Detailed description of the invention
(becoming the knowledge on the basis of the present invention)
It is undesirable for managing program of copyright etc. by the illegal act carrying out illegal parsing etc..Therefore, protect
The technology protecting such program (hereinafter referred to as " protection object program ") is widely utilized.This is because, if insufficient guarantor
Protect, the most not only the right person of program can be occurred the reason of loss at various aspects.
Such as, if the decrypted digital content after encrypting the program regenerated can illegally be resolved by illegal person
And distort, then have the situation that digital content is illegally used.
Specifically, illegal person likely, by for the program of decrypted digital content after encryption is resolved,
Acquisition is for the decruption key of the deciphering of digital content, thus illegal reproducing digital content.Further, though answering in digital content
In the case of number of times processed or regeneration times etc. are restricted, illegal person is it is also feasible that pass through to alter for checking answering of digital content
The program of number of times processed or regeneration times etc., so that this restriction ineffective treatment.
Non-patent literature 1 disclosure, the data of defence program etc. are not by the illegal technology resolved of illegal person.At non-patent literary composition
Offer in the technology disclosed in 1, construct and there is the security domain preventing the mechanism from outside unauthorized access.And, LSI
(Large Scale Integration: large scale integrated circuit), has and is carried out the safe mode that processes and not by security domain
Utilizing security domain to carry out the normal mode processed, switching normal mode and safe mode are operated.
This technology, by making protection object program work in the safe mode, thus protection object program is not by illegal
Parsing etc..Accordingly, protection is not obtained illegally for the decruption key of decryption processing, and protection is for checking the journey of regeneration times
Sequence is not illegally distorted.
More specifically, as preventing the mechanism of unauthorized access, inside LSI, to connecting processor and peripheral circuit
The additional signal being referred to as NS-bit (Non Secure bit: dangerous bit) of bus.This NS-bit, at the mould of core processor
Formula is to be set to High during normal mode, is set to Low when the pattern of core processor is safe mode.
And, memory controller (Memory Controller), Cache and the DMA control portion being connected with this bus
Peripheral circuits such as (dma controllers), according to this NS-bit, conduct interviews control.Such as, memory controller, by memorizer
Every certain area (such as, each 4KB size), sets NS-bit.Accordingly, when core processor accesses memorizer, memorizer control
Portion processed, compares the value of the value of the NS-bit of bus and the NS-bit of memorizer, and conduct interviews control.
Specifically, the pattern at core processor is normal mode (NS-bit of bus is High) and core processor general
In the case of the memory area (NS-bit of memorizer is Low) of safe mode to be accessed, memory controller forbids this visit
Ask.And, memory controller allows other access.
Information processor, by utilizing the anti-locking mechanism of such unauthorized access such that it is able to forbid work in the normal mode
The program made, accesses the memory area of safety and is defined to safe mode and the function etc. that utilizes.It is to say, at information
Reason device, stores the decruption key being used for decryption processing the memory area of safe mode, performs deciphering in the safe mode
Process, perform to check the process of regeneration times in the safe mode.Accordingly, information processor, it is possible to prevent by illegal person is non-
The parsing of method and distorting.
But, according to the structure of non-patent literature 1, only, core processor and these both sides of peripheral circuit are exactly
Process NS-bit, thus realize controlling for the access of program, prevent from make use of the parsing of offensive program and distorting.
It is therefoie, for example, in the case of the program performed in LSI utilizes the memorizer (SDRAM etc.) outside LSI, according to non-patent literary composition
Offer the structure of 1, there is the problem that can not prevent the attack to the holding wire connecting LSI and memorizer.
Specifically, illegal person likely, by utilizing oscillograph or logic analyzer etc., captures on (detection) holding wire
The data of flowing, thus directly obtain the data being written to safe memory area.And, illegal person likely, by solve
The data that analysis obtains, it is thus achieved that the key etc. of protection digital content, thus illegal copy digital content.
Information processor needs, suitably protection protection object data, not by such attack, i.e. because utilizing logical analysis
The data that the hardware of device etc. carrys out detectable signal line etc. and can occur flow out.
Then, the information processor that one embodiment of the present invention relates to, is the information processing protection object data
Processing means, this information processor possesses: the first storage part;Second storage part;And Cache control portion, by described
Storage data high-speed in first storage part is cached to described second storage part, and described Cache control portion, with from high
Speed is cached in the cache area of the described storage data of described second storage part the cached data that obtains will not be by
Write back to the mode of described first storage part, lock the described cache area in described second storage part, described second
After described cache area in storage part is locked, the described protection object data different from described storage data is write
Enter the described cache area in described second storage part.
Accordingly, protect object data, be not written to the memorizer (the first storage part) of SDRAM etc., and be written to deposit
The Cache for cached data (the second storage part) in reservoir.Outside device accesses and is written to delay at a high speed
The data of storage are difficult.Further, protect object data, be written to the cache area being locked, thus without quilt
Write back to memorizer.Therefore, it is possible to suitably object data is protected in protection.
For example, it is also possible to be, described Cache control portion, by the described protection number of objects to export from processor
According to the mode that will not be obtained by outside device by the circuit of physical protection, the described protection object that will export from described processor
Data are written to the described cache area in described second storage part, right with the described protection in described cache area
The mode that image data will not be obtained by outside device, described second storage part is by physical protection.
Accordingly, it is difficult that outside device physical obtains protection object data.Therefore, it is possible to suitably object is protected in protection
Data.
Further, for example, it is also possible to be, described Cache control portion, when described protection object data is processed, pin
To described protection object data, distribute the data area in described first storage part, by allocated described data area
Described storage data high-speed is cached to described second storage part, with from the described storage being cached to described second storage part
The described cached data obtained in the described cache area of data will not be written back to the side of described first storage part
Formula, locks the described cache area in described second storage part, the described cache memory section in described second storage part
After territory is locked, the described protection object data different from described storage data is written to the institute in described second storage part
State cache area.
Accordingly, when protecting object data to be processed, for protecting the data area of object data, divided in memory
Join.Therefore, the suitable corresponding relation in the region of region and the Cache of memorizer is maintained.
Further, for example, it is also possible to be, described Cache control portion, after described protection object data is processed,
Remove the described cache area in described second storage part, with the institute obtained in the described cache area after removing
State cached data and can be written back to the mode of described first storage part, release the locking of described cache area.
Accordingly, protect object data, before being written back to memorizer from Cache, be eliminated.Therefore, it is possible to it is suitable
When protection protection object data.
Further, for example, it is also possible to be, described information processor is also equipped with processor, and this processor generates described protection
Object data, and export the described protection object data of generation, described Cache control portion, in described second storage part
Described cache area locked after, the described protection object data exported from described processor is written to described the
Described cache area in two storage parts.
Accordingly, processor the protection object data generated is written to Cache.Therefore, it is possible to suitably protection by
The protection object data that processor generates.
Further, for example, it is also possible to be, described information processor is also equipped with integrated circuit, described second storage part, described
Cache control portion and described processor, be comprised in described integrated circuit.
Accordingly, Cache and processor constitute an integrated circuit.In outside device Access Integration circuit
Data are difficult.Therefore, it is possible to suitably object data is protected in protection.
Further, for example, it is also possible to be, described processor, by encryption data is decrypted, thus generate described protection
Object data, and export the described protection object data of generation.
Hereby it is possible to suitably protect the protection object data obtained by the deciphering of encryption data.
Further, for example, it is also possible to be, described Cache control portion, will be predefined for being written to institute by program
The described protection object data stating the first storage part is written to the described cache area in described second storage part.
Accordingly, program will be written to the protection object data of memorizer, be not written to memorizer, and be written to height
Speed buffer.Therefore, it is possible to suitably object data is protected in protection.
Further, for example, it is also possible to be, described Cache control portion, executable program is right as described protection
Image data is written to the described cache area in described second storage part.
Hereby it is possible to protection protection object program is not tampered with.Therefore, it is possible to suitably perform protection object program.
Further, for example, it is also possible to be, described processor, perform security procedure in the safe mode, just performing in the normal mode
Chang Chengxu, described first storage part has the first memory area and the second memory area, described first memory area be for
Storing the region of described normal procedure, described second memory area is the region for storing described security procedure, and is prohibited from
The region accessed by described normal procedure.
Accordingly, perform program with suitable level of security, perform to access control according to the level of security corresponding with program.
Further, for example, it is also possible to be, described Cache control portion, will be predefined for by described security procedure will be by
The described protection object data being written to described second memory area is written to the described cache in described second storage part
Region.
Accordingly, program will be written to the protection object data of memorizer, be not written to memorizer, and be written to height
Speed buffer.Therefore, it is possible to higher level protection protection object data.
Further, for example, it is also possible to be, described information processor is also equipped with accessing control portion, and this access control portion forbids
Described second memory area is accessed by described normal procedure.
Hereby it is possible to suitably control the access to the multiple memory areas in memorizer.Therefore, it is possible to suitably limit illegal
The execution of program.
And then, they in all directions or concrete form, can be by system, method, integrated circuit, computer program or note
Recording medium realizes, it is also possible to come real by the arbitrary combination of system, method, integrated circuit, computer program or record medium
Existing.
Hereinafter, the information processor that one embodiment of the present invention is related to, it is specifically described referring to the drawings.
And, embodiment explained below, show that an object lesson of the present invention.Number shown in below example
Value, shape, material, element, the allocation position of element and connection form, step, the order etc. of step, be one
Example rather than restriction spirit of the invention.Further, in the element of below example, illustrate that upper is general
The element being silent in the individual requests item read, illustrates as arbitrary element.
(embodiment 1)
The information processor that the present embodiment relates to is, connects from the content recording apparatus recording the broadcast wave received by antenna
Receive content, and show the content display of content.
<structure of content delivering system>
Fig. 1 is the structure chart of the content delivering system that the present embodiment relates to.Such as Fig. 1, content delivering system 100 includes, interior
Hold display device 110, content recording apparatus 120 and antenna 121.
Content display 110 is the information processor that the present embodiment relates to.Content display 110, via network
It is connected with content recording apparatus 120.And, content display 110, receive the content that content recording apparatus 120 is recorded, aobvious
Show the content of reception.
Content recording apparatus 120, is connected with antenna 121.And, content recording apparatus 120, record is received by antenna 121
Content.Further, content recording apparatus 120, according to the request from content display 110, to content display 110
Send the content of record.Content recording apparatus 120 can also, from have portability record medium read content, show to content
Device 110 sends the content read.
Content display 110 and content recording apparatus 120 have, common encryption and decryption key.And, content record
Device 120, uses encryption and decryption key to carry out encrypted content, the content after content display 110 sends encryption.Accordingly, prevent
Capture connects the data of flowing on the network of content display 110 and content recording apparatus 120, thus illegally obtains content
Situation.
