Memory protected with multiple security levels

 

The invention relates to protected memory, in particular memory, providing multiple layers of protection for areas of application. The technical result is memory protection when multiple it is used in the case when it is part of smart cards. The memory contains a first level of security, counter attempts to enter a security code, many areas of applications, each of which includes a storage area, the area of application security, counter attempts to enter the security code area of application, the site key erase counter attempts to enter key erase. 20 Il.

The invention relates to protected memory. More specifically, the present invention relates to protected memory, which provides multiple levels of protection for areas of application.

Plastic cards are used for payments from the 1950's to the early introduction of international credit cards issued to members of Diners club. The scale of their use has expanded in a phenomenal way. Currently, millions of cards are used every year by different organizations, so that their use for payments and records information in real time is lifnim image and had the signature line, which was to be used to ensure security. However, you can imagine that it is in a very small degree contributed to the prevention of counterfeiting and fraud. The first important improvement in the direction of security was the introduction of the magnetic strip on the back side of the embossed card. Plastic cards with magnetic strips are probably the most popular form of payment and information cards that are available for use at the present time. The memory is provided with a magnetic stripe is also allowed to record much more information than it could be performed embossed on the card surface. Although these cards provide some level of protection, but the data stored on the magnetic stripe can easily be read, erased and overwritten by any person having access to the corresponding device read/write. Accordingly, these cards are less than suitable for storing data of a confidential nature or to store the value to be used instead of cash.

To solve these problems was developed plastic card with protected memory. Such cards are known in the industry is mate. In order to ensure the integrity of the memory is protected from unauthorized access and unauthorized manipulation with these blocks. The security model provides some combination of hardware and software. Using protected memory, you can store data of a confidential nature that cannot be read or erased, and to prevent the entry of data by controlling the processes of reading, writing, and erasing using a combination of hardware and software, which depends on the specific conditions that must occur before performing these operations.

Example of a smart card with protected memory, which is widely used is the telephone card with memory. These cards are pre-paid (debit) cards, and the value stored electronically in memory, changes in the use of the card by reducing the corresponding amount. Of course, to prevent unauthorized use you can prevent the user's ability to manipulate the card so that uvelichivaetsja without much difficulty.

One known way of preventing unauthorized manipulation-protected card to increase the stored value is the use of a security code, known only to the Issuer of the card. Systematic attempts to determine the security code is suppressed through the use of a counter access attempts, which prevents further use of the card, if the number of attempts a valid secret code exceeds a predetermined number. If a valid security code is presented to achieve the threshold value, the counter of access attempts is reset to zero. Each of these blocks is additionally protected by a code erase, which must be submitted before the stored block can be erased. Unfortunately, these codes erase are vulnerable to regular attempts to determine the code.

Another way of preventing unauthorized manipulation with phone cards was to provide essentially impossible to erase the memory after it is recorded. For this type of card typically provides for the blowing of the fuse jumper that Affairs is their value on the card, additional value can be added to the memory by erasing. Although this method is sufficiently adequate to prevent unauthorized manipulation of the cards, however it is not quite attractive to use for the reason that if the value on the card is removed, then the card cannot be reused by adding additional value to the card.

Accordingly, the invention aims to provide additional protection for memory, built-in devices that require the use of protected memory, such as smart cards.

In addition, the object of the invention is the provision of protection for memory, built-in device protected memory, such as smart cards, so as not to hinder the re-use of smart cards in the process of handling by the user.

In accordance with the present invention protected memory zone contains the first level of security, with access code controlling access to the mentioned protected memory to burnout safety jumper, provided by the Issuer of the card, the attempt counter, wcislo attempts coincidence with the said access code is made to reset the counter of attempts to enter a security code, many areas of applications, each of which includes a storage area, the area of application security with access code to the application that controls access to the storage area after burnout of the safety jumper, counter attempts to enter the security code area of application, preventing access to the application, if a predefined number of attempts to match the access code to the application made to reset the counter attempts to enter the security code area of application, the site key erase with key code Erasure controlling access erasing the storage area after burnout of the safety jumper, provided by the Issuer of the card, and the attempt counter enter key erase, prevent access to erase the area of application, if the predetermined maximum number of attempts to match the key code Erasure was made to reset the attempt counter enter key erase.

Fig. 1 illustrates a generic architecture in the form of a flowchart protected memory according to the present invention.

Fig.2 shows the memory card electronically erasable programmable read-only device (EEPROM), subdivided in accordance with the present izobreteniya.

Fig. 4A is a timing diagram of the operation of the installation to its original state, suitable for use in the present invention.

