authenticating a flash program
US7962684B2 (en) * 2008-02-14 2011-06-14 Sandisk Corporation Overlay management in a flash memory storage device
US20090210615A1 (en) * 2008-02-14 2009-08-20 Vadzim Struk Overlay management in a flash memory storage device
FR2930065A1 (en) * 2008-04-11 2009-10-16 Thales Sa Smart card data securing method for computer ticketing system, involves decrypting encrypted seal variable, disassembling variable for obtaining seals corresponding to data, and verifying coherence of each seal with corresponding data
US20090292894A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Microprocessor having internal secure memory
US20090292931A1 (en) * 2008-05-24 2009-11-26 Via Technology, Inc Apparatus and method for isolating a secure execution mode in a microprocessor
US20090290712A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc On-die cryptographic apparatus in a secure microprocessor
US20090292853A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Apparatus and method for precluding execution of certain instructions in a secure execution mode microprocessor
US8522354B2 (en) 2008-05-24 2013-08-27 Via Technologies, Inc. Microprocessor apparatus for secure on-die real-time clock
US9002014B2 (en) 2008-05-24 2015-04-07 Via Technologies, Inc. On-die cryptographic apparatus in a secure microprocessor
US8607034B2 (en) 2008-05-24 2013-12-10 Via Technologies, Inc. Apparatus and method for disabling a microprocessor that provides for a secure execution mode
US8615799B2 (en) * 2008-05-24 2013-12-24 Via Technologies, Inc. Microprocessor having secure non-volatile storage access
US20090293132A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Microprocessor apparatus for secure on-die real-time clock
US8370641B2 (en) 2008-05-24 2013-02-05 Via Technologies, Inc. Initialization of a microprocessor providing for execution of secure code
US8978132B2 (en) 2008-05-24 2015-03-10 Via Technologies, Inc. Apparatus and method for managing a microprocessor providing for a secure execution mode
US20090292901A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Microprocessor apparatus and method for persistent enablement of a secure execution mode
US20090293129A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Termination of secure execution mode in a microprocessor providing for execution of secure code
US20090292902A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Apparatus and method for managing a microprocessor providing for a secure execution mode
US8762687B2 (en) 2008-05-24 2014-06-24 Via Technologies, Inc. Microprocessor providing isolated timers and counters for execution of secure code
US8209763B2 (en) 2008-05-24 2012-06-26 Via Technologies, Inc. Processor with non-volatile mode enable register entering secure execution mode and encrypting secure program for storage in secure memory via private bus
US8793803B2 (en) 2008-05-24 2014-07-29 Via Technologies, Inc. Termination of secure execution mode in a microprocessor providing for execution of secure code
US8910276B2 (en) 2008-05-24 2014-12-09 Via Technologies, Inc. Apparatus and method for precluding execution of certain instructions in a secure execution mode microprocessor
US20090292893A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Microprocessor having secure non-volatile storage access
US8819839B2 (en) 2008-05-24 2014-08-26 Via Technologies, Inc. Microprocessor having a secure execution mode with provisions for monitoring, indicating, and managing security levels
US20090292903A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Microprocessor providing isolated timers and counters for execution of secure code
US8838924B2 (en) 2008-05-24 2014-09-16 Via Technologies, Inc. Microprocessor having internal secure memory
US20090293130A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Microprocessor having a secure execution mode with provisions for monitoring, indicating, and managing security levels
