 |
Description  |
|
|
BACKGROUND OF THE INVENTION
The present invention relates generally to a memory unit of the type used
as an auxiliary storage device for a computer. More particularly, the
invention is concerned with a memory unit having an improved capability of
protecting data which is stored in an incorporated memory device during a
data read/write operation. The present invention is also concerned with a
method of protecting data stored in the memory unit.
As auxiliary storage equipment for a computer, word processor, built-in
type machine control computer or the like, there is employed a
semiconductor memory unit, including a single or a plurality of
semiconductor memory devices, such as a RAM (random access memory), ROM
(read-only memory) or the like, which are housed in a case. When a RAM is
used as the memory unit, a memory back-up power supply cell is also
contained in the memory unit. This type of semiconductor memory unit can
be detachably connected (slot-in/slot-out) to a control terminal of the
computer by means of a connector so that a data reading/writing operation
can be performed on the memory unit by the control terminal. The memory
unit is so designed that data written in the memory unit can be maintained
even when the memory unit is disconnected from the control terminal.
In this type semiconductor memory unit, it is apparently desirable to
protect the data written in the memory from inadvertent erasure and from
erroneous rewriting. Further, there are certain applications where it is
required to inhibit data from being read out by a third party in order to
ensure the confidentiality of the written data.
Under the circumstances, there has been known heretofore a technique
according to which an externally manipulatable lock piece or member
capable of assuming selectively a first or second state (first or second
position) is provided as a part of the case of the semiconductor memory
unit. When the semiconductor memory unit is inserted in a control
terminal, the latter detects the state (or position) of the manipulatable
piece to permit (enable) the data writing operation to the memory unit
when the piece is in the first state, while inhibiting the data writing in
case the piece is in the second state.
The known data protecting technique mentioned above suffers from a problem
in that, because of the external manipulatability of the piece to be set
to the first or second state, there may arise the unwanted possibility
that the data stored in the semiconductor memory unit could be
inadvertently erased or rewritten due to erroneous manipulation of the
lock piece.
Further, with the manipulatable lock piece mentioned above, it is
impossible to ensure the confidentiality of the stored data by inhibiting
with certainty a third party from an attempt to read out the data, because
any one can read out the data by correspondingly manipulating the lock
piece.
On the other hand, a so-called IC card is a typical type of the memory unit
for which a data write/read operation is prohibited. This IC card includes
a microprocessor and a semiconductor memory device incorporated integrally
in the body of the card, and data referred to as password or ciphered
number is previously stored, so that the data write/read operation is
permitted only when a password or ciphered number inputted externally
coincides with the previously stored password.
Such an IC card is intended to be used as a bankbook or a nominal list, by
way of example. To this end, the IC card is provided with an additional
function to classify and rearrange the data in addition to the mere data
storing function with a view to realizing the storage of data in
accordance with preestablished rules of data arrangement. This function
can be accomplished by providing the microprocessor on the card.
In contrast, the semiconductor memory unit of concern is a portable
auxiliary memory or storage device for a computer which has a large
storage capacity and is required only to have the data storage function,
since the storage capacity of the semiconductor memory unit can not be
utilized effectively if the data classification and rearrangement
functions are employed, as in the case of the IC card. Of course, a
microprocessor may be incorporated in the semiconductor memory unit for
enabling or inhibiting data write/read operations with the aid of a
password or ciphered number. In that case, however, the function of the
microprocessor is not made use of fully, which is a disadvantage from the
economical standpoint. Beside, in light of the requirement imposed on the
semiconductor memory unit that it should be compact and have a large
storage capacity, incorporation of the microprocessor should be avoided
since otherwise the semiconductor memory unit could not be realized in a
compact form with a large storage capacity because the microprocessor
occupies a large proportion of available space in the semiconductor memory
unit. Additionally, the microprocessor is indispensably accompanied by a
program for operating it as well as a memory for storing the program,
giving rise to a problem that the circuit scale of the semiconductor unit
is enlarged, involving increased expenditure. For these reasons, it is
undesirable to incorporate the microprocessor in the semiconductor memory
unit.
SUMMARY OF THE INVENTION
It is therefore an object of the present invention to provide a
semiconductor memory unit or device which can ensure protection of the
confidentiality of stored data by adding a circuit of simplified
configuration, to thereby solve the problems described above.
Another object of the present invention is to provide a portable type
semiconductor memory unit or apparatus having no microprocessor or central
processing unit and which is nevertheless capable of inhibiting
selectively accesses to the data stored in the memory unit.
