WO2001095115A1 - Memoire permanente a semi-conducteur et procede de gestion de l'information dans un systeme de distribution de l'information - Google Patents
Memoire permanente a semi-conducteur et procede de gestion de l'information dans un systeme de distribution de l'information Download PDFInfo
- Publication number
- WO2001095115A1 WO2001095115A1 PCT/JP2000/003601 JP0003601W WO0195115A1 WO 2001095115 A1 WO2001095115 A1 WO 2001095115A1 JP 0003601 W JP0003601 W JP 0003601W WO 0195115 A1 WO0195115 A1 WO 0195115A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- information
- input
- access
- area
- key
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
- G06F12/1425—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
- G06F12/1441—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a range
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1458—Protection against unauthorised use of memory or access to memory by checking the subject access rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1458—Protection against unauthorised use of memory or access to memory by checking the subject access rights
- G06F12/1466—Key-lock mechanism
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11C—STATIC STORES
- G11C16/00—Erasable programmable read-only memories
- G11C16/02—Erasable programmable read-only memories electrically programmable
- G11C16/06—Auxiliary circuits, e.g. for writing into memory
- G11C16/22—Safety or protection circuits preventing unauthorised or accidental access to memory cells
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2212/00—Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
- G06F2212/20—Employing a main memory using a specific memory technology
- G06F2212/202—Non-volatile memory
- G06F2212/2022—Flash memory
Definitions
- the present invention relates to an information storage device having an access restriction function and an information system using the device.
- nonvolatile memory represented by flash memory
- the present invention relates to a memory card having a built-in non-volatile memory and a non-volatile memory, and an effective technology applied to an information distribution system using the same.
- a passcode is stored in the ROM of the memory card, a method of permitting access when an input matching the password is given to the memory card, and a method of encrypting the stored information.
- the method of using the password stored in the ROM has limitations such as the area to which access is restricted and the password is fixed, and it is difficult to provide various usage forms in an advanced information society.
- the above-mentioned method of using information encryption prevents information from being erased by a third party or writing other data after erasure. hard. '
- the present invention has been made in view of the above circumstances, and an object of the present invention is to provide an information storage device capable of protecting stored information from unauthorized access by a third party and having a high degree of freedom in setting information protection. , And a semiconductor memory device. Furthermore, it is to provide an information system using them.
- a memory cell array including a plurality of nonvolatile memory cells, a decoder / driver for selecting a nonvolatile memory cell specified by an address from the memory cell array, and an access control circuit for receiving an input command and an input address.
- the access control circuit compares access control information on an access control area of the memory cell array where predetermined access is restricted with an input command and an input address input to the access control circuit; If the input address is not a restricted access in the address control area, the nonvolatile memory cell specified by the input address is controlled to be selected via the decoder driver, and the input command and the input address are controlled.
- the access control information is limited to the address information of the area to which the access is restricted. And the information contained in the access control information can be set by a command.
- a memory cell array including a plurality of nonvolatile memory cells, a decoder for selecting a nonvolatile memory cell specified by an address from the memory cell array, a driver, and an access in which an input command, an input address and an input key are input.
- a predetermined area of the memory cell array is an access-restricted area in which a predetermined access is restricted, and includes an access mode restricted with respect to the access-restricted area and a first key.
- the control information is stored, and the access control circuit compares the access control information with the input command, the input address, and the input key, and determines whether the input key matches the first key or the input command and the input address.
- the nonvolatile address specified by the input address Memory cell is selected via the decoder driver, the input key does not match the first key, and the input command and the input address are restricted accesses in the address control area. Controls the non-volatile memory and cells specified by the input address so that they are not selected via the decoder driver, and the access-restricted area stores data encrypted with the second key.
- the present invention provides an information management method for writing and storing information on a memory card by using a memory card that realizes the functions of the above-described nonvolatile storage device, wherein a first area is stored in a first area of the memory of the memory card.
- the information of the second access management level which is a lower management level than the management level, is written.
- access other than the setter of the first key is restricted by the first key.
- information encrypted by the second key is written, and in the second area, information not encrypted is written.
- FIG. 1 is a block diagram showing an example of the nonvolatile semiconductor memory device of the present invention.
- ⁇ ' is a block diagram showing an example of the nonvolatile semiconductor memory device of the present invention.
- FIG. 2 is a diagram showing a configuration example of a data selection circuit of the present invention.
- FIG. 3 (A) is a diagram showing an access right judgment circuit of the present invention
- FIG. 3 (B) is a diagram showing information stored in an access judgment information storage unit.
- FIG. 4 is a diagram showing a configuration example of an authentication key determination unit of the present invention.
- FIG. 5 (A) is a diagram showing a region-by-region access determination circuit of the present invention
- FIG. 5 (B) is a diagram showing a configuration example of an address determination unit.
- FIG. 6 (A) is a diagram showing a code example of permitted access
- FIG. 6 (B) is a diagram showing a configuration example of an access level determining unit of the present invention.
- FIG. 7 is a timing chart showing a read access procedure in the nonvolatile semiconductor memory device of the present invention.
- FIG. 8A is a timing chart showing a write access procedure in the nonvolatile semiconductor memory device of the present invention
- FIG. 8B is an erase access procedure in the nonvolatile semiconductor memory device of the present invention.
- FIG. FIG. 9 (A) is a flowchart showing a read operation in the nonvolatile semiconductor memory device of the present invention.
- FIG. 9 (B) is a flowchart showing an access right determining operation in the nonvolatile semiconductor memory device of the present invention. It is.
- FIG. 10 (A) shows an access control in the nonvolatile semiconductor memory device of the present invention.
- FIG. 10 (B) is a timing chart showing a procedure for changing the authentication key in the nonvolatile semiconductor memory device of the present invention
- FIG. 10 (C) is a timing chart showing a procedure for changing the authentication key in the nonvolatile semiconductor memory device of the present invention.
- FIG. 9 is a timing chart showing a procedure for releasing an access restriction area in the nonvolatile semiconductor memory device of the present invention.
- FIG. 11 is a diagram showing a configuration example of an access right determination circuit of the present invention.
