TW200820037A - Content control system and method using certificate chains - Google Patents

Abstract

Continuous strings of certificates in a certificate chain received by a memory device sequentially in the same order that the strings are verified. Each string except for the last may be overwritten by the next one in the sequence.

Description

200820037 IX. DESCRIPTION OF THE INVENTION: TECHNICAL FIELD OF THE INVENTION The present invention relates generally to memory systems, and more particularly to a memory system having multi-purpose content control features. [Prior Art] A storage device such as a dice card has become a storage medium for storing digital content such as photos. Flash memory cards can also be used to distribute other types of media content. Furthermore, an increased variety of hosts: Devices (such as computers, digital cameras, mobile phones, personal digital assistants, and media players such as MP3 players) now have the ability to present media content stored in the Flash A 1 Sphyn card. ability. Therefore, for flash memory cards and other types of mobile storage devices, there is a great potential to become a widely used medium for distributing digital content. One of the main considerations for the owner and distributor of digital content is that after the content has been distributed through the distribution of content from a network such as the Internet or through the storage device, only authorized parties are allowed. Access the content. One way to avoid unauthorized access is to use a system for establishing the identity of the party before the content access is granted to the party. Systems such as Public Key Infrastructure (PKI) have been developed for this purpose. In a public key infrastructure system, a trusted authority, called a Certificate Authority (CA), issues credentials to prove the identity of individuals and organizations. The parties to the organization and individuals, such as those who wish to establish a certificate of identity, may use the appropriate evidence to log in to the certificate authority to prove their identity. After the certificate has been granted to the voucher, the voucher authority will issue a voucher to the party. The voucher typically includes: the name of the voucher authority that issued the voucher, the name of the party to whom the voucher was issued, a public key of the party, and a private key signed by one of the voucher authorities (typically , by the public secret of the party by encrypting one of the public keys.

The private key and public key of the voucher authority are related so that any data encrypted with the public key can be decrypted by the private key and vice versa. Therefore, the private key and the public key form a key pair. The private and public key pair for cryptographic compilation is provided in the PKCS#1 V2.l:RSA Cryptography Standard" proposed by RS A Security Co., Ltd. on June 14, 2002. The disclosure of the voucher authority is implemented to be publicly available. Therefore, when a party wants to verify whether the documents submitted by another party are authentic, the verification can be solved by using a decryption algorithm and using only the public key of the certificate authority. Encrypted summary of the public key within the voucher. Typically, the decryption algorithm is also identified in the voucher. If the publicly encrypted digest in the voucher matches the unencrypted public key in the voucher, according to the voucher authorized unit and the voucher authorized unit, the secret custody is performed by the mouse, And this is the proof that the public key in the voucher has not yet been verified - the identity of the party, typically :::: eg, random number), and requires another - when two::: response to the challenge (ie, a random number encrypted with another party's private 122367.doc 200820037 key). When the response and the voucher are received, the verification party first verifies by the above procedure whether the public key in the voucher is authentic. If the public key is verified to be authentic, the verification party can then use the public key within the voucher to decrypt the response and compare the result with the random number of the random number originally transmitted. If it matches, this means that another party does have the correct private key and, for this reason, proves its identity. If the public key in the voucher is not true

Really, or if the decrypted response does not match the challenge, the authentication fails. Therefore, one who wants to prove that he is worthy of the singularity will need to hold the certificate and the relevant private key. By the above mechanism, two t-things who may not trust each other can use the above procedure to build trust by verifying the public key of another party in another party. Recommendation χ 509 from the Telecommunication Standardization Sector (Ιτυ-τ) of the International Telecommunication Union (ITU) specifies the standard for the credential architecture. See this standard for more details on the voucher and its use. In administrative agencies and in large organizations, for the convenience of a higher level voucher authority for a root certificate authority, it may be appropriate to delegate the responsibility for issuing a voucher to a number of lower level voucher authorities. For example, in a two-tier hierarchical structure, at the highest level, the license is issued to issue a certificate to a lower-level certificate authority, etc.:: Layer: The public key of the authorized early is true. Then, they are compared to the ::: nuclear unit through the above-mentioned login program publisher. This verification process begins at the top of the credential chain. The (4) I will "' use the public key of the root certificate authority (known: true 122367.doc 200820037) to first verify the authenticity of the public key of the lower level certificate authority. Once the authenticity of the public key of the lower level voucher authority has been verified, the verification by the lower level voucher authority may be verified by using the verified public key of the lower level voucher authority. The authenticity of the disclosure of the voucher to its parties. The credentials issued by the root certificate authority and the lower level certificate authority form a voucher chain containing two credentials for the party whose identity is being verified. The credential hierarchy may of course comprise more than two levels, wherein each credential authorization unit other than the root credential authorization unit derives its authorization from a higher level credential authorization unit, and has a The voucher of the public key issued by the high-level voucher authority. Therefore, in order to verify the authenticity of another party's public key, it may be necessary to trace the path or credential chain to the root credential authority. In other words, in order to establish the identity of a party, the identity of the party that needs to be certified may need to generate the entire voucher chain, from its own credentials to all paths of the voucher's credentials. As described above, the root voucher and all voucher issued to the voucher authority (such as the voucher issued to the lower level voucher authority in the voucher hierarchy) are implemented to be publicly available. Currently, submissions for the certification of identity have been in two forms. In a first form, the party that wants to be authenticated submits only its own credentials issued by a voucher authority, the voucher being the last voucher in the voucher chain. If the verification party does not have the public key of the certificate authority that issued the certificate, then the party will determine the public key of the certificate authority to perform the verification. If a public key of a higher authority is required to verify the public key of a lower level certificate authority, the verification party will need to use the name of the issuer within the authorized unit and track to the certificate and higher The path of the public key of the hierarchical certificate authority. This procedure continues until the party is verified to have arrived at a certificate authority whose known public key is authentic and does not require further verification. In the second form of one of the credential authentication, although all the credentials in the credential chain can be submitted by the party who wants to be authenticated, it is not necessary to submit the credential in any particular order. If the party wishing to be authenticated also submits information along with the voucher regarding the correct order of the voucher being transmitted to the voucher chain of the verification party, the information may appear later in the message, so that the verification party may not Know the correct sequence of such credentials until the entire credential chain has been received. The first form of voucher exchange and verification ensures that the verification party has access to the lost voucher. While it is possible for devices such as computers and mobile phones to access a network such as the Internet to obtain lost credentials, storage devices such as flash memory cards have not been used for their own implementation. In the second form of voucher exchange and verification, all credentials are submitted in the message transmitted to the verification device so that the verification device does not need to obtain such credentials. However, such documents may not be transmitted in any particular order, and information about the order of the documents in the voucher chain may appear anywhere in the message, such as at the end of the message. This means that before any particular document in the voucher chain can be analyzed for verification, it is necessary to receive and store the entire voucher group such as computer, personal digital assistant and action before the test can begin. It is not a problem to block the phone. However, this is for the storage device and the 5' may be in danger. The storage 4 system can have built-in memory capacity and processing capacity, so that it can not store and effectively analyze long strings of voucher, and the above-mentioned ♦ multiple problems and problems are currently used in storage devices and hosts, and in the middle. None of the systems is completely satisfactory. Therefore, it is desirable to provide an improved system with preferred features.

