CN101120355B - System for creating control structure for versatile content control - Google Patents

Abstract

The owner of proprietor interest is in a better position to control access to the encrypted content in the medium if the encryption-decryption key is stored in the medium itself and substantially inaccessible to external devices. Only those host devices with the proper credentials are able to access the key. An access policy may be stored which grants different permissions (e.g. to different authorized entities) for accessing data stored in the medium. A system incorporating a combination of the two above features is particularly advantageous. On the one hand, the content owner or proprietor has the ability to control access to the content by using keys that are substantially inaccessible to external devices and at the same time has the ability to grant different permissions for accessing content in the medium. Thus, even where external devices gain access, their access may still be subject to the different permissions set by the content owner or proprietor recorded in the storage medium. When implemented in a flash memory, the above features result in a particularly useful medium for content protection. Many storage devices are not aware of file systems while many computer host devices read and write data in the form of files. The host device provides a key reference or ID, while the memory system generates a key value in response which is associated with the key ID, which is used as the handle through which the memory retains complete and exclusive control over the generation and use of the key value for cryptographic processes, while the host retains control of files.

Description

Be used for being controlled at the method for storage arrangement access

Technical field

The present invention relates generally to accumulator system, more particularly, relates to a kind of accumulator system with Versatile content controlling features.

Background technology

Calculation element market just towards on flash memory device, comprising content stores so that develop through the direction that produces more exchanges data and increase average income.This means the said content that when being used for the content in the mobile storage medium on the calculation element, needs protection.Content comprises valuable data, and this can be the data that colony had except the people who makes or sell said memory storage.

The 6th, 457, a kind of memory storage with cryptographic capabilities is described in No. 126 United States Patent (USP)s.Yet the ability that this device is provided is very limited.Therefore, a kind of accumulator system with more Versatile content controlling features need be provided.

Summary of the invention

Content protecting in the mobile storage medium can relate to the data in the encrypted media, but so that only authorized user or application program access are used for encrypting the key of the data that are stored in medium.In some existing systems, the key that is used for the encryption and decryption data is stored in the outside device of mobile storage medium.Under this type of situation, the company or the individual that have content entitlement rights and interests maybe be to the not a lot of controls of the use of content in the medium.Because the key that is used for the encrypted media data is present in the medium outside, thereby the available mode that not controlled by the content owner is delivered to another with this key from a device and installs.According to a characteristic of the present invention, if encryption-decruption key is stored in the medium self and in fact can not be by the external device (ED) access, the owner of owner's equity will occupy the better position of content in the control access medium so.

Basically can not be through making from medium external access key, this characteristic provides portability to secure content.Therefore, the memory storage that contains the secure content of encrypting with this type of key can be used for coming access by various host apparatus, and does not have the danger of breach security, because said device has the proprietary control to access keys.Have only those host apparatus can the said key of access with suitable certificate.

In order to strengthen the commercial value that is stored in the content in the mobile storage medium, need the owner of content entitlement rights and interests can different permission be licensed to different entities to be used for access content.Therefore, another feature of the present invention is based on following understanding: can store and be used to authorize different permission (for example, give different from authorized entity) to be stored in the access strategy of the data in the medium with access.It is especially favourable to incorporate the system that said two above-mentioned combination of features are arranged into.On the one hand, the content owner or the owner have through using in fact the inaccessible key of external device (ED) to control the ability of access content, and have the ability of authorizing the different permission that is used for access medium content simultaneously.Therefore, even externally device obtains under the situation of access, its access still can be recorded in being arranged by content owner or owner's different permissions set in the medium.

Another characteristic is based on following understanding: when in the flash access device, implementing above-mentioned strategy (wherein different permission being licensed to different) through authorized entity, this cause to content protecting be particularly useful medium.

Many memory storages are not known file system, and many main frame devices read and write data with document form.According to another feature, host apparatus provide key with reference to or ID, and accumulator system produces the key value be associated with said key ID as response, wherein said key value is used for the data of the file that cryptographic processing is associated with said key ID.Main frame carries out related with treating the file by the accumulator system cryptographic processing said key ID.Therefore, as handle, storer keeps the generation of the key value that is used for cryptographic processing and the complete and proprietary control of use through said handle key ID by calculation element and storer, and main frame keeps the control to file.

In some flash memory devices of for example smart card, the card controller managing file system.In the flash memory device of for example many other types of flash memory, magnetic disc or laser disc, Setup Controller is not known file system; But Setup Controller relies on host apparatus (for example, personal computer, digital camera, MP3 player, personal digital assistant, cellular phone) and comes managing file system.Various aspect of the present invention can easily be incorporated in the memory storage of these a little types, and wherein said device is not known file system.This means and on various existing flash memory devices, to put into practice various characteristic of the present invention and need not to design again this type of device and make Setup Controller in this type of device become to know and can managing file system.

The tree construction of being stored in the medium provides for entity and after just obtaining access, can carry out and so on controlling.Each node of tree is specified for the permission that obtains the entity of inlet through this node of tree.Some trees have different brackets, and wherein the one or more permissions at one or more permissions at the node place of tree and another node place of higher or lower or same levels in same tree have predetermined relationship.Through requiring entity to observe the permission in each node place appointment like this, the tree characteristic of this application program allows the content owner to control which entity can be taken action and which action each entity can take, and whether to have a different brackets irrelevant with tree for this.

In order to strengthen the commercial value that can provide by the mobile storage medium, need flash memory device can support an above application program simultaneously.When the positive access simultaneously of two or more application programs flash memory device, possibly importantly can separate the operation of said two or more application programs, so that it can not be called the phenomenon of cross-talk and interfering with each other with this paper.Therefore, another feature of the present invention is based on following understanding: can provide two or more trees that are preferably classification to be used to control access memory.Each tree comprises node to be used to control the access of respective sets entity to data at different brackets, and wherein the node of each tree specifies said one or more corresponding entity to be used for one or more permissions of access memory data.One or more permissions at said one or more permissions at the node place of each tree and another node place of higher in same tree or lower grade have predetermined relationship.Preferably, there is not cross-talk at least between the two in said tree.

According to preceding text, with seeing that obviously tree is the strong structure that can be used for content security.An important control that is provided is the establishment of control tree.Therefore, according to another characteristic of the invention, flash memory device can possess can create at least one classification tree System Agent of (it comprises node to be used for being stored in by corresponding entity control access the data of storer at the different brackets place).Each node of tree specifies one or more corresponding entities to be used for one or more permissions of access memory data.One or more permissions at said one or more permissions at the node place of each tree and the node place of higher or lower in same tree or same levels have predetermined relationship.Therefore, can under the situation of not creating any tree as yet, issue flash memory device, so that the buyer of device can freely create classification tree, said classification tree is applicable to the application program that the buyer considers.The buyer perhaps, can under the situation of creating tree, issue flash memory device, so that needn't experience the trouble of creating tree.Under both of these case, preferably, it is fixing that the particular functionality of tree becomes after device is processed, so that can not further change or revise said functional.This provides the content owner control more by force to content access in the device.Therefore, in one embodiment, can preferably forbid System Agent, so that can not create extra tree.

In some flash memory devices, through storer being divided into a plurality of isolated areas content protecting is provided, wherein the access protected field requires authentication formerly.Although this characteristic provides certain protection, it can not be protected in order to avoid pass through the user access that back door obtains password.Therefore; Another aspect of the present invention is based on following understanding: can provide a kind of mechanism or structure that storer is divided into a plurality of subregions; And make some the data available key at least in the said subregion encrypt; So that except the needed authentication of some said subregion of access, possibly need one or more keys of access to decipher encrypted data in this type of subregion.

In some applications, can make the user can use application program login accumulator system more easily, and then can use different application to come the access protected content and need not to login once more.Under this type of situation, the user wants all the elements of access in this way to be associated with first account, so that can come all these type of contents of access and need not repeatedly to login via different application (for example, music player, Email, cellular communication).Then can with not on the same group authentication information be used for logining to be accessed in the account's different protected content, even said different account is to same subscriber or entity with first account.

In storage system, can use above-mentioned characteristic separately or can any combination make up above-mentioned characteristic, with the strong versatility of control that the content owner is provided and/or protection.

Description of drawings

Fig. 1 is the block scheme that can be used for explaining accumulator system of communicating by letter with host apparatus of the present invention.

Fig. 2 be storer different subregions be stored in different subregions in unencryption and the synoptic diagram of encrypt file, wherein access particular zones and encrypt file are by access strategy and authentication procedure control, said synoptic diagram is in order to the explanation embodiments of the invention.

Fig. 3 is the synoptic diagram of the storer of different subregions in the explanation storer.

Fig. 4 is the synoptic diagram of document location table that is used for the different subregions of storer shown in Figure 3, and some file in the wherein said subregion is through encrypting with the explanation embodiments of the invention.

Fig. 5 is access control record and the synoptic diagram of the key reference that is associated in the access controlled record group, and it is in order to the explanation embodiments of the invention.

Fig. 6 is the synoptic diagram that is write down the tree construction that forms by access controlled record group and access controlled, and it is used to explain embodiments of the invention.

Fig. 7 is the synoptic diagram of tree of three classification trees of explanation access controlled record group, and it is in order to explain the forming process of said tree.

Fig. 8 A and 8B are the process flow diagram of explanation by the process of host apparatus and storage arrangement (for example, being used to create the storage card that writes down with the using system access control) execution.

Fig. 9 is the process flow diagram that the process of creating access controlled record group is write down in the access control of explanation using system, and it is in order to explanation the present invention.

Figure 10 is the process flow diagram that explanation is used to create the process of access control record.

Figure 11 is the synoptic diagram of two access control record groups that can be used for explaining the application-specific of classification tree.

Figure 12 is the process flow diagram that explanation is used to authorize the process of specific rights.

Figure 13 is the synoptic diagram of access controlled record group and access control record, and it is in order to the licensing process of explanation Figure 12.

Figure 14 is the process flow diagram that explanation is used to create the process of the key that is used to encrypt and/or decipher purpose.

Figure 15 is the process flow diagram that explanation is used for writing down according to access controlled the process of the permission of cancelling access rights and/or being directed against data access.

To be explanation asked the process flow diagram of the process of access when access rights and/or access permission to Figure 16 by deletion or when having expired.

Figure 17 A and Figure 17 B are that explanation is used for the regular texture of authentication and the synoptic diagram of the tissue of the strategy that is used for the authorize access cryptographic key, and it is in order to the explanation another embodiment of the present invention.

Figure 18 is that explanation is when opening the process flow diagram that some when dialogue authentications and access are talked with.

Figure 19-the 22nd explains the process flow diagram of different authentication process.

For the purpose of simplifying the description, in this application case, mark similar elements with same numbers.

Embodiment

But the block diagram illustrating of Fig. 1 is the example memory system of the various aspects of embodiment of the present invention wherein.As shown in Figure 1, accumulator system 10 comprises CPU (CPU) 12, buffer management unit (BMU) 14, host interface module (HIM) 16 and flash interface module (FIM) 18, flash memory 20 and peripheral access module (PAM) 22.Accumulator system 10 is communicated by letter with host apparatus 24 with port 26a through host interface bus 26.The flash memory 20 that can be the NAND type provides data storage for host apparatus 24.Also can the software code of CPU 12 be stored in the flash memory 20.FIM 18 is connected to flash memory 20 through flash interface bus 28 with port 28a.HIM 16 is suitable for being connected to the for example host computer system of digital camera, personal computer, PDA(Personal Digital Assistant), digital media player, MP-3 player, cellular phone or other digital device.The suitable controller module that peripheral access module 22 is selected for example FIM, HIM and BMU is communicated by letter with CPU12 being used for.In one embodiment, can pack in the individual unit of storage card for example or rod 10 ' all elements of the system in the frame of broken lines 10 and preferably with its sealing.

Although this paper reference flash storer is explained the present invention, the present invention is also applicable to the storer of other type, for example the rewritable nonvolatile memory system of magnetic disc, optics CD and other type.

Buffer management unit 14 comprises main frame direct memory access (DMA) (HDMA) 32, quickflashing direct memory access (DMA) (FDMA) 34, moderator 36, impact damper RAS (BRAM) 38 and cipher engine 40.Moderator 36 is shared bus moderators, so that only master or starter (it can be HDMA 32, FDMA 34 or CPU 12) can work at any time, and slave unit or destination apparatus are BRAM 38.Moderator is responsible for suitable initiator request is directed to BRAM 38.HDMA 32 and FDMA 34 are responsible for the data that between HIM 16, FIM 18 and BRAM 38 or CPU RAS (CPU RAM) 12a, transmit.The operation of HDMA 32 and FDMA34 is conventional, and need not describe in detail at this paper.BRAM 38 is used to be stored in the data of transmitting between host apparatus 24 and the flash memory 20.HDMA 32 and FDMA 34 are responsible between HIM16/FIM 18 and BRAM 38 or CPU RAM 12a, transmitting data and accomplish the indication sector.

