WO2010067346A1 - Procédé et appareil de protection du contenu dans un dispositif de stockage - Google Patents

Procédé et appareil de protection du contenu dans un dispositif de stockage Download PDF

Info

Publication number
WO2010067346A1
WO2010067346A1 PCT/IL2008/001613 IL2008001613W WO2010067346A1 WO 2010067346 A1 WO2010067346 A1 WO 2010067346A1 IL 2008001613 W IL2008001613 W IL 2008001613W WO 2010067346 A1 WO2010067346 A1 WO 2010067346A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
policy
data object
storage device
security
Prior art date
Application number
PCT/IL2008/001613
Other languages
English (en)
Inventor
Eran Shen
Original Assignee
Sandisk Il Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sandisk Il Ltd. filed Critical Sandisk Il Ltd.
Priority to PCT/IL2008/001613 priority Critical patent/WO2010067346A1/fr
Publication of WO2010067346A1 publication Critical patent/WO2010067346A1/fr

Links

Classifications

    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L12/40052High-speed IEEE 1394 serial bus
    • H04L12/40104Security; Encryption; Content protection

Definitions

  • the present invention relates to methods and apparatus for securing data (for example, firmware objects) residing in a storage device (for example, a flash memory device) coupled to a host device
  • data for example, firmware objects
  • a storage device for example, a flash memory device
  • Peripheral storage devices are well-known in the art of computing, in form factors such as USB flash drives (UFD); PC-cards; and small storage cards used with digital cameras, music players, handheld and palmtop computers, and cellular telephones. Peripheral storage devices also include portable magnetic disks and portable digital appliances (music players and cellular telephones) that double as general-purpose storage devices.
  • UFD USB flash drives
  • PC-cards PC-cards
  • small storage cards used with digital cameras, music players, handheld and palmtop computers, and cellular telephones.
  • Peripheral storage devices also include portable magnetic disks and portable digital appliances (music players and cellular telephones) that double as general-purpose storage devices.
  • a cracker may replace a firmware file with malicious code which may be executed instead of the firmware file.
  • a cracker may replace a configuration file with a 'malicious' configuration file.
  • a flash storage device stores digital cash, which is represented by a file (for example, $100) stored on a flash device.
  • digital cash which is represented by a file (for example, $100) stored on a flash device.
  • this file may be updated to indicate that the user possesses only a reduced amount of cash (in this example, $80).
  • a malicious user may dishonestly carry out the following: before the digital cash (for example, the $20 is spent), the malicious-user could take a bit-by-bit image of the original digital cash file (in this example, representing $100).
  • the malicious user could carry out a "re-flash" of the file where the file representing the reduced amount of digital cash (in this example, representing $80) is replaced with an earlier version of the file which represents the entire amount of digital cash (in this example, $100). It is noted that this is just one example, and that there are many circumstances where it is possible to effect a "re-flash” attack by replacing, in an unauthorized manner” a "later” version of a file stored in flash with an "earlier” version of the same file using the bit-by-bit digital image of the earlier version.
  • files are encrypted with a secret function, and are decrypted when loaded from non-volatile storage into RAM memory — for example, firmware files may be stored in NAND storage in an encrypted form, and decrypted when loaded in loaded in RAM for execution. If a cracker attempts to replace a data object (for example, a firmware object) with a malicious data object, then when the decryption function is run on the malicious data object, the object may end up "garbled" and would not be able to cause the intended harm.
  • a data object for example, a firmware object
  • an attempt is first made to "verify" the data object - for example, by verifying a message digest such as a MAC using a secret function. Only if the verification of the data object is "successful" is the data object allowed to be executed by the microprocessor of the storage device.
  • peripheral storage device for example, peripheral flash memory devices.
  • FIG. 1 is a block diagram of a flash memory system including a flash memory device 120 operatively coupled to host device HO via a host-device interface 180.
  • the flash memory device 120 includes a flash controller 140 which writes data received from host device 110 into flash memory 130, and retrieves data from flash memory 130.
  • flash controller 140 includes microprocessor 150, RAM 170 and ROM 160.
  • Flash device controller 140 may include any computer readable medium storing software and/or firmware and/or any hardware element(s) including but not limited to field programmable logic array (FPLA) element(s), hard-wired logic element(s), field programmable gate array (FPGA) element(s), and application-specific integrated circuit (ASIC) element(s).
  • FPLA field programmable logic array
  • FPGA field programmable gate array
  • ASIC application-specific integrated circuit
  • Any instruction set architecture may be used in controller 140 including but not limited to reduced instruction set computer (RISC) architecture and/or complex instruction set computer (CISC) architecture.
  • RISC reduced instruction set computer
  • CISC complex instruction set computer
  • FIG. 1 applies to the specific case of flash memory devices, it is appreciated the various teachings disclosed herein may be applicable to devices that include other types of non- volatile memory (for example, magnetic medium) instead of, or in addition to, flash memory.
  • non- volatile memory for example, magnetic medium
  • One embodiment is a method of protecting content in a storage device.
  • the method comprises the steps of (a) receiving in a storage device a request to access a protectable data object residing in a data region of the storage device that is hidden from a host to which the storage device is operatively connected, and (b) in response to such request: i) ascertaining, in accordance with an identifier of the requested data object, an active security policy; and ii) subject to the ascertaining of the active security-policy, enforcing such active security policy for the requested data object, wherein a different active security policy is respectively applied to each one or more data objects.
  • the active security policy may include any combination of a decryption policy and/or a signed-code verification policy and/or an anti-re-flashing policy.