- FIG. 12 is a flowchart showing an access right determination operation in the nonvolatile semiconductor memory device of the present invention.
- FIG. 13 is a timing chart showing a write access procedure involving a change of an authentication key in the nonvolatile semiconductor memory device of the present invention.
- FIG. 14 is a block diagram showing an example of the memory card of the present invention.
- FIG. 15 is a block diagram showing an example of a conventional nonvolatile semiconductor memory device.
- FIG. 16 is a block diagram showing an example of the information distribution system of the present invention. '
- FIG. 17 (A) is a diagram showing information stored in a memory card used in an example of the information distribution system of the present invention, and FIG. 17 (B) is stored in a service support information storage area.
- FIG. 17 (B) is a diagram showing information stored in a memory card used in an example of the information distribution system of the present invention, and FIG. 17 (B) is stored in a service support information storage area.
- FIG. 18 is a block diagram showing an example of the information distribution system of the present invention.
- FIG. 19 (A) shows an example of the information distribution system of the present invention.
- FIG. 19 (B) shows information stored in the service information storage system.
- FIG. 19 (B) shows the service support information storage area and the digital content.
- FIG. 19 (C) is a diagram showing information stored in a storage area
- FIG. 19 (C) is a diagram showing an example in which digital content information from a plurality of providers is stored in a memory card.
- FIG. 20 is a diagram showing a configuration example of a digital content distribution terminal of the present invention.
- FIG. 21 is a block diagram showing an example of the information sharing system of the present invention.
- FIG. 22 (A) is a diagram showing an example of information stored in a memory device used in an example of the information sharing system of the present invention
- FIG. 22 (B) is a diagram of the information sharing system of the present invention.
- FIG. 4 is a diagram illustrating an example of access restriction of a memory card used in an example.
- the present invention uses general storage means including a nonvolatile memory such as a ferroelectric memory (FRAM) and a magnetic memory (MRAM), and a volatile memory such as a DRAM and an SRAM when power is supplied. It is feasible. Also, as the flash memory used in the following example, it is possible to use a so-called multi-valued memory capable of storing two or more bits of information in one memory cell.
- FRAM ferroelectric memory
- MRAM magnetic memory
- DRAM dynamic random access memory
- SRAM static random access memory
- the flash memory used in the following example it is possible to use a so-called multi-valued memory capable of storing two or more bits of information in one memory cell.
- FIG. 1 is a block diagram of a flash memory according to a first embodiment of the present invention.
- the flash memory outputs signals such as address, command, data, input authentication key, etc. through input / output terminals 1/00 to 1/07, and outputs signals such as data and status.
- Various control signals are provided from outside.
- the control signal terminal CC collectively shows terminals for various control signals, and includes a command data enable signal, a write enable signal, and the like, which will be described later.
- the first operating potential V CC and the second operating potential Vss are externally applied, and a high voltage required for writing is not illustrated. It is generated by a partial booster circuit. ,
- the multiplexer circuit MP is connected to the input / output terminal I / O, distributes an input signal, and sends an output signal from each unit to the input / output terminal I / O.
- the control unit CTR is connected to the various control signal terminals CC and generates control signals for operations such as read, erase, write, and rewrite.
- a memory cell MC is provided at each intersection of a plurality of word lines W and a plurality of bit lines D (for simplicity, one word line W, one bit line D, and one memory cell MC are provided). Only the configuration is shown, and the configuration of the memory array AR can be any configuration.
- Data to be written to the memory array AR is input via an input buffer circuit DIB, and data read from the memory array AR is input via a data output buffer circuit DOB. Furthermore, a register (a component of the sense circuit and data register circuit SDL) is connected to each bit line, and the data written or read to the memory array AR is latched in each register circuit. L
- the X address is input to the X address decoder circuit XD via the X address buffer circuit XAB, and the X address decoder circuit XD decodes and selects the corresponding code line W in the memory array AR. I do.
- the initial value of the Y address of the input address signal is input to the Y address counter circuit YAC, and the Y address counter circuit YAC sequentially generates the Y address signal.
- Y address decoder circuit YD decodes the generated Y address and selects the corresponding bit source in memory array AR.
- the Y gate YG corresponding to the selected bit line is turned on, and data is exchanged between the register and the input buffer circuit DIB or the output buffer circuit DOB.
- an access right determination circuit for performing access right determination is selectively connected to a part of data stored in the memory array AR. It is composed of a data selection unit DS to send to the circuit ACL.
- the number of word lines W selected by the X address decoder circuit XD may be such that, for example, only one can be selected at any time.
- one word line may be selected when reading and writing data, and a plurality of word lines may be simultaneously selected when erasing.
- a configuration in which one read line can be simultaneously selected from each bank at the time of reading and writing may be employed.
- the number of bit lines D selected by the Y address decoder circuit YD may be such that, for example, bit lines corresponding to the bus width of the internal data bus are simultaneously selected.
- the flash memory shown in FIG. 1 is configured so that the user can restrict access to an arbitrary memory space. No.
- FIG. 10 (A) shows an example of an external signal input operation to set the area to be restricted.
- a command “70H” indicating that the area is to be set is input to the I / O terminal I / O.
- the command data enable signal / CDE input from the control signal terminal goes low.
- the command data enable signal / CDE is used in accordance with the timing of command input in order to identify a command or data from an address and to prevent malfunction.
- the light line signal / WE indicates a delimiter of such information.
- the user sets a unique authentication key for the access restriction area set in this way, and allows only a predetermined access even if the authentication fails with this unique authentication key (or not at all).
- the authentication key is set to the default value, and the initial setting is made so that all access modes are possible even if authentication fails. Do). No.
- FIG. 0 (B) shows an example of the signal input operation.
- a command “8 ⁇ ” indicating that access restriction information is to be changed is input to the input / output terminal I / O.
- enter the top X address of the restricted access area twice in SA (1) and SA (2) and enter the authentication key in PW (1), PW (2) Enter twice.
- the user newly enters the authentication key to be changed twice, PW * (1) and PW * (2), and enters information AC about the access permitted if authentication fails.
