The storage device different versions of the dataset in a separate memory areas and how to update dataset in memory

 

The invention relates to a memory means containing at least one data set in memory. The technical result is the simplicity of texture data update and improve the security of the data stored in memory. Machine-readable medium has a data structure for providing persistent storage of the data set and contains at least the old version of the said set of data in the first memory area, at least one tag to identify the said version, at least the latest update version of the said set of data in the second than the first memory, at least one tag to identify the said last time update versions. The computer device includes a processor and at least one of the mentioned machine-readable media. The method describes the operation of the computer device. 3 S. and 13 C.p. f-crystals, 5 Il.

The technical field to which the invention relates

The present invention relates to a memory means containing at least one data set in memory. The memory means may be implemented in volatile devices Osue a persistent storage device, flash EPROM or ROM. Typically, in this memory stores software modules of the operating system, application programs and data applications. Where such a computer system in accordance with the invention may find particular application, some or all of the software modules of the operating system stored in ROM.

Prior art

In some applications, usually in the processing of financial transactions, storage must be performed with very high reliability. Those applications with a secure storage known as requiring “elementary update” in “permanent” storage equipment. To make this secure update is known to use a registration update of the prior art. This index update registration, which is part of the data set must be changed during a session update. Only when the data set along with its updated parts will be saved in memory, all references to the previous version of the data set can be deleted.

DE-A-19600081 reveals the machine-readable media capable of storing different versions of a dataset. Such machine-readable media stores and old notifytimeutc counter.

The purpose of the invention

The aim of the present invention is to provide persistent storage of data applied problems through the creation of an improved mechanism for elementary updates the data stored in the nonvolatile memory devices, especially in silicon memory devices such as EEPROM or flash EPROM.

The invention

The invention relates to machine-readable media, as stated in paragraph 1.

The use of such a unique tag associated with various areas of memory that allows to clearly identify which versions are older. In addition, the use of these tags allows you to identify which versions belong to the same original data set. Thus, in the memory at the same time can present different versions of different data sets. Moreover, during the update, the latest update version older version and the latest update version is not removed from memory. Only after the full completion of the update operation of the latest update version of the memory can be deleted the old version of the data set.

If the update Prem way ensuring the presence of at least one accurate version of the data set. This ensures the simplicity of texture pack”. Such elementary update guarantees or complete replacement of the data, or unmodified, previously stored data, even if interrupted by the update operation.

Each version of a data set stored on one or more memory pages, each memory page includes one tag, each tag contains links to the data set, version number, and page number.

A page is defined as a memory serial memory cells, which deal with items that are relevant for the considered storage technology. Each page can fit into a single numeric bus, thereby facilitating the operations of read and write units of storage in memory. Version numbers are assigned to different generations of a data set. Thus, different version numbers refer to different generations. Different page numbers refer to different pages of the same generation data set.

The invention also relates to a computer device comprising a processor and at least one machine-readable medium, as defined above.

The processor preferably Primate, analysis on the basis of redundancy, whether there was a write error or not. This redundancy can be used as an indication of, or have no reliable values consider the tags and data sets that are referenced by the tags.

The latest update version preferably contains multiple pages, each page has a unique tag, and the processor is designed to update mentioned last time update versions data set and write a pre-defined tag is a predefined one of these many pages in said memory means as the last phase of the upgrade. Pre-defined tag that is written, can be read by the processor. If the processor determines the presence of the predefined tag in the memory means, the processor may conclude that the update operation was completed.

The use of these tags provides several new features. For example, at least one of the tags may include additional data in relation to indicate ownership and usage rights, and the processor before the of use may differ for different parts of the dataset, and the processor may be designed to recognize these different usage rights for these different parts.

The processor is preferably intended for the analysis of tag values and may have access to the versions of the data set only by reference through the tag values. Access to the different versions of the dataset, therefore, is not governed by normal program counter and the values of the tags. In other words, memory is an associative memory.

In the latter embodiment, the processor preferably includes a Central processing unit and a separate block of memory management in which tag values known only to the control unit memory. Further, the physical address space memory means is not included in the address space of the Central processing unit, particularly not included in the address space that stores an application program or software operating system command. Thus can be obtained additional protection against “sensing”. In order to realize this potential protection, a memory management unit may provide the Central processor unit additional front-end functionality hell is the organisation can encode tags cryptographic key before recording them in the memory, moreover, the cryptographic key known only to the control unit memory. This cryptographic key can refer to a cryptographic one-way function.

