公开(公告)号：US09697358B2

公开(公告)日：2017-07-04

申请号：US13917261

申请日：2013-06-13

Applicant: GOOGLE INC.

Inventor： Benjamin Charles Serebrin ,  Jonathan M. McCune

IPC: G06F21/57 ,  G06F21/64 ,  G06F9/445

CPC classification number: G06F21/572 ,  G06F8/65 ,  G06F21/64

Abstract: An apparatus includes an interface module, a controller, a key storage module, where the key storage module is configured to store a key, and a non-volatile storage module that is configured to store data. The non-volatile storage module has a first partition and a second partition, where the first partition is designated as a read-only storage area for the data and the second partition is designated as a write-only storage area for new data. The first partition is re-designated as the write-only storage area for other new data and the second partition is re-designated as the read-only storage area for the new data in response to the new data being written to the second partition with a signature and the controller verifying the signature using the key stored in the key storage module.

公开(公告)号：US20140372665A1

公开(公告)日：2014-12-18

申请号：US13917261

申请日：2013-06-13

Applicant: GOOGLE INC.

Inventor： Benjamin Charles Serebrin ,  Jonathan M. McCune

IPC: G06F12/02

CPC classification number: G06F21/572 ,  G06F8/65 ,  G06F21/64

Abstract: An apparatus includes an interface module, a controller, a key storage module, where the key storage module is configured to store a key, and a non-volatile storage module that is configured to store data. The non-volatile storage module has a first partition and a second partition, where the first partition is designated as a read-only storage area for the data and the second partition is designated as a write-only storage area for new data. The first partition is re-designated as the write-only storage area for other new data and the second partition is re-designated as the read-only storage area for the new data in response to the new data being written to the second partition with a signature and the controller verifying the signature using the key stored in the key storage module.

Abstract translation: 一种装置包括接口模块，控制器，密钥存储模块，其中密钥存储模块被配置为存储密钥，以及被配置为存储数据的非易失性存储模块。 非易失性存储模块具有第一分区和第二分区，其中第一分区被指定为数据的只读存储区域，第二分区被指定为新数据的只写存储区域。 第一分区被重新指定为其他新数据的只写存储区域，并且响应于新数据被写入第二分区，将第二分区重新指定为新数据的只读存储区域， 签名和控制器使用存储在密钥存储模块中的密钥来验证签名。