公开(公告)号：US20070113079A1

公开(公告)日：2007-05-17

申请号：US10580818

申请日：2004-11-26

申请人： Takayuki Ito ,  Teruto Hirota ,  Kouichi Kanemura ,  Tomoyuki Haga ,  Yoshikatsu Ito

发明人： Takayuki Ito ,  Teruto Hirota ,  Kouichi Kanemura ,  Tomoyuki Haga ,  Yoshikatsu Ito

IPC分类号： H04L9/00

CPC分类号： G06F9/4812 ,  G06F9/468 ,  G06F21/78 ,  G06F2221/2105

摘要： In a data processing apparatus that switches between a secure mode and a normal mode during execution, the secure mode allowing access to secure resources to be protected, the normal mode not allowing access to the secure resources, when the secure resources increase in the secure mode, the load on a protection mechanism for protecting the resources becomes large. Thus, there is a demand for data processing apparatuses that are able to reduce secure resources. The present invention relates to a data processing apparatus that stores therein a secure program including one or more processing procedures which use secure resources and a call instruction for calling a normal program to be executed in a normal mode. While executing the secure program, the data processing apparatus calls the normal program with the call instruction and operates according to the called normal program.

摘要翻译： 在执行期间在安全模式和正常模式之间切换的数据处理装置中，当安全模式下的安全资源增加时，安全模式允许访问保护资源以被保护，正常模式不允许访问安全资源 用于保护资源的保护机制的负担变大。 因此，需要能够减少安全资源的数据处理装置。 数据处理装置本发明涉及一种数据处理装置，其中存储有一个或多个使用安全资源的处理过程的安全程序和用于调用在正常模式下执行的正常程序的呼叫指令。 在执行安全程序时，数据处理装置利用呼叫指令调用正常程序，并根据所调用的正常程序进行操作。

公开(公告)号：US07788487B2

公开(公告)日：2010-08-31

申请号：US10580818

申请日：2004-11-26

申请人： Takayuki Ito ,  Teruto Hirota ,  Kouichi Kanemura ,  Tomoyuki Haga ,  Yoshikatsu Ito

发明人： Takayuki Ito ,  Teruto Hirota ,  Kouichi Kanemura ,  Tomoyuki Haga ,  Yoshikatsu Ito

IPC分类号： H04L29/06 ,  G06F7/04 ,  G06F13/00

CPC分类号： G06F9/4812 ,  G06F9/468 ,  G06F21/78 ,  G06F2221/2105

摘要： In a data processing apparatus that switches between a secure mode and a normal mode during execution, the secure mode allowing access to secure resources to be protected, the normal mode not allowing access to the secure resources, when the secure resources increase in the secure mode, the load on a protection mechanism for protecting the resources becomes large. Thus, there is a demand for data processing apparatuses that are able to reduce secure resources.The present invention relates to a data processing apparatus that stores therein a secure program including one or more processing procedures which use secure resources and a call instruction for calling a normal program to be executed in a normal mode. While executing the secure program, the data processing apparatus calls the normal program with the call instruction and operates according to the called normal program.

摘要翻译： 在执行期间在安全模式和正常模式之间切换的数据处理装置中，当安全模式下的安全资源增加时，安全模式允许访问保护资源以被保护，正常模式不允许访问安全资源 用于保护资源的保护机制的负担变大。 因此，需要能够减少安全资源的数据处理装置。 数据处理装置本发明涉及一种数据处理装置，其中存储有一个或多个使用安全资源的处理过程的安全程序和用于调用在正常模式下执行的正常程序的呼叫指令。 在执行安全程序时，数据处理装置利用呼叫指令调用正常程序，并根据所调用的正常程序进行操作。

公开(公告)号：US07503049B2

公开(公告)日：2009-03-10

申请号：US10853132

申请日：2004-05-26

申请人： Kouichi Kanemura ,  Teruto Hirota ,  Takayuki Ito

发明人： Kouichi Kanemura ,  Teruto Hirota ,  Takayuki Ito

IPC分类号： G06F9/46 ,  G06F15/00 ,  G06F15/76 ,  G06F9/30 ,  G06F9/40 ,  G06F7/38 ,  G06F9/00 ,  G06F9/44 ,  G06F12/00 ,  G06F12/14 ,  G06F13/24 ,  G06F13/32 ,  G06F15/177