To the improvement security that is stored in the content in the storer 20, accumulator system 10 produces and is used to the key value encrypting and/or decipher, and wherein this value in fact can not be by the external device (ED) access of for example host apparatus 24.Yet file ground carries out encryption and decryption one by one usually, because host apparatus is with the form reading of data of file with writing data into memory system 10.As the memory storage of many other types, storage arrangement 10 is not known file or file system.Although the file allocation table (FAT) of the logical address of file is wherein discerned in storer 20 storages, said FAT is not by controller 12 accesses and management by host apparatus 24 usually.Therefore; In order to encrypt the data in the specific file; Controller 12 will rely on the logical address that host apparatus sends the data in the file in the storer 20, so that can found the data of specific file and only used system's 10 obtainable key values that it is encrypted and/or deciphers by system 10.

For both provide handle with the same key with reference to the data that are used for handling cryptographically file for host apparatus 24 and accumulator system 10; Host apparatus provides the reference to each key value that is produced by system 10, and wherein this reference can be a key ID simply.Therefore, it is related that each file that main frame 24 will be handled by system 10 cryptographically and key ID are carried out, and system 10 will be used for cryptographically, and each key value of deal with data carries out related with the key ID that is provided by main frame.Therefore, when host requests was handled file cryptographically, it will be the request with key ID together with treating that the logical address of taking out or being stored in the data the storer 20 from storer 20 sends to system 10.System 10 produces key values, and will be worth therewith by the key ID that main frame 24 provides and carry out association, and carries out cryptographic processing.In this way, need and not allow its mode of using key to control encryption (comprising proprietary access) fully to make change simultaneously to accumulator system 10 operations to key value.In other words, system 10 continues to allow main frame 24 to come management document through the proprietary control that has FAT, and it is kept producing and manage the proprietary control of the key value that is used for cryptographic processing.Host apparatus 24 does not participate in producing and managing the key value of the cryptographic processing that is used for data.

Key ID that is provided by main frame 24 and the key value that is produced by accumulator system form two quantitative attributes, and hereinafter is called " contents encryption key " or CEK in one embodiment.Although it is related that main frame 24 can carry out each key ID and one or more files, main frame 24 also can with each key ID with do not organize data or by any way the data data of complete file (and be not limited to be organized into) of tissue carry out related.

In order to make user or application program protected content or the zone in can access system 10, use in advance certificate to come authentication needs to system's 10 registrations.Certificate is bound with the access rights of authorizing specific user or application program with this certificate.In the registered in advance process, the certificate of system 10 storage identity records and user or application program and with the access rights that this discerns and certificate is associated of confirming by user or application program and providing through main frame 24.After accomplishing the registered in advance process,, need its identity and certificate be provided through host apparatus, be used for the key ID of enciphered data and the logical address that will store encrypted data when user or application requests during with writing data into memory 20.System 10 produces key values, and this value and the key ID that is provided by host apparatus is carried out related, and the key ID that will be used for encrypting the key value of data to be written is stored in its record that is directed against this user or application program or shows.It is enciphered data and encrypted data is stored in by place, the address of main frame appointment subsequently, and the key value of storing its generation.

When user or application requests when storer 20 reads encrypted data, it provides needs its identity and certificate, before was used to encrypt key ID and the logical address of storage encrypted data of the key of institute's request msg.User or application identity and the certificate that system 10 then will be provided by main frame and be stored in its record those and mate.If their couplings; System 10 then will take out the key value that is associated with the key ID that is provided by user or application program from its storer so; Use key value to decipher and be stored in data, and data decryption has sent to user or application program by the place, address of host apparatus appointment.

Through certificate of certification is separated with the key management that is used for cryptographic processing, then can be under the situation of not sharing certificate the right of shared access data.Therefore, but have a user of group of different certificates or the same key that the application program access is used for the access identical data, and the user outside this group can not access.But though all users in the group or application program access identical data, it still can have different rights.Therefore, some can have a read access, and other can have and only write access, and other can have both.Because system 10 keeps user or application identity and certificate, its accessible key ID and is directed against the record of the access rights that is associated of each key ID; Thereby system 10 can increase or delete key ID and change the access rights that is associated with these key IDs to specific user or application program, make access rights between user or application program, authorize each other or even deletion or increase record or table to user or application program, this everything is controlled by the host apparatus of suitably authentication.The record of being stored can be specified needs escape way to come the access specific key.Can use symmetry or asymmetric algorithm and password to carry out authentication.

The particularly important is the portability of protected content in the accumulator system 10.Since key value be produce by accumulator system and in fact external system can not obtain; Thereby when with accumulator system or incorporate memory storage that said system is arranged into when an external system is transferred to another external system; The safety that is stored in content wherein is able to safeguard; And external system can not this content of access, only if it is to obtain authentication by the mode of accumulator system control fully.Even after authentication like this, access is also fully by accumulator system control, and external system only can be come access according to the mode of the control of the preset recording in the accumulator system.If these records are not observed in request, request will be rejected so.

For big dirigibility is provided during content in protection, design only can be by some zone that below the user of suitably authentication or application program access memory, is called subregion.When with the characteristics combination of above-mentioned data encryption based on key, system 10 provides the larger data protective capability.The embodiment of SanDisk of the present invention card of new generation as shown in Figure 2, flash memory 20 can be divided into some subregions with its storage capacity: user area or subregion and customization subregion.User area or subregion P0 can need not under the situation of authentication by all users and application program access.Although can read or write all place values of the data that are stored in the user area by Any Application or user; If but that data read is encrypted, do not decipher so user or the application program of authority can not access by the represented information of place value that is stored in the user area.This explains through the file 102 and 104 that (for example) is stored among the P0 of user area.Be stored in equally and also have unencryption file (for example 106) in the user area, it can be read and understood by all application programs and user.Therefore, with the mode of symbolic representation, use the lock that is associated with the file of for example file 102 and 104 to show the file of having encrypted.

Although unwarranted application program or user can not understand the encrypt file among the P0 of user area, these application programs or user still possibly can delete or destroy file, and this possibly be bad for some application programs.For this purpose, storer 20 also can comprise for example protected customization subregion such as subregion P1 and P2, and said subregion can not carry out access under the situation of no previous authentication.Hereinafter is explained the verification process that is allowed among the embodiment of this application case.

Explain like Fig. 2 equally, but the file in multiple user or the application program access memory 20.Therefore, show user 1 and 2 and application program 1 to 4 (on device, moving) among Fig. 2.Before the protected content in allowing these entity access memories 20, these entities at first come authentication through the mode that verification process is explained with hereinafter.In this process, need be at the entity of host computer side identification request access to carry out access control based on task.Therefore, the entity of request access at first comes oneself's identification through the information that " I am that application program 2 and I want to read file 1 " for example is provided.Controller 12 then with identity, authentication information and request and be stored in storer 20 or controller 12 in record mate.If satisfy all requirements, so then to this entity authorize access.Like Fig. 2 explanation, allow the file 101 of user 1 from subregion P1 to be read or written to file 101, but come the file 106 from P0 to read and write to the file 106 except user 1 has unqualified right, only can read file 102 and 104.On the other hand, do not allow user's 2 accessing files 101 and 104, but user 2 can read and write file 102.Like Fig. 2 indication, user 1 and 2 has identical login algorithm (AES), and application program 1 and 3 has different login algorithms (for example, RSA and 001001), and these algorithms also are different from those algorithms of user 1 and 2.

Safety storing application program (SSA) is the security application of accumulator system 10, and the embodiment that can be used for implementing many above-mentioned characteristics of the present invention is described.The database of being stored in the nonvolatile memory (not shown) among available memory 20 or the CPU 12 is embodied as software or computer code with SSA, and it is read among the RAM 12a and is carried out by CPU 12.In following table, set forth the acronym that uses about SSA:

Definition, acronym & abbreviation

ACR	The access control record
		AGP	ACR group
CBC	Chain type block password
		CEK	Contents encryption key
ECB	Electronic codebook mode
		ACAM	The ACR attribute management
PCR	The permission control record
		SSA	The safety storing application program
Entity	Therefore have login SSA and utilize anything of its functional true and individualism (host computer side)

The SSA system description

Data security, integrality and access control are the main tasks of SSA.Said data are the files that originally will be stored in simply on the mass storage device of certain type.The SSA system is positioned on the storage system and increases the safe floor of the Hosts file that is used for being stored.

The main task of SSA be the management with storer in (and safety) the content associated different rights of storing.Storage application need be managed the content that a plurality of users and content rights are stored to be multiplied.See driver and subregion and the management that this type of application program is visible and describe the file allocation table (FAT) of the position of the stored file on the memory storage from the host application program of its side.

In the case, memory storage uses and is divided into the NAND flash chip of a plurality of subregions, but also can use other flash memory device and these other devices to belong in the scope of the invention.These subregions are continuous threads of logical address, and wherein start and end address defines its border.Therefore, if necessary, can add limit to the access of hidden partition, this carries out by means of related software (for example, be stored in the storer 20 software) is carried out in the address in this type of restriction and this type of border.Subregion can be discerned through its logical address border (by the SSA management) by SSA fully.The SSA system uses subregion protected data on entity to avoid undelegated host application program access.For main frame, subregion is the mechanism that defines the entitlement space of storing data files.These subregions can be shared; Wherein anyone of accessing storage devices can see and know the existence of subregion on the device; Perhaps these subregions can be privately owned or hide, but wherein only selected host application program access and know the existence of subregion in the memory storage.

Fig. 3 be the explanation storer subregion P0, P1, P2 and P3 (significantly, can adopt be less than or more than four subregions) the synoptic diagram of storer, wherein P0 is can be by any entity at the public subregion that need not access under the situation of authentication.

Privately owned subregion (for example P1, P2 or P3) is hidden the access to the file in it.Through preventing the said subregion of main frame access, flash device (for example, flash cards) provides the protection to the data file in the subregion.Yet this kind protection limits to swallow up to stay through the data that access are stored in the logical address place in the said subregion and has the All Files in the hidden partition.In other words, said restriction is associated with the logical address of a scope.All user/main frames that can the said subregion of access are its inner All Files of access unrestrictedly.For different files one or file group one are isolated from each other, the SSA system uses key and key reference or key ID each file one or file group one to be provided the security and the integrality of another grade.Can with the key of the specific key value of the data that are used to be encrypted in place, different memory accesses address with reference to or key ID liken container or the field of containing encrypted data to.Given this reason in Fig. 4, is shown as the file zone on every side of using the key value encryption that is associated with key ID with key reference or key ID (for example, " key 1 " and key " 2 ") with graphics mode.

Referring to Fig. 4, for instance, file A can need not any authentication by all entity accesses, because file A is not surrounded by any key ID through being shown as.Even the file B in the public subregion can be read or rewritten by all entities, file B also contains with the key with ID " key 1 " and comes ciphered data, so that the information that is contained among the file B can not be by the entity access, only if this entity can this key of access.In this way, use reference of key value and key or key ID that virtual protection only is provided, this and the protection type opposite that provides by above-mentioned section post.Therefore, but any main frame of access subregion (public or privately owned) can read or write the data in the whole subregion, comprises encrypted data.Yet because data are encrypted, thereby unwarranted user only can destroy it.It preferably can have to change data or use data under the situation about detecting.Through the access of restriction to encryption and/or decruption key, this characteristic can only allow authorized entity to use data.Also can use the key that has key ID " key 2 " among the P0 to come encrypt file B and C.

Can data confidentiality and integrality be provided through the symmetric encryption method (the corresponding a kind of method of each CEK) of using contents encryption key (CEK).In SSA embodiment, produce CEK through the inner flash device (for example, flash cards) that uses only, and CEK is remained the secret that is unknown to the external world.Through encrypting or the data of encipherment also can be by hash or password by the chain type chunk, to guarantee data integrity.

And all data in the case of non-partitioned are encrypted by different keys and are associated with different key IDs.In the public or user file or operating system zone (that is, and some logical address in FAT) can be with any key or key with reference to not being associated, but and therefore can obtain by any entity of the said subregion of self access.

Require create key and subregion and data are write subregion or from the subregion reading of data or use the entity of the ability of key to write down (ACR) through access control and login the SSA system.The privilege of ACR in the SSA system is called as action.Each ACR can have the permission in order to the action of carrying out following three kinds: create the division and key/key ID, access subregion and key and other ACR of establishment/renewal.

ACR is organized into the group that is called ACR group or AGP.In case success identity ACR, the SSA system just opens dialogue, can carry out any ACR action through said dialogue.

User partition

One or more public subregions (being also referred to as user partition) of SSA system management.This subregion is present on the memory storage, and is to read the subregion of write command access through the standard of memory storage.Acquisition about partition size with and the information that is present on the device preferably can not hide to host computer system.

The SSA system makes it possible to read write command or SSA orders this (a bit) subregion of access through standard.Therefore, the access subregion preferably can not be only limited to specific ACR.Yet the SSA system can make host apparatus can limit the access to user partition.Can launch separately/forbid and read and write access.Allow all four combinations (for example, only write, read-only (write protection), read and write and do not have an access).

