WO2008008243A3 - Control system and method using identity objects - Google Patents

Control system and method using identity objects Download PDF

Info

Publication number
WO2008008243A3
WO2008008243A3 PCT/US2007/015430 US2007015430W WO2008008243A3 WO 2008008243 A3 WO2008008243 A3 WO 2008008243A3 US 2007015430 W US2007015430 W US 2007015430W WO 2008008243 A3 WO2008008243 A3 WO 2008008243A3
Authority
WO
WIPO (PCT)
Prior art keywords
data
identity
public key
host device
certificate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/US2007/015430
Other languages
French (fr)
Other versions
WO2008008243A2 (en
Inventor
Michael Holtzman
Ron Barzilai
Jogand-Coulomb
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SanDisk Corp
Original Assignee
SanDisk Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US11/557,041 external-priority patent/US8639939B2/en
Priority claimed from US11/557,039 external-priority patent/US20080010458A1/en
Application filed by SanDisk Corp filed Critical SanDisk Corp
Priority to EP07810186A priority Critical patent/EP2038799A2/en
Priority to JP2009518355A priority patent/JP4972165B2/en
Priority to CN2007800257659A priority patent/CN101490687B/en
Publication of WO2008008243A2 publication Critical patent/WO2008008243A2/en
Publication of WO2008008243A3 publication Critical patent/WO2008008243A3/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Mathematical Physics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

An object known as an identity object comprises a public key and a private key pair and at least one certificate issued by a certificate authority that certifies that the public key of the pair is genuine. This object may be used as proof of identification by using the private key to sign data provided to it or signals derived from the data. An identity object may be stored in a non-volatile memory as proof of identity. The memory is controlled by a controller. Preferably, a housing encloses the memory and the controller. The memory system is removably connected to a host device. After the host device has been successfully authenticated, the private key of the object is used to encrypt data from the host device or signals derived from said data, and the at least one certificate and the encrypted data or signals are sent to the host device. After an entity has been authenticated by a control data structure of the memory system, the public key of the identity object and the at least one certificate to certify the public key are provided to the entity. If encrypted data encrypted by means of the public key of the identity object is received from the entity, the memory system will then be able to decrypt the encrypted data using the private key in the identity object.
PCT/US2007/015430 2006-07-07 2007-06-28 Control system and method using identity objects Ceased WO2008008243A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
EP07810186A EP2038799A2 (en) 2006-07-07 2007-06-28 Control system and method using identity objects
JP2009518355A JP4972165B2 (en) 2006-07-07 2007-06-28 Control system and method using identity objects
CN2007800257659A CN101490687B (en) 2006-07-07 2007-06-28 Control system and method using identity objects

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US81950706P 2006-07-07 2006-07-07
US60/819,507 2006-07-07
US11/557,041 US8639939B2 (en) 2006-07-07 2006-11-06 Control method using identity objects
US11/557,039 2006-11-06
US11/557,041 2006-11-06
US11/557,039 US20080010458A1 (en) 2006-07-07 2006-11-06 Control System Using Identity Objects

Publications (2)

Publication Number Publication Date
WO2008008243A2 WO2008008243A2 (en) 2008-01-17
WO2008008243A3 true WO2008008243A3 (en) 2008-02-28

Family

ID=38728800

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/015430 Ceased WO2008008243A2 (en) 2006-07-07 2007-06-28 Control system and method using identity objects

Country Status (5)

Country Link
EP (1) EP2038799A2 (en)
JP (1) JP4972165B2 (en)
KR (1) KR20090034332A (en)
TW (1) TW200822669A (en)
WO (1) WO2008008243A2 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7743409B2 (en) 2005-07-08 2010-06-22 Sandisk Corporation Methods used in a mass storage device with automated credentials loading
FR2954656B1 (en) 2009-12-23 2016-01-08 Oberthur Technologies PORTABLE ELECTRONIC DEVICE AND ASSOCIATED METHOD FOR PROVIDING INFORMATION
JP2016019120A (en) * 2014-07-08 2016-02-01 日本電気通信システム株式会社 Decoding device, communication system, decoding method, and program
CN112738643B (en) * 2020-12-24 2022-09-23 北京睿芯高通量科技有限公司 System and method for realizing safe transmission of monitoring video by using dynamic key

