-
公开(公告)号:US08131942B2
公开(公告)日:2012-03-06
申请号:US12081530
申请日:2008-04-17
Applicant: Peter William Harris , Donald Felton
Inventor: Peter William Harris , Donald Felton
IPC: G06F12/00
CPC classification number: G06F12/084 , G06F12/1425 , G06F12/1491 , G06F21/00 , G06F21/6218 , G06F2212/1028 , G06F2212/1052 , Y02D10/13
Abstract: A data processing system is provided with at least one processor 4, 6, a main memory 18 and a cache memory 14. Cache data within the cache memory 14 has validity data V and control data associated therewith. The control data controls access to the cached data. Program instructions executed by the processors 4, 6 control a cache controller 26 to modify the control data associated with the cached data while it remains stored within the cache memory 14 and remains valid. The control data may, for example, specify a security flags indicating whether access is restricted to secure processes or processors.
Abstract translation: 数据处理系统设置有至少一个处理器4,6,主存储器18和高速缓存存储器14.高速缓存存储器14内的高速缓存数据具有有效数据V和与其相关联的控制数据。 控制数据控制对缓存数据的访问。 由处理器4,6执行的程序指令控制高速缓存控制器26,以便在缓存数据保持存储在高速缓冲存储器14中时修改与缓存数据相关联的控制数据,并保持有效。 控制数据例如可以指定指示是否将访问限制到安全进程或处理器的安全标志。
-
公开(公告)号:US20060020826A1
公开(公告)日:2006-01-26
申请号:US11141689
申请日:2005-06-01
Applicant: Donald Felton , James McNiven
Inventor: Donald Felton , James McNiven
IPC: G06F12/14
CPC classification number: G06F21/84 , G06F2221/2105
Abstract: A data processing apparatus and a method of indicating operation of a data processor within a secure domain. The apparatus comprising a display for displaying data; a processor operable in a secure domain, said processor when operating in said secure domain having access to a user specific image; wherein said processor is operable to indicate operation within said secure domain by displaying said user specific image on at least a portion of said display when operating within said secure domain.
Abstract translation: 一种数据处理装置和指示安全域内的数据处理器的操作的方法。 该装置包括用于显示数据的显示器; 处理器,其可操作在安全域中,所述处理器在所述安全域中操作时可访问用户特定图像; 其中所述处理器可操作以通过在所述安全域内操作时在所述显示器的至少一部分上显示所述用户特定图像来指示所述安全域内的操作。
-
公开(公告)号:US09158941B2
公开(公告)日:2015-10-13
申请号:US11376733
申请日:2006-03-16
Applicant: Daren Croxford , Donald Felton , Daniel Kershaw , Peter Brian Wilson
Inventor: Daren Croxford , Donald Felton , Daniel Kershaw , Peter Brian Wilson
CPC classification number: G06F21/79 , G06F12/145 , G06F21/74
Abstract: A data processing apparatus and method are provided for managing access to content within the data processing apparatus. The data processing apparatus has a secure domain and a non-secure domain and comprises at least one device which is operable when seeking to access content stored in memory to issue a memory access request pertaining to either the secure domain or the non-secure domain. Further, writeable memory is provided which can store content required by the at least one device, with the writeable memory having at least one read only region whose content is stored therein under control of a secure task, the secure task being a task executed by one of the devices in the secure domain. Protection logic is then used in association with the writeable memory, which on receipt of a memory access request seeking to access content in the at least one read only region, prevents access to that read only region if that memory access request pertains to the non-secure domain and is seeking to write content to the read only region. This enables the speed, power and flexibility benefits of placing content in writeable memory to be achieved without prejudicing the security of that content, by ensuring that that content cannot be modified from the non-secure domain.
