| 发明名称 | Method and system for secure access to non-volatile memory | ||
| 摘要 | Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc carries an encrypted digital video title combined with data processing operations that implement the title's security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations, access secure nonvolatile storage, submit data to CODECs for output, and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies. If pirates compromise a player or title, future content can be mastered with security features that, for example, block the attack, revoke pirated media, or use native code to correct player vulnerabilities. | ||
| 申请公布号 | US8949624(B2) | 申请公布日期 | 2015.02.03 |
| 申请号 | US201113175238 | 申请日期 | 2011.07.01 |
| 申请人 | Irdeto USA, Inc. | 发明人 | Kocher Paul C.;Jaffe Joshua M.;Jun Benjamin C.;Laren Carter C.;Pearson Peter K.;Lawson Nathaniel J. |
| 分类号 | G06F21/00;H04N7/167;G06F21/50;G06F21/62;G06F21/78;G11B20/00;H04N21/258;H04N21/41;H04N21/418;H04N21/426;H04N21/4405;H04N21/442;H04N21/8358;H04L9/32;H04N5/913 | 主分类号 | G06F21/00 |
| 代理机构 | Reed Smith LLP | 代理人 | Kaufman Marc S.;Reed Smith LLP |
| 主权项 | 1. An method executed by one or more computing devices for secure access to a nonvolatile memory, comprising: receiving, by at least one of the one or more computing devices, a request for privileged access to nonvolatile memory from requesting code, wherein the request includes a code length of the requesting code and a requested priority level; computing, by at least one of the one or more computing devices, a cryptographic hash of the requesting code using a starting address of the requesting code and the code length; determining, by at least one of the one or more computing devices, whether the requested priority level is valid based at least in part on one or more of a previous priority level associated with a requested portion of the nonvolatile memory and a predetermined range of acceptable priority levels; and granting, by at least one of the one or more computing devices, privileged access to the nonvolatile memory based on one of: a determination that the requested priority level is valid and that the request does not specify an existing portion of the nonvolatile memory; ora determination that the requested priority level is valid and that the cryptographic hash matches a value of an authentication hash stored in the requested portion of the nonvolatile memory. | ||
| 地址 | Santa Clara CA US | ||