Fig.4B is a timing diagram for a read operation, suitable for use in the present invention.

Fig.4C is a timing diagram comparing operation, suitable for use in the present invention.

Fig.4D is a timing diagram of the operation of the erase/write, suitable for use in the present invention.

Fig. 5 - control circuit location address in EEPROM, which can be used in the present invention.

Fig. 6 is a diagram comparing a security code, which can be used in the present invention.

Fig. 7 schema validation record scratch, which can be used in the present invention.

Fig. 8 is a diagram of the installation of the flag protection, which can be used in the present invention.

Fig.9 is a table of conditions for access to personalize protected memory before installing the safety of the jumpers in the state of logical "0" in accordance with the present invention.

Fig.10 is a diagram of the installation of flags Rn and RP, which can be used in the present invention.

Fig. 11 - tablica logical "0" in accordance with the present invention.

Fig. 12A is a diagram of the generation of the enable signal readout corresponding to the present invention.

Fig. 12V1 - generation scheme of the control signal recording safety jumpers and signal control record corresponding to the present invention.

Fig.12V2 - generation scheme of the control signal erase, corresponding to the present invention.

Fig. 13 is a scheme for generating recording signals of the safety jumper, accounts and permissions, erase, corresponding to the present invention.

Specialists in the art should be understood that the following description of the present invention is intended to be illustrative, but not restrictive. Specialists in the art will easily be able to offer other embodiments of the present invention.

In a typical case, at least three groups of specialists are involved in the manipulation-protected memory, which is entered in the smart card. The first group is the manufacturer of the protected memory. The second group is the manufacturer of the card, which enters the protected memory in the smart card and then distributes smart cards among concessionary teams.) The third group consists of users protected memory, received this product from the Issuer or the distributor. In accordance with the present invention provides a higher degree of security than had been the case according to the prior art, to prevent unauthorized use of protected memory end users or persons not directly involved in the procedures using protected memory.

The block diagram of the generalized architecture of the secure memory 10 according to the present invention shown in Fig.1. Protected memory 10 contains the following blocks: block 12 on/reset and power decoder 14 addresses, block 16 logic security memory 18 on the EEPROM. Protected memory 10 has eight conclusions, namely: VDD, VSS, RST, CLK, PGM, FUS, I/O, connected to the various blocks as part of protected memory, as shown in the drawing. As explained below, the memory 18 on the EEPROM is divided into areas, and authorized users can access different areas of memory to perform READ, WRITE, verify and ERASE controlled by software protection provided in accordance with the present invention.

To prevent unauthorized access to the memory 18 in EEPROM sknote when transmitting protected memory 10 from the manufacturer of the secure memory 10 to the Issuer secured memory 10. To prevent unauthorized use of protected memory 10 persons, which can be protected memory from the Issuer, the security code defined by the manufacturer and delivered to the Issuer, shall be used by the Issuer to access protected memory. In accordance with the present invention, protection is provided to prevent unauthorized use by any third party other than the end user, and to prevent unauthorized manipulation of memory or use by persons other than the Issuer, in a manner that is prohibited by the Issuer.

In Fig. 2 presents a map of the 20 memory, showing different areas of memory that are implemented in the memory 18 in EEPROM. In the map 20 memory address of each memory area in the memory 18 in EEPROM identified along with the number of bits for each of the memory areas. For example, the area designated as Area of Manufacture, as will be explained below, is located at addresses from 0 to 15 in the map 20 and memory it is allocated 16 bits. The bits in the memory 18 in EEPROM grouped together in the form of 8-bit words. Map 20 memory 18 on the EEPROM is divided into four sections 22, 24, 26 and 28 in order to better understand each of the areas podrastet the following: the Production Area, The area of the Issuer, the Security Code, the Attempt Counter Access Code Protection and Code Protected Zone. Code protected Area is also available for the end user.

The Production area and the Area of the Issuer, each containing information related to the manufacturer and the Issuer, respectively. The Fabrication area is programmed by the manufacturer protected memory and is immutable. Access to the Area of the Emitter is controlled by a flag in the security code that is set when a secure memory 10 recognizes a valid security code.

The area for Code Protection provides protection code, which must be match by the Issuer to access the memory 18 on the EEPROM and thus personalize the different areas in the memory 18 in EEPROM. Code protection provides protection for forwarding between the manufacturer and the Issuer, and, as will be described in more detail below, after the memory 18 in EEPROM will be personalized by the Issuer, the security code prevents unauthorized access to areas of application programs (applications) memory 18 on the EEPROM. As such, the security code is a global access control for all memory 18 in EEPROM.