US20090292904A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Apparatus and method for disabling a microprocessor that provides for a secure execution mode
US20090292929A1 (en) * 2008-05-24 2009-11-26 Via Technologies, Inc Initialization of a microprocessor providing for execution of secure code
US8675868B1 (en) 2008-07-01 2014-03-18 Maxim Integrated Products, Inc. Encrypting an address-dependent value along with code to prevent execution or use of moved code
KR20110050457A (en) * 2008-07-22 2011-05-13 쌘디스크 코포레이션 Avoidance of self eviction caused by dynamic memory allocation in a flash memory storage device
KR101636892B1 (en) 2008-07-22 2016-07-06 샌디스크 테크놀로지스 엘엘씨 Avoidance of self eviction caused by dynamic memory allocation in a flash memory storage device
US20100023673A1 (en) * 2008-07-22 2010-01-28 Sandisk Corporation Avoidance of self eviction caused by dynamic memory allocation in a flash memory storage device
US8171206B2 (en) 2008-07-22 2012-05-01 Sandisk Technologies Inc. Avoidance of self eviction caused by dynamic memory allocation in a flash memory storage device
WO2010147827A1 (en) 2009-06-16 2010-12-23 Sandisk Corporation Multi-bank non-volatile memory system with satellite file system
US20100318720A1 (en) * 2009-06-16 2010-12-16 Saranyan Rajagopalan Multi-Bank Non-Volatile Memory System with Satellite File System
US8473814B2 (en) 2010-03-17 2013-06-25 Sandisk Enterprise Ip Llc MLC self-RAID flash data protection scheme
US8365041B2 (en) 2010-03-17 2013-01-29 Sandisk Enterprise Ip Llc MLC self-raid flash data protection scheme
US8484533B2 (en) 2010-03-17 2013-07-09 Sandisk Enterprise Ip Llc MLC self-RAID flash data protection scheme
US8484534B2 (en) 2010-03-17 2013-07-09 Sandisk Enterprise IP LLC. MLC self-RAID flash data protection scheme
US8464135B2 (en) 2010-07-13 2013-06-11 Sandisk Technologies Inc. Adaptive flash interface
WO2012009318A1 (en) 2010-07-13 2012-01-19 Sandisk Technologies Inc. Dynamic optimization of back-end memory system interface
US9069688B2 (en) 2011-04-15 2015-06-30 Sandisk Technologies Inc. Dynamic optimization of back-end memory system interface
US8910020B2 (en) 2011-06-19 2014-12-09 Sandisk Enterprise Ip Llc Intelligent bit recovery for flash memory
US8909982B2 (en) 2011-06-19 2014-12-09 Sandisk Enterprise Ip Llc System and method for detecting copyback programming problems
US8793543B2 (en) 2011-11-07 2014-07-29 Sandisk Enterprise Ip Llc Adaptive read comparison signal generation for memory systems
US8938658B2 (en) 2011-11-07 2015-01-20 Sandisk Enterprise Ip Llc Statistical read comparison signal generation for memory systems
US9058289B2 (en) 2011-11-07 2015-06-16 Sandisk Enterprise Ip Llc Soft information generation for memory systems
US9048876B2 (en) 2011-11-18 2015-06-02 Sandisk Enterprise Ip Llc Systems, methods and devices for multi-tiered error correction
US8924815B2 (en) 2011-11-18 2014-12-30 Sandisk Enterprise Ip Llc Systems, methods and devices for decoding codewords having multiple parity segments
US8954822B2 (en) 2011-11-18 2015-02-10 Sandisk Enterprise Ip Llc Data encoder and decoder using memory-specific parity-check matrix
US20130173900A1 (en) * 2011-12-28 2013-07-04 Huawei Technologies Co., Ltd. Key transmission method and device of a virtual machine under full disk encryption during pre-boot
US9317316B2 (en) * 2011-12-28 2016-04-19 Huawei Technologies Co., Ltd. Host virtual machine assisting booting of a fully-encrypted user virtual machine on a cloud environment
US9699263B1 (en) 2012-08-17 2017-07-04 Sandisk Technologies Llc. Automatic read and write acceleration of data accessed by virtual machines
US9501398B2 (en) 2012-12-26 2016-11-22 Sandisk Technologies Llc Persistent storage device with NVRAM for staging writes
US9239751B1 (en) 2012-12-27 2016-01-19 Sandisk Enterprise Ip Llc Compressing data from multiple reads for error control management in memory systems
US9612948B2 (en) 2012-12-27 2017-04-04 Sandisk Technologies Llc Reads and writes between a contiguous data block and noncontiguous sets of logical address blocks in a persistent storage device
