-
公开(公告)号:US08489836B2
公开(公告)日:2013-07-16
申请号:US12489712
申请日:2009-06-23
IPC分类号: G06F13/10
摘要: The present invention describes a system and a method for securely loading digital information from a storage device into a memory module in a data processing system, said data processing system comprising at least one storage device, one memory module and at least one processor, said data processing system further comprising a memory access controller module connected between the processor and the memory module, and a secure memory management module connected to the processor, the memory module, the storage device and the memory access controller. Requests by the processor for data are passed to the secure memory management module, which loads the data from the storage device to the memory module and configures the memory access controller such that the processor will have access to the data.
摘要翻译: 本发明描述了一种用于将数字信息从存储设备安全地加载到数据处理系统中的存储器模块的系统和方法,所述数据处理系统包括至少一个存储设备,一个存储器模块和至少一个处理器,所述数据 处理系统还包括连接在处理器和存储器模块之间的存储器访问控制器模块,以及连接到处理器,存储器模块,存储设备和存储器访问控制器的安全存储器管理模块。 处理器对数据的请求被传递到安全存储器管理模块,安全存储器管理模块将数据从存储设备加载到存储器模块,并配置存储器访问控制器,使得处理器能够访问数据。
-
公开(公告)号:US08099778B2
公开(公告)日:2012-01-17
申请号:US11288223
申请日:2005-11-29
CPC分类号: H04N7/1675 , H04N21/4181 , H04N21/44236 , H04N21/4623 , H04N21/47211
摘要: A method is disclosed for access control to conditional access data in a multimedia unit comprising at least one security module. This process includes:reception by the multimedia unit of a control message ECM containing at least one control word cw; transmission of this message ECM to said security module, this control message being associated to a message decryption right; determination of a validity date of the ECM control message decryption rights associated to said security module; determination of the present date; comparison of the present date with the expiration date of the decryption rights and determination of whether the present date is prior to the expiration date. In the affirmative case, decryption of the control message ECM and sending of the control word cw to the multimedia unit occurs In the negative case, reading of a value contained in a counter of the security module and comparison of this value occurs, to determine whether this value is comprised within a range authorizing decryption. Further, in the affirmative case, modification of the value of the counter according to a pre-established rule, and decryption of the control message ECM and sending of the control word cw to the multimedia unit also occurs. Finally, in the negative case, access to the conditional access data is blocked.
摘要翻译: 公开了一种用于对包括至少一个安全模块的多媒体单元中的条件访问数据的访问控制的方法。 该过程包括:由多媒体单元接收包含至少一个控制字cw的控制消息ECM; 将该消息ECM发送到所述安全模块,该控制消息与消息解密权相关联; 确定与所述安全模块相关联的ECM控制消息解密权限的有效期; 确定现在日期; 将当前日期与解密权限的到期日期进行比较,并确定现在日期是否在到期日之前。 在肯定的情况下,控制消息ECM的解密和控制字cw发送到多媒体单元发生在否定情况下,发生安全模块的计数器中包含的值的读取和该值的比较,以确定是否 该值包含在授权解密的范围内。 此外,在肯定的情况下,根据预先确定的规则修改计数器的值,并且还发生控制消息ECM的解密和控制字cw发送到多媒体单元。 最后,在否定的情况下,对条件访问数据的访问被阻止。
-
公开(公告)号:US20080120517A1
公开(公告)日:2008-05-22
申请号:US11984274
申请日:2007-11-15
IPC分类号: G06F11/07
CPC分类号: G06F11/28
摘要: The aim of the present invention is to propose a method and a device with the aim of avoid the damage that the desynchronisation of the program counter could cause.This aim is achieved by means of a method to control the execution of a program by a microcontroller including at least a program memory and a processing unit, characterised in that it includes the following steps: separation of said program into at least two blocks each containing a plurality of instructions that can be executed by said microcontroller; integration into these blocks of at least one input control area (CTRL-E) containing input conditions, these input conditions including reference addresses corresponding to instructions from where the program is authorised to enter said input control area (CTRL-E); integration into these blocks of at least one output control area (CTRL-S) containing output conditions; at the time of the execution of the instructions of said program memorised in a given block, implementation of verification tests of the adequacy between the effective running of the program and the input and/or of output conditions; and implementation of countermeasures if the verification tests indicate an inadequacy between the effective running of the program and the input and/or output conditions.
