发明名称 |
Method for securing content in dynamically allocated memory using different domain-specific keys |
摘要 |
A method operational within a memory controller is provided for securing content stored in memory. The memory controller may allocate logical memory regions within a memory device to different domains. A different domain-specific key is obtained for each of the different domains, where each domain-specific key is a function of at least a master key and domain-specific information. During write operations, content/data is encrypted, at the memory controller, as it is written into each logical memory region using a domain-specific key corresponding to a domain providing the content and to which the logical memory region is allocated. Similarly, during read operations, content/data is decrypted, at the memory controller, as it is read from each memory region using a domain-specific key corresponding to a domain requesting the content and to which the logical memory region, where the content is stored, is allocated. |
申请公布号 |
US9607177(B2) |
申请公布日期 |
2017.03.28 |
申请号 |
US201314042675 |
申请日期 |
2013.09.30 |
申请人 |
QUALCOMM Incorporated |
发明人 |
Jejurikar Ravindra R.;McLean Ivan |
分类号 |
G06F21/78;H04L9/08;G06F12/14 |
主分类号 |
G06F21/78 |
代理机构 |
Loza & Loza, LLP |
代理人 |
Loza & Loza, LLP |
主权项 |
1. A method operational within a memory controller for securing content comprising:
allocating, at the memory controller, logical memory regions within a memory device to different domains, the memory device being external to the memory controller; defining, at the memory controller, access permissions within access control settings for one or more masters within a domain, the access permissions specifying at least one of read and/or write access for the one or more masters within the domain; obtaining, at the memory controller, a different domain-specific key for each of the different domains, where each domain-specific key is a function of at least a master key and domain-specific information, the domain-specific information including the access permissions that specify at least one of read and/or write access for the one or more masters within the domain; storing the domain-specific keys at a secure memory space that is separate from and independent of the memory device; updating a domain-specific key stored at the secure memory space when a change to access control settings for one or more masters within a domain is detected; and encrypting content, at the memory controller, written into each logical memory region using a domain-specific key corresponding to a domain to which each logical memory region is allocated. |
地址 |
San Diego CA US |