Counter attempts to enter a security code counts the counter attempts to enter the code protection registers eight misconceptions security code. Code protected zone is an area, which can be used as scratchpad memory, which can be accessed for read and WRITE/ERASE controlled by the flag code protection.

Section 24 of the memory card 20 contains four zones of applications, which include areas for protection and storage. Each of the four application areas shown in map 20 memory includes an area for code protection, counter attempts to enter a security code, key erase counter attempts to enter key erase and storage area. As soon as the memory 18 in EEPROM personalized by the Issuer, the area code for security and counter attempts to enter the security code in each of the areas of application control access read and write, in combination with other protection measures, their associated storage areas, and areas for key erase and counter attempts to enter key erase in each of the areas of application control access erase, together with other protection measures, related to the storage area. It should be borne in mind that for specialists in the art record in EEPROM is the process of installing the logical "0" for bits of EEPROM memory, and erasing the installation process is of all transactions protected memory 10 without requiring secure access.

Section 28 is an area for the safety of the jumpers. As soon as the secured memory 10 personalized by the Issuer, the region 28 of the safety jumper is constantly in a state of "burnout" by setting it in a logical "0". It should be borne in mind that the bit corresponding to the "blowing of the fuse jumper" is a single bit memory EEPROM, which is permanently installed in the state of logical "0".

As described above, if the protected memory 10 is transferred from the manufacturer to the Issuer, the security code defined by the manufacturer, is transferred by the manufacturer to the Issuer. In order to provide access to protected memory 10 to the Issuer to personalize the secure memory 10 to a user, the Issuer must enter the security code sent by the manufacturer, for comparison with the security code programmed by the manufacturer of the protected memory region code protection section 22 of the card 20 memory. To ensure that the Issuer has obtained access to the memory 18 on the EEPROM must be an exact match the security code entered by the Issuer, the security code programmed by the manufacturer.

To prevent systematic attempts to violate, the security of the protected memory of the Oia with security code, programmed by the manufacturer, is counted by counter attempts to enter the security code in the partition 22. If made eight unsuccessful attempts to negotiate a security code programmed with a security code, the possibility of setting the flag protection is blocked. Whenever the entered security code is compared with the programmed security code and set their coincidence counter attempts to enter the security code is reset to zero.

In Fig.3 shows a timing diagram 30 to successfully compare the security code and flag set security code. According to the diagram 30 is performed in the RESET, READ, COMPARE, WRITE, and ERASE. The timing diagram for operations RESET, READ, COMPARE and ERASE/RECORD is represented on Fig. 4A - 4D, respectively. As shown in the timing diagram 30 for comparing the security code with the security code programmed by the manufacturer, first at the output of the RST (reset) protected memory 10 is supplied to the reset signal. In operation, RESET the address counter in the decoder 14, the address is set to zero and after the trailing edge of the reset signal on output I/O (input/output) is the first bit of the memory 18 in EEPROM. Then the address counter is incremented the Noah memory 10, is held at a low logic level until, until it receives an address region code protection. This is a transaction ACCOUNT.

The address counter for the memory 18 on the EEPROM is controlled by the circuit 40 account management addresses shown in Fig.5. Two signal CLKR and R are generated by circuit 40 account management addresses for control multistage counter which is used to form the desired memory address 18 on the EEPROM. Signal CLKR is an internal clock signal to provide the increment of the address counter, and the signal R is the internal signal that is used to set the address counter to zero.

Scheme 40 account management addresses has the following input signals: PGMERASEFUNC, WRT CLK, RST, FLGRST and CPUB. In the control circuit by address signals PGMERASEFUNC and WRT are fed to the inputs of the logical circuit 42 OR NOT. The output signal of the logic circuit 42 and the signal CLK are fed to the inputs of the logical circuit 44 And. the Output signal of the logic circuit 44 And the signal RST are fed to the inputs of the logical circuit 46 OR NOT, and the output signal of the logical circuit 46 OR does NOT pass through the inverters 48 and 50 for signal CLKR. The signal CLK and the signal FLGRST are fed to the inputs of the logical circuit 52 And. the Output signal of the logical circuit And the ront entrance purification of D-flip-flop 56. The signal RST is also fed through an inverter 58 to the clock input of D-flip-flop 56. The data input of D-flip-flop 56 is maintained at logic high level through the inverter 60 is connected to the Vss input. The output data signal D-flip-flop 56 and the signal CPUB are fed to the inputs of the logical circuit 62 OR NOT, and the output signal of the logical circuit 62 OR does NOT pass through the inverter 64 to signal R.

