专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08996851B2 Host device and method for securely booting the host device with operating system code loaded from a storage device 有权
标题翻译：用于使用从存储设备加载的操作系统代码安全地引导主机设备的主机设备和方法
公开(公告)号：US08996851B2
公开(公告)日：2015-03-31
申请号：US12853924
申请日：2010-08-10
申请人： Boris Dolgunov , Reuven Elhamias , Ehud Cohen
发明人： Boris Dolgunov , Reuven Elhamias , Ehud Cohen
IPC分类号： G06F9/44 , G06F21/57 , G06F21/72 , G06F21/85 , G06F21/12
CPC分类号： G06F9/4406 , G06F21/123 , G06F21/575 , G06F21/72 , G06F21/85
摘要： A host device and method for securely booting the host device with operating system code loaded from a storage device are provided. In one embodiment, a host device is in communication with a storage device having a private memory area storing boot loader code and a public memory area storing operating system code. The host device instructs the storage device to initiate a boot mode and receives the boot loader code from the storage device. The host device executes the boot loader code which performs a security check and executes the operating system code loaded from the storage device only if the security check is successful.
摘要翻译：提供了一种用于使用从存储设备加载的操作系统代码安全地引导主机设备的主机设备和方法。在一个实施例中，主机设备与具有存储引导加载程序代码的专用存储区域和存储操作系统代码的公共存储区域的存储设备通信。主机设备指示存储设备启动引导模式，并从存储设备接收引导加载程序代码。主机设备执行执行安全检查的引导加载程序代码，并且只有在安全检查成功的情况下才执行从存储设备加载的操作系统代码。

2. 发明申请

US20120042376A1 Host Device and Method for Securely Booting the Host Device with Operating System Code Loaded From a Storage Device 有权
标题翻译：使用从存储设备加载的操作系统代码来安全地引导主机设备的主机设备和方法
公开(公告)号：US20120042376A1
公开(公告)日：2012-02-16
申请号：US12853924
申请日：2010-08-10
申请人： Boris Dolgunov , Reuven Elhamias , Ehud Cohen
发明人： Boris Dolgunov , Reuven Elhamias , Ehud Cohen
IPC分类号： H04L9/32 , G06F15/177
CPC分类号： G06F9/4406 , G06F21/123 , G06F21/575 , G06F21/72 , G06F21/85
摘要： A host device and method for securely booting the host device with operating system code loaded from a storage device are provided. In one embodiment, a host device is in communication with a storage device having a private memory area storing boot loader code and a public memory area storing operating system code. The host device instructs the storage device to initiate a boot mode and receives the boot loader code from the storage device. The host device executes the boot loader code which performs a security check and executes the operating system code loaded from the storage device only if the security check is successful.
摘要翻译：提供了一种用于使用从存储设备加载的操作系统代码安全地引导主机设备的主机设备和方法。在一个实施例中，主机设备与具有存储引导加载程序代码的专用存储区域和存储操作系统代码的公共存储区域的存储设备通信。主机设备指示存储设备启动引导模式，并从存储设备接收引导加载程序代码。主机设备执行执行安全检查的引导加载程序代码，并且只有在安全检查成功时才执行从存储设备加载的操作系统代码。

3. 发明申请

US20140082324A1 Method and Storage Device for Using File System Data to Predict Host Device Operations 审中-公开
标题翻译：使用文件系统数据预测主机设备操作的方法和存储设备
公开(公告)号：US20140082324A1
公开(公告)日：2014-03-20
申请号：US13618961
申请日：2012-09-14
申请人： Reuven Elhamias , Boris Dolgunov
发明人： Reuven Elhamias , Boris Dolgunov
IPC分类号： G06F12/08
CPC分类号： G06F12/0862
摘要： A method and storage device for using file system data to predict host device operations are disclosed. In one embodiment, a storage device is disclosed having a first memory storing data and file system metadata, a second memory, and a controller. In response to receiving a command from the host device to read a first address in the first memory, the controller reads data from the first address in the first memory and returns it to the host device. The controller predicts a second address in the first memory to be read by a subsequent read command from the host device, reads the data from the predicted second address, and stores it in the second memory.
摘要翻译：公开了一种使用文件系统数据来预测主机设备操作的方法和存储装置。在一个实施例中，公开了具有存储数据和文件系统元数据的第一存储器，第二存储器和控制器的存储设备。响应于从主机设备接收到读取第一存储器中的第一地址的命令，控制器从第一存储器中的第一地址读取数据并将其返回到主机设备。控制器预测第一存储器中的第二地址将被来自主机设备的后续读取命令读取，从预测的第二地址读取数据，并将其存储在第二存储器中。

