Secure memory card
DCFirst Claim
1. A secure memory card for use with a host portable computer, said memory card comprising:
- a microprocessor connected for transmitting and receiving address, data and control information to and from said host computer and said microprocessor including;
an addressable non-volatile memory for storing information including a number of key values and configuration information;
an internal bus connected to said microprocessor for transmitting address, data and control information defining memory operations to be performed by said card; and
,at least one non-volatile addressable memory being connected to said internal bus in common with said microprocessor for receiving said address, data and control information, said memory including a non-volatile memory section and a security control section, said memory section containing a memory array organized into a number of blocks, each block having a plurality of addressable locations and control logic means for performing said memory operations and said security control section being connected to said internal bus, to said control logic means and to said memory array, said security control section including;
a number of non-volatile and volatile storage devices for storing at least one of said key values and configuration information associated with said blocks; and
,access control logic means connected to said control logic means and to said storage devices, said access control logic means enabling reading of information stored in addressed ones of said blocks of said memory array as specified by said configuration information only after said microprocessor has determined that a predetermined authentication procedure has been performed with said host computer and has enabled said access control logic means for allowing reading of said information from said memory array according to said configuration information.
3 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A secure memory card includes a microprocessor on a single semiconductor chip and one or more non-volatile addressable memory chips. The microprocessor chip and non-volatile memory chips connect in common to an internal card bus for transmitting address, data and control information to such non-volatile memory chips. The microprocessor includes an addressable non-volatile memory for storing information including a number of key values, application specific configuration information and program instruction information. Each chip'"'"'s memory is organized into a number of blocks or banks and each memory chip is constructed to include security control logic circuits. These circuits include a number of non-volatile and volatile memory devices which are loaded with key and configuration information under the control of the microprocessor only after the microprocessor has determined that the user has successfully performed a predetermined authentication procedure with a host computer. Thereafter, the user is allowed to read out information from blocks only as defined by the configuration information.
-
Citations
26 Claims
-
1. A secure memory card for use with a host portable computer, said memory card comprising:
-
a microprocessor connected for transmitting and receiving address, data and control information to and from said host computer and said microprocessor including; an addressable non-volatile memory for storing information including a number of key values and configuration information; an internal bus connected to said microprocessor for transmitting address, data and control information defining memory operations to be performed by said card; and
,at least one non-volatile addressable memory being connected to said internal bus in common with said microprocessor for receiving said address, data and control information, said memory including a non-volatile memory section and a security control section, said memory section containing a memory array organized into a number of blocks, each block having a plurality of addressable locations and control logic means for performing said memory operations and said security control section being connected to said internal bus, to said control logic means and to said memory array, said security control section including; a number of non-volatile and volatile storage devices for storing at least one of said key values and configuration information associated with said blocks; and
,access control logic means connected to said control logic means and to said storage devices, said access control logic means enabling reading of information stored in addressed ones of said blocks of said memory array as specified by said configuration information only after said microprocessor has determined that a predetermined authentication procedure has been performed with said host computer and has enabled said access control logic means for allowing reading of said information from said memory array according to said configuration information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A secure memory card installable in a host portable computer for establishing communication with said host computer, said memory card comprising:
-
a microprocessor contained on a single semiconductor chip, said microprocessor being connected for transmitting and receiving address, data and control information to and from said host computer and said microprocessor including; an addressable non-volatile memory for storing information including a number of key values defining user accessibility to memory areas, and memory configuration information defining memory read out accessibility to said memory areas; an internal bus for transmitting address, data and control information defining memory operations to be performed by said card; and
,at least one non-volatile addressable memory chip being connected to said internal bus in common with said microprocessor for receiving said address, data and control information, said memory chip including a memory section and a security section, said memory section containing a non-volatile memory array having a data output and being organized into a number of blocks, each having a plurality of addressable locations and control logic means for performing said memory operations, said security section being connected to said internal bus, to said control logic means and to said data output and said security section including; a non-volatile lock memory coupled to said internal bus for initially receiving and permanently storing a predetermined lock value which matches one of said number of key values; access control logic means connected to said control logic means and to said lock memory for generating an enabling signal upon detecting when said predetermined lock code value identically matches a selected one of said key values applied by said microprocessor to said internal bus; and
,an addressable volatile access control memory having a plurality of locations corresponding in number to said number of blocks of said memory array for storing said memory configuration information defining said read out accessibility, said access control memory being connected to said control logic means, to said memory array data output, to said internal bus, and to said access control logic means, said access control logic means enabling reading of information stored in addressed ones of said blocks of said memory array as specified by said memory configuration information only after said microprocessor has determined that a predetermined authentication procedure has been successfully performed with said host computer and has transferred said predetermined one of said memory key codes causing said access control logic means to generate said enabling signal for application to said data output for enabling reading out said information to said data output as specified by said access control memory configuration information.