  • the ascertaining is carried out in accordance with contents of a multi-policy security data-structure including identifiers of the protectable data objects and representations of security policies, each object identifier of a respective data object being associated within the multi-policy security data-structure with at least one of: A) a respective decryption policy for the respective data object; B) a respective signed-code verification policy for the respective data object; and C) a respective anti-re- flashing policy for the respective data object; and ii) the ascertained security policy is ascertained in accordance with a security policy representation which " matches the identifier of the requested data object within the multi-policy security-data structure.
  • the multi-policy security data-structure may reside in any location within the storage device.
  • the multi-policy security data-structure resides in host- hidden system data region of the non- volatile memory.
  • At least one of the ascertaining and the enforcing is carried out by execution of security-enforcement firmware stored in the host-hidden system data region of the non- volatile memory.
  • the method may further comprise the step of responding to a powering-up of the data storage device, using a device controller of the storage device in which a reference to the security enforcement firmware is hardcoded into the device processor, by invoking, in accordance with the hardcoded reference, the security enforcement firmware.
  • At least one of the ascertaining and the enforcing is carried out by a device controller of the data-storage device which is hard-coded to carry out at least one of the ascertaining and the enforcing.
  • the first and second data objects reside in standard non- secure non- volatile memory. In some embodiments, the first and/or second data objects are firmware objects.
  • the first and/or second data objects are flash management firmware objects.
  • the first and/or second data objects are configuration files for configuring the storage device.
  • the method is carried out such that different respective decryption policies are ascertained and enforced for the first and second data objects.
  • the method is carried out such that different respective signed-code verification policies are ascertained and enforced for the first and second data objects.
  • the method is carried out such that different respective anti-re-flashing policies are ascertained and enforced for the first and second data objects.
  • Another embodiment is a data-storage device for providing data-storage services to a host device operatively-coupled to the data-storage device, the data-storage device comprising: a) a non-volatile memory including a first region that is accessible to the host device and a second region that is hidden from the host device, the second region being configured to store a plurality of protectable data objects each of which are hidden from the host device including a first data object and a second data object different from the first data object; b) a device controller for executing firmware code; and c) firmware security-enforcement code which, when executed by the device processor, is operative, whenever a request is made to access one of the protectable data objects residing in the second region, to respond to the request by: i) ascertaining, in accordance with an identifier of the requested data object, an active one security policy; and ii) enforcing the ascertained active security policy for the requested data object.
  • execution of the firmware security-object enforcement code is operative, for a first data object and a second data object different from the first data object, to ascertain and enforce different respective decryption and/or signed-code verification and/or anti-reflashing policies for the first and second objects. For example, this may be carried out in accordance with different respective object identifiers of the first and second data objects.
  • the device further comprises: d) a multi-policy security data-structure including identifiers of the protectable data objects and representations of security policies, each object identifier of a respective data object being associated with at least one of: A) a respective decryption policy for the respective data object; B) a respective signed-code verification policy for the respective data object; and C) a respective anti-re-flashing policy for the respective data object; and wherein the firmware security-object enforcement code is operative, upon execution, to effect the security policy ascertaining in accordance with a matching security policy representation which matches the identifier of the requested data object within the multi-policy security-data structure.
  • Another embodiment is a data-storage device for providing data-storage services to a host device operatively-coupled to the data-storage device, the data-storage device comprising: a) a non- volatile memory including a first region that is accessible to the host device and a second region that is hidden from the host device, the second region being configured to store a plurality of protectable data objects each of which are hidden from the host device including a first data object and a second data object different from the first data object; b) a device controller which is hardcoded, whenever a request is made to access one of the protectable data objects residing in the second region, to respond to the request by: i) ascertaining, in accordance with an identifier of the requested data object, an active one security policy; and ii) enforcing the ascertained active security policy for the requested data object.
  • the device controller is hardcoded, for a first data object and a second data object different from the first data object, to ascertain and enforce different respective decryption and/or signed code verification and/or anti-re-flashing policies for the first and second objects.
  • the data-storage device further comprises: d) a multi- policy security data-structure including identifiers of the protectable data objects and representations of security policies, each object identifier of a respective data object being associated with at least one of: A) a respective decryption policy for the respective data object; B) a respective signed-code verification policy for the respective data object; and C) a respective anti-re-flashing policy for the respective data object; and wherein the device controller is hardcoded, upon execution, to effect the security policy ascertaining in accordance with a matching security policy representation which matches the identifier of the requested data object within the multi-policy security-data structure.
  • Another embodiment is a computer program product, comprising a computer usable medium having a computer readable program code embodied therein, said computer readable program code adapted to be executed to implement a method of managing content by a storage device, the method comprising (a) receiving in a storage device a request to access a protectable data object residing in a data region of the storage device that is hidden from a host to which the storage device is operatively connected, and (b) in response to such request: i) ascertaining, in accordance with an identifier of the requested data object, an active security policy; and ii) subject to the ascertaining of the active security-policy, enforcing such active security policy for the requested data object, wherein a different active security policy is respectively applied to each one or more data objects.
