Deprecated: The each() function is deprecated. This message will be suppressed on further calls in /home/zhenxiangba/zhenxiangba.com/public_html/phproxy-improved-master/index.php on line 456
CN1122634A - a secure memory card - Google Patents
[go: Go Back, main page]

CN1122634A - a secure memory card - Google Patents

a secure memory card Download PDF

Info

Publication number
CN1122634A
CN1122634A CN 94192020 CN94192020A CN1122634A CN 1122634 A CN1122634 A CN 1122634A CN 94192020 CN94192020 CN 94192020 CN 94192020 A CN94192020 A CN 94192020A CN 1122634 A CN1122634 A CN 1122634A
Authority
CN
China
Prior art keywords
memory
storage
microprocessor
card
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN 94192020
Other languages
Chinese (zh)
Other versions
CN1129098C (en
Inventor
托马斯·O·霍尔特利
彼特·J·威尔逊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bull CP8 SA
Original Assignee
Bull CP8 SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bull CP8 SA filed Critical Bull CP8 SA
Priority to CN 94192020 priority Critical patent/CN1129098C/en
Publication of CN1122634A publication Critical patent/CN1122634A/en
Application granted granted Critical
Publication of CN1129098C publication Critical patent/CN1129098C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

A kind of safe storage card, which includes a mini-processor on a semi-conductor chip and one or a plurality of non-easily lose website retrievable memorizer chips. The mini-processor chip and non-easily lose memorizer chips are jointly connected with the bus inside the card. The mini-processor includes website retrievable non-easily lose memorizer. The memorizer of each chip is composed of a plurality of pieces or groups, and each memorizer chip contains a safe controlling logic circuit. These circuits contain a plurality of non-easily lose or easily lose storage devices, only when the mini-processor determinates that the user completes the pre-set recognition processing successfully with the main computer, the storage device can be provided with keys or composite information under the controlling of the mini-processor.

Description

一种安全存储卡a secure memory card

本发明涉及便携式个人计算机领域,更具体地说,涉及一种在可移动的数字信息环境中保持数据安全性的系统。The present invention relates to the field of portable personal computers, and more particularly, to a system for maintaining data security in a mobile digital information environment.

个人信息的安全性一直受到不断地关注。已经通过锁、代码和保密包(pockets)保证安全性。随着信息采取了新的形式,要求有新的方法来满足这一变化的情况。The security of personal information is a constant concern. Security has been ensured by locks, codes and pockets. As information takes new forms, new approaches are required to meet this changing situation.

从历史上看,信息的安全性一直通过使用签名、凭证和相片来保证。电子设备例如自动取款机在保密方法中增加了编码卡和个人识别码(PINs)。计算机系统继续使用口令。Historically, the security of information has been ensured through the use of signatures, credentials and photographs. Electronic devices such as ATMs add coded cards and personal identification numbers (PINs) to the security methods. Computer systems continue to use passwords.

最近,一种“智能卡”被用作保密工具。这种“智能卡”是一种小的微型计算机,具有可写的非易失存储器和简单的输入/输出接口,它被制成单片形式并包在塑料的“信用卡”内。它有一些外焊点(pads),使其可以连接到专门设计的设备上。包含在卡的微机中的程序和这一设备相互配合,使卡中非易失存储器的数据可被读取或按照所需的算法进行修改,包括改变口令。已实现了专门的技术用来保护存储信息并根据情况作出各种许可。例如,在名称为“SingleChip Microprocessor with On—Chip ModifiableMemory”的美国专利4,382,279中,披露了一种允许非易失存储器自动编程的结构,它被包括在同一芯片上作为处理和控制单元,如同其它系统一样,微处理器只保护同一芯片上的存储器。More recently, a "smart card" has been used as a security tool. The "smart card" is a small microcomputer with writable non-volatile memory and simple input/output interfaces, manufactured as a single piece and enclosed in a plastic "credit card". It has external solder points (pads) that allow it to be attached to specially designed devices. The program contained in the microcomputer of the card cooperates with this device, so that the data in the non-volatile memory in the card can be read or modified according to the required algorithm, including changing the password. Special techniques have been implemented to protect stored information and make various permissions according to the situation. For example, in U.S. Patent 4,382,279, entitled "SingleChip Microprocessor with On-Chip ModifiableMemory," a structure is disclosed that allows automatic programming of non-volatile memory, which is included on the same chip as a processing and control unit, as in other systems Likewise, a microprocessor only protects memory on the same chip.

“智能卡”已被用于简化识别处理并作为有价值信息的实际存放地。在这种情况下,与过去大部分情况一样,“键”的实际存在以及某些专门知识被用作证实或辨认处理的一部分。在上述情况下,识别是希望进入的人和固定的装置例如安全保护装置或自动出纳机之间的对话。"Smart cards" have been used to simplify the identification process and serve as physical depository for valuable information. In this case, as in most cases in the past, the actual existence of the "key" and some know-how are used as part of the verification or identification process. In the above cases, identification is a dialogue between a person wishing to gain access and a fixed device such as a security guard or an automated teller machine.

独立式的计算设备的可携带性的当前状况使得实际的键和辨认装置变得更小、更易携带,因而更易丢失或被窃。而且,计算设备能够进行重复的试探来猜试或推论与识别处理有关的专门知识或口令。如果辨认装置或设备也在盗窃者的控制之下,情况特别如此。更槽糕的是,现在技术允许并鼓励随身携带大量的易于被窃的机密信息。The current state of portability of stand-alone computing devices makes the actual keys and identification means smaller, more portable, and thus more susceptible to loss or theft. Also, the computing device is capable of repeated heuristics to guess or infer know-how or passwords related to the identification process. This is especially the case if the identifying device or equipment is also under the control of the thief. To make matters worse, technology now allows and encourages carrying around large amounts of confidential information that is easy to steal.

现在,笔记本或亚笔记本(subnotebook)大小的计算机提供了一种功能强的独立环境,它允许进行大量的计算,因而需要附加的数据存储容量。这最初是通过装有程序和数据的小型化硬盘设备来满足。虽然在这些系统中经常使用口令保护,但这不能完全地保护住机密的数据。这是因为:首先,辨认装置本身是易受损害的。不过,更重要的是,含有这些数据的盘驱动器可被移走从而在一个更易进行数据分析的设置中被存取。在这种情况下,只有某种形式的加密能够保护数据。盘存取的性质使得这是可能的,而没有性能和成本障碍。这种系统的一个例子披露于名称为“Integrated Circuit Card”的美国专利4,985,920中。Today, notebook or subnotebook-sized computers provide a powerful, self-contained environment that allows for massive computations that require additional data storage capacity. This was initially met by miniaturized hard disk devices that held programs and data. Although password protection is often used in these systems, it cannot completely protect confidential data. This is because: firstly, the identification device itself is vulnerable. More importantly, however, the disk drives containing the data can be removed and accessed in a more accessible setup for data analysis. In this case, only some form of encryption can protect the data. The nature of disk access makes this possible without performance and cost barriers. An example of such a system is disclosed in US Patent 4,985,920 entitled "Integrated Circuit Card".

最近出现的快速存储器(flash memory)和可移动的“存储卡”使得便携计算机的体积和功率消耗大为减小。快速存储器把随机存取存储器(RAM)的灵活性和盘的性能结合起来。现在,这些技术的结合允许包含高达20兆字节的数据而不需要电源,并采用信用卡大小的可携带封装。这些数据可以出现在主机系统中,或者好象是被含在常规的盘驱动器中,或者好象是主存储器的扩展。这些技术的发展可使系统体积减少到这样的程度,即可把其放在口袋里而不放在手袋或手提箱中。The recent advent of flash memory and removable "memory cards" has greatly reduced the size and power consumption of portable computers. Flash memory combines the flexibility of random access memory (RAM) with the performance of disk. Now, the combination of these technologies allows for the inclusion of up to 20 megabytes of data without the need for power, and in a portable package the size of a credit card. The data can be present on the host system, either as if contained on a conventional disk drive, or as if it were an extension of main memory. These technological developments allow the system to be reduced in size to such an extent that it fits in a pocket rather than a handbag or suitcase.

因而,数据及其主机系统就更容易丢失或被窃,同时利用加密来保护存储数据就更加困难,因为这成为性能和成本的主要障碍。As a result, data and its host system are more susceptible to loss or theft, while using encryption to protect stored data is more difficult as it becomes a major barrier to performance and cost.

因而,本发明的主要目的在于提供一种具有安全存储器子系统的便携式数字系统。Accordingly, it is a primary object of the present invention to provide a portable digital system having a secure memory subsystem.

本发明的另一个目的在于提供一种存储卡,如果把其从便携数字系统中移出,它仍可以受到保护。Another object of the present invention is to provide a memory card which can be protected if it is removed from the portable digital system.

本发明的另一个目的在于提供一种存储卡,其中如果把卡的芯片从这种卡中移出,卡的芯片仍可以受到保护。Another object of the present invention is to provide a memory card in which the chip of the card remains protected if it is removed from such a card.