- the authentication key and the authorized access in the specified area are changed.
- FIG. 10 (C) shows an example of the signal input operation.
- a command “90H” is input to the input / output terminal I / O, indicating that access restriction is released.
- enter the top X address of the access restriction area twice in SA (1) and SA (2) enter the authentication key in PW (1) and PW. Enter in two steps of (2).
- FIGS. 7 and 8 show an example of an external signal input operation for data access to the flash memory whose access is thus restricted.
- FIG. 7 shows a data read operation.
- a command “00H” indicating that a read operation is to be performed is input to the input / output terminal I / O.
- the X address of the memory cell AR that stores the data to be read is input in two separate steps, SA (1) and SA (2) .
- the input authentication keys are PW (1) and PW (2 ),
- the serial clock SC is driven and stored in the specified address.
- a new Y address is input into CA, (1) and CA '(2) twice, and the drive of the serial clock SC is restarted.
- the data from the input gamma address is output from the input / output terminal I / O.
- a predetermined time is required from the input of the ⁇ address to a state in which data can be output from the memory chip due to the structure of the memory chip. It is also possible to insert a time waiting operation or use the ready / busy signal output of the chip to monitor the state, and then drive the serial clock SC after data can be output.
- FIG. 8A shows a data write operation.
- the input authentication key is input twice, PW (1) and PW (2), and the Y address of the memory cell to which data is to be written is CA (1).
- CA (2) Enter twice.
- the write data to the memory cells after the input Y address is read from the memory chip. Is temporarily stored in a data register in the loop. Also, once the serial clock
- FIG. 8 (B) shows the data erasing operation.
- the command “20H” indicating that the erase operation is performed to the input / output terminals ⁇ / 0, the X address of the memory cell to be erased is set to SA (1) and SA (2). Enter the authentication key in two steps, PW (1) and PW (2). Finally, enter the command
- the input authentication key when accessing the area where the same input authentication key is set continuously, or when using the default input authentication key, the input authentication key may be omitted, or the X address, the input authentication key may be omitted. It is possible to variously change the input order of Y, Y addresses, etc., the number of input divisions, necessary input items, and the like, without departing from the spirit of the present invention.
- Figures 9 (A) and 9 (B) show examples of the operation of the memory chip when reading, writing, and erasing.
- a command, an address, and an input authentication key are input from outside (S1), and the access right is determined including the validity of the input authentication key (S2). If it is determined that there is no access right, the operation is terminated (S3). If it is determined that there is access right, the operation corresponding to the command is executed for the memory cell at the specified address (S4). .
- step S4 specifically, in the read operation, the data is read into the data register, the data is output from the input / output terminal I / O according to the serial clock SC, and the process ends normally.
- the data is temporarily stored in the data k-register in accordance with the serial lock sc, and then the data is written into the memory cell, and the process ends normally.
- the erasing operation a command to start erasing data in the memory cell is input to perform erasing, and the process ends normally.
- FIG. 9 (B) shows an access right determination operation which is step S2 in FIG. 9 (A). It is determined whether or not the access right is restricted for the input address (Sl). If the access is not restricted, the determination operation is terminated with the access right (S5). If it is an area where access is restricted, the input authentication key is compared with the stored authentication key (S2), and if it is determined that the key is valid, the determination operation is terminated with an access right ( S5). In the present invention, even if authentication is unsuccessful, only limited operations can be permitted. If it is not determined that the key is a valid authentication key, it is determined whether or not the requested access content (for example, read, write, erase, etc.) is an authorized access (S3).
- S3 the access right determination operation
- FIG. 2 is a diagram illustrating a configuration example of the data selection unit DS.
- Data selector DS Has a function to switch the output of the memory array AR so that if the signal output from the memory array AR is data, it is output to the data output buffer DOB, and if the signal is access restriction information, it is output to the access right judgment circuit ACL. Fulfill.
- a signal is input from the Y gate YG to the data selection unit DS, and the control signal CSIG is received from the control unit CTR.
- the signal is controlled to be output from the unit.
- the above function is realized by the signals controlling the transfer M0S switch being in a complementary relationship ;
- FIG. 3 (A) is a diagram showing a configuration example of the access right determination circuit ACL.
- the access right determination circuit ACL includes an input authentication key register IKR, an input address register IAR, an authentication key determination unit PCL, an access restriction information storage unit ACT, and the like.
- the input authentication key register IKR temporarily stores the externally input input authentication key IKEY
- the input address register IAR temporarily stores the externally input address information (hereinafter referred to as input address information) IADR. It is a temporary storage device.
- the authentication key determination unit PCL includes, for example, the input authentication key register IKR, the input address register IAR, the contents of the access restriction information storage unit ACT described below, and information indicating an access requested from outside (hereinafter referred to as request access). This is a circuit that determines the validity of the input authentication key based on the ACCL, internal control signals from the control unit CTR, etc.
- the access restriction information storage unit ACT is a temporary storage device for temporarily storing information stored in a memory chip, among information relating to the validity determination of the input authentication key.
- the access restriction information is read from the memory array to the data register at a predetermined timing such as at power-on, reset processing, or when data is accessed, and is transferred from the data register via the data selection unit DS. It is stored in the access restriction information storage unit ACT.
- the access restriction information storage unit ACT is, specifically, a volatile memory (mostly SRAM) embedded in the flash memory chip / controller. Generally, it takes a long time to read data from a non-volatile memory. Therefore, by reading them all at once, the overhead required for the authentication operation can be reduced.
- the position (address) where the access restriction information is stored in the memory array is fixed in advance by firmware (for example, by storing it in ROM) that controls the operation of the memory, Can be specified by signal o
- the input address register IAR can be configured to share part or the entirety of the X address buffer XAB and the Y address counter YAC, for example.
- FIG. 3 (B) shows an example of the access restriction information temporarily stored in the access restriction information storage unit ACT.
- the maximum number n of areas in which access restriction information can be specified is determined in advance, and an access right can be set for each area i (1 ⁇ in).
- three areas can be specified, and access restriction information is registered for each area.
- the address information (SADD1-3) defines the range of each area.
