Patents by Inventor Mikio Hashimoto

Mikio Hashimoto has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9779033
    Abstract: In one embodiment, a storage unit stores a table tree and verifier tree. The table tree includes parent and child tables. The verifier tree includes parent and child verifiers associated with the parent and child tables, respectively. The parent verifier is used for verifying the child table and child verifier. A device stores a secure table tree corresponded to the table tree and used for address translation and a secure verifier tree corresponded to the verifier tree, to a secure storage unit. The device executes verification, based on verification information calculated based on a first child table and first child verifier in the storage unit and a first parent verifier in the secure verifier tree. The device sets the second address of the secure table tree such that the second address designates data in the first storage unit.
    Type: Grant
    Filed: June 19, 2015
    Date of Patent: October 3, 2017
    Assignee: KABUSHIKI KAISHA TOSHIBA
    Inventors: Mikio Hashimoto, Naoko Yamada, Ryotaro Hayashi
  • Publication number: 20170255384
    Abstract: An information processing apparatus includes a nonvolatile memory, a flag settable to a first value indicating that a program stored in a memory region of the nonvolatile memory has not been verified, and to a second value indicating that the program has been verified, a switching circuit configured to set the flag to the first value, in response to a request for permission to modify the program stored in the memory region, and a verification circuit that sets the flag to the second value upon verification of the program stored in the memory region, and upon restart of the information processing apparatus, carries out a verification process of the program prior to execution of the program if the first value is set in the flag, and executes the program without the verification process if the second value is set in the flag.
    Type: Application
    Filed: September 1, 2016
    Publication date: September 7, 2017
    Inventors: Mikio HASHIMOTO, Kentaro UMESAWA, Yoshiyuki AMANUMA
  • Patent number: 9753867
    Abstract: In one embodiment, a device executes reading and writing for a storage unit storing a table tree and verifier tree. The table tree includes a parent table and child table. The verifier tree includes a parent verifier associated with the parent table, and a child verifier associated with the child table. The parent verifier is used for verifying the child table and child verifier. The device stores a secure table tree being a part of the table tree and used for address translation, and a secure verifier tree being a part of the verifier tree, to a secure storage unit. The device executes verification, based on verification information calculated based on a first child table and first child verifier in the storage unit and a first parent verifier in the secure verifier tree.
    Type: Grant
    Filed: June 19, 2015
    Date of Patent: September 5, 2017
    Assignee: KABUSHIKI KAISHA TOSHIBA
    Inventors: Mikio Hashimoto, Naoko Yamada, Jun Kanai, Ryotaro Hayashi
  • Patent number: 9753868
    Abstract: In one embodiment, a device executes reading and writing for a storage unit storing a table tree and verifier tree. The table tree includes a parent table and child table. The verifier tree includes a parent verifier associated with the parent table, and a child verifier associated with the child table. The parent verifier is used for verifying the child table and the child verifier. The device stores a secure table tree being a part of the table tree and used for address translation, and a secure verifier tree being a part of the verifier tree, to a secure storage unit. The device, when data has a read-only attribute, calculates verification information based on the data and a secure value varying according as the data is updated, and executes verification based on a verifier corresponded to the data and the verification information.
    Type: Grant
    Filed: June 19, 2015
    Date of Patent: September 5, 2017
    Assignee: KABUSHIKI KAISHA TOSHIBA
    Inventors: Naoko Yamada, Mikio Hashimoto, Ryotaro Hayashi
  • Publication number: 20170032126
    Abstract: According to one embodiment, an information processing device includes a processor, a nonvolatile memory, a designation unit, and a controller. The nonvolatile memory stores the first software and the second software which is used as substitute for the first software. The designation unit designates software to be executed by the processor at a boot. The controller protects an area of the nonvolatile memory storing the first software from being written while the first software is executed by the processor. When third software is executed by the processor, the third software verifies the second software. When the second software is legal in a result of verifying by the third software, the designation unit designates the second software.