上述目的由本发明的最佳实施例中的安全卡来实现。这种安全存储卡包括:装在一单个半导体芯片上的微处理器,以及一个或多个非易失的可寻址的存储器芯件。微处理器芯片和非易失存储器芯片共同连接到用来向这种非易失的存储芯片传送地址、数据和控制信息的内部卡总线上。微处理器包括可寻址的非易失存储器,用来存储包括若干键值的信息、配置信息以及用来在内部总线上控制地址、数据和控制信息传送的程序指令信息。芯片存储器由若干块或组(banks)构成,每块具有多个可寻址的位置。The above objects are achieved by the security card in the preferred embodiment of the present invention. The secure memory card includes: a microprocessor mounted on a single semiconductor chip, and one or more non-volatile addressable memory chips. The microprocessor chip and the non-volatile memory chip are commonly connected to an internal card bus which is used to transfer address, data and control information to the non-volatile memory chip. The microprocessor includes addressable non-volatile memory for storing information including several keys, configuration information, and program instruction information for controlling the transfer of addresses, data, and control information on the internal bus. On-chip memory consists of several blocks or banks, each with multiple addressable locations.

按照本发明,每个存储芯片包括安全控制逻辑电路。在最佳实施例中,这些电路包括非易失锁存储器,非易失锁存启动元件和易失的存取控制存储器,它们各自都可在微处理器的控制下被加载。更具体地说,微处理器首先在非易失锁存储器中装入锁值,并重置锁存储启动元件禁止存取。此后,微处理器按照配置信息的规定对存取控制存储器进行加载。这种信息只有在微处理器已确定用户已成功地完成了与主计算机预定的辨认处理之后才被加载。每个存储器的安全逻辑电路根据装载在存储芯片的存取控制存储器中的配置信息来允许对存储在快速存储器的选定地址块中的信息的读取。周期性地要求用户成功地执行与主计算机的辨认处理,并根据存取控制存储器的允许,使用户继续读取信息。在最佳实施例中,通过标准接口,例如符合个人计算机存储卡国际协会(PCMCIA)标准的接口,将主计算机与存储卡相联。According to the invention, each memory chip includes security control logic. In the preferred embodiment, these circuits include nonvolatile lock memory, nonvolatile latch enable elements and volatile access control memory, each of which can be loaded under microprocessor control. More specifically, the microprocessor first loads the lock value in the non-volatile lock memory and resets the lock storage enable element to disable access. Thereafter, the microprocessor loads the access control memory according to the configuration information. This information is only loaded after the microprocessor has determined that the user has successfully completed the intended identification process with the host computer. The security logic of each memory allows the reading of information stored in selected address blocks of the flash memory according to the configuration information loaded in the access control memory of the memory chip. The user is periodically required to successfully perform identification processing with the host computer, and the user continues to read information as permitted by the access control memory. In a preferred embodiment, the host computer is coupled to the memory card through a standard interface, such as an interface compliant with the Personal Computer Memory Card International Association (PCMCIA) standard.

本发明结合了“智能卡”和“存储卡”技术,它对于在已经实现了电子小型化的“严格安全”的环境中利用快速存储技术来保护大量数据来说,是关键的。此外,本发明能够利用这两种技术的改善和提高。The present invention combines "smart card" and "memory card" technologies that are key to utilizing fast storage technology to protect large amounts of data in a "secure" environment that has achieved electronic miniaturization. Furthermore, the present invention is able to take advantage of improvements and enhancements of both technologies.

此外,本发明的安全逻辑电路通过减少对快速存储器的基本逻辑电路的改变量的方式,被结合在快速存储器中并与其一起操作。更具体地说,快速存储器可以以安全的方式进行操作,也可以以非安全的方式被操作,此时安全逻辑电路被旁路,从而使快速存储器在好象不存在这种电路的情况下被操作。当快速存储器的非易失锁存储器的内容被消除时,就进入非安全方式。这一般表示一个未编程的或完全抹掉的快速存储器,它通常抹成预定状态(即全部为“1”状态)。In addition, the secure logic of the present invention is incorporated into and operates with flash memory in a manner that reduces the amount of changes to the basic logic of the flash memory. More specifically, flash memory can be operated in a secure manner, or it can be operated in a non-secure manner, in which case the security logic is bypassed, allowing the flash memory to be operated as if no such circuitry existed. operate. The non-secure mode is entered when the contents of the non-volatile lock memory of the flash memory are erased. This generally indicates an unprogrammed or completely erased flash memory, which is usually erased to a predetermined state (ie, all "1" states).

由于对快速存储器和“存取控制处理器”(ACP)增加了少量的逻辑,快速存储器的内容就成为安全的而无需数据加密。因此,本发明去掉了对大块数据来说相当费时的加密数据和解密数据的操作。With the addition of a small amount of logic to the flash memory and the "Access Control Processor" (ACP), the contents of the flash memory are made secure without data encryption. Therefore, the present invention eliminates the operation of encrypting data and decrypting data, which is quite time-consuming for large blocks of data.

在操作中,ACP定期地促使用户进入某些辨认形式。这可以是口令、PIN、在书写面上的特定点所进行的特定笔计算机的“手势”、语音指令或“用户的声音打印”。方法随系统而变化。可编程的ACP使用户可以改变辨认的具体内容和提醒的频率。用于辨认的代码以及锁和存取控制存储器所需的数据被存储在ACP的非易失存储器内,该存储器和ACP在同一芯片上,因而受到保护。In operation, the ACP periodically prompts the user to enter some form of identification. This could be a password, a PIN, a specific pen computer "gesture" made at a specific point on the writing surface, a voice command or a "user's voice print". Methods vary by system. The programmable ACP allows the user to change the specific content recognized and the frequency of the reminder. The code for identification and the data required to lock and access control memory are stored in the ACP's non-volatile memory, which is on the same chip as the ACP and thus protected.

如上所述,成功的辨认使ACP启动或连续地启动用于存取的快速存储器的全部的或选定的块。失败则使得无法进行对快速存储器的存取。这样,和“死人窒息”相似,没有成功地完成辨认的任何失败将使得快速存储器的数据受到保护。此外,由用户发出的指令也可以使存取被禁止。而且,当第一次从断电情况下加上电源时,存取被封锁,从而保护存储器的内容直到第一次辨认被成功地完成为止。As noted above, successful recognition causes the ACP to enable or sequentially enable access to all or selected blocks of flash memory. A failure renders access to the flash memory impossible. Thus, similar to "dead man suffocation", any failure to successfully complete the identification will have the flash memory data protected. In addition, instructions issued by the user can also cause access to be prohibited. Furthermore, when power is first applied from a power-off condition, access is blocked, thereby protecting the contents of the memory until the first identification is successfully completed.

这样,如果存储卡或它的主处理器丢失、被窃、断电或无人管理,存储器的数据就被立即或是在当前周期的辨认结束之后马上被保护以不能存取。在被窃情况下,即使存储卡被打开并进行电子试探,或是存储器芯片被移走并放在另一装置中,存储器数据也可以受到保护以防止存取。Thus, if the memory card or its host processor is lost, stolen, powered off or left unattended, the data in the memory is protected from access immediately or immediately after the identification of the current cycle is complete. In the event of theft, even if the memory card is opened and electronically probed, or the memory chip is removed and placed in another device, the memory data can be protected from access.

本发明的上述目的和优点从下面结合附图的说明中将被更好地理解。其中:The above objects and advantages of the present invention will be better understood from the following description in conjunction with the accompanying drawings. in:

图1是本发明的含有存储卡的系统的总体方块图。FIG. 1 is an overall block diagram of a system including a memory card of the present invention.

图2是图1中的包括非易失存储器的存取控制处理器(ACP)的详图。FIG. 2 is a detailed diagram of the access control processor (ACP) of FIG. 1 including non-volatile memory.

图3是本发明图1的标准快速存储器的改型的详细方块图。FIG. 3 is a detailed block diagram of a modification of the standard flash memory of FIG. 1 according to the present invention.

图4和图5是本发明的存储卡进行各种辨认处理的流程图。4 and 5 are flow charts of various identification processes performed by the memory card of the present invention.

图1是安全便携式手持计算系统1的框图,它能用作个人计算机或作为事务处理器。系统1包括按照本发明构成的存储卡3,它通过总线102和主处理器5相连。主处理器5可以是掌上个人机的形式,例如由Hewlett—Packard制造的HP95LX。主处理器5包括液晶显示器(LCD)5—2、键盘5—4、微处理器5—6、存储器5—8以及串行接口5—10,它们全部连结于总线106。存储器5—8包括一个1兆字节只读存储器(ROM)和一个512K字节的随机存储器(RAM)。Figure 1 is a block diagram of a secure portable handheld computing system 1 that can be used as a personal computer or as a transaction processor. System 1 includes a memory card 3 constructed in accordance with the present invention, which is connected via bus 102 to host processor 5 . The main processor 5 may be in the form of a handheld personal computer, such as the HP95LX manufactured by Hewlett-Packard. The main processor 5 includes a liquid crystal display (LCD) 5-2, a keyboard 5-4, a microprocessor 5-6, a memory 5-8, and a serial interface 5-10, all of which are connected to the bus 106. Memories 5-8 include a 1 Mbyte read only memory (ROM) and a 512K byte random access memory (RAM).

