WO2005055019A1 - Method to control the access in a flash memory and system for the implementation of such a method - Google Patents
Method to control the access in a flash memory and system for the implementation of such a method Download PDFInfo
- Publication number
- WO2005055019A1 WO2005055019A1 PCT/IB2004/003976 IB2004003976W WO2005055019A1 WO 2005055019 A1 WO2005055019 A1 WO 2005055019A1 IB 2004003976 W IB2004003976 W IB 2004003976W WO 2005055019 A1 WO2005055019 A1 WO 2005055019A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- sector
- memory
- owner
- access
- write
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1458—Protection against unauthorised use of memory or access to memory by checking the subject access rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/02—Addressing or allocation; Relocation
- G06F12/0223—User address space allocation, e.g. contiguous or non contiguous base addressing
- G06F12/023—Free address space management
- G06F12/0238—Memory management in non-volatile memory, e.g. resistive RAM or ferroelectric memory
- G06F12/0246—Memory management in non-volatile memory, e.g. resistive RAM or ferroelectric memory in block erasable memory, e.g. flash memory
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2143—Clearing memory, e.g. to prevent the data from being stolen
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2149—Restricted operating environment
Definitions
- This invention concerns a method to control the access in a flash memory of an electronic module and the module for the implementation of such a method.
- the invention applies according to a special form of realisation, to a portable object such as an integrated circuit card.
- the integrated circuit cards may be for example memory cards or microprocessor cards.
- the term "portable object" must be taken in its broadest sense. It concerns in particular all types of light terminals equipped with an electronic chip and more especially the smart cards as such.
- the electronic chip is itself equipped with information processing means (for example a microprocessor) and information storage means.
- Flash technology a new non volatile memory technology is emerging in smart cards: Flash technology.
- the Flash memory is organised in sectors as shown on figure 1 (sectors 1 , 2 and 3). Each sector is a memory block of unique size.
- the memory space of each sector is divided into memory pages, for example of 128 bytes, grouped into partitions or segments (e.g. : partition ApplM , partition Appli2, partition Appli3 and partition OS of sector 1 on figure 1 ), used to store various software modules (ApplM , Appli2, Appli3, OS).
- a partition contains all pages of a sector allocated to a given owner.
- several applications may share the same sector (for example, applications 1 , 2 and 3 share sector 1 on figure 1 ).
- the access controllers of known type provide a given application with write access to a sector it owns or shares.
- a sector defines the unit of erasable memory: consequently to modify a non-blank area of the sector, for example a partition, the entire sector must be erased.
- the entire sector is erased: a sector forms an indivisible unit for erasure.
- application 1 wants to modify sector 1 , it could erase the data of application 2 or even of the operating system.
- partitions containing data belonging to other applications could suffer irrevocable damage.
- One known solution is to allocate an entire sector to a single owner. When the sector is large, however, there is a significant loss of memory space and poor flexibility.
- One objective of this invention is to optimise the write operation in a Flash memory.
- This invention concerns a method to control the access to a sector of a flash type memory of an electronic module which consists in checking that the owner of the data to be written has write access to a partition of said sector characterised in that it consists in checking at least one additional rule on the sector concerned in order to allow possible erasure of the entire said sector before writing in it.
- This invention also concerns the electronic module including information processing means, a FLASH type non volatile memory characterised in that it includes a memory manager which consists in checking on the sector concerned at least one rule in addition to that which consists in checking that the owner of the data to be written has write access to a partition of said sector, in order to authorise possible erasure of the entire said sector before writing in it.
- Figure 1 is a diagrammatic representation of the organisation of a Flash memory
- Figure 2 is a diagrammatic representation of a non-limiting mode of realisation of an electronic unit with microprocessor designed to use the method according to the invention
- Figure 3 is a diagrammatic representation of the various software and hardware layers of the access control system according to this invention.
- the method according to the invention aims to optimise the write in a Flash memory of an electronic system such as for example any portable object equipped with an electronic module and more especially an integrated circuit card.
- the electronic system comprises at least a processor and a Flash type non volatile memory.
- FLASH type memory means any memory organised in sectors, the sector forming an indivisible unit for erasure, the sector being itself subdivided into memory pages which could be allocated to different owners.
- the electronic system described below corresponds to a portable object comprising an electronic module 1 illustrated on figure L
- This type of module is generally realised as a monolithic integrated electronic microcircuit, or chip, which once physically protected by any known means can be assembled on a portable object such as for example a smart card, integrated circuit card or other card which can be used in various fields.
- the microprocessor electronic module 1 comprises a microprocessor CPU 3 with a two-way connection via an internal bus 5 to a Flash type non volatile memory 7 containing applications 9, appl ⁇ ' 1 , appli2, appli3, to be executed, a volatile memory 11 of type RAM, input output means I/O 13 to communicate with the exterior.