Need the encryption and decryption key that suitably protection content display 110 and content recording apparatus 120 have jointly.Want
Protection encryption and decryption key, the most by by employ debugging routine or unauthorized applications (following, application program also referred to as should
With) the attack of software, the most by attacking by the hardware of bus probe etc., otherwise can be compromised.
And, in the case of on this encryption and decryption key and network, content after the encryption of flowing is obtained, content can quilt
Illegal deciphering.It is preferred, therefore, that in the inside of content display 110, the most suitably protection encryption and decryption key, using as hidden
Hide data.
<hardware configuration of content display 110>
Fig. 2 is the hardware structure diagram of the content display 110 shown in Fig. 1.Such as Fig. 2, content display 110 includes,
System LSI 1000, memorizer 1020 and Nonvolatile memory devices 1050.
System LSI 1000 includes, CPU (Central Processing Unit: central processing unit) 1001, IPL
(Initial Program Loader: Initial Program Loader) 1002, memory controller (Memory Controller) 1003,
Cache 1004 and key maintaining part 1006.
CPU1001, performs the general-purpose operating system (general purpose O S) 1031 or broadcasting application 1032 that memorizer 1020 is deposited
The order code comprised in Deng.Accordingly, CPU1001, control the work of content display 110 entirety.Further, CPU1001, have
Safe mode and normal mode the two pattern.
Boot loader 1041, SOS (safe OS) 1042 and content reproduction application 1043, with safe mould
Formula works.The program worked in the safe mode, it is possible to access the memory area (safety zone that the program of safe mode is used
1040), it is also possible to access the memory area (normal region 1030) that the program of normal mode is used.And then, in the safe mode
The program of work, it is also possible to utilize the peripheral circuit (crypto engine etc.) that can utilize in the safe mode.
On the other hand, the general-purpose operating system 1031, broadcasting application 1032 and content reception application 1033, in the normal mode
Work.The program worked in the normal mode, it is possible to access the normal region 1030 that the program of normal mode is used, but, no
The safety zone 1040 that the program of safe mode is used can be accessed.
Further, safe mode and normal mode each, also have privileged mode and nonprivileged mode the two pattern.
Boot loader 1041, SOS 1042 and the general-purpose operating system 1031, work in privileged mode.They, it is possible to
The various resources of free access memorizer 1020, network I/F and input and output I/F etc..
On the other hand, content reproduction application 1043, work in non-privileged mode, it is possible to access SOS 1042 and set
The fixed resource in scope.Further, play application 1032 and content reception application 1033, work in non-privileged mode, it is possible to
Access the resource in the range of the general-purpose operating system 1031 setting.
CPU1001, when accessing the peripheral circuit of memory controller 1003 grade, exports NS-bit (Non Secure
Bit) signal.In the case of CPU1001 makees in work in the safe mode, NS-bit is set as Low by CPU1001.Another
Aspect, in the case of CPU1001 makees in work in the normal mode, NS-bit is set as High by CPU1001.Such as memorizer
The peripheral circuit being connected with bus of control portion 1003 grade, according to the state of this NS-bit, conduct interviews control.
IPL1002 is, after the power on of content display 110, and the program initial started up.IPL1002, carries out total
The initial setting of the hardware of line, memory controller 1003, memorizer 1020 and Nonvolatile memory devices 1050 etc..This
Time, IPL1002, launches boot loader 1041 for memorizer 1020 and performs.IPL1002, with the state not being tampered
In mask rom being stored in system LSI 1000 etc..
Memory controller 1003, also referred to as Memory Controller, control from other the circuit being connected with bus to
The access of memorizer 1020.Memory controller 1003, is divided into normal region 1030 and peace by the inside of memorizer 1020
Region-wide 1040 the two regions manage.
And, in CPU1001 works in the normal mode, (NS-bit is High) and CPU1001 will access place of safety
In the case of territory 1040, memory controller 1003, forbid this access.And, in CPU1001 works in the normal mode
In the case of (NS-bit is High) and CPU1001 will access normal region 1030, memory controller 1003, it is allowed to should
Access.
Further, in CPU1001 works in the safe mode, (NS-bit is Low) and CPU1001 will access normal district
In the case of territory 1030 or safety zone 1040, memory controller 1003, it is allowed to this access.
When CPU1001 will access memorizer 1020, Cache 1004, will comprise what CPU1001 will access
The data of certain size of the data in memorizer 1020, are read into the inside of Cache 1004.Then, cache
Device 1004, in the case of CPU1001 will read in data, returns data to CPU1001, will write data at CPU1001
In the case of, rewrite the data of the inside being read into Cache 1004.
Now, the data in the memorizer 1020 that CPU1001 will access have been read into Cache 1004
Inside in the case of, Cache 1004, do not read in data from memorizer 1020, and utilize the interior of Cache 1004
The data in portion process.Accordingly, at CPU1001, when the continuous print data in memorizer 1020 are conducted interviews, access speed
Improve.
Cache 1004, the inside of Cache 1004 for store the region of data completely time, with quilt
The new data of the inside being read into Cache 1004 rewrite the most stored data.
In the case of CPU1001 will write data, Cache 1004, update the inside of Cache 1004
Data, and, with suitable timing, this renewal is reflected memorizer 1020.The method updating reflection is had, direct writing means
(Write Through Algorithm) and write-back mode (Write Back Algorithm) the two mode.
According to direct writing means, when CPU1001 will write data, update the data of the inside of Cache 1004,
Further, this renewal reflects memorizer 1020.
According to write-back mode, when CPU1001 will write data, update the data of the inside of Cache 1004.
And, will be to be read into the new data of the inside of Cache 1004 before rewriteeing the data after this renewal, this is more
New reflection is to memorizer 1020.
In the present embodiment, in order to prevent hiding data to be written to memorizer 1020, Cache 1004 is set
For, reflect renewal in write-back mode.
Cache 1004, when having from the access request of the data of CPU1001, needs moment retrieval the most slow
Whether the inside of storage 1004 exists these data.Therefore, Cache 1004, at the storage inside number of Cache 1004
According to time, with special data configuration storage data.
Such as, Cache 1004, to be referred to as the internal data stored of the unified unit management of " line (Line) ".
Specifically, Cache 1004, according to the memorizer corresponding with the data that the inside of Cache 1004 is deposited
(following, collection indexes the lower-order digit bit of the address in 1020: SetIndex), limits deposit position.
In each line, the part (label) beyond the collection index of storage address and data.Cache 1004,
According to deposit position and the information of label, identify that the data deposited in this line are the numbers that the where of memorizer 1020 stored
According to.
Cache 1004 can, deposit multiple label and data to the deposit position with same collection index.This
Sample deposit place, be known respectively as road (Way).Four labels and the Cache of data can be deposited, be referred to as 4 tunnels high
Speed buffer.
Cache 1004, when the data in memorizer 1020 being read into the inside of Cache 1004, also
By be used for identifying these data be normal region 1030 and safety zone 1040 which side region in already recorded data
Information (NS-bit), record together with data.
Cache 1004, in the case of reading in data from normal region 1030, records High together with these data
NS-bit.On the other hand, Cache 1004, in the case of reading in data from safety zone 1040, with these data one
Play the NS-bit of record Low.CPU1001 will accesses cache 1004 time, Cache 1004, with memorizer
Control portion 1003 is same, and with reference to the pattern of CPU1001 and the value of NS-bit that is recorded together with data, conduct interviews control
System.
Specifically, in CPU1001 works in the normal mode in the case of, Cache 1004, forbid to NS-
Bit is set to the access of the cached data (data read in from safety zone 1040) of Low.And, in addition
In the case of, Cache 1004, it is allowed to access.
Cache 1004 has, data, the address of data, Dirty mark and Valid mark.Data, from depositing
Reservoir 1020 is read into.Address is, the address of the data of memorizer 1020.Dirty mark is, the data of Cache 1004
The mark set when being written over.Valid mark is, it is shown that house the mark of the situation of effective data in Cache 1004
Will.
Key maintaining part 1006, keeps encryption and decryption key.This encryption and decryption key, for encrypted secret datum 1051, encryption
Boot loader 1052, encryption safe operating system 1053 and the deciphering of encrypted content regeneration application 1054.Further, this adds
Decruption key, hiding data, boot loader 1041, SOS 1042 and the content reproduction after deciphering should
With the encryption of 1043.
And then, it is also possible to the encryption and decryption to other data, utilize this encryption and decryption key.And, it is also possible to being used for counting
According to this and the encryption and decryption of other key of encryption and decryption of program etc., this encryption and decryption key is utilized.
Further, key maintaining part 1006, it is also possible to keep the multiple encryption and decryption keys corresponding with multiple programs.Further, close
Key maintaining part 1006, it is also possible to keep mutually different encryption key based on public key encryption mode and decruption key.
Or, key maintaining part 1006, it is also possible to keep common encryption and decryption key based on common key cipher mode.
Memorizer 1020 is, volatile RAM (Random Access Memory: random access storage device), including just
Often region 1030 and safety zone 1040.
In normal region 1030, deposit CPU1001 and work in the normal mode the program of middle execution.Specifically, deposit
The general-purpose operating system 1031, broadcasting application 1032 and content reception application 1033.Further, in normal region 1030, deposit
The shared data 1034 that the program worked in the normal mode and these both sides of program worked in the safe mode access.
In safety zone 1040, deposit CPU1001 and work in the safe mode the program of middle execution.Specifically, deposit
Boot loader 1041, SOS 1042 and content reproduction application 1043.
In the case of in CPU1001 works in the safe mode, and in working in the normal mode in the case of,
CPU1001 can access normal region 1030.In the case of in CPU1001 works in the safe mode, CPU1001 can visit
Pay one's respects region-wide 1040.But, in CPU1001 works in the normal mode in the case of, CPU1001 can not access safety zone
1040.Such access controls, memory controller 1003 realize.
And, in the environment of application will not be by user installation, debugging routine or illegal application are not mounted.Such
Under environment, it is also possible to do not distinguish normal region 1030 and safety zone 1040.Furthermore, it is also possible to carry out all of in the normal mode
Process.
Nonvolatile memory devices 1050 is, the memory element of flash memory etc., is built in content display 110.And,
In Nonvolatile memory devices 1050, deposit encrypted secret datum 1051.For the structure of encrypted secret datum 1051, rear
Face illustrates.Further, in Nonvolatile memory devices 1050, encryption boot loader 1052, encryption safe operation are deposited
Other the safety applications (not illustrating) that the regeneration application 1054 of system 1053, encrypted content and memorizer 1020 are deposited.
In Nonvolatile memory devices 1050, it is also possible to also deposit broadcasting application 1032, content reception application 1033 with
And content reproduction applies the application of 1043 etc..The program deposited in safety zone 1040, as encryption boot loader 1052, encryption
SOS 1053 and encrypted content regeneration application 1054 like that, are stored in Nonvolatile memory devices after encryption
In 1050.For the structure of the program after encryption, illustrate later.