CPC分类号： G06F9/441 ,  G06F2209/481

摘要： An information processing apparatus switches between an Operating System 1 and an Operating System 2 during operation and comprises: a storing unit including a first area storing data managed by OS1, a second area storing a reset handler containing instructions for returning to OS2 and for branching to OS2, and a switching unit that switches connection/disconnection of the first area with outside; a table storing unit storing information showing the reset handler's position; a CPU having a program counter and executing an instruction at a position indicated by positional information in the program counter; and a management unit that, when instructed to switch from OS1 to OS2 while the apparatus is operating with OS1, instructs the switching unit to disconnect the first area and the CPU to reset. When instructed to reset itself, the CPU initializes its state and sets the reset handler positional information into the program counter.

摘要翻译： 信息处理装置在操作期间在操作系统1和操作系统2之间切换，并且包括：存储单元，其包括存储由OS1管理的数据的第一区域，存储复位处理器的第二区域，该复位处理器包含用于返回到OS2的指令并分支到 OS2，以及切换单元，其切换第二区域与外部的连接/断开; 表存储单元，存储表示重置处理者的位置的信息; CPU，其具有程序计数器，并且在由程序计数器中的位置信息指示的位置处执行指令; 以及管理单元，当指示在OS1操作时从OS1切换到OS2时，指示切换单元断开第一区域和CPU的复位。 当指示自己复位时，CPU初始化其状态，并将复位处理程序位置信息设置到程序计数器中。

公开(公告)号：US20050172294A1

公开(公告)日：2005-08-04

申请号：US10853132

申请日：2004-05-26

申请人： Kouichi Kanemura ,  Teruto Hirota ,  Takayuki Ito

发明人： Kouichi Kanemura ,  Teruto Hirota ,  Takayuki Ito

IPC分类号： G06F9/445 ,  G06F9/46

CPC分类号： G06F9/441 ,  G06F2209/481

摘要： An information processing apparatus switches between an Operating System 1 and an Operating System 2 during operation and comprises: a storing unit including a first area storing data managed by OS1, a second area storing a reset handler containing instructions for returning to OS2 and for branching to OS2, and a switching unit that switches connection/disconnection of the first area with outside; a table storing unit storing information showing the reset handler's position; a CPU having a program counter and executing an instruction at a position indicated by positional information in the program counter; and a management unit that, when instructed to switch from OS1 to OS2 while the apparatus is operating with OS1, instructs the switching unit to disconnect the first area and the CPU to reset. When instructed to reset itself, the CPU initializes its state and sets the reset handler positional information into the program counter.

摘要翻译： 信息处理装置在操作期间在操作系统1和操作系统2之间切换，并且包括：存储单元，其包括存储由OS1管理的数据的第一区域，存储包含用于返回到OS2的指令的复位处理器的第二区域， 分支到OS2，以及切换单元，其切换第一区域与外部的连接/断开; 表存储单元，存储表示重置处理者的位置的信息; CPU，其具有程序计数器，并且在由程序计数器中的位置信息指示的位置处执行指令; 以及管理单元，当所述设备在用OS 1操作时被指示从OS 1切换到OS2时，指示切换单元断开第一区域和CPU的复位。 当指示自己复位时，CPU初始化其状态，并将复位处理程序位置信息设置到程序计数器中。

公开(公告)号：US20080215862A1

公开(公告)日：2008-09-04

申请号：US11629907

申请日：2005-06-24

申请人： Tomoyuki Haga ,  Yukie Shoda ,  Taichi Sato ,  Teruto Hirota

发明人： Tomoyuki Haga ,  Yukie Shoda ,  Taichi Sato ,  Teruto Hirota

IPC分类号： G06F9/30

CPC分类号： G06F21/14

摘要： The present invention comprises a program generation apparatus for generating an obfuscated program difficult to analyze from outside and a program execution apparatus for executing the program. The program generation apparatus comprises: an acquisition unit operable to acquire a 1st program including one or more instructions, the 1st program causing a process by executing the instructions in a predetermined order to obtain a result; a generation unit operable to generate a 2nd program based on the 1st program; and an output unit operable to output the 2nd program. Here, the 2nd program causes a process that is different from the process caused by the 1st program and varies according to current information determined at execution of the 2nd program in order to obtain a result identical to the result of the 1st program.