It is still another object of the present invention to provide a
semiconductor memory cartridge incorporating no microprocessor and having
a function to protect the data stored in the semiconductor memory
cartridge while enabling selectively read/write accesses which are
accompanied with a particular password.
A further object of the present invention is to provide an inexpensive and
compact semiconductor memory unit having a large storage capacity in which
identification of an inputted password can be realized by a circuit of
inexpensive and simple configuration while assuring protection of
confidentiality of the stored data as well as protection of the data
against destruction.
In view of the foregoing objects, there is provided according to a general
aspect of the present invention a semiconductor memory unit or apparatus
which includes a memory for storing a password together with a flag for
inhibiting or permitting a data read/write mode of operation, a latch for
storing temporarily a password inputted externally, and a comparison
circuit for comparing the password stored in the memory with that held by
the latch upon request of inhibited access for thereby setting the
semiconductor memory to a predetermined mode or inhibiting the memory from
being set to a predetermined mode. With this arrangement, the data stored
in the semiconductor memory unit can be protected against any unauthorized
destruction and leakage of confidentiality with a simplified circuit
structure without resorting to the use of microprocessor.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a block diagram showing a general circuit arrangement of a
semiconductor memory unit or apparatus together with a control terminal
used for making access to the data stored in the memory unit;
FIG. 2 is a block diagram showing a circuit configuration of a comparator
employed in the memory unit shown in FIG. 1;
FIGS. 3A and 3B are flow charts illustrating procedures for making decision
as to whether access to an incorporated semiconductor memory device are to
be inhibited or permitted in read and write modes, respectively;
FIG. 4 is a block diagram showing an arrangement of a semiconductor memory
unit according to another embodiment of the invention; and
FIG. 5 is a view similar to FIG. 4 and shows a semiconductor memory unit
according to another embodiment of the invention.
DESCRIPTION OF THE PREFERRED EMBODIMENTS
In the following, the present invention will be described in detail in
conjunction with the preferred and exemplary embodiments thereof by
referring to the accompanying drawings.
FIG. 1 shows in a block diagram a general arrangement of a semiconductor
memory unit according to an embodiment of the invention together with a
control terminal used for making access to the data stored in the memory
unit. In the figure, a reference numeral 1 denotes the control terminal, 2
denotes the semiconductor memory unit implemented in the form of a card or
cartridge, 3 denotes a control circuit, 4 denotes a semiconductor memory
device incorporated in the card, 5a and 5b denote connectors, 6 denotes a
password latch incorporated in the card, 7 denotes a password memory, 8
denotes a comparison circuit, 9 denotes a memory back-up battery serving
as a power source for supplying electric power to the volatile
semiconductor memory device 4, 10 denotes a data bus, 11 denotes an
address bus, 12 denotes a control bus for transmitting control signals
required upon making access to the semiconductor memory device 4, numerals
13, 14 and 15 denote output lines and finally a numeral 16 denotes a
control line branched from the control bus 12.
Referring to FIG. 1, the semiconductor memory card or cartridge 2 is
adapted to be inserted removably in the control terminal 1. When the
semiconductor memory card 2 is placed in the control terminal 1,
electrical connection is established between the memory card 2 and the
control terminal 1 through the connectors 5a and 5b. The semiconductor
memory device 4 can be accessed by the addressing signal and the control
signal supplied from the control circuit 3 through the address bus 11 and
the control bus 12, wherein data writing and reading operations as well as
data transfer between the semiconductor memory device 4 and the control
circuit 3 are performed through the bidirectional data bus 10.
In the case of the illustrated embodiment, the semiconductor memory device
4 is implemented as a random access memory or RAM. Accordingly, when the
semiconductor memory card 2 is removed from the control terminal 1, the
semiconductor memory device 4 is backed up by the memory backup power
supply source 9 so that data written in the semiconductor memory device 4
can be maintained however, it should be appreciated that the semiconductor
memory device 4 is not restricted to a RAM but can be implemented in other
forms, such as erasable programmable read-only memory (EPROM),
electrically erasable programmable read-only memory (EEPROM), mask
read-only memory (MROM) or the like.
On the other hand, the password memory 7 also constituted by a
semiconductor memory device is initially loaded with a password and a flag
through the data bus 10 and the control line 16 by a particular control
terminal authorized to perform the password writing operation. Usually,
the word length of a password corresponds to 4 to 10 places in the decimal
number, and the flag is of two bit data length. Accordingly, the password
memory 7 can be realized with the storage capacity of 2 to 5 bytes. The
operation modes to be inhibited by using the password are the data write
mode and the data read mode, respectively. Thus, one bit of the flag
corresponds to the data write mode with the other bit corresponding to the
data read mode. Now, it is assumed that the flag is represented by a bit
combination (F.sub.R, F.sub.W), where the bit F.sub.R is allocated to the
read mode with the F.sub.W being allocated to the write mode and that the
bit of "1" represents inhibition of the corresponding mode with the bit of
"0" enabling the corresponding mode. On this assumption, the flag assumes
the values listed in the following table 1 in dependence on the modes to
be inhibited.
