JP2009543208A - 証明書連鎖を使用するコンテンツ管理システムおよび方法 - Google Patents

証明書連鎖を使用するコンテンツ管理システムおよび方法 Download PDF

Info

Publication number
JP2009543208A
JP2009543208A JP2009518324A JP2009518324A JP2009543208A JP 2009543208 A JP2009543208 A JP 2009543208A JP 2009518324 A JP2009518324 A JP 2009518324A JP 2009518324 A JP2009518324 A JP 2009518324A JP 2009543208 A JP2009543208 A JP 2009543208A
Authority
JP
Japan
Prior art keywords
certificate
entity
chain
host
acr
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP2009518324A
Other languages
English (en)
Japanese (ja)
Other versions
JP2009543208A5 (enrdf_load_stackoverflow
Inventor
ホルツマン,マイケル
バージライ,ロン
セラ,ロテム
ジョガンド−クーロン,ファブリス
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SanDisk Corp
Original Assignee
SanDisk Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US11/557,010 external-priority patent/US20080010449A1/en
Priority claimed from US11/557,028 external-priority patent/US8140843B2/en
Application filed by SanDisk Corp filed Critical SanDisk Corp
Publication of JP2009543208A publication Critical patent/JP2009543208A/ja
Publication of JP2009543208A5 publication Critical patent/JP2009543208A5/ja
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3265Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/603Digital right managament [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Databases & Information Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
JP2009518324A 2006-07-07 2007-06-28 証明書連鎖を使用するコンテンツ管理システムおよび方法 Pending JP2009543208A (ja)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US81950706P 2006-07-07 2006-07-07
US11/557,010 US20080010449A1 (en) 2006-07-07 2006-11-06 Content Control System Using Certificate Chains
US11/557,028 US8140843B2 (en) 2006-07-07 2006-11-06 Content control method using certificate chains
PCT/US2007/015304 WO2008013656A2 (en) 2006-07-07 2007-06-28 Content control system and method using certificate chains

Publications (2)

Publication Number Publication Date
JP2009543208A true JP2009543208A (ja) 2009-12-03
JP2009543208A5 JP2009543208A5 (enrdf_load_stackoverflow) 2013-02-07

Family

ID=38981952

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2009518324A Pending JP2009543208A (ja) 2006-07-07 2007-06-28 証明書連鎖を使用するコンテンツ管理システムおよび方法

Country Status (5)

Country Link
EP (1) EP2038803A2 (enrdf_load_stackoverflow)
JP (1) JP2009543208A (enrdf_load_stackoverflow)
KR (1) KR20090026357A (enrdf_load_stackoverflow)
TW (1) TW200820037A (enrdf_load_stackoverflow)
WO (1) WO2008013656A2 (enrdf_load_stackoverflow)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2012521155A (ja) * 2009-03-20 2012-09-10 サンディスク テクノロジィース インコーポレイテッド 証明書および鍵を含む製品を製造する方法

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7748031B2 (en) 2005-07-08 2010-06-29 Sandisk Corporation Mass storage device with automated credentials loading
US8365279B2 (en) 2008-10-31 2013-01-29 Sandisk Technologies Inc. Storage device and method for dynamic content tracing
US8429365B2 (en) 2009-06-26 2013-04-23 Sandisk Technologies Inc. Memory device and method for embedding host-identification information into content
CN103116470B (zh) * 2011-11-16 2016-04-13 群联电子股份有限公司 存储器储存装置、存储器控制器及数据串传送与识别方法
CN104023009B (zh) * 2014-05-26 2017-08-22 国云科技股份有限公司 一种Web系统许可证验证方法
US9251372B1 (en) * 2015-03-20 2016-02-02 Yahoo! Inc. Secure service for receiving sensitive information through nested iFrames
CN108768664B (zh) * 2018-06-06 2020-11-03 腾讯科技(深圳)有限公司 密钥管理方法、装置、系统、存储介质和计算机设备
CN116506134B (zh) * 2023-06-28 2023-09-15 山东海量信息技术研究院 数字证书管理方法、装置、设备、系统及可读存储介质
CN119254546B (zh) * 2024-12-06 2025-04-22 鹏城实验室 基于浏览器的网站访问方法、装置、设备及介质

