CN102981980A - Method for control access in storage device - Google Patents
Method for control access in storage device Download PDFInfo
- Publication number
- CN102981980A CN102981980A CN201210277333XA CN201210277333A CN102981980A CN 102981980 A CN102981980 A CN 102981980A CN 201210277333X A CN201210277333X A CN 201210277333XA CN 201210277333 A CN201210277333 A CN 201210277333A CN 102981980 A CN102981980 A CN 102981980A
- Authority
- CN
- China
- Prior art keywords
- tree
- access
- license
- memory storage
- acr
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003860 storage Methods 0.000 title claims abstract description 55
- 238000000034 method Methods 0.000 title claims description 101
- 230000015654 memory Effects 0.000 claims abstract description 33
- 230000005055 memory storage Effects 0.000 claims description 71
- 238000004422 calculation algorithm Methods 0.000 claims description 42
- 230000008859 change Effects 0.000 claims description 23
- 238000004891 communication Methods 0.000 claims description 9
- 238000013475 authorization Methods 0.000 claims description 7
- 230000006870 function Effects 0.000 claims description 7
- 230000008520 organization Effects 0.000 claims 6
- 230000008569 process Effects 0.000 description 60
- 238000005192 partition Methods 0.000 description 42
- 238000010586 diagram Methods 0.000 description 28
- 238000007726 management method Methods 0.000 description 22
- 230000004044 response Effects 0.000 description 22
- 238000012217 deletion Methods 0.000 description 16
- 230000037430 deletion Effects 0.000 description 16
- 238000012545 processing Methods 0.000 description 13
- 238000012795 verification Methods 0.000 description 12
- 230000009471 action Effects 0.000 description 10
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 7
- 101000619805 Homo sapiens Peroxiredoxin-5, mitochondrial Proteins 0.000 description 6
- 102100022078 Peroxiredoxin-5, mitochondrial Human genes 0.000 description 6
- 230000000903 blocking effect Effects 0.000 description 6
- 230000007246 mechanism Effects 0.000 description 6
- 238000013461 design Methods 0.000 description 5
- 230000008878 coupling Effects 0.000 description 4
- 238000010168 coupling process Methods 0.000 description 4
- 238000005859 coupling reaction Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 4
- 238000007689 inspection Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 3
- 238000010276 construction Methods 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 230000001413 cellular effect Effects 0.000 description 2
- 239000003795 chemical substances by application Substances 0.000 description 2
- 238000013524 data verification Methods 0.000 description 2
- 230000002349 favourable effect Effects 0.000 description 2
- 238000002955 isolation Methods 0.000 description 2
- 230000036961 partial effect Effects 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 230000002441 reversible effect Effects 0.000 description 2
- 101100161875 Arabidopsis thaliana ACR2 gene Proteins 0.000 description 1
- 101100495264 Arabidopsis thaliana CDC25 gene Proteins 0.000 description 1
- 241001269238 Data Species 0.000 description 1
- 101000952227 Drosophila melanogaster Sphingolipid delta(4)-desaturase DES1 Proteins 0.000 description 1
- 108700007698 Genetic Terminator Regions Proteins 0.000 description 1
- 241000600169 Maro Species 0.000 description 1
- 101100380266 Saccharomyces cerevisiae (strain ATCC 204508 / S288c) ARR2 gene Proteins 0.000 description 1
- 102100037416 Sphingolipid delta(4)-desaturase DES1 Human genes 0.000 description 1
- 101150004068 acrB gene Proteins 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000002457 bidirectional effect Effects 0.000 description 1
- 230000033228 biological regulation Effects 0.000 description 1
- 230000003139 buffering effect Effects 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 230000010267 cellular communication Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000006731 degradation reaction Methods 0.000 description 1
- 238000000151 deposition Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 239000003999 initiator Substances 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 230000002427 irreversible effect Effects 0.000 description 1
- 230000002045 lasting effect Effects 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000007620 mathematical function Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
- 230000008929 regeneration Effects 0.000 description 1
- 238000011069 regeneration method Methods 0.000 description 1
- 238000007789 sealing Methods 0.000 description 1
- 230000001568 sexual effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 239000007858 starting material Substances 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 210000002700 urine Anatomy 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1458—Protection against unauthorised use of memory or access to memory by checking the subject access rights
- G06F12/1491—Protection against unauthorised use of memory or access to memory by checking the subject access rights in a hierarchical protection system, e.g. privilege levels, memory rings
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2103—Challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2113—Multi-level security, e.g. mandatory access control
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2117—User registration
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2145—Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
Abstract
The mobile storage device may be provided with a system agent that is able to create at least one hierarchical tree comprising nodes at different levels for controlling access to data stored in the memory by corresponding entities. Each node of the tree specifies permission or permissions of a corresponding entity or entities for accessing memory data. The permission or permissions at the node of each of the trees has a predetermined relationship to permission or permissions at nodes at a higher or lower or the same level in the same tree. Thus, the mobile storage devices may be issued without any trees already created so that the purchaser of the devices has a free hand in creating hierarchical trees adapted to the applications the purchaser has in mind. Alternatively, the mobile storage devices may also be issued with the trees already created so that a purchaser does not have to go through the trouble of creating the trees. In both situations, preferably certain functionalities of the trees can become fixed after the devices are made so that they cannot be further changed or altered. This provides greater control over access to the content in the device by the content owner. Thus, in one embodiment, the system agent can preferably be disabled so that no additional trees can be created.
Description
The application is that application number is 200580048232.3, the applying date is on Dec 21st, 2005, denomination of invention is divided an application for the application for a patent for invention of " being used for creating the system of the control structure of Versatile content control ".
Technical field
The present invention relates generally to accumulator system, more particularly, relates to a kind of accumulator system with Versatile content controlling feature.
Background technology
Calculation element market is just towards comprising that at flash memory device the content storage is in order to increase the future development of average income by producing more exchanges data.This means the described content that when being used for the content in the mobile storage media on the calculation element, needs protection.Content comprises valuable data, and this can be the data that the colony except the people who makes or sell described memory storage has.
The 6th, 457, a kind of memory storage with cryptographic capabilities is described in No. 126 United States Patent (USP)s.Yet the ability that this device provides is very limited.Therefore, need to provide a kind of accumulator system with more Versatile content controlling feature.
Summary of the invention
Content protecting in the mobile storage media can relate to the data in the encrypted media, but so that only authorized user or application program access are used for encrypting the key of the data that are stored in media.In some existing systems, be used for the key storage of encryption and decryption data at the device of mobile storage media outside.In this type of situation, the company or the individual that have content entitlement rights and interests may be to the not a lot of controls of the use of content in the media.Be present in the media outside owing to be used for the key of encrypted media data, thereby the available mode that not controlled by the content owner is delivered to another with this key from a device and installs.According to a feature of the present invention, if the encrypt-decrypt key storage in media self and in fact can not be by the external device (ED) access, the owner of owner's equity will occupy the better position of content in the control access media so.
By so that basically can not be from media external access key, this feature provides portability to secure content.Therefore, the memory storage that contains the secure content of encrypting with this type of key can be used for coming access by various host apparatus, and does not have the danger of breach security, because described device has the proprietary control to access keys.Only have those host apparatus with suitable certificate can the described key of access.
In order to strengthen the commercial value that is stored in the content in the mobile storage media, need the owner of content entitlement rights and interests can be with different permissions to different entities to be used for access content.Therefore, another feature of the present invention is based on following understanding: can store for authorizing different licenses (for example, to different through authorized entity) to be stored in data access strategy in the media with access.The system that incorporates the combination that described two above-mentioned features are arranged into is especially favourable.On the one hand, content owner or the owner have by controlling the ability of access content with the inaccessible key of external device (ED) in fact, and have simultaneously the ability of authorizing the difference license that is used for access media content.Therefore, even externally device obtains in the situation of access, its access still can be recorded in the difference license domination by content owner or owner's setting in the medium.
Another feature is based on following understanding: when in the flash access device, implementing above-mentioned strategy (wherein with different permissions to different through authorized entity), this cause to content protecting be particularly useful media.
Many memory storages are not known file system, and many main frame devices read and data writing with document form.According to another feature, host apparatus provide key with reference to or ID, and accumulator system produces the key value be associated with described key ID as response, the data of the file that wherein said key value is associated with described key ID for Cipher Processing.Main frame carries out related with treating the file by the accumulator system Cipher Processing described key ID.Therefore, as handle, storer keeps the generation of the key value that is used for Cipher Processing and the complete and proprietary control of use by described handle key ID by calculation element and storer, and the main frame maintenance is to the control of file.
In some flash memory devices of for example smart card, the card controller managing file system.In the flash memory device of for example many other types of flash memory, magnetic disc or laser disc, Setup Controller is not known file system; But Setup Controller relies on host apparatus (for example, personal computer, digital camera, MP3 player, personal digital assistant, cellular phone) and comes managing file system.Various aspect of the present invention can easily be incorporated in the memory storage of these a little types, and wherein said device is not known file system.This means and to put into practice various feature of the present invention at various existing flash memory devices and need not to redesign such device so that the Setup Controller in the such device becomes and knows and can managing file system.
The tree construction of storing in the medium provides for entity and can carry out and so on controlling after just obtaining access.Each node of tree is specified for the license that obtains the entity of entrance by this node of tree.Some trees have different brackets, and wherein the one or more licenses at one or more licenses of the Nodes of tree and another Nodes of higher or lower or same levels in same tree have predetermined relationship.By requiring entity to observe license in the appointment like this of each Nodes, the tree feature of this application program allows the content owner to control which entity can be taken action and which action each entity can take, and whether to have a different brackets irrelevant with tree for this.
For the commercial value that can be provided by the mobile storage media is provided, need flash memory device can support simultaneously an above application program.When the positive simultaneously access of two or more application programs flash memory device, may importantly can separate the operation of described two or more application programs, so that it can not be called the phenomenon of cross-talk and interfering with each other with this paper.Therefore, another feature of the present invention is based on following understanding: can provide two or more that be preferably classification to set to be used for the control access memory.Each tree comprises node to be used for control respective sets entity to data access at different brackets, and wherein the node of each tree specifies described one or more corresponding entity to be used for one or more licenses of access memory data.One or more licenses at described one or more licenses of the Nodes of each tree and another Nodes of higher in same tree or lower grade have predetermined relationship.Preferably, there is not cross-talk at least between the two in described tree.
According to above, will see that obviously tree is the strong structure that can be used for content security.An important control that provides is the establishment of control tree.Therefore, according to another characteristic of the invention, flash memory device can possess can create at least one classification tree System Agent of (it comprises node to be used for being stored in by corresponding entity control access the data of storer at the different brackets place).Each node of tree specifies one or more corresponding entities to be used for one or more licenses of access memory data.One or more licenses at described one or more licenses of the Nodes of each tree and the Nodes of higher or lower in same tree or same levels have predetermined relationship.Therefore, can issue flash memory device in the situation that not yet creates any tree, so that the buyer of device can freely create classification tree, described classification tree is applicable to the application program that the buyer considers.The buyer perhaps, can in the situation that creates tree, issue flash memory device, so that needn't experience the trouble that creates tree.In both cases, preferably, it is fixing that the particular functionality of tree becomes after device is made, so that can not further change or revise described functional.This provides the content owner the more by force control to content access in the device.Therefore, in one embodiment, can preferably forbid System Agent, so that can not create extra tree.
In some flash memory devices, provide content protecting by storer being divided into a plurality of isolated areas, wherein the access protected field requires formerly authentication.Although this feature provides certain protection, it can not be protected in order to avoid obtain user's access of password by back door.Therefore, another aspect of the present invention is based on following understanding: can provide a kind of mechanism or structure that storer is divided into a plurality of subregions, and so that at least some the data available key in the described subregion is encrypted, so that except the needed authentication of some described subregion of access, may need one or more keys of access to decipher encrypted data in this type of subregion.
In some applications, can be more easily so that the user can use an application program login accumulator system, and then can come the access protected content and need not again to login with different application.In this type of situation, the user wants all the elements of in this way access to be associated with the first account, so that can come all these type of contents of access and need not repeatedly to login via different application (for example, music player, Email, cellular communication).Then can with not on the same group authentication information be used for login to be accessed in the account's different from the first account protected content, even described different account is for same subscriber or entity.
Can be separately in storage system with above-mentioned feature or can any combination make up above-mentioned feature, with control that the content owner is provided and/or the stronger versatility of protection.
Description of drawings
Fig. 1 is the block scheme that can be used for illustrating accumulator system of communicating by letter with host apparatus of the present invention.
Fig. 2 be storer different subregions be stored in different subregions in unencryption and the synoptic diagram of encrypt file, wherein access particular zones and encrypt file are by the control of access strategy and authentication procedure, described synoptic diagram is in order to illustrate embodiments of the invention.
Fig. 3 is the synoptic diagram of the storer of different subregions in the explanation storer.
Fig. 4 is the synoptic diagram for the document location table of the different subregions of storer shown in Figure 3, and some file in the wherein said subregion is through encrypting with the explanation embodiments of the invention.
Fig. 5 is access control record in the access controlled record group and the synoptic diagram of the key reference that is associated, and it is in order to illustrate embodiments of the invention.
Fig. 6 is the synoptic diagram that is recorded the tree construction that forms by access controlled record group and access controlled, and it is used for the explanation embodiments of the invention.
Fig. 7 is the synoptic diagram of tree of three classification trees of explanation access controlled record group, and it is in order to illustrate the forming process of described tree.
Fig. 8 A and 8B are that explanation is by the process flow diagram of the process of host apparatus and storage arrangement (for example, for the storage card that creates and use system access control record) execution.
Fig. 9 is that explanation creates the process flow diagram that access controlled records the process of group with system access control record, and it is in order to illustrate the present invention.
Figure 10 is the process flow diagram that explanation is used for the process of establishment access control record.
