Method and arrangement for enhancing the security of critical data against manipulation
First Claim
1. A method for enhancing security of critical data against manipulation in an information-processing system, comprising the steps of:
- (a) storing a list containing a plurality of code words in an internal processor memory of a processor in a system containing critical data to be protected;
(b) loading an identifier into a first non-volatile memory in said system, said identifier identifying one of said code words in said list;
(c) loading said one of code words, as a current code word into a second non-volatile memory of said system, said second non-volatile memory containing the critical data;
(d) conducting a validity check of said current code word at least at a time said system is turned on by comparing said current code word to the code word in said list identified by said identifier;
(e) given validity of said current code word as a result of comparison with the code word in said list identified by said identifier, permitting access to said critical data and replacing said current code word with a predetermined, new code word;
(f) given invalidity of said current code word as a result of comparison with the code word in said list identified by said identifier, blocking said system from further operation after said system is turned on; and
(g) after each validity check, modifying said identifier to identify a new one of said code words dependent on a last operating condition of said system and replacing said one of said code words in said second memory with said new one of said code words as sad current code word.
1 Assignment
0 Petitions
Accused Products
Abstract
In a method for enhancing the security of critical register data against manipulation, a number or a pointer that is allocated to a code word is loaded into a first non-volatile memory, and a code word is loaded into second non-volatile memories containing the critical data, whereby the code word is allocated to the last operating condition of the system, i.e. the code word has been selected on the basis of a pseudo-random sequence or as an outcome of the manufacture or a reloading of the system or before turn-off or before a voltage outage or before a standby before program interruption. A validity check of the code word is made at least at the time the system is turned on, and the old code word is replaced with a predetermined, new code word when the processor, after the validity check, recognizes the validity of the old code word with reference to the code word selected from a list with stored code words in its internal processor memory. This selection is made according to the number or the position of the pointer. The system is blocked after the time the system is turned on if the processor, after the validity check, denies the validity of the old code word with reference to the selected code word stored in the aforementioned list.
-
Citations
46 Claims
-
1. A method for enhancing security of critical data against manipulation in an information-processing system, comprising the steps of:
-
(a) storing a list containing a plurality of code words in an internal processor memory of a processor in a system containing critical data to be protected; (b) loading an identifier into a first non-volatile memory in said system, said identifier identifying one of said code words in said list; (c) loading said one of code words, as a current code word into a second non-volatile memory of said system, said second non-volatile memory containing the critical data; (d) conducting a validity check of said current code word at least at a time said system is turned on by comparing said current code word to the code word in said list identified by said identifier; (e) given validity of said current code word as a result of comparison with the code word in said list identified by said identifier, permitting access to said critical data and replacing said current code word with a predetermined, new code word; (f) given invalidity of said current code word as a result of comparison with the code word in said list identified by said identifier, blocking said system from further operation after said system is turned on; and (g) after each validity check, modifying said identifier to identify a new one of said code words dependent on a last operating condition of said system and replacing said one of said code words in said second memory with said new one of said code words as sad current code word. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for enhancing security of critical data against manipulation in an information-processing system, comprising the steps of:
-
(a) providing a non-volatile storage medium having a plurality of non-volatile storage areas, said non-volatile storage medium containing said critical data to be protected; (b) allocating a separate code word respectively to each non-volatile storage area; (c) providing a further memory selected from the group of memories consisting of an internal memory of a processor for said system, a memory on a chip card, or a similar system memory disposed at a remote data central in communication with said system; (d) storing at least one of said separate code words in said further memory; (e) preventing access to said critical data in said storage medium unless a match between at least one separate code word allocated to a non-volatile storage area and said at least one of said separate code words in further memory is made; (f) forming new code words respectively at predetermined points in time; and (g) storing said new code words in said non-volatile storage medium as replacements for said separate code words. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A method for enhancing security of critical data against manipulation in an information-processing system, comprising the steps of:
-
(a) loading a code word into an internal first non-volatile memory of a processor in said system and loading said code word into a second non-volatile memory of said system, said second non-volatile memory containing said critical data to be protected, said code word corresponding to a last operating condition of said system, said code word constituting a current code word; (b) executing a validity check of said current code word at least at a time said system is turned on by comparing the respective code words stored in said first and second non-volatile memories; (c) given agreement of said code words respectively stored in said first and second non-volatile memories, and replacing said current code word in said second non-volatile memory with a new code word selected, dependent on a last operating condition of said system, from a list of code words stored in said first non-volatile memory; and (d) given non-agreement of said respective code word stored in said first and second non-volatile memories, blocking said system from further operation after said system is turned on. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A method for enhancing security of critical data against manipulation in an information-processing system, comprising the steps of:
-
providing a storage medium in said system having a plurality of non-volatile storage areas; allocating a separate code word respectively to each storage area;
storing each of said separate code words in a non-volatile memory of a processor in said system;checking for and requiring equivalency between at least one code word stored in said storage medium and at least one code word stored in said processor before permitting access to said critical data; and after each check for equivalency, changing said at least one code word stored in said storage medium and said at least one code word stored in said processor for which equivalency is required before permitting access to said critical data. - View Dependent Claims (32, 33, 34, 35)
-
-
36. An apparatus for enhancing security of critical data against manipulation in an information-processing system, comprising:
-
an internal processor having a non-volatile processor memory; a further non-volatile memory, separate from said processor memory, respective code words being loaded into each of said processor memory and said further non-volatile memory; security means for checking for, and for permitting access to said critical data only upon, coincidence of the code words respectively stored in the processor memory and the further non-volatile memory; means for changing said code words respectively stored in the processor memory and in the further non-volatile memory after each check for coincidence by said security means; and a sealed, secured housing containing said internal processor and said further non-volatile memory. - View Dependent Claims (37, 38, 39, 40, 41)
-
-
42. A method for enhancing security against manipulation of critical data in a machine, comprising the steps of:
-
loading an authentification code that is generated with a code word, that is allocated to the code word and that encodes accounting data, into a first non-volatile memory that is protected against removal and manipulation during the running time of the machine; loading the accounting data and said authentification code into second non-volatile memories NVM to be protected that contain register data, and allocating the code word to a last operating condition of the machine; conducting a validity check of the authentification code that is allocated to the code word, at least the time the machine is turned on and, subsequently, upon an occurrence of a predetermined event; replacing the code word with a predetermined, new code word for forming a further authentification code that is allocated to the new code word and that encodes accounting data upon a determination of validity of the code word; and blocking the machine after it is turned on if, following the validity check, the authentification code checked on the basis of the code word is invalid. - View Dependent Claims (43, 44, 45)
-
-
46. A method for enhancing security against manipulation of critical data in a register in a machine comprising the steps of:
-
providing a first internal memory in said machine and securing said first internal memory against removal and manipulation during operation of said machine; placing said first internal memory in communication with a processor in said machine during the operation of said machine generating a plurality of authentification codes using respectively separate code words and storing said plurality of authentification codes respectively in a plurality of non-volatile memory areas; storing at least one of said plurality of authentification codes and said separate code words non-volatily in said first internal memory; and generating a plurality of new code words, respectively replacing said separate code words, upon an occurrence of a predetermined event and storing a plurality of respective authentification codes generated with said new code words in said plurality of non-volatile memories and in a register to be protected.
-
Specification