4. 发明授权

US08392714B2 Secure overlay manager protection 有权
标题翻译：安全覆盖管理器保护
公开(公告)号：US08392714B2
公开(公告)日：2013-03-05
申请号：US12255229
申请日：2008-10-21
申请人： Boris Dolgunov , Yonatan Halevi , Eran Shen , Amir Samuelov , Niv Cohen , Michael Holtzman , Rotem Sela
发明人： Boris Dolgunov , Yonatan Halevi , Eran Shen , Amir Samuelov , Niv Cohen , Michael Holtzman , Rotem Sela
IPC分类号： H04L9/32
CPC分类号： G06F21/57 , G06F21/572
摘要： A method for protection of data includes maintaining a control parameter indicative of a current version of the data. The data is partitioned into multiple segments. Respective signatures of the segments are computed, responsively to the control parameter, the segments and respective signatures forming respective signed input segments, which are stored in a memory. After the signed input segments are stored, a signed output segment is fetched from the memory. The signature of the signed output segment is verified responsively to the control parameter, and the data in the signed output segment is processed responsively to verifying the signature.
摘要翻译：用于保护数据的方法包括维护指示数据的当前版本的控制参数。数据被分割成多个段。响应于控制参数，形成分别存储在存储器中的相应带符号输入段的段和相应签名来计算段的相应签名。在有符号输入段被存储之后，从存储器中取出带符号的输出段。响应于控制参数验证有符号输出段的签名，并且响应地处理签名输出段中的数据以验证签名。

5. 发明授权

US08266446B2 Software protection against fault attacks 有权
标题翻译：防止故障攻击的软件保护
公开(公告)号：US08266446B2
公开(公告)日：2012-09-11
申请号：US12253394
申请日：2008-10-17
申请人： Boris Dolgunov , Arseniy Aharonov , Raphael Slepon Ben-Yaish
发明人： Boris Dolgunov , Arseniy Aharonov , Raphael Slepon Ben-Yaish
IPC分类号： G06F12/14
CPC分类号： G06F21/556
摘要： A method for protecting information in a device includes providing a device with a non-secure hardware domain, a processor having a software-controlled mode of operation, and a secure hardware domain having a secure memory that is inaccessible by the processor when the processor is operating in the software-controlled mode of operation. Data from the non-secure hardware domain is established in the secure hardware domain. Computing operations are executed on the data in the secure hardware domain to produce a result. The secure hardware domain is purged, while retaining the result therein. The result is thereafter returned from the secure hardware domain into the non-secure hardware domain.
摘要翻译：一种用于保护设备中的信息的方法包括：提供具有非安全硬件域的设备，具有软件控制操作模式的处理器，以及具有安全存储器的安全硬件域，所述安全存储器在处理器为以软件控制的操作模式运行。来自非安全硬件域的数据建立在安全的硬件领域。对安全硬件域中的数据执行计算操作以产生结果。清除安全硬件域，同时保留其中的结果。之后，结果从安全硬件域返回到非安全的硬件域。