    Type: Application
    Filed: July 28, 2016
    Publication date: February 2, 2017
    Applicant: Kabushiki Kaisha Toshiba
    Inventors: Ryuiti KOIKE, Mikio HASHIMOTO, Naoko YAMADA, Ryotaro HAYASHI
  • Patent number: 9524189
    Abstract: According to an embodiment, an information processing device is connectable to a peripheral device and includes a buffer, a first operating system, a second operating system, and a monitor. The monitor is configured to enable the first operating system or the second operating system to execute in a switching manner. The monitor includes a switching controller that, when the second operating system issues an access request to the peripheral device, saves a state of the second operating system and suspends its execution as well as restores a state of the first operating system and restarts its execution. The first operating system includes a request input-output controller that reads the access request from the buffer, that divides the read access request into instructions in receivable units for the peripheral device, and that issues each instruction. The first operating system includes an access controller that accesses the peripheral device according to the instructions.
    Type: Grant
    Filed: July 1, 2015
    Date of Patent: December 20, 2016
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Jun Kanai, Hiroshi Isozaki, Mikio Hashimoto
  • Publication number: 20160226843
    Abstract: A system software unit performs a first authentication operation with an external device using a first key that is registered in advance. A secure software unit determines whether or not system software satisfies a soundness condition. A dedicated memory unit is used to store a second key. While performing a reregistration operation for reregistering the first key, a system software unit requests the secure software unit to read the second key. When the system software satisfies the soundness condition, the secure software unit generates verification data using the second key. When a second authentication operation performed with the external device using the verification data is successful, the system software unit performs the reregistration operation.
    Type: Application
    Filed: October 15, 2015
    Publication date: August 4, 2016
    Inventors: Ryuiti Koike, Mikio Hashimoto, Naoko Yamada, Ryotaro Hayashi
  • Publication number: 20160055030
    Abstract: According to an embodiment, an information processing device is connectable to a peripheral device and includes a buffer, a first operating system, a second operating system, and a monitor. The monitor is configured to enable the first operating system or the second operating system to execute in a switching manner. The monitor includes a switching controller that, when the second operating system issues an access request to the peripheral device, saves a state of the second operating system and suspends its execution as well as restores a state of the first operating system and restarts its execution. The first operating system includes a request input-output controller that reads the access request from the buffer, that divides the read access request into instructions in receivable units for the peripheral device, and that issues each instruction. The first operating system includes an access controller that accesses the peripheral device according to the instructions.
    Type: Application
    Filed: July 1, 2015
    Publication date: February 25, 2016
    Applicant: Kabushiki Kaisha Toshiba
    Inventors: Jun KANAI, Hiroshi ISOZAKI, Mikio HASHIMOTO
  • Publication number: 20150379290
    Abstract: According to an embodiment, a code processing apparatus includes a determining unit, a concealing unit, an instructing unit, and an unconcealing unit. The determining unit is configured to determine, based on relocation information included in first code data that includes a code body and relocation information representing a portion of the code body to be relocated by a linker, a first portion including at least a part of the code body that is other than the portion. The concealing unit is configured to conceal the first portion. The instructing unit is configured to instruct the linker to process the first code data having the first portion concealed. The unconcealing unit is configured to unconceal the concealed portion of second code data that is generated from the first code data by the linker.
    Type: Application
    Filed: September 8, 2015
    Publication date: December 31, 2015
    Applicants: Kabushiki Kaisha Toshiba, TOSHIBA SOLUTIONS CORPORATION
    Inventors: Yurie SHINKE, Fukutomo NAKANISHI, Hiroyoshi HARUKI, Mikio HASHIMOTO, Fumihiko SANO
  • Publication number: 20150370727
    Abstract: In one embodiment, a device executes reading and writing for a storage unit storing a table tree and verifier tree. The table tree includes a parent table and child table. The verifier tree includes a parent verifier associated with the parent table, and a child verifier associated with the child table. The parent verifier is used for verifying the child table and child verifier. The device stores a secure table tree being a part of the table tree and used for address translation, and a secure verifier tree being a part of the verifier tree, to a secure storage unit. The device executes verification, based on verification information calculated based on a first child table and first child verifier in the storage unit and a first parent verifier in the secure verifier tree.