Ο [Summary of the Invention] - The voucher chain contains a plurality of consecutive voucher strings. Each credential contains at least one credential. When the authentication entity receives their credentials, the entity verifies their credentials in a sequence. The above difficulties will be avoided if the credential strings are received in the same sequence as they are verified. If the credential strings are received in this manner, and if the entire credential string is received, then the storage device can be readily used to verify the authenticity of the credential within the credential key. “Because successive credential strings within the credential chain are received in the same sequence as they are verified, this means that after the individual credential strings are received and verified, the information in the credential string is no longer needed. In one embodiment, at least one of the credential strings received and stored in the memory device can be overwritten by the subsequent credential string in the sequence. In this way, the reduction must be preserved for storage for storage. The amount of storage space for the voucher in the voucher chain of verification. All patents, patent applications, articles, books referenced in this document. 122367.doc 200820037 Specifications, standards, other publications, documents and things are hereby incorporated by reference. This document shall be used for all purposes, in any degree of inconsistency or conflict in the definition or use of a noun between any incorporated publication, document or thing, and shall be used in this document. The definition and use of the nouns in the first embodiment. [Embodiment] The block diagram of Fig. 1 shows an exemplary memory system in which the exemplary memory can be recorded.

The memory system is intended to implement the various aspects of the present invention. As shown in the figure, the memory system 10 includes a central processing unit 12, a buffer management unit_U 14, a host interface module (him) 16, and a flash memory interface module. Flash memory 2 and a peripheral device access module (PAM) 22. Memory system! The system communicates with a host device 24 through a host interface bus % and 埠 26a. Flash memory 2 (which may be of the inverse (NAND) type) provides data storage for the host device 24, which can be a digital camera, a personal computer, a number of assistants, and a digital media player. Machine (such as an Mp3 player), a mobile phone, a video converter or other digital device or device. The software code system for the central processing unit 亦 can also be stored in the flash memory. The flash memory interface module (4) is connected to the flash memory 2 through the flash memory interface bus 28 and the tan 2 (4). The host interface module 16 is suitable for connection to a host device. The peripheral device access module 22 selects an appropriate controller module for communication of the central processing unit 12, such as a flash memory interface module, a host interface module, and a buffer management list. 'All components of the system 1G in the dashed box can be enclosed in a single 122367.doc •12·200820037 unit, such as a memory card or memory strip 10, preferably a capsule. seal. The memory system 1 is removably coupled to the host device such that the contents of the system 10 are accessible by each of a number of different host devices. Hereinafter, the memory system 10 is also referred to as A memory device, or simply a memory device or device. Although the invention is illustrated herein by reference to flash memory, the invention is also applicable to other types of 呓 体 '' such as magnetic disks, optical disks, and other types of rewritable non-volatile memory king memory direct memory storage. The buffer management unit 14 includes (HDMA) 32, a flash direct memory access (fdma) 34, an arbiter 36, a buffered random access memory (BRam) 38a, and a cryptographic compilation engine. The δ arbiter 36 is a shared bus arbitrator, such that only the master or initiator (which can be the host direct memory access ^ flash direct memory access 34 or central processing Unit 12) may be in an active state at any time and buffer the random access memory 38 from the slave or target. The arbiter is responsible for channelizing the appropriate initiator request to the buffered random access memory 38. The host direct memory access 32 and the flash direct memory access 34 are responsible for the host interface module 16, the flash memory interface core group 18 and the buffer random access memory 38 or the central The processing unit transfers the data transferred between the memory (CPU RAM) 12a. The memory: the operation of the 32 and the flash direct memory access 34 is conventional. The second two is: described in detail herein. The buffered random access memory 38 is used to store the 122367.doc 200820037 material that is transmitted between the host device 24 and the flash memory. The host direct memory access 32 and the flash direct memory access 34 are responsible for random interaction between the host interface module 16/the flash memory interface module (4) and the buffer random access memory 38 or the central processing unit. The data is transferred between the access tokens 12a and is used to indicate the segment (s(10). 〇Complete. ^ In the target case, the § memory system 10 is generated for encryption and/or decoding in the key value, Wherein, the cipher value is preferably substantially inaccessible to an external device (such as the host device 24). Alternatively, the cipher value may be generated outside the system 10 (such as by a usage right servo) The device (generated by the "server") is transmitted to the system 1. Regardless of how the key value is generated, once the key value is stored in the system, the value will be accessible. , encryption and decryption typical two:: 4 case implementation 'This is because the host device is to read and write data to the memory system in the form of a Tan file. Similar to many other types of storage device 'memory device The 10 series does not manage files. Although the memory 2 is indeed Save a schedule configuration table (FAT) (where the logical addresses of the files are identified) 'but the profile configuration table is typically accessed and managed by the host device 24, rather than by the controller 12 Accessed and managed. Therefore, in order to encrypt the data in the specific file, the controller 12 must rely on the host device to transmit the logical address of the data in the file in the memory 20 so that the system can be 10 using the key value that is only available to the system 1 to find and encrypt and/or decrypt the data of the particular file. To provide a control code for both the host device 24 and the memory system 1 Pointing to the same key used to process the data in the archive by cryptographic compilation, the host device is provided for each key generated by the system (7) 122367.doc -14- 200820037 or transmitted to the system 10 A reference to a value, wherein such a reference system can be only a key 10. Therefore, the host device 24 is associated with each file that is processed by the system 1 in a cryptographically compiled manner. And make this System 10 is associated with each key value used to process data in a cryptographically compiled manner with a key ID provided by the host. Therefore, when the host requests data processed by cryptographic compilation, it will transmit the request together with a key ID and a logical address of the data retrieved or stored in the memory from the memory 2G to the system 1G. The system 1G generates or receives a secret value 'and the secret provided by the host device 24 The key axis is associated with this secret gun value' and the cryptographic compilation process is implemented. In this way, there is no need to change the way the memory system 10 operates' while allowing it to use the key to fully control the cryptographic compilation process, including exclusive use of the key value. In other words, 'once the key value is stored in system 1G or generated by system ι', the system continues to allow the host device 24 to have exclusive control over the playlist configuration table. Manage these files while maintaining exclusive control over the management of secret jobs used for cryptographic compilation. After the key value is stored in the memory system 1Q, the host device has no responsibility for managing the key value for the data cryptographic process. In an implementation, the density provided by the host device 24 is sent to the memory system or the cryptographic values generated by the semaphore U system are formed into two values. Hereinafter referred to as "content encryption key (4) one