The SSA system makes ACR can key ID and file in the user partition carried out related and use the key that is associated with these key IDs to encrypt each file.To use SSA command group (detailed description about SSA order please refer to appendix A---in appendix, key ID is called " field ") to carry out the encrypt file in the access user partition and set access rights to said subregion.Above characteristic also is applicable to without the data that are organized into file.

The SSA subregion

These are hiding (hiding to host operating system or the OS) subregions that can only order access through SSA.Except through by signing in to the dialogue (hereinafter description) that ACR sets up, the SSA system will preferably not allow host apparatus access SSA subregion.Similarly, SSA preferably will not provide the information about existence, size and the access permission of SSA subregion, only if this request spreads out of from the dialogue of being set up.

From the ACR permission, derive access rights to subregion.In case ACR signs in in the SSA system, its just can with other ACR (hereinafter description) shared partition.When creating the division, main frame is provided for the reference title or the ID (for example, the P0-P3 among Fig. 3 and 4) of said subregion.This is with reference to being used for further reading and write command said subregion.

The subregion of memory storage

Preferably, all available storage of device are distributed to the SSA subregion of user partition and current configuration.Therefore, any division operation again can relate to reconfiguring existing subregion.The clean change of installed capacity (the big or small summations of all subregions) will be zero.Define the ID of the subregion in the device storage space through host computer system.

Host computer system can be two less subregions with existing subregion subregion again, or two existing subregions (can be adjacent or non-conterminous) are merged into one.By the main frame decision, can wipe through dividing or merging the data in the subregion or make it uninfluenced.

Because the subregion again of memory storage can cause data degradation (perhaps because it is wiped free of or moves) everywhere in the logical address space of memory storage, thus by the SSA system management for the strictness restriction of subregion again.The ACR that only allows to reside in root AGP (hereinafter explanation) sends again the subregion order and it only can be with reference to its subregion that has.Because the SSA system do not know how to organize data into subregion (FAT or other file system structure), thereby main frame is responsible for device being carried out again these structures of reconstruction whenever of subregion.

Again the subregion of user partition will change the size and other attribute of this subregion that main frame OS seen.

After subregion again, host computer system is responsible for guaranteeing that any ACR in the SSA system is not with reference to non-existing subregion.If these ACR not by suitable deletion or renewal, will be detected and refused the effort in future (with the name of these ACR) of the non-existing subregion of access by system so.For deleting key and key ID, adopt similar looking after.

Key, key ID and virtual protection

When file is written to specific hidden partition, it is hidden to the public.But, in case entity (hostile or non-hostile) acquisition to the understanding and the access of this subregion, file just becomes available and is easy to see.For further protected file, SSA can be in hidden partition encrypts it, wherein is used for the certificate that access is used for the key of declassified document and preferably is different from the certificate that is used for the said subregion of access.Since file not by SSA the fact of knowledge (control fully and manage) by main frame, carrying out related with file CEK is a problem.Something or other-key ID that file chaining is known to SSA-this problem is corrected.Therefore, when creating key by SSA, main frame will be used for the key ID of this key and come ciphered data to be associated with the key that uses SSA to create.

Key value and key ID provide logical security.Use identical content encryption key (CEK) (it provides by host application program is unique when creating with reference to title or key ID) to encrypt all data that are associated with given key ID, and no matter its position how.Obtain the access (via through the ACR authentication) to hidden partition like sporocarp, and hope to read or write the encrypt file in this subregion, it needs the key ID that can access be associated with file so.When authorize access during to the key of this key ID, SSA loads the key value among the CEK that key ID therewith is associated, and before data being sent to main frame with its deciphering or before writing data into flash memory 20 with its encryption.With the key value among the CEK that key ID is associated is to create at random and then kept by it by the SSA system is disposable.SSA system outside do not have device know or access CEK in this key value.The external world only provides and uses reference or key ID, and is not the key value among the CEK.Key value is managed fully by SSA and only can be by the SSA access.

In the following encryption mode of SSA system use any one protected the data (key value among employed actual cryptographic algorithm and the CEK receives system's control and do not reveal to the external world) that are associated with key ID:

Block mode one is divided into piece with data, and each is encrypted to it respectively.It has been generally acknowledged that this pattern is more dangerous and be subject to dictionary attack.Yet it will allow any one in user's Random Access Data piece.

Chain pattern one is divided into piece with data, and it is linked in ciphering process.With of the input of each piece as next ciphering process.Although think that this pattern is safer, this pattern requires always to write according to the order of sequence from start to end and reading of data, thereby causes the overhead of always not accepting for the user.

Hash-the have chain pattern of the extra establishment of the data summarization that can be used for verification of data integrity

ACR and access control

SSA to handle a plurality of application programs, wherein is expressed as the node tree in the system database with each application program through design.There is not cross-talk to realize the mutual repulsion between the application program between the branch through guaranteeing to set.

In order to obtain the access to the SSA system, entity need connect via one among the ACR of system.Select the definition among the connected ACR to come the administrative login program by the SSA system according to being embedded in the user.

ACR is each login point to the SSA system.ACR holds login certificate and authentication method.The intrasystem login of SSA that also has in the same record in the existence is permitted, is to read and write privilege in the middle of said permission.This explains that in Fig. 5 Fig. 5 explains n ACR among the identical AGP.This means that at least some can share the access to same key among the said n ACR.Therefore, ACR#1 and ACR#n share the access to the key with key ID " key 3 ", and wherein ACR#1 and ACR#n are ACR ID, and " key 3 " is the key ID to the key that is used for the data that encryption is associated with " key 3 ".Also can use same key to encrypt and/or decipher a plurality of files or multi-group data.

The SSA system supports the login to system of some types, and wherein identifying algorithm and user certificate can change, and also can change in case same user successfully logins its privilege in system.Fig. 5 explains different login algorithms and certificate once more.ACR#1 requires password login algorithm and password as certificate, and ACR#2 requires PKI (PKI) login algorithm and Public key as certificate.Therefore, in order to login, entity shows effective ACR ID and correct login algorithm and certificate with needs.

In case entity signs in among the ACR of SSA system, just its permission of definition (it uses the right of SSA order) in the permission control record (PCR) that is associated with ACR.In Fig. 5, according to the PCR that is showed, the ACR#1 pair of data that are associated with " key 3 " are authorized read-only permission, and the ACR#2 pair of data that are associated with " key 5 " are authorized and read and write permission.

But the common rights and interests and the privilege of (in the key that for example, is used for reading and writing) in the different ACR shared systems.In order to realize this purpose, the ACR that will have common point is grouped into AGP (ACP group).Therefore, ACR#1 and ACR#n share the access to the key with key ID " key 3 ".

Organize the ACR of AGP and Qi Nei with classification tree, and therefore except creating the safe key that keeps sensitive data safety; ACR can preferably also create other ACR entity corresponding to its key ID/subregion.These ACR filial generations will have identical with his father generation (founder) or than its permission of lacking, and can be given the permission to the key of parent ACR self establishment.Much less, filial generation ACR obtains the access permission to any key of its establishment.This explains in Fig. 6.Therefore, all ACR among the AGP 120 are created by ACR 122, and two these type of ACR inherit the permission to the access of the data that are associated with " key 3 " from ACR 122.

AGP

Through specifying the ACR in AGP and the AGP to sign in in the SSA system.

Each AGP has unique ID (with reference to title), and it is as the index of its inlet in the SSA database.When creating AGP, AGP is provided title to the SSA system.If Already in the system, SSA will refuse creation operation to the AGP title that is provided so.

Use AGP to manage for the restriction of authorize access, as will in the lower part, describing with the management permission.One of function that is provided by two trees among Fig. 6 is the access of management by the entity (for example two different applications or two various computing machine users) that separates fully.From this type of purpose, its two access procedures for (that is, not having cross-talk in fact) independently of one another in fact are important, even two processes take place simultaneously.This means the establishment of authentication, permission and extra ACR and AGP in each tree be not connected to other tree those and do not rely on those of other tree.Therefore, when in storer 10, using the SSA system, this allows accumulator system 10 to serve a plurality of application programs simultaneously.It also allows said two application programs data of two discrete group of access (for example, one a group of photo and a suite of song are bent) independently of one another.This explains in Fig. 6.Therefore, be used for that node (ACR) via the tree of the top section of Fig. 6 carries out the application program of access or user's " key 3 ", the data that " key X " and " key Z " is associated can comprise photo.Be used for the data that " key 5 " and " key Y " that node (ACR) via the tree of the base section of Fig. 6 carries out application program or the user of access be associated and can comprise song.Only when AGP did not have the ACR entity, the ACR that creates AGP just had the permission with its deletion.

The SSA entrance of entity: access control record (ACR)

ACR in the SSA system describes license entity and signs in to the mode in the system.When entity signed in in the SSA system, it need specify the ACR corresponding to the verification process that will carry out.ACR comprises permission control record (PCR), and said PCR explanation user in a single day authenticated (defining among the ACR as shown in Figure 5) is just executable through authorizing action.The host computer side entity provides all ACR data fields.

When entity successfully signs in on the ACR, entity can be inquired all ACR subregions and key access permission and ACAM permission (hereinafter explanation).

ACR?ID

When SSA system entity initialization login process, it need specify ACR ID corresponding to login method (as when creating ACR, being provided by main frame), so that SSA will set up correct algorithm and select correct PCR when satisfying all logins and require.When creating ACR, ACR is provided ID to the SSA system.

Login/identifying algorithm

Which kind of logging program will be the identifying algorithm designated entities will use and need which kind of certificate that the proof of user identity is provided.The SSA system supports some kinds of standards login algorithms, this based on symmetry or asymmetric password from no program (with no certificate) and based on the program of password to bidirectional identification protocol.

Certificate

The certificate of entity makes corresponding to the login algorithm and by SSA and is used for verifying and authenticated.The instance of certificate can be that the password/PIN that is used for password authentication numbers, is used for the AES key of AES authentication etc.Type/the form of certificate (that is, PIN, symmetric key etc.) defines and derives from certification mode through in advance; When creating ACR, it is offered the SSA system.The SSA system does not participate in definition, distributes and manage these certificates, except authentication based on PKI, but wherein operative installations (for example, flash cards) produce RSA key to and exportable Public key produce to be used for voucher.

Permission control record (PCR)

PCR is illustrated in entity and signs in in the SSA system also successfully what authorizes through after the ACR verification process to entity.The permission kind that has three types: be used for subregion and key the establishment permission, the access permission of subregion and key and the management that is used for entity-ACR attribute are permitted.

The access subregion

This part of PCR contains entity in the tabulation that completes successfully ACR accessible subregion (using it to offer the ID of SSA system) after the stage.For each subregion, access type can be limited to only to be write or read-only, perhaps can specify all and write/read access rights.Therefore, the ACR#1 among Fig. 5 can access subregion #2 and and case of non-partitioned #1.The restricted application of appointment is in SSA subregion and public subregion among the PCR.

Can read by routine with write command or by the public subregion of SSA order access to the device (for example, flash cards) of dominating the SSA system.When root ACR (hereinafter explanation) has when limiting the permission of public subregion through being created as, he can pass to said permission his filial generation.ACR can preferably only limit routine and read and the public subregion of write command access.ACR in the SSA system can only be restricted aspect its establishment.In case ACR has the permission in order to the public subregion of read/write, then preferably it can not be taken away.

Access keys ID

This part of PCR contains the data that the accessible key ID tabulation of entity (as offered the SSA system by main frame) is associated when having met the ACR strategy with login process when entity.Specified key ID is associated with the one or more files that come across in the subregion among the PCR in existence.Because key ID is not associated with the logical address of installing in (for example, flash cards), thereby when an above subregion was associated with specific ACR, file can be in any one said subregion.But among the PCR specified key ID each have not access rights on the same group.The data that access is pointed to by key ID can be limited to only to be write or read-only, perhaps can specify all and write/read access rights.

ACR attribute management (ACAM)

This part describes the system property that can how to change ACR in some cases.

The ACAM action that can in the SSA system, permit is:

Establishment/deletion/renewal AGP and ACR.

Establishment/deletion subregion and key.

Authorize access rights to key and subregion

Parent ACR preferably can not edit the ACAM permission.This will preferably require deletion and create ACR again.Equally, preferably can not take the access permission of creating by ACR away to key ID.

Establishment/deletion/renewal AGP and ACR

ACR can have the ability of creating other ACR and AGP.Create ACR also meant and authorize its some or all of by in the ACAM permission that its founder had.The permission that has in order to create ACR means to have the permission that is used for following action:

1. the certificate of definition and editor's filial generation---preferably, authentication method is in case just can not be edited by creating the ACR setting.Can in the border of the identifying algorithm that has defined, change certificate to filial generation.

2. delete ACR.

3. will create permission and authorize filial generation ACR (therefore have grandson generation).

The ACR that has in order to the permission of creating other ACR has the permission (although it does not have the permission in order to release ACR probably) of authorizing the ACR of its establishment in order to the release permission.Parent ACR will place the reference to its release person in filial generation ACR.