The present invention also relates to a method, as stated in paragraph 13.

(b) storing the most recent update versions data set in the second separate area of memory in which the above-mentioned second memory includes a second tag to uniquely identify the said last time update versions.

Brief description of drawings

The present invention is explained in detail below with reference to several drawings, which are intended only to illustrate the present invention and not to limit its scope.

In Fig.1 presents example scenarios in accordance with the present invention.

In Fig.2 shows a possible allocation of the memory in accordance with the present invention.

In Fig.3 shows the contents of memory pages in a possible embodiment, the device in accordance with Fig.2.

In Fig.4 depicts a method in accordance with the present invention.

In Fig.5 shows a possible arrangement of a memory management unit in sootvetstvenno possible device in accordance with the present invention. The Central processing unit 2 is connected to the tool 12 and I/o to memory, which may contain the ROM 6, RAM 8 and the nonvolatile memory 10. Unit 4 memory management can be performed separately or within the Central processor unit 2. The control unit 4 is designed to perform memory functions, which are relevant to the non-volatile memory 10, and preferably to other sections of memory - ROM 6 and the RAM 8. An embodiment shown in Fig.1, applies to all types of systems, storage management. The invention, however, especially useful for data storage in non-volatile silicon devices, and not on the hard drives. An important application relates to the field of embedded computing systems and single-chip computers, such as smart cards (smart cards).

In Fig.2 shows one possible data storage device in the memory in accordance with the present invention. Non-volatile memory 10, data may be divided into blocks of storage. These storage units in the memory are called “pages”. Conveniently, if these pages will be of the same size, for example equal to the dimension “numeric tires” in silicon devices, ispolzuyeca 4 memory management page: distribution, update and deallocation of memory for storage of application programs include the administration of one or more pages.

The memory contains a different generation (or version) of a set of data elements of the application programs. Each generation can be stored on one or more pages. In Fig.2 shows the case where the memory includes three different generation k, k+1, k+2 one set of data elements applied problems. The example shows that the generation k is three pages 1, 2 and 3, the generation of the k+1 - two pages i, i+1, and generation k+2-two pages n, n+1. Generation k represents the oldest version of the set of elements of the application data in memory, whereas the generation of k+2 is the latest update version of the set of data elements applied problems. Each generation k, k+1, k+2 can, for example, to refer to different versions of a software object.

Generation k, k+1 and k+2, as indicated, form a “piece of data”, and this term is used here as a reference to only one set of data elements of the application tasks. Pages required to store, has been allocated any memory cells that are not occupied by the page that is determined by the block 4 memory management. Rati in consecutive memory locations. Unit 4 memory management is a block for making decisions about where to store different generation. Even a page in one generation do not need to be stored in contiguous pages. To illustrate this page n and n+1 is shown located remote from each other (shown by dots in between).

In practice, the memory includes several “slices of data”, i.e., multiple sets of generating different sets of data.

In memory, organized and managed in accordance with the present invention, the simplicity of texture pack is provided by the basic principle of the control performed by the control unit 4 memory. If the data is stored in memory, the data associated with the set of elements of the application data is never modified in the same area of memory. In other words, once created, the page is never modified. When the last updated set of application data elements requires changes in accordance with an application program running on the Central processor unit 2, a new memory area, for example a new set of pages is allocated a block of 4 memory management. In this new area of the memory unit 4 memory management recorded any were not changed. Thus, the memory 10 at any given time contains at least one consistent, authoritative version of a piece of data.

This update operation may, for example, relate to the smart card. Although the update data in the smart card takes only a very short period of time (for example, approximately 3 MS), there is a small chance that the smart card is removed from the communication terminal to complete the financial transaction terminal. Thus, the update might be interrupted before its completion. If this happens, at least the last updated version will still be in the memory of the smart card.

In one embodiment, after the upgrade is complete dataset, block 4 memory management frees the memory that stores the oldest version of the data set. Unit 4 controls the memory may, for example, to control the presence of not more than 10 versions of the same set of data elements applied problems. In practice, an application program running on the Central processor unit 2 communicates with the block 4 memory management to manage the process of updating its data, for example indicating the update is complete. The application of soosai entries in the memory 10. Such transmission signals when the update process is common in systems for processing financial transactions.