ErrrKey, CEK) or "Caf". How does the host device 2 associate the parent-back key ID with one or more π-------------------------------------------------------------------- The information or organization of the information in any way is not limited to the organization's information as a complete file. In order to enable the user or application to access the protected content or area within the system. 'You will need to use a credential to pre-login to the system 10 to authenticate the user or application. An authentication is associated with access granted to a particular user or application that has the certificate. Pre-login In the program, system 10 stores a record containing the identity and authentication of the user or application and associated with the identity and authentication provided by the user or application and provided through the host device 24. Access rights. After the pre-login has been completed, 'When the user or application requests to write the data to the memory 2, it will need to provide its identity and authentication through the host device. a key for encrypting the data, and a logical address to which the encrypted data is stored. The system 1 generates or receives a key value and associates the key value with a key ID provided by the host device, and The secret 1 for encrypting the secret value of the data to be written is stored in a record or table for the user or application. Then, the capital is encrypted.

And storing the encrypted data at the address specified by the host and the key value it generates or receives. When a user or application requests to read encrypted data from memory 2, it will need to provide its identity and authentication, the key ID used to encrypt the key used to encrypt the request, and the The logical address system 10 in which the encrypted data is stored is then compared to the identity or authentication of the user or application identity provided by the host and authenticated and stored in its record. If it matches, the system 10 will then retrieve from its memory the key value associated with the key ID provided by the user or application, using the key 122367.doc -16-200820037 Decrypting the data stored at the address specified by the host device and transmitting the decrypted data to the user or application. By separating the authentication of the authentication and the key used for cryptographic processing, then sharing the right to access the data without sharing the authentication is possible. Therefore, a group of users or applications with different authentications can access the same key used to access the same data, and users outside the group cannot access it. Although all users or applications in a group can access the same material, they can still have different rights. Therefore, some users may have read-only access, while other users may have write-only access, while other users may have both read-only access and write-only access. Because System 1 maintains an e-record containing the identity and credentials of the user or application, its accessible key ID, and the access rights associated with each key, Adding or deleting a key ID for a particular user or application and changing the access rights associated with the key ID, delegating access from one user or application to another user or application, Or even deleting or adding to the record or representation of the user or application, all controlled by a properly authenticated host device. The stored record can specify a secure channel needed to access certain keys. A symmetric or asymmetric algorithm and a password can be used to perform the authentication. Of particular importance is the portability of the protected content within the 己 糸 1 system. In an embodiment in which the access to the key value is controlled by the memory system, the g-incorporated system or storage device incorporated in the system is transferred from one external system to another external system, and remains stored therein The security of the content inside. Regardless of whether the key is generated by the memory system or originated from the memory system, the external system does not have such content in η η - - ^ ^ 亍狁 10 unless Take - the king is controlled by the memory system. i 54- |丨Α <Mode 5 tolerate external 糸,,,H Take your π all-party control over the memory system, and the eve of the 糸 糸, system can only be a single # Μ β U system within the preset record Access is done in the same way. If one of the requests will be rejected. If you do not pay for such records, then

= For greater flexibility in protecting content, it is conceivable that only users or applications via = (4) can access certain areas of the memory (hereinafter referred to as partitions). When combined with the above-described key-based data addition features, system 10 provides greater data protection capabilities. As shown in Fig. 2', the flash memory 20 can be divided into a plurality of partitions - user areas or partitions and custom partitions. All users and applications can access the user area or partition p〇 without the need for a clock. Although any application or user can read or write to all the data stored in the user area. Bit field, if the data being read is encrypted, the user or application without authorization decryption cannot access the information represented by the bit value stored in a usage area. For example, it is displayed by files 1〇2 and 1〇4 stored in the user area P0. Also stored in the user area are unencrypted files, such as 1,6, which can be read and understood by all applications and users. Thus, symbolically, the encrypted file system is shown as having a lock associated with it, such as for files 102 and 104. Although an unauthorized application or user cannot know the encrypted file in a user area P0, such an application or user still has 122367.doc -18 - 200820037 to delete or destroy the file. Some applications may be undesirable. For this purpose, the memory 2〇 also contains protected custom partitions, such as partitions P1 & P2, which are inaccessible to them without prior authentication. The authentication procedures allowed in the examples in this case are explained below. As also shown in Figure 2, various users or applications can access the rights in the memory 20. Thus, Figure 2 shows the user 2 and 2 and (executed on the device) applications 1-4. In the case where the entities are allowed to access the internal memory of the memory 2, they are first identified by an authentication procedure in the manner described below. In this program, it is necessary to identify the entity that is being explicitly accessed on the host side for role-based access control. Therefore, the body that is requesting access is first identified by providing information such as &quot;I am application 2 and I want to read the file.] Then, the controller compares the injury, The identification information and the request are stored in the memory 2 or in the controller 1 . If all the conditions are met, the access system is granted to such entity &amp; 7F in Figure 2, the user (a) skin Allow reading and writing of the broadcast (8) ^ partition P1 'However, except that the user 1 has the right to read and write the file 106 to the knife d area P0, it can only read the file (7) and 4 On the other hand, user 2 is not allowed to access files 1 0 1 and 104, but can read and write access files 1〇2. As shown in Figure 2, user m has the same algorithm. (AES), while applications 1 and 3 have different in/out calculations (for example, RSA and (10) 1GG1), which are also different from the user and 2 login algorithms. Queen Storage Application (SSA) A security of the memory system 10 122367.doc -19- 200820037 application, and illustrating an embodiment of the present invention, It can be used to implement many of the above features. A secure storage application can be constructed as a software or computer having a database stored in non-volatile memory (not shown) in the memory 20 or central processing unit 12. The code is read into the random access memory 12a and executed by the central processing unit 12. The abbreviations of the reference secure storage application used are illustrated in the following table:

Definition, letter kiln and vin

^ Body, anything that has a real secure storage application and thus leverages its capabilities. Secure Storage Application System Description Data Security, Integrity, and Access Control are the primary roles of secure storage applications. The data is stored in a file on a large number of storage devices. The female full storage application system is located above the storage system and adds a security level for the stored host files and provides security functionality through the security data structure, as described below. The primary task of the secure storage application is to manage the different rights associated with the stored (and secure) content in the memory. Memory Application 122367.doc -20- 200820037 Need to manage multiple users and content rights for multiple healthy content. The host application from its side sees the drivers and partitions visible to such applications, as well as the broadcast configuration table (FAt) that manages and maps the location of the rights stored on the storage device. In this case, the δHig storage device uses a reverse-flash memory chip that is divided into partitions, although other mobile storage devices may be used and are within the scope of the present invention. These partitions are consecutive logical bit threads, where a start and an end address define their boundaries. If f is desired, the restrictions can be imposed on the hidden partition by software (such as software stored in memory 2), such software associating such restrictions with such boundaries. The address inside. The secure storage application can fully recognize the partition by the partition logical address boundary managed by the secure storage application. The secure storage application system is used as a cut zone to virtually protect data from unauthorized host applications. For the host, these partitions are a mechanism for defining the exclusive space in which the data files are stored. The partitions may be: disclosed, wherein any of the storage devices accessible to the storage device may see and know that the partition exists on the device; or private or hidden, wherein only the selected host application It can be accessed and known to exist on the storage device. Figure 3 is a schematic diagram of a memory showing partitions of memory: p〇, P1, P2, and P3 (obviously, fewer or more than four partitions may be employed), where 'P0 is a public partition It can be accessed by any entity without authentication. A private partition (such as PI, P2, and P3) hides the slot case for it. 122367.doc -21 - 200820037

Take two. By preventing the host from accessing the partition 1 flash memory device, for example, a flash memory card, the transfer of the f file within the hard part is protected. However, the protection is limited by the addition. Taking the data stored at the logical addresses in the sub-judgment area, and engulfing all the files residing in the hidden partition. In other words, the restrictions are related to the logical address range. All users/hosts that have access to the partition have unrestricted access to all internal files. $ separates different files and another different case or file group 'The secure storage application system uses a secret and password reference or key ID' to provide another level of security per file or file group And integrity. A key reference or key 1 加密 used to encrypt a particular key value at a different (four) address can be analogized to a container or domain containing the encrypted data (ά) Thus, in FIG. 4, the key references or key IDs (eg, &quot;key 1&quot; and &quot;key 2&quot;) are graphically displayed as being associated with the use around The area of the file whose key value is encrypted by the key ID. Referring to Figure 4, for example, file A can be accessed by all entities without any authentication because it is displayed as being not by any key ID. Enclosed. Even if all entities can read or overwrite the file B in the public partition, the instance B contains the information encrypted with a key with the ID&quot;key, which makes the case B The information contained cannot be accessed by an entity unless such entity has access to such keys. In this way, the use of key values and key references or key IDs provides only logical protection, as opposed to The type of protection provided by the above-mentioned partition. Therefore, a partition can be accessed (public Or any of the hosts that are capable of reading or writing the entire partition. The information contains 'encrypted data.' However, because the data is encrypted, unauthorized users are The data can only be destroyed. Preferably, it cannot change the data without detection. By restricting access to the encryption and/or decryption key, this feature can only allow the authorized entity to use the data. A key with the key ID&quot;key 2&quot; is also used to encrypt files 8 and C. Data confidentiality and integrity can be provided by symmetric encryption using content encryption keys (Content Encryption) Key; CEK), one for each content encryption key. In the secure storage application embodiment, the key value in the content encryption key is generated by a flash memory device (eg, a flash memory card). Or receiving, the key value is only used internally and remains as a secret to avoid the outside world. The data that is encrypted or comcoded with the password can also be hashed or cryptographically keyed. Blocked to ensure data integrity. Not all data in the partition is encrypted with a different key and associated with a different key 1 £&gt; in the public or user profile or in the operating system Certain logical addresses within a region (i.e., a profile configuration table) may not be associated with any key or key reference and are therefore available to any entity that has access to the partition itself. The key and partition and the real system of writing and reading data or the ability to use the keys need to log into the secure storage application system via an Access Control Record (ACR). The special privilege of an access control record in the system is called π action &quot;(action). Each access control record has the authority to implement the following three types of actions in the 122367.doc -23 - 200820037 category. · Jian Chudao 〇 lJ area and hunting key / key ID; in the cutting area and secret record; and establish / update Other access control access knives 2 control records are organized into groups, called access control = two: success _ an access control record, then the secure storage application private open one: ·, μ θ period (session), through this session, can perform any access control record action. The Ding 1 group is used to control the structure of the enemy group according to the principle. The security access data for the partition access zone and the key user partition The secure storage application system + $ manages one or more public partitions, also known as user partitions. The arbor is located on the storage device and can be accessed by one or more of the cutting zones by the enemy of the storage device. It is better to be able to hide the partitioning system, and its presence on the device. The secure storage application system (4) can access the dragon through the standard read writer command or the secure storage application command. Therefore, it is preferred that the access partition cannot be limited to a particular access control record. However, the secure storage application system Vintz Temple host device can restrict access to the user partition. It is possible to enable/disable read and write accesses individually and individually. All four combinations are allowed (for example, read only, ^$舄 (anti-write protection), read and write, and no access). The safe storage application Li Si