摘要翻译： 本发明包括一种用于从外部生成难以分析的混淆程序的程序生成装置和用于执行程序的程序执行装置。 程序生成装置包括：获取单元，可操作以获取包括一个或多个指令的第一个<！ - SIPO - >程序，通过执行预定的指令来执行处理 命令取得结果; 生成单元，其可操作以基于所述第一＆lt; SUP＆gt;程序生成2＆lt; nd＆gt;程序; 以及输出单元，其可操作以输出第二和第二程序。 这里，2＆lt; nd＆lt; / SUP＆gt;程序引起与由1＆lt; ST＆gt;程序引起的处理不同的处理，并根据执行2 ^{nd 程序，以获得与1 ST 程序的结果相同的结果。}

公开(公告)号：US07747870B2

公开(公告)日：2010-06-29

申请号：US11790399

申请日：2007-04-25

申请人： Rieko Asai ,  Yukie Shoda ,  Teruto Hirota ,  Yoshikatsu Ito ,  Taichi Sato ,  Hideki Matsushima ,  Toshihisa Abe

发明人： Rieko Asai ,  Yukie Shoda ,  Teruto Hirota ,  Yoshikatsu Ito ,  Taichi Sato ,  Hideki Matsushima ,  Toshihisa Abe

IPC分类号： G06F9/00

CPC分类号： G06F21/14 ,  G06F21/6218 ,  G06F21/6281

摘要： An encrypted-data decrypting apparatus that provides enhanced security protection for programs and data while they are in the processes of decryption to execution after having been encrypted. When a decrypted partial program needs to be loaded into the shared memory M, the controlling unit 11 loads it into an area indicated by the memory location information. According to the memory location information, a plurality of partial programs are sequentially loaded into an area so that one partial program gets overwritten by another; therefore, none of the partial programs exists in the memory for a long time, and thus there is less possibility of having the partial programs referred to illegitimately. In addition, since every time some data is decrypted, the decryption support program authenticating unit 13 confirms authenticity of the decryption support program P, it is possible to prevent having illegitimate references in which the decryption support program is abused.

摘要翻译： 一种加密数据解密装置，当它们在被加密之后处于解密到执行的过程中时，为程序和数据提供增强的安全保护。 当解密的部分程序需要加载到共享存储器M中时，控制单元11将其加载到由存储器位置信息指示的区域中。 根据存储器位置信息，多个部分程序被顺序地加载到一个区域中，使得一个部分程序被另一部分程序重写; 因此，部分程序中的任何一个都不存在于存储器中很长一段时间，因此部分程序被非法地引用的可能性较小。 此外，由于每次解密一些数据时，解密支持程序认证单元13确认解密支持程序P的真实性，所以可以防止具有解密支持程序被滥用的非法参照。

公开(公告)号：US07228423B2

公开(公告)日：2007-06-05

申请号：US10630674

申请日：2003-07-31

申请人： Rieko Asai ,  Yukie Shoda ,  Teruto Hirota ,  Yoshikatsu Ito ,  Taichi Sato ,  Hideki Matsushima ,  Toshihisa Abe

发明人： Rieko Asai ,  Yukie Shoda ,  Teruto Hirota ,  Yoshikatsu Ito ,  Taichi Sato ,  Hideki Matsushima ,  Toshihisa Abe

IPC分类号： G06F9/24

CPC分类号： G06F21/14 ,  G06F21/6218 ,  G06F21/6281

摘要： An encrypted-data decrypting apparatus that provides enhanced security protection for programs and data while they are in the processes of decryption to execution after having been encrypted. When a decrypted partial program needs to be loaded into the shared memory M, the controlling unit 11 loads it into an area indicated by the memory location information. According to the memory location information, a plurality of partial programs are sequentially loaded into an area so that one partial program gets overwritten by another; therefore, none of the partial programs exists in the memory for a long time, and thus there is less possibility of having the partial programs referred to illegitimately. In addition, since every time some data is decrypted, the decryption support program authenticating unit 13 confirms authenticity of the decryption support program P, it is possible to prevent having illegitimate references in which the decryption support program is abused.

