会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明申请
    • Apparatus and method for partitioning, sandboxing and protecting external memories
    • 用于分割,沙箱和保护外部存储器的装置和方法
    • US20110191562A1
    • 2011-08-04
    • US12714367
    • 2010-02-26
    • Paul ChouLove KothariLawrence J. Madar, IIIRavi Sreenivasa SettyDharmvir Singh
    • Paul ChouLove KothariLawrence J. Madar, IIIRavi Sreenivasa SettyDharmvir Singh
    • G06F12/14G06F12/06
    • G06F12/06G06F12/14
    • A technique to provide an integrated circuit that performs memory partitioning to partition a memory into a plurality of regions, in which the memory is accessed by a plurality of heterogeneous processing devices that operate to access the memory. The integrated circuit also assigns a security level for each region of the memory and permits a memory access by a transaction to a particular region of the memory, only when a level of security assigned to the transaction meets or exceeds the assigned security level for the particular region. The integrated circuit also performs sandboxing by assigning which of the plurality of processing devices are permitted access to each of the plurality of regions. The integrated circuit may implement only the security level function or only the sandboxing function, or the integrated circuit may implement them both. In some instances, a scrambling/descrambling function is included to scramble/descramble data. In one application, the integrated circuit is included within a mobile phone.
    • 一种提供集成电路的技术,其执行存储器分区以将存储器分割成多个区域,其中存储器被操作以访问存储器的多个异构处理设备访问。 集成电路还为存储器的每个区域分配安全级别,并且仅当分配给事务的安全级满足或超过特定的分配的安全级别时才允许通过存储器的特定区域的事务的存储器访问 地区。 集成电路还通过分配多个处理设备中的哪一个被允许访问多个区域中的每一个来执行沙箱。 集成电路只能实现安全级别功能或仅实施沙盒功能,或者集成电路可以实现它们。 在一些情况下,加扰/解扰功能被包括以加扰/解扰数据。 在一个应用中,集成电路被包括在移动电话中。
    • 2. 发明授权
    • Apparatus and method for providing hardware security
    • 提供硬件安全性的装置和方法
    • US08826039B2
    • 2014-09-02
    • US12714383
    • 2010-02-26
    • Paul ChouLove KothariLawrence J. Madar, III
    • Paul ChouLove KothariLawrence J. Madar, III
    • G06F12/14
    • G06F21/72G06F12/14
    • A technique to provide a hardware security module that provides a secure boundary for retention of a secure key within the secure boundary and prevention of unauthorized accesses from external sources outside of the secure boundary to obtain the secure key. The hardware security module includes a security processor to unwrap and authenticate a secure key within the secure boundary to decrypt or encrypt data and to provide data through a single interface that communicates with external sources, so that all data transfers between the secure boundary, formed by the hardware security module, and external sources are transferred only through the interface. The hardware security module ensures no unwrapped key leaves the secure boundary established by the hardware security module.
    • 一种提供硬件安全模块的技术,其提供用于将安全密钥保持在安全边界内的安全边界,并防止从安全边界外部的外部源的未经授权的访问以获得安全密钥。 硬件安全模块包括一个安全处理器,用于对安全边界内的安全密钥进行解包和认证,以对数据进行解密或加密,并通过与外部源通信的单一接口提供数据,从而在安全边界之间传输所有数据,由 硬件安全模块和外部源仅通过接口传输。 硬件安全模块确保没有解开的密钥离开硬件安全模块建立的安全边界。
    • 3. 发明申请
    • Apparatus and method for providing hardware security
    • 提供硬件安全性的装置和方法
    • US20110191599A1
    • 2011-08-04
    • US12714383
    • 2010-02-26
    • Paul ChouLove KothariLawrence J. Madar, III
    • Paul ChouLove KothariLawrence J. Madar, III
    • G06F12/14
    • G06F21/72G06F12/14
    • A technique to provide a hardware security module that provides a secure boundary for retention of a secure key within the secure boundary and prevention of unauthorized accesses from external sources outside of the secure boundary to obtain the secure key. The hardware security module includes a security processor to unwrap and authenticate a secure key within the secure boundary to decrypt or encrypt data and to provide data through a single interface that communicates with external sources, so that all data transfers between the secure boundary, formed by the hardware security module, and external sources are transferred only through the interface. The hardware security module ensures no unwrapped key leaves the secure boundary established by the hardware security module.
