It is disadvantageous for a copyright holder and the like that data of contents such as music data is copied or programs for playing the contents are tampered with in an unauthorized manner. Therefore, it is preferable for the copyright holder and the like that such valuable data is securely processed.
In order to meet the demand, provided is a secure processing device that can securely process data that needs to be confidential.
An integrated circuit having a secure memory inside is an example of such a secure processing device. This secure memory has a mechanism to prevent unauthorized access from outside.
Specifically, in this type of integrated circuit, only a CPU inside the integrated circuit can access the secure memory. Also, the CPU can access the secure memory only when the operation mode thereof is set to a secure mode.
As described above, the secure processing device keeps target data confidential by limiting (i) the subject that is accessible to a storage region storing the target data that needs to be confidential and (ii) an opportunity to access the data.
Some secure processing devices operate by switching between a normal power mode and a power saving mode. While operating in the power saving mode, the secure processing device operates at lower power consumption by limiting parts of the functions. For example, the power supply may be limited, and the CPU may be switched to a sleep mode. A secure processing device having the power saving mode is used, for example, in a battery-powered portable apparatus and the like. In this way, the secure processing device in the portable apparatus securely performs a process with target data that needs to be confidential such as music data while the operation time of the portable apparatus is lengthened.
Also, in the secure processing device, a storage having a mechanism to prevent unauthorized access from outside is usually a volatile memory, to enable the high-speed access of the CPU. Since the storage is usually a volatile memory, data stored therein is lost when the secure processing device is switched to the power saving mode. Therefore, in a case where music data, an important program for playing music and the like are stored only in the storage region, such data and program are cleared every time the secure processing device is switched to the power saving mode.
This may cause inconvenience to a user of an apparatus having the secure processing device.
The following specifically describes such a case by taking an example of when the user of the apparatus plays music data. Assume here that the portable apparatus has been switched to the power saving mode while the user is playing music data. In this case, when the user attempts to resume the music data after the portable apparatus has been switched back to the normal power mode from the power saving mode, the user may have to deal with an unfavorable situation, since the music data in the storage region is lost. For example, the user may have to wait until the music data is read into the storage region to be stored therein again, or the user may have no choice but to start from the beginning of the music data, since information such as a playback position of the music data is lost.
In a technique that is conventionally used in view of the above-described problem, data stored in the storage region is saved into an external memory outside the secure processing device when the secure processing device is switched to the power saving mode. When the secure processing device is switched from the power saving mode to the normal power mode, the data saved in the external memory is restored to the storage region. This enables the secure processing device to resume a processing that was being performed in the normal power mode. As a result, the user does not suffer the inconvenience described above.
However, the above-described technique may cause the secure processing device to go out of control if abnormal data is restored to the secure processing device. Therefore, it is preferable to safely save data into an external memory, and safely restore the data to the secure processing device.
To solve the problem described above, the below-described patent document 1 discloses a technique for saving data into an external memory using a normal procedure. Specifically, the secure processing device stores a keyword in a register when switching to the power saving mode. Then, before saving data into the external memory, the secure processing device judges whether or not the keyword is identical with the content of the register. If judging affirmatively, the secure processing device saves the data into the external memory.
With the above-described technique, even when going out of control and attempting to perform a process of switching to the power saving mode by skipping a process of storing the keyword in the register, the secure processing device terminates the process in response to the detection that the keyword is not consistent with the content of the register.
Patent Document 1: Japanese Laid-open Patent Application No. 5 (1993)-143478.