Figure 11 is the synoptic diagram of two access control record groups that can be used for illustrating the application-specific of classification tree.
Figure 12 is the process flow diagram that explanation is used for the process of mandate specific rights.
Figure 13 is the synoptic diagram of access controlled record group and access control record, and it is in order to illustrate the licensing process of Figure 12.
Figure 14 is the process flow diagram that explanation is used for creating the process of the key that is used for encryption and/or deciphering purpose.
Figure 15 is that explanation is used for recording to cancel access rights and/or for the process flow diagram of the process of the license of data access according to access controlled.
Figure 16 is that explanation is deleted or ask the process flow diagram of the process of access when having expired when access rights and/or access permission.
Figure 17 A and Figure 17 B are the synoptic diagram that explanation is used for the regular texture that authenticates and the tissue of the strategy that is used for the authorize access cryptographic key, and it is in order to illustrate another embodiment of the present invention.
Figure 18 is the process flow diagram that explanation authenticates when opening some dialogues and access is talked with.
Figure 19-the 22nd illustrates the process flow diagram of different authentication process.
For the purpose of simplifying the description, in this application case, mark similar elements with same numbers.
Embodiment
The block diagram illustrating of Fig. 1 wherein can be implemented the example memory system of the various aspects of the present invention.As shown in Figure 1, accumulator system 10 comprises CPU (central processing unit) (CPU) 12, buffer management unit (BMU) 14, host interface module (HIM) 16 and flash interface module (FIM) 18, flash memory 20 and peripheral access module (PAM) 22.Accumulator system 10 is communicated by letter with host apparatus 24 with port 26a by host interface bus 26.The flash memory 20 that can be the NAND type provides the data storage for host apparatus 24.Also the software code of CPU 12 can be stored in the flash memory 20.FIM 18 is connected to flash memory 20 by flash interface bus 28 and port 28a.HIM 16 is suitable for being connected to for example host computer system of digital camera, personal computer, personal digital assistant (PDA), digital media player, MP-3 player, cellular phone or other digital device.The suitable controller module that peripheral access module 22 is selected for example FIM, HIM and BMU is communicated by letter with CPU 12 being used for.In one embodiment, all elements of the system 10 in the dotted line frame can be packed in the individual unit of storage card for example or rod 10 ' and preferably with its sealing.
Although this paper reference flash storer illustrates the present invention, the present invention is also applicable to the storer of other type, for example the rewritable nonvolatile memory system of magnetic disc, optics CD and other type.
For the improvement security that is stored in the content in the storer 20, accumulator system 10 produces the key value that is used for encryption and/or deciphering, and wherein this value in fact can not be by the external device (ED) access of for example host apparatus 24.Yet, usually be encrypted and decipher file one by one, because host apparatus is with the form reading out data of file with writing data into memory system 10.As the memory storage of many other types, storage arrangement 10 is not known file or file system.Although the file allocation table (FAT) of the logical address of file is wherein identified in storer 20 storages, described FAT is not by controller 12 accesses and management by host apparatus 24 usually.Therefore, in order to encrypt the data in the specific file, controller 12 will rely on the logical address that host apparatus sends the data in the file in the storer 20, and system's 10 obtainable key values are encrypted and/or decipher it so that can be found the data of specific file and only be used by system 10.
For both provide handle with reference to the same key that is used for processing cryptographically the data of file for host apparatus 24 and accumulator system 10, host apparatus provides the reference for each key value that is produced by system 10, and wherein this reference can be key ID simply.Therefore, it is related that each file that main frame 24 will be processed cryptographically by system 10 and key ID are carried out, and system 10 will carry out related with the key ID that is provided by main frame for each key value of deal with data cryptographically.Therefore, when host requests was processed file cryptographically, it will be the request with key ID together with treating that the logical address of taking out or being stored in the data the storer 20 from storer 20 sends to system 10.System 10 produces key values, and will be worth therewith by the key ID that main frame 24 provides and carry out association, and carries out Cipher Processing.In this way, do not need accumulator system 10 operation and allow simultaneously its mode of using key to control encryption (comprising the proprietary access to key value) fully to make change.In other words, system 10 continues to allow main frame 24 to come management document by the proprietary control that has FAT, and it is kept producing and manage the proprietary control of the key value that is used for Cipher Processing.Host apparatus 24 does not participate in producing and manage the key value for the Cipher Processing of data.
The key ID that is provided by main frame 24 and the key value that is produced by accumulator system form two quantitative attributes, hereinafter are called in one embodiment " contents encryption key " or CEK.Although it is related that main frame 24 can carry out each key ID and one or more files, main frame 24 also can with each key ID and organising data not or by any way the data of the tissue data of complete file (and be not limited to be organized into) carry out related.
In order to make user or application program protected content or the zone in can access system 10, need to authenticate with the certificate to system's 10 registrations in advance.Certificate is bound with the access rights with this Credentialing specific user or application program.In the registered in advance process, the certificate of system 10 storage identity records and user or application program and the access rights that is associated with this identification of being determined by user or application program and providing by main frame 24 and certificate.After finishing the registered in advance process, when user or application requests during with writing data into memory 20, need to provide its identity and certificate, the key ID that is used for enciphered data and the logical address that will store encrypted data by host apparatus.System 10 produces key values, and this value and the key ID that is provided by host apparatus is carried out related, and will be stored in for the key ID of the key value of encrypting data to be written it for the record of this user or application program or shows.It is enciphered data and encrypted data is stored in by place, the address of main frame appointment subsequently, and the key value of storing its generation.
When user or application requests read encrypted data from storer 20, it provided its identity and certificate, the key ID of the previous key that is used for encrypting institute's request msg and the logical address of storage encrypted data with needs.User or application identity and the certificate that system 10 then will be provided by main frame and be stored in its record those and mate.If their couplings, system 10 then will take out the key value that is associated with the key ID that is provided by user or application program from its storer so, decipher the data that are stored in by the place, address of host apparatus appointment with key value, and data decryption user or application program have been sent to.
By certificate of certification is separated with the key management that is used for Cipher Processing, then can be in the situation of not sharing certificate the right of shared access data.Therefore, but have a user of group of different certificates or the same key that the application program access is used for the access identical data, and the user outside this group can not access.But although all users in the group or application program access identical data, it still can have different rights.Therefore, some can have a read access, and other can have and only write access, and other can have both.Because system 10 keeps user or application identity and certificate, its accessible key ID and for the record of the access rights that is associated of each key ID, thereby system 10 can increase or delete key ID and change the access rights that is associated with these key IDs for specific user or application program, make access rights between user or application program, authorize each other or even deletion or increase record or table for user or application program, this everything is controlled by the host apparatus of suitably authentication.The record of storing can be specified needs escape way to come the access specific key.Can authenticate with symmetrical or asymmetric algorithm and password.
The particularly important is the portability of protected content in the accumulator system 10.Since key value be produced by accumulator system and in fact external system can not obtain, thereby when with accumulator system or when incorporating the memory storage that described system is arranged into and transferring to another external system from an external system, the safety that is stored in content is wherein safeguarded, and external system can not this content of access, unless it is to obtain authentication by the mode of accumulator system control fully.Even after so authenticating, access is also fully by accumulator system control, and external system only can be come access according to the mode of the control of the preset recording in the accumulator system.If these records are not observed in request, request will be rejected so.
For larger dirigibility is provided when protecting content, design only can be by the user through suitably authenticating or some zone hereinafter referred to as subregion of application program access memory.When with the Feature Combination of above-mentioned data encryption based on key, system 10 provides the larger data protective capability.The embodiment of SanDisk of the present invention card of new generation as shown in Figure 2, flash memory 20 can be divided into its storage capacity some subregions: user area or subregion and customization subregion.User area or subregion P0 can be by all users and application program accesses in the situation that need not to authenticate.Although can read or write by any application program or user all place values of the data that are stored in the user area, if but that data read is encrypted, do not decipher so the user of authority or application program can not access by the represented information of place value that is stored in the user area.This illustrates by the file 102 and 104 that (for example) is stored among the P0 of user area.Be stored in equally and also have unencryption file (for example 106) in the user area, it can be read and understood by all application programs and user.Therefore, in the mode of symbolic representation, use the lock that is associated with the file of for example file 102 and 104 to show the file of having encrypted.
Although unwarranted application program or user can not understand the encrypt file among the P0 of user area, these application programs or user still may can delete or destroy file, and this may be bad for some application programs.For this purpose, storer 20 also can comprise protected customization subregions such as subregion P1 and P2, and described subregion can not carry out access in the situation without previous authentication.Hereinafter explain the verification process that allows among the embodiment of this application case.
Illustrate such as Fig. 2 equally, but the file in multiple user or the application program access memory 20.Therefore, show user 1 and 2 and application program 1 to 4 (in the device operation) among Fig. 2.Before the protected content in allowing these entity access memories 20, these entities at first authenticate in the mode of hereinafter explaining by verification process.In this process, need to ask the entity of access to carry out the access control based on task in host computer side identification.Therefore, the entity of request access at first comes Urine scent by the information that " I am that application program 2 and I want file reading 1 " for example is provided.Controller 12 then with identity, authentication information and request and be stored in storer 20 or controller 12 in record mate.If satisfy all requirements, so then to this Entity Authorization access.Such as Fig. 2 explanation, allow the file 101 of user 1 from subregion P1 to be read or written to file 101, but come the file 106 from P0 to read and write to the file 106 except user 1 has unqualified right, only can read file 102 and 104.On the other hand, do not allow user's 2 accessing files 101 and 104, but user 2 can read and writing in files 102.Such as Fig. 2 indication, user 1 and 2 has identical login algorithm (AES), and application program 1 and 3 has different login algorithms (for example, RSA and 001001), and these algorithms also are different from those algorithms of user 1 and 2.
Safe storage application program (SSA) is the security application of accumulator system 10, and the embodiment that can be used for implementing many above-mentioned features of the present invention is described.The database of storing in the nonvolatile memory (not shown) among available memory 20 or the CPU 12 is embodied as software or computer code with SSA, and it is read among the RAM 12a and carried out by CPU 12.In following table, set forth the acronym that uses about SSA:
Definition, Shou Zimusuoxie ﹠amp; Abbreviation
| ACR | The access control record |
| AGP | ACR group |
| CBC | Chain type block password |
| CEK | Contents encryption key |
| ECB | Electronic codebook mode |
| ACAM | The ACR attribute management |
| PCR | License control record |
| SSA | The safe storage application program |
| Entity | Therefore have login SSA and utilize anything of its functional true and individualism (host computer side) |
The SSA system is described
Data security, integrality and access control are the main tasks of SSA.Described data are the files that originally will be stored in simply on the mass storage device of certain type.The SSA system is positioned on the storage system and increases the safe floor of the Hosts file that is used for storing.
The main task of SSA be the management from storer in the different rights that (and safety) content is associated of storing.Storage application need to be managed the content that a plurality of users and content rights are stored to be multiplied.See the visible driver of this type of application program and subregion and management and describe the file allocation table (FAT) of the position of the stored file on the memory storage from the host application program of its side.
In the case, memory storage uses and is divided into the NAND flash chip of a plurality of subregions, but also can use other flash memory device and these other devices to belong in the scope of the invention.These subregions are continuous threads of logical address, and wherein start and end address defines its border.Therefore, if necessary, can add restriction to the access of hidden partition, this carries out by means of related software (for example, be stored in the storer 20 software) is carried out in the address in this type of restriction and this type of border.Subregion can be identified by its logical address border (by the SSA management) by SSA fully.The SSA system comes on entity protected data to avoid undelegated host application program access with subregion.For main frame, subregion is the mechanism that defines the entitlement space of storing data files.These subregions can be shared, wherein anyone of accessing storage devices can see and know the existence of subregion on the device, perhaps these subregions can be privately owned or hide, but wherein only selected host application program access and know the existence of subregion in the memory storage.
Fig. 3 be the explanation storer subregion P0, P1, P2 and P3 (significantly, can adopt be less than or more than four subregions) the synoptic diagram of storer, wherein P0 is can be by the public subregion of any entity access in the situation that need not to authenticate.
Privately owned subregion (for example P1, P2 or P3) is hidden the access to the file in it.By preventing the described subregion of host accessing, flash device (for example, flash cards) provides the protection to the data file in the subregion.Yet this kind protection is limited to swallow up to reside on All Files in the hidden partition by the data that access are stored in the logical address place in the described subregion.In other words, described restriction is associated with the logical address of a scope.All user/main frames that can the described subregion of access are its inner All Files of access unrestrictedly.For with different files-or file group-be isolated from each other, the SSA system use key and key with reference to or key ID to each file-or file group-provide security and the integrality of another grade.Can liken key reference or key ID for the specific key value that is encrypted in the data of locating different memory accesses address to contain encrypted data container or field.Given this reason in Fig. 4, is shown as the file zone on every side of using the key value encryption that is associated with key ID with key reference or key ID (for example, " key 1 " and key " 2 ") with graphics mode.
Referring to Fig. 4, for instance, file A can need not any authentication by all entity accesses, because file A is not surrounded by any key ID through being shown as.Even the file B in the public subregion can be read or be rewritten by all entities, file B also contains the data of encrypting with the key with ID " key 1 ", so that contained information can not be by the entity access, unless this entity can this key of access among the file B.In this way, use the reference of key value and key or key ID that virtual protection only is provided, this and the protection type opposite that is provided by above-mentioned section post.Therefore, but any main frame of access subregion (public or privately owned) can read or write the data in the whole subregion, comprises encrypted data.Yet because data are encrypted, thereby unwarranted user only can destroy it.It preferably can have to change data or usage data in the situation about detecting.By the access of restriction to encryption and/or decruption key, this feature can only allow authorized entity usage data.Also can use the key that has key ID " key 2 " among the P0 to come encrypt file B and C.