    • 一种提供硬件安全模块的技术,其提供用于将安全密钥保持在安全边界内的安全边界,并防止从安全边界外部的外部源的未经授权的访问以获得安全密钥。 硬件安全模块包括一个安全处理器,用于对安全边界内的安全密钥进行解包和认证,以对数据进行解密或加密,并通过与外部源通信的单一接口提供数据,从而在安全边界之间传输所有数据,由 硬件安全模块和外部源仅通过接口传输。 硬件安全模块确保没有解开的密钥离开硬件安全模块建立的安全边界。
    • 4. 发明申请
    • METHOD AND SYSTEM FOR HARDWARE ENFORCED VIRTUALIZATION IN AN INTEGRATED CIRCUIT
    • 在集成电路中硬件实现虚拟化的方法和系统
    • US20110067110A1
    • 2011-03-17
    • US12559154
    • 2009-09-14
    • John MarkeyLove KothariPaul Chou
    • John MarkeyLove KothariPaul Chou
    • G06F21/20G06F9/00
    • G06F21/575G06F21/74G06F2221/2105
    • Aspects of a method and system for hardware enforced virtualization in an integrated circuit are provided. In this regard, a mode of operation of an integrated circuit may be controlled such that the integrated circuit alternates between a secure mode of operation and an open mode of operation. Various resources of the integrated circuit may be designated as open or secure, and secure resources may be made inaccessible while the integrated circuit operates in the open mode. Access to the secure resources may be controlled based on a configuration of one or more registers and/or switching elements. Resources designated as secure may comprise, for example, a one-time-programmable memory. The integrated circuit may comprise ROM and/or one-time-programmable memory that stores one or more instructions, wherein execution of the one or more instructions may control transitions between the secure mode and the open mode.
    • 提供了集成电路中用于硬件强制虚拟化的方法和系统的方面。 在这方面,可以控制集成电路的操作模式,使得集成电路在安全操作模式和开放操作模式之间交替。 集成电路的各种资源可以被指定为开放的或安全的,并且当集成电路在开放模式下操作时,可以使安全的资源变得不可访问。 可以基于一个或多个寄存器和/或开关元件的配置来控制对安全资源的访问。 指定为安全的资源可以包括例如一次性可编程存储器。 集成电路可以包括存储一个或多个指令的ROM和/或一次可编程存储器,其中一个或多个指令的执行可以控制安全模式和打开模式之间的转换。
    • 5. 发明申请
    • METHOD AND SYSTEM FOR SECURELY PROTECTING A SEMICONDUCTOR CHIP WITHOUT COMPROMISING TEST AND DEBUG CAPABILITIES
    • 在不影响测试和调试能力的情况下安全地保护半导体芯片的方法和系统
    • US20110066835A1
    • 2011-03-17
    • US12559242
    • 2009-09-14
    • Love KothariPaul ChouJohn Markey
    • Love KothariPaul ChouJohn Markey
    • G06F15/177
    • G06F21/33G06F11/3648
    • A semiconductor chip may be operable to block the debug interfaces when the semiconductor chip boots up from the boot read-only memory (ROM). The semiconductor chip may be operable to authenticate a debug certificate received by the semiconductor chip and enable one or more debug interfaces in the semiconductor chip based on the information resulting from the authentication of the debug certificate. The debug certificate may be in a form of a cryptographic public key certificate. A unique device ID which may be generated at boot and stored in the memory may be used by the semiconductor chip to authenticate the debug certificate. The device ID may be generated using the cryptographic public key that is stored in the one-time programmable (OTP) memory in the semiconductor chip and a cryptographic hash algorithm.
    • 当半导体芯片从引导只读存储器(ROM)启动时,半导体芯片可以用于阻止调试接口。 半导体芯片可以用于对由半导体芯片接收到的调试证书进行认证,并且基于从调试证书的认证得到的信息来启用半导体芯片中的一个或多个调试接口。 调试证书可以是加密公钥证书的形式。 半导体芯片可以在启动时产生并存储在存储器中的独特的设备ID用于认证调试证书。 可以使用存储在半导体芯片中的一次可编程(OTP)存储器中的密码公钥和密码散列算法来生成设备ID。
    • 7. 发明授权
    • Method and system for securely programming OTP memory
    • 用于安全编程OTP存储器的方法和系统
    • US08918575B2
    • 2014-12-23
    • US12559221
    • 2009-09-14
    • John MarkeyLove KothariPaul Chou
    • John MarkeyLove KothariPaul Chou
    • G06F12/00G06F21/57
    • G06F21/572
    • A semiconductor chip may be operable to receive and copy an OTP programming vector presented by the semiconductor chip programming device into its memory after it boots up from the boot read-only memory (ROM). The OTP programming vector which is a computer program may comprise an encrypted data to be programmed into the one-time programmable (OTP) memory in the semiconductor chip and may be signed with an electronic signature. The semiconductor chip may be operable to authenticate the OTP programming vector in the memory. The authenticated OTP programming vector in the memory may be executed to decrypt the data and program the data in a random data format into the OTP memory and then report the status via one or more general purpose input/output (GPIO) pins on the semiconductor chip.