Parent ACR is the unique ACR that has in order to the permission of deleting its filial generation ACR.When ACR deleted the lower grade ACR of its establishment, all ACR of lower grade ACR generation were equally by automatic deletion so thus.When ACR was deleted, all key IDs of its establishment and subregion were deleted so.

Exist ACR can upgrade thus himself the record two exceptions:

Although password/PIN is set by founder ACR, only can upgrade by the ACR that comprises it.

Root ACR can be with himself and its AGP deletion of depositing of staying.

Authorize access rights to key and subregion

ACR and its AGP are combined into the classification tree, and wherein the ACR of root AGP and Qi Nei is positioned at the top (for example, the root AGP 130 and 132 among Fig. 6) of tree.In the SSA system, can there be several A GP tree, although it is separated from one another fully.ACR in the AGP can be with all ACR among the same AGR that the access permission of its key is authorized its place and by all ACR of its establishment.Preferably include in order to authorize access permission in order to the permission of creating key to use the permission of key.

To be divided into three kinds to the permission of key:

1. access one this definition is promptly read, is write to the access permission of key.

2. the ACR of ownership one establishment key is from defining its owner that says so.Can this ownership be authorized to another ACR (as long as it is among identical AGP or in filial generation AGP) from an ACR.The ownership of key provides in order to authorize permission with the permission of its deletion and to it.

3. access rights is authorized this permission and is made ACR can authorize the right that it is held.

The subregion that ACR can authorize its establishment with access permission with and this is had other subregion of access permission.

Permit and authorize through partition name and key ID being added to the PCR that specifies ACR.Authorize the key access permission can through key ID or through the regulation access permission be to authorize ACR create the carrying out of key to some extent.

The blockade of ACR and release

ACR can have the blockade counter, and it increases progressively when unsuccessful for the ACR verification process of entity in system.When reaching the specific maximum number (MAX) of unsuccessful authentication, ACR will be by the SSA system lock.

ACR through blocking can be by another ACR release, and it is by said ACR reference through blocking.Reference for release ACR is set by its founder.Release ACR preferably is arranged in identical AGP and has " release " permission with the founder of warp blockade ACR.

But there be not the ACR of other ACR release in the system through blocking.ACR can have the counter of blockade and not have unlocking device ACR through configuration.In the case, if this ACR is blocked, it can not be unlocked so.

Root AGP-establishment application database

The SSA system is through designing to handle a plurality of application programs and to isolate each application's data.The tree construction of AGP system is the main tool that is used to discern and isolate exclusive data.Root AGP is positioned at the most advanced and sophisticated of application program SSA database tree and observes slightly different rule of conduct.Can in the SSA system, dispose several roots AGP.In Fig. 6, show two root AGP 130 and 132.Obviously, can use less or more AGP, and this within the scope of the invention.

Process through new AGP/ACR tree being added to device is carried out to the new application program of the said device of said device (for example, flash cards) registration and/or the issue certificate of new application program.

The SSA system supports the root AGP of three kinds of different modes to create (and all ACR of root AGP and its permission):

1. open: do not ask any kind of authentication Any user or entity or can create new root AGP through the user or the entity of the ACR of system (hereinafter explanation) authentication.Said open mode make it possible to need not any safety practice and simultaneously on open channel (promptly; In the security context of body release) carry out creating root AGP under the situation that all data transmit; Perhaps create root AGP through the escape way of setting up via the ACR of system authentication (that is, wireless (OTA) and back release process).

If configuration-system ACR (this is an optional feature) and root AGP creation mode is set at opening not, so only open channel is selected available.

2. controlled: as to have only through the entity of the ACR of system authentication and can create new root AGP.If configuration-system ACR not so can not be with SSA default pattern for this reason.

3. locking: forbid the establishment of root AGP and can not add extra root AGP to system.

Control two SSA order (these orders can be used for Any user/entity and need not authentication) of this characteristic:

1. the method configuration order-being used for the SSA system configuration is any one of said three the root AGP creation modes of use.Only allow following pattern to change: open-controlled, controlled-locking (that is, if current be controlled with the SSA system configuration, can only it be changed into locking so).

2. the method configuration locking is ordered-is used for the prohibited method configuration order and for good and all locks current method selected.

When creating root AGP, it has special initialize mode, and said pattern realizes establishment and the configuration (use is applicable to the same access restriction of the establishment of root AGP) of its ACR.At the end of root AGP layoutprocedure, when entity switches to operator scheme with it clearly, no longer can upgrade existing ACR and no longer can create extra ACR.

In case AGP places mode standard with root, only can there be an one of which ACR to sign in in the system through appointment through making it with its deletion in order to the permission of deletion root AGP.Except special initialize mode, this is another exception of root AGP; It preferably can contain the unique AGP that has in order to the ACR of the permission of deleting himself AGP, and this is opposite with AGP in the next tree grade.

The 3rd between root ACR and the standard A CR also is that last difference is, it is can have in the system in order to create and to delete unique AGP of the permission of subregion.

The ACR of SSA system

Can the ACR of system be used for following two SSA operation:

1. under the protection of hostile environment intrinsic safety passage, create the ACR/AGR tree.

2. the device of SSA system is dominated in identification and authentication.

Preferably, can in SSA, only have an ACR of system, and in case through definition, it is just preferably immutable.When creating the ACR of system, do not need system authentication; Only need the SSA order.Can forbid the ACR of establishment system characteristic (be similar to and create root AGP characteristic).After creating the ACR of system, creating the ACR of system order does not have effect, because preferably, only allows an ACR of system.

When in constructive process, system ACR inoperation.When accomplishing, need the issue special command to come indication mechanism ACR to be able to create and be ready to operation.After this point, system ACR preferably can not be updated or replace.

System ACR creates root ACR/AGP in SSA.It has in order to increase/change root grade up to the permission of satisfying till main frame and main frame block it.Block root AGP and cut off itself and being connected of the ACR of system in fact, and cause its interference guard.At this some place, do not have one can change/edit root AGP and Qi Nei ACR.This carries out through the SSA order.Forbidding is created root AGP and is had lasting effect and irreversible.The characteristic that relates to the ACR of system among Fig. 7 more than the explanation.System ACR is used to create three different root AGP.Certain time after creating these, send the SSA order to block root AGP from main frame from the ACR of system, forbidding is created root AGP characteristic whereby, indicates like the dotted line that among Fig. 7 the ACR of system is connected to root AGP.This causes said three root AGP interference guards.Before or after blocking root AGP, said three root AGP can be used for creating filial generation AGP to form three trees separately.

Above-mentionedly be characterized as the content owner big dirigibility is provided in the content configuration safety product.Safety product needs " through issue ".Issue is the process of placing identification key (device can be discerned main frame and vice versa through these keys).Recognition device (for example, flash cards) makes main frame can determine whether it can entrust to said device with its secret.On the other hand, the identification main frame makes that device can be in enforcement security strategy (authorize and carry out special host command) when main frame is allowed to only.

To have some identification keys through design with the product of serving a plurality of application programs.Product can " be issued " (at the storage key during manufacture of delivering before) or " back issue " (after delivering, adding new key) earlier.For back issue, what storage arrangement (for example, storage card) need contain certain type is used to discern master or the device grade key that is allowed to add to device the entity of application program.

Above-mentioned characteristic makes that product can issue after being configured to launch/forbid.In addition, can after delivery, carry out back issue configuration safely.Can device be bought as retail product, wherein on device, except above-mentioned master or device grade key, not have other key, and then dispose said device to launch other back issue application program or its forbidding by new owner.

Therefore, the ACR of system characteristic provides in order to realize the ability of above-mentioned target:

One do not have the ACR of system storage arrangement application program unrestrictedly and is not controllably added in permission.

One do not have the ACR of system storage arrangement can create through being configured to forbid the ACR of system, this means the interpolation (only if same forbidding is created characteristic of new root AGP) that does not have method to control new application program.

One have the ACR of system storage arrangement controllably add application program to set up with only allowing via escape way through the authentication procedure of using system ACR certificate.

One before or after adding application program, and the storage arrangement with the ACR of system can add characteristic through being configured to disabling applications.

The key ID tabulation

Key ID is created in each specific ACR request; Yet, in accumulator system 10, only use these key IDs by the SSA system.When creating key ID, ACR provides or to creating ACR following data are provided by creating:

1. key ID.Said ID is provided through main frame by entity and is used for further reading or write access use secret key encryption or decrypted data with reference to key with at all.

2. secret key cipher and data integrity sexual norm (above-mentioned, chain and hash pattern, and explain like hereinafter)

Except the attribute that main frame provides, by the following data of SSA system maintenance:

1. key ID owner.ID as owner's ACR.When creating key ID, founder ACR is its owner.Yet, can the key ID ownership be shifted to another ACR.Preferably, only allow the key ID owner to shift the entitlement and the authorization key ID of key ID.With access permission authorize be associated key with cancel these rights and can manage by key ID owner or any other ACR that is assigned authorization.No matter when attempt to carry out any in these operations, the SSA system will only authorize to it when ratifying a motion ACR.

2.CEK。This is the CEK that is used to encrypt the content of pointing to the key ID associated content or by key ID.CEK can be 128 AES random keys that produced by the SSA system.

3.MAC with the IV value.The multidate information (message authentication code and initial vector) that is used for chained block password (CBC) AES.

The various characteristics of SSA also are described with reference to the process flow diagram among the figure 8A-16, and wherein " H " in step left side means that operation carried out by main frame, and " C " means that operation carried out by card.In order to create the ACR of system, the SSA issue of main frame in storage arrangement 10 is in order to create the order (square frame 202) of the ACR of system.Whether device 10 has existed respond (square frame 204, rhombus 206) through check system ACR.If exist, install 10 so and return failure result and stop (oval 208).If do not exist, whether storer 10 inspection allows the ACR of system to create (rhombus 210) to check so, and if do not allow then return status of fail (square frame 212).Therefore, can exist the device publisher not allow to create the situation of the ACR of system, for example confirm needed security features in advance so that do not need under the situation of the ACR of system.If this is not allowed to, installs 10 so and return the OK state and wait for system ACR certificate (square frame 214) from main frame.Whether main frame inspection SSA state has indicated with device 10 allows the establishment ACR of system (square frame 216 and rhombus 218).If if do not allow establishment or the ACR of system to exist, main frame stops (oval 220) so.Indicated the permission establishment ACR of system if install 10, main frame sends the SSA order to define its login certificate and to send it to device 10 (square frame 222) so.The certificate that device 10 usefulness are received comes update system ACR record and returns OK state (square frame 224).In response to this status signal, main frame sends the off-the-shelf SSA order of indication mechanism ACR (square frame 226).Device 10 through locking system ACR so that it can not be updated or replace respond (square frame 228).This characteristic that has locked system ACR is used for the identity to main frame recognition device 10 with it.

Confirm to be used to create the program of new tree (new root AGP and ACR) through the mode of these functions of configuration in device.Fig. 9 explains said program.Main frame 24 and accumulator system 10 both all in accordance with it.If forbidding adds new root AGP fully, can not add new root AGP (rhombus 246) so.Need the ACR of system if it is activated, main frame comes authentication through the ACR of system and sets up escape way (rhombus 250, square frame 252) so, and sends afterwards and create root AGP order (square frame 254).If do not need the ACR of system (rhombus 248), main frame 24 can send the AGP order of establishment root and need not authentication so, and gets into square frame 254.If system ACR exists, even do not need so, main frame also can use its (not shown in the process flow diagram).If forbid this function, device (for example, flash cards) will refuse attempting of the new root AGP of any establishment so, and the ACR of system if desired, and it will refuse there be not attempt (rhombus 246 and 250) of the new root AGP of establishment under the situation of authentication so.AGP and ACR with the new establishment in the square frame 254 switches to operator scheme now, so that the ACR among these AGP can not be updated or change, and can not add any ACR to its (square frame 256).Then according to circumstances with system lock, so that can not create extra root AGP (square frame 258).Frame of broken lines 258 is that this step of indication is the usual manner of optional step.All frames that are represented by dotted lines in the graphic process flow diagram of this application program all are optional steps.This allows the use (it can imitate real storage arrangement with legal content) of content owner blocking-up from the device 10 of other illegal objective.

In order to create ACR (except the ACR among the above-mentioned AGP), available any ACR with establishment ACR right begins (square frame 270), and is shown in figure 10.Entity can be attempted through providing entity point ACR identity to get into (square frame 272) with the ACR with its attribute that is necessary of hoping establishment via main frame 24.Whether the coupling of SSA inspection and ACR identity and the ACR with this identity have the permission (rhombus 274) of creating ACR.If it is authorized that request is verified as, the SSA that installs so in 10 creates ACR (square frame 276).