Flying, first enabling the access control record to associate the key ID with the "case" in the user partition, and encrypting the individual U~&amp; using the secret associated with such redundant ID Access to these user partitions 122367.doc -24 - 200820037 (4) Additions and settings for access to such breaks will be implemented using the secure storage application command set. The above features are also applied to Information organized into files. Secure Storage Application Partitions Ο There are hidden partitions that can be accessed only through the Secure Storage Application Command (to avoid unauthenticated parties). Preferably, the secure storage application The program system will *allow the host device to access - securely store the application's knife-cutting area' through a session established by logging into an access control record. Similarly, 'more (four), the secure storage application The information about the existence, size and access rights of the secure storage application will not be mentioned unless the request is made through an established session. Access to the partition is from that access. Recording authority is derived. Once an access control record is logged into the secure storage application system, it can share the partition with other access control records (described below). When a partition is created, the host provides Used for one of the partitions with a reference name or ID (eg, Figures 3 and 4, 0-Ρ3). This reference is used in further read and write commands for the partition. Preferably, all available storage capacity of the device is configured for the user partition and the currently configured secure storage application partition. Therefore, any re-segmentation involves a new configuration of the existing partition m. The net change (the sum of the sizes of all partitions) will be zero. The ID of the partition in the device space is defined by the host system. The remote host system can re-segment the existing partition. One of the battles is the division of two smaller 122367.doc -25- 200820037' or merge two existing partitions (which may or may not be adjacent) to become a partition. The data in the cut or merged partition can be deleted or left untouched, based on the judgment of the host. Because the re-segmentation of the storage device can result in the loss of data (because the data is deleted or the data is in the storage device) The strict restriction on re-segmentation is managed by the secure storage application system. Only one access control record (described below) resident in an access control record group is allowed. A re-segmentation command is issued, and it can only refer to the partitions owned by it. Because the secure storage application system does not know how the materials are organized in the partitions (file configuration table or other file system structure) Therefore, whenever the device is re-segmented, re-constructing these structures is the responsibility of the host. The re-segmentation of the user partition will change the size and other attributes of the partition viewed by the primary operating system.

After the splitting, 'ensure that the security (four) storage application system _ any access control record system is not referring to the non-existing partition is responsible for the host system. If these access control records are not properly deleted or updated, future attempts to access these (4) record access non-existing points (4) will be detected and rejected by the system. Keys, Key IDs, and Logical Protections for Deleted Keys and Density Huss When a file is written to a certain era, it is considered for the public. However, once an entity ^古虹 &amp; β \ 体 (civilistic or invulnerable) gains knowledge and access to the cut zone, the J 4 private case becomes available and easy to be 122367.doc • 26 - 200820037

In order to make the file safe, the secure storage application can encrypt the file in the hidden partition, and the authenticated authentication for accessing and decrypting the right is preferably different from that used for access. The authentication of the partition. Since the fact that the 4 file is completely controlled and managed by the host, a content encryption key is associated with the file system. Attaching the file to an object (the key ID) recognized by the pre-security application fixes the problem. Therefore, when the secure storage should be established, the host uses the secret record established by the secure storage application, and the key ID used for the key is associated with the encrypted material. If the key is communicated to the secure storage application along with the key, the key and key ι can be easily associated with each other. The key value and the key ID provide logical security. All the data associated with a given key ID (regardless of its location) is ciphered by the same ritual and residual value in the content encryption key (CEK), the content encryption key is referenced The name or key ID is uniquely provided by the host application at the time of creation. If an entity (by authenticating through an access control record) obtains access to a hidden partition and wants to read or write an encrypted file within the partition, it needs to be accessible. The key ID associated with the file. When the access to the key for the key id is granted, the secure storage application loads the key value in the content encryption key associated with the key ID and before transferring the data to the host Decrypt the data or encrypt the data before writing it to the flash memory. In one embodiment, a key value within a content encryption key associated with a key ID is randomly established and maintained by the secure storage application system. Any entity outside the 122367.doc -27- 200820037 secure storage application system does not know or cannot access the key value in the content encryption key. The outside world only provides and uses - reference or key ID' rather than the key value within the content encryption key. The key value is thoroughly managed and preferably only accessible by the secure storage application. Alternatively, the key can be provided to the secure storage application system. The secure storage application system uses either (user-defined) of the following ciphering modes (the real cryptographic compilation algorithm used and the content encryption system is controlled by the key value system) and is not disclosed to the outside world. Face-to-face)·· Block mode—The data is divided into blocks, each of which is individually encrypted. This mode is generally considered to be less secure and vulnerable to dictionary attacks. ;,;; and it will allow the user to randomly access any data block. Chain mode - The data is divided into blocks, which are chained during the encryption process. Each block is used as one of the inputs to the next encryption program. In this mode, although considered safer, the data is written and read sequentially from start to finish, creating an over-capacity that may not be accepted by the user. Hash-up - A chain pattern with additional data summaries that can be used to confirm data integrity. Access Control Recording and Access Control The King's Storage Application is designed to handle multiple applications, among them. Each of the applications, such as Hai, is represented in the system and database as a tree with nodes. Mutual exclusion between such applications is achieved by ensuring that there is no crosstalk between the branches of the trees. 122367.doc -28- 200820037 In order to gain access to the secure storage application system, an entity needs to establish a connection through one of the access control records of the system. The secure program is managed by the secure storage application system based on the definition built into the access control account that the user selects to connect to. The access control record is a separate entry point for the secure storage application system. The access control record retains login authentication and authentication methods. Also resident in the record are login privileges within the secure storage application system in which special permissions are read and written. This is shown in Figure 5, which shows n access control records in the same access control record group. This means that at least some of the n access control records can share access to the same key. Therefore, the access control record #1 and the access control record share the access to the key having the key ID ''key 3', wherein the access control record #1 and the access control record #n The access control record ID, and, key 3, is the key ID of the key used to encrypt the data associated with "Secret 3". The same key can also be used to encrypt and/or decrypt multiple files, or multiple sets of data. The secure storage application system supports several types of logins to the system, wherein the authentication algorithm and the user authentication system can be changed, because once the user successfully logs in, the user's special privileges within the system can be changed. Figure 5 shows the different login algorithms and authentication again. The access control record #i specifies a password login algorithm and password for authentication, and the access control record #2 specifies a public key infrastructure (PKI) login algorithm and public key authentication. Therefore, in order to log in, an entity will need to submit a valid access control record ID along with the correct login algorithm and authentication. 122367.doc -29- 200820037 Once an entity logs into one of the secure storage application systems, the access control record 'is defined in the permission control record (PCR) of the access control record (its security material) The right to the application command). In FIG. 5, based on the displayed rights control record, the access control record (4) grants read-only access to the data associated with the &quot;key 3&quot;, and the access control record #2 grants the association to, Read and write access to the data of the key 5&quot;. Different access control records can share (4) common interests and special C permissions, such as the key to read and write. To achieve this, access control records that have certain things in common are grouped into access control record groups (ACR groups). Therefore, the access control record #1 and the access control record #n share the access to a key having a key ID, and a key 3". The access control record group and the access control record therein It is organized in a tree hierarchy, and therefore, in addition to establishing a security key to maintain sensitive data security, an access control record may preferably be associated with a key ID/partition. Other access control record entities. These access control, record generation children will have the same or fewer rights as their parent (founder) and can be given access to any key established by the parent. Incidentally, the children obtain access to any of the keys they establish. This is shown in Figure 6. Thus, all access control records in the access control record group 12 are accessed by the access control record 122. Established, and both of such access control records are inherited from the access control record 122 for access to the data associated with the π key 3&quot; access control record group 122367.doc -30- 200820037 Login to the secure storage application By specifying an access control, 彔f, and an access control record in the access control record group, only the ID (reference name) is used for each access. The control record group has an use as an index to point to its item in the secure storage application database. When the access control record group is created, the access control record group name is not provided to the secure storage. Application m If the provided access control record group name already exists (4), the secure storage application will reject the setup operation.

