Method and system for secure access to non-volatile memory
First Claim
1. An method executed by one or more computing devices for secure access to a nonvolatile memory, comprising:
- receiving, by at least one of the one or more computing devices, a request for privileged access to nonvolatile memory from requesting code, wherein the request includes a code length of the requesting code and a requested priority level;
computing, by at least one of the one or more computing devices, a cryptographic hash of the requesting code using a starting address of the requesting code and the code length;
determining, by at least one of the one or more computing devices, whether the requested priority level is valid based at least in part on one or more of a previous priority level associated with a requested portion of the nonvolatile memory and a predetermined range of acceptable priority levels; and
granting, by at least one of the one or more computing devices, privileged access to the nonvolatile memory based on one of;
a determination that the requested priority level is valid and that the request does not specify an existing portion of the nonvolatile memory;
ora determination that the requested priority level is valid and that the cryptographic hash matches a value of an authentication hash stored in the requested portion of the nonvolatile memory.
2 Assignments
0 Petitions
Accused Products
Abstract
Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc carries an encrypted digital video title combined with data processing operations that implement the title'"'"'s security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations, access secure nonvolatile storage, submit data to CODECs for output, and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies. If pirates compromise a player or title, future content can be mastered with security features that, for example, block the attack, revoke pirated media, or use native code to correct player vulnerabilities.
87 Citations
19 Claims
-
1. An method executed by one or more computing devices for secure access to a nonvolatile memory, comprising:
-
receiving, by at least one of the one or more computing devices, a request for privileged access to nonvolatile memory from requesting code, wherein the request includes a code length of the requesting code and a requested priority level; computing, by at least one of the one or more computing devices, a cryptographic hash of the requesting code using a starting address of the requesting code and the code length; determining, by at least one of the one or more computing devices, whether the requested priority level is valid based at least in part on one or more of a previous priority level associated with a requested portion of the nonvolatile memory and a predetermined range of acceptable priority levels; and granting, by at least one of the one or more computing devices, privileged access to the nonvolatile memory based on one of; a determination that the requested priority level is valid and that the request does not specify an existing portion of the nonvolatile memory;
ora determination that the requested priority level is valid and that the cryptographic hash matches a value of an authentication hash stored in the requested portion of the nonvolatile memory. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for secure access to a nonvolatile memory, the system comprising:
-
one or more processors; and one or more memories operatively coupled to at least one of the one or more processors and having instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to; receive a request for privileged access to nonvolatile memory from requesting code, wherein the request includes a code length of the requesting code and a requested priority level; compute a cryptographic hash of the requesting code using a starting address of the requesting code and the code length; determine whether the requested priority level is valid based at least in part on one or more of a previous priority level associated with a requested portion of the nonvolatile memory and a predetermined range of acceptable priority levels; and grant privileged access to the nonvolatile memory based on one of; a determination that the requested priority level is valid and that the request does not specify an existing portion of the nonvolatile memory;
ora determination that the requested priority level is valid and that the cryptographic hash matches a value of an authentication hash stored in the requested portion of the nonvolatile memory. - View Dependent Claims (11, 12, 13, 14)
-
-
15. At least one non-transitory computer-readable medium storing computer-readable instructions that, when executed by one or more computing devices, cause at least one of the one or more computing devices to:
-
receive a request for privileged access to nonvolatile memory from requesting code, wherein the request includes a code length of the requesting code and a requested priority level; compute a cryptographic hash of the requesting code using a starting address of the requesting code and the code length; determine whether the requested priority level is valid based at least in part on one or more of a previous priority level associated with a requested portion of the nonvolatile memory and a predetermined range of acceptable priority levels; and grant privileged access to the nonvolatile memory based on one of; a determination that the requested priority level is valid and that the request does not specify an existing portion of the nonvolatile memory;
ora determination that the requested priority level is valid and that the cryptographic hash matches a value of an authentication hash stored in the requested portion of the nonvolatile memory. - View Dependent Claims (16, 17, 18, 19)
-
Specification