Figure 11 shows two AGP, and its explanation can be used for using the tree of security application of the method for Figure 10.Therefore, the marketing ACR that has identity m1 among the AGP has in order to create the permission of ACR.ACR m1 also can have in order to key is used to read and write the permission of data that are associated with key ID " marketing message " and the data that are associated with key ID " price list ".Through using the method for Figure 10; Its establishment has sale AGP:s1 and the s2 of two ACR, the read-only permission of the necessary key of data that it is associated with key ID " marketing message " to the key of the pricing data that is used for access and is associated with key ID " price list " rather than to access.In this way, the entity with ACR s1 and s2 only can read and can not change pricing data, and can not the access marketing data.On the other hand, ACR m2 does not have in order to creating the permission of ACR, and has the read-only permission to the key that is used for the data that access is associated with key ID " price list " and key ID " marketing message ".

Therefore, the mode that available preceding text are explained is authorized access rights, and wherein m1 authorizes the right that reads pricing data to s1 and s2.This is particularly useful for the situation that relates to bigger marketing and sale group.Only exist under one or minority sales force's the situation, maybe not need use the method for Figure 10.But, can authorize access rights to ACR lower in same AGP or the same levels place by ACR, like Figure 12 explanation.At first, entity is through specifying ACR to get into the tree (square frame 280) of this AGP via main frame in tree with above-described mode.Then, main frame will be specified ACR and the right of authorizing it.The ACR of this tree of SSA inspection reaches whether ACR has the permission (rhombus 282) of right being authorized another specified ACR.If have, vest right (square frame 284) so; If no, stop so.Said result explains in Figure 13.In the case, ACR m1 has and authorizes the permission that ACR s1 reads permission, so that s1 can use key to come the access pricing data after authorizing.If m1 has the identical of access pricing data or than grands droits and the permission of authorizing said right, can carry out this operation so.In one embodiment, m1 keeps its access rights after authorizing.Preferably, can under confined condition such as finite time, a limited number of access for example, (and being not for good and all) authorize access rights.

Explanation is used to create the process of key and key ID among Figure 14.Entity carries out authentication (square frame 302) through ACR.Entity requests is created has the key (square frame 304) by the ID of main frame appointment.The SSA inspection also checks whether specified ACR has the permission of doing like this (rhombus 306).For instance, if will be used for key the data of access particular zones, but SSA will check and check whether this subregion of access of ACR so.If ACR is authorized to; The key value (square frame 308) that is associated with key ID that main frame provides of storage arrangement 10 establishments so; And key ID is stored among the ACR and with key value is stored in (in storer that is associated with controller or storer 20) in its storer, and according to the information that provides by entity assign right and permission (square frame 310) and modification have these assign the PCR (square frame 312) of this ACR of right and permission.Therefore, the founder of key has all available rights, for example read and write permission, authorize and with same AGP in the right shared of the ACR at other ACR or lower grade place and the right that shifts the key ownership.

ACR can change the permission (or together with existing) of another ACR in the SSA system, like Figure 15 explanation.Entity can get into tree through ACR as former that kind; In one case, entity is authenticated, and then it specifies ACR (square frame 330,332).It requires the permission (square frame 334) among deletion target ACR or the target ACR.If the ACR of specified ACR or activity this moment has the right of doing like this (rhombus 336), delete target ACR so, or the PCR of change target ACR is to delete this permission (square frame 338).If this is not by authentication, system stops so.

After said process, target will be no longer can access its can access before said process data.Shown in figure 16, entity can be attempted in target ACR place entering (square frame 350) and find the verification process failure, because the ACR ID of preexist no longer is present among the SSA, so that access rights is negated (rhombus 352).Suppose and do not delete ACRID as yet, entity is specified key ID and/or the data (square frame 356) in ACR (square frame 354) and the particular zones so, and SSA then checks to check key ID or subregion access require whether to be permitted (rhombus 358) according to the PCR of this ACR.If permission is deleted or has been expired, refusal request so once more.Otherwise, authorization requests (square frame 360).

Said process tracing device (for example, flash cards) is the managing access protected data how, and no matter whether ACR has just been changed by another ACR with its PCR or through so being configured to beginning.

Dialogue

A plurality of users that the SSA system logins with processing through design simultaneously.Each order that this feature request is received by SSA is associated with special entity and only when the ACR that is used for this entity of authentication has the permission that is directed against the action of asking, is performed.

Support a plurality of entities through the dialogue notion.During verification process, set up dialogue, and said dialogue is by SSA system dispatching dialogue id.Said dialogue id is associated with the ACR that is used for signing in to system inherently, and through exporting to entity to be used for all further SSA orders.

The SSA system supports the dialogue of two types: open conversation and security dialogues.In ACR, define the dialogue types that is associated with the specific authentication process.The SSA system will implement session establishment to be similar to the mode of himself implementing authentication.Because ACR defines the entity permission, thereby this mechanism makes system designer or to call specific ACR bookkeeping (that is, create new ACR and set certificate) and to carry out related safe tunnelling and access specific key ID.

Open conversation

Open conversation is the dialogue that does not have bus encryption to discern with dialogue id, and all orders and data are transmitted in the clear.This operator scheme is preferably used in multi-user or the multiple entity environment, and wherein entity is not eavesdropped on bus neither threaten the part of model yet.

Although the effective firewall functionality between the application program on the host computer side is not launched in the neither transmission of protected data yet, the open conversation pattern makes the SSA system can allow only access to allow to be used for the information of current authenticated ACR.

Open conversation also can be used for the situation that subregion or key need protection.Yet, after effective verification process, authorize all entities on the main frame with access.In order to obtain the permission of authenticated ACR, unique things that various host application programs need be shared is dialogue id.This explains in Figure 17 A.Step on the line 400 is those steps of being carried out by main frame 24.To ACR1 certification entity (square frame 402) afterwards, it requires the file (square frame 404,406 and 408) that is associated with key ID X in the access memory device 10.If the PCR of ACR1 allows this access, install 10 so and authorize described request (rhombus 410).If do not allow, system turns back to square frame 402 so.After accomplishing authentication, the dialogue id (being not the ACR certificate) that accumulator system 10 is only passed through to be assigned discerns the entity of giving an order.In case ACR1 obtains the data that access is associated with key ID among its PCR, so in open conversation, any other application program or user can correctly talk with ID (it is shared between the different application on the main frame 24) and come the access identical data through specifying.This characteristic make the user only to login once more easily and application of can access relevant all data with the account who carries out login through it for different application in be favourable.Therefore, cell phone user can access memory 20 in the Email of storage need not login repeatedly with the music of listening storage in the storer 20.On the other hand, can't help data that ACR1 comprised will be for inaccessible.Therefore, same cell phone user can have can be through independent account ACR2 access valuable content (for example recreation and photo).This is that he does not hope the data by means of other people access of its phone, although he does not mind the data that other people can use through its first account ACR1 access.Data access is divided into two independent accounts, and permission access ACR1 in open conversation provides ease of use and provides valuable Data Protection.

In order further to make things convenient for the process of in the middle of host application program, sharing dialogue id, when ACR request open conversation, it can ask to assign " 0 (zero) " id to said dialogue especially.So, application program can be through design to use predefine dialogue id.Obviously, but unique restriction is at a special time ACR of authentication request dialogue 0 only.Another ACR of authentication request dialogue 0 attempts and will be rejected.

Security dialogues

In order to add safe floor, can use dialogue id (shown in Figure 17 B).Storer 10 is then gone back the dialogue id of storage activities dialogue.In Figure 17 B, for instance, for the file that can access be associated with key ID X, entity need also provide dialogue id (for example, dialogue id " A ") (square frame 404,406,412 and 414) before it be allowed to accessing file.In this way, only if request entity is known correct dialogue id, otherwise it can not access memory 10.Because deletion dialogue id and dialogue id are different for each dialogue after end-of-dialogue, thereby entity can only obtain access when it can provide the dialogue number.

Except through using the dialogue number, the SSA system does not have other method to guarantee hang oneself the really entity of correct authentication of order.For wherein existing the assailant to attempt to use open channel to send the application program and the operating position of the threat of malicious commands, host application program dialogue safe in utilization (escape way).

When passage safe in utilization, passage safe in utilization is encrypted (dialogue) key and is encrypted dialogue id and whole order, and security level is the same with the host computer side embodiment high.

Stop dialogue

In any following situation, stop dialogue and withdraw from ACR:

1. entity sends clear and definite end dialog order.

2. it is overtime to communicate by letter.Special entity is not given an order as the time cycle of an ACR parameter to definition.

Device (for example, flash cards) reset and/or power cycle after stop all and open dialogue.

The data integrity sex service

The integrality of SSA system verification SSA database (it contains all ACR, PCR etc.).In addition, for solid data the data integrity sex service is provided through key ID mechanism.

If hash is come configuring cipher key ID as its AES, so hashed value is stored in the CEK record together with CEK and IV.During write operation, calculate and the storage hashed value.Calculate once more during the read operation hashed value and with its with write operation formerly during the value of storing compare.During each entity access keys ID, excessive data is connected (with the password form) to legacy data with through suitable hashed value (be used to read or be used to and write) of renewal.

Because the data file of having only main frame to know to be associated or pointing to by key ID with key ID, thereby main frame some aspects of management data integrity function with the following methods clearly:

1. write or read the data file that is associated with key ID or points to by key ID from start to end.The attempting of any access partial document will make its confusion, because the SSA system is just using the CBC encryption method and producing the ashed information summary of whole data.

2. need not to handle to link to each other and flow the data in (data stream can be interlocked with the data stream of other key Id and can in a plurality of dialogues, be divided), because middle hashed value is by the SSA system held.Yet if restart data stream, entity need clearly indicate the SSA system to reset hashed value so.

3. when accomplishing read operation, main frame must clearly be asked the SSA system to compare through the hashed value that will read hash and during write operation, calculate and verified the said hash that reads.

4.SSA system provides " virtual reading " operation equally.This characteristic will make that data streaming passes through cipher engine, but will can not send out to main frame to it.This characteristic is used in reads verification of data integrity before with data reality from device (for example, flash cards).

Random number produces

The SSA system will make external entity can utilize internal random number generator and request that random number is used in SSA system outside.This service can be used for any main frame and does not need authentication.

RSA key is to producing

The SSA system will make external user can utilize inner RSA key to producing characteristic and asking RSA key using in SSA system outside.This service can be used for any main frame and does not need authentication.

Alternate embodiment

Replace using stage division, the active bank method realizes similar results, like Figure 18 explanation.

Shown in figure 18; The tabulation of the minimal amount of the maximum number that can certificate, authentication method, the failure of entity be attempted and the certificate that needs release is input in the database that is stored in controller 12 or the storer 20, and this makes that the strategy of being carried out by the controller 12 of storer 10 in these certificate requirements and the database (reading, write access keys and subregion, escape way requirement) is relevant.Be stored in constraint and the restriction that also have in the database equally to access keys and subregion.Therefore, some entities (for example, system operator) can this means all keys of these entities access all the time and subregion on white list.Other entity can be on blacklist, and its attempting and will be blocked any information of access.Restriction can be the overall situation or key and/or subregion specific.This means only some specific key of some entity access all the time and subregion, and some entity all the time can not access.Can retrain content itself, and no matter the subregion at content place or be used for the key with its encryption or deciphering.Therefore, some data (for example, song) can have it and only can come access or other data (for example, film) only can be read the attribute of limited number of times (and no matter which entity has carried out access) by its five host apparatus in front of access.

Authentication

Password protection

Password protection means need show password with the access protected field.Only if it can not be an above password, otherwise password can be associated with the different rights that for example read access or read/write access.

Password protection means that device (for example, flash cards) can verify the password that is provided by main frame, and promptly device also has the password that is stored in by in the secure storage section of device management.

Problem and restriction

Password often suffers Replay Attack.Because password does not change after showing at every turn, so it can likewise be sent once more.This means if data to be protected are valuable, and communication bus can be easy to access, can not use password according to present appearance so.

The access to the storage data can be protected in password, but shall not be applied to protected data (being not key)

In order to increase the safe class that is associated with password, can use master key to make the password variation, this causes a password can not destroyed total system by black (hack).Secured communication channel based on session key can be used for sending password.

Figure 19 is the process flow diagram that the authentication of password is used in explanation.Entity is reported account id and password to system 10 (for example, flash memory cards).Systems inspection with check said password whether with its storer in password match.If coupling is returned so and is received authentication state.Otherwise,, and require entity to re-enter account id and password to that account's incremental error counter.If counter overflows, system returns the state of refusal access so.

Challenge response

Figure 20 is the process flow diagram that the authentication of challenge/response type method is used in explanation.Entity is reported account id, and addresses inquires to from system's 10 requests.System 10 produces random number and it is presented to main frame.Main frame calculates response from said number, and sends it to system 10.System 10 compares said response and the value of being stored.Remaining step is similar to the step that is used to determine whether authorize access among Figure 19.

Figure 21 is the process flow diagram that the authentication of another challenge/response type method is used in explanation.The difference of Figure 21 and Figure 20 is that except requiring main frame by system's 10 authentications, it also requires system 10 by the challenge/response authentication, and wherein system 10 also addresses inquires to and returns response to be checked by main frame from host requests.

Figure 22 is the process flow diagram that the authentication of another challenge/response type method is used in explanation.In the case, have only the system 10 need be by authentication, wherein main frame sends to system 10 with inquiry, and system 10 calculates response, said response by the main frame inspection to confirm the coupling with its record of system 10.