-
-
18. A secure memory card including a number of non-volatile memory chips, each memory chip including a memory array organized into blocks of addressable locations, having a capability of operating in a number of modes, said card comprising:
-
a lock memory for storing a lock value; control means for generating first and second commands and a predetermined key value; a key register coupled to said control means and responsive to said first command for storing said predetermined key value; a comparator coupled to said lock memory and to said key register, said comparator generating a compare signal whenever said lock value and said predetermined key value are equal; a delay counter coupled to said generating means and responsive to said first command for setting said counter to a maximum count value, and responsive to a sequence of successive second commands for generating a zero count signal when said delay counter has been decremented to zero; logic circuit means coupled to said comparator and to said delay counter, said logic circuit means responsive to said compare signal and said zero count signal for generating an access modification allowed signal; said control means for generating a third command, and first address signals and subsequent address signals identifying a first of said blocks and subsequent blocks respectively; and
,access control memory means being coupled to said logic means and to said control means, said access control memory responsive to said access memory enable signal, said address signals and said third command for storing indications signifying when said one of said blocks and said subsequent blocks are enabled for reading. - View Dependent Claims (19, 20, 21, 22)
-
-
23. A method of organizing for operation, a secure memory card installable in a host computer which includes a number of non-volatile memory chips, each memory chip including a memory array organized into blocks of addressable locations and control logic circuits for generating command signals for performing memory operations, said method comprising the steps of:
-
(a) incorporating a microprocessor into said card which is connected to communicate with said host computer when installed therein, said microprocessor including an addressable non-volatile memory for storing information including a number of key values defining user accessibility to memory areas and memory configuration information defining accessibility to said memory areas; (b) incorporating security logic circuits into each non-volatile memory chip, said security logic circuits including a non-volatile lock memory for storing a predetermined lock value, access control logic means connected to said lock memory and an addressable volatile access control memory having a plurality of locations corresponding in number to said number of blocks for storing accessibility bit information according to said configuration information; (c) interconnecting said microprocessor to each memory chip for transferring address, data and control information to said each memory chip; (d) modifying said control logic circuits to be responsive to a plurality of commands for operating said security logic circuits; (e) connecting said microprocessor for performing an initial preestablished user authentication operation with said host computer; and
,(f) connecting said security logic circuits to be enabled by said microprocessor transferring specific ones of said plurality of commands to said each chip only when said authentication operation in step (e) has been successfully performed for allowing said information stored in different ones of said blocks to be read out according to said accessibility bit information stored in said access control memory. - View Dependent Claims (24, 25)
-
-
26. A method of constructing a secure memory card which includes a number of non-volatile memory chips for storing large quantities of information, each memory chip including a memory array organized into blocks of addressable locations and control logic circuits for generating command signals for performing memory operations, said method comprising the steps of:
-
(a) incorporating a microprocessor into said card, said microprocessor including an addressable non-volatile memory for storing information including a number of key values defining user accessibility to memory areas and memory configuration information defining accessibility to said memory areas; (b) incorporating security logic circuits into each non-volatile memory chip, said security logic circuits including a non-volatile lock memory for storing a predetermined lock value, access control logic means connected to said lock memory and an addressable volatile access control memory having a plurality of locations corresponding in number to said number of blocks for storing user accessibility bit information in accordance with said configuration information; (c) interconnecting said microprocessor to each memory chip for transferring address, data and control information to said each memory chip; and
,(d) modifying said control logic circuits to incorporate a plurality of commands for operating said security logic circuits as an extension to a set of commands normally provided by said control logic circuits whereby said security logic circuits protect said information contained in said number of chips from being read out in an unauthorized manner even when said chips are removed from said memory card.
-
Specification