    Type: Application
    Filed: June 19, 2015
    Publication date: December 24, 2015
    Applicant: KABUSHIKI KAISHA TOSHIBA
    Inventors: Mikio HASHIMOTO, Naoko Yamada, Jun Kanai, Ryotaro Hayashi
  • Publication number: 20150370728
    Abstract: In one embodiment, a device executes reading and writing for a storage unit storing a table tree and verifier tree. The table tree includes a parent table and child table. The verifier tree includes a parent verifier associated with the parent table, and a child verifier associated with the child table. The parent verifier is used for verifying the child table and the child verifier. The device stores a secure table tree being a part of the table tree and used for address translation, and a secure verifier tree being a part of the verifier tree, to a secure storage unit. The device, when data has a read-only attribute, calculates verification information based on the data and a secure value varying according as the data is updated, and executes verification based on a verifier corresponded to the data and the verification information.
    Type: Application
    Filed: June 19, 2015
    Publication date: December 24, 2015
    Applicant: KABUSHIKI KAISHA TOSHIBA
    Inventors: Naoko Yamada, Mikio Hashimoto, Ryotaro Hayashi
  • Publication number: 20150370726
    Abstract: In one embodiment, a storage unit stores a table tree and verifier tree. The table tree includes parent and child tables. The verifier tree includes parent and child verifiers associated with the parent and child tables, respectively. The parent verifier is used for verifying the child table and child verifier. A device stores a secure table tree corresponded to the table tree and used for address translation and a secure verifier tree corresponded to the verifier tree, to a secure storage unit. The device executes verification, based on verification information calculated based on a first child table and first child verifier in the storage unit and a first parent verifier in the secure verifier tree. The device sets the second address of the secure table tree such that the second address designates data in the first storage unit.
    Type: Application
    Filed: June 19, 2015
    Publication date: December 24, 2015
    Applicant: KABUSHIKI KAISHA TOSHIBA
    Inventors: Mikio HASHIMOTO, Naoko Yamada, Ryotaro Hayashi
  • Patent number: 9116741
    Abstract: According to an embodiment, a computer program product includes a computer-readable medium including program, when executed by a computer, to have a plurality of modules run by the computer. The computer includes a memory having a shared area, which is an area accessible to only those modules which run cooperatively and storing therein execution module identifiers. Each of the modules includes a first operation configured to store, just prior to a switchover of operations to an other module that runs cooperatively, an identifier of the other module as the execution module identifier in the shared area; and a second operation configured to execute, when the execution module identifier stored in the shared area matches with an identifier of own module immediately after a switchover of operations from the other module, a function inside the own module.
    Type: Grant
    Filed: August 15, 2012
    Date of Patent: August 25, 2015
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Hiroyoshi Haruki, Mikio Hashimoto, Fukutomo Nakanishi, Ryotaro Hayashi, Yurie Fujimatsu, Tomohide Jokan, Takeshi Kawabata
  • Patent number: 9042553
    Abstract: The debugging unit writes a public key of the key issuing server and an initializing program given from outside, to the storage unit. The instruction executing unit reads and executes the initializing program stored in the storage unit. The debug disabling unit disables the debugging unit. The public-key encrypting unit encrypts the random number by the public key in the storage unit, the random number generated by the random number generating unit after the debugging unit is disabled. The transmitting unit transmits the encrypted random number to the key issuing server. The receiving unit receives an individual key encrypted by the random number from the key issuing server. The individual-key writing unit decrypts the encrypted individual key by the random number to obtain the individual key and write the individual key to the storage unit.
