-
公开(公告)号:US06976141B2
公开(公告)日:2005-12-13
申请号:US10002449
申请日:2001-11-02
CPC分类号: G06F13/1615
摘要: A memory management system provides the ability for multiple requesters to access blocks of memory in a pipelined manner. During a first clock, requests for one or more of the memory blocks are received by the system. A determination is made of whether one of the memory blocks is requested by one or more requests. If the same memory block is requested by two or more requests, the system performs a further determination of which of the requests will be provided to the memory block. The determined request is provided to the memory block on the first clock. During a second clock, the data of the determined request is latched to the memory block and a memory access is initiated. If the request is a write request, the data is written to the memory block. If the request is a read request, then the requested data is retrieved and, on a third clock, the data is driven onto a bus, routed to the determined requester, and available to be latched into the requester on the fourth clock.
摘要翻译: 存储器管理系统提供了多个请求者以流水线方式访问存储块的能力。 在第一时钟期间,系统接收对一个或多个存储器块的请求。 确定一个或多个请求是否请求一个存储器块。 如果由两个或更多个请求请求相同的存储器块,则系统进一步确定哪个请求将被提供给存储器块。 所确定的请求被提供给第一时钟上的存储器块。 在第二时钟期间,确定的请求的数据被锁存到存储器块,并且启动存储器访问。 如果请求是写请求,则将数据写入存储块。 如果请求是读请求,则检索所请求的数据,并且在第三时钟将数据驱动到总线上,路由到确定的请求者,并且可以在第四时钟被锁存到请求者中。
-
12.发明申请Apparatus and method for partitioning, sandboxing and protecting external memories 审中-公开用于分割,沙箱和保护外部存储器的装置和方法公开(公告)号:US20110191562A1
公开(公告)日:2011-08-04
申请号:US12714367
申请日:2010-02-26
摘要: A technique to provide an integrated circuit that performs memory partitioning to partition a memory into a plurality of regions, in which the memory is accessed by a plurality of heterogeneous processing devices that operate to access the memory. The integrated circuit also assigns a security level for each region of the memory and permits a memory access by a transaction to a particular region of the memory, only when a level of security assigned to the transaction meets or exceeds the assigned security level for the particular region. The integrated circuit also performs sandboxing by assigning which of the plurality of processing devices are permitted access to each of the plurality of regions. The integrated circuit may implement only the security level function or only the sandboxing function, or the integrated circuit may implement them both. In some instances, a scrambling/descrambling function is included to scramble/descramble data. In one application, the integrated circuit is included within a mobile phone.
摘要翻译: 一种提供集成电路的技术,其执行存储器分区以将存储器分割成多个区域,其中存储器被操作以访问存储器的多个异构处理设备访问。 集成电路还为存储器的每个区域分配安全级别,并且仅当分配给事务的安全级满足或超过特定的分配的安全级别时才允许通过存储器的特定区域的事务的存储器访问 地区。 集成电路还通过分配多个处理设备中的哪一个被允许访问多个区域中的每一个来执行沙箱。 集成电路只能实现安全级别功能或仅实施沙盒功能,或者集成电路可以实现它们。 在一些情况下,加扰/解扰功能被包括以加扰/解扰数据。 在一个应用中,集成电路被包括在移动电话中。
-
公开(公告)号:US20110191599A1
公开(公告)日:2011-08-04
申请号:US12714383
申请日:2010-02-26
申请人: Paul Chou , Love Kothari , Lawrence J. Madar, III
发明人: Paul Chou , Love Kothari , Lawrence J. Madar, III
IPC分类号: G06F12/14
摘要: A technique to provide a hardware security module that provides a secure boundary for retention of a secure key within the secure boundary and prevention of unauthorized accesses from external sources outside of the secure boundary to obtain the secure key. The hardware security module includes a security processor to unwrap and authenticate a secure key within the secure boundary to decrypt or encrypt data and to provide data through a single interface that communicates with external sources, so that all data transfers between the secure boundary, formed by the hardware security module, and external sources are transferred only through the interface. The hardware security module ensures no unwrapped key leaves the secure boundary established by the hardware security module.
摘要翻译: 一种提供硬件安全模块的技术,其提供用于将安全密钥保持在安全边界内的安全边界,并防止从安全边界外部的外部源的未经授权的访问以获得安全密钥。 硬件安全模块包括一个安全处理器,用于对安全边界内的安全密钥进行解包和认证,以对数据进行解密或加密,并通过与外部源通信的单一接口提供数据,从而在安全边界之间传输所有数据,由 硬件安全模块和外部源仅通过接口传输。 硬件安全模块确保没有解开的密钥离开硬件安全模块建立的安全边界。
-
14.发明申请PROTECTING EXTERNAL VOLATILE MEMORIES USING LOW LATENCY ENCRYPTION/DECRYPTION 有权使用低延迟加密/分解保护外部挥发性记忆公开(公告)号:US20100146303A1
公开(公告)日:2010-06-10
申请号:US12614383
申请日:2009-11-06
CPC分类号: G06F12/1408 , G06F21/10 , G06F21/79 , G06F2221/2107 , H04L9/0625 , H04L2209/08 , H04L2209/24 , Y02D10/13
摘要: A data processing apparatus includes a volatile memory, a random number generator adapted for generating random numbers from which one or more keys are generated, and a memory encryption unit (MEU). The MEU is configured to receive an N-bit block of data and to divide the N-bit block of data into two more sub-blocks of data, where each sub-block contains fewer than N-bits. The MEU is further configured to encrypt each sub-block of data using the one more keys, to combine the encrypted sub-blocks into an N-bit block of encrypted data, and to write the encrypted N-bit block of data to the volatile memory.
摘要翻译: 一种数据处理装置,包括易失性存储器,适于产生生成一个或多个密钥的随机数的随机数发生器和存储器加密单元(MEU)。 MEU被配置为接收N位数据块并且将N位数据块划分为两个更多的数据子块,其中每个子块包含少于N位。 MEU还被配置为使用一个以上的密钥来加密数据的每个子块,将加密的子块组合成N位的加密数据块,并将加密的N位数据块写入到易失性 记忆。
-
15.发明授权Protecting external volatile memories using low latency encryption/decryption 有权使用低延迟加密/解密保护外部易失性存储器公开(公告)号:US08745411B2
公开(公告)日:2014-06-03
申请号:US12614383
申请日:2009-11-06
IPC分类号: G06F21/00
CPC分类号: G06F12/1408 , G06F21/10 , G06F21/79 , G06F2221/2107 , H04L9/0625 , H04L2209/08 , H04L2209/24 , Y02D10/13
摘要: A data processing apparatus includes a volatile memory, a random number generator adapted for generating random numbers from which one or more keys are generated, and a memory encryption unit (MEU). The MEU is configured to receive an N-bit block of data and to divide the N-bit block of data into two more sub-blocks of data, where each sub-block contains fewer than N-bits. The MEU is further configured to encrypt each sub-block of data using the one more keys, to combine the encrypted sub-blocks into an N-bit block of encrypted data, and to write the encrypted N-bit block of data to the volatile memory.
摘要翻译: 一种数据处理装置,包括易失性存储器,适于产生生成一个或多个密钥的随机数的随机数发生器和存储器加密单元(MEU)。 MEU被配置为接收N位数据块并且将N位数据块划分为两个更多的数据子块,其中每个子块包含少于N位。 MEU还被配置为使用一个以上的密钥来加密数据的每个子块,将加密的子块组合成N位的加密数据块,并将加密的N位数据块写入到易失性 记忆。
-
-
-
-
搜索结果
15 条记录 (耗时 0.031 秒)