Abstract translation: 提供了一种用于管理对数据处理装置内的内容的访问的数据处理装置和方法。 数据处理装置具有安全域和非安全域,并且包括至少一个设备,当设法访问存储在存储器中的内容以发布与安全域或非安全域相关的存储器访问请求时可操作。 此外,提供可写存储器,其可以存储至少一个设备所需的内容,其中可写存储器具有至少一个只读区域,其内容在安全任务的控制下存储在其中,该安全任务是由一个执行的任务 的安全域中的设备。 然后,与可写存储器相关联地使用保护逻辑,其在接收到寻求访问所述至少一个只读区域中的内容的存储器访问请求时,如果该存储器访问请求涉及非可读存储器访问请求, 并且正在寻求将内容写入只读区域。 这使得通过确保不能从非安全域修改该内容,可以实现将内容放置在可写入内存中的速度,功率和灵活性,而不会影响该内容的安全性。
-
公开(公告)号:US08769307B2
公开(公告)日:2014-07-01
申请号:US11141689
申请日:2005-06-01
Applicant: Donald Felton , James I McNiven
Inventor: Donald Felton , James I McNiven
IPC: G06F11/30
CPC classification number: G06F21/84 , G06F2221/2105
Abstract: A data processing apparatus and a method of indicating operation of a data processor within a secure domain. The apparatus comprising a display for displaying data; a processor operable in a secure domain, said processor when operating in said secure domain having access to a user specific image; wherein said processor is operable to indicate operation within said secure domain by displaying said user specific image on at least a portion of said display when operating within said secure domain.
Abstract translation: 一种数据处理装置和指示安全域内的数据处理器的操作的方法。 该装置包括用于显示数据的显示器; 处理器,其可操作在安全域中,所述处理器在所述安全域中操作时可访问用户特定图像; 其中所述处理器可操作以通过在所述安全域内操作时在所述显示器的至少一部分上显示所述用户特定图像来指示所述安全域内的操作。
-
5.发明授权公开(公告)号:US08707056B2
公开(公告)日:2014-04-22
申请号:US13137904
申请日:2011-09-21
Applicant: Donald Felton
Inventor: Donald Felton
Abstract: A data processing device is provided with a processor core 8 that can operate in either a secure domain or a non-secure domain. Data stored within a secure region 34 of a memory 10 can only be accessed when the processor core 8 is executing in the secure domain. A frame buffer 36 for storing a display image 20 to be displayed is stored within a non-secure region of memory which can be accessed by the processor core 8 irrespective of whether it is in the secure domain or the non-secure domain as well as a display controller 12. When a subject image 22 is written to the frame buffer 36, validation data for the subject image 22 is stored within the secure region 34. When a user input is received the displayed data stored at a validated display area to which the subject image was written is read back and used to generate check data with is compared with the validation data before the user input is authenticated.
Abstract translation: 数据处理设备设置有可以在安全域或非安全域中操作的处理器核心8。 存储在存储器10的安全区域34内的数据只能在处理器核心8在安全域中执行时被存取。 用于存储要显示的显示图像20的帧缓冲器36被存储在可由处理器核心8访问的存储器的非安全区域内,而不管其是否处于安全域或非安全域,以及 显示控制器12.当被摄体图像22被写入帧缓冲器36时,对象图像22的验证数据被存储在安全区域34内。当接收到用户输入时,显示的数据被存储在经过验证的显示区域 写入的被摄体图像被读回并用于生成检查数据,并在用户输入被认证之前与验证数据进行比较。
-
Patent Agency Ranking
6.发明申请公开(公告)号:US20120102557A1
公开(公告)日:2012-04-26
申请号:US13137904
申请日:2011-09-21
Applicant: Donald Felton
Inventor: Donald Felton
Abstract: A data processing device is provided with a processor core 8 that can operate in either a secure domain or a non-secure domain. Data stored within a secure region 34 of a memory 10 can only be accessed when the processor core 8 is executing in the secure domain. A frame buffer 36 for storing a display image 20 to be displayed is stored within a non-secure region of memory which can be accessed by the processor core 8 irrespective of whether it is in the secure domain or the non-secure domain as well as a display controller 12. When a subject image 22 is written to the frame buffer 36, validation data for the subject image 22 is stored within the secure region 34. When a user input is received the displayed data stored at a validated display area to which the subject image was written is read back and used to generate check data with is compared with the validation data before the user input is authenticated.