Can provide data confidentiality and integrality by the symmetric encryption method (the corresponding a kind of method of each CEK) of using contents encryption key (CEK).In SSA embodiment, produce CEK by the inner flash device (for example, flash cards) that uses only, and CEK is remained the secret that is unknown to the external world.Through encrypt or the data of encipherment also can be hashed or password by the chain type chunk, to guarantee data integrity.
And all data in the case of non-partitioned are encrypted by different keys and are associated from different key IDs.In the public or user file or operating system zone (that is, and some logical address in FAT) can be with any key or key with reference to not being associated, but and therefore can be obtained by any entity of the described subregion of self access.
Require create key and subregion and data are write subregion or from the subregion reading out data or use the entity of the ability of key need to record by access control (ACR) login SSA system.The privilege of ACR in the SSA system is called as action.Each ACR can have to carry out the license of the action of following three kinds: create the division and key/key ID, access subregion and key and other ACR of establishment/renewal.
ACR is organized into the group that is called ACR group or AGP.In case success identity ACR, the SSA system just opens dialogue, can carry out any ACR action by described dialogue.
User partition
One or more public subregions (being also referred to as user partition) of SSA system management.This subregion is present on the memory storage, and is to read by the standard of memory storage the subregion that writes the order access.Acquisition about partition size with and the information that is present on the device preferably can not hide to host computer system.
The SSA system makes it possible to read by standard and writes order or SSA orders this (a bit) subregion of access.Therefore, the access subregion preferably can not be only limited to specific ACR.Yet the SSA system can be so that host apparatus can limit the access to user partition.Can enable separately/forbid and read and write access.Allow all four combinations (for example, only write, read-only (write protection), read and write and without access).
The SSA system so that ACR can carry out related with file in the user partition key ID and use the key that is associated with these key IDs to encrypt each file.To use SSA command group (detailed description about SSA order please refer to appendix A---in appendix, key ID is called " field ") to carry out the encrypt file in the access user partition and set access rights to described subregion.Above feature also is applicable to without the data that are organized into file.
The SSA subregion
These are hiding (hiding to host operating system or the OS) subregions that can only order access by SSA.Except by by signing in to the dialogue that ACR sets up (hereinafter describing), the SSA system will preferably not allow host apparatus access SSA subregion.Similarly, SSA preferably will not provide the information about existence, size and the access permission of SSA subregion, unless this request spreads out of from the dialogue of setting up.
From the ACR license, derive the access rights to subregion.In case ACR signs in in the SSA system, its just can with other ACR (hereinafter describe) shared partition.When creating the division, main frame is provided for reference title or the ID (for example, the P0-P3 among Fig. 3 and 4) of described subregion.This further reads and writes order with reference to being used for to described subregion.
The subregion of memory storage
Preferably, all available storage of device are distributed to the SSA subregion of user partition and current configuration.Therefore, any again division operation can relate to reconfiguring existing subregion.The clean change of installed capacity (the big or small summations of all subregions) will be zero.Define the ID of the subregion in the device storage space by host computer system.
Host computer system can be two less subregions with an existing subregion again subregion, or two existing subregions (can be adjacent or non-conterminous) are merged into one.Determined by main frame, erasable through dividing or merging the data in the subregion or make it uninfluenced.
Because the again subregion of memory storage can cause data degradation (perhaps because it is wiped free of or is mobile) everywhere in the logical address space of memory storage, thus by the SSA system management for the again strict restriction of subregion.The ACR that only allows to reside in root AGP (hereinafter explaining) sends again subregion order and it only can be with reference to its subregion that has.Because the SSA system do not know how to organize data into subregion (FAT or other file system structure), thereby main frame is responsible for device being carried out again whenever these structures of reconstruction of subregion.
Again the subregion of user partition will change size and other attribute of this subregion that main frame OS sees.
After subregion again, host computer system is responsible for guaranteeing that any ACR in the SSA system is not with reference to non-existing subregion.If these ACR are not suitably deleted or upgrade, will detect and refuse by system the effort in future (with the name of these ACR) of the non-existing subregion of access so.For deleting key and key ID, adopt similar looking after.
Key, key ID and virtual protection
When file is written to specific hidden partition, it is hidden to the public.But, in case entity (hostile or non-hostile) acquisition to understanding and the access of this subregion, file just becomes available and is easy to see.For further protected file, SSA can be in hidden partition encrypts it, wherein is used for certificate that access is used for the key of declassified document and preferably is different from certificate for the described subregion of access.Because file is not the fact of (by the complete control and management of main frame) known to the SSA, carrying out related with file CEK is a problem.Something or other-key ID that file chaining is known to SSA-this problem is corrected.Therefore, when creating key by SSA, main frame will be associated with the data that the key that creates with SSA is encrypted for the key ID of this key.
Key value and key ID provide logical security.Use identical content encryption key (CEK) (it provides by host application program is unique when creating with reference to title or key ID) to encrypt all data that are associated with given key ID, and no matter its position how.Obtain access (via by the ACR authentication) to hidden partition such as sporocarp, and wish to read or write the encrypt file in this subregion, so its need can access key ID associated with the file.When authorize access during for the key of this key ID, SSA loads the key value among the CEK that key ID therewith is associated, and before data are sent to main frame with its deciphering or writing data into before the flash memory 20 its encryption.To create at random and then kept by it by the SSA system is disposable with the key value among the CEK that key ID is associated.SSA system outside do not have device know or access CEK in this key value.The external world only provides and uses reference or key ID, and is not the key value among the CEK.Key value is managed fully by SSA and only can be by the SSA access.
The SSA system protects the data (key value among employed actual cryptographic algorithm and the CEK is subjected to system's control and does not reveal to the external world) that are associated with key ID with in the following encryption mode any one:
Block mode-data are divided into piece, each is encrypted to it respectively.It has been generally acknowledged that this pattern is more dangerous and be subject to dictionary attack.Yet it will allow in user's Random Access Data piece any one.
Chain pattern-data are divided into piece, it is linked in ciphering process.With the input of each piece as next ciphering process.Although think that this pattern is safer, this pattern requires always to write according to the order of sequence from start to end and reading out data, thereby causes the overhead of always not accepting for the user.
Hash-the have chain pattern of the extra establishment of the data summarization that can be used for verification of data integrity
ACR and access control
SSA to process a plurality of application programs, wherein is expressed as each application program the node tree in the system database through design.There is not cross-talk to realize mutual repulsion between the application program between the branch by guaranteeing to set.
In order to obtain the access to the SSA system, entity need to connect via the one among the ACR of system.Come the administrative login program by the SSA system according to the definition that is embedded among the connected ACR of user selection.
ACR is each login point to the SSA system.ACR holds login certificate and authentication method.The intrasystem login of SSA that also has that resides on equally in the record is permitted, is to read and write privilege in the middle of described license.This illustrates that in Fig. 5 Fig. 5 illustrates n ACR among the identical AGP.This means that at least some can share the access to same key among the described n ACR.Therefore, ACR# 1 and ACR#n share the access to the key with key ID " key 3 ", and wherein ACR# 1 and ACR#n are ACR ID, and " key 3 " is for the key ID for the key of encrypting the data that are associated with " key 3 ".Also can encrypt and/or decipher a plurality of files or multi-group data with same key.
The SSA system supports the login to system of some types, and wherein identifying algorithm and user certificate can change, and also can change in case same user successfully logins its privilege in system.Fig. 5 illustrates different login algorithms and certificate again.ACR# 1 requires password login algorithm and password as certificate, and ACR# 2 requires PKI (PKI) login algorithm and Public key as certificate.Therefore, in order to login, entity shows effective ACR ID and correct login algorithm and certificate with needs.
In case entity signs in among the ACR of SSA system, just its license of definition (it uses the right of SSA order) in the license control record (PCR) that is associated with ACR.In Fig. 5, according to the PCR that shows, the ACR# 1 pair of data that are associated with " key 3 " are authorized read-only license, and the ACR# 2 pair of data that are associated with " key 5 " are authorized and read and write license.
But common rights and interests and the privilege of (in the key that for example, is used for reading and writing) in the different ACR shared systems.In order to realize this purpose, the ACR that will have common point is grouped into AGP (ACP group).Therefore, ACR# 1 and ACR#n share the access to the key with key ID " key 3 ".
Organize the ACR of AGP and Qi Nei with classification tree, and therefore except creating the safe key that keeps sensitive data safety; ACR can preferably also create other ACR entity corresponding to its key ID/subregion.These ACR filial generations will have identical with its parent (founder) or than its license of lacking, and can be given the license of the key that creates for parent ACR self.Much less, filial generation ACR obtains the access permission to any key of its establishment.This illustrates in Fig. 6.Therefore, all ACR among the AGP 120 are created by ACR 122, and two licenses that this type of ACR inherits the data access that is associated with " key 3 " from ACR 122.
AGP
By specifying the ACR in AGP and the AGP to sign in in the SSA system.
Each AGP has unique ID (with reference to title), and it is as the index of its entrance in the SSA database.When creating AGP, provide the AGP title to the SSA system.If Already in the system, SSA will refuse creation operation to the AGP title that provides so.
Manage for the restriction of authorize access with the management license, as will in following part, describing with AGP.One of function that is provided by two trees among Fig. 6 is that management is by the access of the entity (for example two different applications or two different computer users) that separates fully.For this type of purpose, its two access procedures for (that is, in fact without cross-talk) independent of one another in fact are important, even two processes occur simultaneously.The establishment that this means authentication, license in each tree and extra ACR and AGP be not connected to other tree those and do not rely on those of other tree.Therefore, when using the SSA system in storer 10, this allows accumulator system 10 to serve simultaneously a plurality of application programs.It also allows the independently of one another data of two discrete group of access (for example, one group of photo and a suite of song are bent) of described two application programs.This illustrates in Fig. 6.Therefore, be used for that node (ACR) via the tree of the top section of Fig. 6 carries out the application program of access or user's " key 3 ", the data that " key X " and " key Z " is associated can comprise photo.The data that are associated with " key 5 " and " key Y " that be used for node (ACR) via the tree of the base section of Fig. 6 and carry out the application program of access or user can comprise song.Only when AGP did not have the ACR entity, the ACR of establishment AGP just had the license with its deletion.
The SSA entrance of entity: access control record (ACR)
ACR in the SSA system describes license entity and signs in to mode in the system.When entity signed in in the SSA system, it need to specify the ACR corresponding to the verification process that will carry out.ACR comprises license control record (PCR), and described PCR explanation user in a single day authenticated (defining among the ACR as shown in Figure 5) is just executable through authorizing action.The host computer side entity provides all ACR data fields.
When entity successfully signs in on the ACR, entity can be inquired all ACR subregions and key access permission and ACAM license (hereinafter explaining).
ACR?ID
When SSA system entity initialization login process, ACR ID corresponding to login method (as being provided by main frame when creating ACR) need to be provided for it, so that SSA will set up correct algorithm and select correct PCR when satisfying all logins and require.When creating ACR, provide ACR ID to the SSA system.
Login/identifying algorithm
Which kind of logging program which kind of certificate the identifying algorithm designated entities will and need the proof of user identity is provided with.The SSA system supports several standard login algorithm, this based on symmetrical or asymmetric password from without the program of program (with without certificate) and password-based to bidirectional identification protocol.
Certificate
The certificate of entity makes checking and authenticated corresponding to the login algorithm and by SSA.The example of certificate can be for password authentication password/PIN numbering, be used for the AES key of AES authentication etc.Type/the form of certificate (that is, PIN, symmetric key etc.) is through pre-defined and derive from certification mode; When creating ACR, provide it to the SSA system.The SSA system does not participate in definition, distributes and manage these certificates, except the authentication based on PKI, but wherein operative installations (for example, flash cards) produce RSA key to and exportable Public key produce to be used for voucher.
License control record (PCR)
PCR is illustrated in entity and signs in in the SSA system also successfully what authorizes by after the ACR verification process to entity.The license kind that has three types: the establishment that is used for subregion and key is permitted, is permitted to the access permission of subregion and key with for the management of entity-ACR attribute.
The access subregion
This part of PCR contains entity in the tabulation that is successfully completed ACR accessible subregion (using it to offer the ID of SSA system) after the stage.For each subregion, access type can be limited to only to be write or read-only, perhaps can specify all and write/read access rights.Therefore, the ACR# 1 among Fig. 5 can access subregion # 2 and and case of non-partitioned #1.The restriction of appointment is applicable to SSA subregion and public subregion among the PCR.
Can read and write order by the routine to the device (for example, flash cards) of dominating the SSA system or order the public subregion of access by SSA.When root ACR (hereinafter explaining) had to limit the license of public subregion through being created as, he can pass to described license his filial generation.ACR can preferably only limit routine and read and write the public subregion of order access.ACR in the SSA system can only be restricted aspect its establishment.In case ACR has the license in order to the public subregion of read/write, then preferably it can not be removed.
Access keys ID
This part of PCR contains the data that the accessible key ID tabulation of entity (as offered the SSA system by main frame) is associated when having met the ACR strategy with login process when entity.Specified key ID is associated with one or more files in residing on the subregion that comes across among the PCR.Because key ID is not associated with the logical address of installing in (for example, flash cards), thereby when an above subregion was associated with specific ACR, file can be in any one described subregion.But among the PCR specified key ID each have not on the same group access rights.The data that access is pointed to by key ID can be limited to only to be write or read-only, perhaps can specify all and write/read access rights.
ACR attribute management (ACAM)
This part describes the system property that can how to change in some cases ACR.
The ACAM action that can permit in the SSA system is:
Create/deletion/upgrade AGP and ACR.
Create/deletion subregion and key.
Authorize the access rights to key and subregion
Parent ACR preferably can not edit the ACAM license.This will preferably require deletion and again create ACR.Equally, preferably can not take the access permission to key ID that is created by ACR away.