存储卡3和主处理器5之间的连接通过标准总线接口建立。在最佳实施例中,总线102符合个人计算机存储卡国际协会(PCM-CIA)的标准。接口102提供通过标准接口芯片104和存储卡总线105在主处理器5和存储卡系统3之间传送地址、控制和数据信息的通路。总线102、105和106各自都包括数据总线、控制总线和地址总线并通过所有此类总线提供连续的信号通路。例如,总线105包括地址总线105a、数据总线105b和控制总线105c。The connection between the memory card 3 and the main processor 5 is established through a standard bus interface. In the preferred embodiment, bus 102 complies with the Personal Computer Memory Card International Association (PCM-CIA) standard. The interface 102 provides a path for transferring address, control and data information between the main processor 5 and the memory card system 3 through the standard interface chip 104 and the memory card bus 105 . Buses 102, 105 and 106 each include a data bus, a control bus and an address bus and provide a continuous signal path through all such buses. For example, the bus 105 includes an address bus 105a, a data bus 105b, and a control bus 105c.

PCMCIA总线标准已从在存储卡上支持盘模拟的标准发展到允许随机存取存储数据的另一完全不同和标准。本发明的存储卡借助于对随机存储位置的快速存取提供支持这一新标准的保护技术,而不用加密技术。通过控制把数据从存储阵列送到主机的数据通路,本发明的存储卡不用附加任何费时的缓冲、解密或其它的在这一通路中的串行处理,就可以保护数据。The PCMCIA bus standard has evolved from one that supports disk emulation on memory cards to another completely different standard that allows random access to stored data. The memory card of the present invention supports this new standard of protection by providing fast access to random storage locations without encryption. By controlling the data path that carries data from the storage array to the host, the memory card of the present invention protects data without adding any time-consuming buffering, decryption, or other serial processing in this path.

典型地说,用户从键盘5—4操作系统1来进行典型的操作,例如执行在显示器5—2上显示信息并更新在存储卡3中的文件中存储的信息的列表(spreadsheet)和数据库功能。主处理机5就通过总线102发出地址信息,以便检索信息,且如果需要就将其更新,并将它与必要的地址和控制信息一道将这一信息发回存储卡3。Typically, the user operates the operating system 1 from the keyboard 5-4 to perform typical operations, such as performing a spreadsheet and a database function of displaying information on the display 5-2 and updating information stored in a file in the memory card 3 . The host processor 5 then sends the address information over the bus 102 to retrieve the information, update it if necessary, and send this information back to the memory card 3 along with the necessary address and control information.

如图1所示,本发明的存储卡3包括和总线105相连的存取控制处理器(ACP)10,以及若干(n)个CMOS快速存储器芯片103a到103n,其每个都与总线105相连。ACP10一般和“智能卡”中使用的处理元件的类型相同。CMOS快速存储器103a到103n可采用In-tel公司制造的快速存储芯片的形式。例如,可以采用指定为Intel28F001BX 1M的Intel快速存储芯片的形式,它包括8个128K字节×8CMOS快速存储器。这样,一个4M的快速存储卡可以包括32个CMOS快速存储器。即“n”=32。As shown in Figure 1, the memory card 3 of the present invention comprises the access control processor (ACP) 10 that is connected with the bus 105, and several (n) CMOS fast memory chips 103a to 103n, each of which is connected with the bus 105 . ACP 10 is generally the same type of processing element used in a "smart card". The CMOS flash memories 103a to 103n may take the form of flash memory chips manufactured by In-tel Corporation. For example, it may be in the form of an Intel flash memory chip designated Intel28F001BX 1M, which includes eight 128K bytes x 8 CMOS flash memories. In this way, a 4M fast memory card can include 32 CMOS fast memories. That is, "n"=32.

图2是本发明最佳实施例的存取控制处理器(ACP)的方块图。如图所示,ACP10包括被保护的非易失存储器10—2、随机存储器(RAM)10—4、微处理器10—6、间隔计数器10—8以及与总线105相连的接口方块10—10。非易失存储器具有若干地址位置,其中存储着辨认信息和程序。更具体地说,存储位置10—2a存储一个或多个个人辨认数(PINs)、协议顺序或其它辨认信息,用来证实用户对系统的存取,并用来识别用户在除去用于再辨认所用的时间间隔值之外可以存取的在快速存储器103a到103n中的块。Figure 2 is a block diagram of the access control processor (ACP) of the preferred embodiment of the present invention. As shown, ACP 10 includes protected non-volatile memory 10-2, random access memory (RAM) 10-4, microprocessor 10-6, interval counter 10-8, and interface block 10-10 connected to bus 105 . Non-volatile memory has address locations where identifying information and programs are stored. More specifically, storage location 10-2a stores one or more personal identification numbers (PINs), protocol sequences, or other identifying information used to authenticate a user's access to the system and to Blocks in flash memory 103a to 103n that can be accessed outside of the time interval value of .

存储位置10—2b存储用来保护每个快速存储器103a到103n的键值或用来保护每个快速存储器103a到103n的每个块的代码。The storage location 10-2b stores a key value used to protect each flash memory 103a to 103n or a code used to protect each block of each flash memory 103a to 103n.

存储位置10—2c存储程序指令序列,用来进行所需的辨认操作,并用来清除系统,如果预置的失败条件满足的话。某些程序指令使用户控制间隔计数器10—8的设定,它在当发生用户再辨认时建立。再辨认间隔限定中断之间的时间,并用来对主机5发出需要使用户再输入PIN或其它口令来进行用户身份识别的中断。间隔计数10—8通过总线102接收来自主机5的时钟脉冲,并由用户根据其工作环境设置。例如,在家里,用户可以断开计时器(即把其置为最大值),或设定时间间隔为1小时。在飞机上,用户可以设定它为10分钟以加强保护。如此处所述,用户在每次电源接通时被提醒再检查这一间隔的设定,从而强制进行定期的再辨认,以确保安全。Memory location 10-2c stores a sequence of program instructions for performing the required identification operations and for clearing the system if preset failure conditions are met. Certain program instructions cause the user to control the setting of interval counter 10-8, which is established when user re-identification occurs. The re-identification interval defines the time between interrupts and is used to issue interrupts to the host 5 that require the user to re-enter a PIN or other password for user identification. The interval count 10-8 receives the clock pulse from the host computer 5 through the bus 102, and is set by the user according to his working environment. For example, at home, the user can turn off the timer (ie set it to the maximum value), or set the time interval to 1 hour. On an airplane, users can set it to 10 minutes for added protection. As described herein, the user is reminded to recheck the interval setting each time the power is turned on, thereby forcing periodic re-identification to ensure safety.

图3是快速存储器103a到103n的详细的方块图。只示出了存储器103a的详细的逻辑电路,因为103b到103n的结构和103a相同。FIG. 3 is a detailed block diagram of the flash memories 103a to 103n. Only the detailed logic circuit of memory 103a is shown because 103b to 103n have the same structure as 103a.

快速存储器103a基本上包括两部分,一部分含有本发明的安全存取控制电路,另一部分含有快速存储器的基本的或标准的逻辑电路。The flash memory 103a basically consists of two parts, one part contains the secure access control circuit of the present invention, and the other part contains the basic or standard logic circuit of the flash memory.

由图3可见,本发明的安全控制电路包括32位键寄存器、32位易失锁寄存器33、12位延迟计数器32、比较器电路39、全部为1(ONES)的检查信号电路38、非易失锁存储器35、一位非易失锁存储启动元件36、易失的存取控制存储器43、存取修正允许与门34以及输出或门45,其布置如图所示。将会注意到,这部分接收来自包括在基本逻辑部分中的指令寄存器50的由不同16进制值(例如31H到38H)表示的指令控制信号。这些信号表明通过数据总线105b由指令寄存器50从ACP10接收的指令组的不同数据值。这些指令对由快速存储器通常使用的指令组是一种重要的扩充。标准的快速存储器指令采用由28F001BX快速存储器利用的指令形式。这些指令在已经公开的由Intel公司出版的“存储器产品”中描述过,在此用作参考。本发明用的指令如表1所示。As can be seen from Fig. 3, the security control circuit of the present invention comprises 32 key registers, 32 volatile lock registers 33, 12 delay counters 32, comparator circuits 39, all check signal circuits 38 of 1 (ONES), non-volatile Unlock memory 35, one-bit non-volatile lock storage enabling element 36, volatile access control memory 43, access correction permission AND gate 34 and output OR gate 45 are arranged as shown in the figure. It will be noted that this part receives command control signals represented by different hexadecimal values (eg 31H to 38H) from the command register 50 included in the basic logic part. These signals indicate the various data values of the command set received from the ACP 10 by the command register 50 via the data bus 105b. These instructions are an important extension to the instruction set commonly used by flash memories. Standard flash memory instructions take the form of instructions utilized by the 28F001BX flash memory. These instructions are described in the already published "Memory Products" published by Intel Corporation, which is incorporated herein by reference. The instructions used in the present invention are shown in Table 1.

参看表1,所示的第一指令是装载锁存储器指令,它用来使随机数产生的锁值装进每个存储器103a到103n中的非易失锁存储器(LM)35中。每个存储器103a到103n可以具有不同的锁值或相同的锁值,由用户的安全需要而定。锁值通过键(K)寄存器31在1位的非易失存储元件36控制下装进LM35。表1的重置锁存储启动指令用于重置存储元件36。这防止了存储在LM35中的锁值被改变,因为存储元件36一旦被重置锁存储启动指令重置,就不能再被设置。LM35的非易失内容在接通电源时被传送到L寄存器33。将会注意到锁存储器35的位置和地点是由设计决定的。例如,存储器35可以作为对于存储阵列54的扩充来实现。Referring to Table 1, the first instruction shown is the Load Lock Memory instruction which is used to load the random number generated lock value into the non-volatile lock memory (LM) 35 in each memory 103a to 103n. Each memory 103a to 103n can have a different lock value or the same lock value, depending on the user's security needs. The lock value is loaded into LM35 under the control of 1-bit non-volatile storage element 36 through key (K) register 31 . The reset lock storage enable command of Table 1 is used to reset storage element 36 . This prevents the lock value stored in LM 35 from being changed, since storage element 36, once reset by the reset lock store enable command, cannot be set again. The nonvolatile contents of LM35 are transferred to L register 33 at power-on. It will be noted that the location and location of lock memory 35 is a matter of design. For example, memory 35 may be implemented as an extension to storage array 54 .