    • 半导体芯片可以在从引导只读存储器(ROM)启动之后,将由半导体芯片编程设备呈现的OTP编程向量接收并复制到其存储器中。 作为计算机程序的OTP编程向量可以包括要编程到半导体芯片中的一次可编程(OTP)存储器中的加密数据,并且可以用电子签名来签名。 半导体芯片可以用于对存储器中的OTP编程向量进行认证。 可以执行存储器中的认证的OTP编程向量来解密数据并将数据以随机数据格式编程到OTP存储器中,然后通过半导体芯片上的一个或多个通用输入/输出(GPIO)引脚报告状态 。
    • 9. 发明授权
    • Method and system for hardware enforced virtualization in an integrated circuit
    • 集成电路中硬件强制虚拟化的方法和系统
    • US08732806B2
    • 2014-05-20
    • US12559154
    • 2009-09-14
    • John MarkeyLove KothariPaul Chou
    • John MarkeyLove KothariPaul Chou
    • G06F21/00
    • G06F21/575G06F21/74G06F2221/2105
    • Aspects of a method and system for hardware enforced virtualization in an integrated circuit are provided. In this regard, a mode of operation of an integrated circuit may be controlled such that the integrated circuit alternates between a secure mode of operation and an open mode of operation. Various resources of the integrated circuit may be designated as open or secure, and secure resources may be made inaccessible while the integrated circuit operates in the open mode. Access to the secure resources may be controlled based on a configuration of one or more registers and/or switching elements. Resources designated as secure may comprise, for example, a one-time-programmable memory. The integrated circuit may comprise ROM and/or one-time-programmable memory that stores one or more instructions, wherein execution of the one or more instructions may control transitions between the secure mode and the open mode.
    • 提供了集成电路中用于硬件强制虚拟化的方法和系统的方面。 在这方面,可以控制集成电路的操作模式,使得集成电路在安全操作模式和开放操作模式之间交替。 集成电路的各种资源可以被指定为开放的或安全的,并且当集成电路在开放模式下操作时,可以使安全的资源变得不可访问。 可以基于一个或多个寄存器和/或开关元件的配置来控制对安全资源的访问。 指定为安全的资源可以包括例如一次性可编程存储器。 集成电路可以包括存储一个或多个指令的ROM和/或一次可编程存储器,其中一个或多个指令的执行可以控制安全模式和打开模式之间的转换。
    • 10. 发明授权
    • Method and system for securely protecting a semiconductor chip without compromising test and debug capabilities
    • 在不影响测试和调试能力的情况下安全地保护半导体芯片的方法和系统
    • US08644499B2
    • 2014-02-04
    • US12559242
    • 2009-09-14
    • Love KothariPaul ChouJohn Markey
    • Love KothariPaul ChouJohn Markey
    • H04K1/00G06F9/00
    • G06F21/33G06F11/3648
    • A semiconductor chip may be operable to block the debug interfaces when the semiconductor chip boots up from the boot read-only memory (ROM). The semiconductor chip may be operable to authenticate a debug certificate received by the semiconductor chip and enable one or more debug interfaces in the semiconductor chip based on the information resulting from the authentication of the debug certificate. The debug certificate may be in a form of a cryptographic public key certificate. A unique device ID which may be generated at boot and stored in the memory may be used by the semiconductor chip to authenticate the debug certificate. The device ID may be generated using the cryptographic public key that is stored in the one-time programmable (OTP) memory in the semiconductor chip and a cryptographic hash algorithm.
    • 当半导体芯片从引导只读存储器(ROM)启动时,半导体芯片可以用于阻止调试接口。 半导体芯片可以用于对由半导体芯片接收到的调试证书进行认证,并且基于从调试证书的认证得到的信息来启用半导体芯片中的一个或多个调试接口。 调试证书可以是加密公钥证书的形式。 半导体芯片可以在启动时产生并存储在存储器中的独特的设备ID用于认证调试证书。 可以使用存储在半导体芯片中的一次可编程(OTP)存储器中的密码公钥和密码散列算法来生成设备ID。