- FIG. 4 is a diagram illustrating a configuration example of an authentication key determination unit PCL. Based on the access restriction information, the authentication key determination unit PCL determines whether or not an access request to the flash memory is to be granted as shown in Fig. 9. Operates to prohibit execution.
- the access request may be sequentially collated with the access restriction information of each area, but in this configuration example, the processing is performed in parallel in order to perform this processing at higher speed.
- the access judgment circuit PCheckl to 3 for each of the areas 1 to 3 receives the access restriction information, the input address information IADR, the input authentication key IKEY, and the requested access ACCL as inputs, and the access requested externally as the signal Pl to 3. 1 is output if access is allowed, and 0 is output if access is not allowed. If an access request cannot be granted to any area, the access request should be prohibited. Therefore, the authentication key determination unit PCL outputs, as the signal P, the logical product of the output signals Pl to 3 of each access determination circuit Pcheck.
- FIG. 5 (A) shows a configuration example of the access determination circuit PCheckl for the area 1. Access determination circuits for other areas have the same configuration.
- the access judgment circuit PCheck is composed of an access level judgment unit ACCLC, an authentication key comparison unit KEYC, an address judgment unit ADDC, and the like.
- the access level determination unit ACCLC will be described.
- “write” is defined as a write operation without an erase operation.
- the request access ACCL also has a 3-bit structure as shown in Fig. 6 (B). Expressed in code.
- “rewrite” is defined as a write access operation accompanied by an erase operation.
- the access level determination unit ACCLC compares the three bits Bl, B2, and B3 of the permitted access l (ACCLl) with the three bits bl, b2, and b3 of the request access ACCL, and if the request access is permitted. Will output 1 and 0 if not allowed.
- FIG. 6 (C) shows an example of the configuration.
- 'Key comparison unit KEYC performs an authentication operation by comparing input authentication key IKEY with stored authentication key l (SKEYl). Judges whether two keys match, and outputs 1 if the keys match and 0 if they do not match.
- FIG. 5 (B) shows an example of the configuration of the address comparison unit ADDC.
- the address comparison unit ADDC is configured to output 0 when the input address IADD indicates an address in the area 1, and output 1 when the input address IADD indicates an address outside the area 1.
- Address information 1 shall consist of the start address SAST1 of area 1 and the length SALEN1 of area 1.
- the subtraction circuit SUB subtracts SAST1 from the input address IADD, and the comparison circuit C0MP compares the output of the subtraction circuit and SUB with SALEN1.If SALEN1 is smaller, 1; Output.
- the output of the subtraction circuit SUB when the subtraction result is negative is configured to output a number such as the maximum number such that the output of the subsequent magnitude comparison circuit C0MP always becomes 1.
- the addressing method used here may be, for example, a concatenation of an X address and a Y address, with the X address being the high order and the Y address being the low order.
- one authentication key is set for one area as shown in FIG. 3 (B).
- the present invention is not limited to this. Multiple authentication keys can be set for one area. In this case, for example, when accessing from the outside, if a certain relationship with any one of the authentication keys set in the area is satisfied, it is determined that the access is valid and all access is permitted, and unauthorized access is permitted. No access may be permitted for access using a simple input authentication key. Alternatively, even if each authentication key is determined to be a valid authentication key, access may be restricted by restricting the type of access permitted. For example, this is a case where the first authentication key for full access and the second authentication key for read only are set separately for one area.
- the read-only second key that automatically has a certain relationship with the first authentication key (for example, the relationship between the public key and the private key of the public key cryptography). Configure so that 2 authentication keys are set. In this case, even if a third party knows the second authentication key, it is impossible to set information having the second authentication key 'without knowing the first authentication key. It is possible to prevent information tampering by a third party who does not know the authentication key. '
- authentication using the read-only second authentication key may be required in addition to authentication using the first authentication key.
- the authentication key By giving the authentication key a hierarchical structure in this way, it is possible to realize access restrictions that vary the strictness of authentication according to the type of access.
- the areas where the first authentication key and the second authentication key are respectively set are completely the same, one area includes the other area, or one area includes the other area. There is a form in which only a part overlaps and only the overlapping part has multiple keys. obtain.
- the permitted access to the data storage area is not changed even if the data is changed by erasing or writing, but the present invention is not limited to this.
- Erasing may be performed in groups of 5—for each area, and the memory authentication key may be erased when erasing. .
- the memory authentication key is set for each readout unit, and a certain address in the readout unit is fixed as the storage address of the memory authentication key. Reduce overhead.
- FIG. 11 shows the access right judgment circuit ACL of this embodiment.
- the data selection unit DS extracts the storage authentication key SKEY from the read data for one sector and temporarily stores it in the storage authentication key register SKR.
- the input authentication key IKEY input from outside is temporarily stored in the input authentication key register 20 IKR, and the key comparison unit KEYC compares the contents of the stored authentication key register SKR with the contents of the input authentication key register IKR to determine a match. I do.
- the storage authentication key SKEY is transferred to the access right determination circuit ACL via the data selection section DS.
- an authentication key can be set for each X address, which is a single read unit, and data is read at the same time as the information accessed by the authentication key.
- a flash memory with a small overhead for the authentication operation and the circuit scale for the authentication can be realized.
- an external operation for data access can be realized in the same manner as the method shown in FIGS. 7 and 8 (A) and (B) ′.
- the operation of the memory chip when reading, writing, and erasing is performed is the same as in the example of FIG.
- the portion of one sector other than the portion where the memory authentication key is stored is output to the data output buffer DOB.
- FIG. 12 shows an access right determination operation in the present embodiment.
- the memory register data one sector's worth of data
- the output destination of the data selection unit DS is set in the access right judgment circuit ACL (S2), and the data used for authentication is transferred from the data register to the access right judgment circuit ACL (S3).
- the access right determination circuit ACL determines whether to permit the request access based on the authentication-related data transferred from the data register and the authentication-related data input from the outside (S4), and ends. (S5, S6).
- the access content permitted even when the authentication is unsuccessful is not set.
- FIG. Figure 13 shows a write operation in which the previously determined authentication keys PW (1) and PW (2) are changed to new authentication keys PW * (1) and PW * (2). .