表1的装载键寄存器指令被用于装载键寄存器31并设置延迟计数器32。减少延迟计数器指令用来通过ACP对延迟计数器32的内容减1。允许读存储块和禁止读存储块指令由ACP10使用,以便在存取控制存储器43的装载期间允许或禁止对存储器阵列54的不同的存储块的存取。The load key register instruction of Table 1 is used to load the key register 31 and set the delay counter 32 . The Decrement Delay Counter instruction is used to decrement the content of the delay counter 32 by one through the ACP. The allow read memory block and disable read memory block instructions are used by the ACP 10 to allow or disable access to different memory blocks of the memory array 54 during loading of the access control memory 43 .

                                 表2     指    令 第一总线周期操作 地址数据 第二总线周期地址     数据 装载锁存储器重置锁存储启动装载键寄存器减小延迟计数器允许读存储块禁止读存储块     写写写写写写     31H33H32H35HMBA 34HMBA 38H     写无法用写无法用写写     无法用无法用键数据无法用MBAMBA Table 2 instruction First Bus Cycle Operation address data Second bus cycle address data Load Lock Memory Reset Lock Store Start Load Key Register Decrement Delay Counter Allow Reading Memory Blocks Disable Reading Memory Blocks write write write write write 31H33H32H35HMBA 34HMBA 38H write can't use write can't use write Unavailable Unavailable Key Data Unavailable MBAMBA

装载锁存储器(31H)Load lock memory (31H)

这一指令当并且只当锁存储启动36输出信号为TRUE时,才把键寄存器31的内容复制到非易失锁存储器35中。This instruction copies the contents of the key register 31 into the non-volatile lock memory 35 if and only if the lock store enable 36 output signal is TRUE.

重置锁存储启动(33H)Reset lock storage start (33H)

这一指令重置锁存储启动逻辑元件36,从而禁止装载或改变锁存储器35。This instruction resets the lock store enable logic element 36, thereby inhibiting the lock store 35 from being loaded or changed.

装载键寄存器(32H)Load key register (32H)

这一指令使键寄存器31的原有内容移动一个字节(从LSB向MSB)并把“键值”从ACP10装入键存储的LSB。This instruction shifts the original contents of key register 31 by one byte (LSB to MSB) and loads the "key value" from ACP 10 into the LSB of the key store.

此外,它把延迟计数器32设定为其最大值,即全部为1。Furthermore, it sets the delay counter 32 to its maximum value, ie all ones.

减小延迟计数器(35H)Decrease delay counter (35H)

这一指令使延迟计数器32的内容减1。延迟计数器必须等于零以允许对存储器阵列54的随后的读取。This instruction decrements the content of delay counter 32 by one. The delay counter must equal zero to allow subsequent reads to the memory array 54 .

允许读存储块(34H)Allow to read storage block (34H)

这一指令当并且仅当地址修正允许信号37为TRUE时才设置地地址控制存储器43中的相应于存储器块地址(MBA)的位。这允许对选定块的读存取。This instruction sets the bit in address control memory 43 corresponding to the memory block address (MBA) if and only if address modification enable signal 37 is TRUE. This allows read access to selected blocks.

禁止读存储块(38H)Prohibition of reading memory block (38H)

这一指令重置在地址控制存储器43中的相应于存储器块地址的位。This instruction resets the bit in the address control memory 43 corresponding to the address of the memory block.

详细地研究表1之后可以看出,表1也表示用于每个附加指令的总线周期操作。对于需要两个总线周期的每个指令在每个第一总线周期期间,指令寄存器50接收由ACP10产生的通过总线105的数据总线105a和输入缓冲器51发出的8位指令。指令寄存器50调整所选的逻辑元件,从而从数据总线105b接收在第二总线周期期间执行指令所需的信息。如图所示,第二总线周期被规定为无法用(N/A),因为重置锁存储启动和减少延迟计数器指令仅需一个周期。After examining Table 1 in detail, it can be seen that Table 1 also represents the bus cycle operations for each additional instruction. During each first bus cycle for each instruction requiring two bus cycles, instruction register 50 receives an 8-bit instruction issued by ACP 10 via data bus 105a of bus 105 and input buffer 51. The instruction register 50 conditions the selected logic elements to receive from the data bus 105b the information necessary to execute the instruction during the second bus cycle. As shown, the second bus cycle is specified as not available (N/A) because the Reset Lock Store Start and Decrement Latency Counter instructions only take one cycle.

在正常操作期间,K寄存器31用装载键寄存器指令用从存储位置10—2b收到的键值装载,并且延迟计数器被置为其最大值。延迟计数器32响应于由ACP10接收到的连续的减小延迟计数器指令,被全部减小到零,并产生零计数输出信号41,将它加到与门34的输入端。During normal operation, the K register 31 is loaded with the key value received from storage location 10-2b using the load key register instruction, and the delay counter is set to its maximum value. Delay counter 32 is decremented all the way to zero in response to successive decrement delay counter commands received by ACP 10 and produces a zero count output signal 41 which is applied to the input of AND gate 34 .

每个延迟计数器32限制当窃贼把芯片移出并将其放在“非法卡”上并给处理器或设备编程以重复试探猜测每个存储芯片的键入值时对快速存储器103a到103n进行存取试探的次数。换句话说,计数器32确保必须进行足够多的尝试才能非法进入快速存储器。选择键和延迟计数器的参数使得这种测试占用不合理的时间。Each delay counter 32 limits access attempts to flash memory 103a to 103n as the thief removes the chip and places it on an "illegal card" and programs the processor or device to repeatedly try to guess the keyed value of each memory chip times. In other words, the counter 32 ensures that enough attempts must be made to illegally access flash memory. The parameters of the choice key and delay counter make this test take an unreasonable amount of time.

更具体地说,键寄存器31存储大约4千兆(232)个不同的组合。在最佳实施例中,延迟计数器32是一个12位计数器。假定延迟计数器32每微秒减少1,在猜测键值时的每次试探将需要212次或4毫秒。ACP10知道正确的键值后,在首次建立时只发生4毫秒延迟。猜测键值的随机试探对于50%的成功概率将需要231次偿试。这将需要231×212毫秒或102天来猜测键值。这时间足能阻止大多数窃贼。当然,通过改变键和延迟计数器32的参数可以提供更长或较短的时间。More specifically, key register 31 stores approximately 4 gigabytes (2 32 ) of different combinations. In the preferred embodiment, delay counter 32 is a 12-bit counter. Assuming that the delay counter 32 is decremented by 1 every microsecond, each trial in guessing the key value will take 212 times or 4 milliseconds. After the ACP10 knows the correct key value, there is only a 4 millisecond delay when it is first established. A random trial to guess the key value would require 231 attempts for a 50% probability of success. It would take 2 31 × 2 12 milliseconds or 102 days to guess the key value. That's enough time to stop most burglars. Of course, longer or shorter times can be provided by varying the key and delay counter 32 parameters.

在本发明的存储卡被盗,并被放入“非法主机”中时,ACP10利用已知技术限制窃贼为猜测PIN而偿试的次数。这种技术可以包括锁住存取或者如果不正确的猜测次数的阈值被超过时就破坏数据。When the memory card of the present invention is stolen and put into an "illegal host", the ACP 10 utilizes known techniques to limit the number of attempts the thief makes to guess the PIN. Such techniques may include locking access or corrupting data if a threshold number of incorrect guesses is exceeded.

在快速存储器103a首次辨认操作期间,响应4个连续的装载键寄存器指令(即数据总线105b是一个字节宽的总线),键值被装进32位K寄存器31中。延迟计数器32被强制为其最大值(全部为1),并由ACP10在连续的第一总线周期发出减小延迟计数器指令来减少。当延迟计数器被减为零时,则发出零计数信号41,它被加在与门34的一个输入端。During the first identify operation of flash memory 103a, the key value is loaded into 32-bit K register 31 in response to four consecutive load key register commands (ie, data bus 105b is a one byte wide bus). The delay counter 32 is forced to its maximum value (all 1s) and decremented by the ACP 10 issuing a Decrease Delay Counter instruction on the first consecutive bus cycle. When the delay counter is decremented to zero, a zero count signal 41 is issued, which is applied to an input of AND gate 34 .

如果存储在K寄存器31中的键值等于存储在相应的L寄存器33中的锁值,则表示用户对主机5提供了正确的身份,然后比较逻辑39将比较相等信号42加到与门34的另一输入端。这便使与门34在其输出端产生存取改变允许信号37,它在ACP10的控制下启动对存取控制存储器43的写入。这又相应地允许对存储阵列54的读取。If the key value stored in the K register 31 is equal to the lock value stored in the corresponding L register 33, it means that the user provides correct identity to the host computer 5, and then the comparison logic 39 adds the comparison equal signal 42 to the AND gate 34. another input. This causes AND gate 34 to generate access change enable signal 37 at its output, which initiates writing to access control memory 43 under the control of ACP 10 . This in turn allows access to the storage array 54 .