- the access controller 15 can be realised as windows open on a series of pages (such as a segmentation device MPU) or as semi-static access matrices associating attributes to the pages (partition type device MAC). Applications are associated with memory areas either during configuration or when selecting an application. Such mechanisms only allow memory access for predetermined code / data area pairs. With an access matrix, for example, the role of the access controller at the time of execution simply consists in comparing the identity of the page "owner" and the identity of the module trying to access this page. According to this invention, the memory manager 17 intercepts the writes in Flash memory 7 and performs an additional check on the sector concerned before authorising or not erasure of the sector following the write.
- the check determines whether the erasure caused by the write would not delete data belonging to other owners.
- data covers any type of information stored in the memory, whether code, data or other. Writes must never be made directly in memory nor by direct call to a pilot, but be made via said memory manager.
- the manager can also check the write access rights in the page indicated.
- the method according to the invention consists, using the memory manager, in checking a set of rules for the entire sector concerned, to authorise the erasure of a sector before writing in it.
- the set of rules concerning the sector takes into consideration the owner(s) of the pages in the segment concerned and the content of the pages.
- the set of rules checks that the write cannot delete data which must be kept and in particular data of an owner other than the user wanting to make the write.
- the check is therefore based on one or more rules of the following type:
- the write is authorised if: o the location in the sector where the write is to be made is blank, bearing in mind that the sector is not necessarily completely blank; the write does not result in erasure; o And/or the entire sector belongs to the same owner; o And/or the pages not belonging to the same owner are blank; o And/or the pages not belonging to the same owner are marked as erasable;
- a sector is said to be blank when no write has been made in the sector or when the sector has been erased and no new write has been made since the erasure.
- the module according to this invention comprises all of these rules.
- the manager has: a memory description 27 stored in memory: o a number of sectors o a number of pages per sector o an owner of each page o the statuses of the pages (erasable, blank or not blank) a description of the current request: o the sector concerned (from the address) o the owner issuing the request and a set of rules 29.
- the memory manager allows an owner to mark the pages belonging to him as erasable. As seen previously, the manager keeps the statuses of the pages marked as erasable in the description 27.
- a simple application program interface (API) 25 based on the previous constraints could include, for example, the following functions: - error nv_write(dst_addr, src_addr, length): o dst_addr: destination address where the data will be written o src_addr: source address from which the data to be written will be read o length: length of the data to be written.
- This function is used to write in memory the data read at a given address after checking the set of rules.
- This function is used to write in memory the data of a "pattern" after checking the set of rules.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Automation & Control Theory (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP04801305A EP1692592B1 (en) | 2003-12-02 | 2004-12-01 | Method to control the access in a flash memory and system for the implementation of such a method |
AT04801305T ATE545080T1 (en) | 2003-12-02 | 2004-12-01 | METHOD FOR CONTROLLING ACCESS IN A FLASH MEMORY AND SYSTEM FOR IMPLEMENTING SUCH METHOD |
JP2006542051A JP4972410B2 (en) | 2003-12-02 | 2004-12-01 | Method for controlling access in flash memory and system for implementation of such method |
US10/581,130 US7797502B2 (en) | 2003-12-02 | 2004-12-01 | Method to control the access in a flash memory and system for the implementation of such a method |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP03293002A EP1538507A1 (en) | 2003-12-02 | 2003-12-02 | Flash memory access method and system |
EP03293002.6 | 2003-12-02 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2005055019A1 true WO2005055019A1 (en) | 2005-06-16 |
Family
ID=34443109
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IB2004/003976 WO2005055019A1 (en) | 2003-12-02 | 2004-12-01 | Method to control the access in a flash memory and system for the implementation of such a method |
Country Status (5)
Country | Link |
---|---|
US (1) | US7797502B2 (en) |
EP (2) | EP1538507A1 (en) |
JP (1) | JP4972410B2 (en) |
AT (1) | ATE545080T1 (en) |
WO (1) | WO2005055019A1 (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TW200705180A (en) * | 2005-07-29 | 2007-02-01 | Genesys Logic Inc | Adjustable flash memory management system and method |
US8831409B1 (en) * | 2010-06-07 | 2014-09-09 | Purplecomm Inc. | Storage management technology |
US10095431B2 (en) | 2015-06-18 | 2018-10-09 | John Edward Benkert | Device controller and method of enforcing time-based sector level security |
US20220342655A1 (en) * | 2021-04-22 | 2022-10-27 | STMicroelectronics (Grand Ouest) SAS | Microcontroller, computer program product, and method for adding an additional function to a computer program |