Content display 110, is also equipped with the input and output portion etc. being shown without in Fig. 2.But, it is not this due to them
The essence of technology, therefore omits the description.Further, system LSI 1000, it is also equipped with the peripheral circuit etc. being shown without in Fig. 2.But
It is, owing to they are not the essence of this technology, therefore to omit the description.
<hardware configuration of Cache 1004>
Fig. 3 is the structure chart of the Cache 1004 shown in Fig. 2.Such as Fig. 3, Cache 1004 includes, memory block
Territory 1011 and Cache control portion (cache controller) 1012.
Memory area 1011 is, for the region cached by the data high-speed in memorizer 1020.It is to say, memorizer
Data in 1020 are cached to memory area 1011.
Cache control portion 1012, also referred to as cache controller, the work to Cache 1004
It is controlled.Such as, Cache control portion 1012, the data high-speed in memorizer 1020 is cached to Cache
Memory area 1011 in 1004.
More specifically, Cache control portion 1012, accept the request of the data from CPU1001, will be by a high speed
The data being cached to memory area 1011 are sent to CPU1001.Memory area it is not cached in requested data
In the case of 1011, Cache control portion 1012, via memory controller 1003 etc., by the data in memorizer 1020
Cache to memory area 1011.And, Cache control portion 1012, memory area 1011 will be cached to
Data are sent to CPU1001.
And, the structure of Fig. 3 is an example.Such as, Cache control portion 1012 can also be, independent of at a high speed
The element of buffer 1004.Further, Cache 1004 can also be, is referred to as L2 Cache (Level 2
Cache) Cache, be referred to as the Cache of L1 Cache (Level 1 Cache), other high speed is delayed
Storage.
<software configuration of content display 110>
Fig. 4 is the software architecture diagram of the content display 110 shown in Fig. 1.Such as Fig. 4, content display 110 includes,
The software of common software execution environment (hereinafter referred to as " home (NormalWorld) ") 1100 and safety performs ring
Border (hereinafter referred to as " security context (SecureWorld) ") 1200.
Content display 110, switching home 1100 and security context 1200, perform program.And, for switching
Home 1100 and the method for security context 1200, it is possible to use the such as method described in patent documentation 1.
<software configuration of home 1100>
Home 1100 includes, the general-purpose operating system 1031, play application 1032, content reception application 1033 and
Share data 1034.
The general-purpose operating system 1031, manages and (plays application 1032 with the application of home 1100 work and content connects
Receive application 1033 etc.).Further, the general-purpose operating system 1031, carry out with the applications exploiting network etc. of home 1100 work
Access Management Access during hardware and resource management.
Playing application 1032 is to control the application of the regeneration of content, provide a user with for carrying out the selection of content, regeneration
Or the interface of stopping etc..Further, play application 1032, when user entrusts the regeneration of content, to content reception application 1033 with
And content reproduction application 1043 indicates.And, content reception application 1033, receive content from content recording apparatus 120, interior
Hold regeneration application 1043, carry out the Regeneration Treatment of the content being received.
Content reception application 1033, when there being the trust from broadcasting application 1032, by commission content, via network
Receive from content recording apparatus 120.
Home 1100 can also, also include the application being shown without in Fig. 4.
<software configuration of security context 1200>
Security context 1200 includes, boot loader 1041, SOS 1042 and content reproduction application
1043。
Boot loader 1041, when the startup of content display 110, is started by IPL1002.And, guide and load
Device 1041, carries out the initialization of security context 1200, the setting process of safety zone 1040 and SOS 1042
Loading processing etc. to memorizer 1020.
SOS 1042, manages safety applications (the content reproduction application 1043 with security context 1200 work
Deng).Further, SOS 1042, when the startup of safety applications, safety applications is loaded into safety zone 1040.According to
This, SOS 1042, for the application protection safety applications worked with home 1100.
And then, SOS 1042 includes, hiding data loading unit 1044 and cache locking portion 1045.
Such as, the content reproduction as safety applications applies 1043, entrusts SOS 1042, deposits non-volatile
The encrypted secret datum 1051 that storage device 1050 is recorded loads as hiding data 1010.SOS 1042, committee
Torr cache locking portion 1045, locking for being loaded into the region of Cache 1004 by hiding data 1010.
Then, SOS 1042, entrust hiding data loading unit 1044, using encrypted secret datum 1051 as hidden
Hide data 1010 to load.Accordingly, the hiding data 1010 being loaded into Cache 1004 is controlled as, and will not be written out to
Memorizer 1020.
Hiding data loading unit 1044, according to the trust from SOS 1042, carries out non-volatile memories dress
Put deciphering and the checking of 1050 encrypted secret datum 1051 recorded.And, hiding data loading unit 1044, by hiding number
The region specified it is loaded into according to 1010.Further, hiding data loading unit 1044, according to the committee from SOS 1042
Torr, calculates the validation value (Verification Value) of hiding data 1010, is encrypted hiding data 1010, and generation adds
Close hiding data 1051.
Cache locking portion 1045, according to the trust from SOS 1042, by memorizer 1020 middle finger
The data in fixed region are read into Cache 1004.And, cache locking portion 1045, lock Cache
1004 (parts for Cache 1004), so that the data of the inside of Cache 1004 will not be written out to memorizer
1020。
Here, the locking of Cache 1004 is it is meant that control will not to be returned for the data in Cache 1004
Write memorizer 1020.Such as, according to the locking of Cache 1004, the data that usage frequency is high are maintained at cache
The inside of device 1004, the performance that data process improves.
As the work of typical Cache 1004, the data in memorizer 1020 are read into Cache
Lock under the state of 1004.Therefore, the cache locking portion 1045 of the present embodiment, at locking Cache 1004
Before, the data in memorizer 1020 are read into Cache 1004.Now it is read into the number of Cache 1004
According to, it is not used.
Further, cache locking portion 1045, according to the trust from SOS 1042, to Cache
Region write 0 value (value of 0) unlocked in 1004.Then, cache locking portion 1045, it is cached device 1004
Unblock processes.
If here, 0 value is not written into and Cache 1004 is unlocked same as before, then cause being written to cache
The hiding data of device 1004 is written to memorizer 102.Therefore, cache locking portion 1045, it is being cached device
Before the unblock of 1004 processes, to region write 0 value unlocked.
The method of locking Cache 1004 has, such as, and the entirety (all of road) of locking Cache 1004
Method, lock the method on several roads among all of road and lock the method etc. of several line.
In the case of the information of the label that can read Cache 1004 at CPU1001, locking several roads or line
Method etc. in, cache locking portion 1045, it is thus achieved that the information of label.And, cache locking portion 1045, determine
The road corresponding with the region specified by SOS 1042 or line etc., lock the road being determined or line etc..
In the case of the information of the label that can not read Cache 1004 at CPU1001, according to lock several roads or
The method etc. of line, as follows, road or line etc. are locked.
First, cache locking portion 1045, by the road not having to be locked or the line of the inside of Cache 1004
Memorizer 1020 is reflected Deng the data deposited.And, cache locking portion 1045, in Cache 1004,
By such data invalid.Accordingly, the data becoming the region specified by SOS 1042 are not stored in height
State in speed buffer 1004.
Then, cache locking portion 1045, retain road or the line etc. of last locking, lock other road or line etc..
In this condition, cache locking portion 1045, carry out the reading of the data in the region specified by SOS 1042
Process.
And, cache locking portion 1045, the locking of other the road unlocked or line etc..The opposing party is high
Speed buffer sticking department 1045, road that the data in region that locking is specified by SOS 1042 are read into or line etc..High
Speed buffer sticking department 1045, in the process of the locking of the road unlocked or line etc., does not release from the most just locking
Road or the locking of line etc..
Accordingly, corresponding with the region specified by SOS 1042 road or line etc. are locked.
Loading processing and unloading for hiding data 1010 process, and utilize sequence chart to be described in detail later.
Content reproduction application 1043, accepts from the trust playing application 1032, carries out content reception application 1033 from interior
Hold the Regeneration Treatment of the content that recording equipment 120 receives.But, content reception application 1033 receives from content recording apparatus 120
Content be already encrypted.Then, content reproduction application 1043, in order to be decrypted, to safety operation the content after encryption
System 1042 entrusts the loading of the hiding data 1010 comprising decruption key.
Security context 1200 can also, also comprise the safety applications being shown without in Fig. 4.
<encrypted secret datum 1051>
Fig. 5 is the structure chart of the encrypted secret datum 1051 shown in Fig. 2.Such as Fig. 5, encrypted secret datum 1051 includes, head
Information 1061, hiding data main body 1062 and validation value 1063.Header 1061, not have encrypted state to be stored,
Hiding data main body 1062 and validation value 1063, be stored with encrypted state.
Header 1061 includes, the starting position of hiding data main body 1062 and size, the starting position of validation value 1063
And size, cipher mode and identifier etc..Cipher mode is, in adding of hiding data main body 1062 and validation value 1063
The cipher mode that make use of in close.Further, identifier is, for identifying the identifier of the verification algorithm of validation value 1063.
Hiding data main body 1062 comprises, for be decrypted the encrypted content received from content recording apparatus 120
The information of the parameter utilized in key and decipherment algorithm.Such information is, for attacking of the hardware by bus probe etc.
Hit and by the attack of the software employing illegal application, need information to be protected.Therefore, hiding data main body 1062, non-
In volatile storage 1050, it is recorded with encrypted state.
And, hiding data main body 1062, applied by content reproduction the safety applications of 1043 grades when utilizing decrypted, quilt
It is loaded into Cache 1004.Before, with the number for loading memory area corresponding to the region of hiding data main body 1062
According to being read into Cache 1004.And, Cache 1004 is locked, so that hiding data main body 1062 will not be by
It is written out to memorizer 1020.Then, hiding data main body 1062, it is loaded into Cache 1004.
Validation value 1063 is, for verifying the value that hiding data main body 1062 is not tampered.Specifically, validation value
1063 are, the hashed value obtained by the hiding data main body 1062 before encryption is input to hash function.And, validation value
1063, encrypted together with hiding data main body 1062.
And, hiding data 1010, it is not limited only in the key for encrypted content is decrypted and decipherment algorithm
The information of the parameter used.Hiding data 1010 can also include, needs other data (such as, the content display dress hidden
Put the device keys etc. each respectively having of 110 and similar device).Further, hiding data 1010 can also be, needs
The code of the algorithm hidden or for processing the code etc. of data needing to hide.
And, it is shown that include the encrypted secret datum 1051 of a hiding data main body 1062, but, enciphering hiding number
It is not limited only to such structure according to 1051.Encrypted secret datum 1051 can also include multiple hiding data main body.Now, multiple
Hiding data main body can be encrypted as a series of data, it is also possible to is separately secured as individual other data.Further, Duo Geyin
Hide data subject can also, utilize respectively different cipher mode and respectively different encryption key encrypted.