- write data is input while driving the serial clock SC, and the write data from the newly input Y address is stored in the data register. It is possible to remember when.
- the command “40H” the data temporarily stored in the data register is written to the memory cell.
- Reading and erasing are the same as those shown in FIGS. 7 and 8 (B).
- erasure there may be a problem that the authentication data is also erased along with the erasure of the user data.
- the problem can be solved by a configuration in which the authentication data is backed up and written back after erasing.
- the validity of the input authentication key IKEY is determined by determining whether the stored authentication key SKEY and the input authentication key IKEY match.
- the function of the key comparison unit KEYC may be changed.
- the determination can be made by various methods, and the present invention is not limited thereto.
- the access is not permitted if the input authentication key IKEY is determined to be invalid as a result of the authentication operation.
- the access right determination circuit ACL is shown in the first embodiment.
- the authentication operation is performed for each data that makes the X address the same.
- FIG. 14 is a block diagram of a memory card according to a third embodiment of the present invention.
- the memory card MC consists of a card controller CCT and a plurality of flash memory chips FM.
- the card controller CCT is a host that controls the input / output buffer 1/01 in the interface of the external host, the input / output buffer I / 0B2 in the interface to the flash memory in the memory card, and the interface to the host.
- Interface logic circuit HIL flash memory control logic circuit FCL for controlling flash memory
- data transfer logic circuit DT for controlling data transfer, MPU, MPU interface logic circuit MIL, access right judgment circuit ACL, etc.
- the present embodiment is characterized in that the part performing the operation related to the authentication is outside the flash memory chip, and performs the authentication operation as a memory card.
- a flash memory without an authentication function as shown in Fig. 15 can be used as the flash memory.
- the access right determination circuit ACL can be configured as a circuit having a function equivalent to the circuit of the first embodiment or the second embodiment, for example, and can realize an information protection function as a memory card. . '
- a general-purpose flash memory chip can be used, and there is an advantage that the memory card can be configured at a lower cost.
- FIG. 16 shows the digital information (digital data) according to the request of the user (customer).
- FIG. 2 is a block diagram of an information distribution system that provides the content (contents). Digital information, which is music information and moving image information, is transferred to a memory card using the flash memory of the first or second embodiment via the memory card 1 which is a memory card MC shown as the third embodiment. To deliver.
- the digital content distribution terminal 2 is installed at a station, a convenience store, or the like, and transmits a user's content request to the digital content distribution server 4 and, at the same time, responds to the service support information stored in the memory card 1. Perform necessary procedures.
- the digital content distribution server 4 stores digital content, and transmits digital information via the communication line 3 in response to a content request from the digital content distribution terminal.
- the communication line 3 may be, for example, a telephone line, the Internet, a satellite communication line, a dedicated line, or the like.
- the form of information provision may be, for example, sales, rental, or free distribution.
- the service support information is, for example, individual information of a customer necessary for an information service distribution company (hereinafter, referred to as a service provider). Such service support information is stored in the memory card 1.
- the service support information includes (1) information for improving the usability of customers, (2) information for protecting the copyright of digital contents, and ( 3 ) information used for billing, etc. related to the purchase of contents. It is.
- Information on usability improvement includes customer sales history. The history of sales to the customer is stored in a memory card, and the digital content distribution terminal 2 edits and displays the distributable content list according to the sales history. This will enable efficient introduction of content according to customer preferences.
- the rental service also includes information on the rental period.
- digital watermarking is performed on digital content to be distributed based on customer-specific information stored in memory card 1 as service support information. Can be inserted. If such service support information is centrally managed by the service provider and stored in each customer's memory card 1, it is effective for protecting the privacy of the customer. .
- the information distribution system shown in Fig. 16 provides information by writing digital information to a memory card.
- the contents stored in the memory card 1 include service support information 12 and digital contents .13 as shown in FIG. 17 (A).
- Service support information is information that should not be written by anything other than the provider (access-restricted information mainly by the provider). Among them, there is management information common to multiple customers, but there is also information unique to the customer, such as billing information (access restriction information mainly provided by providers and users). Focusing on the need for a higher security level for the latter than for the former, access restrictions are provided as shown in Fig. 17 (B).
- the service support information is stored in an area indicated by addresses A0 to A3 (hereinafter, referred to as a provider area). It is assumed that access to this provider area is restricted by the authentication key K1 set by the provider, and that only the read operation is permitted to those other than the provider who does not know the authentication key K1. In addition, the region (below provider. That the user area) indicated by the address A1 ⁇ A 2, which is included in the provider area, the user'll go-between limited access to the authentication key K2 that has been set is applied, do not know the authentication key No access is granted to the person.
- the provider user area for example, an area in which user-specific information such as billing information and history information is written is set. Information written in the provider area other than the provider user area includes an identification number assigned to each user by the provider. If the above access restrictions are applied, these areas will be managed as follows.
- Provider ⁇ User area Both provider authentication key and user authentication key are required for writing. A user authentication key is required for reading. If you do not know the user authentication key, no access is allowed. .
- the key comparison unit KEYC shown in FIG. 5A is configured as follows.
- the stored authentication key Kl set by the provider and the stored authentication key ⁇ ⁇ ⁇ 2 set by the user are each ⁇ -bit information.
- the input authentication key is stored in the digital content distribution terminal 2, or the authentication key from the provider and the digital content distribution terminal 2 transmitted from the digital content distribution server 4 to the digital content distribution terminal 2 via the communication line 3. It is composed of 2 ⁇ bits of information based on the authentication key from the user input in step (1).
- the key comparison unit KEYC compares the ⁇ -bit stored authentication key set in each area with the 2 ⁇ -bit input authentication key, and determines whether the stored authentication key is the upper ⁇ bits or the lower ⁇ bits of the input authentication key.
- the configuration may be such that 1 is output if the value matches the ⁇ bit, and 0 is output if none of the values match.
- the upper n bits of the authentication key are used for the provider authentication key, and the lower n bits are used for the user authentication key.