US9003264B1 (en) 2012-12-31 2015-04-07 Sandisk Enterprise Ip Llc Systems, methods, and devices for multi-dimensional flash RAID data protection
US9454420B1 (en) 2012-12-31 2016-09-27 Sandisk Technologies Llc Method and system of reading threshold voltage equalization
US9329928B2 (en) 2013-02-20 2016-05-03 Sandisk Enterprise IP LLC. Bandwidth optimization in a non-volatile memory system
US9214965B2 (en) 2013-02-20 2015-12-15 Sandisk Enterprise Ip Llc Method and system for improving data integrity in non-volatile storage
KR20150103376A (en) * 2013-03-01 2015-09-10 인텔 코포레이션 Continuation of trust for platform boot firmware
US9223982B2 (en) * 2013-03-01 2015-12-29 Intel Corporation Continuation of trust for platform boot firmware
CN104995629A (en) * 2013-03-01 2015-10-21 英特尔公司 Continuation of trust for platform boot firmware
KR101702289B1 (en) 2013-03-01 2017-02-06 인텔 코포레이션 Continuation of trust for platform boot firmware
US20140250291A1 (en) * 2013-03-01 2014-09-04 Nicholas J. Adams Continuation of trust for platform boot firmware
US9870830B1 (en) 2013-03-14 2018-01-16 Sandisk Technologies Llc Optimal multilevel sensing for reading data from a storage medium
US9244763B1 (en) 2013-03-15 2016-01-26 Sandisk Enterprise Ip Llc System and method for updating a reading threshold voltage based on symbol transition information
US9236886B1 (en) 2013-03-15 2016-01-12 Sandisk Enterprise Ip Llc Universal and reconfigurable QC-LDPC encoder
US9136877B1 (en) 2013-03-15 2015-09-15 Sandisk Enterprise Ip Llc Syndrome layered decoding for LDPC codes
US9092350B1 (en) 2013-03-15 2015-07-28 Sandisk Enterprise Ip Llc Detection and handling of unbalanced errors in interleaved codewords
US9009576B1 (en) 2013-03-15 2015-04-14 Sandisk Enterprise Ip Llc Adaptive LLR based on syndrome weight
US9367246B2 (en) 2013-03-15 2016-06-14 Sandisk Technologies Inc. Performance optimization of data transfer for soft information generation
US9170941B2 (en) 2013-04-05 2015-10-27 Sandisk Enterprises IP LLC Data hardening in a storage system
US9159437B2 (en) 2013-06-11 2015-10-13 Sandisk Enterprise IP LLC. Device and method for resolving an LM flag issue
US9384126B1 (en) 2013-07-25 2016-07-05 Sandisk Technologies Inc. Methods and systems to avoid false negative results in bloom filters implemented in non-volatile data storage systems
US9524235B1 (en) 2013-07-25 2016-12-20 Sandisk Technologies Llc Local hash value generation in non-volatile data storage systems
US9043517B1 (en) 2013-07-25 2015-05-26 Sandisk Enterprise Ip Llc Multipass programming in buffers implemented in non-volatile data storage systems
US9361221B1 (en) 2013-08-26 2016-06-07 Sandisk Technologies Inc. Write amplification reduction through reliable writes during garbage collection
US9639463B1 (en) 2013-08-26 2017-05-02 Sandisk Technologies Llc Heuristic aware garbage collection scheme in storage systems
US9235509B1 (en) 2013-08-26 2016-01-12 Sandisk Enterprise Ip Llc Write amplification reduction by delaying read access to data written during garbage collection
US9519577B2 (en) 2013-09-03 2016-12-13 Sandisk Technologies Llc Method and system for migrating data between flash memory devices
US9442670B2 (en) 2013-09-03 2016-09-13 Sandisk Technologies Llc Method and system for rebalancing data stored in flash memory devices
US9158349B2 (en) 2013-10-04 2015-10-13 Sandisk Enterprise Ip Llc System and method for heat dissipation
US9323637B2 (en) 2013-10-07 2016-04-26 Sandisk Enterprise Ip Llc Power sequencing and data hardening architecture
US9442662B2 (en) 2013-10-18 2016-09-13 Sandisk Technologies Llc Device and method for managing die groups
US9298608B2 (en) 2013-10-18 2016-03-29 Sandisk Enterprise Ip Llc Biasing for wear leveling in storage systems
US9436831B2 (en) 2013-10-30 2016-09-06 Sandisk Technologies Llc Secure erase in a memory device
US9263156B2 (en) 2013-11-07 2016-02-16 Sandisk Enterprise Ip Llc System and method for adjusting trip points within a storage device
US9244785B2 (en) 2013-11-13 2016-01-26 Sandisk Enterprise Ip Llc Simulated power failure and data hardening