When multiple versions of a set of data elements applied problems present in memory, background data modification can be assessed through unit 4 memory management. Unit 4 memory management accomplishes this by providing a means to review, but not modify, the application program running on the Central processor unit 2, the data values in previous versions.

In Fig.3 shows a possible structure of a memory page in accordance with the present invention. It is assumed that the memory is divided into pages. In Fig.3 shows two pages i, i+1. Each page i, i+1 contains the data of the application program and the tag i, i+1. The value of the tag preferably consists of three parts: “ID Sukhumvit MRT slice, non Dept# generate and non rd# pages. The fragment identifier is used as an unambiguous reference to the software unit of stored data. Counter Dept# generations specifies the version number of the stored data. At least two generations are indicated by counters Dept# generations. Counter rd# page indicates the page number in question in the ing, data to generate a dataset stored as a large number of pages.

In one particular implementation of the invention, the tag value is stored in memory using a special encoding, for example, by using redundancy, for example, with the check number of bits set to one. This is a special encoding is used by the unit 4 controls the memory to detect the correct/incorrect data entry operations. If only the checked number of bits is determined is equal to (or high level), the block 4 memory management decides that the tag value is correct. If this is checked the number of bits is not installed in the unit, the unit 4 memory management decides that the tag value is false. This can be caused, for example, interruption of power supplied to the memory device, for example when the user smart card remove your smart card from the terminal to complete the financial transaction.

In this embodiment, before deleting the oldest generation data set, block 4 memory management determines the accuracy of the latest update generation. The specific method encoded in the A. He should be selected so as to have a very high probability of bringing the invalid encoding, if this storage device will not be able to write the page completely. Depending on the design of the crystal memory (i.e., transistor technology used) before writing new data to the page some memory devices first, replace the values of all memory cells of a given page, either zeros or ones. Therefore, as stated above, sometimes it is better to check that checked the number of bits in the tag is equal to one, whereas in other cases it may be better to monitor the presence of the tested number of bits equal to zero. Then, if the control tag is defined correctly, it is a matter of well-known probability is the same whether correctly or not the recorded content of the rest of the pages related to the tag.

In Fig.4 summarizes the sequence of operations performed by the block 4 memory management in one embodiment, when updating the version of the stored application data required by an application program running on the Central processor unit 2:

(a) distribution of a new set of pages in memory 10, the stage 40;

b) opredelennoi program in its modified form and the appropriate tags in the memory 10, stage 44;

d) control for each page that is written, that the result is correct, the stage 46;

this phase control can be performed by controlling tag value, as described above;

e) exemption of pages that contain the oldest generation data set, step 48.

The tag value for each new page is determined by the assigned ID and Sukhumvit MRT fragment, the value of non Dept# generate the latest update version, incremented by 1, and rd# page.

Page preferably stored in the memory 10 by page, as shown in step (C) above. Preferably, one predefined page of a set of pages for one set of data was recorded last, while all other pages can be in any order. Convenient that a predefined page is the first page of a new set of pages. In practice, any page can be written parts. For example, the value of the tag pages can be recorded separately from the data of the application program on the page. Preferably, however, to tag a predefined page that is the last page for the record, was recorded on the last floor of a predefined page will not be stored in the memory, the data of the application program, written in any of the new pages can also be modified.

However, it should be noted that a partial entry and modification of data pages can reduce the benefits derived from the invention, i.e., the total recording time can be increased. Recording in non-volatile memory 10, as EPROM, takes a relatively long time is currently about 3 MS. So it's best to write once memory 10, i.e., when the modified data set is ready to save, and not to write the modified portion of the data set in a sequential periods of time. However, if time permits, as often happens, in this field of technology usually write the modified portion of the data set in non-volatile memory. This has the result, however, increased the number of write operations, which leads to excessive wear of the non-volatile memory 10.

Therefore, in accordance with a variant of execution of the invention it is preferable that all the steps required to change the data set was carried out on a working copy of a dataset in RAM 8 before writing the modified data set in non-volatile memory 10.

Write the value of the tag previrtualization elementary multi-page updates. The presence or absence of a valid tag in a predefined page then serves as a flag “commit changes”: a valid tag in a predefined page indicates the reliability of the written page, and at the final completion of the entire upgrade process.