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5473692A (en) * 1994-09-07 1995-12-05 Intel Corporation Roving software license for a hardware agent
WO1998007255A1 (en) * 1996-08-12 1998-02-19 Information Resource Engineering, Inc. Pocket encrypting and authenticating communications device
US6779113B1 (en) * 1999-11-05 2004-08-17 Microsoft Corporation Integrated circuit card with situation dependent identity authentication
WO2006069274A2 (en) * 2004-12-21 2006-06-29 Sandisk Corporation Versatile content control with partitioning

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3012407B2 (en) * 1992-08-31 2000-02-21 日本電気アイシーマイコンシステム株式会社 Level conversion circuit
US6584495B1 (en) * 1998-01-30 2003-06-24 Microsoft Corporation Unshared scratch space

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5473692A (en) * 1994-09-07 1995-12-05 Intel Corporation Roving software license for a hardware agent
WO1998007255A1 (en) * 1996-08-12 1998-02-19 Information Resource Engineering, Inc. Pocket encrypting and authenticating communications device
US6779113B1 (en) * 1999-11-05 2004-08-17 Microsoft Corporation Integrated circuit card with situation dependent identity authentication
WO2006069274A2 (en) * 2004-12-21 2006-06-29 Sandisk Corporation Versatile content control with partitioning

Also Published As

Publication number Publication date
EP2038799A2 (en) 2009-03-25
KR20090034332A (en) 2009-04-07
WO2008008243A2 (en) 2008-01-17
JP2009543210A (en) 2009-12-03
TW200822669A (en) 2008-05-16
JP4972165B2 (en) 2012-07-11

Similar Documents

Publication Publication Date Title
WO2008024559A3 (en) Method and apparatus for authenticating applications to secure services
EP2081353A3 (en) System and method for digital signatures and authentication
GB2434673A (en) Method, device, and system of securely storing data
WO2008026060B1 (en) Method, system and device for synchronizing between server and mobile device
WO2009151832A3 (en) Method and system for securing a payment transaction
JP2013142994A5 (en) Server device, in-vehicle terminal, information communication method, and information distribution system
WO2008095011A3 (en) Methods and systems for authentication of a user
WO2007125486A3 (en) Improved access to authorized domains
WO2007001328A3 (en) Information-centric security
EP3001598A1 (en) Method and system for backing up private key in electronic signature token
WO2008049032A3 (en) System and method for secure transaction
WO2007096871A3 (en) Device, system and method of accessing a security token
WO2004114046A3 (en) System and method for public key infrastructure based software licensing
WO2008085447A3 (en) Securely recovering a computing device
ATE406726T1 (en) METHOD AND APPARATUS FOR STORING CRYPTOGRAPHIC KEYS, WHICH KEY SERVERS ARE AUTHENTICATED THROUGH POSSESSION AND SECURE DISTRIBUTION OF STORED KEYS
CN103473592B (en) A kind of label off-line authenticating method and device based on CPK system
WO2006093561A3 (en) Secure software communication method and system
WO2008051700A3 (en) Method and system for authentication bonding two devices and sending authenticated events
WO2008110786A3 (en) Verification of movement of items
WO2005029227A3 (en) System and method for authentication
CN104052606A (en) Digital signature, signature authentication device and digital signature method
GB2521802A (en) Reissue of crypographic credentials
WO2010011916A3 (en) Http authentication and authorization management
WO2010011921A8 (en) Http authentication and authorization management
WO2009131656A3 (en) System and method for secure remote computer task automation

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200780025765.9

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 2007810186

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2009518355

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 1020097000391

Country of ref document: KR

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07810186

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: RU