Symmetric key

Symmetric key algorithm means that use SAME key is encrypted and deciphered on both sides.It means that key must be agreed in advance before communication.And every side should be implemented reverse each other algorithm, that is, be AES and be decipherment algorithm on the opposite side on the side.Said both sides need not implemented two algorithms and communicated by letter.

Authentication

The symmetric key authentication means that device (for example, flash cards) and main frame share same key and have identical AES (directly with reverse, for example DES and DES-1).

The symmetric key authentication means addresses inquires to a response (protection is to avoid Replay Attack).Protected device produces the inquiry for another device, and both equal calculated response.Authenticate device sends it back response, and protected device inspection response and therefore authentication verification.But follow the right that authorization and identification is associated.

Authentication can be:

Outside: device (for example, flash cards) authentication is extraneous, that is, and and the certificate of device given main frame of checking or application program

Mutual: on both sides, produce and address inquires to

Inner: host application program authenticate device (for example, flash cards), that is, whether the main frame testing fixture is real for its application program

For the safe class (that is, destruction can not destroyed all) that increases total system

Usually can symmetric key be combined with the variation of using master key

Each other authentication uses inquiry from both sides to guarantee that addressing inquires to is true inquiry

Encrypt

Symmetric key cryptography also is used for encrypting, because it is very effective algorithm, that is, it does not need powerful CPU to handle cryptology.

When being used to protect communication port:

Two devices must be known the session key in order to protection passage (that is all import data into, to encrypt all outgoi8ng datas and deciphering).Usually use the secret symmetric key of sharing in advance or use PKI to set up this session key.

The same password algorithm must known and implement to two devices

Signature

Symmetric key also can be used for signing data.Under said situation, signature is the partial results of encrypting.Keep the imperfect permission signature of result to carry out needed number of times and can not expose key value.

Problem and restriction

Symmetry algorithm is very effective and safe, but it is based on the secret of sharing in advance.Issue is shared this secret in confidence and possibly is (as session key) at random with dynamical fashion.This idea is that shared secret is difficult to long-term maintenance safety and possibly shares with many people hardly.

In order to help this operation, invented public key algorithm, because allowing exchanging secrets, it need not shared secret.

The Public key cryptology

Asymmetric key algorithm is often referred to the Public key password.It is that mathematics very complicated and that CPU is intensive is usually implemented.Invented the problem that it solves the distribute keys that is associated with symmetric key algorithm.It also is provided for guaranteeing the signature ability of data integrity.

Asymmetric key algorithm uses the key that is called as the privately owned and common elements of having of private cipher key and Public key respectively.Both are linked at mathematical way private cipher key with Public key.Public key can be shared, and the private cipher key need to be keep secret.As for said key, asymmetric algorithm uses two mathematical functions (is used for private cipher key and and is used for Public key) that parcel is provided and unties or sign and verify.

Key change and encryption key distribution

Key change becomes very simple through using the PK algorithm.Device sends to other device with its Public key.Other device wraps up its privacy key with said Public key, and ciphered data turns back to first device.First device uses its private cipher key to untie data, and the privacy key of swap data is all known and can be used at present in the retrieval both sides.Because can easily exchange symmetric key, so its random key normally.

Signature

Because the cause of its person's character, public key algorithm only is used to sign low volume data usually.In order to ensure data integrity, it follows the hash function combination with the unidirectional footprint that gives information.

Private cipher key is used to sign data.Public key (can freely obtain) allows certifying signature.

Authentication

Signature is used in authentication usually: address inquires to through signing and returning for checking.

The common part of key is used for checking.Because it is right that anyone can produce key, so the owner who needs to confirm Public key is so that prove the suitable people that this is to use correct key.Certificate authority side provides voucher, and will in signed credential, comprise Public key.Voucher is signed by authorized party self.Then using Public key to come certifying signature to mean to trust and send the authorized party of the voucher that contains said key and can verify that said voucher is not hacked as yet, that is, is correct by the voucher hash of authorized party's signature; Mean that the user has authorized party's Public key voucher and trusts said authorized party's Public key voucher.

The commonsense method that the PK authentication is provided is trusted right delegation side or Ticket Granting Ticket and to trust all keys that confirmed by given authorized party indirectly right.Authentication is to address inquires to and the private cipher key that provides challenge response and voucher to prove to be had and the item of credential match through signature so.Then, the inspection voucher is not hacked and its authorized party's signature by trusted to guarantee it as yet.Then, checking challenge response.If voucher is trusted and challenge response is correct, so authentication success.

Authentication in the device (for example, flash cards) means can verify the hash that challenge response and voucher are signed to the Ticket Granting Ticket of device loading trusted and device.

File encryption

The PK algorithm also is not used in the encryption mass data, because it is that too CPU is intensive, but the PK algorithm is generally used for protecting through producing the randomized encryption/decruption key with encrypted content.For instance, SMIME (safety E-mail) produces the key of then using all recipients' public-key encryption.

Problem and restriction

Because it is right that anything can produce key, so it must be proved to guarantee its source.During key change, one possibly want to guarantee that privacy key is provided for correct device, that is, and and the source of the Public key that needs inspections is provided.Whether credential management becomes the part of security so, cancelled because it can be notified about the validity and the key of key.

Although preceding text have been described the present invention with reference to various embodiment, will understand, can make various changes and modification to the present invention without departing from the present invention, scope of the present invention should only be defined by appended claims and its equivalent.All that this paper mentioned are with reference to all being incorporated herein with way of reference.

1 SSA order

Use standard (being used for related pattern factor agreement) writes and reading order is delivered to storage card with the SSA system command.Therefore, from the viewpoint of main frame, send the SSA order and really mean the special file that writes data on the storage arrangement as buffer culture.Via fetching data acquired information from the SSA system from the buffering file read.Host application program must guarantee that data always write and read from a LBA of buffering file.The management buffer culture is the scope that exceeds this instructions in the main frame OS.

1.1 with SSA system communication

With lower part definition how through using form factor (form factor) standard write/reading order makes SSA related command and data and SSA system communication.

1.1.1 Send command to the SSA system

For scan first data block of each write command through signature.If find, be the SSA order with data interpretation so through signature.Do not write data into specified address if find so through signature.

SSA uses specific write command can comprise the transfer of a plurality of sectors, and wherein first sector keeps the argument of required signature and order and remaining data piece to keep related data (if any).

Table ... first of definition SSA order (such as in standard OS file system use, data block is 512 bytes always) form.

Byte index	Length [byte]	Describe	Note
				0-31	32	Application program is through signature	Be necessary for the ASCII string: " SSTA Pass Through Mode Supported "
32	4	SSA application program ID	Be necessary for: 0x00000000
				36	4	SSA talks with ID	Talk with ID through verification process by the SSA that the SSA system provides.If open conversation not, this field will contain value 0x00000000 so.When passage safe in utilization, come the remainder of encrypted command argument (starting from first byte offset 64 places) and data block with session key.
40	24	Reservation is to be used for following use	Data do not define
				64	4	SSA talks with ID	The triplicate of SSA dialogue ID.This field is used to verify the use of session key.
68	4	SSA application command operation code	As to be defined in the SSA command description in detail in the lower part
				72	4	SSA application data piece	The number of excessive data piece.If not using data block is 0 so.
76-511	436	SSA application command argument	As to be defined in the SSA command description in detail in the lower part

Table 1:SSA order argument LBA form

1.1.2 From SSA system reading of data

To divide two parts to carry out reading order:

1. come initial reading order through the write command of at first sending single data block with all arguments that define reading order.

2. after write command is arranged on card application on the correct transfering state, use reading order initial from snapping into the real data transfer of main frame.Reading order must use the employed same LBA of last write command address.This is that card just attempted to obtain unique indication of SSA data (the previous request) about main frame.

The read/write order is to taking every caution against error ground synchronously.How next dialogue definition is handled and is recovered sequence error.Such as definition, a plurality of host computer side users that the support of SSA system possibly logined simultaneously.Each user expectation independently and non-synchronously initial read/write order right, therefore do not need any special behavior of main frame OS.From the viewpoint of card, right individually through discern these in the LBA address that writes half side use of sequence.From the viewpoint of main frame, this means that each user must use the different files buffering.

1.1.3 The read/write sequence error

1.2 order is described in detail

Table 2 provides SSA the general introduction substantially of order.

The command name hurdle provides the index of the detailed description of basic description that order uses and order.The command operation code is the actual value that is used for the SSA order.Argument length (Arg Len) hurdle has defined the size (being that zero value meaning does not have argument) of the argument field of order.Argument is the specific and appointment in detailed orders is described of order.

Data length is the size of order data in the excessive data piece with commands associated.Be that zero value meaning does not have data, the order of value " Var " meaning has variable size of data and actual size is specified in order itself.For the fixed size data command, the size of this hurdle storage size of data.Data direction can be blank (if order does not have data (meaning as order argument specified in the table 1 all in the space between byte 76 and byte 511-follow the service load of order sectors of data above this space existence)), " writing " (if data move to card (being attached to the argument piece of write command) from main frame), or " reading " (if data move to main frame from card) (as previously discussed the reading order after the write command that argument is provided).

Table 2:SSA order

1.2.1 The ACR of establishment system

The ACR of establishment system creates the ACR of system clauses and subclauses in the SSA database.Can dispose certificate according to the login algorithm of appointment so in case create clauses and subclauses.Use CREATE_SYSTEM_ACR_DONE to order terminator sequence at last and make the ACR of system effective.

If the ACR clauses and subclauses have existed or to create system's ACR characteristic disabled, will refuse the ACR of establishment system order so.Only the subclass of available login mode is come configuration-system ACR (detail with reference part 1.3.2).If using invalid mode orders so and will be rejected.

In table 3, provide the order argument.Byte offset and begin relevant (the seeing part 1.1.1) of ordering argument LBA.Argument length provides with byte unit.The argument title defines the purpose of argument and can be used as the index that detailed argument is described.

Byte offset	Argument length	The argument title	Explain
				76	1	The login algorithm	Only can come configuration-system ACR:AES, DES, 3DES, only with the asymmetric authentication of mutual pattern with following login algorithm.

Table 3: create the ACR of system order argument

1.2.2 System ACR creates completion

Only, the ACR of system sends this order after creating beginning.Any other the time will refuse said order.Send this order termination system ACR and create, and leave current configuration for ACR forever.There is not argument for this order.

1.2.3 PASSWORD?CREDENTIAL

Send SSA order [28] (CREATE_ACR) afterwards, sending the certificate of ACR.Certificate is the password (maximum length in byte is 20) with certain length in the case.

Byte offset	Argument length	The argument title	Explain
				76	As specified in the password length argument field in byte	PASSWORD_CREDENTIAL	See part 1.3.2 about password phrase form and length

Table 4: password credential order argument

1.2.4 SYMMETRIC?CREDENTIAL

It is the symmetrical certificate that sends ACR with the form of AES, DES or 3DES key subsequently when selecting the symmetrical logging program of ACR.The characteristic of algorithm will be indicated certificate (key) length in byte.Can use this order at regular ACR and the ACR of system creation-time.

A mistake! Do not find reference source.Table 13 is described dissimilar asymmetric certificates.

Byte offset	Argument length	The argument title	Explain
				76	1	Certificate type	See the mistake of table 13 to types value and symbol! Do not find reference source.
78	1	Certificate length in byte
				79	As specified in the certificate length field in byte	The symmetry certificate

Table 5: symmetrical certificate order argument

1.2.5 Asymmetric certificate

For the ACR with asymmetric logging program, existence must be delivered to some certificates of SSA.Following table 14 is described dissimilar asymmetric certificates:

Byte offset	Argument length	The argument title	Explain
				76	1	Dialogue ID	Dialogue ID eliminates the needs of ACR ID.Under the situation that the ACR of system creates, this field remains sky (NULL).
77	1	Certificate type	See mistake to type code! Do not find reference source.
				78	1	Certificate length in byte
79	As specified in the certificate length field in byte	The symmetry certificate

Table 6: asymmetric certificate order argument

1.2.6. The output public keys

1.2.7 The input voucher

1.2.8 Configuration ACAM

Send this command configuration ACR management permission.Only between the ACR startup stage, send said order.Said order is invalid for the ACR of system.ACAM type and code are described in table 16:ACAM type

Byte offset	Argument length	The argument title	Explain
				76	1	Dialogue ID	Only effective when after the ACR of system logging program, using.
			Otherwise (NULL) is left empty.
				77	1	AGP title/ID length in byte	Maximum length is 20 bytes.
78	As specified in the AGP title/ID length argument field in byte	AGP title/ID

Table 7: configuration ACAM order argument

1.2.9 Create root AGP

For creating the root AGP under the escape way, must carry out through the SSA of the ACR of system system login.After login, dialogue ID will create and be used to create sequence.Dialogue ID was available when Request System was ordered return state after just accomplishing the ACR of system login sequence.Create root AGP and at first do not sign in to the ACR of system (creating root AGP) and need not talk with ID with escape way.