The access control record group is a delegated authority for access rights and administrative rights; as will be described below. Figure (iv) The two subjects provided by the two trees are completely separate from the entities (such as two different applications) or two different computer users. For this purpose, it is important that the access procedures are substantially independent of each other (i.e., substantially free of crosstalk), even if both occur simultaneously. This system means that the access, permissions, and establishment of additional access control records and access control record groups in each tree are not connected to other trees and are not dependent on other trees. Therefore, when the secure storage application system is used in the hidden body 10, the system 10 is allowed to feed a plurality of applications at the same time. It also allows two applications/processes to access two separate sets of data independently of each other (for example, a photo and a yoke are shown in Figure 6. Therefore, the application or user is in the tree above the r6 The node (access control: associated with the "key 3,", &quot; secret X&quot; and "sense song" data can contain photos. The application or user is passing through the nodes in the tree in the lower part of Figure 6. 122367.doc -31 - 200820037 The taster control record) access is associated with the &quot;key 5&quot; and, key Y&quot; data σ 3 songs § 存取 存取 access control record group access The control record is only; the field X access control group has no access control record item and has the right to delete the access control record group. ^ Entity secure storage application entry point: The access control records an access control record recorded in the secure storage application system, and the f body is allowed to be boarded (4). The method is required when the entity accesses the secure storage &quot; Specify the access control corresponding to the authentication procedure that it will execute Recording: An access control record includes a rights control record (:CR), which is displayed by the user, as shown in the access control record of FIG. The act of granting. The host-side entity provides all access control record data fields.

When the real system successfully logs into an access control record, the entity will be able to query the partition and key access rights of all access control records and access control record attribute management (ACAM) permissions (described below). Access Control Record ID When a secure storage application system entity initiates a login procedure, it is required to privately access the access control record corresponding to the login method (as when the access control record is established) The host provides it so that when all login requirements have been fulfilled, the secure storage application will set the correct algorithm and select the correct permission control record. The access control record 10 is provided to the secure storage application system when the access control record is created. 122367.doc -32- 200820037 Login/Authorization Algorithm This authentication algorithm specifies which login program will be used by the entity and which authentication system is required to provide proof of the user's identity. The Secure Storage Application System supports several standard drop-in algorithms ranging from no-program (and no-authentication) and password-based programs to a two-way authentication protocol based on symmetric or :: cryptographic compilation. Authentication The authentication of the entity corresponds to the denial algorithm and is used by the secure storage application to verify and authenticate the user. An example for authentication may be a password/personal identification number for password authentication, a login algorithm key for login algorithm verification, and the like. The type/format of such authentication (ie, personal identification number, symmetric key, etc.) is predefined and derived from the authentication mode; when the access control record is established, the authentication is Provided to the secure storage application system. The secure storage application system is not responsible for defining, distributing, and managing these authentications, except for public key infrastructure-based authentication exceptions, where the device (such as a flash memory card) can be used to establish the RSA or Other types of key pairs, and public keys can be exported for authentication establishment. The Rights Control Record (PCR) permission control record shows the item granted to the entity after logging in to the secure storage application system and the authentication procedure for successfully transmitting the access control record. There are three types of permission categories: partition and key establishment authority; partition and key access rights; and entity access control record attribute management rights. 122367.doc -33- 200820037 Access Partition The permission control record of this section contains a list of partitions that the entity can access when it becomes == (using the ID == 1 to store the ID of the application system). For each partition, the store is defined as write-only or read-only or can specify a full write/:profit. Therefore, the access control record #1 in Figure 5 can access the partition #2 / set = 3 = _#1 ° # ^ ^ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Area. By adding to the secure storage application, the Tamen Access Control Record (described below) is created and has pp 2 = control: recording can only restrict regular read and write commands to access the product. In the secure storage application, Li Tong takes control records only when it is established, it can be restricted: control: the record has the right to read/write the public partition = land, can not remove its permissions. 1乂仏

The access control key of the access key ID control = contains the access data when the entity login program matches. ===The entity can access the list of the secret 1D associated with the control 2: the remaining 1D system is associated with - resides in the permission

It is not necessary to cut (4) - or multiple files. Because the key IDs are associated with logical bits 122367.doc -34 - 200820037 within the device (eg, a flash memory card), when more than one partition is associated with a particular access control two At the time, the files may be located among the persons of the divisions. The keys 10 specified in the rights record may each have a different set of access rights. Access to the material pointed to by the key ID can be restricted to write-only or read-only, or a full write/read right can be specified. Access Control Record Attribute Management (ACAM) / This paragraph describes how to change the attributes of the access control record system in some cases. In the secure storage application system, the access control record attribute management operation system is enabled, and the access control record group and the access control record are created/deleted/updated. 2. Create/delete partitions and keys. 3. Delegate access to the key and partition. The μ generation access control record preferably cannot edit the access control record attribute. Preferably, this requires the deletion and re-opening of the access control record. Further, preferably, access rights to one of the key IDs established by the access control record cannot be removed. - The access control record system may have a set of access control records and access control record groups. 6. The establishment of an access control record in the listening valley may also mean that the delegation is held by the creator. Some or all of the access control record attributes are managed to their access control records. And there are arrests, and the authority to establish access control records is intended to have the following actions: 1. Define and edit the authentication of the child. Preferably, once set by the established access control record, The clock recognition method cannot be edited. Such certifications may be changed within the boundaries of the (four) algorithm that has been defined for the children, 122367.doc -35- 200820037. 2. Delete an access control record. Delegate permissions to child access control records (and thus grandchildren). - an access control record having permission to establish other access control records has the authority to delegate access control records to the access control record (although it may not have the unblocked access control record) Permission) ° The parent will place a reference to the unblocked person in the child access control record. The parent access control record has a unique access control record that deletes the permissions of its child access control records. When the access control record deletes one of the lower level access control records, the access control record system that is propagated by the lower level access control record is automatically deleted. When an access control record is deleted, all keys and partitions it creates are deleted. The access control record can update its own record with two exceptions: h password/personal identification code, although the password/personal identification code is set by the established access control record, only by the password/personal identification code. Take the control record to update the password/personal identification number. 2·—The root access control record can delete itself and the access control record group it resides on. Delegate access rights to the key and partition access control records and their access control record groups are combined in a tree hierarchy, wherein the root access control record group and the The access control records are located above the tree (e.g., root access control record 122367.doc-36-200820037 in Figure 6 for groups 13 and 132). There may be several access control record groups in the secure storage application system, although the access control records are completely separate from each other. An access control record in an access control record group can delegate access rights to its key to all access control records in the same access control record group in which it resides, and delegate to all access control records Its standing, access control records. Preferably, the authority to establish a key includes the authority to use the access rights of the keys. The rights to the key are divided into three categories: ’ 存取. Access 此 This defines the access rights for the key, that is, the fetch write. |Jing take, = right - rely on Yi... establish - the access control record of the secret is its owner. This ownership can be delegated from one access control record to another access control key == the access control records are in the same access control record, 彔_, , and in a child Ownership in the access control record group. Its deletion and delegation rights ρ 艮 its authority G authority _ this privilege enables the access control record to delegate its guaranteed y access (4) the delegation is established (d) and access rights to other partitions with access rights. - The authority delegation is carried out by adding the names of the divisions and the secret guns to the authority control record for the control record. Delegate secrets: 榷: can be implemented by the key ID or by narrating access rights for all established secrets of the delegate access control record. Access control record blocking and unblocking 122367.doc -37- 200820037 Access control, recorded can have a lock counter, accumulate the lock counter when the entity's access control record identification procedure for the system is unsuccessful . The secure storage application system will block the access control record when a certain maximum number of unsuccessful authentications is reached. The blocked access control record can be unblocked by another access control record, which is referenced by the blocked access control record. The reference for the unblocking access control record is the creator of the Ο

