Separation of software modules by controlled encryption key management

一种加密密钥、软件的技术,应用在软件模块的分离领域,能够解决有价值的知识产权损失等问题

Active Publication Date: 2018-02-27
QUALCOMM INC
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, such codes can be accessed and reversed by unauthorized users (e.g., hackers), resulting in the loss of valuable intellectual property

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Separation of software modules by controlled encryption key management
  • Separation of software modules by controlled encryption key management
  • Separation of software modules by controlled encryption key management

Examples

Experimental program
Comparison scheme
Effect test

no. 1 example approach

[0089] Figure 9 (contains Figure 9A and 9B ) illustrate methods operable in an apparatus for securing software in a memory device (eg, memory device 304 or memory device 810 ) in accordance with various aspects of the disclosure. In one aspect of the disclosure, the apparatus may be a dongle (eg, dongle 302 or dongle 814 ). It should be understood that the operations indicated by the dashed lines in FIG. 9 are optional.

[0090] The device may obtain a payload 902 comprising at least one of instructions or data. In one aspect of the invention, the payload is available in a secure communication or from secure storage. The apparatus may establish an address domain in the memory device, the address domain including one or more selected regions 904 in the memory device. In one aspect, the device may establish the address domain by generating an address domain identifier (RID) for the address domain and an EEK, wherein the RID is associated with the EEK. The apparatus may sto...

no. 2 example approach

[0093] Figure 10 Methods operable in an apparatus for securing software in a memory device (eg, memory device 404 or memory device 810 ) in accordance with various aspects of the invention are described. In one aspect of the disclosure, the apparatus may be a dongle (eg, dongle 402 or dongle 814 ). It should be understood that Figure 10 Operations indicated by dotted lines in are optional.

[0094] The apparatus may receive a memory transaction associated with a memory device, the memory transaction comprising at least an address domain identifier (RID) and an address domain indicator bit, wherein the RID implements a pair comprising one or more selected regions in the memory device ID 1002 of the address domain. In one aspect of the disclosure, the memory transaction may further include an optional control bit (eg, DORA bit 450 ) that controls access to regions of the memory device outside of the address domain. The apparatus may detect an error 1004 in a memory transac...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

In an aspect, a method for protecting software includes obtaining a payload including at least one of instructions or data, establishing a realm in a memory device, encrypting the payload based on anephemeral encryption key (EEK) associated with the realm, and storing the encrypted payload in the realm of the memory device. In another aspect, a method for protecting software includes receiving amemory transaction associated with the memory device, the memory transaction including at least a realm identifier (RID) and a realm indicator bit, obtaining the EEK associated with the RID when the RID indicates the realm and when the realm indicator bit is enabled, decrypting an instruction and / or data retrieved from the realm based on the EEK when the memory transaction is a read transaction, and encrypting second data for storage in the realm based on the EEK when the memory transaction is a write transaction.

Description

[0001] Related Application Cross Reference [0002] This application asserts Provisional Application No. 62 / 189,733, filed July 7, 2015, in the USPTO and non-provisional Application No. 15 / 053,892, filed February 25, 2016, in the USPTO Priority and benefit of both applications, the entire contents of which are incorporated herein by reference. technical field [0003] Aspects of the invention relate generally to secure memory management, and more specifically (but not exclusively) to separation of software modules by controlled encryption key management. Background technique [0004] Software developers typically generate code (eg, drivers, applications, games) and allow customers and other authorized users to install and use the code in various products. For example, the code can be installed and stored in a memory device of an electronic device such as a mobile phone or laptop computer. However, such codes can be accessed and reverse cracked by unauthorized users (eg, h...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & AuthorityApplications(China)
IPC IPC(8): G06F21/62G06F21/78
CPCG06F21/6218G06F21/78G06F12/1408G06F2212/1052G06F11/0727G06F11/167G06F11/3037H04L63/061
Inventor罗伯托·阿万奇大卫·哈特利罗萨里奥·卡马罗塔
OwnerQUALCOMM INC