  • a data-storage device for providing data-storage services to a host device operatively coupled to the data-storage device, the data-storage device comprising: a) a non-volatile memory including a first region that is accessible to the host device and a second region that is hidden from the host device, the second region being configured to store a plurality of protectable data objects each of which are hidden from the host device including a first data object and a second data object different from the first data object; b) a device controller which is configured, whenever a request is made to access one of the protectable data objects residing in the second region, to respond to the request by: i) ascertaining, in accordance with an identifier of the requested data object, an active one security policy; and ii) enforcing the ascertained active security policy for the requested data object.
  • the device controller is configured by firmware to effect, in response to the request, the ascertaining and/or the enforcing.
  • the device controller is hardcoded to effect, in response to the request, the ascertaining and/or the enforcing.
  • FIG. 1 is a block diagram of an exemplary flash memory system including a host device operatively coupled to a peripheral storage device.
  • FIG. 2 is a block diagram of a flash memory including a first data region that is accessible to the host and a second data region that is hidden from the host.
  • FIG. 3 is a flowchart of a routine for enforcing a security policy for a data object residing in a region of non- volatile memory hidden from the host.
  • Embodiments of the present invention relate to techniques and apparatus for protecting one or more data objects on a storage device that (i) is coupled to a host device; and (ii) includes an "internal" data region that is hidden from the host.
  • the protected "host-hidden" data objects that reside in this "internal" data region (i) are managed by an internal object-storage system (for example, an internal file system) and (ii) include one or more data objects used to configure the storage device - for example, firmware code objects or configuration files.
  • the present inventor is now disclosing a non-volatile storage device and method of operating the same whereby instead of enforcing a single "device- wide" internal security policy for every data object within the "host-hidden" data region of the storage device, each given data object of a plurality of data objects is protected in accordance with an object-specific security policy that is specific for the given data object.
  • a respective security policy for each given data object in accordance with (i) perceived security threats (i.e. type of threats, severity of threats); and (ii) performance requirements (i.e. the need to avoid expending too many computational resources to provide a given level of security or).
  • perceived security threats i.e. type of threats, severity of threats
  • performance requirements i.e. the need to avoid expending too many computational resources to provide a given level of security or.
  • Object A a first firmware code object
  • Object B a second firmware code object
  • Object C a configuration file
  • Object D a configuration file
  • three types of security policy may be configured on a per- object basis: a decryption policy, a signed-code verification policy and an anti-re-flashing policy.
  • Decryption Policy - each given data object of the plurality of data objects (for example, the four data objects Object A, Object B, Object C and Object D) is associated with a respective flag for respective decryption policy - in the event that the respective flag is set to "1" for the given data object, then an attempt is made to decrypt the given data object or a portion thereof (for example, using a secret key) when the data object is accessed - for example, when the data object is loaded into RAM from NAND flash or executed in XIP (eXecute In Place) NOR flash.
  • XIP eXecute In Place
  • this attempt may consume computational resources and/or cause an increased "response time.” Otherwise, in this non-limiting ⁇ exa ⁇ ple, in the event that the respective flag is set to "0" for the given data object, then no attempt is made to decrypt the given data object (or a portion thereof) when the given data object is accessed.
  • Signed-Code Verification Policy - each given data object of the plurality of data objects (for example, the four data objects Object A, Object B, Object C and Object D) is associated with a respective flag for a respective decryption policy - in the event that the respective flag is set to "1" for the given data object, then when an attempt is made to access the given-data object, an attempt is made to verify the object's authenticity and/or data integrity using a secret key - for example, by verifying a message digest associated with the data object (for example, message authentication code (MAC)).
  • MAC message authentication code
  • this "verification data" for verifying the authenticity of the data object is provided within the data object itself- for example, the last 16 bytes of the data file.
  • this attempt may consume computational resources and/or cause an increased "response time.” Otherwise, in this non-limiting example, in the event that the respective flag is set to "0" for the given data object, then no attempt is made to analyze a message digest in order to verify the given data object when the given data object is accessed.
  • Reflash Protection Policy each given data object of the plurality of data objects (for example, the four data objects Object A, Object B, Object C and Object D) is associated with a respective flag for a respective re-flash protection policy.
  • bit is set to "1," then when the data object is accessed, an attempt is made to verify that the data object has not been “re-flashed” and that the data object has not been modified and then returned to an earlier state before modification. It is understood that this attempt may consume computational resources-a ⁇ d/o ⁇ cause an increased "response time.”
  • the security policy for each object may be described as a 3-bit word. For each bit of the 3-bit word, when the bit is set to "1" some type of "additional security" for the given data object may be provided. Although the current example relates to a 3 -bit word, it is appreciated that fewer or more bits may be used. Although the current example relates to three policies, it is appreciated that more or fewer policies may be selectively enforced on a per-object basis.
  • the information about the object-specific security policies may be saved in a table (for example, an encrypted table stored in flash), where each row of the table includes a description of the data object (for example, a file name or file identifier) mapped to a description of the respective security policy for the data object (for example, the three-bit word).
  • a table for example, an encrypted table stored in flash
