WO2008008243A3 - Control system and method using identity objects - Google Patents

Control system and method using identity objects Download PDF

Info

Publication number
WO2008008243A3
WO2008008243A3 PCT/US2007/015430 US2007015430W WO2008008243A3 WO 2008008243 A3 WO2008008243 A3 WO 2008008243A3 US 2007015430 W US2007015430 W US 2007015430W WO 2008008243 A3 WO2008008243 A3 WO 2008008243A3
Authority
WO
WIPO (PCT)
Prior art keywords
data
identity
public key
host device
certificate
Prior art date
Application number
PCT/US2007/015430
Other languages
French (fr)
Other versions
WO2008008243A2 (en
Inventor
Michael Holtzman
Ron Barzilai
Jogand-Coulomb
Original Assignee
Sandisk Corp
Michael Holtzman
Ron Barzilai
Jogand-Coulomb
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US11/557,041 external-priority patent/US8639939B2/en
Priority claimed from US11/557,039 external-priority patent/US20080010458A1/en
Application filed by Sandisk Corp, Michael Holtzman, Ron Barzilai, Jogand-Coulomb filed Critical Sandisk Corp
Priority to JP2009518355A priority Critical patent/JP4972165B2/en
Priority to CN2007800257659A priority patent/CN101490687B/en
Priority to EP07810186A priority patent/EP2038799A2/en
Publication of WO2008008243A2 publication Critical patent/WO2008008243A2/en
Publication of WO2008008243A3 publication Critical patent/WO2008008243A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms

Abstract

An object known as an identity object comprises a public key and a private key pair and at least one certificate issued by a certificate authority that certifies that the public key of the pair is genuine. This object may be used as proof of identification by using the private key to sign data provided to it or signals derived from the data. An identity object may be stored in a non-volatile memory as proof of identity. The memory is controlled by a controller. Preferably, a housing encloses the memory and the controller. The memory system is removably connected to a host device. After the host device has been successfully authenticated, the private key of the object is used to encrypt data from the host device or signals derived from said data, and the at least one certificate and the encrypted data or signals are sent to the host device. After an entity has been authenticated by a control data structure of the memory system, the public key of the identity object and the at least one certificate to certify the public key are provided to the entity. If encrypted data encrypted by means of the public key of the identity object is received from the entity, the memory system will then be able to decrypt the encrypted data using the private key in the identity object.
PCT/US2007/015430 2006-07-07 2007-06-28 Control system and method using identity objects WO2008008243A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
JP2009518355A JP4972165B2 (en) 2006-07-07 2007-06-28 Control system and method using identity objects
CN2007800257659A CN101490687B (en) 2006-07-07 2007-06-28 Control system and method using identity objects
EP07810186A EP2038799A2 (en) 2006-07-07 2007-06-28 Control system and method using identity objects

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US81950706P 2006-07-07 2006-07-07
US60/819,507 2006-07-07
US11/557,039 2006-11-06
US11/557,041 2006-11-06
US11/557,041 US8639939B2 (en) 2006-07-07 2006-11-06 Control method using identity objects
US11/557,039 US20080010458A1 (en) 2006-07-07 2006-11-06 Control System Using Identity Objects

Publications (2)

Publication Number Publication Date
WO2008008243A2 WO2008008243A2 (en) 2008-01-17
WO2008008243A3 true WO2008008243A3 (en) 2008-02-28

Family

ID=38728800

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/015430 WO2008008243A2 (en) 2006-07-07 2007-06-28 Control system and method using identity objects

Country Status (5)

Country Link
EP (1) EP2038799A2 (en)
JP (1) JP4972165B2 (en)
KR (1) KR20090034332A (en)
TW (1) TW200822669A (en)
WO (1) WO2008008243A2 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7748031B2 (en) 2005-07-08 2010-06-29 Sandisk Corporation Mass storage device with automated credentials loading
FR2954656B1 (en) 2009-12-23 2016-01-08 Oberthur Technologies PORTABLE ELECTRONIC DEVICE AND ASSOCIATED METHOD FOR PROVIDING INFORMATION
JP2016019120A (en) * 2014-07-08 2016-02-01 日本電気通信システム株式会社 Decryption device, communication system, decryption method, and program
CN112738643B (en) * 2020-12-24 2022-09-23 北京睿芯高通量科技有限公司 System and method for realizing safe transmission of monitoring video by using dynamic key

