Storage device including a non-volatile memory
First Claim
Patent Images
1. A storage device, comprising:
- a controller and a second non-volatile memory, said controller including a first non-volatile memory, whereinsaid controller further includes a first interface for connecting said controller to a host terminal device, a second interface for connecting said controller to said second non-volatile memory, a central processing device, and a volatile memory utilized by said central processing device,said first non-volatile memory includes a first storage area for storing Km data used for encrypting or decrypting a program to be executed by said central processing device and a second storage area for storing data from said host terminal device,said second non-volatile memory includes an access-permitted area for storing data from said host terminal device and an access-prohibited area for storing said program encrypted using said Km data, an access by a user being permitted to said access-permitted area but being limited to said access-prohibited area, andsaid controller;
stores the data from said host terminal device in said access-permitted area of said second non-volatile memory without encryption, if a security level of the data from said host terminal device is lower than a predetermined level;
checks a free available capacity of said first non-volatile memory, if the security level of the data from said host terminal device is higher than the predetermined level;
stores the data from said host terminal device in said second storage area of said first non-volatile memory, if the free available capacity of said first non-volatile memory is sufficient; and
stores the data from said host terminal device in said access-permitted area of said second non-volatile memory after encrypting the data from said host terminal device by using said Km data, if the free available capacity of said first non-volatile memory is insufficient.
4 Assignments
0 Petitions
Accused Products
Abstract
A storage device includes a tamper-resistant module and a flash memory. In correspondence with a command, a CPU inside the tamper-resistant module judges the security of data received from the outside, then recording the data as follows: High-security and small-capacity data is recorded into a memory inside the tamper-resistant module. High-security and large-capacity data is encrypted, then being recorded into the flash memory. Low-security data is recorded as it is into the flash memory. This recording method permits large-capacity data to be stored while ensuring a security (i.e., a security level) corresponding thereto.
-
Citations
15 Claims
-
1. A storage device, comprising:
-
a controller and a second non-volatile memory, said controller including a first non-volatile memory, wherein said controller further includes a first interface for connecting said controller to a host terminal device, a second interface for connecting said controller to said second non-volatile memory, a central processing device, and a volatile memory utilized by said central processing device, said first non-volatile memory includes a first storage area for storing Km data used for encrypting or decrypting a program to be executed by said central processing device and a second storage area for storing data from said host terminal device, said second non-volatile memory includes an access-permitted area for storing data from said host terminal device and an access-prohibited area for storing said program encrypted using said Km data, an access by a user being permitted to said access-permitted area but being limited to said access-prohibited area, and said controller; stores the data from said host terminal device in said access-permitted area of said second non-volatile memory without encryption, if a security level of the data from said host terminal device is lower than a predetermined level; checks a free available capacity of said first non-volatile memory, if the security level of the data from said host terminal device is higher than the predetermined level; stores the data from said host terminal device in said second storage area of said first non-volatile memory, if the free available capacity of said first non-volatile memory is sufficient; and stores the data from said host terminal device in said access-permitted area of said second non-volatile memory after encrypting the data from said host terminal device by using said Km data, if the free available capacity of said first non-volatile memory is insufficient. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A host terminal device, comprising:
-
a connectable/disconnectable storage device including a controller and a second non-volatile memory, said controller including a first non-volatile memory, a first interface for connecting said host terminal device to said storage device, and a first central processing device, wherein said controller further includes a second interface for connecting said controller to said first interface, a third interface for connecting said controller to said second non-volatile memory, and a second central processing device, said first non-volatile memory includes a first storage area for storing Km data used for encrypting or decrypting a program to be executed by said second central processing device and a second storage area for storing data from said host terminal device, said second non-volatile memory includes an access-permitted area for storing data from said host terminal device and an access-prohibited area for storing said program encrypted using said Km data, an access by a user being permitted to said access-permitted area but being limited to said access-prohibited area, and said controller; stores the data from said host terminal device in said access-permitted area of said second non-volatile memory without encryption, if a security level of the data from said host terminal device is lower than a predetermined level; checks a free available capacity of said first non-volatile memory, if the security level of the data from said host terminal device is higher than the predetermined level; stores the data from said host terminal device in said second storage area of said first non-volatile memory, if the free available capacity of said first non-volatile memory is sufficient; and stores the data from said host terminal device in said access-permitted area of said second non-volatile memory after encrypting the data from said host terminal device by using said Km data, if the free available capacity of said first non-volatile memory is insufficient. - View Dependent Claims (14, 15)
-
Specification