Further, encrypted secret datum 1051, the multiple validation values corresponding with multiple hiding data main bodys can be included, it is possible to
It is the validation value list of to include that multiple validation value collects.Further, encrypted secret datum 1051 can also, for encryption hidden
Hide all of hiding data main body that data 1051 include, including a validation value 1063.
Further, as it has been described above, encrypted secret datum 1051 includes validation value 1063, but, encrypted secret datum 1051 is not
It is only limitted to such structure.Validation value 1063, can be additionally independent of encrypted secret datum 1051, it is also possible to do not exist.Further,
As it has been described above, validation value 1063 is encrypted but it also may the most encrypted.Further, validation value 1063, can be with hiding data main body
1062 is the most encrypted, it is also possible to additionally encrypted independent of hiding data main body 1062.
Further, for the encryption of hiding data main body 1062, it is possible to use common key encryption as DES or AES
Mode, it is also possible to utilize the public key encryption mode of RSA or ElGamal etc., it is also possible to combine them.
Further, as it has been described above, hiding data main body 1062 and validation value 1063 are caught encryption, but, the shape of encryption
State is not limited only to this.Can be separately secured with hiding data main body 1062 and validation value 1063, it is also possible to validation value 1063 not by
Encryption and hiding data main body 1062 is encrypted.
Further, validation value 1063, can not be positioned at after hiding data main body 1062, and be positioned at hiding data main body
Before 1062.Further, validation value 1063, may be embodied in header 1061.And then, validation value 1063, can not comprise
In encrypted secret datum 1051, and separate with encrypted secret datum 1051, be stored in the multiple of encrypted secret datum 1051
In the validation value list that validation value collects.
And, for hash function, it is possible to use the algorithm of MD4, MD5, SHA-1 and SHA-2 etc..Further, checking
Value 1063 can also, be not hashed value, but digital signature (DigitalSignature), message authentication code (MAC:Message
Authentication Code) value, error detection code value or error correction code value.
For calculating the algorithm of MAC value, it is possible to utilize CBC-MAC and HMAC etc..For computing faults in checking codes value
Algorithm, it is possible to utilize cyclic redundancy check (CRC:Cyclic RedundancyCheck) and verification summation (checksum)
Deng.Algorithm for mistake in computation correction code value, it is possible to utilize Reed Solomon code and Turbo code etc..
Encrypted secret datum 1051, is stored in non-volatile memories dress when the factory of content display 110 manufactures
Put in 1050.Now, the primary data of hiding data main body 1062, it is generated, and is added with individual other key of each equipment
Close.Accordingly, encrypted secret datum 1051 is generated.The key employed in encryption, be stored in system LSI 1000 is close
Key maintaining part 1006.
And, encrypted secret datum 1051 can also, be distributed to content display via the communication lines of network etc.
110.Now, for encrypted secret datum 1051, it is also possible to the enciphering hiding number after encrypting with individual other key of each equipment
It is distributed according to 1051.Or, it is also possible to it is distributed with the encrypted secret datum 1051 after the key encryption that all of equipment is common.
And, content display 110 can also, receive after encrypted secret datum 1051, add with individual other double secret key of each equipment
Close hiding data 1051 is encrypted, and preserves.
Further, encrypted secret datum 1051 can also, do not utilize network, and utilize the record medium with portability to be deposited
It is put in content display 110.
<structure of bag generating unit>
Fig. 6 is the structure chart of the bag generating unit for generating safety applications that the present embodiment relates to.Such as Fig. 6, bag generating unit
3000 include, compiler 3100, linker 3101 and bag Core Generator 3102.Bag generating unit 3000, utilizes privacy key
3112, public key certificate (Public KeyCertificate) 3113 and enactment document 3114, according to source code (program
Code) 3110 generation safety applications 3111.
Compiler 3100, the source code 3110 after compiling input, generate obj ect file.
Linker 3101, the obj ect file making storehouse (library) and compiler 3100 generate links.And, linker
3101, generate the file (program file) that content display 110 is able to carry out.
Bag Core Generator 3102, the program file generated according to linker 3101, utilize enactment document 3114, privacy key
3112 and public key certificate 3113, generate safety applications 3111.
Bag generating unit 3000, is comprised in the safety applications development device different from content display 110.And,
The safety applications 3111 generated by the bag generating unit 3000 of safety applications development device, regenerates application 1054 as encrypted content
Deng, it is stored in the Nonvolatile memory devices 1050 of content display 110.
<structure of safety applications 3111>
Fig. 7 is the structure chart of the safety applications 3111 that the present embodiment relates to.Such as Fig. 7, safety applications 3111 includes, application head
Information 3201, application main body 3202, enactment document 3203, application signature list (Application Signature List)
3204, public key certificate 3205 and signature (Signature) 3206.
In fig. 7 it is shown that the structure of safety applications 3111, but, it is not limited only to the structure of content reproduction application 1043,
The structure of boot loader 1041 and SOS 1042 can also be as the structure shown in Fig. 7.
Application head information 3201 includes, for identifying the identifier of safety applications 3111.Further, application head information 3201,
For application main body 3202, enactment document 3203, application signature list 3204 and public key certificate 3205 each, including opening
Beginning address, size and number of files etc..Further, application head information 3201 includes, with to application main body 3202, enactment document 3203
And the information etc. that the cipher mode that employs when being encrypted of application signature list 3204 is relevant.
Application main body 3202 is, according to source code 3110, uses the program file that compiler 3100 and linker 3101 generate.
Enactment document 3203 is identical with the enactment document 3114 being input to bag Core Generator 3102.
Application signature list 3204 is, the row of the signature arrangement of application main body 3202 and these both sides of enactment document 3203
Table.Bag Core Generator 3102, when generating safety applications 3111, according to the application main body 3202 after input and enactment document
3203, generate each signature, generate application signature list 3204.For the generation of signature, use privacy key 3112.
Public key certificate 3205 is identical with the public key certificate 3113 being input to bag Core Generator 3102.
Signature 3206 is, by application head information 3201, application main body 3202, enactment document 3203, application signature list
3204 and the signature of a series of data that constitutes of public key certificate 3205.Here, to apply main body 3202, enactment document
3203 and the encrypted state of application signature list 3204, signature 3206 is generated.
And, described safety applications 3111 is configured to, and signs including application main body 3202, enactment document 3203, application
List of file names 3204 and public key certificate 3205 respective each, but, the structure of safety applications 3111, be not limited only to this
The structure of sample.For application main body 3202, enactment document 3203, application signature list 3204 and public key certificate 3205
Certain, can be multiple file, it is also possible to do not exist.
Further, as it has been described above, safety applications 3111 includes, application main body 3202 and the label of these both sides of enactment document 3203
The application signature list 3204 of name arrangement, but, the structure of safety applications 3111, it is not limited only to such structure.Safety applications
3111 can also, include respectively and application main body 3202 and two signatures corresponding to enactment document 3203.
<safe guiding process>
Content display 110, when the startup of content display 110, verifies drawing with security context 1200 work
Lead loader 1041 and situation that SOS 1042 is not tampered.
Hereinafter, after the power on for content display 110, until the side that the general-purpose operating system 103 starts
Method (safe guiding process), utilizes the sequence chart of Fig. 8 to illustrate.
After the power on of content display 110, CPU1001, in the safe mode and the state of privileged mode, perform system
IPL1002 in system LSI1000.And, have and CPU1001 is processed this situation according to IPL1002 execution show as IPL1002
The situation that execution processes.Further, have and CPU1001 is processed this situation according to execution such as programs show as program etc. and perform process
Situation.
IPL1002, the initialization of the hardware first carrying out content display 110 processes (S1000).Process in initialization
In, IPL1002, carry out the performance review of memorizer 1020, the initialization of memory controller 1003 and peripheral circuit (no
Diagram) the process of initialization etc..And, IPL1002, when the initialization of memory controller 1003, at memorizer
1020, set normal region 1030 and safety zone 1040.
IPL1002, after initialization processes, is loaded into safety by boot loader 1041 from Nonvolatile memory devices 1050
Region 1040 (S1001).IPL1002, carry out being loaded into safety zone 1040 boot loader 1041 distort checking
(S1002).Now, IPL1002, utilize signature additional in boot loader 1041 and public key certificate, guide and add
Carry device 1041 distorts checking.
IPL1002, in the result according to checking, it is determined that (S1002 in the case of not being tampered for boot loader 1041
OK), start boot loader 1041 (S1003).On the other hand, IPL1002, in the result according to checking, it is determined that for guiding
In the case of loader 1041 is tampered (NG of S1002), terminate the startup of content display 110.
Boot loader 1041, IPL1002, after starting (S1003), carry out the initial setting of security context 1200
(S1004).Boot loader 1041, in initial setting (S1004), is carried out for performing safety operation with security context 1200
The various settings of system 1042 and safety applications 3111 etc..
Boot loader 1041, after the initial end set, by SOS 1042 from Nonvolatile memory devices
1050 are loaded into safety zone 1040 (S1005).Boot loader 1041, carries out being loaded into the safety operation of safety zone 1040
System 1042 distort checking (S1006).Now, boot loader 1041, utilize label additional in SOS 1042
Name and public key certificate, carry out SOS 1042 distorts checking.
Boot loader 1041, in the result according to checking, it is determined that the feelings not being tampered for SOS 1042
Under condition (OK of S1006), start SOS 1042 (S1007).On the other hand, boot loader 1041, according to testing
The result of card, it is determined that in the case of being tampered for SOS 1042 (NG of S1006), do not start SOS
1042。
SOS 1042, in the case of being started by boot loader 1041 (S1007), is carried out for performing peace
Full operation system 1042 is own and sets (S1008) with the initial of this environment execution safety applications 3111 etc..Safety operation system
To boot loader 1041, system 1042, after initial setting terminates, notifies that initialization terminates (S1009).
Boot loader 1041, is being judged to (NG of S1006) in the case of SOS 1042 is tampered, is setting
Safety guides failure flags (S1010).Safety guides failure flags, is changed into peace in software execution environment from home 1100
It is examined during full ambient engine 1200.
And, in the case of safety guiding is kaput, boot loader 1041, utilize safety to guide failure flags, to
Home 1100 notifier processes mistake.Further, with the application of home 1100 work, it is also possible to special to read in
(Read-Only) access safety and guide failure flags.It is to say, the application with home 1100 execution can be with reference to peace
Entirely guide failure flags.
Boot loader 1041, after initializing end notification (S1009) or mark setting (S1010), by general operation
System 1031 is loaded into normal region 1030 (S1011) from Nonvolatile memory devices 1050.Then, boot loader 1041,
CPU1001 is changed to normal mode, performs the general-purpose operating system 1031 (S1012).
