登录/注册
我们的承诺从这里开始
注意没有硬件, 软件, 或系统可以提供绝对的安全性,以应对所有威胁, so education on best practices to avoid things like spearfishing attacks is critical for individuals and organizations.
\r\n我们重视安全. 如果您有问题或担忧,请在我们的
\r\n"}}' id="text-54252cb443">在微米, our commitment to excellence is anchored in our steadfast dedication to comprehensive security for our solutions, 由我们对质量的不懈关注驱动.
在当今以数据为中心的世界中,安全性至关重要. IT经理, 首席信息官(cio), chief information security officers (CISOs) and everyday consumers face ever-increasing threats from cybercriminals attempting to access and acquire private, 敏感和有价值的数据. 的se threats call for layered data protection that secures both data in flight, 在存储器或存储器设备之间传输的数据, 存储数据, 它驻留在存储或记忆设备中.
美光将强大的安全功能集成到我们的沙巴体育结算平台设计中, 例如实现安全引导过程, 建立信任的硬件根, 在适用的情况下加密数据, 并实现标准化的安全特性.1 Our “security by design” approach integrates security as a core product and business requirement, 增强我们对不断变化的安全威胁的抵御能力.
注意没有硬件, 软件, 或系统可以提供绝对的安全性,以应对所有威胁, so education on best practices to avoid things like spearfishing attacks is critical for individuals and organizations.
我们重视安全. 如果您有问题或担忧,请在我们的
保护您的数据
美光沙巴体育结算平台旨在加强您最关键的数据.
沙巴体育结算平台
- 美光DRAM和HBM
- 微米固态硬盘
- 微米NAND组件
- 美光管理NAND
- 微米,也不
美光DRAM和HBM
\n
\nDRAM安全相关资产\n
- \n
- 见微米 安全关键汽车系统中的DRAM 了解更多信息. \n
- Learn more about 微米’s drive for 汽车. \n
- 读 JEDEC沙巴体育安卓版下载DDR5标准的新闻稿. \n
- 看到 微米 DDR5 SDRAM站点 了解更多信息. \n
- 了解美光公司 质量认证(微米级).com). \n
微米 DRAM products meet or exceed JEDEC standards that are collaboratively developed by the industry. 这 consortium includes a dedicated task group on security and data integrity. In addition to designed-in security features, the inherent operation of DRAM requires constant power. 物理地将设备从系统中移除将干扰已编程的内容.
美光是存储器行业中第一个将DRAM沙巴体育结算平台认证为ASIL D的公司, 最高级别的ISO 26262功能安全要求. Our proprietary product safety features use existing JEDEC supported pins and mode registers and are developed to improve diagnostic coverage of transient and permanent faults. 其中一个特性就是我们的Testmode Entry Flag. 这 feature will alert the host to the use of modes that could represent attacks if the host did not specifically request these actions.
DRAM安全相关资产
- 见微米 安全关键汽车系统中的DRAM 了解更多信息.
- 了解更多沙巴体育安卓版下载美光的驱动器 汽车.
- 读 JEDEC沙巴体育安卓版下载DDR5标准的新闻稿.
- 看到 微米 DDR5 SDRAM站点 了解更多信息.
- 了解美光公司 质量认证(微米级).com).
微米固态硬盘
此外,为了帮助打击恶意数字篡改:
\nAttestation: Uses a secure mechanism to validate trust in server components such as 固态硬盘s.
\n
- \n
- Secure boot: Uses a trust relationship between different entities where each entity honors the other’s authenticity, and each step is subject to attestation prior to execution (such as during power-on). 微米固态硬盘 secure boot uses a chain of trust mechanism in which the 固态硬盘的固件 bootloader trusts the immutable 固态硬盘 ROM, 主固件, 反过来, 信任引导加载程序. \n
- 已签名固件:在固态硬盘固件更新之前对其进行身份验证, 可以保护我们的固态硬盘免受恶意固件的攻击. \n
- 除上述安全外, 微米固态硬盘s are designed to provide additional data protection by implementing standards-based encryption and other security mechanisms. 通过利用行业指定的机制, 美光促进了数据安全的快速采用, 以及广泛的互操作性. \n
- 可信计算组 (TCG)3 黄铁矿: A standard that provides basic security but does not support user data encryption. \n
- TCG蛋白石:一种标准,旨在提供比黄铁矿更高级的安全性. Opal标准可用于加密sed中的用户数据. \n
- TCG Enterprise: A standard designed to help protect against data loss due to theft of physical storage devices. \n
- eDrive: A combination of IEEE-1667 and TCG Opal that works with Windows BitLocker to help encrypt the contents of the 固态硬盘.4 \n
- 硬件安全引擎:美光公司部署AES-256等加密引擎, RSA 4096, 和SHA-512. 中指定的关键安全标准 商用国家安全算法(CNSA)套件 文档. \n
固态硬盘安全相关资产
\n- \n
- 有关美光固态硬盘支持的安全特性列表,请 阅读美光固态硬盘安全特性传单, confirm the capabilities of your specific part number, and consult with 微米 technical support. \n
- \n
- 有关固态硬盘安全术语的概述,请阅读 美光技术简报:固态硬盘安全特性. \n
Note that not all security features are implemented on all product families or all product SKUs within a family.