- the key comparison part KEYC in Fig. 11 matches the lower n bits above the input authentication key and the memory authentication key, any access is permitted, and if only the lower n bits match, only reading is permitted What is necessary is just to comprise so that the signal which shows that it does.
- FIG. 18 shows an embodiment in which the access is restricted by the authentication key up to the fourth embodiment, whereas the access is restricted by the encryption key.
- access restriction using an authentication key by a memory card function is set for an area for storing service support information. Is stored by the digital content distribution terminal 2 and managed by the service provider. On the other hand, at least a part of the service support information to be stored (for example, the billing information, the history information, and the service support information stored in the provider user area in the fourth embodiment) corresponds to the user (customer). Is encrypted with the encryption key managed by. That is, the digital content distribution terminal 2 can write in the service support information area using the authentication key held by the digital content distribution terminal 2.
- the support information is encrypted and written to the memory card.
- the service support information cannot be written by anyone other than the service provider, it is possible to prevent the service support information from being tampered with by anyone other than the service provider. Since the is encrypted, it is possible to prevent unauthorized use of the memory card by a third party.
- access restriction to the service support information storage area allows only reading of information without knowing the authentication key. In this case, if the rental period is read out to the playback device and it exceeds the set value of the rental period, a service form that prevents unauthorized use by providing a function to prohibit reproduction of the content is also possible It becomes. Note that most of the service support information that requires double access restriction is rewritten due to the user's use of the service, so the service support information is managed using the user-set authentication key. However, it can be said that this embodiment using the encryption key is easy to manage.
- the digital content distribution terminal 2 can be configured to include a service support information decoding function 22 and a content processing function 23 as shown in FIG. Specifically, these functions store a program for realizing these functions in a storage device (not shown) of the terminal 2, and the CPU (not shown) of the terminal 2 stores these programs. Read and execute.
- the user specifies the content to be distributed and inputs the encryption key for the service support information to the digital content distribution terminal 2.
- the digital content distribution terminal 2 requests the digital content distribution server 4 to send the content requested by the user, and
- the service support information is read from Ricard 1 and decrypted using the encryption key input by the customer.
- the digital content distribution terminal 2 processes the content sent from the digital content distribution server 4 using the decrypted service support information, such as encryption and digital watermarking, and writes the processed content. It re-encrypts the updated service support information and writes the updated information using the authentication key.
- the processing of the content can be performed on the server side, for example, by transmitting service support information to the digital content distribution server 4 '.
- the area for storing digital content has no access restriction, and the method for encrypting digital content is used.
- the customer can set an authentication key and set to prohibit writing to prevent tampering with digital content.
- the digital content can be in various formats such as encryption or digital watermarking, and the present invention is not limited to a specific method.
- a plurality of service support information and digital contents stored in a memory card, for example, as shown in FIG. 19 (C).
- a common memory card is used for a plurality of providers. Even if the service is used, each service provider can have service support information managed independently, and various service forms can be realized.
- FIG. 21 is a block diagram showing an example of an information system in which information in a memory card is used by a plurality of persons.
- a plurality of hospitals store information on the condition of a patient in a memory card 5 owned by the patient. Possible medical care.
- each hospital that writes information stores the secret information area and / or the public information area in the memory card. Secure.
- each hospital sets an authentication key and restricts access to these areas, as shown in Fig. 22 (B) (only third parties are allowed to read).
- the information stored in the information area is encrypted.
- an information storage device capable of protecting stored information from unauthorized access can be realized.
- 'Also set up multiple areas, each protected by a different authentication key. It is possible to realize an information storage device that can be set and the authentication key and area can be reset, and also realizes an information distribution system using a memory card that can prevent unauthorized use by a third party and tampering of stored information I can do it.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
- Read Only Memory (AREA)
Description
Claims
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2002502600A JP4028798B2 (ja) | 2000-06-02 | 2000-06-02 | 不揮発性半導体記憶装置および情報配信システムにおける情報管理方法 |