The signal PGMERASEFUNC is generated internally in the scheme described below. It is generated in order to transfer to the idle state of the address counter by blocking the transmission signal CLK through the circuit 42 And the switch that can be expected from the analysis of the circuit 40 account management addresses when you erase cycle or write. The signal RST is generated externally to reset the address counter to zero. When the RST transition from a high logic level to low logic level, D-trigger it and the output data signal D-flip-flop 56 goes to a high logic level. As a result, the signal R goes to a high logic level, and the address counter is set to zero. The signal FLGRST sets the signal R at the low logic level after the address counter Resa, when the address in the memory 18 in the EEPROM is equal to zero, or when the memory 18 in the EEPROM is set in the initial state, or the address counter is set to zero. The signal CPUB is generated when power is applied to the protected memory 10.

The output signal of the address counter is supplied to the ID of the control word, which is used for generating signals of the control word to indicate the achievement of specific addresses in the memory 18 in EEPROM. The ID of the control word also generates a signal for the first bit, second bit, and the eighth (last) bit of each word in the memory 18 in EEPROM. As will be described in more detail below, the signals generated by the ID of the control word used by the protection logic to identify which memory area 18 on EEPROM accessed, and what bits of the first, second or last words are addressed.

It is then bit-wise comparison of the programmed security code with the security code provided on the output I/O (input/output), as the clock signal causes the increment of the address programmed security code. The comparison is performed by the circuit 70 comparison of bits shown in Fig.6. In scheme 70 comparison data bits, sciascia logic 72 xnor code protection introduced in line I/O, clocked through a D-flip-flop 74. In the implementation of operations COMPARISON of the address counter is incremented on the falling edge of the clock signal, and input data are recorded on a rising edge of the clock signal. The comparison is carried out on the next falling edge of the clock signal.

The comparison is performed at the time the clocking of the D-flip-flop 82. When making the comparison signal CMPBIT should remain at a high logic level to compare, to be able to display the matches. In order for the signal CMPBIT was at a high logic level, both the input signal of the logical circuit 80 AND should NOT be at a high logical level. If one of the input signals will switch to a logic low, the signal CMPBIT will remain at a low logic level. Since one of the inputs of the logical circuit 80 AND IS NOT connected to the output of logic circuit 78 OR the output signal of the logic circuit 78 OR must be held at logic high level so that the signal CMPBIT maintained a high logic level. The input signals of the logic circuit 78 OR are the output signal of the comparison with the logic circuit 72 xnor and the signal SC WOR the cash SC WORD is at a high logical level, and as a result the output signal of the logic circuit 78 OR may not be translated at a high logic level signal SC WORD until the address counter is within the region code protection. On the contrary, when the compared bits coincide, the output signal of the logic circuit 72 xnor is at a high logical level to ensure that the output signal of the high logic level from the logic circuit 78 OR so that the signal CMPBIT remains at a high logical level. If in the process of comparing the output signal of the logic circuit OR 78 goes to a low logic level, the signal CMPBIT will go to the low logic level and remains at this level. It should be noted that if in the process of comparison is powered off, the COMPARISON operation is completed, since the D-flip-flop reset signal CPUB. The signal FLGRST will set D-flip-flop 82 to its original state, providing the opportunity to conduct other operations COMPARISON.

Once it matches the programmed security code with the security code must be tested for correctness. In operation, the verify counter attempts to enter the security code gets prires the logical "1". During the READ operation the address counter receives the increment. When the address counter is incremented, the output I/O (input/output) first bit appears after the falling edge of the clock signal. It should be borne in mind that the fact that the counter attempts to enter a security code has all logical "1", indicates that there were unsuccessful attempts to enter the security code since the zero adjustment of the meter attempts to enter a security code. At address, which is found all logical "1", the operation RECORD for setting a logical "0" at this address.