US9152555B2 (en) 2013-11-15 2015-10-06 Sandisk Enterprise IP LLC. Data management with modular erase in a data storage system
US9703816B2 (en) 2013-11-19 2017-07-11 Sandisk Technologies Llc Method and system for forward reference logging in a persistent datastore
US9520197B2 (en) 2013-11-22 2016-12-13 Sandisk Technologies Llc Adaptive erase of a storage device
US9141291B2 (en) 2013-11-26 2015-09-22 Sandisk Technologies Inc. Adaptive context disbursement for improved performance in non-volatile memory systems
US9280429B2 (en) 2013-11-27 2016-03-08 Sandisk Enterprise Ip Llc Power fail latching based on monitoring multiple power supply voltages in a storage device
US9122636B2 (en) 2013-11-27 2015-09-01 Sandisk Enterprise Ip Llc Hard power fail architecture
US9520162B2 (en) 2013-11-27 2016-12-13 Sandisk Technologies Llc DIMM device controller supervisor
US9250676B2 (en) 2013-11-29 2016-02-02 Sandisk Enterprise Ip Llc Power failure architecture and verification
US9582058B2 (en) 2013-11-29 2017-02-28 Sandisk Technologies Llc Power inrush management of storage devices
US9092370B2 (en) 2013-12-03 2015-07-28 Sandisk Enterprise Ip Llc Power failure tolerant cryptographic erase
US9235245B2 (en) 2013-12-04 2016-01-12 Sandisk Enterprise Ip Llc Startup performance and power isolation
US9129665B2 (en) 2013-12-17 2015-09-08 Sandisk Enterprise Ip Llc Dynamic brownout adjustment in a storage device
US9549457B2 (en) 2014-02-12 2017-01-17 Sandisk Technologies Llc System and method for redirecting airflow across an electronic assembly
US9497889B2 (en) 2014-02-27 2016-11-15 Sandisk Technologies Llc Heat dissipation for substrate assemblies
US9703636B2 (en) 2014-03-01 2017-07-11 Sandisk Technologies Llc Firmware reversion trigger and control
US9519319B2 (en) 2014-03-14 2016-12-13 Sandisk Technologies Llc Self-supporting thermal tube structure for electronic assemblies
US9348377B2 (en) 2014-03-14 2016-05-24 Sandisk Enterprise Ip Llc Thermal isolation techniques
US9485851B2 (en) 2014-03-14 2016-11-01 Sandisk Technologies Llc Thermal tube assembly structures
US9454448B2 (en) 2014-03-19 2016-09-27 Sandisk Technologies Llc Fault testing in storage devices
US9448876B2 (en) 2014-03-19 2016-09-20 Sandisk Technologies Llc Fault detection and prediction in storage devices
US9390814B2 (en) 2014-03-19 2016-07-12 Sandisk Technologies Llc Fault detection and prediction for data storage elements
US9626400B2 (en) 2014-03-31 2017-04-18 Sandisk Technologies Llc Compaction of information in tiered data structure
US9626399B2 (en) 2014-03-31 2017-04-18 Sandisk Technologies Llc Conditional updates for reducing frequency of data modification operations
US9390021B2 (en) 2014-03-31 2016-07-12 Sandisk Technologies Llc Efficient cache utilization in a tiered data structure
US9697267B2 (en) 2014-04-03 2017-07-04 Sandisk Technologies Llc Methods and systems for performing efficient snapshots in tiered data structures
US9384128B2 (en) 2014-04-18 2016-07-05 SanDisk Technologies, Inc. Multi-level redundancy code for non-volatile memory controller
US8891303B1 (en) 2014-05-30 2014-11-18 Sandisk Technologies Inc. Method and system for dynamic word line based configuration of a three-dimensional memory device
US9070481B1 (en) 2014-05-30 2015-06-30 Sandisk Technologies Inc. Internal current measurement for age measurements
US9093160B1 (en) 2014-05-30 2015-07-28 Sandisk Technologies Inc. Methods and systems for staggered memory operations
US9703491B2 (en) 2014-05-30 2017-07-11 Sandisk Technologies Llc Using history of unaligned writes to cache data and avoid read-modify-writes in a non-volatile storage device
US9645749B2 (en) 2014-05-30 2017-05-09 Sandisk Technologies Llc Method and system for recharacterizing the storage density of a memory device or a portion thereof
US9652381B2 (en) 2014-06-19 2017-05-16 Sandisk Technologies Llc Sub-block garbage collection
US9443601B2 (en) 2014-09-08 2016-09-13 Sandisk Technologies Llc Holdup capacitor energy harvesting