摘要翻译: 本发明的目的是提出一种方法和装置,目的是避免程序计数器的不同步导致的损害。 该目的通过一种控制由至少一个程序存储器和一个处理单元的微控制器执行程序来实现的,其特征在于包括以下步骤:将所述程序分成至少两个块,每个块包含 可由所述微控制器执行的多个指令; 包括输入条件的至少一个输入控制区域(CTRL-E)的这些块的集成,这些输入条件包括对应于程序被授权进入所述输入控制区域(CTRL-E)的指令的参考地址。 集成到包含输出条件的至少一个输出控制区域(CTRL-S)的这些块中; 在执行在给定块中存储的所述程序的指令时,执行对程序的有效运行与输入和/或输出条件之间的充分性的验证测试; 如果验证测试表明程序的有效运行与输入和/或输出条件之间的不足,则执行对策。
-
公开(公告)号:US20110231709A1
公开(公告)日:2011-09-22
申请号:US13064262
申请日:2011-03-15
IPC分类号: G06F11/36
CPC分类号: G06F11/0751 , G06F11/0724 , G06F21/55 , G06F21/75
摘要: The invention aims to provide a method and a system on chip able to detect at once hardware and software errors to prevent manipulations for retrieving cryptographic keys, inserting or suppressing instructions to bypass security processes, modifying programs or memory content etc. The system on chip comprises a core including at least two processors, registers, and a data consistency check module. The core is connected to at least one set of memories containing zones for instructions of a first program and of a second program, said instructions being to be executed respectively by the first and second processor, which respectively produce and store result data into the registers and the memories. The data consistency check module is configured to verify conformity of the produced result data by comparing a test result obtained by carrying out a predetermined function F over one of the first or second result data with the corresponding second or first result data and to continue execution of instructions of each program when the comparison is successful, or stop execution when the comparison shows an error.
摘要翻译: 本发明旨在提供一种能够一次检测硬件和软件错误的方法和系统,以防止检索加密密钥的操作,插入或抑制指令绕过安全过程,修改程序或存储器内容等。片上系统包括 包括至少两个处理器,寄存器和数据一致性检查模块的核心。 核心连接到包含第一程序和第二程序的指令的区域的至少一组存储器,所述指令将分别由第一和第二处理器执行,第一和第二处理器分别产生并将结果数据存储到寄存器中, 回忆 数据一致性检查模块被配置为通过将通过在第一或第二结果数据中的一个上执行预定函数F获得的测试结果与相应的第二或第一结果数据进行比较来验证所生成的结果数据的一致性,并且继续执行 比较成功时每个程序的指令,或比较显示错误时停止执行。
-
公开(公告)号:US09069953B2
公开(公告)日:2015-06-30
申请号:US13064262
申请日:2011-03-15
CPC分类号: G06F11/0751 , G06F11/0724 , G06F21/55 , G06F21/75
摘要: The invention aims to provide a method and a system on chip able to detect at once hardware and software errors to prevent manipulations for retrieving cryptographic keys, inserting or suppressing instructions to bypass security processes, modifying programs or memory content etc. The system on chip comprises a core including at least two processors, registers, and a data consistency check module. The core is connected to at least one set of memories containing zones for instructions of a first program and of a second program, said instructions being to be executed respectively by the first and second processor, which respectively produce and store result data into the registers and the memories. The data consistency check module is configured to verify conformity of the produced result data by comparing a test result obtained by carrying out a predetermined function F over one of the first or second result data with the corresponding second or first result data and to continue execution of instructions of each program when the comparison is successful, or stop execution when the comparison shows an error.
摘要翻译: 本发明旨在提供一种能够一次检测硬件和软件错误的方法和系统,以防止检索加密密钥的操作,插入或抑制指令绕过安全过程,修改程序或存储器内容等。片上系统包括 包括至少两个处理器,寄存器和数据一致性检查模块的核心。 核心连接到包含第一程序和第二程序的指令的区域的至少一组存储器,所述指令将分别由第一和第二处理器执行,第一和第二处理器分别产生并将结果数据存储到寄存器中, 回忆 数据一致性检查模块被配置为通过将通过在第一或第二结果数据中的一个上执行预定函数F获得的测试结果与相应的第二或第一结果数据进行比较来验证所生成的结果数据的一致性,并且继续执行 比较成功时每个程序的指令,或比较显示错误时停止执行。
-
公开(公告)号:US08141145B2
公开(公告)日:2012-03-20
申请号:US11984274
申请日:2007-11-15
IPC分类号: G06F21/00
CPC分类号: G06F11/28
摘要: The aim of the present invention is to propose a method and a device with the aim of avoiding problems which could ensue following the de-synchronization of a program counter during the execution of a program.This aim is achieved by a method for controlling the execution of a program involving separating the program into a number of blocks of instructions and adding an input control section and an output control section to each block. The control sections have conditions for entry to the block and conditions for exit from the block. This can be used to check the validity of the execution of a program by verifying the execution history of the program. Action can be taken in the case that any anomaly is found in the program execution compared to the expected execution.