PCT/JP2000/003601 WO2001095115A1 (fr) | 2000-06-02 | 2000-06-02 | Memoire permanente a semi-conducteur et procede de gestion de l'information dans un systeme de distribution de l'information |
US10/276,664 US7043615B1 (en) | 2000-06-02 | 2000-06-02 | Nonvolatile semiconductor memory and method of managing information in information distribution system |
TW090111842A TW509948B (en) | 2000-06-02 | 2001-05-17 | Nonvolatile semiconductor memory apparatus and information managing method in information-distributing system |
US11/296,274 US7356659B2 (en) | 2000-06-02 | 2005-12-08 | Nonvolatile semiconductor memory and method of managing information in information distribution system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2000/003601 WO2001095115A1 (fr) | 2000-06-02 | 2000-06-02 | Memoire permanente a semi-conducteur et procede de gestion de l'information dans un systeme de distribution de l'information |
Related Child Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10276664 A-371-Of-International | 2000-06-02 | ||
US11/296,274 Continuation US7356659B2 (en) | 2000-06-02 | 2005-12-08 | Nonvolatile semiconductor memory and method of managing information in information distribution system |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2001095115A1 true WO2001095115A1 (fr) | 2001-12-13 |
Family
ID=11736109
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2000/003601 WO2001095115A1 (fr) | 2000-06-02 | 2000-06-02 | Memoire permanente a semi-conducteur et procede de gestion de l'information dans un systeme de distribution de l'information |
Country Status (4)
Country | Link |
---|---|
US (2) | US7043615B1 (ja) |
JP (1) | JP4028798B2 (ja) |
TW (1) | TW509948B (ja) |
WO (1) | WO2001095115A1 (ja) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2005514720A (ja) * | 2001-12-31 | 2005-05-19 | ディジタル・データ・リサーチ・カンパニー | セキュリティ・クリアランス・カードおよび該カードを読取るシステムおよび方法 |
JP2006524851A (ja) * | 2003-04-14 | 2006-11-02 | ギーゼッケ ウント デフリエント ゲーエムベーハー | 非接触データキャリア |
JP2007094597A (ja) * | 2005-09-27 | 2007-04-12 | Nec Electronics Corp | Icタグ、icタグシステム及びそのコマンドの実行方法 |
JP2009524140A (ja) * | 2006-01-17 | 2009-06-25 | エヌエックスピー ビー ヴィ | 領域保護装置、命令セット、及びメモリ領域を保護する方法 |
JP2011076636A (ja) * | 2004-08-17 | 2011-04-14 | Oberthur Technologies | データ処理の方法及び装置 |
JP2013510373A (ja) * | 2009-11-05 | 2013-03-21 | ラムバス・インコーポレーテッド | インターフェースクロックマネージメント |
Families Citing this family (37)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE10124139A1 (de) * | 2001-05-17 | 2002-11-21 | Philips Corp Intellectual Pty | Verfahren und Vorrichtung zur Sicherung der Datenübertragung zwischen einem Zentralprozessor und einem Speicher |
US7478248B2 (en) * | 2002-11-27 | 2009-01-13 | M-Systems Flash Disk Pioneers, Ltd. | Apparatus and method for securing data on a portable storage device |
JP4945053B2 (ja) * | 2003-03-18 | 2012-06-06 | ルネサスエレクトロニクス株式会社 | 半導体装置、バスインターフェース装置、およびコンピュータシステム |
JP4647446B2 (ja) * | 2005-09-20 | 2011-03-09 | 富士通株式会社 | 半導体記憶装置 |
US8108692B1 (en) | 2006-06-27 | 2012-01-31 | Siliconsystems, Inc. | Solid-state storage subsystem security solution |
US7509441B1 (en) * | 2006-06-30 | 2009-03-24 | Siliconsystems, Inc. | Systems and methods for segmenting and protecting a storage subsystem |
US7447807B1 (en) | 2006-06-30 | 2008-11-04 | Siliconsystems, Inc. | Systems and methods for storing data in segments of a storage subsystem |
US8549236B2 (en) | 2006-12-15 | 2013-10-01 | Siliconsystems, Inc. | Storage subsystem with multiple non-volatile memory arrays to protect against data losses |
US8695087B2 (en) * | 2008-04-04 | 2014-04-08 | Sandisk Il Ltd. | Access control for a memory device |
US20090260080A1 (en) * | 2008-04-14 | 2009-10-15 | Sameer Yami | System and method for verification of document processing device security by monitoring state transistions |
US8825940B1 (en) | 2008-12-02 | 2014-09-02 | Siliconsystems, Inc. | Architecture for optimizing execution of storage access commands |
US9176859B2 (en) * | 2009-01-07 | 2015-11-03 | Siliconsystems, Inc. | Systems and methods for improving the performance of non-volatile memory operations |
US10079048B2 (en) * | 2009-03-24 | 2018-09-18 | Western Digital Technologies, Inc. | Adjusting access of non-volatile semiconductor memory based on access time |
JP2012234334A (ja) * | 2011-04-28 | 2012-11-29 | Toshiba Corp | メモリ装置 |
KR101797107B1 (ko) * | 2011-07-08 | 2017-12-13 | 삼성전자주식회사 | 비휘발성 메모리 장치와 상기 비휘발성 메모리 장치를 포함하는 메모리 시스템 |
US9305142B1 (en) * | 2011-12-19 | 2016-04-05 | Western Digital Technologies, Inc. | Buffer memory protection unit |
US8634247B1 (en) | 2012-11-09 | 2014-01-21 | Sandisk Technologies Inc. | NAND flash based content addressable memory |
US9075424B2 (en) | 2013-03-06 | 2015-07-07 | Sandisk Technologies Inc. | Compensation scheme to improve the stability of the operational amplifiers |
US9870830B1 (en) * | 2013-03-14 | 2018-01-16 | Sandisk Technologies Llc | Optimal multilevel sensing for reading data from a storage medium |
DE102014200533A1 (de) | 2014-01-14 | 2015-07-16 | Olympus Winter & Ibe Gmbh | Wechseldatenträger, medizinisches Gerät und Verfahren zum Betrieb eines Wechseldatenträgers |
US10162748B2 (en) | 2014-05-30 | 2018-12-25 | Sandisk Technologies Llc | Prioritizing garbage collection and block allocation based on I/O history for logical address regions |
US10372613B2 (en) | 2014-05-30 | 2019-08-06 | Sandisk Technologies Llc | Using sub-region I/O history to cache repeatedly accessed sub-regions in a non-volatile storage device |
US10656840B2 (en) | 2014-05-30 | 2020-05-19 | Sandisk Technologies Llc | Real-time I/O pattern recognition to enhance performance and endurance of a storage device |
US10114557B2 (en) | 2014-05-30 | 2018-10-30 | Sandisk Technologies Llc | Identification of hot regions to enhance performance and endurance of a non-volatile storage device |
US10146448B2 (en) | 2014-05-30 | 2018-12-04 | Sandisk Technologies Llc | Using history of I/O sequences to trigger cached read ahead in a non-volatile storage device |