Scheme 90 validation record of zero shown in Fig.7. Input signals for the circuit 90 verify the correctness of the entries are zero CPUB, CLK, PGM, SAOUT. The signal CPUB is fed through an inverter 92 to the input of logic circuit 94 And to the input of purification From D-flip-flop 100. The signal CLK is input to the first logic circuit 96 AND the second logic circuit 98 AND NOT on the clock input of D-flip-flop 100 and to the input of the third logic circuit 102. The signal PGM is supplied to the clock input of D-flip-flop 104 and through an inverter 106 to the data input of D-flip-flop 100 and to the input of the third logic circuit 102. The output data D-flip-flop 100 is also connected to the input of the third logic circuit 102. the s D-flip-flop 104. Second input of the first logic circuit 96 AND IS NOT connected to the output of D-flip-flop 104 through an inverter 108. The output of the first logic circuit 96 AND IS NOT connected to one of the inputs of the logic circuit 110 And, while the other input of logic circuit 110 And is connected to the output of the logic circuit 94 I. the Input logic circuit 94 And is also connected to run negative front entrance cleaning "With" D-flip-flop 112 and to the input of logic circuit 98. The output data D-flip-flop 104 is also connected to a logic circuit 98, AND IS NOT, and the inverted output of D-flip-flop 104 is connected to a clock input of D-flip-flop 112. Input Vss is connected to the data input of D-flip-flop 112 through an inverter 114, and the output data of the D-flip-flop 112 produces an output signal circuit 90 validation record zero after passing through inverters 116 and 118.

Operation validation is described below with reference to Fig.7. If after surgery COMPARED to counter attempts to enter the security code read logic "1" as described above, the signal SAOUT will be a logical "1". When the signal PGM goes to a high logic level to start the operation WRITE "0" to the address in the counter attempts to enter a security code which has been read logic "1", logic "1" should be recorded on Q-the LETTER "0" is implemented, the signal SAOUT will be fixed on the next rising edge of the signal PGM.

Then the operation is performed, the ERASE counter of attempts to enter a security code. This will lead to fixation of a logical "1" at the output of D-flip-flop 112 on the rising edge of the clock signal at the input of D-flip-flop 112. It should be borne in mind that when you WRITE operation, changes only one bit, and when the ERASING operation, changes the whole byte. It then executes a READ operation to indicate that the flag code protection was installed as permitted erase counter attempts to enter a security code. The operation of READING a logical "1" indicates that the flag code protection has been installed, as has occurred erase counter attempts to enter a security code. The operation of READING a logical "0" indicates that the flag code protection was not installed because there was no erase counter attempts to enter a security code. D-flip-flop 100, the logic circuitry 102 AND the and logic circuit 94 And ensure that the signal WR0VEN will be forcibly transferred to a logical "0" when the power reset or increment the address.

After the successful implementation of the COMPARISON operation and the operation RECORD will be set flag code BLE, CPUB, WR0VEN, ACWORD and CMPBIT, and its output signal is the signal SV. The ENABLE signal is fed through an inverter 122 to the input of logic circuit 124 OR NOT, and also to the input of logic circuit 126. On the other two input logic circuit 126 AND the signals ACWORD and CMPBIT. The signal CPUB is supplied to another input of the logic circuit 124 OR NOT, and the output of the logic circuit 124 OR IS NOT connected to run negative front entrance cleaning "With" D-flip-flop 128. The signal WR0VEN is fed to the clock input of D-flip-flop 128. The data input of D-flip-flop 128 is connected to the output of the logic circuit 130 AND the first input of which is connected to the output of the logic circuit 126, and a second input connected to the output of D-flip-flop 128 through an inverter 132.

Assuming that the input signal CMPBIT logic circuit 126 AND continues to remain at a high logic level after comparing codes when the signal WR0VEN increases, the D-flip-flop 128 will capture output signal SV at a high logical level (assuming that the signals ENABLE and ACWORD are also at a high logic level). The signal SV be maintained at a high logic level until the power is applied to the protected memory 10 and the ENABLE signal has a high logic level, since a logical "1" signal SV is supplied through the inverter on l which keeps a high logic level as a result of this feedback.

As soon as the flag code protection is installed, the Issuer secured memory 10 receives access to personalize areas of application for the end user. After personalization desirable areas protected memory 10 to which the Issuer has access, is for the safety of the jumpers in the partition 28 is written to a logical "0". In the table of Fig.9 shows the conditions of access to personalize the secure memory 10 before installing a logical "0" for the safety of the jumpers. To personalize the secure memory 10, the Issuer writes or erases the required data in the secure memory 10, as provided by the terms of access. In the table of Fig.9 code SV represents the flag of the security code, which is set at logic "1", the code Rn is the flag of the read zones of applications, where n=1, 2, 3 or 4 respectively to the four zones of applications, and the symbol "X" denotes don't care.