Table 8 has been looked back the order argument.When using system ACR not, the dialogue id field is left empty (NULL) (NA).

Table 8: create root AGP order argument

Imperative structures:

Command name/operation code-1 byte: SSA_CREATE_ROOT_AGP_CMD [3]

The order argument-

1. dialogue ID-whether need?

2. in AGP title/ID length-1 byte of byte

3.AGP title/ID-

1.2.10 Root AGP creates completion

All ACR that this order is transmitted when root AGP accomplishes among the meaning AGP are able to create.This order will lock AGP so that no longer can create more ACR.

There is not argument for this order.

Imperative structures:

Command name/operation code-1 byte:

SSA_ROOT_AGP_CREATION_DONE_CMD[4]

The order argument-

1. dialogue ID-whether need?

2. in AGP title/ID length-1 byte of byte

3.AGP title/ID-

1.2.11 DISBALE?SYSTEM?ACR?CREATION

Send this order and will stop the ability of the ACR of establishment system.This orders no argument.

1.2.12 SET?ROOT?AGP?CREATION?MODE

[19] SET_ROOT_AGP_CREATION_MODE handles the control that root AGP is created with the SSA order.The code of different mode is described in table 9.Therefore this order need not logined SSA need not talk with ID.

MODE name	Code	Describe
			Open	1	Root AGP creates can be through the ACR of system or through regular open channel.
Controlled	2	Only create root AGP through the ACR of system.
			Locking	3	Can not create root AGP.

Table 9: root AGP creation mode

Byte offset	Argument length	The argument title	Explain
				76	1	Root AGP creation mode	?

Table 10: set root AGP creation mode order argument

1.2.13 DISBALE?ROOT?AGP?CHANGE?MODE

It is what can not operate that this order makes the SET_ROO_AGP_CREATION_MODE order, and it will be refused by SSA.This order does not have argument.

1.2.14 Create AGP

Byte offset	Argument length	The argument title	Explain
				76	1	Dialogue ID	?
77	1	AGP title/D length in byte	Maximum length is 20 bytes.
				78	As specified in the AGP title/ID length argument field in byte.	AGP title/D

Table 11: create AGP order argument

Imperative structures:

Command name/operation code-1 byte: SSA_CREATE_AGP_CMD [5]

The order argument-

1 dialogue ID-1 byte

2. in AGP title/ID length-1 byte of byte

3.AGP title/ID-

1.2.15 Deletion AGP

This order is effectively for the ACR that creates AGP, and supposes its no ACR.

Imperative structures:

Command name/operation code-1 byte: SSA_DELETE_AGP_CMD [6]

The order argument-

1.1 dialogue ID-1 byte

2. in AGP title/ID length-1 byte of byte

3.AGP title/ID-

1.2.16 Create ACR

Imperative structures:

Command name/operation code-1 byte: SSA_CREATE ACR_CMD [7]

The order argument-

1.AGP title/ID-

2.ACR title/ID-

3. login algorithm-1 byte

4. key length

5. release ACR title/ID

6. number-1 byte of management right (ACAM)

7?ACAM#1

8.ACAM#n1.2.17 Upgrade ACR

This order only can be sent to upgrade filial generation ACR by ACR founder.The ACR that resides among the root AGP can not be updated because of it has parent ACR.

Imperative structures:

Command name/operation code-1 byte: SSA_UPDATE_ACR_CMD [8]

The order argument-

1. talk with the ID-1 byte

2. in AGP title/ID length-1 byte of byte

3.AGP title/ID-

4. in ACR title/ID length-1 byte of byte

5.ACR title/ID-

1.2.18 Deletion ACR

This order only can be sent with deletion filial generation ACR by ACR founder.The ACR that resides among the root AGP has the ability of deleting himself.

Imperative structures:

Command name/operation code-1 byte: SSA_DELETE_ACR_CMD [9]

The order argument-

1. talk with the ID-1 byte

2. in AGP title/ID length-1 byte of byte

3.AGP title/ID-

4. in ACR title/ID length-1 byte of byte

5.ACR title/ID-

1.2.19 Release ACR

This order only can be sent so that a certain ACR of release by the ACR with this explicit permission.

Imperative structures:

Command name/operation code-1 byte: SSA_UNBLOCK_ACR_CMD [10]

The order argument-

1. talk with the ID-1 byte

2. in AGP title/ID length-1 byte of byte

3.AGP title/ID-

4. in ACR title/ID length-1 byte of byte

5.ACR title/ID-

1.2.20 The Authorized Domain permission

Imperative structures:

Command name/operation code-1 byte:

SSA_DELEGATE_DOMAIN_PERMISSION_CMD[11]

The order argument-

1. talk with the ID-1 byte

2. be used to permission number-1 byte of authorizing

3. the permission code of being authorized

4. in domain name/ID length-1 byte of byte

5. domain name/ID

1.2.21 Create the division

This order only can be sent by the ACR that resides among the root AGP.

Imperative structures:

Command name/operation code-1 byte: SSA_CREATE_PARTITION_CMD [12]

Order argument one

1. talk with the ID-1 byte

2. in partition name/ID length-1 byte of byte

3. partition name/ID

4. partition size [512 byte]-4 bytes in the sector

5. in partition name/ID length-1 byte of the minimizing of byte

6. partition name/the ID that reduces

1.2.22 Regeneration block

This order only can be sent by the ACR that resides among the root AGP.

Imperative structures:

Command name/operation code-1 byte: SSA_UPDATE_PARTITION_CMD [13]

The order argument-

1. talk with the ID-1 byte

2. in partition name/ID length-1 byte of byte

3. partition name/ID

4. partition size [512 byte]-4 bytes in the sector

5. in partition name/ID length-1 byte of the minimizing of byte

6. partition name/the ID that reduces

1.2.23 The deletion subregion

This order only can be sent by the ACR that resides among the root AGP.

Imperative structures:

Command name/operation code-1 byte: SSA_DELETE_PARTITION_CMD [14]

The order argument-

6. talk with the ID-1 byte

7. in partition name/ID length-1 byte of byte

8. partition name/ID

1.2.24 The access of restriction PD

This order will be restricted to public partition/from the regular read/write order of public partition (being also referred to as the user area) (sent by main frame and be not the order of the part of SSA bidding protocol).

Imperative structures:

Command name/operation code-1 byte:

SSA_RESTRICT_PAUBLIC_PARTITION_CMD[15]

The order argument-

1. talk with the ID-1 byte

2. public partition constrained code-1 byte

1.2.25 Create the territory

Imperative structures:

Command name/operation code-1 byte: SSA_CREATE_DOMAIN_CMD [16]

The order argument-

1. talk with the ID-1 byte

2. in partition name/ID length-1 byte of byte

3. partition name/ID

4. in domain name/ID length-1 byte of byte

5. domain name/ID

1.2.26 The deletion territory

Only the territory owner can send this order and deletion territory.

Imperative structures:

Command name/operation code-1 byte: SSA_DELETE_DOMAIN_CMD [17]

The order argument-

1. talk with the ID-1 byte

2. in partition name/ID length-1 byte of byte

3. partition name/ID

4. in domain name/ID length-1 byte of byte

5. domain name/ID

1.2.27 System login

, the host subscriber issues this order when hoping to use the SSA system through one among the ACR.Said order will begin log-in/authentication process.

Imperative structures:

Command name/operation code-1 byte: SSA_SYSTEM_LOGIN_CMD [18]

The order argument-

1. in AGP title/ID length-1 byte of byte

2.AGP title/ID-

3. in ACR title/ID length-1 byte of byte

4.ACR title/ID-

1.2.28 System withdraws from

, the host subscriber issues this order when hoping to stop the work session with the SSA system.Said order finishes all User Activities of current login dialogue.The host subscriber need begin login process once more so that can carry out and the further action of SSA system after this order.

Imperative structures:

Command name/operation code-1 byte: SSA_SYSTEM_LOGOUT_CMD [19]

The order argument-

1. in AGP title/ID length-1 byte of byte

2.AGP title/ID-

3. in ACR title/ID length-1 byte of byte

4.ACR title/ID-

1.2.29 read

Imperative structures:

Command name/operation code-1 byte: SSA_READ_CMD [20]

The order argument-

1. talk with the ID-1 byte

2. in partition name length-1 byte of byte

3. partition name

4. in domain name length-1 byte of byte

5. domain name

6. partition address (LBA)-4 byte

7. with number (sector-sector=512 bytes)-4 bytes of the LBA that reads

1.2.30 Write

Imperative structures:

Command name/operation code-1 byte: SSA_WRITE_CMD [21]

The order argument-

1. talk with the ID-1 byte

2. in partition name length-1 byte of byte

3. partition name

4. in domain name length-1 byte of byte

5. domain name

6. partition address (LBA)-4 byte

7. with number (sector-sector=512 bytes)-4 bytes of the LBA that reads

1.2.31 Coomand mode

Can send this status command so that the return state of the last order that obtains to be sent.Said state processing command procedure and SSA system state.

Imperative structures:

Command name/operation code-1 byte: SSA CMD_STATUS_CMD [22]

The order argument-

1. talk with the ID-1 byte

1.2.32 System interrogation

The SSA information in the scope of ACR of login is read in system interrogation order.

Imperative structures:

Command name/operation code-1 byte: SSA_SYS_QUERY_CMD [23]

The order argument-

1. talk with the ID-1 byte

1.2.33 The password authentication order

1.2.33.1 send password to SSA

The actual ACR password of treating by the SSA checking is sent in said order.Transmission coomand mode order (22) will make main frame ability reading order state and can order the state one that read verification process when accomplishing to pass through/failure.

Imperative structures:

Command name/operation code-1 byte: SSA_PWD_AUTH SEND PWD_CMD [24]

The order argument-

1. in password length-1 byte of byte

2. password data.

1.2.34 The symmetry authentication command

1.2.34.1 obtain to address inquires to from SSA

Imperative structures:

Command name/operation code-1 byte: SSA_SYMAUTH_GET_CHLG_CMD [25]

The order argument-

1.2.34.2 send inquiry to SSA

Imperative structures:

Command name/operation code-1 byte:

SSA_SYM_AUTH_SEND_CHLG_CMD[26]

The order argument-

1.2.34.3 obtain challenge response from SSA

Imperative structures:

Command name/operation code-1 byte:

SSA_SYM_AUTH_GET_CHLG_RES_CMD[27]

The order argument-

1.2.34.4 send challenge response from SSA

Imperative structures:

Command name/operation code-1 byte:

SSA_SYM_AUTH_SEND_CHLG_RES_CMD[28]

The order argument-

1.2.35 Asymmetric authentication processing order

1.2.35.1 send inquiry to SSA

Imperative structures:

Command name/operation code-1 byte:

SSA_ASYM_AUTH_SEND_CHLG_CMD[29]

Order argument one challenge nonce-28 byte

1.2.35.2 obtain to address inquires to from SSA

Imperative structures:

Command name/operation code-1 byte:

SSA_ASYM_AUTH_GET_CHLG_CMD[30]

Order argument-NA

1.2.35.3 send the CA voucher to SSA

Imperative structures:

Command name/operation code-1 byte:

SSA_ASYM_AUTH_SEND_CA_CERT_CMD[31]

The order argument-

1.2.35.4 master is secret before obtaining SSA

Imperative structures:

Command name/operation code-1 byte:

SSA_ASYM_AUTH_GET_PRE_MASTER_SECRET_CMD[32]

The order argument-

1.2.35.5 obtain the ACR voucher from SSA

Imperative structures:

Command name/operation code-1 byte:

SSA_ASYM_AUTH_GET_CHLG_CMD[33]

The order argument-

1.2.35.6 master secret before the main frame is sent to SSA

Imperative structures:

Command name/operation code-1 byte:

SSA_ASYM_AUTH_SEND_PRE_MASTER_SECRET_CMD[34]

The order argument-

1.2.35.7 send the beginning conversation message

Imperative structures:

Command name/operation code-1 byte:

SSA_ASYM_AUTH_SEND_START_SESSION_MSG_CMD[35]

The order argument-

1.PIN option-

In the PIN length of byte-

3.PIN string-

1.2.35.8 accomplish message from the SSA access authentication

Imperative structures:

Command name/operation code-1 byte: SSA SYM_AUTH_GET_CHLG_CMD [36]

The order argument-

1.3SSA order argument

1.3.1 Can not use

In the argument tabulation, be defined as all fields that to use (NA) and must be set at 0.

1.3.2 Password and PIN structure

Password and PIN phrase are 20 byte longs and are the binary value of SSA system.Any phrase that is shorter than 20 bytes must have " 0 " gap.