US11237828B2 (en) * | 2016-04-26 | 2022-02-01 | Onnivation, LLC | Secure matrix space with partitions for concurrent use |
US10855477B2 (en) | 2016-08-04 | 2020-12-01 | Macronix International Co., Ltd. | Non-volatile memory with physical unclonable function and random number generator |
US10469271B2 (en) | 2016-08-04 | 2019-11-05 | Macronix International Co., Ltd. | Physical unclonable function for non-volatile memory |
US11258599B2 (en) | 2016-08-04 | 2022-02-22 | Macronix International Co., Ltd. | Stable physically unclonable function |
US10680809B2 (en) | 2016-08-04 | 2020-06-09 | Macronix International Co., Ltd. | Physical unclonable function for security key |
US10911229B2 (en) | 2016-08-04 | 2021-02-02 | Macronix International Co., Ltd. | Unchangeable physical unclonable function in non-volatile memory |
US9811689B1 (en) | 2016-12-27 | 2017-11-07 | Macronix International Co., Ltd. | Chip ID generation using physical unclonable function |
CN110032529B (zh) * | 2018-01-11 | 2021-11-09 | 武汉斗鱼网络科技有限公司 | 一种内存管理方法及相关装置 |
US10768831B2 (en) * | 2018-12-28 | 2020-09-08 | Micron Technology, Inc. | Non-persistent unlock for secure memory |
US11188685B2 (en) * | 2019-02-22 | 2021-11-30 | Google Llc | Secure transient buffer management |
CN113704144A (zh) * | 2020-05-22 | 2021-11-26 | 澜起科技股份有限公司 | 存储器控制器以及用于控制对存储模块的访问的方法 |
US11380379B2 (en) | 2020-11-02 | 2022-07-05 | Macronix International Co., Ltd. | PUF applications in memories |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1995019608A1 (en) * | 1994-01-14 | 1995-07-20 | Cp8 Transac | A secure application card for sharing application data and procedures among a plurality of microprocessors |
JP2000050047A (ja) * | 1998-07-28 | 2000-02-18 | Fuji Photo Film Co Ltd | データ配信方法 |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH0614326B2 (ja) | 1984-03-31 | 1994-02-23 | 株式会社東芝 | Icカ−ド |
JPH0253154A (ja) | 1988-08-17 | 1990-02-22 | Toshiba Corp | 携帯可能電子装置 |
US5293424A (en) * | 1992-10-14 | 1994-03-08 | Bull Hn Information Systems Inc. | Secure memory card |
JP3231466B2 (ja) | 1993-03-24 | 2001-11-19 | 大日本印刷株式会社 | キーを記憶した情報記録媒体 |
-
2000
- 2000-06-02 JP JP2002502600A patent/JP4028798B2/ja not_active Expired - Fee Related
- 2000-06-02 US US10/276,664 patent/US7043615B1/en not_active Expired - Fee Related
- 2000-06-02 WO PCT/JP2000/003601 patent/WO2001095115A1/ja active Application Filing
-
2001
- 2001-05-17 TW TW090111842A patent/TW509948B/zh not_active IP Right Cessation
-
2005
- 2005-12-08 US US11/296,274 patent/US7356659B2/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1995019608A1 (en) * | 1994-01-14 | 1995-07-20 | Cp8 Transac | A secure application card for sharing application data and procedures among a plurality of microprocessors |
JP2000050047A (ja) * | 1998-07-28 | 2000-02-18 | Fuji Photo Film Co Ltd | データ配信方法 |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2005514720A (ja) * | 2001-12-31 | 2005-05-19 | ディジタル・データ・リサーチ・カンパニー | セキュリティ・クリアランス・カードおよび該カードを読取るシステムおよび方法 |
JP2006524851A (ja) * | 2003-04-14 | 2006-11-02 | ギーゼッケ ウント デフリエント ゲーエムベーハー | 非接触データキャリア |
JP4759505B2 (ja) * | 2003-04-14 | 2011-08-31 | ギーゼッケ ウント デフリエント ゲーエムベーハー | 非接触データキャリア |
JP2011076636A (ja) * | 2004-08-17 | 2011-04-14 | Oberthur Technologies | データ処理の方法及び装置 |
US9454663B2 (en) | 2004-08-17 | 2016-09-27 | Oberthur Technologies | Data processing method and device |
JP2007094597A (ja) * | 2005-09-27 | 2007-04-12 | Nec Electronics Corp | Icタグ、icタグシステム及びそのコマンドの実行方法 |
JP2009524140A (ja) * | 2006-01-17 | 2009-06-25 | エヌエックスピー ビー ヴィ | 領域保護装置、命令セット、及びメモリ領域を保護する方法 |
JP2013510373A (ja) * | 2009-11-05 | 2013-03-21 | ラムバス・インコーポレーテッド | インターフェースクロックマネージメント |
Also Published As
Publication number | Publication date |
---|---|
US7356659B2 (en) | 2008-04-08 |
TW509948B (en) | 2002-11-11 |
JP4028798B2 (ja) | 2007-12-26 |
US7043615B1 (en) | 2006-05-09 |
US20060095699A1 (en) | 2006-05-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2001095115A1 (fr) | Memoire permanente a semi-conducteur et procede de gestion de l'information dans un systeme de distribution de l'information | |
US9514063B2 (en) | Secure compact flash | |
US8108692B1 (en) | Solid-state storage subsystem security solution | |
JP3389186B2 (ja) | 半導体メモリカード及び読み出し装置 | |
US7765373B1 (en) | System for controlling use of a solid-state storage subsystem | |
JP4395302B2 (ja) | 半導体メモリカード及びその制御方法 | |
JP3493047B2 (ja) | メモリー・カード | |
US8276185B2 (en) | Enhanced security memory access method and architecture | |
US6915375B2 (en) | Memory apparatus and a data-processing apparatus, and method for using the memory apparatus | |
EP2161673A1 (en) | Method and system for protecting data | |
JP2003044363A (ja) | プロセッサ中のデータセキュリティを有するメモリ装置 | |
JPH09259045A (ja) | メモリカードのセキュリティシステム装置及びそのメモリカード | |
TWI644229B (zh) | 採加密技術之數據中心與數據中心操作方法 | |
US8219824B2 (en) | Storage apparatus, memory card accessing apparatus and method of reading/writing the same | |
JP2010193013A (ja) | 暗号鍵保護方法及び半導体記憶装置 | |
RU2251752C2 (ru) | Карта полупроводниковой памяти и устройство считывания данных | |
JP2010079426A (ja) | 半導体記憶装置 | |
EP1684152A1 (en) | Method and architecture for restricting access to a memory device | |
JPH11338779A (ja) | 情報記録再生方法 | |
JP2005149138A (ja) | 記憶媒体からのデータ読み出し方法及びその装置 | |
TW200847006A (en) | Storage apparatus, memory card accessing apparatus and method of reading/writing the same | |
JP2003242036A (ja) | データ復号方法およびデータ復号装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): CN JP KR US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
ENP | Entry into the national phase |
Ref country code: JP Ref document number: 2002 502600 Kind code of ref document: A Format of ref document f/p: F |
|
WWE | Wipo information: entry into national phase |
Ref document number: 10276664 Country of ref document: US |
|
122 | Ep: pct application non-entry in european phase |