As a first example, in the field to counter attempts to enter a security code (SCAC), if the signal SV=0, i.e., the flag code protection is not installed, you are only allowed access to read and write, and if the signal SV=1, i.e., the flag code is allowed access to the recording and erasing. As a second example, in the field for the first the of, and if the signal SV=1, then allowed access to read, write and erase. In a preferred embodiment, the Rn flag set by the value in the second bit in each of the four storage areas. The Rn flag will remain set up until from the protected memory is not the power is turned off, even if the second bit in a specific storage area subsequent operation can be written as logic "0".

In Fig. 10 shows the circuit 140 flag set P and R, which sets a flag Rn. The circuit 140 flag set P and R also sets the flag of the RP, as described below. The circuit 140 flag set P and R has the following input signals: CPUB, CLKB, BIT0, SAOUT, WORD, BIT1. The signal CPUB is supplied to the reset input R of the D-flip-flops 142 and 144. The signal CLKB is supplied to the clock input of D-flip-flops 142 and 144. Signals SAOUT and WORD served on the first and second inputs of the logic circuits 146 and 148, and the signals BIT0 and BIT1 are served on the first inputs of the logic circuits 146 and 148, respectively. The outputs of the logic circuits 146 and 148 And is connected to the first input of the logic circuits 150 and 152, OR IS NOT, respectively. The outputs of the logic circuits 150 and 152 OR IS NOT connected to the data inputs of D-flip-flops 142 and 144, respectively. Output data signals D-flip-flops 142 and 144 are served back at the second input logic 1 the Aga R and R signals BIT0, BIT1 and WORD are set by the scheme identifier of the control word. When setting a specific flag Rn address in memory from which to read the Rn flag, signal WORD and a signal BIT1 this word will have a high logic level, and if the value of BIT1 read from the line SAOUT, is also at a logic high level, the flag is set Rn. The Rn flag will persist until such time as the signal CPUB will not power has been removed from the protected memory. This is valid even if the second bit in a specific storage area subsequent operation can be written as logic "0", thereby discharging the output signal of the logic circuit 148 And the state of logical "0" as the output signal of D-flip-flop 144 is fed back through a logic circuit 152 OR, will maintain the output signal of the logic circuit 152 OR in the state of logical "1". The operation flag is set SPM similar operation flag is set Rn, except that instead of the signal BIT1 signal is used BIT0.

Specialists in the art will readily be understood from Fig.9, which flags should be set to read, write, erase or verify the data in the protected areas of the memory 10. Read, write, erase and comparison will doda protected memory 10, as explained by using the time chart of Fig.4A-4D.

For example, to write to the area for the security code in the first area of the first memory address 18 the EEPROM is set to zero by performing a RESET operation. Specialists in the art it should be clear that the operation of the RESET can be performed by application of signals to the conclusions of the protected memory in the manner prescribed time diagram for the RESET operation shown in Fig.4A. Then the operation is performed the READING on until the address in the address counter does not get increment to the source address in the area for the security code in the first zone of application. Finally, the WRITE operation is performed to write the desired data to address the security code in the first zone of application. As stated above, as soon as the Issuer has completed the personalization of the secure memory 10 to the end user, the area for the safety of the jumpers is permanently set to logic "0" to emulate a state of burnout safety jumper.

After burnout of the safety jumper access to protected memory is determined in accordance with the terms of the addresses shown in the table in Fig. 11. In table f represent the flag code protection for the four areas of application, where n=1, 2, 3 or 4 according to the four areas of application.

If the flag is set protection for specific areas of application, the code Sn is set to logical "1". To set a flag Sn in a specific area of the application must be submitted to the security code, which coincides with the security code stored in the area code for the protection of specific areas of application. Operations of comparison and validation are the same as described above for the security code, found in the area for code protection area section 22. The only difference is that, of course, the comparison starts at the address region for the security code associated with the selected application area.

Code Pn is a write flag for each of the four areas of application. In a preferred embodiment, the Pn flag is set in the first bit in each of the four areas of application. The Pn flag if it is set to logical "1" will remain set until the supply is disconnected from the protected memory, even if the first bit in a specific area of application and subsequent surgery can be written to a logical "0". Setting flag Pn is performed as described with reference to Fig.10.

Code En is the flag code is d En is set to logic "1". To set a flag En in a specific area of the application must be submitted code Erasure, which coincides with the code erase stored in the field for key erase a specific area of application. Operations of comparison and validation are the same as described above for the security code, found in the area for code protection area section 22. The only difference is that, of course, the comparison starts at the address region for key erase associated with the selected application area.

So the end-user has access to different memory regions 18 on the EEPROM to read, write, erase and comparison must be installed the correct combination of flags, SV, Sn, Pn, Rn and En. As the examples below describe the required combination of flags, SV, Sn, Pn, Rn and En, which must be set to read, write, erase and comparison in one of the storage areas.

