| 发明名称 | Secure execution architecture | ||
| 摘要 | The present invention relates to circuitry and a method for providing data security, which circuitry contains at least one processor and at least one storage circuit. The invention is based on the idea that circuitry is provided in which a processor is operable in at least two different modes, one first secure operating mode and one second unsecure operating mode. In the secure mode, the processor has access to security related data located in various memories located within the circuitry. The access to these security data and the processing of them need to be restricted, since an intruder with access to security data could manipulate the circuitry. When testing and/or debugging the circuitry, access to security information is not allowed. For this reason, the processor is placed in the unsecure operating mode, in which mode it is no longer given access to the protected data. | ||
| 申请公布号 | US9111097(B2) | 申请公布日期 | 2015.08.18 |
| 申请号 | US200310634734 | 申请日期 | 2003.08.04 |
| 申请人 | Nokia Technologies Oy | 发明人 | Kiiveri Antti;Paatero Lauri |
| 分类号 | G06F21/76;G06F21/57;G06F21/78 | 主分类号 | G06F21/76 |
| 代理机构 | Harrington & Smith | 代理人 | Harrington & Smith |
| 主权项 | 1. An apparatus comprising at least one processor; and at least one non-transitory memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to: store protected data relating to security functions of circuitry and protected applications in a storage area in the at least one memory;authenticate software provided to the apparatus;based upon a signature check of an application to be downloaded, set the at least one processor in one of at least two different processor operating modes comprising: a first processor operating mode which, while the at least one processor is operating in the first processor operation mode,enables the at least one processor to access the protected data in the storage area, andallows the software which has been authenticated and the protected applications to have access to the protected data in the storage area; anda second processor operating mode which, while the at least one processor is operating in the second processor operation mode, prevents the at least one processor from accessing the protected data in the storage area,allows the at least one processor to execute non-verified software downloaded into the apparatus, andprevents access to the protected data relating to the security functions of circuitry and the protected applications in the storage area. | ||
| 地址 | Espoo FI | ||