TABLE 1
______________________________________
MODE TO BE INHIBITED FLAG
______________________________________
Write Mode Only 01
Read Mode Only 10
Both of Write and Read Modes
11
______________________________________
Accordingly, when the mode to be inhibited is, for example, "read mode
only", the flag to be stored in the password memory assumes the value "1,
0". In this case, writing of data can be performed freely.
When the semiconductor memory unit or card 2 is connected to the control
terminal 1, the password memory sends out constantly the password
(hereinafter referred to as the set password) together with the flag onto
the output line 14 in the form of parallel bit data.
It is now assumed that only the flag (1, 0) representative of inhibition
only of the read mode is stored in the flag area of the password memory 7.
On this assumption, when an access request signal for reading out data
from the semiconductor memory device 4 and a password identifying the
person requesting the access are received by an access request unit 3A of
the control circuit 3, the latter sends out the input password onto the
data bus 10 while sending out a read control signal and a latch signal
onto the control bus 12 (FIG. 3A, step 25). The input password on the data
bus 10 is latched by the password latch 6 in response to the latch signal
supplied through the control line 16. The password latch 6 outputs the
input password onto the output line 13, which password is supplied to the
comparison circuit 8 to be compared with the set password applied through
the output line 14 of the password memory 7 (FIG. 3A, step 26). This set
password identifies a person who is exceptionally admitted to access the
semiconductor memory device 4 for reading or writing data therefrom or
thereto and is previously defined. The access request unit 3A should
preferably be equipped with a display and/or keyboard.
The comparator circuit 8 is additionally connected to the control line 12
and is supplied with the read control signal through the control line 12.
When the input password coincides with the set password, the read control
signal is outputted onto the output line 15 from the comparison circuit 8,
whereby the semiconductor memory device 4 is set to the state to allow the
data read operation to be performed (FIG. 3A, step 27). The abovementioned
read control signal is also supplied to the control circuit 3, which
responds to this read control signal to decide that the data reading
operation is permitted. Thus, the control circuit 3 can send an address
signal to the semiconductor memory device 4 through the address bus 11 and
read out desired data from the semiconductor memory device 4 through the
data bus 10 (FIG. 3A, step 28).
On the other hand, when a discrepancy is found between the input password
and the set password, the comparator circuit 8 can not produce the
enabling control signal on output line 15 (FIG. 3A, step 30), since it is
determined that the flag indicating the inhibition of only the read mode
is stored in the password memory 7 at a decision step 29 of FIG. 3A. As
the consequence, the semiconductor memory device is not seet to the state
which allows data to be read out therefrom. Thus, the control circuit 3
makes a decision that the data reading from the semiconductor memory
device 4 is inhibited.
Now, the description will turn to the data writing operation for the
semiconductor memory device 4 on the same assumption made hereinbefore. At
first, through the similar procedure taken in the data reading operation
described above, an input password is latched by the password latch 6.
Subsequently, an operation set forth in block 37 shown in FIG. 3B is
carried out independent of whether the input password coincides with the
set password, resulting in the write control signal sent out through the
control line 12 from the control circuit 3 being outputted on the output
line 15 by the comparator circuit 8. In this manner, the data writing
operation to the semiconductor memory device 4 is always permitted (FIG.
3B, step 38).
As will be understood from the above description, when the flag indicating
the inhibition only of the data reading operation is stored in the
password memory 7 at the flag area, the operation of reading out data from
the semiconductor memory device 4 is permitted only when coincidence is
detected between the input password and the set password, although the
data writing operation to the semiconductor memory device is always
permitted.
Conversely, assuming that the flag (0, 1) indicative of inhibition only of
the data writing operation is set in the password memory 7, the data
writing operation to the semiconductor memory 4 is permitted (FIG. 3B,
step 37) only when coincidence is confirmed between an input password and
the set password (FIG. 3B, step 36), although the operation for reading
out data from the semiconductor memory device is always permitted through
the decision routine including the steps 26 and 29 (FIG. 3A) regardless of
whether or not an input password coincides with the set password.
Finally, when the flag (1, 1) indicating inhibition of both reading and
writing operations is set in the password memory 7, neither the operation
for writing data in the semiconductor memory device 4 nor the operation
for reading data therefrom is permitted unless coincidence is found
between an input password and the set password.
