| 摘要 |
<p>An improved security device to control access to restricted resources on an authorized basis. A security engine, such as a processor with associated security functions, is coupled between a first modifiable non-volatile memory, such as flash memory, and a first external interface, all on the same integrated circuit. The first memory contains secure data, and is controlled solely by the security engine, which also controls the first external interface and thereby prevents read or write access to the first memory by any external device. The integrated circuit also contains a second modifiable non-volatile memory, such as flash memory, that is coupled to a second external interface for read and write access by an external device. The second memory contains non-secure data, and is controlled through the second external interface by an external device. By isolating secure processing and storage from unsecure storage on the same integrated circuit, the security functions/data are protected from dedicated attack that could intercept or control transmissions between the two, while the benefits of placing all the functions on a single integrated circuit are achieved.</p> |
