Securing non-volatile memory regions
First Claim
Patent Images
1. A method to secure non-volatile memory regions, the method comprising:
- associating a first key pair and a second key pair different than the first key pair with a process;
using the first key pair to secure a first region of a non-volatile memory for storing first data accessible by the process; and
using the second key pair to secure a second region of the non-volatile memory for storing second data accessible by the same process, the second region being different than the first region.
4 Assignments
0 Petitions
Accused Products
Abstract
Methods, apparatus and articles of manufacture to secure non-volatile memory regions are disclosed. An example method disclosed herein comprises associating a first key pair and a second key pair different than the first key pair with a process, using the first key pair to secure a first region of a non-volatile memory for the process, and using the second key pair to secure a second region of the non-volatile memory for the same process, the second region being different than the first region.
33 Citations
15 Claims
-
1. A method to secure non-volatile memory regions, the method comprising:
-
associating a first key pair and a second key pair different than the first key pair with a process; using the first key pair to secure a first region of a non-volatile memory for storing first data accessible by the process; and using the second key pair to secure a second region of the non-volatile memory for storing second data accessible by the same process, the second region being different than the first region. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A cache controller comprising:
-
a key retriever comprising executable instructions to; retrieve a first key associated with a process in response to determining that first process data is to be written from a cache line of a cache to an ephemeral region of a non-volatile memory; and retrieve a different second key associated with the same process in response to determining that second process data is to be written from the cache line of the cache to a persistent region of the non-volatile memory, the persistent region being different than the ephemeral region; and a processor comprising executable instructions to; use the first key retrieved by the key retriever to encrypt the first process data in the cache line of the cache before the first process data is to be written to the non-volatile memory; and use the second key retrieved by the key retriever to encrypt the second process data in the cache line of the cache before the second process data is to be written to the non-volatile memory. - View Dependent Claims (10, 11, 12)
-
-
13. A system comprising:
-
a non-volatile memory; a cache including a cache line to store data for a process; a volatile memory to store a key table associated with the process, the key table to store a plurality of different key pairs associated with respective different regions of the non-volatile memory, the different key pairs to be used to securely exchange the data between the cache line and the respective different regions of the non-volatile memory; and a cache controller to; combine a key table pointer pointing to the key table and address bits from a tag of the cache line to determine a key pointer pointing to one of the plurality of different key pairs stored in the key table; retrieve an encryption key included in the one of the plurality of different key pairs pointed to by the key pointer to encrypt the data when the data is to be written from the cache line to the non-volatile memory; and retrieve a decryption key included in the one of the plurality of different key pairs pointed to by the key pointer to decrypt the data when the data is to be read from the non-volatile memory and written to the cache line. - View Dependent Claims (14, 15)
-
Specification