And, as it has been described above, boot loader 1041, load the general-purpose operating system 1031, but, the form of process, no
It is only limitted to this.
SOS 1042 can also, after initialization process terminates, do not return process to boot loader 1041,
And load the general-purpose operating system 1031.And, SOS 1042 can also, after the loading of the general-purpose operating system 1031,
CPU1001 is changed to normal mode, performs the general-purpose operating system 1031.
Further, as it has been described above, after the general-purpose operating system 1031 is loaded, CPU1001 is changed to normal mode, general behaviour
Make system 1031 to be performed, but, the form of process, it is not limited only to this.
Can also be, after the general-purpose operating system 1031 is loaded, to check the feelings that the general-purpose operating system 1031 is not tampered
Condition.Moreover, it can be, in the case of the general-purpose operating system 1031 is not tampered, CPU1001 is changed to normal mode
Formula, the general-purpose operating system 1031 is performed.
Moreover, it can be, in the case of the general-purpose operating system 1031 is tampered, terminate content display 110
Start.Or, it is also possible to it is that, in the case of the general-purpose operating system 1031 is tampered, safety guides failure flags to be set.And
And, it is also possible to it is that, when safety guides failure flags to be set, CPU1001 is changed to normal mode, general operation
System 1031 is performed.
<loading processing of hiding data 1010>
SOS 1042, from safety applications 3111 by when the entrusting of loading processing of hiding data 1010,
Load hiding data 1010.Now, SOS 1042, utilize hiding data loading unit 1044 and Cache lock
Determine portion 1045, hiding data 1010 is loaded into the inside of system LSI 1000.
Accordingly, SOS 1042, protect hiding data 1010, not by attacking by the hardware of bus probe etc.,
The most not attacking by the software by debugging routine or illegal application etc..
Hereinafter, for hiding data 1010 being loaded into the Cache of the data being set to safety zone 1040
The process of the inside of 1004, utilizes the sequence chart of Fig. 9 to illustrate.
The safety applications 3111 when the entrusting of loading by hiding data 1010 of 1043 grades is being applied, peace from content reproduction
Full operation system 1042, guarantees the memory area (S1100) for hiding data 1010 in safety zone 1040.
And, SOS 1042, information (address and the size) notice of the memory area that will ensure that is given at a high speed
Buffer sticking department 1045, entrusts the locking (S1101) of Cache 1004 to cache locking portion 1045.
Cache locking portion 1045, with the memory area (safety zone 1040 notified from SOS 1042
A part) data be read into the mode of Cache 1004, the reading carrying out data processes (S1102).This process
(S1102) purpose is, makes Cache 1004 read in data, and therefore, the data after actual reading are not used.Therefore,
Cache locking portion 1045 can not also have the reading of the empty data of value and process.
Cache locking portion 1045 locks, so that being read into Cache in pre-treatment (S1102)
The data of 1004, from Cache 1004 except quilt, will not will not be written out to the memorizer of the outside of system LSI 1000
1020(S1103).According to this process, though the data in the case of the data in locked region are changed, after this change
Also memorizer 1020 will not be written to.
Cache locking portion 1045, situation about locking processing being terminated, notice is to SOS 1042
(S1104)。
Then, SOS 1042, entrust to hiding data loading unit 1044, hiding data 1010 is loaded into height
The locked region (S1105) of speed buffer 1004.Now, SOS 1042, the cache memory section that will load
The information (address and size) in territory, notice is to hiding data loading unit 1044.
Hiding data loading unit 1044, reads in encrypted secret datum 1051 (S1106) from Nonvolatile memory devices 1050.
Now, hiding data loading unit 1044 can also, encrypted secret datum 1051 is loaded into the safety zone of memorizer 1020
1040。
And, hiding data loading unit 1044, utilize the key kept by key maintaining part 1006, to encrypted secret datum
1051 are decrypted, thus obtain hiding data 1010 (S1107).And, hiding data loading unit 1044, will deciphering after hidden
Hide data 1010 and be written to the region (S1108) from SOS 1042 notice.
Hiding data loading unit 1044, after having write, utilizes validation value 1063 additional in encrypted secret datum 1051,
The situation (S1109) that checking data are not tampered.Hiding data loading unit 1044, the result in checking is situation about being tampered
Under, rewrite the whole of the data after loading with 0.
Then, hiding data loading unit 1044, the end (S1110) of loading processing is notified to SOS 1042.
At hiding data 1010 by normal load, in the case of the result of checking is not for being tampered, hiding data loading unit 1044, to
SOS 1042 notifies normal termination.On the other hand, in the case of hiding data 1010 is tampered, hiding data adds
Load portion 1044, to SOS 1042 notification error.
As it has been described above, before the loading of hiding data 1010, be cached the locking processing of device 1004.Accordingly,
Even if hiding data 1010 is written to Cache 1004, hiding data 1010 also will not flow out system LSI 1000
Outside.Therefore, it is possible to protection hiding data 1010, not by attacking by the hardware of bus probe etc..
Further, the memory area corresponding with hiding data 1010, it is secured in safety zone 1040.Therefore, it is possible to protect
Protect hiding data 1010, the most not attacking by the software by the debugging routine worked with home 1100 or illegal application etc..
And, as it has been described above, cache locking portion 1045, with the memory area notified from SOS 1042
Data be read into the mode of Cache 1004, the reading carrying out data processes (S1102).But, the form of process,
It is not limited only to this.
Such as, cache locking portion 1045 can also, it is determined that from the memory area of SOS 1042 notice
Data be read into Cache 1004.And, cache locking portion 1045 can also, in these data
In the case of not being read into, perform reading and process (S1102).Or, SOS 1042 can also be carried out at reading
Reason (S1102).In the case of data have been read into, reading can not be performed and process (S1102).
Further, for example, it is also possible to be, Cache 1004 has existed the cache area that can rewrite
In the case of, this cache area is used for the loading of hiding data 1010.That is, it is also possible to be, Cache lock
Determine portion 1045, lock rewritable cache area, hiding data loading unit 1044, hiding data 1010 is loaded into this height
Speed buffer zone.
Further, as it has been described above, SOS 1042, guarantee for hiding data 1010 in safety zone 1040
Memory area, but, the memory area being ensured that, it is not limited only to safety zone 1040.Not by by debugging routine or illegal
In the environment of the attack of the software of application etc., in the case of protection hiding data 1010 is not subject to by the attack of hardware, safety
Operating system 1042 can also, normal region 1030 guarantees the memory area for hiding data 1010.
<unloading of hiding data 1010 processes>
SOS 1042, when the trust processed by the unloading of hiding data 1010 from safety applications 3111,
Utilize hiding data loading unit 1044 and cache locking portion 1045, unload hiding data 1010.Cache is locked
Determine portion 1045, in the way of hiding data 1010 will not be written out to the outside of system LSI 1000, weigh with 0 data (value of 0)
Write cache region.Then, cache locking portion 1045, release cache area locked in loading processing
Locking.
Hereinafter, after the unloading for trust hiding data 1010, until the process that hiding data 1010 is unloaded,
The sequence chart utilizing Figure 10 illustrates.
SOS 1042, when the trust processed by the unloading of hiding data 1010 from safety applications 3111,
The preservation entrusting hiding data 1010 to hiding data loading unit 1044 processes (S1120).
Hiding data loading unit 1044, calculates validation value 1063 (S1121) from hiding data 1010.Further, hiding data
Loading unit 1044, utilizes the double secret key hiding data 1010 kept by key maintaining part 1006 to be encrypted, generates enciphering hiding
Data 1051 (S1122).And, hiding data loading unit 1044, the encrypted secret datum 1051 of generation is saved in non-volatile
Property storage device 1050 (S1123).Then, hiding data loading unit 1044, preservation result is notified to SOS
1042(S1124)。
Then, SOS 1042, locked Cache is entrusted to cache locking portion 1045
The unblock (S1125) of 1004.
Cache locking portion 1045, is written to record the cache area of hiding data 1010 by the value of 0
All (S1126).And, cache locking portion 1045, release height locked in the loading processing of hiding data 1010
The locking (S1127) of speed buffer 1004.Then, cache locking portion 1045, end notification unblock processed is to peace
Full operation system 1042 (S1128).
SOS 1042, the open safety zone corresponding with the cache area that hiding data 1010 is loaded
Memory area (S1129) in 1040.
In the unloading of hiding data 1010, release Cache not carrying out writing the process (S1126) of the value of 0
In the case of the locking of 1004, in Cache 1004, remaining hiding data 1010, is written out to memorizer 1020.Pass through
Carry out writing the process (S1126) of the value of 0, be not hiding data 1010, but the value of 0 is written out to memorizer 1020.
Therefore, even if the locking of Cache 1004 is released from, the data in Cache 1004 are written out to deposit
Reservoir 1020, hiding data 1010 also will not be written out to memorizer 1020.
As it has been described above, the content display 110 that the present embodiment relates to, in the inter-process of system LSI 1000 regenerates
The hiding data 1010 of the key etc. utilized during appearance.Accordingly, content display 110, it is possible to protection hiding data 1010 is not subject to
By the attack of hardware.Further, content display 110, safety zone 1040 guarantees the storage for hiding data 1010
Region such that it is able to protection hiding data 1010 is not attacked by by software.
Accordingly, content display 110, it is possible to there are the mutually different three kinds of regions of security intensity (protection intensity).The
One region is, does not has protected normal region 1030.Second area is, for the safety zone by the attack protection of software
1040.3rd region is, for the attack by hardware and the region attacking these both sides protection by software.
Further, hiding data loading unit 1044, with security context 1200, load hiding data 1010.Accordingly, prevent by with
The debugging routine of home 1100 work or illegal program etc., the situation that hiding data 1010 is obtained illegally.
Further, in the present embodiment, a part for the Cache 1004 in system LSI 1000 is utilized.Therefore, it is
System LSI1000 can also, in the inside of system LSI 1000, not there is private memory.And, common storage expeditiously by
Utilize.Further, owing to Cache 1004 function inherently is utilized, therefore, for the process shown in the present embodiment,
Do not add new hardware, and existing system can be applicable to.
Further, processed by loading processing or unloading, it is possible to avoid a part for Cache 1004 always to be occupied
(locking) this state.And, when hiding data 1010 is processed, Cache 1004 is locked.Therefore, at Cache
In 1004, the function of buffered data is also used effectively.
And, as it has been described above, when the process of hiding data 1010 starts, the locking of Cache 1004 starts.But
Can also be that, when utilizing the application of hiding data 1010 to start, the locking of Cache 1004 starts.Moreover, it can be,
At the end of utilizing the application of hiding data 1010, the locking of Cache 1004 is released from.
Accordingly, in utilizing the work of application of hiding data 1010, hiding data 1010 is maintained at Cache
In 1004.Therefore, the treating capacity occurred because of loading and the unloading of hiding data 1010 reduces.