1.3.3 The login algorithm

The logical algorithm of this argument definition ACR.It is 1 byte long.Available value defines in following table:

Symbol	Value	Describe
			NONE	0	Do not need authentication.In case ACR issues the system login order so with regard to open conversation for this reason.
PASSWORD	1	Authentication based on password
			Reservation is to be used for following use	2-9
AES_HOST_AUTH	10	Use the unidirectional symmetrical authentication of aes algorithm.Card is authenticated.
			AES_HOST_AUTH_SEC	11	Use the unidirectional symmetrical authentication of aes algorithm.Card is an authenticated.Escape way is able to set up and be used for this ACR.
AES_HOST_AUTH_SEC_PIN	12	Use the unidirectional symmetrical authentication of aes algorithm.Card is an authenticated.Escape way is able to set up and be used for this ACR., extra PIN accomplishes authentication after being provided.
			AES_MUTUAL_AUTH	13	Use the bi-directional symmetrical authentication of aes algorithm.Card and main frame authentication each other
AES_MUTUAL_AUTH_SEC
		14	Use the bi-directional symmetrical authentication of aes algorithm.Card and main frame authentication each other.Escape way is able to set up and be used for this ACR.
AES_MUTUAL_AUTH_SEC_PIN				15	Use two factor authentications of aes algorithm.Card and main frame authentication each other.Escape way is able to set up and be used for this ACR., extra PIN accomplishes authentication after being provided.
	Reservation is to be used for following use	16-19
DES_HOST_AUTH				20	Except that using the DES algorithm similar in appearance to the AES group of login mode.
	DES_HOST_AUTH_SEC	21	?
DES_HOST_AUTH_SEC_PI?N				22	?

?DES_MUTUAL_AUTH	?23	?
			?DES_MUTUAL_AUTH_SEC	?24	?
?DES_MUTUAL_AUTH_SEC?_PIN	?25	?
			Reservation is to be used for following use	?26-29	?
?3DES_HOST_AUTH	?30	Except that using the 3DES algorithm similar in appearance to the AES group of login mode.
			3DES_HOST_AUTH_SEC	31
3DES_HOST_AUTH_SEC_P IN	32
			3DES_MUTUAL_AUTH	33
3DES_MUTUAL_AUTH_SE C	34
			3DES_MUTUAL_AUTH_SE C_PIN	35
Reservation is to be used for following use	36-39
			RSA_HOST_AUTH	40
RSA_HOST_AUTH_PIN	41
			RSA_MUTUAL_AUTH	42
RSA_MUTUAL_AUTH_PIN	43
			Reservation is to be used for following use	44-255

Table 12: The login algorithm types

1.3.4 Symmetry certificate symbol

Symbol	Value	Describe
			SYMMETRIC_KEY	1	Symmetric key corresponding to selected symmetrical identification sequences.Selected identification sequences also will reflect key length.
USER_PIN	2	PIN is the binary value of maximal value 20 bytes

Table 13: symmetrical certificate type

1.3.5 Asymmetric certificate type

Symbol	Value	Describe
			?CA_ID	?	?
?CA_PUBLIC_RSA_KEY	?1	?
			?ACR_CERTIFICATE	?2	?
?USER_PIN	?4	?

Table 14: asymmetric certificate type

1.3.6 The subregion right

1.3.7 The territory right

1.3.8 Territory permission code

Symbol	Value	Describe
			?READ	?1	?
?WRITE	?2	?
			?DOMAIN_PERMISSION_DELEGATIO?N	?3	?
?DOMAIN_OWNERSHIP	?4	?

Table 15: territory license type

1.3.9 ACAM

Symbol	Value	Describe
			CREATE_AGP	1	?
ACAM_CREATE_ACR	2	Establishment/deletion/renewal AGP and ACR.
			ACAM_CREATE_PARTITION	3	Establishment/deletion subregion.
ACAM_CREATE_DOMAIN	4	Establishment/deletion territory.
			ACAM_DELEGATE_DOMAIN_rightS	5	One this person is used for each territory to territory authorize access right.
ACAM_DELEGATE_PARTTTION_rightS	6	One this person is used for each subregion to subregion authorize access right.
			UNBLOCK_ACR	7	?

Table 16:ACAM type

1.3.10 The public partition constrained code

Symbol	Value	Describe
			READ_RESTRICTION	1	?
WRITE_RESTRICTION	2	?
			READ_WRITE_RESTRICTION	3	?

Table 17: public partition Limit Type

1.3.11 Coomand mode

The field title	Content	Byte number
			Dialogue ID	ID number		1
The final order operation code	Effective SSA command operation code	1
			The final order state	·COMPLETE_OK-0·COMPLETE_ERROR-1·BUSY_2	1
Error code	?	1
			Authentication state	Only can be applicable to authentication command	1
The number of the sector of shifting	Only can be applicable to the data transfer command	?

1.3.12 The SSA inquiry

The field title	Content	Byte number
			Dialogue ID	ID number		1
The final order operation code	Effective SSA command operation code	1
			The final order state	·COMPLETE?OK-0·COMPLETE?ERROR-1·BUSY-2	1
Error code	?	1
			The SSA version	Version number	?
The tabulation that can young get subregion	Partition id, clean size and access permission	?
			But the tabulation of access domain	Territory ID and access permission	?

1.3.13 Command sequence

1.3.13.1 command sequence via the SSA of mutual symmetrical authentication login

Sequence index	Command name and operation code	Argument is described	Big volume description
				1.	SSA_SYSTEM_LOGIN_CMD[18]	ACR and AGP title	The beginning login sequence.Only serve as request.
2.	SSA_CMD_STATUS_CMD [22]	Dialogue ID-NA	Obtain the state of CMD 18.Login sequence stops if CMD 18 fails so.
				3.	SSA_SYM_AUTH_SEND_CHLG_CMD [26]	Address inquires to #1	Send inquiry #1 to SSA
4.	SSA_CMD_STATUS_CMD [22]	Dialogue ID-NA	Obtain the state of CMD 26.Login sequence stops if CMD 26 fails so.
				5.	SSA_SYM_AUTH_GETCHLG_RES_CMD [27]	NA	Read SSA and respond inquiry #1.The said response of host verification is effective.
6.	SSA_CMD_STATUS_CMD [22	Dialogue ID-NA	Obtain the state of CMD 27.Login sequence stops if CMD 27 fails so.
				7.	SSA_SYM_AUTH_GETCHLG_CMD [25]	NA	Read inquiry #2 from SSA
8.	SSA_CMD_STATUS_CMD [22]	Dialogue ID-NA	Obtain the state of CMD 25.Login sequence stops if CMD 25 fails so.
				9.	SSA_SYM_AUTH_SEND_CHLG_RES_CMD [28]	Address inquires to the #2 response	Send inquiry #2 and respond SSA.
10.	SSA_CMD_STATUS_CMD [22]	Dialogue ID-NA	Obtain the state of CMD 28.Login sequence stops if CMD 28 fails so.Should show that in this stage coomand mode verification process completes successfully or fails.

When successfully accomplishing this sequence, the ACR of SSA login and SSA operation can begin.

1.3.13.2 be used to create the command sequence of root AGP

Can or abandon escape way and bypass system ACR verification process is created root AGP via the ACR of system (it requires the ACR of system is carried out login sequence).To order SSA_CREATE_ROOT_AGP_CMD [3] to send with the identity of root AGP.

Can be SSA_CMD_STATUS_CMD [22] after this order so that be sure of that SSA does not refuse said order and said order is accomplished under the situation that does not have mistake.When accomplish root AGP and subsequently all its ACR be able to create so that when sending root AGP, will send SSA_ROOT_AGP_CREATION_DONE_CMD [4] and order.

1.3.13.3 be used to create the command sequence of AGP

For creating AGP, the user must at first login SSA through carrying out the log on command sequence of being showed among the 1.3.13.1.Must before the new group that sets up ACR, create AGP.Create AGP through send order SSA_CREATE_AGP_CMD [5] with AGP title/ID.

For checking CMD [5] is received and carries out under the situation of error not having, the user sends SSA_CMD_STATUS_CMD [22] and reads the state of the order of last transmission.When the user accomplishes when creating AGP, can continue to create ACR or withdraw from from the SSA system.

1.3.13.4 be used to set up the command sequence of ACR

For creating ACR, the user must at first login SSA through carrying out the log on command sequence of being showed among the 1.3.13.1.The AGP that equally, must exist new ACR to belong to.The user sends order SSA_CREATE_ACR_CMD [7] with all new ACR data (title, AGP, login method etc.) subsequently.For checking CMD [7] is received and carries out under the situation that does not have mistake, the user sends SSA_CMD_STATUS_CMD [22] and reads the state of the order of last transmission.When the user accomplishes establishment ACR, can continue other SSA and operate or withdraw from from the SSA system.

1.4 product parameters

All entities of maximum number (MAROs, ARCR, parallel session etc.).

Add the definition of cryptographic parameter, i.e. RSA key length at the place of being suitable for.

The error condition and the message that need the every agreement of definition.

Need the overtime and busy processing of definition.

Specify the progression on the tree.

The restriction # of root MAROS.

Is the restriction # of filial generation (on the root) in all filial generations? Authorize.

On the number of CBC context (parallel), will there be restriction, for example 5-10.

Agreement and product version.

Claims (29)

1. method that is used for being controlled at the access of storage arrangement, it comprises:

Carry out in the controller in said storage arrangement:

In said storage arrangement, create tree; Said storage arrangement has nonvolatile memory; Wherein, Said controller in the said storage arrangement can be operated and be used to control the said storer of access; Said tree is included in wherein the node through hierarchical organization, and each node comprises the entity authentication voucher and is used for the permission that the controlled entity access is stored in the data of said storage arrangement, and wherein further the said tree of configuration makes and receives when asking from the said entity that authenticates to said storage arrangement when said storage arrangement; Can in said tree, search the permission that is stored in the request of the data in the said storage arrangement corresponding to said entity and said access by said controller

In said storage arrangement, create second tree; Wherein said second tree is included in wherein the node through hierarchical organization; Each node comprises the entity authentication voucher and is used for the permission that the controlled entity access is stored in the data of said storage arrangement; Wherein said tree has different root nodes with said second tree, does not have the node on the said root node in the wherein said tree; And

Said tree and said second tree are saved in the said storage arrangement.

2. wherein there is not cross-talk in method according to claim 1 between said tree and said second tree.

3. method according to claim 1, the said root node of wherein said tree and said second tree can not be modified or delete.

4. method according to claim 1, it further comprises and prevents to create extra tree.

5. method according to claim 1, the permission indication at the node place of wherein said tree is to being stored in the access rights of the data in the said storer, and said access rights is not less than by the indicated permission right of the permission at the node place of lower grade in the said tree.

6. method according to claim 1; Node in the wherein said tree has the ability of the filial generation node of creating lower grade; So that said entity can access be stored in the data in the said storer, said method further comprises creates said filial generation node.

7. method according to claim 6, the permission of wherein said filial generation node are not more than the permission of the said node of creating said filial generation node.

8. method according to claim 1; The permission at the node place of wherein said tree allows said entity to carry out one or more in the following action: in said tree, create another node; Delete another node in the said tree; Change the permission at another node place in the said tree, authorization is given another node in the said tree, reaches another node in the said tree that is associated with that shifts with said node.

9. method according to claim 1, the permission at the node place in the wherein said tree is used for the key that access is used to encrypt and/or decipher the data that are stored in said storer.

10. method according to claim 1, the permission at the node place of wherein said tree is used for one or more subregions of the said storer of access.

11. method according to claim 1, the permission at the node place of wherein said tree allows for the key that said entity set-up is used for data encryption and/or deciphering.

12. method according to claim 11, wherein the said permission at node place allows at least one in the following right of said entity mandate: the entitlement of the close spoon of (i) creating for himself; The (ii) permission of the said close spoon of access.

13. method according to claim 11, wherein the said permission at node place allows to delete said key for its said entity of creating said key.

14. method according to claim 3 wherein need authenticate to said storage arrangement for the said root node of creating said tree and said second tree.

15. method according to claim 3 wherein need not authenticate to said storage arrangement for the said root node of creating said tree and said second tree.

16. method according to claim 3, wherein said root node are only created by the said storage arrangement of the entity of asking the said root node of establishment after authentication.

17. method according to claim 1, wherein said tree is created by System Agent.

18. method according to claim 17, wherein said System Agent is stored in the said controller.

19. method according to claim 17, wherein said System Agent is stored in the said storer.

20. method according to claim 1, the permission at another node place of the permission at the node place of wherein said tree and the different brackets of said tree has predetermined relationship.

21. method according to claim 1, wherein only when two nodes of said tree are enjoyed the shared parent node in the said tree, said two nodes comprise identical permission.

22. method according to claim 21, wherein said two nodes have parent-filial generation relation.

23. method according to claim 21, wherein said two nodes are in same account group.

24. method according to claim 1, wherein said storage arrangement comprises single controller.

25. method according to claim 1, wherein said controller can be operated with control access and the said storer of management.

26. method according to claim 1, the different nodes in the wherein said tree are relevant with the different authentication algorithm.

27. method according to claim 1, wherein said tree is independent of the file system in the said memory devices.

28. method according to claim 1, wherein said second tree is created by said storage arrangement.

29. method according to claim 1, the relation between the wherein said node are equally corresponding to the relation between the entity that has permission in the said tree.

Images