Create/deletion/upgrade AGP and ACR
ACR can have the ability that creates other ACR and AGP.Creating ACR also can mean and authorize some or all of in its ACAM license that is had by its founder.The license that has to create ACR means the license that has for following action:
1. the certificate of definition and editor's filial generation---preferably, authentication method is in case just can not be edited by creating the ACR setting.Can in the border of the identifying algorithm that has defined for filial generation, change certificate.
2. delete ACR.
3. will create license and authorize filial generation ACR (therefore have grandson generation).
The ACR that has to create the license of other ACR has the license (although it does not probably have the license in order to release ACR) of authorizing the ACR of its establishment in order to the release license.Parent ACR will place the reference to its release person in filial generation ACR.
Parent ACR is the unique ACR that has to delete the license of its filial generation ACR.When ACR deleted the lower grade ACR of its establishment, all ACR of lower grade ACR generation were deleted equally automatically so thus.When ACR was deleted, all key IDs and the subregion of its establishment were deleted so.
Exist ACR can upgrade thus himself the record two exceptions:
Although password/PIN is set by founder ACR, only can be upgraded by the ACR that comprises it.
Root ACR can stay himself and its AGP deletion of depositing.
Authorize the access rights to key and subregion
ACR and its AGP are combined into the classification tree, and wherein the ACR of root AGP and Qi Nei is positioned at the top (for example, the root AGP 130 and 132 among Fig. 6) of tree.In the SSA system, can there be some AGP trees, although it is fully separated from one another.ACR in the AGP can with the access permission of its key is authorized among the same AGR at its place all ACR and by all ACR of its establishment.Preferably include to authorize access permission to use the license of key in order to the license that creates key.
To be divided into to the license of key three kinds:
1. access-this definition is namely read, is write for the access permission of key.
2. the ACR of ownership-establishment key says its owner from definition.This ownership can be authorized to another ACR (as long as it is among identical AGP or in filial generation AGP) from an ACR.The ownership of key provides in order to authorize license with the license of its deletion and to it.
Access rights authorize-this license be so that ACR can authorize the right that it is held.
The subregion that ACR can authorize access permission its establishment with and this is had other subregion of access permission.
Permit and authorize by partition name and key ID being added to the PCR that specifies ACR.Authorize the key access permission can by key ID or by the regulation access permission be for authorize ACR create to some extent the carrying out of key.
The blockade of ACR and release
ACR can have the blockade counter, and it increases progressively when unsuccessful for the ACR verification process of entity in system.When reaching the specific maximum number (MAX) of unsuccessful authentication, ACR will be by the SSA system lock.
Can be by another ACR release through the ACR that blocks, it is by described ACR reference through blocking.Reference for release ACR is set by its founder.Release ACR preferably is arranged in identical AGP and has " release " license with founder through blocking ACR.
But there be not the ACR of other ACR release through blocking in the system.ACR can be configured to have and block counter and do not have unlocking device ACR.In the case, if this ACR is blocked, it can not be unlocked so.
Root AGP-creates application database
The SSA system is through designing to process the data of a plurality of application programs and each application program of isolation.The tree construction of AGP system is the main tool for identification and isolation exclusive data.Root AGP is positioned at the most advanced and sophisticated of application program SSA database tree and observes slightly different rule of conduct.Can in the SSA system, dispose several roots AGP.In Fig. 6, show two root AGP 130 and 132.Obviously, can use less or more AGP, and this within the scope of the invention.
Undertaken to the new application program of the described device of described device (for example, flash cards) registration and/or the issue certificate of new application program by the process of new AGP/ACR tree being added to device.
The SSA system supports the root AGP of three kinds of different modes to create (and all ACR of root AGP and its license):
1. open: as not ask any user of authentication of any kind or entity or the user or the entity that authenticate by the ACR of system (hereinafter explaining) can create new root AGP.Described open mode make it possible to need not any safety practice and simultaneously on open channel (namely, in the security context of body release) carry out creating root AGP in the situation that all data transmit, perhaps create root AGP by the escape way of setting up via the ACR of system authentication (that is, wireless (OTA) and rear release process).
If configuration-system ACR (this is optional feature) and root AGP creation mode is set as opening not, so only open channel is selected available.
2. controlled: as to only have the entity by the ACR of system authentication can create new root AGP.If configuration-system ACR not so can not be with SSA default pattern for this reason.
3. locking: forbid the establishment of root AGP and can not add extra root AGP to system.
Control two SSA order (these orders can be used for any user/entity and need not authentication) of this feature:
Method configuration order-be used for the SSA system configuration for using any one of described three root AGP creation modes.Only allow following pattern to change: open->controlled, controlled->locking (that is, if current be controlled with the SSA system configuration, can only it be changed into locking so).
2. method configuration locking order-be used for the prohibited method configuration order and for good and all lock current selected method.
When creating root AGP, it has special initialize mode, and described pattern realizes establishment and the configuration (use is applicable to the same access restriction of the establishment of root AGP) of its ACR.At the end of root AGP layoutprocedure, when entity switches to operator scheme with it clearly, no longer can upgrade existing ACR and no longer can create extra ACR.
In case root AGP is placed mode standard, only can sign in in the system its deletion by the one ACR that appointment has to delete the license of root AGP by making it.Except special initialize mode, this is another exception of root AGP; It preferably can contain unique AGP of the ACR of the license that has to delete himself AGP, and this is opposite with AGP in the next tree grade.
The 3rd between root ACR and the standard A CR also is that last difference is, it is can have in the system in order to create and to delete unique AGP of the license of subregion.
The ACR of SSA system
The ACR of system can be used for following two SSA operation:
1. under the protection of hostile environment intrinsic safety passage, create the ACR/AGR tree.
2. the device of SSA system is dominated in identification and authentication.
Preferably, can in SSA, only have an ACR of system, and in case through definition, it is just preferably immutable.When creating the ACR of system, do not need system authentication; Only need the SSA order.Can forbid the ACR of establishment system feature (be similar to and create root AGP feature).After creating the ACR of system, creating the ACR of system order does not have effect, because preferably, only allows an ACR of system.
When in constructive process, system ACR inoperation.When finishing, need the issue special command to come indication mechanism ACR to be created and be ready to move.After this point, system ACR preferably can not be updated or replace.
System ACR creates root ACR/AGP in SSA.It has in order to increase/change the root grade until satisfy main frame and main frame with its license of blocking.Block root AGP and cut off in fact itself and being connected of the ACR of system, and cause its interference guard.At this some place, there is not one can change/edit the ACR of root AGP and Qi Nei.This is undertaken by the SSA order.Forbidding creates root AGP and has lasting effect and irreversible.The feature that relates to the ACR of system among Fig. 7 more than the explanation.System ACR is used for creating three different root AGP.Certain time after creating these sends SSA from main frame and orders to block root AGP from the ACR of system, and forbidding creates root AGP feature whereby, indicates such as the dotted line that among Fig. 7 the ACR of system is connected to root AGP.This causes described three root AGP interference guards.Before or after blocking root AGP, described three root AGP can be used for creating filial generation AGP to form three separately trees.
Above-mentionedly be characterized as the content owner larger dirigibility is provided in the content configuration safety product.Safety product needs " through issue ".Issue is the process of placing identification key (device can be identified main frame and vice versa by these keys).Recognition device (for example, flash cards) is so that main frame can determine whether it can entrust to its secret described device.On the other hand, the identification main frame is so that device can be in enforcement security strategy (authorize and carry out special host command) when main frame is allowed to only.
To have some identification keys through design with the product of serving a plurality of application programs.Product can " first issue " (at storage key during manufacture before the delivery) or " rear issue " (after delivery, adding new key).For rear issue, storage arrangement (for example, storage card) need to contain master or the device grade key that identification is allowed to add to device the entity of application program that be used for of certain type.
Above-mentioned feature is so that product can be configured to enable/forbid rear issue.In addition, can after delivery, carry out safely after issue dispose.Device can be bought as retail product, wherein on device, except above-mentioned master or device grade key, do not had other key, and then dispose described device to enable other rear release application program or with its forbidding by new owner.
Therefore, the ACR of system feature provides to realize the ability of above-mentioned target:
-the storage arrangement that do not have an ACR of system unrestrictedly and not controllably adds application program with permission.
-the storage arrangement that do not have an ACR of system can be configured to forbid the ACR of system and create, and this means the interpolation (unless same forbidding creates feature of new root AGP) that does not have method to control new application program.
-storage arrangement with the ACR of system controllably adds application program with by setting up with the authentication procedure of the ACR of system certificate with only allowing via escape way.
-before or after adding application program, the storage arrangement with the ACR of system can be configured to disabling applications and add feature.
The key ID tabulation
Each specific ACR request is created key ID; Yet, in accumulator system 10, only use these key IDs by the SSA system.When creating key ID, ACR provides or provide following data to creating ACR by creating:
1. key ID.Described ID is provided by main frame by entity and is used for further reading or write the data that secret key encryption or deciphering are used in access with reference to key with at all.
2. secret key cipher and data integrity sexual norm (above-mentioned, chain and Hash pattern, and as hereinafter explain)
Except the attribute that main frame provides, by the following data of SSA system maintenance:
1. key ID owner.ID as owner's ACR.When creating key ID, founder ACR is its owner.Yet, the key ID ownership can be transferred to another ACR.Preferably, only allow the key ID owner to shift entitlement and the authorization key ID of key ID.Authorize the key and cancel these rights and can be managed by key ID owner or any other ACR that is assigned authorization of being associated with access permission.No matter when attempt to carry out any one in these operations, the SSA system will only authorize to it when ratifying a motion ACR.
2.CEK。This is for encrypting be associated with key ID interior perhaps by the CEK of the content of key ID sensing.CEK can be 128 AES random keys that produced by the SSA system.
3.MAC and IV value.The multidate information (message authentication code and initial vector) that is used for chained block password (CBC) cryptographic algorithm.
The various features of SSA also are described with reference to the process flow diagram among the figure 8A-16, and wherein " H " on the left of the step means operation by the main frame execution, and " C " means that operation is by the card execution.In order to create the ACR of system, SSA issue the order (square frame 202) in order to create system ACR of main frame in the storage arrangement 10.Whether device 10 is by check system ACR existed to respond (square frame 204, rhombus 206).If exist, install so 10 and return failure result and stop (oval 208).If there is no, storer 10 checks to check whether allow the ACR of system to create (rhombus 210) so, and if do not allow then return status of fail (square frame 212).Therefore, can exist the device publisher not allow to create the situation of the ACR of system, for example pre-determine needed security features so that do not need under the situation of the ACR of system.If this is not allowed to, installs so 10 and return the OK state and wait for system ACR certificate (square frame 214) from main frame.Main frame checks whether SSA state and device 10 have indicated the permission establishment ACR of system (square frame 216 and rhombus 218).If if do not allow establishment or the ACR of system to exist, main frame stops (oval 220) so.Indicated and allow the establishment ACR of system if install 10, main frame sends SSA and orders to define its login certificate and send it to device 10 (square frame 222) so.The certificate that device 10 usefulness receive comes update system ACR record and returns OK state (square frame 224).In response to this status signal, main frame sends the off-the-shelf SSA order of indication mechanism ACR (square frame 226).The device 10 by locking system ACR so that it can not be updated or replace to respond (square frame 228).This has locked the feature of system ACR and it is for the identity to main frame recognition device 10.
Be identified for creating the program of new tree (new root AGP and ACR) by the mode of these functions of configuration in device.Fig. 9 explains described program.Main frame 24 and accumulator system 10 both all in accordance with it.If forbidding adds new root AGP fully, can not add so new root AGP (rhombus 246).Need the ACR of system if it is activated, main frame authenticates and sets up escape way (rhombus 250, square frame 252) by the ACR of system so, and sends afterwards establishment root AGP order (square frame 254).If do not need the ACR of system (rhombus 248), main frame 24 can send the AGP order of establishment root and need not authentication so, and enters square frame 254.If system ACR exists, even do not need so, main frame also can use its (not shown in the process flow diagram).If forbid this function, device (for example, flash cards) will be refused attempting of the new root AGP of any establishment so, and if need the ACR of system, it will refuse to create attempt (rhombus 246 and 250) of new root AGP in the situation that does not have authentication so.AGP and ACR with the new establishment in the square frame 254 switches to operator scheme now, so that the ACR among these AGP can not be updated or change, and any ACR can not be added to its (square frame 256).Then according to circumstances with system lock, so that can not create extra root AGP (square frame 258).Dotted line frame 258 is that this step of indication is the usual manner of optional step.All frames that are represented by dotted lines in the graphic process flow diagram of this application program all are optional steps.This allows content owner blocking-up for the use (it can imitate the real storage arrangement with legal content) of the device 10 of other illegal objective.
In order to create ACR (except the ACR among the above-mentioned AGP), can begin (square frame 270) with having any ACR that creates the ACR right, as shown in figure 10.Entity can be attempted by providing entity point ACR identity to enter (square frame 272) with the ACR with its attribute that is necessary of wishing establishment via main frame 24.SSA checks with the coupling of ACR identity and ACR with this identity whether have the license (rhombus 274) that creates ACR.If it is authorized that request is verified as, the SSA that installs so in 10 creates ACR (square frame 276).
Figure 11 shows two AGP, and its explanation can be used for using the tree of security application of the method for Figure 10.Therefore, the marketing ACR that has identity m1 among the AGP has to create the license of ACR.ACR m1 also can have in order to key is used for reading and writing the license of the data that are associated with key ID " marketing message " and the data that are associated with key ID " price list ".By using the method for Figure 10, its establishment has sale AGP:s1 and the s2 of two ACR, the read-only license of the necessary key of data that it is associated with key ID " marketing message " to the key of the pricing data that is used for access and is associated with key ID " price list " rather than to access.In this way, the entity with ACR s1 and s2 only can read and can not change pricing data, and can not the access marketing data.On the other hand, ACR m2 does not have to create the license of ACR, and has the read-only license to the key that is used for the data that access is associated with key ID " price list " and key ID " marketing message ".