Further, exist in Cache 1004 in the case of sufficient capacity can also, at content display 110
Startup time, the locking of Cache 1004 starts.For example, it is also possible to be, when the startup of SOS 1042, high
Speed buffer sticking department 1045, for hiding data 1010, starts the locking of Cache 1004.And, Cache
The locking of 1004 can not also be released from.Even from such process, it is also possible to suitably protection hiding data 1010.
(embodiment 2)
In embodiment 1, SOS 1042, according to the safety applications 3111 applying 1043 grades from content reproduction
Request, hiding data 1010 is loaded into Cache 1004.In the present embodiment, the application main body of safety applications 3111
The inside of 3202 includes, is loaded into the part of safety zone 1040 and is loaded into the part of Cache 1004.And,
During the loading of safety applications 3111, such part is loaded the most respectively.
Hereinafter, illustrate SOS 1042 that the present embodiment relates to, bag generating unit 3000, safety applications 3111 and
The structure of application main body 3202, illustrates the loading processing of safety applications 3111.And, composition similarly to Example 1 is wanted
Element, utilizes identical symbol, and omits the description.
<structure of SOS 1042>
Figure 11 is the structure chart of the SOS 1042 that the present embodiment relates to.Such as Figure 11, SOS 1042
Including, hiding data loading unit 1044, cache locking portion 1045 and application loading unit 1046.
Application loading unit 1046, when the loading of safety applications 3111, it is thus achieved that the application head comprised in safety applications 3111
Information 3201.And, apply loading unit 1046, according to application head information 3201, it is determined that for being also required to hidden by the attack of hardware
Whether the code hidden or data are comprised in application main body 3202.
In the case of needing the code hidden or data to be comprised, apply loading unit 1046, to cache locking
Portion 1045 entrusts, and locking is for loading the region of the Cache 1004 needing code or the data hidden.Then, application adds
Load portion 1046, is decrypted safety applications 3111 and loads.
Hiding data loading unit 1044 and cache locking portion 1045 are to load with the hiding data of embodiment 1
The same element in portion 1044 and cache locking portion 1045.
Moreover, it can be, the entirety of application main body 3202, it is loaded in Cache 1004 locked district
Territory.And, it is also possible to it is that application main body 3202 is loaded into all of region of Cache 1004 and is locked, and solves
After close and loading processing, for need not the data hidden, the locking in the region of a part is released from.In the case, with
The unloading of hiding data 1010 processes difference, will not rewrite data with 0 value.
<structure of bag generating unit 3000>
The bag generating unit 3000 that the present embodiment relates to, possesses the element as the bag generating unit 3000 of embodiment 1,
But, a part for work is different.For carrying out the element of work similarly to Example 1, omit the description.
Compiler 3100, the source code 3110 after compiling input, generate obj ect file.Now, compiler 3100, by source code
In 3110, enclose the data of the identifier representing hiding data 1010, process the function of hiding data 1010 or enclose expression
Hide the code etc. of the identifier of this situation, be stored in specific section.
In this specific section, enclosing expression is hiding data 1010 or the mark of the code relevant with hiding data 1010
Symbol.For section, it is described in detail later.
Linker 3101 and bag Core Generator 3102 are, with linker 3101 and the bag Core Generator of embodiment 1
3102 same elements.
And, in the present embodiment, compiler 3100, by hiding data 1010 and the generation relevant with hiding data 1010
Code is stored in specific section.But, hiding data 1010 and the code relevant with hiding data 1010 are stored in specifically
The process portion of section, is not limited only to compiler 3100.
Such as, compiler 3100 can also, source code 3110 will comprise hiding data 1010 or have with hiding data 1010
This situation of code closed notifies to linker 3101.And, linker 3101 can also, when link processes, by hiding data
The code of 1010 or relevant with hiding data 1010 is stored in specific section.
Further, linker 3101 can also, source code 3110 will comprise hiding data 1010 or have with hiding data 1010
This situation of code closed notifies to bag Core Generator 3102.And, bag Core Generator 3102 can also, bag generation process
Time, hiding data 1010 or the code relevant with hiding data 1010 are stored in specific section.
<structure of safety applications 3111>
The safety applications 3111 that the present embodiment relates to includes, application head information 3201, application main body 3202, enactment document
3203, application signature list 3204, public key certificate 3205 and signature 3206.
Application head information 3201 has, and represents and whether comprises code or the mark of data that needs are hidden in application main body 3202
Will.For other information, owing to similarly to Example 1, therefore omitting the description.
For application main body 3202, enactment document 3203, application signature list 3204, public key certificate 3205 and label
Name 3206, owing to similarly to Example 1, therefore omitting the description.
<structure of application main body 3202>
Figure 12 is the structure chart of the application main body 3202 that the present embodiment relates to.Such as Figure 12, application main body 3202 includes, head
3210 .text section 3211 .hctext section 3212 .rodata section 3213 .data section 3214 .bss section 3215 and
.hcdata section 3216.
Head 3210, has the letter of follow-up multiple sections of respective kinds, start address and size etc. in head 3210
Breath.
.text section 3211 is, for depositing the section of the code of program, is set to read special and can perform.
.hctext section 3212 is, for depositing the section of the code of the program including the code relevant with hiding data 1010,
It is set to read special and can perform.
.rodata section 3213 is, for depositing the section of constant data, is set to read special and can not perform.
.data section 3214 is, for depositing the section of the data being set with initial value, is set to read-write and can not hold
OK.
.bss section 3215 is, for depositing the section of the data not setting initial value, is set to read-write and can not hold
OK.
.hcdata section 3216 is, deposits the section of hiding data 1010, is set to read-write and can not perform.
As constructed as above in application main body 3202, apply loading unit 1046, by .hctext section 3212 and .hcdata section
3216, it is loaded into the locked region of Cache 1004.Application loading unit 1046, by other section, is loaded into safety
Region 1040.
And, as mentioned above, it is shown that .hctext section 3212 and .hcdata section 3216, using locked as being loaded into
The kind of section in region., for being loaded into the kind of the section in locked region, it is not limited only to this.
Head 3210 can also include, it is shown that the data of .text section 3211 and .data section 3214 is loaded into the most slow
The locked region of storage 1004, still it is loaded into the mark of safety zone 1040.And, application loading unit 1046 also may be used
With, according to this mark, it is determined that load data into the region of the locking of Cache 1004, still load data into safety
Region 1040.
Further, as it has been described above, shown in application main body 3202, be loaded into the locked region of Cache 1004
Part and be loaded into the structure that the part of safety zone 1040 mixes.But, the structure of safety applications 3111, not only
It is limited to such structure.Safety applications 3111, can include two application main body 3202,3202a (not illustrating).And, it is possible to
To be, application main body 3202 is loaded into safety zone 1040, and application main body 3202a is loaded into the quilt of Cache 1004
The region of locking.
<loading processing of safety applications 3111>
SOS 1042, when loading safety applications 3111, it is determined that whether comprise needs in safety applications 3111
The code hidden or data.And, SOS 1042, by the code needing to hide and the data of safety applications 3111
It is loaded into Cache 1004, other are loaded into safety zone 1040.
Hereinafter, for loading the process of safety applications 3111, the flow chart of Figure 13 is utilized to illustrate.
SOS 1042, reads in safety applications 3111, checking signature 3206 (S1200).SOS
1042, in the case of the authentication failed of signature 3206, stop the loading processing of safety applications 3111.
SOS 1042, in the case of the checking (S1200) successfully of signature, reads in answering of safety applications 3111
With header 3201 (S1201).
SOS 1042, the application head information 3201 after reading in, it is thus achieved that whether illustrate in application main body 3202
Comprise code or the mark of data that needs are hidden.And, SOS 1042, according to mark, it is determined that application main body
Code or data (S1202) that needs are hidden whether are comprised in 3202.
SOS 1042, is being judged to that the code needing to hide or data are comprised in application main body 3202
In the case of ("Yes" of S1202), to application main body 3202 head 3210 be decrypted.And, SOS 1042, meter
Calculate the code and the size of data needing to hide, carry out loading processing (S1203).For loading processing, hidden due to Fig. 9
The loading processing hiding data 1010 is same, therefore detailed.
SOS 1042, according to start address and the information of size of each section described in head 3210,
To needing the code hidden and data to be decrypted, it is loaded into locked Cache 1004.
SOS 1042, is being judged to that the code needing to hide or data are not included in applying main body 3202
In the case of in ("No" of S1202), to need not the code hidden or data are decrypted.Or, SOS
1042, it would be desirable to the code hidden or data be loaded into Cache 1004 after (S1203), to need not the code hidden
Or data are decrypted.
And, SOS 1042, code or data after need not the deciphering hidden are loaded into safety zone
1040(S1204)。
And, as it has been described above, SOS 1042, it is determined that whether need the code hidden or data to be comprised in should
With in main body 3202, it would be desirable to the code hidden or data are loaded into the region of the locking of Cache 1004.But, process
Form, be not limited only to such form.
First, SOS 1042 can also, all of data are considered as need hide code or data, load
Locked region (S1203) to Cache 1004.
And, SOS 1042 can also, read in head 3210 (S1201), according to the information of head 3210, sentence
The code in fixed locked region, needs are hidden or the region (S1202) of data.And, SOS 1042 is also
Of course, the locking in region in locked region, that need the code hidden or data not to be comprised is released.
As it has been described above, according to the present embodiment, it is possible to it is included in content reproduction application by needing the code hidden or data
In the safety applications 3111 of 1043 grades.Accordingly, safety applications 3111 can also, it is not necessary to does not entrust to SOS 1042
The loading processing of torr hiding data 1010.
And, it is also possible to loading processing and the unloading of hiding data 1010 are not processed and be embedded into safety as program
In application 3111.By suitably setting the code needing to hide or the section of data, needs are hidden by SOS 1042
Code or data are loaded into suitable region.Therefore, even if in the case of changed loading destination by the structure of hardware, also
Can be with constant safer application 3111.Therefore, the transplantability of safety applications 3111 improves.
(embodiment 3)
In embodiment 1, SOS 1042, according to the safety applications 3111 applying 1043 grades from content reproduction
Request, hiding data 1010 is loaded into Cache 1004.Further, in example 2, the application of safety applications 3111
Main body 3202, has therein, is loaded into the part of safety zone 1040 and is loaded into the portion of Cache 1004
Point, when the loading of safety applications 3111, load two parts respectively.
In the present embodiment, SOS 1042, when processing hiding data 1010, hiding data 1010 will be processed
And the stack region that the function of other data is used, lock in Cache 1004.Accordingly, hiding data 1010
It is processed safely.Further, SOS 1042, when not processing hiding data 1010, Cache 1004 is solved
Lock.Accordingly, the utilization ratio of Cache 1004 improves.