Disagree. Preferably, the unblocking access control record is located in the same access control record group as the creator of the blocked access control record, and has &apos;unblocking, privilege. The system (4) any other access control material cannot unblock the blocked access control record. - The access control record can be configured to have a lock count H' but no-unblocker access (four) record. In this case, if the access control record is blocked, it cannot be unblocked. Root Access Control Record Group - Create an Application Database The Secure Storage Application System is designed to handle multiple applications and to isolate data for each of the multiple applications. The tree structure of the access control record group system is the primary tool for identifying and isolating application specific data. The root access control record group is at the top of an application secure storage application database tree to maintain certain different behavior rules. Several root access control record groups can be configured in the secure storage application system. Two root access control record groups 130 and 132 are shown in FIG. Obviously, it is possible to use a group of ages, a number of access control records, and 'and are within the scope of the invention. 122367.doc -38 - 200820037 New application device (eg flash memory card) The authentication of the new application for the device is done by adding the record group/access control record tree to the device. The program% supports three non-type root access controls (and all access limits for the root access control record group):

1. Open type · Any user or real who does not need any kind of authentication, or a user/entity (described below) that accesses the control record by the system access system can establish _ new root access control Record the group. The open mode enables root access control record group establishment without any security measures, and all data transmission is on the open channel (also in the security environment of the lssuance agency) Or via a secure channel (ie, through air (0TA) and post-release program) established through the system access control record authentication. Ο Login for one and/or release using a new access control program. The secure storage should record the group establishment control record and its rights such as the system access control record is not configured (this is an optional feature), and the root access control record group establishment mode is set to "open Only, the open channel option is available. 2. Fork control · Only the entity that accesses the control record authentication through the system can create a new root access control record group. If the system access control The record is not configured 'The secure storage application system cannot be set to this mode. 3 · Blocked: The root access control record group is disabled and no additional root access control record group is available. Added to the system. 122367.d〇( -39. 200820037 Two Secure Storage Application commands control this feature (these commands can be used by any user/entity without having to authenticate): 1. Method Configuration Command to configure the secure storage system to use any of the three root access control record group establishment modes. Only the following mode changes are allowed: open + controlled, controlled ! lock (ie 'if the secure storage application system is currently configured as text control' then its can only be changed to blocked 2. Method configuration lock command - used to deactivate the method configuration command, Locking the currently selected method. The κ 久当-root access control record group is created, which is in the process of enabling the establishment and configuration of its access control record (using and applying to the root access control record group). The special initialization mode of the same access limit). At the end of the private sequence of the recorded group, when the entity explicitly switches it to the operating mode, it is no longer updated. Access control records, and no additional access control records can be created. Once an access control record group is placed in standard mode, it can only be deleted by accessing (4) (4) wipes (4) The access control record of the root access control group 3 accesses the system to delete the root access control record group. This root access control record group is outside the special initialization mode. Another exception; better It may contain the only access control record group with access control records that delete its own access control record group, which is relative to the access control record group within the next tree level. The third difference between the access control record and the standard access control record and the I22367.doc 200820037 is that the difference is that it is the only access control record in the system that has the authority to create and delete partitions. The access control record of the application system records the system access (4) records the following two secure storage application operations: 丄·In the environment of a secure channel, the security record/access control record group tree identification and 41 The device that loads the secure storage application system can be used only in the application system: the system access technology: recorded "and once defined, preferably, it cannot be changed. When the mouth system access control record is established, the system does not need to be recognized by the system; only a secure library application command is required. , the "establish system access control record" feature can be used (similar to "establish root access control record group" feature). After the system is established, the system access control is established. Recording is not effective because, preferably, only the system access control record and recording system are allowed. : In the established program, the system access control record is not operated. Take = when 'a special command system needs to be issued' which indicates that the system's deposit system (four) is established and ready to proceed. After this point, the system, ": control record is preferably not updated or replaced. ', save: two records recorded in the secure application to establish the root layer with the addition / change of the root blockade" I dare until the host is satisfied with it and the time is blocked. The root access control record group essentially disconnects its connection to the system and presents its tamper proof (temper pr〇〇f). At this time, neither of the root access control record groups nor the access control records therein can be changed/edited. This is done through a secure storage application command. Disabling the ^Access Control Recording group is established with a permanent &amp; and cannot be restored. The above features of the system access control record are not explicitly shown in FIG. The system access control record is used to create three different root access control record groups. After the root access control record group is established at a certain point, the secure storage application command is transmitted from the host to block the root access control record group from the system access control record. The feature of "establishing the root access control record group" is as shown by the dotted line connecting the system access control record and the root access control record group in Fig. 7. This presents a root access control record Group tamper proof. Before or after the root access control record group is blocked, the three root access control record groups can be used to create a child access control record group to form three Individual tree. The above characteristics are provided by the content owner in the configuration of the security product with the content of the security. The security product needs to be, issued, and the release system. Identifying the key, the device can identify the host, and vice versa. Screening the device (eg, '(four) memory card) enables the host to decide if it can believe it has its secret. On the other hand, identify the host This makes it possible to enforce the Angola principle (grant and execute a specific host command) only if the host is allowed. Products designed to serve a majority of applications will have several identification keys. Can be pre-released by the "pre-release", during the manufacturing period, before the shipment, save 122367.doc -42- 200820037 deposit key, or "post-release", after the new post-shipment is added after the shipment, the memory device (eg, a memory card) requires a suitable master or level (4) that is used to identify the entity that is allowed to add the two to the device. i The above implementation is implemented by configuring a product to be enabled/disabled. The post-release configuration can be safely performed after shipment. The package can be purchased as a retail product that does not have

