The present invention relates to circuitry and a method for providing data security, which circuitry contains at least one processor and at least one storage circuit. The invention is based on the idea that circuitry is provided in which a processor is operable in at least two different modes, one f
The present invention relates to circuitry and a method for providing data security, which circuitry contains at least one processor and at least one storage circuit. The invention is based on the idea that circuitry is provided in which a processor is operable in at least two different modes, one first secure operating mode and one second unsecure operating mode. In the secure mode, the processor has access to security related data located in various memories located within the circuitry. The access to these security data and the processing of them need to be restricted, since an intruder with access to security data could manipulate the circuitry. When testing and/or debugging the circuitry, access to security information is not allowed. For this reason, the processor is placed in the unsecure operating mode, in which mode it is no longer given access to the protected data.
대표청구항▼
1. An apparatus comprising at least one processor; andat least one non-transitory memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to: store protected data relating to security f
1. An apparatus comprising at least one processor; andat least one non-transitory memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to: store protected data relating to security functions of circuitry and protected applications in a storage area in the at least one memory;authenticate software provided to the apparatus;based upon a signature check of an application to be downloaded, set the at least one processor in one of at least two different processor operating modes comprising: a first processor operating mode which, while the at least one processor is operating in the first processor operation mode,enables the at least one processor to access the protected data in the storage area, andallows the software which has been authenticated and the protected applications to have access to the protected data in the storage area; anda second processor operating mode which, while the at least one processor is operating in the second processor operation mode, prevents the at least one processor from accessing the protected data in the storage area,allows the at least one processor to execute non-verified software downloaded into the apparatus, andprevents access to the protected data relating to the security functions of circuitry and the protected applications in the storage area. 2. An apparatus as in claim 1 further comprising a timer arranged to control a time period during which the at least one processor is in the second processor operating mode. 3. An apparatus as in claim 1 further comprising means arranged to indicate in which mode the at least one processor is operating. 4. An apparatus as in claim 1 wherein the computer program code is at least part of an application program. 5. An apparatus as in claim 1 wherein the apparatus is in a mobile telecommunication terminal. 6. An apparatus as in claim 1 wherein the at least one processor comprises a Central Processor Unit (CPU). 7. A machine-implemented method comprising: storing protected data relating to security functions of circuitry and protected applications in a storage area in at least one memory of an apparatus;authenticating software provided to the apparatus;based upon a signature check of an application to be downloaded, setting at least one processor in one of at least two different processor operating modes comprising: a first processor operating mode which, while the at least one processor is operating in the first processor operation mode,enables the at least one processor to access the protected data in the storage area, andallows the software which has been authenticated and the protected applications to have access to the protected data in the storage area; anda second processor operating mode which, while the at least one processor is operating in the second processor operation mode, prevents the at least one processor from accessing the protected data in the storage area,allows the at least one processor to execute software, downloaded into the apparatus, which has not be authenticated, andprevents access to the protected data relating to the security functions of circuitry and the protected applications in the storage area. 8. A machine-implemented method as in claim 7 further comprising controlling a time period during which the at least one processor is in the second processor operating mode by means of a timer. 9. A machine-implemented method as in claim 6 further comprising indicating in which mode the at least one processor is operating. 10. A machine-implemented method as in claim 7, wherein the setting of the at least one processor is performed by means of an application program. 11. A machine-implemented method as in claim 7, wherein the at least one processor and the at least one memory are in a mobile telecommunication terminal. 12. A machine-implemented method as in claim 7, wherein the at least one processor comprises a Central Processor Unit (CPU). 13. A non-transitory program storage device readable by an apparatus, tangibly embodying a program of instructions executable by the apparatus for performing operations, the operations comprising: based upon a signature check of an application to be downloaded, setting a processor to a first processor operating mode which, while the at least one processor is operating in the first processor operation mode, enables the processor to access a storage area in a memory of an apparatus, where the storage area comprises protected data relating to security functions of circuitry and protected applications and,allows software which has been authenticated and protected applications to have access to the protected data in the storage area of the memory; andalternatively setting the processor to a second different processor operating mode which, while the at least one processor is operating in the second processor operation mode, prevents the processor from accessing the protected data in the storage area of the memory,allows the processor to execute software downloaded into the apparatus which has not been authenticated, andprevents access to the protected data relating to the security functions of circuitry and the protected applications in the storage area in the memory. 14. A non-transitory program storage device as in claim 13 the operations further comprise controlling a time period during which the at least one processor is in the second processor operating mode by means of a timer. 15. A non-transitory program storage device as in claim 13 the operations further comprise indicating in which mode the at least one processor is operating. 16. A non-transitory program storage device as in claim 13 the operations further comprise setting of the at least one processor being performed by means of an application program. 17. A non-transitory program storage device as in claim 13 the operations further comprise wherein the processor and the memory being in a mobile telecommunication terminal. 18. A non-transitory program storage device as in claim 13 where the processor is a Central Processor Unit (CPU).
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (14)
Gray Robert J., Apparatus and method for providing an authentication system.
Bizzaro Mario,ITX ; Condorelli Vincenzo ; Hack Michel Henri Theodore ; Kravitz Jeffrey Kenneth ; Lindemann Mark John ; Palmer Elaine Rivette ; Pedrina Gianluca,ITX ; Smith Sean William ; Weingart Ste, Hardware access control locking.
Grimmer ; Jr. George G. ; Rhoades Michael W., Microcontroller with security logic circuit which prevents reading of internal memory by external program.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.