摘要翻译: 本发明的目的是提出一种方法和装置,其目的是避免在程序执行期间随着程序计数器的去同步而发生的问题。 该目的通过一种用于控制程序的执行的方法来实现,该方法包括将程序分离成多个指令块,并将输入控制部分和输出控制部分添加到每个块。 控制部分具有进入块的条件和从块中退出的条件。 这可以通过验证程序的执行历史来检查执行程序的有效性。 在程序执行中发现任何异常与预期执行相比,可以采取行动。
-
7.发明授权公开(公告)号:US07831046B2
公开(公告)日:2010-11-09
申请号:US10537306
申请日:2003-12-01
申请人: Olivier Brique , Christophe Gogniat
发明人: Olivier Brique , Christophe Gogniat
CPC分类号: H04N21/4627 , H04N7/163 , H04N7/1675 , H04N21/4623 , H04N21/4821 , H04N21/84
摘要: The object of the invention is a method of managing the display of event specifications with conditional access, particularly to display an electronic program guide for Pay-TV.This aim is reached by a method including the following steps: sending data forming an electronic program guide (EPG) to a decoder (STB), this electronic guide serving to display the events which will be broadcasted, these data including, for each event, at least one identifier, textual data and a condition block comprising the conditions required for the access to this event, sending at least one authorization message (EMM) to a security module (SC) associated with the decoder, this message defining access rights to an event; sending the condition block (PECM) to said security module (SC), processing, in the security module, the access condition contained in said condition block (PECM), and return by the security module of a message indicating, according to the access condition for each event and to the access rights contained in the security module, if the right exists or not for each event in the security module. This method allows the management of requests in structured language and makes it possible to manage complex access conditions.
摘要翻译: 本发明的目的是一种利用条件访问来管理事件规范的显示的方法,特别是显示用于付费电视的电子节目指南。 该目的通过一种方法实现,包括以下步骤:将形成电子节目指南(EPG)的数据发送到解码器(STB),该电子指南用于显示将被广播的事件,这些数据包括每个事件, 至少一个标识符,文本数据和条件块,其包括访问该事件所需的条件,向与解码器相关联的安全模块(SC)发送至少一个授权消息(EMM),该消息定义对该解码器的访问权限 事件; 将所述条件块(PECM)发送到所述安全模块(SC),在所述安全模块中处理包含在所述条件块(PECM)中的访问条件,并由所述安全模块返回指示根据所述访问条件 对于每个事件以及安全模块中包含的访问权限,如果安全模块中的每个事件的权限都不存在。 该方法允许以结构化语言管理请求,并且可以管理复杂的访问条件。
-
公开(公告)号:US20090319741A1
公开(公告)日:2009-12-24
申请号:US12489712
申请日:2009-06-23
摘要: The present invention describes a system and a method for securely loading digital information from a storage device into a memory module in a data processing system, said data processing system comprising at least one storage device, one memory module and at least one processor, said data processing system further comprising a memory access controller module connected between the processor and the memory module, and a secure memory management module connected to the processor, the memory module, the storage device and the memory access controller. Requests by the processor for data are passed to the secure memory management module, which loads the data from the storage device to the memory module and configures the memory access controller such that the processor will have access to the data.