As will now be appreciated, it is possible to prevent the semiconductor
memory device 4 from erroneous data erasure and inadvertent data rewriting
by using the password and the flag in the manner described above.
Additionally, protection of confidentiality of the data stored in the
semiconductor memory device 4 can be assured. The password memory 7 may be
realized by using a memory of very small capacity. The password latch 6
can also be constituted by a conventional parallel data latch. The
comparator circuit 8 can be implemented in a relatively simple logic
configuration. An exemplary embodiment of the comparator circuit 8 will be
described below by referring to FIG. 2. In this figure, reference symbols
12R and 12W denote control lines, 14P, 14R and 14W denote output item
signals from the password memory 7, symbols 15R and 15W denote output
lines for finishing signals representative of the result of comparsion, 17
denotes a coincidence circuit, 18 and 19 denote AND gates, and numerals 20
and 21 denote OR gates. Further, like reference symbols are used to denote
same parts of the system shown in FIG. 1 for simplifying the description.
Referring to FIG. 2, the set password produced on the output line 14P of
the password memory 7 is supplied to one input of the coincidence circuit
17 constituting a part of the comparataor circuit 8. The coincidence
circuit 17 receives at the other input the latched input password from the
password latch 6. Upon coincidence being found between the input password
and the set password, the coincidence circuit 17 outputs a signal of logic
"0" and otherwise produces a signal of logic "1". This output signal of
the coincidence circuit 17 is applied to one input of the AND gates 18 and
19, respectively.
The password memory 7 further stores the two-bit flag having the bit
F.sub.R indicating inhibition of the data reading operation and the
F.sub.W bit indicating inhibition of the data writing operation. The read
inhibit bit F.sub.R signal is supplied to the other input of the AND gate
18 by way of the bit output line 14R, while the write inhibit bit F.sub.W
is supplied to the other input of the AND gate 19 through the output line
14W. The output signal of the AND gate 18 is applied to one input of the
OR gate 20 which receives at the other input thereof the read control
signal supplied over the control line 12R. On the other hand, the output
signal of the AND gate 19 is applied to one input of the OR gate 21 which
receives at the other input thereof the write control signal supplied
through the control line 12W.
It is assumed that the semiconductor memory device 4 (see FIG. 1) is set to
the read mode when the read control signal applied through the control
line 12R is logic "0", while the memory device 4 is set to the write mode
in response to the write control signal of logic "0" applied through the
control line 12W. Thus, when the read control signal produced on the
output line 15R connected to the output of the OR gate 20 is logic "0",
the semiconductor memory device 4 is set to the data read mode, and the
control circuit 3 (see FIG. 1) decides that operation of reading out data
from the semiconductor memory device 4 is permitted or enabled. On the
other hand, when the write control signal outputted on the output line 15W
by the OR gate 21 is logic "0", the semiconductor memory device 4 is set
to the data write mode, whereupon the control circuit 3 decides that
operation of writing data to the semiconductor memory device 4 is enabled.
Now, description is turned to the operation of the comparator circuit 8 on
the assumption that the flag (1, 0) whose bits F.sub.R and F.sub.W are "1"
and "0", respectively, is set in the password memory 7, as indicated in
the table 1.
When it is desired to read out data from the semiconductor memory device 4,
an input password as loaded through the access request unit 3A (see FIG.
1) is latched by the password latch 6. At that time, the read control
signal on the control line 12R is logic "0", while the write control
signal on the control line 12W is logic "1". When the input password
coincides with the set password stored in the password memory, the output
signal of the coincidence circuit 17 is logic "0". The following truth
value table holds true for each of the AND gates 18 and 19.
TABLE 2
______________________________________
INPUT 1 INPUT 2 OUTPUT
______________________________________
0 0 0
1 0 0
0 1 0
1 1 1
______________________________________
Accordingly, both outputs of the AND gates 18 and 19 are logic "0". On the
other hand, the truth value table for the OR gates 20 and 21 is as
follows:
TABLE 3
______________________________________
INPUT 1 INPUT 2 OUTPUT
______________________________________
0 0 0
1 0 1
0 1 1
1 1 1
______________________________________
Thus, the read control signal outputted from the OR gate 20 onto the output
line 15R is logic "0", while the write control signal outputted from the
OR gate 21 on the output line 15W is logic "1". Consequently, it is
possible to read out data from the semiconductor memory device 4.