Therefore, the available mode of above explaining is authorized access rights, and wherein m1 authorizes the right that reads pricing data to s1 and s2.This is particularly useful for the situation that relates to larger marketing and sale group.Only exist in one or minority sales force's the situation, may not need to use the method for Figure 10.But, can authorize access rights to ACR lower in same AGP or the same levels place by ACR, such as Figure 12 explanation.At first, entity is by specifying ACR to enter the tree (square frame 280) of this AGP via main frame in tree with above-described mode.Then, main frame will be specified ACR and the right of authorizing it.SSA checks the ACR of this tree and whether ACR has the license (rhombus 282) of right being authorized another specified ACR.If have, vest right (square frame 284) so; If no, stop so.Described result illustrates in Figure 13.In the case, ACR m1 has and authorizes the license that ACR s1 reads license, so that s1 can come the access pricing data with key after authorizing.If m1 has the identical of access pricing data or than grands droits and the license of authorizing described right, can carry out this operation so.In one embodiment, m1 keeps its access rights after authorizing.Preferably, can be under confined conditions such as finite time, a limited number of access (and and non-permanently) authorize access rights.
Explanation is used for creating the process of key and key ID among Figure 14.Entity authenticates (square frame 302) by ACR.Entity requests creates the key (square frame 304) that has by the ID of main frame appointment.SSA checks and checks whether specified ACR has the license (rhombus 306) of doing like this.For instance, if will be used for key the data of access particular zones, but SSA will check and check whether this subregion of access of ACR so.If ACR is authorized to, the key value (square frame 308) that the key ID that storage arrangement 10 creates with main frame provides so is associated, and key ID is stored among the ACR and with key value is stored in (in the storer that is associated with controller or storer 20) in its storer, and assign right and license (square frame 310) and revise according to the information that is provided by entity and have these PCR that assign this ACR of right and license (square frame 312).Therefore, the founder of key has all available rights, for example read and write license, authorize and with same AGP in the right shared of the ACR at other ACR or lower grade place and the right that shifts the key ownership.
ACR can change the license (or together with existing) of another ACR in the SSA system, such as Figure 15 explanation.Entity can enter tree by ACR as in the past; In one case, entity is authenticated, and then it specifies ACR (square frame 330,332).It requires the license (square frame 334) among deletion target ACR or the target ACR.If the ACR of specified ACR or activity this moment has the right (rhombus 336) of doing like this, delete so target ACR, or the PCR of change target ACR is to delete this license (square frame 338).If this is not certified, system stops so.
After said process, target will be no longer can access its can access before described process data.As shown in figure 16, entity can be attempted to enter at target ACR place (square frame 350) and find the verification process failure, because the ACR ID of preexist no longer is present among the SSA, so that access rights is denied (rhombus 352).Suppose and not yet delete ACR ID, entity is specified key ID and/or the data (square frame 356) in ACR (square frame 354) and the particular zones so, and SSA follows PCR according to this ACR and checks to check that whether key ID or subregion access require licensed (rhombus 358).If permit deleted or expired, so again refusal request.Otherwise, authorization requests (square frame 360).
Said process tracing device (for example, flash cards) is the managing access protected data how, and no matter whether ACR and its PCR have just been changed by another ACR or through so being configured to beginning.
Dialogue
A plurality of users that the SSA system logins with processing simultaneously through design.Each order that this feature request is received by SSA be associated with special entity and only the ACR that is used for this entity of authentication have for ask to take action license the time be performed.
Support a plurality of entities by the dialogue concept.During verification process, set up dialogue, and described dialogue is by SSA system dispatching dialogue id.Described dialogue id is associated inherently with for the ACR that signs in to system, and through exporting to entity to be used for all further SSA orders.
The SSA system supports the dialogue of two types: open conversation and security dialogues.In ACR, define the dialogue types that is associated with the specific authentication process.The SSA system will implement session establishment to be similar to the mode of himself implementing authentication.Because ACR defines entity license, thus this mechanism so that system designer can or call specific ACR bookkeeping (that is, creating new ACR and setting certificate) and carry out related safe tunnelling and access specific key ID.
Open conversation
Open conversation is the dialogue that does not have bus encryption to identify with dialogue id, and all orders and data are transmitted in the clear.This operator scheme is preferably used in multi-user or the multiple entity environment, and wherein entity is not eavesdropped in bus neither threaten the part of model yet.
Although the effective firewall functionality between the application program on the host computer side is not enabled in the neither transmission of protected data yet, the open conversation pattern is so that the SSA system can allow only access to be allowed for the information of current authenticated ACR.
Open conversation also can be used for the situation that subregion or key need protection.Yet, after effective verification process, authorize all entities on the main frame with access.In order to obtain the license of authenticated ACR, unique things that various host application programs need to be shared is dialogue id.This illustrates in Figure 17 A.Step on the line 400 is those steps of being carried out by main frame 24.For ACR1 certification entity (square frame 402) afterwards, it requires the file (square frame 404,406 and 408) that is associated with key ID X in the access memory device 10.If the PCR of ACR1 allows this access, install so 10 and authorize described request (rhombus 410).If do not allow, system turns back to square frame 402 so.After finishing authentication, the dialogue id (being not the ACR certificate) that accumulator system 10 is only passed through to assign identifies the entity of giving an order.In case ACR1 obtains the data that access is associated with key ID among its PCR, in open conversation, any other application program or user can come the access identical data by specify correct dialogue ID (it is shared) between the different application on the main frame 24 so.This feature more easily so that the user can only login once and application of can access relevant with the account who carries out login by it for different application all data in be favourable.Therefore, cell phone user can access memory 20 in storage Email and listen the music of storage in the storer 20 and need not login repeatedly.On the other hand, can't help data that ACR1 comprises will be for inaccessible.Therefore, same cell phone user can have can be by independent account ACR2 access valuable content (for example game and photo).This is that he does not wish the data by means of other people access of its phone, although he does not mind the data that other people can use by its first account ACR1 access.Data access is divided into two independent accounts, and allows in open conversation access ACR1 that ease of use is provided and protection to valuable data is provided.
In order further to make things convenient for the process of sharing dialogue id in the middle of host application program, when ACR request open conversation, it can ask to assign " 0 (zero) " id to described dialogue especially.So, application program can be through design to use predefine dialogue id.Obviously, but unique restriction is at a special time ACR of authentication request dialogue 0 only.Another ACR of authentication request dialogue 0 attempts and will be rejected.
Security dialogues
In order to add safe floor, can use dialogue id (shown in Figure 17 B).Storer 10 is then gone back the dialogue id of storage activities dialogue.In Figure 17 B, for instance, for the file that can access be associated with key ID X, entity need to also provide dialogue id (for example, dialogue id " A ") (square frame 404,406,412 and 414) before it is allowed to accessing file.In this way, unless request entity is known correct dialogue id, otherwise it can not access memory 10.Because deletion dialogue id and dialogue id are different for each dialogue after end-of-dialogue, thereby entity can only obtain access when it can provide the dialogue number.
Except talking with the number by using, the SSA system does not have other method to guarantee the entity that order is really hung oneself and correctly authenticated.For the application program and the operating position that wherein exist the assailant will attempt to send with open channel the threat of malicious commands, host application program uses security dialogues (escape way).
When using escape way, use escape way to encrypt (dialogue) key and encrypt dialogue id and whole order, and security level is the same with the host computer side embodiment high.
Stop dialogue
In any following situation, stop dialogue and withdraw from ACR:
1. entity sends clear and definite end dialog order.
2. communication overtime.Special entity is not given an order as the time cycle of an ACR parameter to definition.
Device (for example, flash cards) reset and/or power cycle after stop all and open dialogue.
The data integrity sex service
The integrality of SSA system verification SSA database (it contains all ACR, PCR etc.).In addition, provide the data integrity sex service by key ID mechanism for solid data.
If hash is come configuring cipher key ID as its cryptographic algorithm, so hashed value is stored in the CEK record together with CEK and IV.During write operation, calculate and the storage hashed value.During read operations again calculate hashed value and with its with formerly write operation during the value of storing compare.During each entity access keys ID, excessive data is connected (with the password form) to legacy data and the suitable hashed value through upgrading (be used for reading or be used for writing).
Because the data file of only having main frame to know to be associated with key ID or being pointed to by key ID, thereby main frame some aspects of management data integrity function with the following methods clearly:
1. write from start to end or read the data file that is associated with key ID or is pointed to by key ID.The attempting of any access partial document will make its confusion, because the SSA system is just using the CBC encryption method and producing the ashed information summary of whole data.
2. need not to process the data in the continuous stream (data stream can be interlocked with the data stream of other key Id and can be divided in a plurality of dialogues), because middle hashed value is by the SSA system held.Yet if restart data stream, entity will need clearly to indicate the SSA system to reset hashed value so.
3. when finishing read operation, main frame must clearly ask the SSA system to compare to verify the described hash that reads by reading hash with the hashed value that calculates during write operation.
4.SSA system provides " virtual reading " operation equally.This feature will be passed through cipher engine so that serial data flows, but will can not send out to main frame to it.This feature is used in reads before verification of data integrity with data reality from device (for example, flash cards).
Random number produces
The SSA system will be so that external entity can utilize internal random number generator and request that random number is used in SSA system outside.This service can be used for any main frame and does not need authentication.
RSA key is to producing
The SSA system will be so that external user can utilize inner RSA key to producing feature and asking RSA key using in SSA system outside.This service can be used for any main frame and does not need authentication.
Alternate embodiment
Replace using stage division, the active bank method realizes similar results, such as Figure 18 explanation.
As shown in figure 18, can and need the tabulation of minimal amount of the certificate of release to be input in the database that is stored in controller 12 or the storer 20 with certificate, authentication method, the maximum number of unsuccessfully attempting of entity, this be so that these certificates require relevant with strategy (reading, write access keys and subregion, escape way requirement) by controller 12 execution of storer 10 in the database.Be stored in equally constraint and the restriction to access keys and subregion of also having in the database.Therefore, some entities (for example, system operator) can on white list, this means all keys of all the time access of these entities and subregion.Other entity can be on blacklist, and its attempting and will be blocked any information of access.Restriction can be the overall situation or key and/or subregion specific.This means only some specific key of all the time access of some entity and subregion, and some entity all the time can not access.Can retrain content itself, and regardless of the subregion at content place or for the key with its encryption or deciphering.Therefore, some data (for example, song) can have it and only can come access or other data (for example, film) only can be read the attribute of limited number of times (and no matter which entity has carried out access) by its five host apparatus in front of access.
Authentication
Password protection
Password protection means need to show password with the access protected field.Unless it can not be an above password, otherwise password can be associated from the different rights that for example read access or read/write access.
Password protection means that device (for example, flash cards) can be provided by the password that is provided by main frame, and namely device also has the password that is stored in by in the secure storage section of device management.
Problem and restriction
Password often suffers Replay Attack.Because password does not change after showing at every turn, so it can similarly be sent again.This means if data to be protected are valuable, and communication bus can be easy to access, can not use password according to present appearance so.
Password can be protected the storage data access, but shall not be applied to protected data (being not key)
In order to increase the safe class that is associated with password, can make the password variation with master key, this causes a password to be deceived (hack) can not destroy whole system.Secured communication channel based on session key can be used for sending password.
Figure 19 is the process flow diagram that the authentication of password is used in explanation.Entity is reported account id and password to system 10 (for example, flash memory cards).Systems inspection with check described password whether with its storer in password match.If coupling is returned so and is subjected to authentication state.Otherwise, for that account's incremental error counter, and require entity to re-enter account id and password.If counter overflow, system returns the state of refusal access so.
Challenge response
Figure 20 is the process flow diagram that the authentication of challenge/response type method is used in explanation.Entity is reported account id, and addresses inquires to from system's 10 requests.System 10 produces random number and is presented to main frame.Main frame calculates response from described number, and sends it to system 10.System 10 compares described response and the value of storing.Remaining step is similar to the step that is used for determining whether authorize access among Figure 19.
Figure 21 is the process flow diagram that the authentication of another challenge/response type method is used in explanation.The difference of Figure 21 and Figure 20 is, except requiring main frame by system's 10 authentications, it also requires system 10 by the challenge/response authentication, and wherein response is addressed inquires to and returned in system 10 also with by the main frame inspection from host requests.
Figure 22 is the process flow diagram that the authentication of another challenge/response type method is used in explanation.In the case, it is certified to only have system 10 to need, and wherein main frame sends to system 10 with inquiry, and system 10 calculates response, and described response checks to determine and the coupling of its record of system 10 by main frame.
Symmetric key
Symmetric key algorithm means in both sides and is encrypted and deciphers with the SAME key.It means that key must be agreed in advance before communication.And every side should be implemented reverse each other algorithm, that is, be cryptographic algorithm and be decipherment algorithm on the opposite side on the side.Described both sides do not need to implement two algorithms and communicate by letter.
Authentication
Symmetric key authentication means that device (for example, flash cards) and main frame share same key and have identical cryptographic algorithm (directly and reverse, for example DES and DES-1).
The symmetric key authentication means challenge-response (protection is to avoid Replay Attack).Protected device produces the inquiry for another device, and both equal calculated response.Authenticate device sends it back response, and protected device inspection response and therefore authentication verification.But follow the right that authorization and identification is associated.