\n"}}' id="text-7075a3b726">微米 customers trust our products to store and help protect their most critical and sensitive data. That is why we build security into the design of our 固态硬盘s with robust encryption and authentication features, 以及符合行业标准的数据处理方法. We also test the security of our data center 固态硬盘s and other select products at key development milestones to ensure they are hardened against known attacks.
Our 微米-branded 固态硬盘 portfolio includes robust security features and is designed to meet our customers’ needs, which often go beyond those specified by industry groups for trusted computing platforms.1 We use numerous methods to enhance the security of data across various 固态硬盘s in our portfolio.
美光集成了专注于平台级安全的功能:
安全协议和数据模型2 (SPDM):定义消息, data objects and sequences for performing message exchanges between devices over a variety of transport and physical media.
微米 secure execution environment (SEE): A dedicated security processor consisting of dedicated ROM, 固件和安全微处理器. 的 secure microprocessor is electrically isolated from other microprocessors within the 固态硬盘 controller and SEE execution cannot be preempted by nonsecure code. 这 isolation significantly reduces the opportunity for the security functionality of the storage device to be accidentally or maliciously circumvented.
微米 helps secure data upon 固态硬盘 retirement or repurpose with features like these:
Cryptographic erase: Erasing a self-encrypting drive (SED) by permanently destroying the encryption key.
- Sanitize: Removing data from the storage device to a point that exceeds the ability to reconstruct the data by known forensic means.
- Secure erase: Executing a block erase on each element in the 快闪记忆体 array in the 固态硬盘.
微米 supports data security when debugging 固态硬盘s in the data center by utilizing mechanisms designed to provide helpful diagnostic information without exposing user data and blocking access through dedicated debug ports on shipping drives. 我们还通过验证我们的加密函数 红队测试,并在一些沙巴体育结算平台上寻找 FIPS认证.
此外,为了帮助打击恶意数字篡改:
Attestation: Uses a secure mechanism to validate trust in server components such as 固态硬盘s.
- Secure boot: Uses a trust relationship between different entities where each entity honors the other’s authenticity, and each step is subject to attestation prior to execution (such as during power-on). 微米固态硬盘 secure boot uses a chain of trust mechanism in which the 固态硬盘的固件 bootloader trusts the immutable 固态硬盘 ROM, 主固件, 反过来, 信任引导加载程序.
- 已签名固件:在固态硬盘固件更新之前对其进行身份验证, 可以保护我们的固态硬盘免受恶意固件的攻击.
- 除上述安全外, 微米固态硬盘s are designed to provide additional data protection by implementing standards-based encryption and other security mechanisms. 通过利用行业指定的机制, 美光促进了数据安全的快速采用, 以及广泛的互操作性.
- 可信计算组 (TCG)3 黄铁矿: A standard that provides basic security but does not support user data encryption.
- TCG蛋白石:一种标准,旨在提供比黄铁矿更高级的安全性. Opal标准可用于加密sed中的用户数据.
- TCG Enterprise: A standard designed to help protect against data loss due to theft of physical storage devices.
- eDrive: A combination of IEEE-1667 and TCG Opal that works with Windows BitLocker to help encrypt the contents of the 固态硬盘.4
- 硬件安全引擎:美光公司部署AES-256等加密引擎, RSA 4096, 和SHA-512. 中指定的关键安全标准 商用国家安全算法(CNSA)套件 文档.
固态硬盘安全相关资产
- 有关美光固态硬盘支持的安全特性列表,请 阅读美光固态硬盘安全特性传单, confirm the capabilities of your specific part number, and consult with 微米 technical support.