存取控制存储器43的存储阵列54的每一块/组包括1位的易失存储。这些位作为快速存储器通电顺序的一部分被清为零。为了使数据从存储器103a中读出,相应于被寻址存储块的位必须为逻辑1。当并且仅当存取改变允许信号37是TRUE真时,这些位才由ACP10发出允许读存储块指令而被设置。Each block/group of memory array 54 of access control memory 43 includes 1 bit of volatile storage. These bits are cleared to zero as part of the fast memory power-up sequence. In order for data to be read from memory 103a, the bit corresponding to the addressed memory block must be a logic 1. These bits are set by the ACP 10 issuing the Allow Read Memory Block command if and only if the access change enable signal 37 is TRUE.

如表1所示,在允许读存储块指令的第二个总线周期期间,存储阵列54的被选定的存储块的三个高阶地址位通过地址总线105c被发出,并由数据总线105a向指令寄存器50重复发出十六进制的指令识别码。这导致在存取控制存储器43中的寻址位的位置被写为1。在最佳实施例中,允许读存储块指令序列被重复8次,因为存储阵列54由每块16K字节的8块构成。ACP10可以采用类似方式通过发出禁止读存储块指令序列来限制存取所选的块。As shown in Table 1, during the second bus cycle that allows the read memory block instruction, the three high-order address bits of the selected memory block of the memory array 54 are sent through the address bus 105c, and sent to the memory block by the data bus 105a. The instruction register 50 repeatedly issues the instruction identification code in hexadecimal. This results in a 1 being written to the addressed bit location in the access control memory 43 . In the preferred embodiment, the sequence of read memory block instructions is allowed to be repeated eight times since memory array 54 is formed of 8 blocks of 16K bytes each. ACP 10 can restrict access to selected blocks in a similar manner by issuing sequences of prohibit read memory block commands.

当存储阵列54的任一块的位置的内容被读出时,在每一快速存储读周期期间,本发明的存取控制存储器43的输出作为允许输入被送到输出缓冲器52。这就是说,可以发生读周期,然而,在没有合适的块存取控制存储门信号时,禁止通过输出缓冲器52读出数据。更具体地说,在最佳实施例的情况中,存取控制存储器43包括8个可单独寻址的位存储元件连接于每个存储元件的输入的3至8位地址译码器以及连接于每个存储元件的输出的1至8输出多路转换器电路。每个地址的三个高阶地址位被译码,并被用于为其内容要被改变的块选择存储元件。类似地,相同的三位被用来为含有被读出的快速存储器位置的块选择存储元件的输出。The output of the access control memory 43 of the present invention is sent to the output buffer 52 as an enable input during each fast memory read cycle when the contents of any block location of the memory array 54 is read. That is, a read cycle can occur, however, reading data through output buffer 52 is inhibited in the absence of an appropriate block access control memory gate signal. More specifically, in the case of the preferred embodiment, the access control memory 43 includes 8 individually addressable bit storage elements connected to the input of each storage element 3 to 8 bit address decoder and connected to 1 to 8 output multiplexer circuit for the output of each storage element. The three high-order address bits of each address are decoded and used to select storage elements for the block whose contents are to be changed. Similarly, the same three bits are used to select the output of the storage element for the block containing the flash memory location being read.

如果锁存储器35被完全抹掉,即全部为1,如L寄存器33的内容全部为1所表示的那样,则输出缓冲器52总是被允许的。这就是说,当锁寄存器33含有“全为1”时,便从全为1检测元件38向或门15发出信号用来启动输出缓冲器52。这将快速存储器103a置于非安全模式。这便使本发明所有的安全逻辑电路被旁路。因而,同样的快速存储芯片可用于安全的和非安全的应用,这导致降低成本。If the lock memory 35 is completely erased, ie all 1s, as indicated by the contents of the L register 33 being all 1s, then the output buffer 52 is always enabled. That is, when the lock register 33 contains "all ones", a signal is sent from the all ones detection element 38 to the OR gate 15 to enable the output buffer 52 . This puts the flash memory 103a in non-secure mode. This bypasses all of the safety logic of the present invention. Thus, the same flash memory chip can be used for secure and non-secure applications, which results in reduced costs.

如图3所示,快速存储基本逻辑电路包括存储阵列54、指令寄存器50、输入/输出逻辑电路60、地址锁存器56、写状态机61、清除电压系统62、输出多路转换器53、数据寄存器55、输入缓冲器51、输出缓冲器52和状态寄存器58,如图所示。如上所述的快速存储器103a的基本逻辑电路采取包括在由Intel公司制造的28F001BX的快速存储器中的电路形式。因为这种电路是常规的,它们将根据需要的程度进行说明。关于这种电路的其它信息,可以参考由Intel公司在1992年出版的名称为“存储器产品”、序列号为210830的出版物中3—109页到3—134页。如图3所示,快速存储器基本电路接收若干个输入信号(A0—A16)、地址、数据信号(D00—D07)以及控制信号(CE、WE、DE、PWD和VPP)。这些信号在表2中说明。As shown in Figure 3, the fast storage basic logic circuit includes a storage array 54, an instruction register 50, an input/output logic circuit 60, an address latch 56, a write state machine 61, a clear voltage system 62, an output multiplexer 53, Data register 55, input buffer 51, output buffer 52 and status register 58 are shown. The basic logic circuit of the flash memory 103a as described above takes the form of a circuit included in the flash memory of 28F001BX manufactured by Intel Corporation. Since such circuits are conventional, they will be described to the extent required. Additional information on this circuit can be found on pages 3-109 through 3-134 of publication entitled "Memory Products" Serial No. 210830, published by Intel Corporation in 1992. As shown in Figure 3, the flash memory basic circuit receives several input signals (A0-A16), addresses, data signals (D00-D07) and control signals (CE, WE, DE, PWD and VPP). These signals are described in Table 2.

表2.信号说明符号      名称和功能A0—A16   存储器地址的地址输入。Table 2. Signal Description Symbol Name and Function A0—A16 Address Input for Memory Address.

      在写周期内,地址在内部锁存D00—D07  数据输入/输出:在存储器写周期内输入数据和指  During the write cycle, the address is internally latched D00-D07 Data input/output: input data and pointers during the memory write cycle

      令;在存储和状态读周期内输出数据。当芯片未被选Command; output data during store and status read cycles. When the chip is not selected

      择或输出被禁止时,数据指针为高时有作用并浮向When the selection or output is disabled, the data pointer is active when it is high and floats to

      三态断。在写周期内,数据在内部被锁存。CE    芯片允许:启动装置的控制逻辑、输入缓冲区、译码Three-state break. During a write cycle, data is latched internally. The CE chip allows: control logic of the boot device, input buffer, decoding

  器和传感放大器。CE为低时有作用,CE为高时不amplifiers and sense amplifiers. It works when CE is low, but not when CE is high.

  选择存储器装置并减少功率消耗到备用水平。PWD   功率下降:将装置置为深功率下降模式。PWD为低Select memory devices and reduce power consumption to spare levels. PWD Power Down: Puts the device into deep power down mode. PWD is low

  时有作用;PWD为高时控制正常操作。PWD=It works when PWD is high; it controls normal operation when PWD is high. PWD =

  VHH允许存储块编程。PWD是低而起作用时,也VHH allows memory block programming. PWD is active when low and also

  锁住清除或写操作,以在电源转换期间提供数据保Latch clear or write operations to provide data protection during power transitions

  护。OE    输出允许:在读周期期间通过数据缓冲器控制装置protect. OE Output Enable: Controls the device through the data buffer during a read cycle

  的输出。OE为低时起作用。WE    写允许。控制对指令寄存器和阵列块的写。WE为低 Output. Active when OE is low. WE Write permission. Controls writing to instruction registers and array blocks. WE is low

  时起作用。地址和数据在WE脉冲的上升沿被锁works when . Address and data are latched on the rising edge of the WE pulse

  住。Vpp  清除/程序电源。用于清除阵列的块或每个块的编live. V pp Clear/Program Power. The block used to clear the array or the code for each block

  程字节。注意:当Vpp<VppMax时,存储器内容不program bytes. Note: When V pp < V pp Max, memory contents are not

  能改变。Can change.

如表2所示,芯片允许(CE),写允许处理器(WE)以及输出允许(OE)信号从主机5通过总线102和控制总线105b被加到指令寄存器50和I/O逻辑60,并被分开以控制专门的逻辑块。功率下降(PWD)信号也被加于指令寄存器50,以便使快速存储器完成表2规定的操作。这一信号可用于根据需要清除快速存储安全控制部分的易失存储元件,从而当正常操作再重新开始时迫使用户再辨认。As shown in Table 2, chip enable (CE), write enable processor (WE) and output enable (OE) signals are added to instruction register 50 and I/O logic 60 from host computer 5 through bus 102 and control bus 105b, and are separated to control dedicated logic blocks. A power down (PWD) signal is also applied to command register 50 to cause the flash memory to perform the operations specified in Table 2. This signal can be used to clear the volatile memory elements of the flash memory security control section as needed, thereby forcing user identification when normal operation resumes.