6. 发明申请

US20110314296A1 Host Device and Method for Communicating a Password between First and Second Storage Devices Using a Double-Encryption Scheme 有权
标题翻译：使用双加密方案在第一和第二存储设备之间通信密码的主机设备和方法
公开(公告)号：US20110314296A1
公开(公告)日：2011-12-22
申请号：US13073740
申请日：2011-03-28
申请人： Boris Dolgunov , Eyal Sobol , David Matot , Vered Babayov
发明人： Boris Dolgunov , Eyal Sobol , David Matot , Vered Babayov
IPC分类号： G06F21/00
CPC分类号： G06F21/34 , G06F21/31
摘要： A first storage device provides a host device with access to a private memory area by communicating a password between the first storage device and a second storage device via the host device using a double-encryption scheme. In one embodiment, a host device receives a twice-encrypted password from a first storage device, sends the twice-encrypted password to a second storage device, receives a once-encrypted password from the second storage device, decrypts the once-encrypted password to obtain the password, and sends the password to the first storage device. In another embodiment, a first storage device sends a twice-encrypted password to a host device, receives the password from the host device after the twice-encrypted password is decrypted by a second storage device and the host device, and provides the host device with access to the private memory area only if the password matches one that is stored in the first storage device.
摘要翻译：第一存储设备通过使用双加密方案经由主机设备在第一存储设备和第二存储设备之间传送密码来向主机设备提供对专用存储器区域的访问。在一个实施例中，主机设备从第一存储设备接收两次加密的密码，将二次加密的密码发送到第二存储设备，从第二存储设备接收一次加密的密码，将一次加密的密码解密为获取密码，并将密码发送到第一个存储设备。在另一个实施例中，第一存储设备向主机设备发送两次加密的密码，在由第二存储设备和主设备解密两次加密的密码之后从主机设备接收密码，并向主机设备提供仅当密码与存储在第一存储设备中的密码匹配时，才能访问私有内存区域。

7. 发明授权

US07979628B2 Re-flash protection for flash memory 有权
标题翻译：重新闪存保护闪存
公开(公告)号：US07979628B2
公开(公告)日：2011-07-12
申请号：US12252930
申请日：2008-10-16
申请人： Boris Dolgunov , Arseniy Aharonov
发明人： Boris Dolgunov , Arseniy Aharonov
IPC分类号： G06F12/00 , G06F13/00 , G06F13/28
CPC分类号： G06F21/554 , G06F21/64 , G06F21/79
摘要： A method for storing data includes providing a memory package including an integrated circuit containing a non-volatile memory and counter circuitry. The data is written to the non-volatile memory. The counter circuitry is operated to maintain a count of write operations performed on the non-volatile memory. The data and the count from the memory package are received at a controller, separate from the memory package, and the data is authenticated in response to the count.
摘要翻译：一种用于存储数据的方法包括提供包括包含非易失性存储器和计数器电路的集成电路的存储器包。数据被写入非易失性存储器。操作计数器电路以维持对非易失性存储器执行的写入操作的计数。来自存储器包的数据和计数在与存储器包分开的控制器处被接收，并且数据被认证以响应于计数。

8. 发明申请

US20100332855A1 Method and Memory Device for Performing an Operation on Data 有权
标题翻译：用于执行数据操作的方法和存储器件
公开(公告)号：US20100332855A1
公开(公告)日：2010-12-30
申请号：US12495302
申请日：2009-06-30
申请人： Boris Dolgunov , Michael Holtzman , Ron Barzilai , Eran Shen
发明人： Boris Dolgunov , Michael Holtzman , Ron Barzilai , Eran Shen
IPC分类号： G06F12/14
CPC分类号： G06F13/385
摘要： A method and memory device for implementing long operations and supporting multiple streams are provided. In one embodiment, a memory device receives data and a command from a host to perform an operation on the data, wherein a time required for the memory device to complete the operation exceeds a maximum response time for the memory device to respond to the command. The memory device begins performing the operation on the data and, before exceeding the maximum response time and before completing the operation, sends the context of the operation to the host. At a later time, the memory device receives from the host: (i) a command to resume performing the operation and (ii) the context. The memory device then resumes performing the operation on the data based on the context received from the host.
摘要翻译：提供了一种用于实现长操作并支持多个流的方法和存储器件。在一个实施例中，存储器设备从主机接收数据和命令以执行对数据的操作，其中存储器设备完成操作所需的时间超过存储器设备响应命令的最大响应时间。存储设备开始对数据执行操作，并且在超过最大响应时间之前并且在完成操作之前，将操作的上下文发送到主机。在稍后的时间，存储器装置从主机接收：（i）恢复执行操作的命令和（ii）上下文。然后，存储器设备基于从主机接收的上下文恢复对数据的操作。

