Hacking-Resistant Computer Design
First Claim
1. A computer system comprising:
- a first partition and a second partition;
the first partition comprising;
a first CPU; and
a first memory module comprising;
a first memory unit comprising at least one memory address range for program code, wherein the program code comprises computer-executable code, and wherein the at least one memory address range for program code is configured by hardware circuitry; and
a second memory unit comprising at least one memory address range for other data, wherein the other data comprises data read from the second partition;
wherein the first CPU is hardware-configured to execute only the computer-executable code in the memory address range for program code; and
the second partition comprising;
a second CPU;
a second memory module; and
at least one communication module configured to couple to a network;
wherein the first CPU is configured to access the second memory module and read data from the second partition into only the at least one memory address range for other data; and
wherein the second CPU is restricted from accessing the first memory module.
3 Assignments
0 Petitions
Accused Products
Abstract
A computer architecture is disclosed for implementing a hacking-resistant computing device. The computing device, which could be a mainframe computer, personal computer, smartphone, or any other computing device suitable for network communication, comprises a first partition and a second partition. The second partition can communicate over a network such as the Internet. In contrast, the first partition cannot connect to the Internet, and can directly communicate only with the second partition or with input/output devices directly connected to the first partition. Further, the first partition segments its memory addressing for program code and hardware-protects it from alteration. The second partition is hardware-limited from reading or writing to the memory addressing of the first partition. As a result, the critical data files and program code stored on the first partition are protected from malicious code affecting the second partition.
-
Citations
3 Claims
-
1. A computer system comprising:
-
a first partition and a second partition; the first partition comprising; a first CPU; and a first memory module comprising; a first memory unit comprising at least one memory address range for program code, wherein the program code comprises computer-executable code, and wherein the at least one memory address range for program code is configured by hardware circuitry; and a second memory unit comprising at least one memory address range for other data, wherein the other data comprises data read from the second partition; wherein the first CPU is hardware-configured to execute only the computer-executable code in the memory address range for program code; and the second partition comprising; a second CPU; a second memory module; and at least one communication module configured to couple to a network; wherein the first CPU is configured to access the second memory module and read data from the second partition into only the at least one memory address range for other data; and wherein the second CPU is restricted from accessing the first memory module. - View Dependent Claims (2, 3)
-
Specification
-
- Resources
-
Current AssigneePathguard Incorporated
-
Original AssigneePathguard LLC
-
InventorsNewman, Frank N., Newman, Dan
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current
-
CPC Class CodesG06F 12/1433 for a module or a part of a...G06F 12/1441 for a rangeG06F 21/50 Monitoring users, programs ...G06F 21/53 by executing in a restricte...G06F 21/71 to assure secure computing ...G06F 21/79 in semiconductor storage me...G06F 2212/1052 Security improvementG06F 2221/031 Protect user input by softw...G06F 2221/032 Protect output to user by s...G06F 2221/034 Test or assess a computer o...G06F 3/0619 in relation to data integri...G06F 3/0644 Management of space entitie...G06F 3/0659 Command handling arrangemen...H04L 63/10 for controlling access to d...H04L 63/1441 Countermeasures against mal...H04L 63/145 the attack involving the pr...