CN114707147A (en) * | 2022-06-05 | 2022-07-05 | 荣耀终端有限公司 | Service request processing method and electronic equipment |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5678027A (en) * | 1993-12-08 | 1997-10-14 | Siemens Aktiengesellschaft | Method for preventing unauthorized modification of data in a device with a nonvolatile memory |
US5974500A (en) * | 1997-11-14 | 1999-10-26 | Atmel Corporation | Memory device having programmable access protection and method of operating the same |
US20020002654A1 (en) * | 2000-07-03 | 2002-01-03 | Ichiro Tomohiro | Semiconductor storage device |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2258112A5 (en) * | 1973-11-30 | 1975-08-08 | Honeywell Bull Soc Ind | |
US6209069B1 (en) * | 1998-05-11 | 2001-03-27 | Intel Corporation | Method and apparatus using volatile lock architecture for individual block locking on flash memory |
US6154819A (en) * | 1998-05-11 | 2000-11-28 | Intel Corporation | Apparatus and method using volatile lock and lock-down registers and for protecting memory blocks |
US6279114B1 (en) * | 1998-11-04 | 2001-08-21 | Sandisk Corporation | Voltage negotiation in a single host multiple cards system |
US6401160B1 (en) * | 1999-03-31 | 2002-06-04 | Intel Corporation | Method and apparatus to permit adjustable code/data boundary in a nonvolatile memory |
BR0007239B1 (en) * | 1999-10-21 | 2014-03-18 | Panasonic Corp | ACCESSORIES TO THE SEMICONDUCTORY MEMORY BOARD, SEMICONDUCTORY MEMORY BOARD AND STARTUP METHOD. |
-
2003
- 2003-12-02 EP EP03293002A patent/EP1538507A1/en not_active Withdrawn
-
2004
- 2004-12-01 JP JP2006542051A patent/JP4972410B2/en not_active Expired - Fee Related
- 2004-12-01 EP EP04801305A patent/EP1692592B1/en not_active Not-in-force
- 2004-12-01 US US10/581,130 patent/US7797502B2/en not_active Expired - Fee Related
- 2004-12-01 AT AT04801305T patent/ATE545080T1/en active
- 2004-12-01 WO PCT/IB2004/003976 patent/WO2005055019A1/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5678027A (en) * | 1993-12-08 | 1997-10-14 | Siemens Aktiengesellschaft | Method for preventing unauthorized modification of data in a device with a nonvolatile memory |
US5974500A (en) * | 1997-11-14 | 1999-10-26 | Atmel Corporation | Memory device having programmable access protection and method of operating the same |
US20020002654A1 (en) * | 2000-07-03 | 2002-01-03 | Ichiro Tomohiro | Semiconductor storage device |
Also Published As
Publication number | Publication date |
---|---|
US20070118680A1 (en) | 2007-05-24 |
JP2007513421A (en) | 2007-05-24 |
ATE545080T1 (en) | 2012-02-15 |
EP1692592A1 (en) | 2006-08-23 |
EP1538507A1 (en) | 2005-06-08 |
US7797502B2 (en) | 2010-09-14 |
JP4972410B2 (en) | 2012-07-11 |
EP1692592B1 (en) | 2012-02-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR100531192B1 (en) | Non-volatile memory control method | |
CN1087085C (en) | Multi-user data processing system with storage protection | |
US6292874B1 (en) | Memory management method and apparatus for partitioning homogeneous memory and restricting access of installed applications to predetermined memory ranges | |
KR100980309B1 (en) | Host device and memory system | |
JP2003532962A (en) | Programmable access protection in flash memory devices | |
US20060036804A1 (en) | Nonvolatile memory system | |
JPH09500469A (en) | Memory card and operating method thereof | |
DE102008015034A1 (en) | Memory card, memory card system, method for controlling a host, and method for operating a memory card | |
CN100424659C (en) | Method and apparatus for physical address-based security to determine target security | |
US20080126683A1 (en) | Memory system | |
US20060206704A1 (en) | Data transmission system and method for operating a data transmission system | |
US7260690B2 (en) | Microprocessor circuit for data carriers and method for organizing access to data stored in a memory | |
GB2356469A (en) | Portable data carrier memory management system and method | |
US20050005079A1 (en) | Access control method and device in an embedded system | |
JPH01277993A (en) | Portable electronic device | |
CN101620652B (en) | Main board, computer and method for protecting memory data | |
EP1692592B1 (en) | Method to control the access in a flash memory and system for the implementation of such a method | |
US11216390B2 (en) | Storage device, memory access control system, and memory access control method | |
JPH10289158A (en) | Task management device | |
US6684291B2 (en) | Interface for a memory, and method for variable configuration of a memory apparatus | |
JP2609645B2 (en) | Portable electronic devices | |
JPH089795Y2 (en) | IC card | |
JPH0644139A (en) | Disk cache system and its page rewrite control method | |
US20080005449A1 (en) | Generalized flash memory and method thereof | |
JP2752074B2 (en) | Data storage method for portable electronic device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
DPEN | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed from 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2007118680 Country of ref document: US Ref document number: 10581130 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2006542051 Country of ref document: JP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWW | Wipo information: withdrawn in national office |
Country of ref document: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2004801305 Country of ref document: EP |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWP | Wipo information: published in national office |
Ref document number: 2004801305 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 10581130 Country of ref document: US |