Authentication can be:
Outside: device (for example, flash cards) authentication is extraneous, that is, and and the certificate of the device given main frame of checking or application program
Mutual: produce inquiry in both sides
Inner: host application program authenticate device (for example, flash cards), that is, whether real the main frame testing fixture is for its application program
For the safe class (that is, destroy one and can not destroy all) that increases whole system
Usually symmetric key can be combined with the variation of using master key
Mutually authentication uses inquiry from both sides to guarantee that addressing inquires to is true inquiry
Encrypt
Symmetric key cryptography also be used for to be encrypted, because it is unusual Effective arithmetic, that is, it does not need powerful CPU to process cryptology.
When for the protection of communication port:
Two devices must be known the session key in order to protection channel (that is all import data into, to encrypt all outgoi8ng datas and deciphering).Usually set up this session key with the secret symmetric key of sharing in advance or with PKI.
The same password algorithm must be known and implement to two devices
Signature
Symmetric key also can be used for signing data.In said case, signature is the partial results of encrypting.Keep the imperfect permission signature of result to carry out needed number of times and can not expose key value.
Problem and restriction
Symmetry algorithm is very effective and safe, but it is based on the secret of sharing in advance.Issue shares in confidence with dynamical fashion that this is secret and may be at random (as session key).This idea is that shared secret is difficult to long-term maintenance safety and may shares with many people hardly.
In order to be conducive to this operation, the invention public key algorithm need not shared secret because it allows exchanging secrets.
The Public key cryptology
Asymmetric key algorithm is often referred to the Public key password.It is that the intensive mathematics of very complicated and common CPU is implemented.Invented the problem that it solves the distribute keys that is associated with symmetric key algorithm.It also is provided for guaranteeing the signature ability of data integrity.
Asymmetric key algorithm uses the key that is called as respectively the privately owned and common elements of having of private cipher key and Public key.Private cipher key and Public key link together with mathematical way.Public key can be shared, and the private cipher key need to be keep secret.As for described key, asymmetric algorithm uses two mathematical functions (is used for private cipher key and and is used for Public key) that parcel is provided and unties or sign and verify.
Key change and encryption key distribution
Key change is by using the PK algorithm to become very simple.Device sends to other device with its Public key.Other device wraps up its privacy key with described Public key, and the data that will encrypt turn back to first device.First device is untied data with its private cipher key, and the privacy key of swap data is now all known and can be used in the retrieval both sides.Because can easily exchange symmetric key, so its random key normally.
Signature
Because the cause of its person's character, public key algorithm only are used for the signature low volume data usually.In order to ensure data integrity, it follows the hash function combination with the unidirectional footprint that gives information.
Private cipher key is used for the signature data.Public key (can freely obtain) allows certifying signature.
Authentication
Authenticate and usually use signature: address inquires to through signing and returning for checking.
The common part of key is used for checking.Because anyone can produce key pair, so need to confirm the owner of Public key that in order to prove this be the suitable people who uses correct key.Certificate authority side provides voucher, and will comprise Public key in signed credential.Voucher is signed by authorized party self.Then coming certifying signature to mean to trust to send the authorized party of the voucher that contains described key and can verify that described voucher is not yet hacked with Public key, that is, is correct by the voucher hash of authorized party's signature; Mean that the user has authorized party's Public key voucher and trusts described authorized party's Public key voucher.
The commonsense method that PK authentication is provided is all keys of being confirmed by given authorized party of trusted right delegation side or Ticket Granting Ticket and indirectly trusting pair.Authentication is to address inquires to and the private cipher key that provides challenge response and voucher to prove to have and the item of credential match by signature so.Then, check that voucher is to guarantee it and not yet hacked and it is signed by the authorized party who is trusted.Then, checking challenge response.If voucher is trusted and challenge response is correct, so authentication success.
Authentication in the device (for example, flash cards) means that device is loaded Ticket Granting Ticket and the device of being trusted can verify the hash that challenge response and voucher are signed.
File encryption
The PK algorithm also is not used in the encryption mass data, because it is that too CPU is intensive, but the PK algorithm is generally used for protecting through producing the randomized encryption/decruption key with encrypted content.For instance, SMIME (safety E-mail) produces the key of following with all recipients' public-key encryption.
Problem and restriction
Because anything can produce key pair, so it must be proved to guarantee its source.During key change, one may want to guarantee that privacy key is provided for correct device, that is, and and the source of the Public key that the needs inspection is provided.Whether credential management becomes the part of security so, cancelled because it can be notified about validity and the key of key.
Although above described the present invention with reference to various embodiment, will understand, can make various changes and modification to the present invention without departing from the present invention, scope of the present invention should only be defined by appended claims and its equivalent.All references mentioned in this article are all incorporated herein by reference.
The 1SSA order
Application standard (being used for related pattern factor agreement) writes and reading order is delivered to storage card with the SSA system command.Therefore, from the viewpoint of main frame, send the SSA order and mean that really writing data into memory device is set up special file as buffer culture.Via come the acquired information from the SSA system from the buffer culture reading out data.Host application program must guarantee that data always write and read from a LBA of buffer culture.The management buffer culture is the scope that exceeds this instructions in the main frame OS.
1.1 with SSA system communication
The definition of following part how by using form factor (form factor) standard write/reading order makes SSA related command and data and SSA system communication.
1.1.1
Send command/data to the SSA system
The first data block that writes order for scan each by signature.If find by signature, be the SSA order so with data interpretation.If do not find by signature, write data into so specified address.
SSA uses and specificly to write order and can comprise that a plurality of sectors shift, and wherein the first sector keeps the argument of required signature and order and remaining data piece to keep related data (if any).
Table ... first of definition SSA order (such as in standard OS file system use, data block is 512 bytes always) form.
Table 1:SSA order argument LBA form
1.1.2
From SSA system reading out data
To carry out in two sub-sections reading order:
1. come initial reading order by the order that writes that at first sends the single data block with all arguments that define reading order.
2. writing after order is arranged on card application on the correct transfering state, coming initially to shift from the real data that snaps into main frame with reading order.Reading order must use the last employed same LBA of the order address that writes.This is that card just attempted to obtain unique indication of SSA data (the previous request) about main frame.
The read/write order is to must be synchronous carefully.How next dialogue definition is processed and is recovered sequence error.Such as definition, a plurality of host computer side users that the support of SSA system may be logined simultaneously.Therefore independently and non-synchronously initial read/write order pair of each user expectation does not need any special behavior of main frame OS.From the viewpoint of card, right individually by identify these in the LBA address that writes half side usefulness of sequence.From the viewpoint of main frame, this means that each user must use different file bufferings.
1.1.3
The read/write sequence error
1.2 order is described in detail
Table 2 provides the SSA substantially general introduction of order.
The command name hurdle provides the index of the detailed description of basic description that order uses and order.The command operation code is the actual value for the SSA order.Argument length (Arg Len) hurdle has defined the size (being that zero value meaning does not have argument) of the argument field of order.Argument is the specific and appointment in detailed orders is described of order.
Data length is the size of order data in the excessive data piece that is associated with order.Be that zero value meaning does not have data, the order of value " Var " meaning has variable size of data and actual size is specified in order itself.For the fixed size data command, the size of this hurdle storage size of data.Data direction can be blank (if order does not have data (meaning as order argument specified in the table 1 all in the space between byte 76 and byte 511-surpass the data service load that the order sector is followed in this space existence)), " writing " (if data are from host mobility to blocking (being attached to the argument piece that writes order)), or " reading " (if data move to main frame from card) (providing the writing the reading order after the order of argument as previously discussed).
Table 2:SSA order
1.2.1
The ACR of establishment system
The ACR of establishment system creates the ACR of system clauses and subclauses in the SSA database.Can dispose certificate according to the login algorithm of appointment so in case create clauses and subclauses.Order terminator sequence with CREATE_SYSTEM_ACR_DONE at last and make the ACR of system effective.
If the ACR clauses and subclauses have existed or to create system's ACR feature disabled, will refuse so the ACR of establishment system order.Only can come configuration-system ACR (detail with reference part 1.3.2) with the subset of available login mode.If using invalid mode orders so and will be rejected.
In table 3, provide the order argument.Byte offset and begin relevant (the seeing part 1.1.1) of ordering argument LBA.Argument length provides with byte unit.The argument title defines the purpose of argument and can be used as the index that detailed argument is described.
Table 3: create the ACR of system order argument
1.2.2
System ACR creates and finishes
Only after creating beginning, the ACR of system sends this order.Any other the time will refuse described order.Send this order termination system ACR and create, and forever leave current configuration for ACR.There is not argument for this order.
1.2.3
PASSWORD?CREDENTIAL
Send SSA order [28] (CREATE_ACR) afterwards, sending the certificate of ACR.Certificate is password with certain length (take the maximum length of byte as 20) in the case.
Table 4: password credential order argument
1.2.4
SYMMETRIC?CREDENTIAL
It is the symmetrical certificate that sends ACR with the form of AES, DES or 3DES key subsequently when selecting the symmetrical logging program of ACR.The characteristic of algorithm will be indicated certificate (key) length in byte.Can use this order at regular ACR and system's ACR creation-time.
A mistake! Do not find reference source.Table 13 is described dissimilar asymmetric certificates.
Table 5: symmetrical certificate order argument
1.2.5
Asymmetric certificate
For the ACR with asymmetric logging program, existence must be delivered to some certificates of SSA.Following table 14 is described dissimilar asymmetric certificates:
Table 6: asymmetric certificate order argument
1.2.6.
The output public keys
1.2.7
Input document
1.2.8
Configuration ACAM
Send this command configuration ACR management license.Only between the ACR startup stage, send described order.Described order is invalid for the ACR of system.ACAM type and code are described in table 16:ACAM type
Table 7: configuration ACAM order argument
129
Create root AGP
For creating the root AGP under the escape way, must carry out through the SSA of the ACR of system system login.After login, dialogue ID will create and be used for the establishment sequence.When just after completion system ACR login sequence during Request System order return state dialogue ID be available.Create root AGP and at first do not sign in to the ACR of system (creating root AGP with escape way) and do not need to talk with ID.
Table 8 has been looked back the order argument.When not using the ACR of system, the dialogue id field is left empty (NULL) (NA).
Table 8: create root AGP order argument
Imperative structures:
Command name/operation code-1 byte: SSA_CREATE_ROOT_AGP_CMD[3]
The order argument-
Does 1. dialogue ID-need?
2. in the AGP title of byte/ID length-1 byte
3.AGP title/ID-
1.2.10
Root AGP creates and finishes
All ACR that this order is transmitted when root AGP finishes-meaned among the AGP are created.This order will lock AGP in order to no longer can create more ACR.
There is not argument for this order.
Imperative structures:
Command name/operation code-1 byte:
SSA_ROOT_AGP_CREATION_DONE_CMD[4]
The order argument-
Does 1. dialogue ID-need?
2. in the AGP title of byte/ID length-1 byte
3.AGP title/ID-
1.2.11?
DISBALE?SYSTEM?ACR?CREATION
Send the ability that this order will stop the ACR of establishment system.This order is without argument.
1.2.12?
SET?ROOT?AGP?CREATION?MODE
[19] SET_ROOT_AGP_CREATION_MODE processes the control that root AGP is created with the SSA order.The code of different mode is described in table 9.This order does not need to login SSA and does not therefore need to talk with ID.
Table 9: root AGP creation mode
| Byte offset | Argument length | The argument title | Explain |
| 76 | 1 | Root AGP creation mode |
Table 10: set root AGP creation mode order argument
1.2.13?
DISBALE?ROOT?AGP?CHANGE?MODE
It is what can not operate that this order makes the SET_ROO_AGP_CREATION_MODE order, and it will be refused by SSA.This order does not have argument.
1.2.14
Create AGP
Table 11: create AGP order argument
Imperative structures:
Command name/operation code-1 byte: SSA_CREATE_AGP_CMD[5]
The order argument-
1 dialogue ID-1 byte
2. in the AGP title of byte/ID length-1 byte
3.AGP title/ID-
1.2.15
Deletion AGP
This order is effectively for the ACR that creates AGP, and supposes that it is without ACR.
Imperative structures:
Command name/operation code-1 byte: SSA_DELETE_AGP_CMD[6]
The order argument-
1.1 dialogue ID – 1 byte
2. in the AGP title of byte/ID length-1 byte
3.AGP title/ID-
1.2.16
Create ACR
Imperative structures:
Command name/operation code-1 byte: SSA_CREATE_ACR_CMD[7]
The order argument-
1.AGP title/ID-
2.ACR title/ID-
3. login algorithm-1 byte
4. key length
5. release ACR title/ID
6. number-1 byte of management right (ACAM)
7.ACAM# 1
8.ACAM#n1.2.17
Upgrade ACR
This order only can send to upgrade filial generation ACR by ACR founder.The ACR that resides among the root AGP can not be updated because it has parent ACR.
Imperative structures:
Command name/operation code-1 byte: SSA_UPDATE_ACR_CMD[8]
The order argument-
1. talk with the ID-1 byte
2. in the AGP title of byte/ID length-1 byte
3.AGP title/ID-
4. in the ACR title of byte/ID length-1 byte
5.ACR title/ID-
1.2.18
Deletion ACR
This order only can send to delete filial generation ACR by ACR founder.The ACR that resides among the root AGP has the ability of deleting himself.
Imperative structures:
Command name/operation code-1 byte: SSA_DELETE_ACR_CMD[9]
The order argument-
1. talk with ID – 1 byte
2. in the AGP title of byte/ID length-1 byte
3.AGP title/ID-
4. in the ACR title of byte/ID length-1 byte
5.ACR title/ID-
1.2.19
Release ACR
This order only can be sent so that a certain ACR of release by the ACR with this explicit permission.
