Patent Application
20060194603
The proliferation of mobile devices has evolved into mobile computing platforms, complete with needs for trusted services. Operators, manufacturers and wireless users need confidence in the integrity and security of the wireless network and the wireless device in the distribution of digital data. Mobile devices may have access to sensitive personal data, online payment data and other private information, and therefore, there is a need to facilitate and enable secure transactions to deliver protected and secure services.
The subject matter regarded as the invention is particularly pointed out and distinctly claimed in the concluding portion of the specification. The invention, however, both as to organization and method of operation, together with objects, features, and advantages thereof, may best be understood by reference to the following detailed description when read with the accompanying drawings in which:
It will be appreciated that for simplicity and clarity of illustration, elements illustrated in the figures have not necessarily been drawn to scale. For example, the dimensions of some of the elements may be exaggerated relative to other elements for clarity. Further, where considered appropriate, reference numerals have been repeated among the figures to indicate corresponding or analogous elements.
In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the invention. However, it will be understood by those skilled in the art that the present invention may be practiced without these specific details. In other instances, well-known methods, procedures, components and circuits have not been described in detail so as not to obscure the present invention.
In the following description and claims, the terms “coupled” and “connected,” along with their derivatives, may be used. It should be understood that these terms are not intended as synonyms for each other. Rather, in particular embodiments, “connected” may be used to indicate that two or more elements are in direct physical or electrical contact with each other while “coupled” may further mean that two or more elements are not in direct contact with each other, but yet still co-operate or interact with each other.
Processor 20 may include baseband and applications processing functions that utilize one or more processor cores. Processor cores 14 and 16, in general, process functions that fetch instructions, generate decodes, find operands, and perform appropriate actions, then store results. The use of multiple cores may allow one core to be dedicated to handle application specific functions such as, for example, graphics, modem functions, etc. Alternatively, the multiple cores may allow processing workloads to be shared across the cores.
A memory controller 18 controls a memory interface 22 that allows the processor cores and cache memory embedded within processor 20 to exchange data with a system memory 24. System memory 24 may include a combination of memories such as a disc, a Random Access Memory (RAM), a Read Only Memory (ROM) and a nonvolatile memory 26, although neither the type nor variety of memories included in system memory 24 are limitations of the present invention.
Nonvolatile memory 26 may be a memory such as, for example, an ETOX™ Flash NOR Memory, an Electrically Erasable and Programmable Read Only Memory (EEPROM), a Ferroelectric Random Access Memory (FRAM), a Polymer Ferroelectric Random Access Memory (PFRAM), a Magnetic Random Access Memory (MRAM), an Ovonics Unified Memory (OUM), or any other device capable of storing instructions and/or data and retaining that information even with device 10 in a power conservation mode. However, it should be understood that the scope of the present invention is not limited to these examples.
Although processor 20 and nonvolatile memory 26 are shown incorporated into a wireless device 10, the processor and nonvolatile memory may be included together in applications other than wireless applications. Accordingly, embodiments of the present invention may be used in a variety of products, with the claimed subject matter incorporated into desktop computers, laptops, smart phones, MP3 players, cameras, communicators and Personal Digital Assistants (PDAs), medical or biotech equipment, automotive safety and protective equipment, automotive infotainment products, etc. However, it should be understood that the scope of the present invention is not limited to these examples.
Note that arrayed nonvolatile memory 214 may be partitioned to include both a secure memory portion and a non-secure memory portion. Alternatively, separate blocks of memories may be designated as secure and non-secure. Update engine 212 may perform bus operations and generate addressing to properly read and program operating code and code updates in secure and non-secure memory locations to prevent un-trusted code from accessing secure resources. Additionally, update engine 212 may perform certain tasks which are described via a command chain that resides in a link list in arrayed nonvolatile memory 214. In accordance with the present invention, direct execution of code from arrayed nonvolatile memory 214 by update engine 212 enhances platform security and allows the use of executable attributes of page tables.
Authentication block 210 may include either a hardware encryption engine or a processor to execute software algorithms, or a combination thereof, and in general address the security concerns for device 10 by performing the necessary mathematical operations in support of encryption, decryption and verification. Thus, authentication block 210 may execute the RSA algorithm, invented in 1978 by Ron Rivest, Adi Shamir and Leonard Adlemen. RSA is a cryptographic algorithm that offers a high level of security for digital data transfers between device 10 and other electronic devices. RSA uses a public key, a private key, and incorporates modular exponentiation mathematics. Modular exponentiation of large integers may be efficiently computed within authentication block 210 by repeated modular multiplications. Pipelining techniques or repetitive multiplication cycles may be used for the massive parallel computations.