摘要翻译： 一种加密数据解密装置，当它们在被加密之后处于解密到执行的过程中时，为程序和数据提供增强的安全保护。 当解密的部分程序需要被加载到共享存储器M中时，控制单元11将其加载到由存储器位置信息指示的区域中。 根据存储器位置信息，多个部分程序被顺序地加载到一个区域中，使得一个部分程序被另一部分程序重写; 因此，部分程序中的任何一个都不存在于存储器中很长一段时间，因此部分程序被非法地引用的可能性较小。 此外，由于每次解密一些数据时，解密支持程序认证单元13确认解密支持程序P的真实性，所以可以防止具有解密支持程序被滥用的非法参照。

公开(公告)号：US08307354B2

公开(公告)日：2012-11-06

申请号：US11629907

申请日：2005-06-24

申请人： Tomoyuki Haga ,  Yukie Shoda ,  Taichi Sato ,  Teruto Hirota

发明人： Tomoyuki Haga ,  Yukie Shoda ,  Taichi Sato ,  Teruto Hirota

IPC分类号： G06F9/44 ,  G06F9/45 ,  G06F21/00 ,  G06F11/00

CPC分类号： G06F21/14

摘要： A program generation apparatus generates an obfuscated program difficult to analyze from outside and a program execution apparatus executes the program. The program generation apparatus includes an acquisition unit that acquires a 1st program including one or more instructions, the 1st program causing a process by executing the instructions in a predetermined order to obtain a result; a generation unit that generates a 2nd program based on the 1st program; and an output unit that outputs the 2nd program. The 2nd program causes a process that is different from the process caused by the 1st program and varies according to current information determined at execution of the 2nd program in order to obtain a result identical to the result of the 1st program.

摘要翻译： 程序生成装置从外部生成难以分析的混淆程序，程序执行装置执行程序。 该程序生成装置包括获取单元，该获取单元获取包括一个或多个指令的第一程序，所述第一程序通过以预定顺序执行指令来导致处理以获得结果; 生成单元，其基于第一程序生成第二程序; 以及输出第二程序的输出单元。 第二程序导致与第一程序引起的处理不同的处理，并且根据在执行第二程序确定的当前信息而变化，以获得与第一程序的结果相同的结果。

公开(公告)号：US20070294534A1

公开(公告)日：2007-12-20

申请号：US11790399

申请日：2007-04-25

申请人： Rieko Asai ,  Yukie Shoda ,  Teruto Hirota ,  Yoshikatsu Ito ,  Taichi Sato ,  Hideki Matsushima ,  Toshihisa Abe

发明人： Rieko Asai ,  Yukie Shoda ,  Teruto Hirota ,  Yoshikatsu Ito ,  Taichi Sato ,  Hideki Matsushima ,  Toshihisa Abe

IPC分类号： G06F9/24

CPC分类号： G06F21/14 ,  G06F21/6218 ,  G06F21/6281

摘要： An encrypted-data decrypting apparatus that provides enhanced security protection for programs and data while they are in the processes of decryption to execution after having been encrypted. When a decrypted partial program needs to be loaded into the shared memory M, the controlling unit 11 loads it into an area indicated by the memory location information. According to the memory location information, a plurality of partial programs are sequentially loaded into an area so that one partial program gets overwritten by another; therefore, none of the partial programs exists in the memory for a long time, and thus there is less possibility of having the partial programs referred to illegitimately. In addition, since every time some data is decrypted, the decryption support program authenticating unit 13 confirms authenticity of the decryption support program P, it is possible to prevent having illegitimate references in which the decryption support program is abused.

公开(公告)号：US07444520B2

公开(公告)日：2008-10-28

申请号：US10856941

申请日：2004-06-01

申请人： Yoshikatsu Ito ,  Teruto Hirota

发明人： Yoshikatsu Ito ,  Teruto Hirota

IPC分类号： G06F9/00

CPC分类号： G06F21/14

摘要： An execution system including a loader which (i) causes an error in a program which has been started within a range in which the caused error is correctable based on an error correcting code, and (ii) loads the program, in which the error is caused, into a main memory. Further, the execution system includes a processor which simultaneously corrects the error and executes the program.

摘要翻译： 一种执行系统，包括：（i）在基于纠错码的所述错误可修正的范围内已经启动的程序中导致错误的加载程序，以及（ii）加载错误是 造成，进入主要记忆。 此外，执行系统包括同时校正错误并执行程序的处理器。