Access provided by different combinations of flags in the areas of storage, can be easily understood by dividing various combinations of flags into three groups. In the first group, Sn=0, and only allowed access to the storage area is a READ operation, which may occur when Rn=1. Influence EP=0, the only allowed operation is READ. Otherwise, if EP=1, the allowed operations READING and ERASING. In the third group SV=1, Sn=1 and RP=1. If this flag set, then access to the storage area depends on the flag of the En. If EP=0, the allowed operations READ and WRITE. Otherwise, if EP=1, the allowed operations READ, WRITE, and ERASE.

Accordingly, should perform the following operations. First, the only case where not allowed to READ from the storage area, is the case when Sn=0 and Rn=0. Secondly, the only case where RECORDING is allowed is in the case when SV= 1, Sn= 1 and RP=1. Thirdly, the only case where permitted ERASING is when SV=1, Sn=1 and EP=1.

The block diagram of the combinatorial logic to generate the permissive signals in the memory 18 in EEPROM to perform operations READ, WRITE, and ERASE data in the memory 18 in EEPROM, and permissive signals for burnout safety jumpers for personalization, as described above, is shown in Fig. 12A-12C. Specialist in the art will readily be understood from Fig.12A-12C, which flags should be set as described above to provide jellal permissions read, which has a high logic level when the signal PGMERASEFUNC has a low logic level, the signal MEM has a high logic level, and the flags for the selected access also have a high logic level. In order not to clutter the description of the invention with unnecessary detail, each of these flags, which were described above, there is not further described.

The circuit according to Fig.12B and 12C generate the control signal record (WRT CTRL), the control signal for the safety of the jumpers (FZ WRT CTRL) and the control signal clearing or erasing (CLR CTRL), respectively, from a set of flags set, as described above. Signals WRT CTRL, FZ WRT CTRL CLR CTRL then fed into the control circuit of the recording and erasing, as shown in Fig. 13 generating signals WRTEN, CLREN, WRT used by the memory 18 on the EEPROM for writing and erasing data, and an enable signal to control the signal programming FZ WRTEN for the safety of the jumpers. Specialists in the art will understand the operation of the circuits shown in Fig. 12A-12C, 13, ensuring the generation of permissive signals for reading, writing, and programming of the safety switch in accordance with the flags described above.

The above paragraph is Noah engineering should be clear, what other modifications in addition to those mentioned above, without deviating from the principles of the invention. The invention, therefore, is limited only by the entity presented in the claims.

Claims

Protected memory zone containing the first level of security, with access code controlling access to the mentioned protected memory, until burnout of the safety jumper, provided by the Issuer, the counter attempts to enter a security code to prevent access to those protected memory if a predetermined number of times of coincidence with said access code is made before the reset counter attempts to enter a security code, many areas of applications, each of which includes a storage area, the area of application security with access code to the application that controls access to the storage area after burnout of the safety jumper, provided by the Issuer, counter attempts to enter the security code area of application, preventing access to the application, if a predefined number of attempts to match the access code to the application made to reset the attempt counter input code protection is anotai the storage area after burnout of the safety jumper, provided by the Issuer, and the attempt counter enter key erase, prevent access to erase the area of application, if the predetermined maximum number of attempts to match the key code Erasure was made to reset the attempt counter enter key erase.

 

Same patents:

The invention relates to a semiconductor memory device with multiple memory cells and is used mainly in the cards with an embedded microchip, such as card ID, credit cards, payment cards, etc

The invention relates to systems for protection against illegal use of the software product

The invention relates to the field of protection against unauthorized access to information stored in the personal computer, and can be used in automated systems for handling confidential information-based personal computers

The invention relates to systems of information protection, such as technical documentation, placed in storage, and retrieval of information

The invention relates to a device for the protection of information in computer, and particularly to a device for the destruction of information when there is a risk of its diversion, which is carried out on the basis of a signal of an unauthorized attempt to access, and the user at his request

The invention relates to the field of information security and is designed to protect against unauthorized distortion of each support information document

The invention relates to the field of information security management in the data channels and can be used in the respective circuits when the cryptographic transformation

The invention relates to computing, and in particular to information and computer systems and networks, and can be used to provide isolation of the software environment on workstations, functional and information servers

The microcomputer // 2198424
The invention relates to computing

The invention relates to computing

The invention relates to computing, Informatics and Cybernetics, in particular to systems identification of objects, and is intended for use in control systems security locks

Processor // 2248608

FIELD: computers, data protection.