Imperative structures:
Command name/operation code-1 byte: SSA_UNBLOCK_ACR_CMD[10]
The order argument-
1. talk with ID – 1 byte
2. in the AGP title of byte/ID length-1 byte
3.AGP title/ID-
4. in the ACR title of byte/ID length-1 byte
5.ACR title/ID-
1.2.20
The Authorized Domain license
Imperative structures:
Command name/operation code-1 byte:
SSA_DELEGATE_DOMAIN_PERMISSION_CMD[11]
The order argument-
1. talk with the ID-1 byte
2. license number-1 byte that is used for mandate
3. the license code of authorizing
4. in the domain name of byte/ID length-1 byte
5. domain name/ID
1.2.21
Create the division
This order only can be sent by the ACR that resides among the root AGP.
Imperative structures:
Command name/operation code-1 byte: SSA_CREATE_PARTITION_CMD[12]
The order argument-
1. talk with ID – 1 byte
2. in the partition name of byte/ID length-1 byte
3. partition name/ID
4. partition size [512 byte]-4 bytes in the sector
5. in the partition name of the minimizing of byte/ID length-1 byte
6. partition name/the ID that reduces
1.2.22
Regeneration block
This order only can be sent by the ACR that resides among the root AGP.
Imperative structures:
Command name/operation code-1 byte: SSA_UPDATE_PARTITION_CMD[13]
The order argument-
1. talk with ID – 1 byte
2. in the partition name of byte/ID length-1 byte
3. partition name/ID
4. partition size [512 byte]-4 bytes in the sector
5. in the partition name of the minimizing of byte/ID length-1 byte
6. partition name/the ID that reduces
1.2.23
The deletion subregion
This order only can be sent by the ACR that resides among the root AGP.
Imperative structures:
Command name/operation code-1 byte: SSA_DELETE_PARTITION_CMD[14]
The order argument-
6. talk with the ID-1 byte
7. in the partition name of byte/ID length-1 byte
8. partition name/ID
1.2.24
The access of restriction PD
This order will be restricted to public partition/from the regular read/write order of public partition (being also referred to as the user area) (sent by main frame and be not the order of the part of SSA bidding protocol).
Imperative structures:
Command name/operation code-1 byte:
SSA_RESTRICT_PAUBLIC_PARTITION_CMD[15]
The order argument-
1. talk with ID – 1 byte
2. public partition constrained code-1 byte
1.2.25
Create the territory
Imperative structures:
Command name/operation code-1 byte: SSA_CREATE_DOMAIN_CMD[16]
The order argument-
1. talk with ID – 1 byte
2. in the partition name of byte/ID length-1 byte
3. partition name/ID
4. in the domain name of byte/ID length-1 byte
5. domain name/ID
1.2.26
The deletion territory
Only the territory owner can send this order and deletion territory.
Imperative structures:
Command name/operation code-1 byte: SSA_DELETE_DOMAIN_CMD[17]
The order argument-
1. talk with ID – 1 byte
2. in the partition name of byte/ID length-1 byte
3. partition name/ID
4. in the domain name of byte/ID length-1 byte
5. domain name/ID
1.2.27
System login
When wishing by the use of the one among ACR SSA system, the host subscriber issues this order.Described order will begin log-in/authentication process.
Imperative structures:
Command name/operation code-1 byte: SSA_SYSTEM_LOGIN_CMD[18]
The order argument-
1. in the AGP title of byte/ID length-1 byte
2.AGP title/ID-
3. in the ACR title of byte/ID length-1 byte
4.ACR title/ID-
1.2.28
System withdraws from
When wishing to stop work session with the SSA system, the host subscriber issues this order.Described order finishes all User Activities of current login dialogue.The host subscriber will need again to begin login process in order to can carry out and the further action of SSA system after this order.
Imperative structures:
Command name/operation code-1 byte: SSA_SYSTEM_LOGOUT_CMD[19]
The order argument-
1. in the AGP title of byte/ID length-1 byte
2.AGP title/ID-
3. in the ACR title of byte/ID length-1 byte
4.ACR title/ID-
1.2.29 read
Imperative structures:
Command name/operation code-1 byte: SSA_READ_CMD[20]
The order argument-
1. talk with ID – 1 byte
2. in partition name length-1 byte of byte
3. partition name
4. in domain name length-1 byte of byte
5. domain name
6. partition address (LBA)-4 byte
7. with number (sector-sector=512 bytes)-4 bytes of the LBA that reads
1.2.30
Write
Imperative structures:
Command name/operation code-1 byte: SSA_WRITE_CMD[21]
The order argument-
1. talk with the ID-1 byte
2. in partition name length-1 byte of byte
3. partition name
4. in domain name length-1 byte of byte
5. domain name
6. partition address (LBA)-4 byte
7. with number (sector-sector=512 bytes)-4 bytes of the LBA that reads
1.2.31
Coomand mode
Can send this status command so that the return state of the last order that obtains to send.Described state processing command procedure and SSA system state.
Imperative structures:
Command name/operation code-1 byte: SSA_CMD_STATUS_CMD[22]
The order argument-
1. talk with ID – 1 byte
1.2.32
System interrogation
The SSA information in the scope of ACR of login is read in the system interrogation order.
Imperative structures:
Command name/operation code-1 byte: SSA_SYS_QUERY_CMD[23]
The order argument-
1. talk with ID – 1 byte
1.2.33
The password authentication order
1.2.33.1 send password to SSA
Described order sends the actual ACR password for the treatment of by the SSA checking.Sending coomand mode order (22) will make the main frame can the reading order state and can read the state of verification process-by/failure when order is finished.
Imperative structures:
Command name/operation code-1 byte: SSA_PWD_AUTH SEND PWD_CMD[24]
The order argument-
1. in password length-1 byte of byte
2. password data.
1.2.34
Symmetrical authentication command
1.2.34.1 obtain to address inquires to from SSA
Imperative structures:
Command name/operation code-1 byte: SSA_SYM AUTH_GET_CHLG_CMD[25]
The order argument-
1.2.34.2 send inquiry to SSA
Imperative structures:
Command name/operation code-1 byte:
SSA_SYM_AUTH_SEND_CHLG_CMD[26]
The order argument-
1.2.34.3 obtain challenge response from SSA
Imperative structures:
Command name/operation code-1 byte:
SSA_SYM_AUTH_GET_CHLG_RES_CMD[27]
The order argument-
1.2.34.4 send challenge response from SSA
Imperative structures:
Command name/operation code-1 byte:
SSA_SYM_AUTH_SEND_CHLG_RES_CMD[28]
The order argument-
1.2.35
Asymmetric authentication processing order
1.2.35.1 send inquiry to SSA
Imperative structures:
Command name/operation code-1 byte:
SSA_ASYM_AUTH_SEND_CHLG_CMD[29]
Order argument-challenge nonce-28 byte
1.2.35.2 obtain to address inquires to from SSA
Imperative structures:
Command name/operation code-1 byte:
SSA_ASYM_AUTH_GET_CHLG_CMD[30]
Order argument-NA
1.2.35.3 send the CA voucher to SSA
Imperative structures:
Command name/operation code-1 byte:
SSA_ASYM_AUTH_SEND_CA_CERT_CMD[31]
The order argument-
1.2.35.4 master is secret before obtaining SSA
Imperative structures:
Command name/operation code-1 byte:
SSA_ASYM_AUTH_GET_PRE_MASTER_SECRET_CMD[32]
The order argument-
1.2.35.5 obtain the ACR voucher from SSA
Imperative structures:
Command name/operation code-1 byte:
SSA_ASYM_AUTH_GET_CHLG_CMD[33]
The order argument-
1.2.35.6 master secret before the main frame is sent to SSA
Imperative structures:
Command name/operation code-1 byte:
SSA_SYM_AUTH_SEND_PRE_MASTER_SECRET_CMD[34]
The order argument-
1.2.35.7 send the beginning conversation message
Imperative structures:
Command name/operation code-1 byte:
SSA_ASYM_AUTH_SEND_START_SESSION_MSG_CMD[35]
The order argument-
1.PIN option-
In the PIN length of byte-
3.PIN string-
1.2.35.8 finish message from the SSA access authentication
Imperative structures:
Command name/operation code-1 byte: SSA SYM_AUTH_GET_CHLG_CMD[36]
The order argument-
1.3SSA order argument
1.3.1
Can not use
In the argument tabulation, be defined as all fields that to use (NA) and must be set as 0.
1.3.2
Password and PIN structure
Password and PIN phrase are 20 byte longs and are the binary value of SSA system.Any phrase that is shorter than 20 bytes must be with " 0 " gap.
1.3.3
The login algorithm
The logical algorithm of this argument definition ACR.It is 1 byte long.Available value is defined in following table:
Table 12:
The login algorithm types
1.3.4
Symmetrical certificate symbol
Table 13: symmetrical certificate type
1.3.5
Asymmetric certificate type
| Symbol | Value | Describe |
| | ||
| CA_PUBLIC_RSA_KEY | ||
| 1 | ||
| |
2 | |
| USER_PIN | 4 |
Table 14: asymmetric certificate type
1.3.6
The subregion right
1.3.7
The territory right
1.3.8
Territory license code
Table 15: territory license type
1.3.9
ACAM
Table 16:ACAM type
1.3.10
The public partition constrained code
| Symbol | Value | Describe |
| |
1 | |
| |
2 | |
| |
3 |
Table 17: public partition Limit Type
1.3.11
Coomand mode
1.3.12
The SSA inquiry
1.3.13
Command sequence
1.3.13.1 the command sequence via the mutual symmetrical SSA login that authenticates
When successfully finishing this sequence, the ACR of SSA login and SSA operation can begin.
1.3.13.2 be used for creating the command sequence of root AGP
Can or abandon escape way and bypass system ACR verification process creates root AGP via the ACR of system (it requires the ACR of system is carried out login sequence).To order SSA_CREATE_ROOT_AGP_CMD[3] send with the identity of root AGP.
Can be SSA_CMD_STATUS_CMD[22 after this order] in order to be sure of that SSA does not refuse described order and described order and finishes not having in the vicious situation.When finish root AGP and subsequently all its ACR created so that when sending root AGP, will send SSA_ROOT_AGP_CREATION_DONE_CMD[4] order.
1.3.13.3 be used for creating the command sequence of AGP
For creating AGP, the user must at first login SSA by carrying out the log on command sequence of showing among the 1.3.13.1.Must before setting up the new group of ACR, create AGP.By sending order SSA_CREATE_AGP_CMD[5 with AGP title/ID] create AGP.
Be checking CMD[5] do not having received in the situation of error and carrying out, the user sends SSA_CMD_STATUS_CMD[22] and read the state of the order of last transmission.When the user finishes when creating AGP, can continue to create ACR or withdraw from from the SSA system.
1.3.13.4 be used for setting up the command sequence of ACR
For creating ACR, the user must at first login SSA by carrying out the log on command sequence of showing among the 1.3.13.1.The AGP that equally, must exist new ACR to belong to.The user sends order SSA_CREATE_ACR_CMD[7 with all new ACR data (title, AGP, login method etc.) subsequently].Be checking CMD[7] do not having received in the vicious situation and carrying out, the user sends SSA_CMD_STATUS_CMD[22] and read the state of the order of last transmission.When the user finishes establishment ACR, can continue other SSA and operate or withdraw from from the SSA system.
1.4 product parameters
All entities of maximum number (MAROs, ARCR, parallel session etc.).
Add the definition of cryptographic parameter, i.e. RSA key length at applicable place.
The error condition and the message that need the every agreement of definition.
Need the overtime and busy processing of definition.
Specify the progression on the tree.
The restriction # of root MAROS.
Is the restriction # of filial generation (on the root) in all filial generations? mandate is arrived.
On the number of CBC context (parallel), will there be restriction, for example 5-10.
Agreement and product version.
Claims (47)
1. method that is used for storer, described method comprises:
Receive the request that is stored in the data of described storage arrangement for access from the entity that authenticates to storage arrangement;
In tree, search the license corresponding to described entity and described request, described tree is in described storage arrangement and be included in wherein node through hierarchical organization, and each node comprises the entity authentication voucher and is used for controlling the license of data that described entity access is stored in the outside of described all nodes of tree; And
According to described license to the described request mandate.
2. method according to claim 1, it further comprises:
Receive the second request that is stored in the data of described storage arrangement for access from the second instance that authenticates to described storage arrangement;
From the second tree, search the second license corresponding to described second instance and described the second request, described the second tree is included in the wherein node of hierarchical organization, and each node comprises the entity authentication voucher and is used for controlling the license of data that described second instance access is stored in the outside of described second all nodes of tree; And
According to described the second license described the second request is authorized.
3. method according to claim 2, wherein said tree is set the access permission that comprises two data acquisitions that separate with described second, so that according to described license and described the second license, described request and described the second request are authorized, and described described request and described the second request are authorized enables described entity and described second instance with the corresponding person in described two data set of access.
4. method according to claim 1, the license indication in the node of wherein said tree be to the access rights of data, described access rights be no less than lower grade in the described tree Nodes permitted denotable access rights.
5. method according to claim 1, the described request that wherein is used for access data comprise the request of data that is stored in the part of described storer for access, and described license comprises the license for the described part of the described storer of access.
6. method according to claim 1, wherein said tree are stored in the controller in the described storage arrangement.
7. method according to claim 1, wherein said tree are stored in the storer in the described storage arrangement.
8. method according to claim 31 does not wherein need the node of the different brackets of the described tree of access to search out the license of the Nodes of described tree.
9. method according to claim 31, wherein said the second license is corresponding at least one extra entity.
10. memory storage, it comprises:
Nonvolatile memory; And
Controller, itself and described memory communication, described controller function with:
Control is to the access of described nonvolatile memory;
In described memory storage, create tree, described tree is included in wherein the node through hierarchical organization, each node comprises the entity authentication voucher and is used for the license that the controlled entity access is stored in the data of described memory storage, wherein said tree further be configured to so that, when receiving request from the entity that authenticates to memory storage, described tree can by described controller search simultaneously corresponding to described entity and come from described entity, be used for the license of request that access is stored in the data of described memory storage;
In described memory storage, create the second tree, wherein said the second tree is included in wherein the node through hierarchical organization, each node comprises the entity authentication voucher and is used for the license that the controlled entity access is stored in the data of described memory storage, wherein said tree with second the tree have different root nodes, wherein do not have node at described root node; And
Described tree and described the second tree are stored in the described memory storage.
