Processor with a function to prevent illegal execution of a program, an instruction executed by a processor and a method of preventing illegal execution of a program
First Claim
1. A processor device comprising an integrated circuit chip residing in a computer system having a function to prevent illegal execution of a program and of a type which has a memory managing unit internal to the processor device having a function to manage a main memory installed in said computer system and has an instruction set for operating itself, whereinsaid instruction set includes an instruction for permitting execution of a program code on said main memory, and said execution permitting instruction includes a predetermined authentication operation in addition to an operation to provide said memory managing unit with an identification number of a program to be executed and address/attribute information, wherein said authentication operation is implemented in a microprogram executed within said processor device to authenticate said program without exposure of authentication result exterior to said chip to thereby protect against system level probing and monitoring.
3 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides an improved technology of preventing illegal use and execution of a software program provided to a computer system. More particularly, the present invention is directed to a Processor of a type in which a memory managing unit is installed therein to manage storing operation of code/data in main memory and includes, as one of instruction set, an execution permitting instruction to permit execution of a program code (application) in the main memory. The procedure of execution permitting instruction is defined by a microprogram and includes an authentication procedure for authenticating the right to use the program beside a procedure for setting predetermined data in the memory managing unit in this invention. Execution of the software program is permitted only when the authentication processing is completed successfully. Because the authentication operation is performed within the processor, it is almost impossible to monitor or detect it from the exterior. Also, by using a processor ID unique to the processor chip as identification information for use in the authentication processing, the right to use a specific software program can be limited to a single processor.
137 Citations
18 Claims
-
1. A processor device comprising an integrated circuit chip residing in a computer system having a function to prevent illegal execution of a program and of a type which has a memory managing unit internal to the processor device having a function to manage a main memory installed in said computer system and has an instruction set for operating itself, wherein
said instruction set includes an instruction for permitting execution of a program code on said main memory, and said execution permitting instruction includes a predetermined authentication operation in addition to an operation to provide said memory managing unit with an identification number of a program to be executed and address/attribute information, wherein said authentication operation is implemented in a microprogram executed within said processor device to authenticate said program without exposure of authentication result exterior to said chip to thereby protect against system level probing and monitoring.
-
6. An instruction executed by a processor device comprising an integrated circuit chip residing in a computer system of a type which has a memory managing unit internal to the processor device for managing a main memory installed in said computer system, said instruction comprising:
-
a predetermined authentication operation, and an operation to provide said memory managing unit with an identification number of a program to be executed and address/attribute information, wherein said authentication operation is implemented in a microprogram executed within said processor device to authenticate said program without exposure of authentication result exterior to said chip to thereby protect against system level probing and monitoring. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A processor device comprising an integrated circuit chip residing in a computer system having a function to prevent illegal execution of a program and of a type which executes predetermined processing while reading/writing a program code and data on a main memory, said device comprising:
-
a bus interface for sending/receiving an instruction and data to and from the exterior of said processor, a decoder for decoding a received instruction, an internal memory for storing a procedure relating to one or more instructions, a logic circuit implementing the procedure relating to one or more instructions, a control unit for executing instructions according to the procedure stored in said internal memory and the procedure implemented in said logic circuit, a processor ID unique to said processor, and a memory managing unit having a function to manage said main memory, one of said internal memory and said logic circuit storing a procedure of execution permitting instruction which permits execution of a program code on said main memory and the procedure of said execution permitting instruction including a predetermined authentication operation beside an operation of providing said memory managing unit with identification information of a program and address/attribute information, wherein said authentication operation is implemented in a microprogram executed within said processor device to authenticate said program without exposure of authentication result exterior to said chip to thereby protect against system level probing and monitoring. - View Dependent Claims (12, 13)
an encryption means for encrypting said processor ID to output it to the exterior via said bus interface, and a decryption means for receiving encrypted identification information from the exterior of said processor device via said bus interface, the identification information including a software ID from a software supplier supplying said program, said decryption means decrypting it to derive the processor ID and the software ID, and in which said predetermined authentication operation may include comparison of each other ID'"'"'s.