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005124097A (ja) * 2003-10-20 2005-05-12 Nippon Telegr & Teleph Corp <Ntt> ルート証明書配布システム、ルート証明書配布方法、コンピュータ実行可能なルート証明書配布プログラム、サーバ装置及びクライアント装置
WO2006069194A2 (en) * 2004-12-21 2006-06-29 Sandisk Corporation Memory system with versatile content control

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6189097B1 (en) * 1997-03-24 2001-02-13 Preview Systems, Inc. Digital Certificate
US6513116B1 (en) * 1997-05-16 2003-01-28 Liberate Technologies Security information acquisition
FR2825209A1 (fr) * 2001-05-23 2002-11-29 Thomson Licensing Sa Dispositifs et procede de securisation et d'identification de messages
EP1361527A1 (en) * 2002-05-07 2003-11-12 Sony Ericsson Mobile Communications AB Method for loading an application in a device, device and smart card therefor
TW200700991A (en) * 2004-12-21 2007-01-01 Sandisk Corp Control structure for versatile content control and method using structure

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005124097A (ja) * 2003-10-20 2005-05-12 Nippon Telegr & Teleph Corp <Ntt> ルート証明書配布システム、ルート証明書配布方法、コンピュータ実行可能なルート証明書配布プログラム、サーバ装置及びクライアント装置
WO2006069194A2 (en) * 2004-12-21 2006-06-29 Sandisk Corporation Memory system with versatile content control

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2012521155A (ja) * 2009-03-20 2012-09-10 サンディスク テクノロジィース インコーポレイテッド 証明書および鍵を含む製品を製造する方法

Also Published As

Publication number Publication date
WO2008013656A2 (en) 2008-01-31
KR20090026357A (ko) 2009-03-12
TW200820037A (en) 2008-05-01
WO2008013656A3 (en) 2008-05-08
EP2038803A2 (en) 2009-03-25

Similar Documents

Publication Publication Date Title
JP5180203B2 (ja) メモリ装置から供給される情報を制御するシステムおよび方法
CN101490689B (zh) 用于由存储装置验证实体的方法及使用该方法的存储装置
US8140843B2 (en) Content control method using certificate chains
US8245031B2 (en) Content control method using certificate revocation lists
US8613103B2 (en) Content control method using versatile control structure
US8639939B2 (en) Control method using identity objects
US8266711B2 (en) Method for controlling information supplied from memory device
JP2013514587A (ja) 証明書失効リストを用いたコンテンツ管理方法
US20080034440A1 (en) Content Control System Using Versatile Control Structure
US20080010449A1 (en) Content Control System Using Certificate Chains
US20080010452A1 (en) Content Control System Using Certificate Revocation Lists
US20080022395A1 (en) System for Controlling Information Supplied From Memory Device
US20080010458A1 (en) Control System Using Identity Objects
JP2009543208A (ja) 証明書連鎖を使用するコンテンツ管理システムおよび方法
JP2009543211A (ja) 汎用管理構造を使用するコンテンツ管理システムおよび方法
JP2009543208A5 (enrdf_load_stackoverflow)
JP5178716B2 (ja) 証明書取消リストを使用するコンテンツ管理システムおよび方法
JP4972165B2 (ja) アイデンティティオブジェクトを使用する制御システムおよび方法
JP2009543210A5 (enrdf_load_stackoverflow)

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20100311

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20100311

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20120529

A711 Notification of change in applicant

Free format text: JAPANESE INTERMEDIATE CODE: A711

Effective date: 20120615

A601 Written request for extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A601

Effective date: 20120817

A602 Written permission of extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A602

Effective date: 20120824

A601 Written request for extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A601

Effective date: 20120926

A602 Written permission of extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A602

Effective date: 20121003

A601 Written request for extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A601

Effective date: 20121025

A602 Written permission of extension of time

Free format text: JAPANESE INTERMEDIATE CODE: A602

Effective date: 20121101

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20121129

A524 Written submission of copy of amendment under article 19 pct

Free format text: JAPANESE INTERMEDIATE CODE: A524

Effective date: 20121129

A02 Decision of refusal

Free format text: JAPANESE INTERMEDIATE CODE: A02

Effective date: 20121225