Hereinafter, illustrate that locking processing and the unblock of the Cache 1004 that the present embodiment relates to process.And, for
Process that embodiment 1 is same and element, utilize identical symbol, and omit the description.
<locking processing of Cache 1004>
Even if by the attack for hardware and being required for protection hidden for by the attack of software in safety applications 3111
In the case of hiding the locked region that data 1010 are loaded into Cache 1004, also have the situation of insufficient protection.
Such as, carrying out computing with the value different from hiding data 1010, this operation result, it is rewritten and is saved in and deposit
In the case of having the region of hiding data 1010, problem will not occur.But, to the storehouse being configured in memorizer 1020
The local variable in region is deposited in the case of operation result etc., it may occur that problem.This is because, the with good grounds operation result of meeting can
Obtain the reason of the situation of original hiding data 1010 itself.
Then, safety applications 3111, when processing hiding data 1010, Cache 1004 locks stack area
Territory, thus protect hiding data 1010 and associated data.
Hereinafter, for locking the process of stack region in Cache 1004, the sequence chart of Figure 14 A is utilized to say
Bright.
SOS 1042, according to the trust from safety applications 3111, is just obtaining the storehouse of safety applications 3111
In the address (S2000) used.
SOS 1042, notifies the information (address and size) of stack region to cache locking portion
1045, entrust the locking (S2001) of Cache 1004.
Cache locking portion 1045, the stack region in locking Cache 1004, so that the number of stack region
According to, from Cache 1004 except quilt, will not will not be written out to the memorizer 1020 of the outside of system LSI 1000
(S1103).The process of locking itself, similarly to Example 1.In the present embodiment, as the stack region of object of locking,
The execution of function has been read into Cache 1004.Therefore, the process (S1102) carrying out reading in data it is not required to.
Cache locking portion 1045, situation about locking processing being terminated notifies to SOS 1042
(S1104)。
Above, process terminates.Then, safety applications 3111, utilize hiding data 1010 to carry out calculation process, by its result
Or midway result etc. is stored in stack region.
But, in the case of new memory area is assigned to stack region, SOS 1042, it is determined that at height
The stack region of whether locked secure application 3111 in speed buffer 1004.In the case of stack region has been locked, peace
Full operation system 1042, in Cache 1004, also locking is added the region being assigned to storehouse.
And, as it has been described above, SOS 1042, according to the trust from safety applications 3111, locking is the most slow
Stack region in storage 1004.But, the timing of process, it is not limited only to such timing.SOS 1042 also may be used
With, when the loading processing of on commission hiding data 1010, in Cache 1004, the peace of loading processing has been entrusted in locking
The stack region of full application 3111.
And, it is also possible to it is, when safety applications 3111 accesses specific region set in advance, at Cache
The stack region of locked secure application 3111 in 1004.
Further, as it has been described above, SOS 1042, the stack region in Cache 1004 is locked.But, quilt
The region of locking, is not limited only to stack region.SOS 1042, can lock the region of the data depositing other.
For locked region, for example, it may be the region using malloc function etc. and dynamically guaranteeing, it is also possible to be comprise by
The region of the global variable that the arbitrary function in safety applications 3111 is able to access that.
<unblock of Cache 1004 processes>
Safety applications 3111, at the end of make use of the process of hiding data 1010, eliminates relevant with hiding data 1010
Stack region in data.And, safety applications 3111, entrust in Cache 1004 to SOS 1042
The unblock of stack region.SOS 1042, accepts commission, and unlocks the stack region in Cache 1004.
Accordingly, other program or other data can utilize the region locked in Cache 1004.Cause
This, Cache 1004 is used effectively.
Hereinafter, for unlocking the process of stack region in Cache 1004, the sequence chart of Figure 14 B is utilized to say
Bright.
Safety applications 3111, entrusts the unblock of stack region in Cache 1004 to SOS 1042.
Receive the SOS 1042 of trust, entrust to cache locking portion 1045, Cache 1004 is locked
The unblock (S1125) of fixed stack region.
Cache locking portion 1045, releases the locking of stack region locked in Cache 1004
(S2010).And, cache locking portion 1045, end notification unblock processed is to SOS 1042
(S1128)。
Above, process terminates.Then, safety applications 3111 generally works, and the data of stack region are read into the most slow
Storage 1004, or, the data of Cache 1004 are written out to memorizer 1020.Accordingly, Cache 1004 is efficient
Rate it is utilized.
As it has been described above, according to the present embodiment, deposit the stack region etc. of data, in the execution of program, the most slow
In storage 1004, locked, and be unlocked.Accordingly, it is not limited only to hiding data 1010 itself, by processing hiding data 1010
The data of Program Generating and the result calculated according to hiding data 1010 are also protected.
(embodiment 4)
The information processor that the present embodiment relates to possesses, having of the content display 110 shown in embodiment 1 to 3
Distinctive element.
Figure 15 A is the hardware structure diagram of the information processor that the present embodiment relates to.Information processor shown in Figure 15 A
300 is the device processing protection object data.And, information processor 300 possesses, two storage parts 301,302, Yi Jigao
Speed buffer control unit 303.
Storage part 301 is corresponding with the memorizer 1020 shown in Fig. 2.Storage part 302, with the memory area 1011 shown in Fig. 3
Corresponding.Cache control portion 303, corresponding with the Cache control portion 1012 shown in Fig. 3.
Figure 15 B is the flow chart of the work illustrating the information processor 300 shown in Figure 15 A.First, Cache control
Portion 303 processed, is cached to storage part 302 (S301) by the storage data high-speed in storage part 301.
Then, Cache control portion 303, the cache area in locking storage part 302, so that from being delayed at a high speed
The cached data that the cache area of the storage data being stored to storage part 302 obtains will not be written back to storage part 301
(S302).Then, Cache control portion 303, after the cache area in storage part 302 is locked, to storage part
Cache area in 302 writes the protection object data (S303) different from storage data.
Accordingly, protect object data, be written to Cache (storage part 302).Outside device accesses and is written into
Data to Cache are difficult.Therefore, it is possible to suitably object data is protected in protection.
Then, Cache control portion 303, after protection object data is processed, removes the high speed in storage part 302
Buffer zone (S304).Then, Cache control portion 303, release the locking of cache area, so that from being eliminated
The cached data that cache area obtains can be written back to storage part 301 (S305).Accordingly, protect object data,
Before being written back to memorizer from Cache, it is eliminated.Therefore, it is possible to suitably object data is protected in protection.
And, Cache control portion 303 can also, protect object data be processed time, for protection number of objects
According to, the data area in distribution storage part 301.And, Cache control portion 303 can also, by allocated data field
Storage data high-speed in territory is cached to storage part 302 (S301).Accordingly, for protecting the data area of object data, divided
It is fitted in the memorizer (storage part 301) of SDRAM etc..Therefore, maintain between region and the region of Cache of memorizer
Suitable corresponding relation.
And it is possible to omit the process (S304, S305) after protection object data is processed.If protection object data will not
Be written back into, then can suitable protection object data.
Further, Cache control portion 303 can also, by not make protection object data that processor exports by outward
Protection object data, by the circuit of physical protection, is written to the cache in storage part 302 by the mode that the device in portion obtains
Region.And, storage part 302 can also be by physical protection, not make the protection object data in cache area by outside
Device obtain.
For example, it is also possible to be, in the way of not making protection object data by outside device acquisition, processor, storage part
Circuit between 302 and processor and storage part 302, is made up of an integrated circuit.Accordingly, outside device obtains to be protected
It is physically difficult for protecting object data.Therefore, it is possible to suitably object data is protected in protection.
Further, Cache control portion 303 can also, will be predefined for being written to storage part 301 by program
Protection object data is written to the cache area in storage part 302.Accordingly, will to be written to the protection of memorizer right for program
Image data, is not written to memorizer, and is written to Cache.Therefore, it is possible to suitably object data is protected in protection.
Further, Cache control portion 303 can also, using executable program as protection object data be written to
Cache area in storage part 302.Hereby it is possible to protection protection object program is not tampered with.Therefore, it is possible to suitably perform
Protection object program.
(embodiment 5)
The information processor that the present embodiment relates to possesses, having of the content display 110 shown in embodiment 1 to 3
Distinctive element.Further, in the present embodiment, in addition to the element shown in embodiment 4, it is also shown that Neng Gouren
The element that meaning adds.
Figure 16 is the hardware structure diagram of the information processor that the present embodiment relates to.Information processor shown in Figure 16
400 are, process the device of protection object data.And, information processor 400 possesses, storage part 401 and integrated circuit
405。
Storage part 401 is, the storage corresponding with the storage part 301 shown in the memorizer 1020 and Figure 15 A shown in Fig. 2
Device.Further, storage part 401 includes, two memory areas 411,412.Memory area 411, with the normal region shown in Fig. 2
1030 is corresponding, and memory area 412 is corresponding with the safety zone 1040 shown in Fig. 2.Memory area 411 is, is used for storing normal journey
The region of sequence.Memory area 412 is, for storing the region of security procedure, is also prohibited from the region accessed by normal procedure.
Integrated circuit 405 is corresponding with the system LSI 1000 shown in Fig. 2.Further, integrated circuit 405 includes, storage part
402, Cache control portion 403, processor 404 and access control portion 406.
Storage part 402 is corresponding with the storage part 302 shown in the memory area 1011 and Figure 15 A shown in Fig. 3.The most slow
Storage control portion 403, with the Cache control portion shown in Cache control the portion 1012 and Figure 15 A shown in Fig. 3
303 is corresponding.Processor 404 is corresponding with the CPU1001 shown in Fig. 2.Access control portion 406, mainly, with the memorizer shown in Fig. 2
Control portion 1003 is corresponding.
Storage part 402, Cache control portion 403 and processor 404, be comprised in integrated circuit 405.Outside
The data of inside of device Access Integration circuit 405 be difficult.Therefore, it is possible to suitably object data is protected in protection.
Processor 404 can also, generate protection object data, output generate protection object data.And, cache
Device control portion 403 can also, after the cache area in storage part 402 is locked, the protection that will export from processor 404
Object data, is written to the cache area in storage part 402.Accordingly, processor the protection object data generated, write
Enter to Cache.Therefore, it is possible to suitably protect the protection object data generated by processor.
Such as, processor 404 can also, encryption data is decrypted, generates protection object data, thus export generation
Protection object data.Hereby it is possible to suitably protect the protection object data obtained by the deciphering of encryption data.
Further, processor 404 can also, perform security procedure in the safe mode, perform normal procedure in the normal mode.According to
This, perform program with suitable level of security, performs to access control according to the level of security corresponding with program.
Further, Cache control portion 403 can also, will be predefined for being written to memory area by security procedure
The protection object data of 412 is written to the cache area in storage part 402.Accordingly, security procedure will be written to storage
The protection object data of device, is not written to memorizer, and is written to Cache.Therefore, object data is protected, with more
High level is protected.
