The present invention relates to the protection of the memory area of an electronic microprocessor system. It generally concerns the field of computers and, more particularly, the field of memory cards, the storage element of which, inserted in a card, comprises an electronic integrated circuit managed by a microprocessor. The device of the invention can also be used in the field of the protection of software programs where, by astute programming, it can easily be made to prevent the duplication or printing of programs which are to be kept secret. It may also be aimed at preventing the annoying consequences of operating errors.
In electronic microprocessor systems, notably memory card applications of the computerised money type, it is necessary to restrict access to certain memory areas of the system. In particular, it is desirable to prevent any attempt at fraud through the reading of theoretically prohibited areas in these cards. This is the case, for example, with the areas containing the secret code for the use of the card. On the other hand, the memories of memory cards have other areas, especially those representing a balance, where it should be possible to modify the information stored. A situation is then faced wherein it should be possible or not possible to read different memory areas. In addition, in another type of memory, instructions to be performed by the microprocessor may also be stored. In these areas the same dual situation is encountered where certain instructions may be left to the user while, on the contrary, he is forbidden the use of other instructions.
In a more complicated and more realistic situation, certain instructions are commonplace in themselves but become vital to the confidentiality of the system only if they are applied to certain types of data. For example, an editing instruction is not dangerous if it is applied, with certain precautions, to the editing of the balance of an account. By contrast, it becomes far more vitally important if it is applied to editing the secret code of transaction with the memory card in question. There are known approaches in the prior art where the execution of these prohibited actions is prevented by additional instructions which may be introduced into the system. Ultimately, a system such as this works with a software program in which certain instructions are designed to prevent the execution of the prohibited actions. However, just as it was possible to introduce these instructions, so it may be possible, with an additional software program, to neutralise these prohibitions. Furthermore, these prohibitions complicate the system and may slow down the execution of the instructions that are allowed.
It is an object of the invention to overcome these drawbacks and to propose a simple device, which draws not on the software but rather on the hardware, and which when added to the system neither complicates the use of this system nor slows down its working speed in any way. The principle of the invention lies in the construction of a decision matrix Which receives for example, in real time, the instruction to be executed and the data on which these instructions are to be executed. The decision matrix prepares a signal for validating the operation of the system when the application of the instructions to the data in question may be authorised.
Preferentially, rather than taking the instructions and the pieces of data themselves into account, the decision matrix is capable of working on the addresses of the instructions and of the data concerned. This has the advantage that, when these secret codes are produced subsequently to the fabrication of the integrated circuit, the decision matrix may remain unchanged provided that these secret codes are stored at an address determined beforehand, irrespective of their content. Under these conditions, the decision matrix may be fabricated at the same time as the integrated circuit. This has two advantages: firstly, this matrix does not have to be programmed at a later time. Secondly, having been defined at the very start of the fabrication, it may benefit from all the technological protection system that it is possible to give the other parts of the circuit.
An object of the invention, therefore, is a device for the protection of memory areas of an electronic microprocessor system, the memory areas being divided between areas of a first type and areas of a second type, characterised in that it comprises:
a decision circuit receiving address signals relating to information stored in areas of the first type and of the second type; PA1 and a circuit to validate the working of the system as a function of a signal delivered by the decision circuit in response to the address signals that it receives.
The invention will be understood more clearly from the following description and from the examination of the Figures that accompany it. These are given purely by way of illustration and in no way restrict the scope of the invention.