一般地,快速存储器的基本逻辑元件以下述方式操作。信息通过数据总线105a、输入缓冲器51和数据寄存器55存储在存储阵列54中,其地址位置是由地址逻辑56收到的来自地址总线105c的地址所规定的存储块之一的位置。信息从存储阵列54的块的特定地址位置读出,并通过输出多路传输器53、输出缓冲器52、数据总线105a和总线102送到主处理机5。状态寄存器58被用于存储写状态机的状态、错误挂起状态、清除状态、程序状态和Vpp状态。In general, the basic logic elements of flash memory operate in the following manner. Information is stored in memory array 54 via data bus 105a, input buffer 51 and data register 55 at the address location of one of the memory blocks specified by the address received by address logic 56 from address bus 105c. Information is read from specific address locations of blocks of memory array 54 and sent to host processor 5 via output multiplexer 53, output buffer 52, data bus 105a and bus 102. Status register 58 is used to store the state of the write state machine, error pending state, clear state, program state and V pp state.

写状态机61控制块清除并控制程序算法。程序/清除电压系统62随着Vpp值的变化用于清除存储阵列54的块或每个块的编程字节(即Vpp为高时,可以进行编程;如果Vpp为低时,存储器54作为只读存储器)。Write state machine 61 controls block clearing and controls program algorithms. The program/clear voltage system 62 is used to clear the blocks of the memory array 54 or the programming bytes of each block along with the variation of the V pp value (that is, when V pp is high, programming can be performed; if V pp is low, the memory 54 as read-only memory).

本发明的安全存储卡的操作参照图4和图5的流程图描述如下。在详细说明这种操作之前,首先说明与存储卡的制造、规格化和操作有关的步骤。The operation of the secure memory card of the present invention is described below with reference to the flowcharts of FIGS. 4 and 5 . Before explaining this operation in detail, the steps related to the manufacture, specification and operation of the memory card will be described first.

作为第一步,在制造卡时,ACP10为在存储卡上的每个存储芯片设定锁值。通过把键值装进图3的锁存储器做到这一点。这些值被存放在ACP的受保护的非易失存储器10—2(即图2中的键1—n)中。然后把锁存储允许元件36设定为零,以禁止再改变或读取锁存储器的内容。因为这些元件是非易失的,除非整个快速存储芯片被清除,它们不能被改变。As a first step, when the card is manufactured, the ACP 10 sets the lock value for each memory chip on the memory card. This is done by loading key values into the lock memory of Figure 3. These values are stored in the ACP's protected non-volatile memory 10-2 (ie keys 1-n in Figure 2). The lock store enable element 36 is then set to zero to inhibit further changing or reading of the contents of the lock store. Because these elements are nonvolatile, they cannot be changed unless the entire flash memory chip is erased.

作为第二步,在应用规格化时,因为写不受保护功能的影响,存储卡就可用其数据或应用软件装载。然后,ACP10利用与存储器的块结构以及对每一存储器的块所施加的保护程度有关的信息装载。As a second step, when normalization is applied, the memory card can be loaded with its data or application software since the write is not affected by the protection function. The ACP 10 is then loaded with information regarding the block structure of the memory and the degree of protection applied to each block of memory.

作为第三步,在用户规格化时,用户建立关于辨认方式和频率的参数以及所需的特定数据(例如个人识别码(PINS))。这些信息被存储在ACP的存储器中。As a third step, during user normalization, the user establishes parameters regarding the manner and frequency of identification as well as specific data required (eg Personal Identification Numbers (PINS)). This information is stored in the memory of the ACP.

作为第四步,在接通电源时,“键寄存器”、“存取改变允许”信号以及“存取控制存储器”被初始化,从而禁止存取数据或对存取控制存储器43写入。第一辨认对话被起动。As a fourth step, when the power is turned on, "key register", "access change permission" signal and "access control memory" are initialized, thereby prohibiting access to data or writing to the access control memory 43 . A first identification session is initiated.

在第一辨认对话时,ACP10使用其主机5的服务提醒用户并接收辨认信息。如果辨认没有成功,就不再进行操作;如果成功,每个存储芯片的键寄存器就用在ACP存储器中存储的值来装载。在这一操作期间,延迟计数器32在装载之后的一段时间周期内禁止芯片操作,从而使随机试探成为无效过程。键寄存器的装载使在每一芯片中的“存取改变允许”信号为TRUE。然后ACP10按照存储的信息配置来装载存取控制存储器,从而实现存取。During the first identification session, the ACP 10 uses the services of its host 5 to alert the user and receive identification information. If the identification is not successful, no more operations are performed; if successful, the key register of each memory chip is loaded with the value stored in the ACP memory. During this operation, delay counter 32 disables chip operation for a period of time after loading, thereby rendering random probing an ineffective process. Loading of the key register causes the "Access Change Enable" signal to be TRUE in each chip. The ACP 10 then loads the access control memory according to the stored information configuration, thereby enabling access.

作为第六步,在以后按照用户的配置定期地执行辨认对话时,ACP10进行附加的用户辨认(再辨认)。在失败情况下,ACP10迫使全部存储芯片为通电状态,从而借助于清除存取控制存储43并清除键寄存器31的内容禁止对存储器中数据的任何存取。现在参照图4和图5,说明图1的系统的操作。As a sixth step, the ACP 10 performs additional user identification (re-identification) when the identification session is periodically performed in accordance with the user's configuration thereafter. In the event of a failure, the ACP 10 forces all memory chips to a powered state, thereby prohibiting any access to data in the memory by clearing the access control store 43 and clearing the contents of the key register 31 . Referring now to FIGS. 4 and 5, the operation of the system of FIG. 1 will be described.

图4以方块图的形式表明各种操作模式。块402和401表示两个起动条件。在块402中,用户在预先加有电源的主机5中插入存储卡3。在块401,用户对已安有存储卡3的主机5通电。Figure 4 illustrates the various modes of operation in block diagram form. Blocks 402 and 401 represent two start conditions. In block 402, the user inserts the memory card 3 in the host computer 5, which is pre-powered. In block 401, the user powers on the host 5 with the memory card 3 installed.

在上述每个启动操作中,在块402期间,ACP10及其接口以常规方式被初始化,块403清除全部“n”个K寄存器31和“n”个存取控制存储器43,作为快速存储器103a到103n内部初始化序列的一部分。这便阻止了任何数据从存储器103a到103n中被读出,因为在每个存储器中的输出缓冲器52是禁止的。作为通电的结果,锁值从各个LMs35被装进“n”个L寄存器33。In each of the start-up operations described above, during block 402, the ACP 10 and its interfaces are initialized in a conventional manner, and block 403 clears all "n" K registers 31 and "n" access control stores 43 as flash memories 103a to Part of the 103n's internal initialization sequence. This prevents any data from being read from the memories 103a to 103n because the output buffer 52 in each memory is disabled. As a result of power-up, the lock value is loaded into "n" L registers 33 from the respective LMs 35 .

此时,在块404,ACP10向主机5发出中断信号,主机5通过请求来自用户的PIN或其它辨认信息作出响应。在块405,ACP10由存储在存储位置10—2a中的程序检查PIN或其它识别信息和存储在存储位置10—2a中的信息是否一致。如果不一致,决定块406就计数一次错误,并且ACP10转向块404以重复试验。如果试验失败达到了预置的次数,决定块406就转向块407,使ACP10锁住或破坏存储器103a到103n的内容。At this point, at block 404, the ACP 10 issues an interrupt signal to the host 5, which responds by requesting a PIN or other identifying information from the user. At block 405, the ACP 10 checks, by the program stored in the storage location 10-2a, whether the PIN or other identification information matches the information stored in the storage location 10-2a. If not, decision block 406 counts an error, and ACP 10 turns to block 404 to repeat the trial. If the preset number of test failures is reached, decision block 406 turns to block 407 to cause ACP 10 to lock or destroy the contents of memory 103a to 103n.

如果在决定块106中存在表明辨认成功的匹配,则随后在块408中,ACP10通过装载键寄存器指令用合适的键值从存储位置10—2b装载每个K寄存器31。块409也重复地减少延迟计数器32的内容,发出连续的减小延迟计数器指令,使其减少为二进制的零,从而产生图3中的零计数信号41。If in decision block 106 there is a match indicating successful recognition, then in block 408, ACP 10 loads each K register 31 with the appropriate key value from storage location 10-2b by a load key register instruction. Block 409 also repeatedly decrements the contents of delay counter 32, issuing successive decrement delay counter instructions to binary zeros, thereby generating zero count signal 41 in FIG.

在块410中,用允许读存储器组指令的信息装载每个存取控制存储器43的位置,从而允许存取所选的相应的快速存储器103a到103n中的块。In block 410, each access control memory 43 location is loaded with information allowing a read memory bank instruction, thereby allowing access to the selected corresponding block in flash memory 103a to 103n.

在块411,ACP10在请求用户再辨认之前,等待由间隔计数器10—8发出的并存储在存储器位置10—2a中的信息所建立的预置时间间隔的结束。然后,在块412,ACP10中断主机5,以便请求用户重新输入PIN或其它要求的识别。At block 411, the ACP 10 waits for the end of the preset time interval established by the information issued by interval counter 10-8 and stored in memory location 10-2a before requesting user re-identification. Then, at block 412, the ACP 10 interrupts the host 5 to request the user to re-enter the PIN or other required identification.