Storing in the memory data of the application program can be made more reliable if the data stored in memory can be physically addressed only the application that uses the ID and Sukhumvit MRT fragment. Memory 10 becomes “associative memory.”

Although the unit 4 controls the memory and the Central processing unit 2 can be in the same physical processor package, is particularly advantageous for this last indication, that the Central processing unit 2 and unit 4 memory management were two physically separate units, designed to communicate with each other. You must understand that the term “physically separate” may refer to units manufactured on a single chip. Then the physical address space of the memory 10 is not included in the address space of the Central processing unit 2, in particular, is not included in the address space, where granatense is protected from unauthorized interference (as in the smart card), it is achieved by the additional protection from “sensing”.

To realize this potential additional protection, for example, smart card unit 4 memory management may provide additional front-end functionality, for example, including the composition of the address register 54 size tag and register 52 data size of the data page (see Fig.5). This interface 52, 54 is then complemented logical unit 50 to perform logical functions for viewing and mapping of tags stored in the memory 10. In other words, the logic block 50 can read the tags from the memory 10 and to address memory 10 in the analysis of tag values.

The interface 52, 54 and the associated logical block 50 can be implemented by the hardware.

In addition, specific hardware circuits 56, 58 are respectively as interfaces between the memory 6, 8, 10, and logical block 50 and between the Central processor unit 2 and the logical block 50. Logical block 50 may include a dedicated address counter combined with a logical comparison circuit tags. Different hardware schemes can contain logic associative memory implemented at least on the page, the values can be retrieved from the memory, managed in accordance with the invention when, in addition to a special encoding for detection, the tag value is additionally coded using cryptographic techniques. Such cryptographic encoding tag is intended to hide the data applied problems related to structural information such as ID and Sukhumvit MRT slice number Dept# generation number rd# pages contained in the tag values. Cryptographic encoding can be performed by any encoding methods known to experts in this field of technology. One useful way is to use a secret cryptographic one-way functions, in which the stages of the one-way function associated with a secret key known only to the block 4 memory management. Thus, block 4 memory management can recognize the previous generation by applying one-way function one or more times to the encoded value of the tag of the previous generation, and then comparing the resulting value tag value tag of the latest update generation. This prevents data recovery application from malicious forced to “dump” what about the useful features. For example, the tag may include additional data to specify a set of related data of the application program. In addition, such additional data in the tag value can specify usage rights or sets of usage rights for different user data of the application program. Such different usage rights can, for example, be associated with different conditions of access to different parts of the data (application) programs in the memory 10. One part of the data, the application program may, for example, be defined only for reading, while the other part of the data of the application program can be defined with the access to read/write.

The invention effectively provides recording of financial transactions, stored in memory, as the memory includes a background update specific elements of the application data in the form of successive generations.

As described above, optionally, the number of write operations to the storage devices managed in accordance with the present invention can be reduced when using the described mechanism update registration memory/financial transactions. In addition, the reduced number of write operations, the result of the prolongation of his life. Increases the security of data stored especially in non-volatile memory in a tamper-resistant single-chip computers, such as smart cards. Improved security entirely can be achieved by software measures. Hardware measures as unit 4 memory management, separate from the Central processing unit 2 may further increase the security, but they are not strictly necessary.

Claims

1. Machine-readable media storing a data structure for providing persistent storage of a set of data, and said data structure includes (a) at least the old version of the said set of data in the first memory area, and mentioned machine-readable medium includes at least one tag to identify the said oldest version, and (b) at least the latest update version of the said data set in a second, different, memory, moreover, the mentioned machine-readable medium includes at least one tag to identify the said last time update versions, these parvat second set of one or more pages, the page contains one or more consecutive memory cells operated as a single unit during such memory operations, such as the appointment, renewal and release memory application data, wherein each page also contains its own tag that specifies the number (gen#) versions of the dataset and the number (pg#) page mentioned page.

2. Machine-readable media under item 1, in which each of the mentioned tag contains a reference (Sukhumvit MRT) on the set data.

3. Machine-readable media under item 1 or 2, in which each page corresponds to one numerical bus.

4. A computer device comprising a processor (2;2.4) and at least one machine-readable media according to any preceding paragraph, and the above-mentioned processor (2;2,4) is designed to handle the above-mentioned data structure.