Authentication block 210 may further complete hash algorithms such as, for example, the Secure Hash Algorithm (SHA or SHA-1) algorithm. The SHA algorithm takes a given bit stream message and produces a unique 160-bit message digest. The SHA algorithm is specified in the Secure Hash Standard (SHS, FIPS 180), with the SHA-1 algorithm being a revision to SHA that was published in 1994. In accordance with the present invention, authentication block 210 executes instructions and processes data to accommodate applications that include message-digest algorithms, hash functions, public/private keys, digital signatures and authorization certificates.
Update engine 212 includes a processing unit that frees processor 20 from handling certain tasks and operations. Update engine 212 may include address and data registers, data retention storage, counters, decoding logic, state machines and other logic and arithmetic blocks consistent with processing capabilities. Thus, update engine 212 may fetch and execute instructions to perform authentication tasks which with the support of authentication block 210 appropriately address security related issues. By integrating blocks that perform specific functions with update engine 212 and with arrayed nonvolatile memory 214, the performance of device 10 may be improved and significant value may be provided to users and carriers.
An instruction received by transceiver 12 may be identified by processor 20 and passed to update engine 26 for execution (see the path identified by the dotted line 13 in
In another embodiment, update engine 212 manages updates and patches to software code stored by arrayed nonvolatile memory 214. Transceiver 12 receives over-the-air code that is passed through memory interface 22 to arrayed nonvolatile memory 214. Thus, without intervention by processor 20, software received by update engine 212 may be verified using authentication block 210 to resolve security issues, then accepted and stored in arrayed nonvolatile memory 214. By properly managing updates and patches to the existing code, device 10 may prevent the loss, misuse and alteration of the information under the control of device 10. Once the code is accepted as being authorized, rights may be granted to transactions based on a secure/non-secure status. In this embodiment, the integration of an update engine 212 to manage data transfers and an authentication block 210 to resolve security issues frees processor 20 to handle other operations.
In one embodiment, updates and patches to software code stored by arrayed nonvolatile memory 214 may apply to the Basic Input/Output System (BIOS) code. An update BIOS command may be received by transceiver 12 and passed through memory interface 22 to the processing unit and update engine 212. The updated BIOS software received by update engine 212 may be verified using authentication block 210 to resolve security issues. When the BIOS code security issues are resolved, then the updated code may be received in over-the-air transmissions, accepted and stored in arrayed nonvolatile memory 214.
By utilizing the processing unit and update engine 212 along with the authentication block 210 within nonvolatile memory 26, the present invention may securely authenticate BIOS patches and code updates to handsets. Carriers may realize significant cost savings in providing over-the-air BIOS updates that utilize the closed system provided by processing unit and update engine 212, authentication block 210 and arrayed nonvolatile memory 214. The closed system inhibits attacks on stored code by preventing code from being viewed, corrupted or interrupted. Note that updates to BIOS code may be made invisible to the host processor, i.e., processor 20 (see
Specific applications may be requested, downloaded and run by device 10. The application download needs to be authenticated before acceptance is granted and permission to execute the application is granted. Again, the closed system within nonvolatile memory 26 that includes update engine 212, authentication block 210 and arrayed nonvolatile memory 214, may be used to verify and provide billing information associated with the application request, verify the authenticity of the application itself, and inhibit attacks on the received application code, etc. Again, processor 20 may be isolated from the closed system during the application authentication and acceptance process, and the billing process. Host processor 20 may be signaled with permission to execute the received application.
In another embodiment, data may be downloaded from an electronic device such as, for example, a Personal Computer (PC) to wireless device 10 via a Universal Serial Bus (USB). USB offers benefits such as low cost, expandability, auto-configuration and hot-plugging. USB also provides power to the bus, enabling many peripherals to operate without the added need for an AC power adapter. USB may operate at 1.5 Megabits per second (Mbps) and/or 12 Mbps. As before, some instructions received by device 10 may be identified by processor 20 and passed to update engine 26 in nonvolatile memory 26 for execution without further actions by processor 20. For example, instructions that relate to authentication tasks are routed to update engine 26. Update engine 26 executes the instruction and utilizes authentication block 210 and arrayed nonvolatile memory 214. Update engine 26 performs encryption, decryption, authentication and verification tasks, all without burdening processor 20. In an alternate embodiment, infrared techniques using infrared Light Emitting Diodes (LEDs) may be used to transfer data from an electronic device to device 10.
By now it should be apparent that embodiments of the present invention provide an architectural approach for performing authenticated updates in a nonvolatile memory. Further, by incorporating the described architecture the logic and processing power assigned to perform authentication and/or memory modification tasks related to memory updates resides within the non-volatile memory. Performing selected tasks within the nonvolatile memory creates a closed system that cannot be viewed, corrupted, or interrupted by malicious or unreliable software.
While certain features of the invention have been illustrated and described herein, many modifications, substitutions, changes, and equivalents will now occur to those skilled in the art. It is, therefore, to be understood that the appended claims are intended to cover all such modifications and changes as fall within the true spirit of the invention.