SUBSTANCE: processor has bus interface device, device for selection/decoding of commands, device for dispatching/execution, program string decoding device, which string is selected from program and loaded in first levels command cash, which contains a set of N two-input elements XOR, keys memory, storing different N-bit decoding keys.

EFFECT: higher efficiency.

2 dwg

FIELD: technologies for authentication of information.

SUBSTANCE: method includes performing absolute identification for confirming legality of data carrier according to first rule in preset time. Authentication information is recorded on this data carrier in previously set position. Process of arbitrary authentication is performed for confirming legality of said data carrier in accordance to second rule in arbitrary time. First rule includes announcing confirmation of standard match, if information for authentication is detected as registered in selected preset position. Second rule in given arbitrary authentication process includes announcing standard match, if information for authentication is detected as not registered in arbitrary positions, different from given preset position.

EFFECT: higher reliability.

6 cl, 12 dwg

FIELD: computers.

SUBSTANCE: method includes, on basis of contents of central processor registers, received after processor performs some sort of command, by means of mathematical logical operation, forming certain finite control sum and storing it in memory, and on basis of contents of registers, received before start of execution by said processor of directly next command, certain starting checksum is formed, while if starting checksum mismatches finite checksum, error message is generated, which can be followed by halting of processor operation or blocking of chip board with its removal from circulation.

EFFECT: higher reliability.

2 cl, 2 dwg

FIELD: copy protection.

SUBSTANCE: system has content distribution block, multiple recording and playback devices for digital data, calculations processing block, meant to perform communications with recording and playback devices and performing calculations processing for transferring license payments.

EFFECT: higher reliability of copy protection.

5 cl, 55 dwg

FIELD: electronics.

SUBSTANCE: device has signaling bus, loaded with clock signal, at least one couple of buses serving for encoding one bit, detector circuit, multiplexer. According to method in case of first value of signal of signal bus two buses of one couple detect same level of signal, and in case of second value of signal of signal bus two buses of one couple detect different signal levels, detect forbidden states during operation of board, change process of system functioning, to generate alarm in that way.

EFFECT: higher reliability of protection.

2 cl, 7 dwg

FIELD: microprocessors.

SUBSTANCE: device has central processing devices, including first cryptographic block, at least one peripheral block, including second cryptographic block, device also has data bus, random numbers generator, conductor for supplying clock signal, conductor for providing random numbers signal, set of logical communication elements, while each cryptographic block has register of displacement with check connection.

EFFECT: higher level of unsanctioned access protection.

7 cl, 1 dwg

FIELD: digital memory technologies.

SUBSTANCE: board has rewritable power-independent memory and control circuit, means for storing address, pointing at limit between authentication area and non-authentication area, circuit for changing size of said areas. Reading device contains estimation means, reading information, pointing at number of times, for which digital data can be read, and playback means. Second device variant additionally has means for digital output of contents.

EFFECT: higher efficiency.

3 cl, 23 dwg

FIELD: computer science.

SUBSTANCE: method includes protective mathematical conversion of service data of network frame prior to transfer to environment for transfer of a LAN. To said protective conversion the data is subjected, which is contained in headers of network frames of channel level, and also in headers of all encapsulated network packets and segments. As a result the very possibility of interception is prevented.

EFFECT: higher efficiency.

7 cl, 2 dwg

FIELD: data carriers.

SUBSTANCE: device for reproduction of data from data carrier, program zone of which is used for recording a set of files, and control zone - for controlling copy protection data concerning the file, recorded in program zone, has computer for calculating copy protection information for each time file is reproduced, comparison means for comparing value, calculated on reproduction command, being prior to current one, to value, calculated on current reproduction command, and if these values coincide, the last value is stored as copy protection value, calculated on reproduction command , prior to current one and control means for allowing reproduction of file, appropriate for current command, if value, calculated as response to command, previous relatively to current command, coincides as a result of comparison to value, calculated as a response to current command.

EFFECT: higher reliability, higher efficiency.

4 cl, 46 dwg

FIELD: data carriers.

SUBSTANCE: device has calculating, reserving and recording modules. Each variant of semiconductor memory card contains area for recording user data for controlling volume and area for recording user data. On carrier method for computer initialization is recorded, including calculation of size of volume control information, reserving areas and recording therein of control information for volume and user data, recording main boot record and sectors table in first section of first area, skipping preset number of sectors, recording information of boot sector of section, file allocation table and root directory element to following sectors.

EFFECT: higher efficiency.

5 cl, 59 dwg

Up!