摘要:
An authentication system verifies an authentic computer program, certifies the authenticity itself, and verifies a certification. The authentication system includes a terminal (e.g., requesting device) and a card (e.g., verifying device). The card stores secret information to be used by the terminal, and an update program for the terminal. The card verifies authenticity of the terminal using information obtained from the terminal. When it judges that the terminal is authentic, the card outputs the secret information to the terminal. When it judges that the terminal is not authentic, the card outputs the update program. The terminal is forced to update the program when it attempts to use the secret information.
摘要:
An information processing apparatus includes: a CPU (1201) that has, as an operating mode, a privileged mode and an unprivileged mode; a trusted memory (1270) that stores protected data, the protected data being accessed when the CPU (1201) is in the unprivileged mode; and a trusted memory control unit (1203) that controls access to the trusted memory (1270). When the CPU (1201) accesses the trusted memory (1270), the trusted memory control unit (1203) determines the operating mode of the CPU (1201) and, in the case where the operating mode of the CPU (1201) is the unprivileged mode, denies the access to the trusted memory (1270) by the CPU (1201).
摘要:
A tamper detection device detects tampering with a program loaded to memory, at high speed and without compromising the safety. Prior to loading of a program, a dividing-size determining unit 12 determines a block size based on random number information, a dividing unit 13 divides the program by the block size into data blocks, and a first conversion unit 14 converts, by conducting a logical operation, the data blocks into intermediate authentication data no greater than the block size, and a second conversion unit 15 conducts a second conversion on the intermediate authentication data to generate authentication data. The authentication data and the block size are stored. After the program loading, a program resulting from the loading is divided by the block size, followed by the first and second conversions to generate comparative data. The comparative data is compared with the authentication data to detect tampering of the loaded program.
摘要:
A content playback device of the present invention includes a playback unit 200 operable to play back a content; a normal storage unit 250 that is not tamper-resistant; a secure storage unit 350 that is tamper-resistant; a first control sub-unit 230 that writes playback records indicating elapsed playback time of the content into the normal storage unit one by one at regular time intervals; and a second control sub-unit 330 that (i) writes monitoring records with respect to the playback records into the secure storage unit 350 one by one at irregular time intervals and (ii) determines that the playback records stored in the normal storage unit 250 have not been tampered with if a prescribed relation is satisfied between a specific time point obtained according to a latest one of the monitoring records and one of the playback records corresponding to the specific time point.
摘要:
When notifying virtual machines of a change to shared data, it is impossible to realize power saving for the apparatus if always notifying a virtual machine in the power-saving state.The present invention is equipped with an inter-VM notification management unit 1242, a resuming judgment unit 1244 and a scheduled interruption time acquisition unit 1245, and when it is necessary to notify a virtual machine in the power-saving state, the resuming judgment unit 1244 judges whether to cause the virtual machine to return from the power saving state, based on the time until the interruption acquired by the scheduled interruption time acquisition unit 1245. With this structure, the present invention prevents unnecessary transitions between the states, and realizes the power saving for the apparatus.
摘要:
Information processing apparatus (100) ensures confidentiality of encryption and reduces overhead associated with processing not directly related to the encryption. The information processing apparatus (100) includes: application program (A158) that includes an instruction for encryption which uses a key; tampering detection unit (135x) that detects tampering of the program; CPU (141) that operates according to instructions and outputs a direction for encryption upon detecting the instruction for encryption; data encryption/decryption function unit (160) that controls switching to the protective mode according to the direction; and protected data operation unit (155) that stores a key in correspondence with the program, outputs the key in the protective mode, and controls switching to the normal mode, and the data encryption/decryption function unit (160) executes the encryption in the normal mode using the received key.
摘要:
A tamper detection device detects tampering with a program loaded to memory, at high speed and without compromising the safety. Prior to loading of a program, a dividing-size determining unit 12 determines a block size based on random number information, a dividing unit 13 divides the program by the block size into data blocks, and a first conversion unit 14 converts, by conducting a logical operation, the data blocks into intermediate authentication data no greater than the block size, and a second conversion unit 15 conducts a second conversion on the intermediate authentication data to generate authentication data. The authentication data and the block size are stored. After the program loading, a program resulting from the loading is divided by the block size, followed by the first and second conversions to generate comparative data. The comparative data is compared with the authentication data to detect tampering of the loaded program.
摘要:
A data processing device including an inter-VM notification management unit 1242, a resuming judgment unit 1244 and a scheduled interruption time acquisition unit 1245, such that, when it is necessary to notify a virtual machine in a power-saving state, the resuming judgment unit 1244 judges whether to cause the virtual machine to return from the power saving state, based on a time until an interruption acquired by the scheduled interruption time acquisition unit 1245. This structure prevents unnecessary transitions between states, and realizes the power saving for the apparatus.
摘要:
An authentication system that can show having an authentic computer program, can certify the authenticity of itself, and can verify the certification. The authentication system is composed of a terminal (requesting device) and a card (verifying device). The card stores secret information to be used by the terminal, and an update program for the terminal. The card verifies authenticity of the terminal using information obtained from the terminal. When it judges that the terminal is authentic, the card outputs the secret information to the terminal. When it judges that the terminal is not authentic, the card outputs the update program. With this structure, the terminal is forced to update the program when it attempts to use the secret information.
摘要:
In a data processing apparatus that switches between a secure mode and a normal mode during execution, the secure mode allowing access to secure resources to be protected, the normal mode not allowing access to the secure resources, when the secure resources increase in the secure mode, the load on a protection mechanism for protecting the resources becomes large. Thus, there is a demand for data processing apparatuses that are able to reduce secure resources. The present invention relates to a data processing apparatus that stores therein a secure program including one or more processing procedures which use secure resources and a call instruction for calling a normal program to be executed in a normal mode. While executing the secure program, the data processing apparatus calls the normal program with the call instruction and operates according to the called normal program.