5. A computer device according to p. 4, in which the processor (2;2,4) is designed for recording tag is redundant in terms of their content and after reading tags from memory, analysis of the mentioned redundancy, whether there was or not a write error.

6. A computer device under item 4 or 5, in which latter lie;2,4) is designed to update mentioned last time update versions data set and write a pre-defined tag is a predefined one of these many pages in said memory means as the last phase of the upgrade.

7. A computer device according to any one of paragraphs.4-6, in which at least one of these tags contains additional data to indicate ownership and usage rights and the processor (2;2,4) is designed to recognize facilities and rights for the use of these additional data.

8. A computer device according to p. 7, which referred to the rights of use are different for different parts of the data set and the processor (2;2,4) is intended to distinguish the various rights of use for these different parts.

9. A computer device according to any one of paragraphs.4-8, in which the processor (2;2,4) is intended for the analysis of the values of the tags and have access to those versions mentioned dataset only by reference through the above-mentioned values of the tags.

10. A computer device according to p. 9 in which the said processor includes a Central processing unit (2) and a separate block (4) memory management, and tag values known only to the unit (4) memory management.

11. A computer device according to p. 10, in which the said block (4) memory management encodes tags cryptographic key before it is stored on machine-readable media, and mentioned CryptoMemory cryptographic key refers to a cryptographic one-way function.

13. The method of providing persistent storage of a set of data on machine-readable media, comprising stages (a) store the old versions of the data set in the first memory area, in which the mentioned machine-readable medium includes at least one tag to identify the said oldest version, and (b) storing the most recent update versions data set in a second, different, memory, and mentioned machine-readable medium includes at least one tag to identify the said latest update version the first memory contains a first set of one or more pages and the above-mentioned second memory area contains a second set of one or more pages, and the page contains one or more consecutive memory cells operated as a single unit during such memory operations, such as the appointment, renewal and release memory application data, characterized in that said method further comprises the step of providing each page its own tag that specifies the number (gen#) versions of the dataset and the number (pg#) countries is and step (b) through a pre-defined operation, performed above mentioned at least one tag identifying mentioned the latest update version.

15. The method according to p. 13, in which is mentioned the most recent update version contains many pages, and each page has a unique tag, and a predetermined tag is a predefined one of these many pages is saved as the last stage to stage (b) to identify the completion of the said storage step (b).

16. The method according to p. 13, additionally comprising the following step after step (b): (C) the release of the memory area that stores therein the oldest version of the above data set, if at least two versions of the data set remain in the above-mentioned means (10) of memory.

 

Same patents:

The invention relates to the field of optical recording

The invention relates to the accumulation of information

The invention relates to the accumulation of information
The invention relates to devices used in electronic devices as storage devices

The invention relates to a method of producing perspire formula H(CFR1CF2)nCH2OH (I) wherein R1is F or CF3when n=1, and R1is F, when n=2, including the interaction of methanol with tetrafluoroethylene or HEXAFLUOROPROPYLENE in the presence of a source of free radicals

The invention relates to optical storage media with high recording density information

The invention relates to optical disks, which have multiple information layers

The invention relates to optical storage media
The invention relates to computing, and in particular to information and computer systems and networks, and can be used in the network integrity monitoring for protection of information resources in workstations, informational, and functional servers, etc

The invention relates to computing, and in particular to information and computer systems and networks, and can be used to protect information resources in workstations, informational, and functional servers

The invention relates to microelectronic technology and is intended for use in both analog and digital microelectronic devices

The invention relates to computing, and in particular to an electronic banking system or to the shared database institutional server

The invention relates to computing, and in particular to computing and information systems, implemented on computers of all types, and can be used for protection of information resources as workstations and servers

The invention relates to the field of computer technology, automation and information systems, as well as protection from unauthorized access

The invention relates to distributed information and control systems (RIUS), mainly to RIUS, operating in real time, and can be used in various application systems, operating information of a confidential nature

The invention relates to cryptography and can be used when building devices commercial closed communication to ensure information security in commercial computer communication networks, as well as for protection of information in computer from unauthorized access

Storage device // 2055391
The invention relates to computer technology, in particular to the protection of data from unauthorized access storage devices

The invention relates to computer technology and can be used to protect the memory cells when power is

The invention relates to the field of communication technology and can be used in data transmission systems, systems, telemetering and telecontrol
Up!