Abstract translation: 数据处理设备设置有可以在安全域或非安全域中操作的处理器核心8。 存储在存储器10的安全区域34内的数据只能在处理器核心8在安全域中执行时被存取。 用于存储要显示的显示图像20的帧缓冲器36被存储在可由处理器核心8访问的存储器的非安全区域内,而不管其是否处于安全域或非安全域,以及 显示控制器12.当被摄体图像22被写入帧缓冲器36时,对象图像22的验证数据被存储在安全区域34内。当接收到用户输入时,显示的数据被存储在经过验证的显示区域 写入的被摄体图像被读回并用于生成检查数据,并在用户输入被认证之前与验证数据进行比较。
-
公开(公告)号:US09269418B2
公开(公告)日:2016-02-23
申请号:US13366660
申请日:2012-02-06
Applicant: Donald Felton , Emre Özer , Sachin Satish Idgunji
Inventor: Donald Felton , Emre Özer , Sachin Satish Idgunji
IPC: G06F12/14 , G11C11/406 , G06F21/75 , G06F21/79 , G11C11/408
CPC classification number: G11C11/40622 , G06F21/75 , G06F21/79 , G11C11/408 , G11C2211/4065
Abstract: An apparatus comprises a dynamic random-access memory (DRAM) for storing data. Refresh control circuitry is provided to control the DRAM to periodically perform a refresh cycle for refreshing the data stored in each memory location of the DRAM. A refresh address sequence generator generates a refresh address sequence of addresses identifying the order in which memory locations of the DRAM are refreshed during the refresh cycle. To deter differential power analysis attacks on secure data stored in the DRAM, the refresh address sequence is generated with the addresses of at least a portion of the memory locations in a random order which varies from refresh cycle to refresh cycle.
Abstract translation: 一种装置包括用于存储数据的动态随机存取存储器(DRAM)。 提供刷新控制电路以控制DRAM周期性地执行用于刷新存储在DRAM的每个存储器位置中的数据的刷新周期。 刷新地址序列发生器产生识别在刷新周期期间刷新DRAM的存储器位置的顺序的地址的刷新地址序列。 为了阻止对存储在DRAM中的安全数据的差分功率分析攻击,刷新地址序列以从刷新周期到刷新周期的随机顺序的至少一部分存储器位置的地址生成。
-
公开(公告)号:US20130205080A1
公开(公告)日:2013-08-08
申请号:US13366660
申请日:2012-02-06
Applicant: Donald FELTON , Emre ÖZER , Sachin Satish IDGUNJI
Inventor: Donald FELTON , Emre ÖZER , Sachin Satish IDGUNJI
IPC: G06F12/02
CPC classification number: G11C11/40622 , G06F21/75 , G06F21/79 , G11C11/408 , G11C2211/4065
Abstract: An apparatus comprises a dynamic random-access memory (DRAM) for storing data. Refresh control circuitry is provided to control the DRAM to periodically perform a refresh cycle for refreshing the data stored in each memory location of the DRAM. A refresh address sequence generator generates a refresh address sequence of addresses identifying the order in which memory locations of the DRAM are refreshed during the refresh cycle. To deter differential power analysis attacks on secure data stored in the DRAM, the refresh address sequence is generated with the addresses of at least a portion of the memory locations in a random order which varies from refresh cycle to refresh cycle.