Also Published As

Publication number Publication date Type
CN101273363A (en) 2008-09-24 application
US20080215847A1 (en) 2008-09-04 application
US7934049B2 (en) 2011-04-26 grant
CN101273363B (en) 2013-07-17 grant
US20070061581A1 (en) 2007-03-15 application

Similar Documents

Publication Publication Date Title
US7020772B2 (en) Secure execution of program code
US7500098B2 (en) Secure mode controlled memory
US6539480B1 (en) Secure transfer of trust in a computing system
US7243236B1 (en) Systems and methods for using cryptography to protect secure and insecure computing environments
US6263431B1 (en) Operating system bootstrap security mechanism
US20050141717A1 (en) Apparatus, system, and method for sealing a data repository to a trusted computing platform
US20030126453A1 (en) Processor supporting execution of an authenticated code instruction
US20030126454A1 (en) Authenticated code method and apparatus
US20030126442A1 (en) Authenticated code module
US20060047958A1 (en) System and method for secure execution of program code
US20090222910A1 (en) Memory device and chip set processor pairing
US5987123A (en) Secure file system
US20050182952A1 (en) Information processing apparatus and method and computer program
US20060026569A1 (en) Portion-level in-memory module authentication
US20060015754A1 (en) E-fuses for storing security version data
US20060075223A1 (en) Scalable paging of platform configuration registers
US20040093505A1 (en) Open generic tamper resistant CPU and application system thereof
US20050132186A1 (en) Method and apparatus for a trust processor
US20070043680A1 (en) Digital license migration from first platform to second platform
US20060206943A1 (en) Protecting software environment in isolated execution
US20090019551A1 (en) Information security device and counter control method
US20090094673A1 (en) Method and system for integrated securing and managing of virtual machines and virtual appliances
US20050091496A1 (en) Method and system for distributed key management in a secure boot environment
US20020144121A1 (en) Checking file integrity using signature generated in isolated execution
US20050132226A1 (en) Trusted mobile platform architecture

Legal Events

Date Code Title Description
AS Assignment

Owner name: SANDISK CORPORATION, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:HOLTZMAN, MICKY;REEL/FRAME:019999/0004

Effective date: 20070909

AS Assignment

Owner name: DISCRETIX TECHNOLOGIES LTD., ISRAEL

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:BAR-EL, HAGAI;REEL/FRAME:020078/0592

Effective date: 20071028

AS Assignment

Owner name: SANDISK TECHNOLOGIES LLC, TEXAS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SANDISK CORPORATION;REEL/FRAME:039551/0231

Effective date: 20160712