  • each row of the table includes a description of the data object (for example, a file name or file identifier) mapped to a description of the respective security policy for the data object (for example, the three-bit word).
  • the first bit of the 3 -bit word represents a "decryption policy”
  • the second bit of the 3-bit word represents a "verifying policy”
  • the third bit of the 3- bit word represents an "anti-reflashing policy.”
  • Object A when Object A is accessed, (i) no attempt is made to decrypt the object; (ii) no attempt is made to verify the "signature" of the object; (iii) an attempt is made to determine if Object A has been re-flashed.
  • Objects A, B and D are associated with "active security policies" because these 'active security policies' require at least one positive activity upon access of the host-hidden data object - i.e. (i) the policy associated with Object A requires making an attempt to detect if Object A is reflashed and to deny access if Object A is reflashed, (ii) the policy associated with Object B requires decrypting Object B, verifying the digital signature (e.g. the message digest) of Object B and making an attempt to detect if Object B is reflashed and to deny access if Object B is reflashed; (iii) the policy associated with Object D requires verifying the digital signature (e.g. the message digest) of Object B and making an attempt to detect if Object B is reflashed and to deny access if Object B is reflashed.
  • the policy associated with Object D requires verifying the digital signature (e.g. the message digest) of Object B and making an attempt to detect if Object B
  • the policy associated with Object C does not require that any security measure is taken when Object C is accessed from the host-hidden data region 210 of the flash memory 10.
  • FIG. 2 is a block diagram of an exemplary flash memory in accordance.
  • the flash memory includes two regions: (i) a first host-accessible user data region 220 which is accessible by host device 110 and (ii) a "host-hidden" data region 210 that is hidden from the host.
  • host device 110 may not read or execute any data object within host-hidden data region 210.
  • the following items are stored within host-hidden data region: (i) a plurality of data objects 250A..250N, and (ii) a multi-policy security data structure 260 - for example a "security table" described in the previous use case.
  • multi-policy security data structure 260 is “heterogeneous" with respect to data security policies — i.e. not every data object 250 of the plurality of data objects 250A is associated with an identical security policy. Instead, -policy security data structure 260 must includes: (i) a description of a first data object 250 that is associated, within security data structure 260, with a description of a first security policy; and (ii) a description of a second data object 250 different from the first data object that is associated, within security data structure 260, with a description of a second security policy.
  • the table in the previous use case associates Object A with policy 001 and Object B with a different policy - i.e. policy 111. Therefore this table is an example of a 'multi- policy' security data structure.
  • a “data object” refers to any data or code object stored in non- volatile memory. Examples of “data objects” include but are not limited to firmware objects and configuration files.
  • a "request to access a data object” refers to a request passed to an "access routine" for accessing the object.
  • the access routine and/or the "requester” may be a hardware module and/or an executing code module.
  • the access routine may service the "access request” by making the data object available to the "requester” in a usable manner - for example, by loading the data object from magnetic medium or flash into RAM memory so that the data object is unencrypted within the RAM, or by executing the code object (for example, a firmware object).
  • Enforcing the security policy refers making the providing of access to the "requester” conditional upon the fulfilling the requirements of the security policy.
  • the enforcing may be carried out at least in part by execution of an executable code module (for example, firmware).
  • the enforcing may be carried out at least in part by hardware (for example, an ASIC circuit) which is “hardwired” to carry out the enforcing.
  • An “active security” policy (i) is a security policy whereby one or more security operations are carried out in response to a request for the object; and (ii) is a security policy that makes the providing of access to the "requester” conditional upon effecting one or more operations of a particular security policy.
  • an "active" decryption policy requires an attempt to be made to decrypt a requested data object in response to a request for the data object.
  • An "active" signed-code verification policy requires an attempt to be made to verify signed code of a requested data object in response to a request for the data object.
  • An "active" anti-flashing policy requires an attempt to be made to determine if the requested data object has been re-flashed in response to a request for the data object.
  • a data object that is "exposed" to the host device is an object which may be read and/or modified and/or erased by the host device and/or which may be executed by the host device microprocessor and/or which appears in a directory listing readable by the host device
  • a data object which is "hidden” from the host device is an object which is not “exposed” to the host device.
  • FIG. 3 is a flow chart of a routine for enforcing security policies for a plurality of data objects on a "per-object" basis in accordance with some embodiments.
  • a request is received to access a data object residing in the "host-hidden" region 210 of non-volatile memory (for example, flash memory 130).
  • step S155 it is ascertained which security policy matches an identifier of the data object - for example, by performing a lookup in the multi-policy security data structure.
  • step S 157 a description of the matching security policy is retrieved from the multi-policy security data structure.
  • steps S155-S159 are an example of "ascertaining" an active security-policy.
  • step S163 the security policy whose description is retrieved in step S159 is enforced for the data object.
  • device controller 140 is hard-coded to carry out at least in part, any steps described in FIG. 3. Alternatively or additionally, one or more steps described in FIG. 3 is carried out, at least in part, by executable code that is executed by device controller 140.
  • any of the embodiments described above may further include receiving, sending or storing instructions and/or data that implement the operations described above in conjunction with the figures upon a computer readable medium.
  • a computer readable medium may include storage media or memory media such as magnetic or flash or optical media, e.g. disk or CD-ROM, volatile or nonvolatile media such as RAM, ROM, etc. as well as transmission media or signals such as electrical, electromagnetic or digital signals conveyed via a communication medium such as network and/or wireless links.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