决定块413核查PIN或从主机5收到的其它信息是否与存储在存储位置10—2a中的信息一致,并记录间隔计时器10—8的输出。用户一般有30秒的预置时间间隔,在这间隔内使辨认信息进入主机5。虽然时钟在运行,但如果决定块413测试失败,则块414将其作为一次错误记录下来。与此同时,它检查是否收到错误的最大次数,并转向重复块412和413。如果错误数等于最大次数,那么在块415中,APC10借助于连续加载键寄存器指令来清除快速存储器K寄存器31,并用连续禁止读存储器指令清除存取控制存储器43。然后,块415转向块404,从而允许进行新的“第一辨认”操作。Decision block 413 checks whether the PIN or other information received from host 5 matches the information stored in memory location 10-2a and records the output of interval timer 10-8. The user generally has a preset time interval of 30 seconds, during which the identification information is entered into the host computer 5 . Although the clock is running, if the decision block 413 test fails, then block 414 records it as an error. At the same time, it checks for the maximum number of errors received and turns to repeat blocks 412 and 413. If the number of errors is equal to the maximum number of times, then in block 415 the APC 10 clears the flash memory K register 31 with successive load key register instructions and clears the access control memory 43 with successive disable read memory instructions. Block 415 then branches to block 404, allowing a new "first identify" operation.

如果在块413中的试验成功,则K寄存器31保持不变(即保持以前由ACP加载的键值),并允许用户继续操作系统1。在30秒已过去而决定块413没有收到PIN或其它信息的情况下,ACP10则如前一样清除K寄存器31和存取控制存储器43。If the test in block 413 is successful, the K register 31 remains unchanged (ie retains the key previously loaded by the ACP) and the user is allowed to continue with the operating system 1 . In the event that 30 seconds have elapsed without a PIN or other message being received at decision block 413, ACP 10 then clears K register 31 and access control memory 43 as before.

图5是说明主机5如何响应来自APC10的中断请求以便响应图4的块404和412而进行辨认。如图所示,决定块501等待来自ACP10的请求用户再输入PIN或其它信息的中断。决定块501当收到来自块404或412的中断时,就转向块502。块502在主机显示器5—2上显示对于PIN或其它信息的请求。块503接收来自键盘的信息以及块504中断ACP10。块5则把PIN送至ACP10。FIG. 5 illustrates how the host 5 responds to an interrupt request from the APC 10 to recognize in response to blocks 404 and 412 of FIG. 4 . As shown, decision block 501 waits for an interrupt from ACP 10 requesting the user to re-enter a PIN or other information. Decision block 501 branches to block 502 when an interrupt from block 404 or 412 is received. Block 502 displays a request for a PIN or other information on the host display 5-2. Block 503 receives information from the keyboard and block 504 interrupts ACP10. Block 5 sends the PIN to ACP10.

本领域的技术人员可以理解,对本发明的实施例可以作出各种改型而不脱离其构思。例如,本发明可以使用不同类型的非易失存储器和不同的接口等。Those skilled in the art can understand that various modifications can be made to the embodiments of the present invention without departing from the concept thereof. For example, the present invention can use different types of non-volatile memory and different interfaces, etc.

虽然按照结构和状态说明了本发明的最好的形式,但是可以作出某些变化而不脱离本发明权利要求中所提出的本发明的构思,并且在某些情况下,本发明的某些特点可被有利地使用。While the best form of the invention has been described in terms of construction and configuration, certain changes may be made without departing from the concept of the invention as set forth in the claims and, in some cases, certain features of the invention can be used advantageously.

Claims (26)