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5473692A (en) * 1994-09-07 1995-12-05 Intel Corporation Roving software license for a hardware agent
WO1998007255A1 (en) * 1996-08-12 1998-02-19 Information Resource Engineering, Inc. Pocket encrypting and authenticating communications device
US6779113B1 (en) * 1999-11-05 2004-08-17 Microsoft Corporation Integrated circuit card with situation dependent identity authentication
WO2006069274A2 (en) * 2004-12-21 2006-06-29 Sandisk Corporation Versatile content control with partitioning

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3012407B2 (en) * 1992-08-31 2000-02-21 日本電気アイシーマイコンシステム株式会社 Level conversion circuit
US6584495B1 (en) * 1998-01-30 2003-06-24 Microsoft Corporation Unshared scratch space

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5473692A (en) * 1994-09-07 1995-12-05 Intel Corporation Roving software license for a hardware agent
WO1998007255A1 (en) * 1996-08-12 1998-02-19 Information Resource Engineering, Inc. Pocket encrypting and authenticating communications device
US6779113B1 (en) * 1999-11-05 2004-08-17 Microsoft Corporation Integrated circuit card with situation dependent identity authentication
WO2006069274A2 (en) * 2004-12-21 2006-06-29 Sandisk Corporation Versatile content control with partitioning

Also Published As

Publication number Publication date
JP2009543210A (en) 2009-12-03
JP4972165B2 (en) 2012-07-11
EP2038799A2 (en) 2009-03-25
WO2008008243A2 (en) 2008-01-17
KR20090034332A (en) 2009-04-07
TW200822669A (en) 2008-05-16

Similar Documents

Publication Publication Date Title
WO2009158086A3 (en) Techniques for ensuring authentication and integrity of communications
WO2008024559A3 (en) Method and apparatus for authenticating applications to secure services
EP2081353A3 (en) System and method for digital signatures and authentication
WO2010015906A3 (en) Apparatus, systems and methods for authentication of objects having multiple components
GB2434673A (en) Method, device, and system of securely storing data
WO2008026060A3 (en) Method, system and device for synchronizing between server and mobile device
EP3001598B1 (en) Method and system for backing up private key in electronic signature token
WO2009151832A3 (en) Method and system for securing a payment transaction
WO2008095011A3 (en) Methods and systems for authentication of a user
WO2007125486A3 (en) Improved access to authorized domains
WO2006001916A3 (en) An apparatus and method for proving the denial of a direct proof signature
WO2007001328A3 (en) Information-centric security
JP2016139882A (en) Communication device, LSI, program and communication system
JP2013516685A5 (en)
WO2004114046A3 (en) System and method for public key infrastructure based software licensing
WO2008085447A3 (en) Securely recovering a computing device
WO2007096871A3 (en) Device, system and method of accessing a security token
ATE406726T1 (en) METHOD AND APPARATUS FOR STORING CRYPTOGRAPHIC KEYS, WHICH KEY SERVERS ARE AUTHENTICATED THROUGH POSSESSION AND SECURE DISTRIBUTION OF STORED KEYS
EP1898370A3 (en) IC card, and access control method
CN104052606A (en) Digital signature, signature authentication device and digital signature method
WO2010011921A8 (en) Http authentication and authorization management
TW200732979A (en) Card capable of authentication
WO2009131656A3 (en) System and method for secure remote computer task automation
TW200729890A (en) Device and method for key block based authentication
WO2003027800A3 (en) Method and apparatus for secure mobile transaction

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200780025765.9

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 2007810186

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2009518355

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 1020097000391

Country of ref document: KR

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07810186

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: RU