- 有关固态硬盘安全术语的概述,请阅读 美光技术简报:固态硬盘安全特性.
Note that not all security features are implemented on all product families or all product SKUs within a family.
微米级NAND组件
微米 NAND devices are used in a wide variety of systems where cost-effective nonvolatile memory is needed. 微米 NAND devices are designed to meet and exceed the ONFI and JEDEC standards for NAND that are collaboratively developed by those open-membership industry-leading consortiums.
微米 NAND器件实现了数据完整性的常用最佳实践, 错误恢复和访问控制, allowing host data to reside in a robust device that will meet the performance and reliability needs of the wide variety of systems that use NAND. 的se are some of the more notable security features available in select NAND products:
- 读 unique ID: All 微米 NAND supports an identifier programmed into the device that allows host systems to uniquely identify a NAND device.
- One-time programmable storage: All 微米 NAND supports a one-time-programmable (OTP) area outside the main flash array where customers can program their unique data. 的 OTP functionality allows a host system to lock data programmed into the OTP area from being modified.
- Block lock and protect: Select 微米 low-density NAND devices support block lock and protect functionality, 允许主机系统锁定在块地址范围内编程的数据, 保护它不被修改. Contact your local 微米 field support representative to understand what features are available on these devices.
NAND相关资产
美光管理NAND
微米 offers a full range of secure managed NAND products to meet the storage needs of a broad array of solutions. 我们完全管理的设备-包括美元, eMMC, and UFS — handle media management and error correction code (ECC) internally to help make technology transitions more seamless.
管理与非 products released after April 2019 support an authenticated firmware update mechanism as described in NIST 800-193平台固件弹性指南.
托管NAND和特定组件的安全功能
管理与非 products released after April 2019 support the following features:
- Authenticated firmware update: Designed with an RSA signature for firmware binaries and public keys in ROM, 在生产流程和现场固件更新(FFU)期间进行检查. HMAC (Hash Message Authentication Code)签名检查, 基于秘密密钥和设备唯一密钥, 在每次引导时由ROM执行.
- Disabling debug ports in production parts: Executed with required host authentication (based on RSA) for unlocking debug ports for failure analysis.
- Encryption of security-critical parameters at rest: Designed to help protect against physical attacks (e.g.,人民币键).
Note that not all security features are implemented on all managed NAND product families or all product SKUs within a family.
微米,也不
NOR devices are typically used in system boot environments where high reliability, 需要低延迟和粒度数据访问. 而针对核心NOR功能的安全行业标准却很少, 微米,也不 devices enable commonly used best practices for data integrity and access control, allowing user content to reside in a robust device that will perform the system-critical boot process in a reliable manner.
- Baseline block locking: 微米,也不 devices offer several forms of block locking that are customer-configurable based on their unique system requirements. Blocks may be protected from malicious and spurious manipulation in several ways, 包括基于命令的易失性和非易失性锁定以及密码锁定. Once a block is locked, it becomes read-only, ensuring data integrity and reliability.
- Advanced block locking: 微米 Xccela™ MT35X and select Quad SPI MT25Q part numbers offer additional block locking capabilities, such as range-based block locking with status and management configuration registers.
- Unique ID: 微米,也不 devices come with a 64-bit, 14-to-16-byte unique identifier code.
- One-time programmable storage: 微米 Quad SPI MT25Q and Xccela MT35X devices each have a 64-byte, one-time-programmable area outside the main flash array where customers can set their own unique identifiers. 美光MT28EW器件将该区域扩展到1KB. 这个内置功能便于库存控制, 客户的可追溯性或类似功能.
- Replay-protected monotonic counter (RPMC): 微米 Quad SPI MT25Q product lines add four integrated monotonic counters on select part numbers, which may only be incremented by a host with knowledge of a secret 256-bit cryptographic key. 每个计数器的内容也可以由主机进行加密验证. 这 enables one-time use numbers from each counter that preserve uniqueness and help to make systems more resistant to rollback and replay attacks.
NOR安全相关资产
- 在这里了解更多沙巴体育安卓版下载也不闪的信息 多功能性:简单,可扩展,高效的NOR闪存.
微米安全资源
如果您有问题或担忧,请在我们的 沙巴体育结算平台安全和漏洞报告站点. Contact your 微米 account representative for additional details on these practices.
美光不对丢失、被盗或损坏的数据承担任何责任.