    Type: Grant
    Filed: September 16, 2011
    Date of Patent: May 26, 2015
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Mikio Hashimoto, Shinji Yamanaka, Yuichi Komano, Taku Kato, Hiroshi Isozaki
  • Publication number: 20150143132
    Abstract: According to an embodiment, an information processing device includes a first manager, a second manager, and a generator. The first manager loads a first class of a first object that requests execution of methods contained in a second object and a third class of a limiter configured to limit access from the first object to the methods. The second manager loads a second class of the second object. The generator generates the second object from the second class upon receiving a generation request for generating the second object from the first object, generates the limiter from the second object and the third class, and transmits the limiter to the first object.
    Type: Application
    Filed: September 26, 2014
    Publication date: May 21, 2015
    Inventors: Hiroyoshi Haruki, Fukutomo Nakanishi, Mikio Hashimoto
  • Patent number: 8935530
    Abstract: A control device includes: a random number generating unit that generates a random number; a first setting unit that sets the random number in a first storage; a message creating unit that encrypts the random number using a public key of the administrative server and to create a request message to be transmitted to the administrative server; a timer starting unit that starts a timer; an activation unit that activates the system software; a timer canceling unit that accepts an interruption from the system software and cancels the timer; a message verifying unit that verifies the notification message from the administrative server using the public key and the random number; and a restart unit that restarts the system software while limiting the functions, in the case where the timer expires time or the verification fails.
    Type: Grant
    Filed: June 27, 2012
    Date of Patent: January 13, 2015
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Mikio Hashimoto, Shinji Yamanaka
  • Patent number: 8918654
    Abstract: A first storage unit stores a plurality of security functions each defining a first protection attribute requiring a storage of a value of an argument for input/output of data. A second storage unit stores a program list describing a second protection attribute of a variable indicating a storage area of the data and an executing procedure of a predetermined process. An identifying unit identifies a third protection attribute of an actual argument for input/output of a security function based on the second protection attribute. When a judging unit judges not all of third protection attributes match with first protection attributes, an output unit outputs error information indicating a mismatch of the protection attributes.
    Type: Grant
    Filed: November 19, 2008
    Date of Patent: December 23, 2014
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Mikio Hashimoto, Hiroyoshi Haruki, Yurie Fujimatsu, Takeshi Kawabata
  • Patent number: 8732480
    Abstract: According to an embodiment, a memory management device increments a lower value of a first counter, updates the counter by incrementing an upper value and resetting the lower value when the lower value overflows, increments to update the lower counter value when the upper value is incremented as a result of writing a second data piece having the upper value in common to a memory, recalculates a first secret value calculated using the first counter values and a root secret value in response to the first counter update, writes a first data piece and the first secret value to the memory, and at reading of the first data piece and the first secret value, calculates a second secret value using the updated first counter values and the root secret value, and compares the first secret value with the second secret value to verify the first data piece.
    Type: Grant
    Filed: September 1, 2011
    Date of Patent: May 20, 2014
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Mikio Hashimoto, Hiroyoshi Haruki, Takeshi Kawabata, Tomohide Jokan, Yurie Fujimatsu, Ryotaro Hayashi, Fukutomo Nakanishi
  • Patent number: 8683208
    Abstract: According to one embodiment, an information processing device stores a program list and plural types of security functions each defining therein protection attributes for respective arguments related to input and output of data to be protected, and stores function argument protection attributes and dependency relations each of which is defined by a determinant set and a dependent attribute that satisfy a predetermined condition.
    Type: Grant
    Filed: June 17, 2011
    Date of Patent: March 25, 2014
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Ryotaro Hayashi, Mikio Hashimoto, Hiroyoshi Haruki, Yurie Fujimatsu
  • Patent number: 8650655
    Abstract: According to one embodiment, there is provided a an information processing apparatus, including: a program acceptance portion; a program storage portion; a first function type storage portion; a function type extraction portion; a second function type storage portion; a first alternate function type storage portion; an alternate function type extraction portion; a second alternate function type storage portion; a selection portion; a judging portion; an updating portion; and a protection attribute determination portion.
    Type: Grant
    Filed: August 3, 2011
    Date of Patent: February 11, 2014
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Ryotaro Hayashi, Fukutomo Nakanishi, Mikio Hashimoto, Hiroyoshi Haruki, Yurie Fujimatsu