Abstract translation: 一种装置包括用于存储数据的动态随机存取存储器(DRAM)。 提供刷新控制电路以控制DRAM周期性地执行用于刷新存储在DRAM的每个存储器位置中的数据的刷新周期。 刷新地址序列发生器产生识别在刷新周期期间刷新DRAM的存储器位置的顺序的地址的刷新地址序列。 为了阻止对存储在DRAM中的安全数据的差分功率分析攻击,刷新地址序列以从刷新周期到刷新周期的随机顺序的至少一部分存储器位置的地址生成。
-
公开(公告)号:US20080294848A1
公开(公告)日:2008-11-27
申请号:US12081530
申请日:2008-04-17
Applicant: Peter William Harris , Donald Felton
Inventor: Peter William Harris , Donald Felton
IPC: G06F12/08
CPC classification number: G06F12/084 , G06F12/1425 , G06F12/1491 , G06F21/00 , G06F21/6218 , G06F2212/1028 , G06F2212/1052 , Y02D10/13
Abstract: A data processing system is provided with at least one processor 4, 6, a main memory 18 and a cache memory 14. Cache data within the cache memory 14 has validity data V and control data associated therewith. The control data controls access to the cached data. Program instructions executed by the processors 4, 6 control a cache controller 26 to modify the control data associated with the cached data whilst it remains stored within the cache memory 14 and remains valid. The control data may, for example, specify a security flags indicating whether access is restricted to secure processes or processors.
Abstract translation: 数据处理系统设置有至少一个处理器4,6,主存储器18和高速缓存存储器14.高速缓冲存储器14内的高速缓存数据具有有效数据V和与其相关联的控制数据。 控制数据控制对缓存数据的访问。 由处理器4,6执行的程序指令控制高速缓存控制器26,以修改与缓存数据相关联的控制数据,同时其保持存储在高速缓冲存储器14内并保持有效。 控制数据例如可以指定指示是否将访问限制到安全进程或处理器的安全标志。
-
公开(公告)号:US20070220276A1
公开(公告)日:2007-09-20
申请号:US11376733
申请日:2006-03-16
Applicant: Daren Croxford , Donald Felton , Daniel Kershaw , Peter Wilson
Inventor: Daren Croxford , Donald Felton , Daniel Kershaw , Peter Wilson
IPC: H04N7/16 , H04L9/32 , G06F12/14 , G06F17/30 , G06F7/04 , H04L9/00 , G06F11/30 , G06K9/00 , H04K1/00 , H03M1/68
CPC classification number: G06F21/79 , G06F12/145 , G06F21/74
Abstract: A data processing apparatus and method are provided for managing access to content within the data processing apparatus. The data processing apparatus has a secure domain and a non-secure domain and comprises at least one device which is operable when seeking to access content stored in memory to issue a memory access request pertaining to either the secure domain or the non-secure domain. Further, writeable memory is provided which can store content required by the at least one device, with the writeable memory having at least one read only region whose content is stored therein under control of a secure task, the secure task being a task executed by one of the devices in the secure domain. Protection logic is then used in association with the writeable memory, which on receipt of a memory access request seeking to access content in the at least one read only region, prevents access to that read only region if that memory access request pertains to the non-secure domain and is seeking to write content to the read only region. This enables the speed, power and flexibility benefits of placing content in writeable memory to be achieved without prejudicing the security of that content, by ensuring that that content cannot be modified from the non-secure domain.
Abstract translation: 提供了一种用于管理对数据处理装置内的内容的访问的数据处理装置和方法。 数据处理装置具有安全域和非安全域,并且包括至少一个设备,当设法访问存储在存储器中的内容以发布与安全域或非安全域相关的存储器访问请求时可操作。 此外,提供可写存储器,其可以存储至少一个设备所需的内容,其中可写存储器具有至少一个只读区域,其内容在安全任务的控制下存储在其中,该安全任务是由一个执行的任务 的安全域中的设备。 然后,与可写存储器相关联地使用保护逻辑,其在接收到寻求访问所述至少一个只读区域中的内容的存储器访问请求时,如果该存储器访问请求涉及非可读存储器访问请求, 并且正在寻求将内容写入只读区域。 这使得通过确保不能从非安全域修改该内容,可以实现将内容放置在可写入内存中的速度,功率和灵活性,而不会影响该内容的安全性。
-
-
-
-
-
-
-
-
-
Search Results
18
records
(took 0.015 seconds)