摘要翻译: 本发明描述了一种用于将数字信息从存储设备安全地加载到数据处理系统中的存储器模块的系统和方法,所述数据处理系统包括至少一个存储设备,一个存储器模块和至少一个处理器,所述数据 处理系统还包括连接在处理器和存储器模块之间的存储器访问控制器模块,以及连接到处理器,存储器模块,存储设备和存储器访问控制器的安全存储器管理模块。 处理器对数据的请求被传递到安全存储器管理模块,安全存储器管理模块将数据从存储设备加载到存储器模块,并配置存储器访问控制器,使得处理器能够访问数据。
-
公开(公告)号:US20060117392A1
公开(公告)日:2006-06-01
申请号:US11288223
申请日:2005-11-29
IPC分类号: H04L9/32
CPC分类号: H04N7/1675 , H04N21/4181 , H04N21/44236 , H04N21/4623 , H04N21/47211
摘要: A method is disclosed for access control to conditional access data in a multimedia unit comprising at least one security module. This process includes: reception by the multimedia unit of a control message ECM containing at least one control word cw; transmission of this message ECM to said security module, this control message being associated to a message decryption right; determination of a validity date of the ECM control message decryption rights associated to said security module; determination of the present date; comparison of the present date with the expiration date of the decryption rights and determination of whether the present date is prior to the expiration date. Iin the affirmative case, decryption of the control message ECM and sending of the control word cw to the multimedia unit occurs In the negative case, reading of a value contained in a counter of the security module and comparison of this value occurs, to determine whether this value is comprised within a range authorizing decryption. Further, in the affirmative case, modification of the value of the counter according to a pre-established rule, and decryption of the control message ECM and sending of the control word cw to the multimedia unit also occurs. Finally, in the negative case, access to the conditional access data is blocked.
摘要翻译: 公开了一种用于对包括至少一个安全模块的多媒体单元中的条件访问数据的访问控制的方法。 该过程包括:由多媒体单元接收包含至少一个控制字cw的控制消息ECM; 将该消息ECM发送到所述安全模块,该控制消息与消息解密权相关联; 确定与所述安全模块相关联的ECM控制消息解密权限的有效期; 确定现在日期; 将当前日期与解密权限的到期日期进行比较,并确定现在日期是否在到期日之前。 在肯定的情况下,控制消息ECM的解密和控制字cw发送到多媒体单元发生在负的情况下,发生安全模块的计数器中包含的值的读取和该值的比较,以确定是否 该值包含在授权解密的范围内。 此外,在肯定的情况下,根据预先确定的规则修改计数器的值,并且还发生控制消息ECM的解密和控制字cw发送到多媒体单元。 最后,在否定的情况下,对条件访问数据的访问被阻止。
-
10.发明申请公开(公告)号:US20060075423A1
公开(公告)日:2006-04-06
申请号:US10537306
申请日:2003-12-01
申请人: Oliver Brique , Christophe Gogniat
发明人: Oliver Brique , Christophe Gogniat
CPC分类号: H04N21/4627 , H04N7/163 , H04N7/1675 , H04N21/4623 , H04N21/4821 , H04N21/84
摘要: The object of the invention is a method of managing the display of event specifications with conditional access, particularly to display an electronic program guide for Pay-TV. This aim is reached by a method including the following steps: sending data forming an electronic program guide (EPG) to a decoder (STB), this electronic guide serving to display the events which will be broadcasted, these data including, for each event, at least one identifier, textual data and a condition block comprising the conditions required for the access to this event, sending at least one authorization message (EMM) to a security module (SC) associated with the decoder, this message defining access rights to an event; sending the condition block (PECM) to said security module (SC), processing, in the security module, the access condition contained in said condition block (PECM), and return by the security module of a message indicating, according to the access condition for each event and to the access rights contained in the security module, if the right exists or not for each event in the security module. This method allows the management of requests in structured language and makes it possible to manage complex access conditions.
摘要翻译: 本发明的目的是一种利用条件访问来管理事件规范的显示的方法,特别是显示用于付费电视的电子节目指南。 该目的通过一种方法实现,包括以下步骤:将形成电子节目指南(EPG)的数据发送到解码器(STB),该电子指南用于显示将被广播的事件,这些数据包括每个事件, 至少一个标识符,文本数据和条件块,其包括访问该事件所需的条件,向与解码器相关联的安全模块(SC)发送至少一个授权消息(EMM),该消息定义对该解码器的访问权限 事件; 将所述条件块(PECM)发送到所述安全模块(SC),在所述安全模块中处理包含在所述条件块(PECM)中的访问条件,并由所述安全模块返回指示根据所述访问条件 对于每个事件以及安全模块中包含的访问权限,如果安全模块中的每个事件的权限都不存在。 该方法允许以结构化语言管理请求,并且可以管理复杂的访问条件。
-
-
-
-
-
-
-
-
-
搜索结果
10 条记录 (耗时 0.059 秒)