Further, access control portion 406 can also, forbid by territory, normal procedure access storage areas 412.Hereby it is possible to suitably
Control the access to two memory areas 411,412.Therefore, it is possible to suitably limit the execution of illegal program.
(other variation)
It relates to information processor, be not limited only to embodiment 1 to 5.Information processor can also structure as follows
Become.
(1) according to described structure, program (encryption boot loader 1052, the encryption peace that safety zone 1040 is deposited
Full operation system 1053 and encrypted content regeneration application 1054), it is stored in Nonvolatile memory devices 1050 respectively.But
It is, the form deposited, is not limited only to such form.
It is one that the program that safety zone 1040 is deposited can also be caught.That is, it is also possible to be, loading is guided
It is a file encrypted that device 1041, SOS 1042 and content reproduction application 1043 are caught, and is stored in
Nonvolatile memory devices 1050.
The program deposited in safety zone 1040 is caught in the case of being one, IPL1002 can also, drawing
When leading loading and the checking of loader 1041 (S1001 and S1002 of Fig. 8), carrying out collecting is that the file of is overall
Load and checking.Further, in the case, boot loader 1041 can also, do not carry out adding of SOS 1042
Carry and checking (S1005 and S1006 of Fig. 8).
Or, it is also possible to it is that it is a file that all of program is not caught.Can also be, boot loader 1041 He
It is a file that SOS 1042 is caught, and it is a file that other all of safety applications is caught.Or, also
It may be that boot loader 1041 is made up of a file, SOS 1042 and other all of safety applications quilt
Collecting is a file.Or, it is also possible to utilize other collects method.
And, in the case of SOS 1042 and all of safety applications are caught and are a file, safety
Such safety applications can not also be loaded into safety zone 1040 by operating system 1042.Therefore, SOS 1042
Can not also have, such safety applications is loaded into the function of safety zone 1040.
(2) according to described structure, when the unloading of hiding data 1010 processes, Cache 1004 is unlocked it
Before, the value with 0 rewrites hiding data 1010, but, the form of process, it is not limited only to such form.Can also be, be not with
The value of 0 rewrites hiding data 1010, but rewrites hiding data 1010 with other value.And, it is also possible to it is or not with identical
Value rewrite hiding data 1010.That is, it is also possible to be, hiding data 1010 is rewritten with multiple values.
And, it is also possible to remove the Dirty mark being set when the data in Cache 1004 are written over or illustrate
Data effective to Cache 1004 are stored the Valid mark of this situation.Accordingly, hiding data 1010 is controlled as,
Memorizer 1020 will not be written out to.In this case as well, it is possible to be, it not to rewrite hiding data 1010 with the value of regulation.
(3) according to described structure, hiding data 1010, it is loaded into the Cache of the inside of system LSI 1000
1004.But, the loading destination of hiding data 1010, it is not limited only to the inside of system LSI 1000.Such as, hiding data
1010 can also, be loaded into be arranged on system LSI 1000 outside and attack for the hardware by bus probe etc.
The memorizer of protection.
In order to arrange memorizer in the way of for the attack protection of the hardware by bus probe etc., there is several methods that.Example
As, it is also possible to it is, holding wire, system LSI 1000 and the terminal of memorizer between system LSI 1000 and memorizer, is buried
Enter the inside at substrate.And, it is also possible to it is to smear alite paste on holding wire and terminal.Accordingly, peeled at alite paste
Time, holding wire or terminal are destroyed.And, it is also possible to it is, system LSI 1000 and memorizer, is sealing in same bag.
Further, as Figure 17 illustrates, hiding data 1010 can also, be loaded into the inside being configured in system LSI 1000
OCM (On Chip Memory: on-chip memory) 1005.
(4) according to described structure, SOS 1042 includes, hiding data loading unit 1044 and high speed are slow
Storage sticking department 1045.Or, SOS 1042 includes, hiding data loading unit 1044, cache locking portion
1045 and application loading unit 1046.But, the structure of SOS 1042, it is not limited only to such structure.Can also
It is that the whole of them are not contained in SOS 1042.
Such as, the loadable module of SOS 1042 can be loaded into after they can be, it is also possible to be to set
Standby driver.Further, they can also be that Figure 18 such as illustrates the firmware independent of SOS 1042.
Further, they, can be not contained in SOS 1042, and be comprised in boot loader 1041
In, it is also possible to it is comprised in SOS 1042 and these both sides of boot loader 1041.Hiding data loading unit 1044,
Cache locking portion 1045 and application loading unit 1046, in which structure, at CPU1001 in the safe mode and special
During the work of power pattern, can work.
(5) such as, each described device can also be, specifically, microprocessor, ROM, RAM, Hard disc module, aobvious
Show the computer system of the compositions such as device assembly, keyboard and mouse.
Specifically, RAM or Hard disc module storage have computer program.And, microprocessor enters according to computer program
Row work, accordingly, each device realizes its function.Here, computer program is, in order to realize the function of regulation, combination is respectively
Represent that multiple order codes of the order to computer are constituted.
(6) and, such as, part or all of multiple elements of each device described in composition, it is also possible to by
One system LSI is constituted.System LSI is, by integrated for the multiple constituting portion super multi-functional LSI manufactured on a single die, tool
For body, the computer system being made up of microprocessor, ROM and RAM etc..RAM storage has computer program.Microprocessor root
Being operated according to computer program, accordingly, system LSI realizes its function.
Further, for multiple elements of each device described in composition, can be by they difference single chips, it is possible to
With by they single chips so that comprise part or all.
Further, here, show system LSI, but according to the difference of integrated level, system LSI is sometimes referred to as IC
(Integrated Circuit: integrated circuit), LSI, super LSI, especially big LSI.
Further, for the method for integrated circuit, it is not limited only to LSI, it is also possible to come with special circuit or general processor
Realize integrated circuit.FPGA (the FieldProgrammable Gate that can program after manufacturing LSI can also be utilized
Array: field programmable gate array) or restructural LSI within the connection of circuit unit and the reconfigurable processing of setting
Device.
And then, certainly, if there is replacing the integrated electricity of LSI because of other technology of the progress of semiconductor technology or derivation
The technology on road, then can utilize its technology to carry out integrated to functional block.There is the probability of the application etc. of biotechnology.
(7) and, such as, part or all of multiple elements of each device described in composition, it is also possible to by
With each device removably IC-card or the module composition of monomer.IC-card or module are to be made up of microprocessor, ROM, RAM etc.
Computer system.
IC-card or module can also, comprise described super multi-functional LSI.Microprocessor carries out work according to computer program
Making, accordingly, IC-card or module realize its function.This IC-card or this module can also, there is tamper-resistance properties.
(8) it relates to concept, it is also possible to come real as the method shown in multiple embodiments and multiple variation
Existing.Further, it relates to concept, can realize, also as the computer program realizing such method with computer
Can realize as the digital signal constituting computer program.
Further, it relates to concept, it is also possible to the nonvolatile being recorded as computer program or digital signal
The record medium of embodied on computer readable realizes.This record medium can also be, such as, floppy disk, hard disk, CD-ROM, MO,
DVD, DVD-ROM, DVD-RAM, BD (Blu-ray (registered trade mark) Disc) or semiconductor memory etc..Further, the disclosure
The concept related to, it is also possible to the digital signal recorded as this record medium realizes.
And, it is also possible to by computer program or digital signal, via electrical communication lines, wireless communication line, cable modem
The transmission such as letter circuit, network with the Internet as representative or data broadcast.
Further, it relates to concept, it is also possible to as possess microprocessor and memorizer computer system come
Realize.And, memorizer, computer program, microprocessor can be stored, can work according to computer program.
Further, computer program or digital signal can be recorded to record medium and carry, computer program or numeral
Signal can also carry via network etc..And, it relates to concept, it is also possible to by other independent computer system
Implement.
(9) described multiple embodiments and described multiple variation can also be combined.The place that certain element performs
Reason, it is also possible to performed by other element.And it is possible to the order that change processes, it is also possible to carry out multiple process parallel.
(supplementing)
And, in each embodiment described can also, each element, be made up of special hardware or by holding
Row is suitable to the software program of each element and realizes.Each element, it is also possible to by the program of CPU or processor etc.
Enforcement division, reads and performs the record software program that recorded of medium of hard disk or semiconductor memory etc. and realize.Here, it is real
The software of the information processor etc. of existing each embodiment described is, following program.
It is to say, this program, computer execution is made to process the information processing method of protection object data, at this information
In reason method: the storage data high-speed in the first storage part is cached to the second storage part;With from being cached to described
The cached data obtained in the cache area of the described storage data of two storage parts will not be written back to described first
The mode of storage part, locks the described cache area in described second storage part;Described in described second storage part
After cache area is locked, the described protection object data different from described storage data is written to described second and deposits
Described cache area in storage portion.
Above, the information processor that one or more embodiments of the present invention are related to, carry out according to embodiment
Explanation, but, the present invention, it is not limited only to this embodiment.Without departing from spirit of the invention, the present embodiment is implemented ability
The form of the various deformation that the technical staff in territory expects or combine the element in different embodiments and the form that constitutes,
It is also contained in the range of one or more embodiments of the present invention.
The information processor that one embodiment of the present invention relates to, has the information processing apparatus for processing hiding data
Put, for instance, it is possible to be adapted for carrying out mobile phone or the PC etc. of the software for regenerating the protected content of copyright
Information processor.
Symbol description
100 content delivering systems
110 content displays
120 content recording apparatus
121 antennas
300,400 information processor
301,302,401,402 storage part
303,403,1012 Cache control portion (cache controller)
404 processors
405 integrated circuits
406 access control portion
411,412,1011 memory area
1000 system LSIs
1001 CPU
1002 IPL
1003 memory controllers (Memory Controller)
1004 Caches
1005 OCM
1006 key maintaining parts
1010 hiding datas
1020 memorizeies
1030 normal regions
1031 general-purpose operating systems (general purpose O S)
1032 play application
1033 content reception application
1034 share data
1040 safety zones
1041 boot loader
1042 SOSs (safe OS)
1043 content reproduction application
1044 hiding data loading units
1045 cache locking portions
1046 application loading units
1050 Nonvolatile memory devices
1051 encrypted secret datum
1052 encryption boot loader
1053 encryption safe operating systems
1054 encrypted content regeneration application
1061 headers
1062 hiding data main bodys
1063 validation values
1100 common software execution environment (home)
The software execution environment (security context) of 1200 safety
3000 bag generating units
3100 compilers
3101 linkers
3102 bag Core Generators
3110 source codes (program's source code)
3111 safety applications
3112 privacy keys
3113,3205 public key certificate
3114,3203 enactment document
3201 application head information
3202 application main bodys
3204 application signature lists
3206 signatures
3210 heads
3211.text section
3212.hctext section
3213.rodata section
3214.data section
3215.bss section
3216.hcdata section