9. 发明申请

US20090113217A1 MEMORY RANDOMIZATION FOR PROTECTION AGAINST SIDE CHANNEL ATTACKS 有权
标题翻译：用于保护边界通道攻击的记忆随机
公开(公告)号：US20090113217A1
公开(公告)日：2009-04-30
申请号：US12254225
申请日：2008-10-20
申请人： Boris Dolgunov , Arseniy Aharonov
发明人： Boris Dolgunov , Arseniy Aharonov
IPC分类号： H04L9/06
CPC分类号： G06F21/556 , G06F12/1408 , H04L9/0894
摘要： Side channel attacks against a computing device are prevented by combinations of scrambling data to be stored in memory and scrambling the memory addresses of the data using software routines to execute scrambling and descrambling functions. Encrypted versions of variables, data and lookup tables, commonly employed in cryptographic algorithms, are thus dispersed into pseudorandom locations. Data and cryptographic primitives that require data-dependent memory accesses are thus shielded from attacks that could reveal memory access patterns and compromise cryptographic keys.
摘要翻译：通过将要存储在存储器中的加扰数据的组合和使用软件例程对数据的存储器地址进行加扰来执行加扰和解扰功能来防止针对计算设备的侧向信道攻击。通常在加密算法中使用的变量，数据和查找表的加密版本因此分散到伪随机位置。因此，需要依赖数据的内存访问的数据和加密原语可以防止可能暴露内存访问模式和危及加密密钥的攻击。

10. 发明授权

US08694790B2 Storage device and method for communicating a password between first and second storage devices using a double-encryption scheme 有权
标题翻译：用于使用双加密方案在第一和第二存储设备之间传送密码的存储设备和方法
公开(公告)号：US08694790B2
公开(公告)日：2014-04-08
申请号：US13073729
申请日：2011-03-28
申请人： Boris Dolgunov , Eyal Sobol , David Matot , Vered Babayov
发明人： Boris Dolgunov , Eyal Sobol , David Matot , Vered Babayov
IPC分类号： G06F21/31 , G06F21/10
CPC分类号： G06F21/34 , G06F21/31
摘要： A first storage device provides a host device with access to a private memory area by communicating a password between the first storage device and a second storage device via the host device using a double-encryption scheme. In one embodiment, a host device receives a twice-encrypted password from a first storage device, sends the twice-encrypted password to a second storage device, receives a once-encrypted password from the second storage device, decrypts the once-encrypted password to obtain the password, and sends the password to the first storage device. In another embodiment, a first storage device sends a twice-encrypted password to a host device, receives the password from the host device after the twice-encrypted password is decrypted by a second storage device and the host device, and provides the host device with access to the private memory area only if the password matches one that is stored in the first storage device.
摘要翻译：第一存储设备通过使用双加密方案经由主机设备在第一存储设备和第二存储设备之间传送密码来向主机设备提供对专用存储器区域的访问。在一个实施例中，主机设备从第一存储设备接收两次加密的密码，将二次加密的密码发送到第二存储设备，从第二存储设备接收一次加密的密码，将一次加密的密码解密为获取密码，并将密码发送到第一个存储设备。在另一个实施例中，第一存储设备向主机设备发送两次加密的密码，在由第二存储设备和主设备解密两次加密的密码之后从主机设备接收密码，并向主机设备提供仅当密码与存储在第一存储设备中的密码匹配时，才能访问私有内存区域。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式