11. memory storage according to claim 10 does not have cross-talk between wherein said tree and described the second tree.
12. memory storage according to claim 10, the described root node of wherein said tree and described the second tree can not be modified or delete.
13. memory storage according to claim 10, wherein said controller further operates to prevent from creating extra tree.
14. memory storage according to claim 10, the license indication of the Nodes of wherein said tree is to being stored in the data access right in the storer, and described access rights is no less than the denotable access rights of being permitted by the Nodes of lower grade in the described tree.
15. memory storage according to claim 10, a node in the wherein said tree has the ability of the filial generation node that creates lower grade, so that the data of described entity in can the described storer of access, and wherein said controller further operation to create described filial generation node.
16. memory storage according to claim 15, the license of wherein said filial generation node are not more than the license of the described node that creates described filial generation node.
17. memory storage according to claim 10, the license of the Nodes of wherein said tree allow described entity to carry out following one or more operations: create another node in the described tree; Delete another node in the described tree; Change the license of another Nodes in the described tree; Authorization is given another node in the described tree; And will with related another node that is transferred in the described tree of described node.
18. memory storage according to claim 10, the license of the Nodes of wherein said tree is used for the key that access is used for encrypting or deciphering the data that are stored in described storer.
19. memory storage according to claim 10, the license of the Nodes of wherein said tree is used for one or more subregions of the described storer of access.
20. memory storage according to claim 10, the license of one of them Nodes allow for the key that described entity set-up is used for data encryption and/or deciphering.
21. memory storage according to claim 20, the license of wherein said Nodes allow in the following right of described Entity Authorization at least one: the entitlement of the secret key that (i) creates for himself; (ii) license of the described secret key of use.
22. memory storage according to claim 20, the license of wherein said Nodes allow to delete described key for its described entity that creates described key.
23. memory storage according to claim 10, wherein said tree is created by System Agent.
24. memory storage according to claim 23, wherein said System Agent is stored in the described controller.
25. memory storage according to claim 23, wherein said System Agent is stored in the described storer.
26. memory storage according to claim 12 does not wherein need to authenticate to described storage arrangement for the described root node that creates described tree and described the second tree.
27. memory storage according to claim 12, wherein said root node is being ignored the described memory storage establishment that is created the entity of described root node in the situation of mandate by request.
28. memory storage according to claim 12, wherein said root node are only created the described memory storage establishment of the entity of described root node by request after authentication.
29. memory storage according to claim 10, the license of another Nodes of the license of the Nodes of wherein said tree and the different brackets of described tree has predetermined relationship.
30. memory storage according to claim 10, wherein only during the shared parent node in two described trees of nodes sharing of described tree, described two nodes just comprise identical license.
31. memory storage according to claim 30, wherein said two nodes have parent-filial generation relation.
32. memory storage according to claim 30, wherein said two nodes are in same account group.
33. memory storage according to claim 10, wherein said controller are the unique controllers in the described memory storage.
34. memory storage according to claim 10, wherein said controller further can operate to control access and the described storer of management.
35. memory storage according to claim 10, the different nodes in the wherein said tree are relevant with the different authentication algorithm.
36. memory storage according to claim 10, wherein said tree is independent of the file system of described memory storage.
37. memory storage according to claim 10, wherein said the second tree is created by described memory storage.
38. memory storage according to claim 10, the relation between the wherein said node are equally corresponding to the relation between the entity that has license in the described tree.
39. a memory storage, it comprises:
Nonvolatile memory; And
Controller, itself and described memory communication, described controller function with:
Receive the request that is stored in the data of described memory storage for access from the entity that authenticates to memory storage;
In tree, search the license corresponding to described entity and described request, described tree is in described memory storage and be included in wherein node through hierarchical organization, and each node comprises the entity authentication voucher and is used for controlling the license that described entity access is stored in the data of described memory storage; According to described license to the described request mandate;
Receive the second request that is stored in the data of described memory storage for access from the second instance that authenticates to described memory storage;
From the second tree, search the second license corresponding to described second instance and described the second request, described the second tree is included in wherein the node through hierarchical organization, each node comprises the entity authentication voucher and is used for controlling the license that described second instance access is stored in the data of described memory storage, wherein said tree with second the tree have different root nodes, wherein more than described root node, do not have node; And
According to described the second license described the second request is authorized.
40. described memory storage does not have cross-talk between wherein said tree and described the second tree according to claim 39.
41. described memory storage according to claim 39, wherein said tree is set the access permission that comprises two data acquisitions that separate with described second, so that according to described license and described the second license, described request and described the second request are authorized, and described described request and described the second request are authorized enables described entity and described second instance with the corresponding person in described two data set of access.
42. described memory storage according to claim 39, the license indication in the node of wherein said tree is to the access rights of data, and described access rights is no less than the denotable access rights of being permitted by the Nodes of lower grade in the described tree.
43. described memory storage according to claim 39, the described request that wherein is used for access data comprise the request of data that is stored in the part of described storer for access, and described license comprises the license for the described part of the described storer of access.
44. described memory storage according to claim 39, wherein said tree is stored in the described controller.
45. described memory storage according to claim 39, wherein said tree is stored in the described storer.
46. described method does not according to claim 39 wherein need the node of the different brackets of the described tree of access to search out the license of the Nodes of described tree.
47. described method according to claim 39, wherein said the second license is corresponding at least one extra entity.
Applications Claiming Priority (6)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US63880404P | 2004-12-21 | 2004-12-21 | |
| US60/638,804 | 2004-12-21 | ||
| US11/314,055 US20060242067A1 (en) | 2004-12-21 | 2005-12-20 | System for creating control structure for versatile content control |
| US11/313,538 | 2005-12-20 | ||
| US11/314,055 | 2005-12-20 | ||
| US11/313,538 US8051052B2 (en) | 2004-12-21 | 2005-12-20 | Method for creating control structure for versatile content control |
Related Parent Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200580048232.3A Division CN101120355B (en) | 2004-12-21 | 2005-12-21 | System for creating control structure for versatile content control |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102981980A true CN102981980A (en) | 2013-03-20 |
Family
ID=36146948
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210277333XA Pending CN102981980A (en) | 2004-12-21 | 2005-12-21 | Method for control access in storage device |
| CN200580048232.3A Expired - Fee Related CN101120355B (en) | 2004-12-21 | 2005-12-21 | System for creating control structure for versatile content control |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200580048232.3A Expired - Fee Related CN101120355B (en) | 2004-12-21 | 2005-12-21 | System for creating control structure for versatile content control |
Country Status (6)
| Country | Link |
|---|---|
| EP (1) | EP1836643A2 (en) |
| JP (1) | JP4857284B2 (en) |
| KR (1) | KR20070091349A (en) |
| CN (2) | CN102981980A (en) |
| TW (1) | TWI388985B (en) |
| WO (1) | WO2006069312A2 (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110321302A (en) * | 2019-06-28 | 2019-10-11 | 兆讯恒达微电子技术(北京)有限公司 | A kind of embedded system data memory area management method |
| CN112861194A (en) * | 2019-11-12 | 2021-05-28 | 铠侠股份有限公司 | Storage device |
Families Citing this family (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7748031B2 (en) | 2005-07-08 | 2010-06-29 | Sandisk Corporation | Mass storage device with automated credentials loading |
| WO2007030760A2 (en) * | 2005-09-08 | 2007-03-15 | Sandisk Corporation | Mobile memory system for secure storage and delivery of media content |
| EP2038804A2 (en) * | 2006-07-07 | 2009-03-25 | Sandisk Corporation | Content control system and method using versatile control structure |
| EP2038800A2 (en) * | 2006-07-07 | 2009-03-25 | Sandisk Corporation | System and method for controlling information supplied from memory device |
| CN101490688A (en) * | 2006-07-07 | 2009-07-22 | 桑迪士克股份有限公司 | Content control system and method using certificate revocation lists |
| US9104618B2 (en) | 2008-12-18 | 2015-08-11 | Sandisk Technologies Inc. | Managing access to an address range in a storage device |
| EP2256660B1 (en) * | 2009-05-28 | 2015-08-12 | Sap Se | Computer-implemented method, computer system, and computer program product for optimization of evaluation of a policy specification |
| US10165007B2 (en) | 2011-09-15 | 2018-12-25 | Microsoft Technology Licensing, Llc | Securing data usage in computing devices |
| CN102609368B (en) * | 2012-01-11 | 2014-12-17 | 记忆科技(深圳)有限公司 | Solid-state-drive data encryption and decryption method and solid state drive |
| CN103870724B (en) * | 2012-12-12 | 2017-03-01 | 财团法人资讯工业策进会 | Main managing device, proxy management device, electronic installation and authorization management method |
| GB2565411A (en) * | 2017-06-12 | 2019-02-13 | British Telecomm | Improved hardware security module management |
| KR102227363B1 (en) * | 2019-05-30 | 2021-03-15 | 트럼피아 주식회사 | System and method for controlling data access of multy hierarchy structure |
| US11050569B2 (en) * | 2019-08-14 | 2021-06-29 | Macronix International Co., Ltd. | Security memory scheme |
| AT524620A1 (en) * | 2020-12-07 | 2022-06-15 | Fachhochschule St Poelten Gmbh | Procedure for migrating an IT application |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030061504A1 (en) * | 2001-08-13 | 2003-03-27 | Sprigg Stephen A. | Application level access privilege to a storage area on a computer device |
| CN1465161A (en) * | 2001-03-15 | 2003-12-31 | 索尼公司 | Memory access control system and management method using access control ticket |
| US20040139021A1 (en) * | 2002-10-07 | 2004-07-15 | Visa International Service Association | Method and system for facilitating data access and management on a secure token |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6026402A (en) * | 1998-01-07 | 2000-02-15 | Hewlett-Packard Company | Process restriction within file system hierarchies |
| JP2002244552A (en) * | 2001-02-13 | 2002-08-30 | Sony Corp | Information reproducing device, information reproducing method, and information recording medium and program storage medium |
| US6895503B2 (en) * | 2001-05-31 | 2005-05-17 | Contentguard Holdings, Inc. | Method and apparatus for hierarchical assignment of rights to documents and documents having such rights |
| JP4682498B2 (en) * | 2003-04-09 | 2011-05-11 | ソニー株式会社 | Communication device and memory management method for communication device |
-
2005
- 2005-12-21 WO PCT/US2005/046795 patent/WO2006069312A2/en active Application Filing
- 2005-12-21 TW TW094145707A patent/TWI388985B/en not_active IP Right Cessation
- 2005-12-21 JP JP2007548523A patent/JP4857284B2/en not_active Expired - Fee Related
- 2005-12-21 CN CN201210277333XA patent/CN102981980A/en active Pending
- 2005-12-21 EP EP05855366A patent/EP1836643A2/en not_active Ceased
- 2005-12-21 KR KR1020077016639A patent/KR20070091349A/en not_active Application Discontinuation
- 2005-12-21 CN CN200580048232.3A patent/CN101120355B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1465161A (en) * | 2001-03-15 | 2003-12-31 | 索尼公司 | Memory access control system and management method using access control ticket |
| US20030061504A1 (en) * | 2001-08-13 | 2003-03-27 | Sprigg Stephen A. | Application level access privilege to a storage area on a computer device |
| US20040139021A1 (en) * | 2002-10-07 | 2004-07-15 | Visa International Service Association | Method and system for facilitating data access and management on a secure token |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110321302A (en) * | 2019-06-28 | 2019-10-11 | 兆讯恒达微电子技术(北京)有限公司 | A kind of embedded system data memory area management method |
| CN112861194A (en) * | 2019-11-12 | 2021-05-28 | 铠侠股份有限公司 | Storage device |
Also Published As
| Publication number | Publication date |
|---|---|
| KR20070091349A (en) | 2007-09-10 |
| JP4857284B2 (en) | 2012-01-18 |
| CN101120355A (en) | 2008-02-06 |
| JP2008524758A (en) | 2008-07-10 |
| TW200700992A (en) | 2007-01-01 |
| WO2006069312A3 (en) | 2006-11-09 |
| EP1836643A2 (en) | 2007-09-26 |
| CN101120355B (en) | 2012-09-26 |
| TWI388985B (en) | 2013-03-11 |
| WO2006069312A2 (en) | 2006-06-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101908106B (en) | Memory system with versatile content control | |
| CN101819612B (en) | Versatile content control with partitioning | |
| CN101120355B (en) | System for creating control structure for versatile content control | |
| CN101484903B (en) | System and method for controlling information supplied from memory device | |
| US8051052B2 (en) | Method for creating control structure for versatile content control | |
| US8601283B2 (en) | Method for versatile content control with partitioning | |
| US8613103B2 (en) | Content control method using versatile control structure | |
| US8504849B2 (en) | Method for versatile content control | |
| CN102906755A (en) | Content control method using certificate revocation lists | |
| US20060242150A1 (en) | Method using control structure for versatile content control | |
| US20080034440A1 (en) | Content Control System Using Versatile Control Structure | |
| US20060242151A1 (en) | Control structure for versatile content control | |
| US20060242066A1 (en) | Versatile content control with partitioning | |
| CN101361076A (en) | Mobile memory system for secure storage and delivery of media content | |
| US20060242067A1 (en) | System for creating control structure for versatile content control | |
| KR20090052321A (en) | Content control system and method using versatile control structure | |
| CN101120356A (en) | Control structure for versatile content control and method using structure | |
| KR20090026357A (en) | Content control system and method using certificate chains | |
| KR20090028806A (en) | Content control system and method using certificate revocation lists |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20130320 |