1. safe memory card that is used for portable principal computer, described storage card comprises:
Be used for transmitting and from the connected microprocessor of described main frame receiver address, data and control information, and described microprocessor comprises to described main frame:
Addressable nonvolatile memory is used for storing the information that comprises a plurality of key assignments and configuration information;
With the internal bus that described microprocessor links to each other, be used for transfer address, data and control information, these information limit the operation that described card will carry out; And
The addressable memory that at least one is non-volatile, link to each other with described bus together with described microprocessor, be used for receiving described address, data and control information, described storer comprises nonvolatile memory part and security control part, described storage area contains the storage array of forming by some, each piece has a plurality of addressable unit, and control logic device, be used for carrying out described storage operation, and described security control partly is connected to described internal bus, described control logic device and described storage array, and described security control partly comprises:
A plurality of non-volatile and volatile memory devices, be used for storing at least one described key assignments with described relevant configuration information; And,
The access control logic device, it links to each other with described control logic device, described memory storage, described access control logic device is only handled in the definite predetermined identification of described microprocessor and is finished with described principal computer, thereby and started described access control logic device and allow from described storage array to read after the described information according to described configuration information, just permission is read by described configuration information and is stored in the institute's canned data that is addressed in the piece described in the described storage array.
2. storage card as claimed in claim 1, wherein said microprocessor and described nonvolatile memory are included on the semi-conductor chip.
3. storage card as claimed in claim 1, wherein said card also comprises interface circuit device, and it is connected to described principal computer to described linking, and wherein said interface circuit device and described microprocessor are included on the same semi-conductor chip.
4. storage card as claimed in claim 1, wherein said nonvolatile memory and described Nonvolatile memory device are short-access storages.
5. storage card as claimed in claim 1, one of them described Nonvolatile memory device is a kind of lock memory, be used for storing and a described corresponding drop lock of key assignments, second of described non-volatile device is one and latchs storage permission element, it links to each other with described lock memory, described lock memory is loaded with described drop lock at first, and the described storage permission element that latchs converts the state of forbidding revising described drop lock under the control of described microprocessor.
6. storage card as claimed in claim 2, the storage of wherein said drop lock and described conversion of latching storage permission element occur in during the initial manufacturing of described storage card.
7. storage card as claimed in claim 5, one of wherein said volatile memory device is addressable access control storer, it has a plurality of positions that quantitatively are equivalent to piece number described in the described storage array, be used for storing described configuration information, described access control storer is connected in described internal bus and described access control logic device, thereby described access control storer only described microprocessor determined described predetermined identification handle successfully finished first by described principal computer make that described access control logic device allows described access control storage after, just under the control of described microprocessor, be loaded.
8. storage card as claimed in claim 7, drop lock in the described lock memory of wherein said threading all is 1, and wherein said security control part also comprises complete 1 detector circuit, it links to each other with described lock memory, the response of described detector circuit is described to be that 1 drop lock produces a signal entirely, this signal is the described security control part of bypass effectively, makes described nonvolatile memory as not operating when described security control control section has not existed.
9. storage card as claimed in claim 7 is wherein connected for the first time with described main computer communication the time when described storage card, at first carries out described predetermined identification and handles.
10. storage card as claimed in claim 9, wherein said access control device comprises that continuous being used for receives the lock register from the described drop lock of described lock memory, comparator circuit, be used for storing the key register that sends the key assignments of described key register by described microprocessor to, be used for storing the counting of determining predetermined time interval delay counter and with described access control storer, the door gear that described comparer links to each other with described delay counter, described comparator circuit is connected to described lock and key register and described door gear, and described door gear links to each other with described delay counter, be used for responding described comparator circuit and produce access modification permission signal, described comparator circuit is when described delay counter has sent signal that described predetermined time interval finishes, send the homogeneity comparison signal between the described lock code value of putting into described lock register, described access is revised and is allowed signal to adjust described access control storer, so that load described configuration information.
11. as the storage card of claim 10, wherein said control logic device comprises and is used for responding by described microprocessor used predetermined instruction group when the operation of the described security control part of each memory chip of control, produces the circuit of command signal.
12. storage card as claim 11, first group of described predetermined instruction that wherein said control logic device response is produced by microprocessor, generation is used for described lock code value is put into first signal of described lock memory, and described first array predetermined sets of instructions produces during the initial manufacturing of described card.
13. storage card as claim 12, second group of described predetermined instruction that wherein said control logic device response is produced by described microprocessor, produce secondary signal, be used for making and describedly latch storage and allow element to be converted to the described drop lock that is stored in the described lock memory is forbidden described reading or the predetermined state of described modification.
14. storage card as claim 12, the 3rd group of described predetermined instruction that wherein said control logic device response is produced by described microprocessor, produce the 3rd signal, being used for a predetermined described key-value pair key memory loads, and described the 3rd group of predetermined instruction has only when described microprocessor have been determined just to be produced by described microprocessor after described predetermined identification processing is successfully finished.
15. storage card as claim 14, wherein to force described delay counter simultaneously be a predetermined count value to described the 3rd signal that is produced by described control logic device, be used for setting up the beginning of described predetermined time interval, and wherein said control logic device response makes described predetermined count value subtract 1 by each the 4th group of described predetermined instruction that described microprocessor produces, after the 4th group of described array predetermined sets of instructions was performed a predetermined quantity, described delay counter sent the signal that the described time interval finishes.
16. storage card as claim 11, several the 5th and the 6th described array predetermined sets of instructions that wherein said control logic device response is sent by described microprocessor, produce the 5th, the 6th signal, be used for according to described configuration information, be provided with and be reset at the position in the described access control storer, thereby which piece in determining described allows sense information.
17. one kind can be installed in the portable principal computer, thus the safe memory card of communicating by letter with described principal computer realization, and described storage card comprises:
Be contained in the microprocessor on the single semiconductor chip, be used for transmitting and from the connected microprocessor of described main frame receiver address, data and control information, described microprocessor comprises to described main frame:
Addressable nonvolatile memory is used to store and comprises and be used for limiting a plurality of key assignments that the user carries out access to the memory block, and limits the memory configurations information that can read a described memory block;
Internal bus is used for transmitting address, data and the control information of the storage operation that qualification finished by described card; And
At least one non-volatile addressable memory links to each other with described internal bus together with described microprocessor, be used for receiving described address, data and control information, described storage chip comprises storage area and security, described storage area contains the non-volatile memory array, it has data output end, and form by some, each piece has a plurality of addressable positions, and control logic device, be used for carrying out described storage operation, described security and described internal bus, described control logic device and the output of described data link to each other, and described security comprises:
With the non-volatile lock memory that described internal bus interrelates, be used for first the reception and the drop lock of being scheduled to that one of storage for good and all and described some key assignments are consistent;
The access control logic device, it links to each other with described control logic device and described lock memory, and selected one that is used in detecting the described key assignments of being delivered to described internal bus by described microprocessor produces the permission signal when conforming to described pre-lock code value; And,
Addressable easy mistake access control storer, it has quantitatively the corresponding a plurality of positions of described number with described storage array, be used for the described memory configurations information of reading accessibility of area definition, described access control storer and described control logic device, described storage array data output, described internal bus and described access control logic device link to each other, thereby described access control logic device has only successfully been finished predetermined identification processing and has been transmitted a described predetermined described storage key code at the definite described principal computer of described microprocessor and made described access control logic device generation be added on the described permission signal of described data output, after thereby output allows to read to the data that limited by described access control memory configurations information, just allow to read the information in the piece that is addressed in described that is stored in the described storage array that limits by described memory configurations information.
18. a safe memory card that comprises several non-volatile memory chips, each storage chip comprises the storage array of being made up of the piece of addressable point, has the ability by some pattern operations, and described card comprises:
Be used for storing the lock memory of drop lock;
Be used for producing the control device of first and second instructions and predetermined key assignments;
The key register that also can respond described first instruction that links to each other with described control device is used for storing described predetermined key assignments;
The comparer that links to each other with described lock memory and described key memory, when described drop lock was equal with described predetermined key assignments, described comparer produced a comparison signal;
That link to each other with described generation device and described first instruction responded to be used for setting its count value be peaked delay counter, and when described delay counter has reduced to zero.The second continuous instruction sequence of its response produces the count value of zero signal;
With the logic circuit apparatus that described comparer and described delay counter link to each other, described logic circuit apparatus responds described comparison signal and described zero count signal, produces access and revises the permission signal;
Described control device is used for producing the 3rd instruction, first address signal and address signal in succession and is used for discerning respectively first described and piece in succession; And,
The access control memory storage, link to each other with described control device with described logical unit, described access control memory storage responds the indication that described access storage allows signal, described address signal and described the 3rd instruction to be used for storing to show a described piece and described in succession piece to be allowed to read.
19. as the system of claim 18, wherein said predetermined value and maximal value are selected enough big, prevent to be accessed in easily the described information of storing in the described nonvolatile memory when making in described storage card is placed in undelegated principal computer.
20. as the card of claim 18, wherein said control device comprises microprocessor, it links to each other with described storer, recognizes when operation when successfully finishing first user, and its produces described first, second and the 3rd instruction.
21. as the card of claim 20, wherein said first instruction is the load key instruction, described second instruction is to reduce instruction, and described the 3rd instruction is to read to allow block instruction.
22. card as claimed in claim 18, wherein said storer also comprises CCE, be used for to predetermined instruction group decoding, make the described capable normal storage operation that sticks into, described CCE comprises the device that additional instruction group is deciphered, described additional instruction group comprises the described the first, the second and the 3rd instruction, thereby provides security for the information that is stored in the described storer.
23. one kind is used to constitute the method that can be contained in the safe memory card in the principal computer, described safe memory card comprises some non-volatile memory chips, each storage chip comprises that described method comprises the following steps: by the piece storage array that constitutes and the control logic circuit that is used to produce the command signal of carrying out storage operation of addressable point
(a) microprocessor is added in the described card, when handle is installed in the principal computer, it links to each other with principal computer and communicates, described microprocessor comprises addressable nonvolatile memory, is used for storing comprising and being used to limit the user to the information of a plurality of key assignments of the accessibility of memory block and limit store configuration information to the accessibility of described memory block;
(b) safety logic circuit of in each non-volatile memory chip, packing into, described safety logic circuit comprises and is used for the non-volatile lock memory of storing predetermined drop lock, the access control logic device that links to each other with described lock memory and addressable easy mistake access control storer, it has quantitatively and the described corresponding a plurality of positions of number, but is used for according to described configuration information storage access bit information;
(c) described microprocessor and the interconnection of each storage chip, so that to each storage chip transfer address, data and control information;
(d) revise described control logic circuit, make its response be used to operate a plurality of instructions of described safety logic circuit;
(e) recognize operation with described principal computer by the user that described microprocessor begins to set up in advance; And
(f) have only when the operation of the identification in step (c) has successfully been finished, just send special instruction in some the described instructions of described each chip to by means of described microprocessor, thereby but the described information that allows to be stored in the different masses be read out according to the described access bit information of in described access control storer, storing.
24. as the method for claim 23, wherein said microprocessor nonvolatile memory has several parts, and wherein also comprises the step that described key assignments is produced random value in the step (a), and described key assignments is put into first part of described several portions.
25. method as claim 24, wherein said microprocessor also comprises the interval counter that links to each other with described microprocessor nonvolatile memory, and wherein step (a) also comprises generation user select time at interval also the step of putting into described interval counter corresponding to the time interval value of described user's selection, and wherein said method also comprises the following steps:
(g) in the time interval that described user selects, the user who starts termly in the described step (e) recognizes operation; And,
(h) as long as the described identification in the step (b) is operated successfully to be finished, but the described information that just continues to allow to be stored in described according to described access bit information is read out.
26. method of making safe memory card, described safe memory card comprises some non-volatile memory chips, be used for storing a large amount of information, each storage chip comprises the storage array of being made up of the piece of addressable position and is used to produce command signal so that carry out the control logic circuit of storage operation that described method comprises the following steps:
(a) microprocessor of in described card, packing into, described microprocessor comprises addressable nonvolatile memory, be used for storing comprise limit the user memory block is carried out access several key assignments information and limit the store configuration information that access is carried out in described memory block;
(b) safety logic circuit of in each non-volatile memory chip, packing into, described safety logic circuit comprises and is used for the non-volatile lock memory of storing predetermined drop lock, the access control logic device that links to each other with described lock memory and addressable easy mistake access control storer, it has quantitatively and the described corresponding a plurality of positions of number, but is used for according to described configuration information storage user access bit information;
(c) described microprocessor and the interconnection of each storage chip, thereby to described each storage chip transfer address, data and control information; And
(d) change described control logic circuit; a plurality of instructions of packing into; be used to operate described safety logic circuit; as the expansion of one group that provides by described control logic circuit general instruction, make described safety logic circuit when described storage card is taken away, protect the described information that described plurality of chips, comprises to be read out in undelegated mode thus at described chip.
CN 94192020 1994-03-07 1994-03-07 a secure memory card Expired - Fee Related CN1129098C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 94192020 CN1129098C (en) 1994-03-07 1994-03-07 a secure memory card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 94192020 CN1129098C (en) 1994-03-07 1994-03-07 a secure memory card

Publications (2)

Publication Number Publication Date
CN1122634A true CN1122634A (en) 1996-05-15
CN1129098C CN1129098C (en) 2003-11-26

Family

ID=5039543

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 94192020 Expired - Fee Related CN1129098C (en) 1994-03-07 1994-03-07 a secure memory card

Country Status (1)

Country Link
CN (1) CN1129098C (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1332289C (en) * 2004-06-14 2007-08-15 张毅 Multimedia memory card

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ES2354835T3 (en) * 2005-09-08 2011-03-18 Cardlab Aps DYNAMIC TRANSACTIONS CARD AND PROCEDURE FOR WRITING INFORMATION IN THE SAME.

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1332289C (en) * 2004-06-14 2007-08-15 张毅 Multimedia memory card

Also Published As

Publication number Publication date
CN1129098C (en) 2003-11-26

Similar Documents

Publication Publication Date Title
CN1082215C (en) A secure memory card with program-controlled security access control
US5293424A (en) Secure memory card
CN1053509C (en) A secure application card for sharing application data and procedures among a plurality of microprocessors
US9117095B2 (en) Data security for digital data storage
US7065654B1 (en) Secure execution box
US20080192928A1 (en) Portable Electronic Storage Devices with Hardware Security Based on Advanced Encryption Standard
US6832317B1 (en) Personal computer security mechanism
US9098440B2 (en) Secure compact flash
US20100088527A1 (en) Memory protection system and method
US6823451B1 (en) Integrated circuit for security and manageability
US20070297606A1 (en) Multiple key security and method for electronic devices
EP1428095A2 (en) External locking mechanism for personal computer memory locations
US20030028781A1 (en) Mechanism for closing back door access mechanisms in personal computer systems
US6968460B1 (en) Cryptographic randomness register for computer system security
US11157181B2 (en) Card activation device and methods for authenticating and activating a data storage device by using a card activation device
US7043581B1 (en) Resource sequester mechanism
US7216362B1 (en) Enhanced security and manageability using secure storage in a personal computer system
CN106295362B (en) A kind of chip self-destroying device and method
CN1122634A (en) a secure memory card
WO1995024698A1 (en) A secure memory card
KR100232086B1 (en) Security memory card
US20060282683A1 (en) Flash array read, erase, and program security

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20031126

Termination date: 20110307