L’invention concerne un procédé de protection du contenu dans un dispositif de stockage non volatil connecté de manière opérationnelle à un dispositif hôte. Dans certains modes de réalisation, une requête est reçue dans le dispositif de stockage non volatil pour accéder à un objet de données protégeables qui réside dans une région de données « masquée à l’hôte » du dispositif de stockage non volatil qui n’est pas visible par l’hôte. Les étapes suivantes peuvent être exécutées par le dispositif de stockage non volatil en réponse à cette requête : (i) détermination, en fonction d’un identifiant de l’objet de données interrogé, d’une politique de sécurité active ; et (ii) sous réserve de la détermination d’une politique de sécurité active, mise en application de ladite politique de sécurité active pour l’objet de données interrogé. Dans certains modes de réalisation, une politique de sécurité active différente est appliquée respectivement à chaque objet de données. L’invention concerne également des dispositifs de stockage configurés pour mettre en œuvre un ou plusieurs procédés décrits ici ainsi que des programmes informatiques.
PCT/IL2008/001613 2008-12-14 2008-12-14 Procédé et appareil de protection du contenu dans un dispositif de stockage WO2010067346A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/IL2008/001613 WO2010067346A1 (fr) 2008-12-14 2008-12-14 Procédé et appareil de protection du contenu dans un dispositif de stockage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/IL2008/001613 WO2010067346A1 (fr) 2008-12-14 2008-12-14 Procédé et appareil de protection du contenu dans un dispositif de stockage