Similarly, when the data writing operation to the semiconductor memory
device 4 is to be performed upon detection of coincidence between the
input password and the set password, the read control signal on the
control line 12R is logic "1", while the write control signal on the
control line 12W is logic "0". Since output signals of both the AND gates
18 and 19 are logic "0", the read control signal outputted on the output
line 15R from the OR gate 20 is logic "1", while the write control signal
outputted on the output line 15W from the OR gate 21 is logic "0". Thus,
the data write operation to the semiconductor memory 4 is enabled.
On the other hand, unless the input password coincides with the set
password, the output signal of the coincides circuit 17 is logic "1".
Since the flag bits are "1, 0", the output signal of the AND gate 18 is
logic "1" with that of the AND gate 19 being logic "0", as can be seen
from the table 2 recited hereinbefore. Consequently, the read control
signal outputted on the output line 15R from the OR gate 20 is set to
logic "1", as is apparent from the table 3. It is thus impossible to read
data from the semiconductor memory device 4 under this condition. In
contrast, the write control signal outputted on the output line 15W from
the OR gate 11 is logic "0" when the write controlsi gnal on the control
line 12W is "0". In this case, the data writing operation to the
semiconductor memory device 4 is enabled.
In this manner, in case the read inhibit flag (1, 0) is set in the password
memory 7, operation of reading out data from the semiconductor memory
device 4 is enabled only when the input password coincides with the set
password, while the data write operation to the memory 4 is always
enabled.
Similarly, in case the write inhibit flag (0, 1) is set in the password
memory 7, both operations of writing and reading data to and from the
semiconductor memory 4 are enabled, if the input password coincides with
the set password, since then the outputs of the AND gates 18 and 19 are
both logic "0". However, unless coincidence is found between the input
password and the set password, the output of the AND gate 18 is logic "0"
with that of the AND gate 19 being "1", whereby the data writing operation
to the semiconductor memory device 4 is inhibited.
When the write and read inhibit flag (1, 1) is set in the password memory
7, the output signals of the AND gates 18 and 19 are both logic "0" upon
detection of coincidence between the input password and the set password,
while the output signals of these AND gates 18 and 19 are both logic "1"
when no coincidence is found between the input password and the set
password. Accordingly, so long as no coincidence is detected between the
input password and the set password, neither operation of writing data to
the semiconductor memory nor operation of reading out data therefrom is
enabled.
The operations taking place upon discrepancy between an input password and
the set password as described above are summarized in the following table
4.
TABLE 4
__________________________________________________________________________
READ CONTROL
WRITE CONTROL
SIGNAL ON SIGNAL ON WRITE READ
FLAG
LINE 12R LINE 12W OPERATION
OPERATION
__________________________________________________________________________
01 1 0 Inhibited
10 1 0 Permitted
11 1 0 Inhibited
01 0 1 Permitted
10 0 1 Inhibited
11 0 1 Inhibited
__________________________________________________________________________
Although the password memory 7 can be constituted by a semiconductor memory
such as a mask read-only memory, erasable programmable read-only memory
(EPROM) or electrically erasable programmablel read-only memory (EEPROM),
it goes without saying that a random access memory (RAM) may also be
employed as the password memory 7. In this case, however, it is required
to back up the password memory 7 by the power supply source 9 intended
inherently for backing up the semiconductor memory device 4 so that the
contents stored in the password memory 7 can be sustained, as shown in
FIG. 4, even after the semiconductor memory unit 2 has been disconnected
from the control terminal 1.
As will be appreciated from the foregoing description, by implementing the
password comparison decision means in the fixed logic circuit
configuration, the number of transistors as required can be decreased by a
factor of 1/1000 when compared with the case in which a microprocessor is
employed for executing the decision procedure for identifying the
password. Besides, a program as well as a memory for the storage thereof
otherwise required is rendered unnecessary, which in turn means that the
space occupied by the password comparison/identification means can be
reduced significantly when compared with the case in which the
microprocessor is used, not to speak of remarkable reduction in the
manufacturing cost.
FIG. 5 shows another embodiment of the invention in which the password
memory is implemented in one and the same semiconductor chip as the
volatile semiconductor memory 4', wherein both memories are backed up by a
common DC power source. Operation of this embodiment is substantially same
as that of the embodiment shown in FIG. 1. The control line 16 for setting
the password and the flag is connected to the password portion of the
volatile semiconductor memory device 4'. The memory 4' may be constituted
not only by a RAM but also by EPROM or EEPROM, wherein the function for
protecting the read-only semiconductor memory device can be performed with
the aid of the password in the manner described hereinbefore.
It should be understood that the protecting function according to the
present invention can be equally realized for optomagnetic storage systems
and optical storage card.
* * * * *
|
|
 |
|
 |
Description |
|