-
-
13. A processor of claim 11 in which;
the operation to provide said memory managing unit with the identification number of the program to be executed and the address/attribute information is permitted when said predetermined authentication operation is successfully completed while it is inhibited when the authentication operation fails.
-
14. A processor device comprising an integrated circuit chip residing in a computer system having a function to prevent illegal execution of a program and of a type which executes predetermined processing while reading/writing a program code and data on a main memory, said processor device comprising:
-
a bus interface for sending/receiving an instruction and data to and from the exterior of said processor, a decoder for decoding a received instruction, an internal memory for storing a procedure relating to one or more instructions, a logic circuit implementing the procedure relating to one or more instructions, a control unit for executing instructions according to the procedure stored in said internal memory and the procedure implemented in said logic circuit, a random number generating unit, and a memory managing unit having a function to manage said main memory, said internal memory and said logic circuit storing a procedure of execution permitting instruction which permits execution of a program code on said main memory and the procedure of said execution permitting instruction including a predetermined authentication operation beside an operation of providing said memory managing unit with identification information of s program and address/attribute information, wherein said authentication operation is implemented in a microprogram executed within said processor device to authenticate said program without exposure of authentication result exterior to said chip to thereby protect against system level probing and monitoring. - View Dependent Claims (15, 16)
random number output means for outputting a random number generate by said random number generating means via said bus interface, said information to be encrypted by said encryption means including said generated random number and a software processor ID, and decoding means for receiving the encrypted identification information via said bus interface from the exterior and decrypting it to retrieve the random number and the software ID, and in which said predetermined authentication operation may include comparison of the random number with the software ID.
-
-
16. A processor of claim 14 in which;
the operation to provide said memory managing unit with the identification number of the program to be executed and the address/attribute information is permitted when said predetermined authentication operation is successfully completed while it is inhibited when the authentication operation fails.
-
17. A method of preventing illegal use of a program for a software supplier to permit the right to use a software program to only a single processor device comprising an integrated circuit chip residing in a computer system, said method comprising the steps of:
-
(a) receiving a software program to which a software ID is attached, (b) encrypting a processor ID unique to said processor device to output it to the exterior of said processor device, (c) decrypting the encrypted processor ID and encrypting a software ID managed by a software supplier together with said processor ID in the software supplier, (d) supplying the identification information encrypted in the step (c) to said processor device, (e) decrypting the identification information to retrieve the processor ID and the software ID in said processor device, (f) correlating the processor ID held by said processor device and the software ID attached to said software program with the processor ID and the software ID obtained in the step (e), respectively, (g) permitting said processor device to execute said software program only when said correlating process is completed successfully, wherein said correlating step is implemented in a microprogram executed as part of an instruction within said processor device to authenticate said software program without exposure of authentication result exterior to said chip to thereby protect against system level probing and monitoring.
-
-
18. A method of preventing illegal use of a program for a software supplier to permit the right to use a software program to only a single processor device comprising an integrated circuit chip residing in a computer system, said method comprising the steps of:
-
(a) receiving a software program to which a software ID is attached, (b) generating a random number by said processor device to output it to the exterior of said processor device, (c) encrypting identification information including a software ID managed by a software supplier together with said random number outputted by said processor device in the software supplier, (d) supplying the identification information encrypted in the step (c) to said processor device, (e) decrypting the identification information to retrieve the random number and the software ID in said processor device, (f) correlating the random number held by said processor and the software ID attached to said software program with the random number and the software ID obtained in the step (e), respectively, (g) permitting said processor device to execute said software program only when said correlating process is completed successfully, wherein said correlating step is implemented in a microprogram executed as part of an instruction within said processor device to authenticate said software program without exposure of authentication result exterior to said chip to thereby protect against system level probing and monitoring.
-
Specification