Publications (1)

Publication Number Publication Date
WO2010067346A1 true WO2010067346A1 (fr) 2010-06-17

Family

ID=40481792

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL2008/001613 WO2010067346A1 (fr) 2008-12-14 2008-12-14 Procédé et appareil de protection du contenu dans un dispositif de stockage

Country Status (1)

Country Link
WO (1) WO2010067346A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2012080361A (ja) * 2010-10-01 2012-04-19 Sony Corp 記録装置、撮像記録装置、記録方法及びプログラム

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS58169266A (ja) * 1982-03-31 1983-10-05 Fujitsu Ltd 入出力システム
US20030023822A1 (en) * 2001-07-11 2003-01-30 Intel Corporation Memory access control system, apparatus, and method
US20040177269A1 (en) * 2002-11-18 2004-09-09 Arm Limited Apparatus and method for managing access to a memory
US20080010458A1 (en) * 2006-07-07 2008-01-10 Michael Holtzman Control System Using Identity Objects

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS58169266A (ja) * 1982-03-31 1983-10-05 Fujitsu Ltd 入出力システム
US20030023822A1 (en) * 2001-07-11 2003-01-30 Intel Corporation Memory access control system, apparatus, and method
US20040177269A1 (en) * 2002-11-18 2004-09-09 Arm Limited Apparatus and method for managing access to a memory
US20080010458A1 (en) * 2006-07-07 2008-01-10 Michael Holtzman Control System Using Identity Objects

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2012080361A (ja) * 2010-10-01 2012-04-19 Sony Corp 記録装置、撮像記録装置、記録方法及びプログラム
CN102446527A (zh) * 2010-10-01 2012-05-09 索尼公司 记录设备、成像记录设备、记录方法和程序
EP2437265A3 (fr) * 2010-10-01 2014-04-23 Sony Corporation Dispositif d'enregistrement, dispositif d'imagerie et d'enregistrement, procédé d'enregistrement et programme
US8761573B2 (en) 2010-10-01 2014-06-24 Sony Corporation Recording device, imaging and recording device, recording method, and program

Similar Documents

Publication Publication Date Title
US7313705B2 (en) Implementation of a secure computing environment by using a secure bootloader, shadow memory, and protected memory
US9424430B2 (en) Method and system for defending security application in a user's computer
US8464011B2 (en) Method and apparatus for providing secure register access
US8930713B2 (en) System and method for general purpose encryption of data
KR101567620B1 (ko) 데이터 처리 시스템 및 방법
US9098727B2 (en) System and method for recovering from an interrupted encryption and decryption operation performed on a volume
US9147075B1 (en) Apparatus and method for securely logging boot-tampering actions
EP2748752B1 (fr) Secret de plate-forme dépendant d'une autorité de signature magnétique
JP5346608B2 (ja) 情報処理装置およびファイル検証システム
US9396329B2 (en) Methods and apparatus for a safe and secure software update solution against attacks from malicious or unauthorized programs to update protected secondary storage
US20030221115A1 (en) Data protection system
WO2006017774A2 (fr) Procede pour empecher une infection par un virus dans un ordinateur
US11409868B2 (en) Ransomware detection and mitigation
AU2021319159B2 (en) Advanced ransomware detection
US8375442B2 (en) Auditing a device
US10339307B2 (en) Intrusion detection system in a device comprising a first operating system and a second operating system
CN114651253A (zh) 用于策略强制实施的虚拟环境类型验证
US20240211601A1 (en) Firmware policy enforcement via a security processor
US9219728B1 (en) Systems and methods for protecting services
CN108345804B (zh) 一种可信计算环境中的存储方法和装置
WO2010067346A1 (fr) Procédé et appareil de protection du contenu dans un dispositif de stockage
EP2138946A1 (fr) Système de gestion de mémoire sécurisé
CN115982699A (zh) 基于安全内存的恶意攻击防御方法、装置、设备及介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08875984

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08875984

Country of ref document: EP

Kind code of ref document: A1