(1) Field of the Invention
The present invention relates to a technology of loading a program into a specified area.
(2) Description of the Related Art
There have been disclosed technologies regarding devices or methods for loading a program safely onto memory in the processor.
It should be noted here that the “loading” indicates generating an execution image (object, instance) of a program, which is recorded in a recording medium, in a memory area such that the execution image can be executed by the processor.
For example, in a method of loading a program from an external storage device into the processor, the program is encrypted, and authentication information certifying the authenticity of the program is attached thereto before the program is stored in the external storage device. The program is decrypted and authenticated before the program is run by the processor.
The above-described construction is able to prevent an undesired program, such as a program that exposes the contents of other programs running on the same processor, from being run on the processor.
Meanwhile, the memory, which is the load destination of the program, is divided into two types: a secure memory having a secure mechanism; and a normal memory not having such a secure mechanism.
For example, to achieve a copyright protection method with software, it is required that a program is loaded into an environment in which it is difficult to analyze software or to run a program that has been tampered with. In this case, the program loader needs to load a target-program onto a secure memory. Here, it is possible to increase the resistance against the program analysis or tampering by a party outside the processor, by loading the program onto a RAM that is located within the processor. This is because the construction of the processor physically conceals a bus that is a data transmission/reception path between the RAM and a calculator of the processor. That is to say, it is possible to minimize the danger of the program being exposed or tampered, by adopting a mechanism in which a program, which is implemented with an algorithm that needs to be concealed, is first loaded onto a secure RAM provided within the processor so as to be run thereafter.
Meanwhile, the above-described secure memory may be used as a temporary storage destination to store a program that is obtained as a result of decrypting an encrypted program. And the computer system causes the processor to run the program stored in such a storage as an authentic program. Suppose here that a party with a malicious intention has rewritten a load-destination address. In this case, the program loader loads the program into a secure area in accordance with the tampered load-destination address, and the processor attempts to run the program in the secure area. However, a malfunction may occur in the processor since the program may have been loaded at a wrong position by the rewriting of the load-destination address. This gives a clue to an attack to the system by the third party.
Also, there would be another problem. Even if a secure area is provided, some programs may be loaded into a memory space (normal memory) other than the secure memory. With respect to a program that is stored in the normal memory, there is no way to discern whether the program was stored in the normal memory since the program need not to be stored in the secure area, or the program was stored in the normal memory since the load-destination address of the program had been tampered with by a party with a malicious intention. If the loading of the latter case is permitted, it means that it is permitted that disadvantageous acts against the program may occur, and in this case, the meaning of providing the secure area is almost lost.