A key other than the master or device level key, and then the newer, and the core μ enable or disable the post-release application. Thus the 'paint system access control record' feature provides the ability to accomplish the above objectives: _ A memory device that does not have a system access control record will allow unlimited and no control to add an application. 2. A memory device having a system access control record can be configured to disable the establishment of a system access control record, which means that there is no control to add a new program (unless a new root access control record group is created) w sign is also disabled). - The memory device with the system access control record will only allow the application to be added in a controlled manner via a secure channel established by the authentication program using the system access control record authentication. - The memory device with system access control record can be configured to deactivate the add application feature before or after the application private has been added. Key ID List 122367.doc -43- 200820037 The key ID is established based on a particular access control record request; however, in the memory system 10, it is only used by the secure storage application system. When a key ID is created, the following data is provided by the established access control record or provided to establish an access control record: 1. Key ID. The ID is provided by the entity through the host and is used to reference the key and use the secret encrypted or decrypted material in all further read or write accesses. 2. Key Encryption and Data Integrity Mode (the above-mentioned blocked, chained and hashed modes are described below). In addition to the properties provided by the host, the following information is maintained by the secure storage application system: 1. The key ID owner. The access control record is the owner of the record. When a key ID is established, the creator access control record is its owner. However, the key ID ownership can be transferred to another access control record. Preferably, only the key ID owner is allowed to transfer ownership of a key ID and delegate a key ID. Delegate access rights to associated keys and revoke these rights can be managed by the key ID owner or any other access control record assigned to delegate authority. The secure storage application system grants this attempt whenever an attempt is made to perform any of its operations only if the access control record of the request is authorized. 2. Content Encryption Key (CEK). This is the key value used to encode the content encryption key associated with the key ID or the content to which the key ID is directed. The key value can be a 128-bit login algorithm random key established by the secure storage application system. 122367.doc -44 - 200820037 3. MAC and IV values. Dynamic information (message identification code and start vector) used in the Chain Block Coding (CBC) encryption algorithm. Referring to the flowchart of FIG. 8A-16, various features of the secure storage application are displayed. The "H" system on the left of the step means that the operation is implemented by the host, and the "C" system is intended. It is said that the operation is implemented by the memory card. Although these secure storage application features are displayed with reference to the memory card, it should be understood that these features can also be applied to other memory devices in the physical form. A system access control record, the host issues a command to the secure storage application in the memory device 10 to establish a system access control record (block 202). The device is checked by the system. The access control § has already existed and responded (block 204, diamond 2〇6). If the system already exists, the device 1 returns a failure and stops (oval 208). If the system does not yet exist, then the memory Whether the access control record establishment is allowed (diamond 21〇), and if not allowed, the pass fails (block 212). Therefore, there may be several cases in which the device sends The walker does not allow the establishment of a system access control record, such as the required security profile, which has been predetermined so that the system does not need to access the control record. If so, the device is enabled. Returning OK (OK) and waiting for system access control record authentication from the host (block 214). The host checks the status of the secure storage application and if the device 10 has indicated - the system access control record The establishment is allowed (block diamond 218). If the establishment is not allowed or a system access control record system already exists, the host stops (oval 22〇). If the device 1G system has indicated U access control The establishment of Longlu is permitted by 122367.doc •45-200820037. The host releases a secure storage application command to define its entry into (10) and transmits the login authentication to the device (block). The device ίο updates the system access control record with the received authentication, and returns a determination &quot; status (block 22). In response to this status signal, the host issues a secure store. An application command is instructed to indicate that the system accesses the control record criteria (block 226). The device _ responds by locking the system access control to indicate that the method is updated or replaced (block 228). This is a feature that locks the X-system, first access control, and its identity for identifying the device 10 for the host. 1 Used to create a new tree (new root access control record group and access) The program for controlling the recording is determined by the way in which the functions are configured in the device. Figure 9 illustrates the programs. The host (10) the memory system postal follows this. If a new root access control record is added (4) If it is completely disabled, it is impossible to add a new root access control record group (the diamond is enabled if it is enabled but requires - the system access control record, then the host accesses the control record for recognition, and In the release, the establishment of the root access control record group "Command" 7 7 7 254 254 254 254 254 254 254 254 254 。 。 。 。 。 。 。 。 。 。 。 。 菱 菱 菱 菱If the system access control record (diamond 248) is not required, then the host 24 can issue the "Create Root Access Control Record Group" command without authentication and proceed to block 254. If the system access (4) record does exist, the system can use it widely, even if it is not required (not shown in the stream) if the function is disabled, the device (such as a flash memory card) Will refuse to establish - new root access (four) record group (four) any (four), and false) if the system access control record is required, it will refuse to establish a new root store 122367.doc -46 - 200820037 take control record group No attempt to identify (diamonds 246 and 250). The newly established access control record group and access control record in block 254 are now switched to the operational mode such that access control records within such access control record group cannot be updated or changed, and are not stored. The fetch control records can be added to their access control record group (block 256). The system is then locked, so that an additional root access control record group cannot be created (block 258). The dashed box 258 is a convention that indicates the steps selected for this step. All of the dashed lines in the flow diagrams within the drawings of the present application are selected. This allows the content owner to block the use of the device 1 for other illegal purposes that can mimic a genuine memory device with legitimate content. In order to establish an access control record (in addition to the access control record within the root access control record group, as described above), any access control record having the right to establish an access control record may begin (block, as shown) In Figure 1, any entity may attempt to enter through the host 24 by providing an access point access control record identity and an access control record having all the attributes necessary to establish (block 272). The application checks whether the identity of the access control record matches and the access control record having the identity has the right to establish an access control record (block (7)). If the request is verified as authorized, the device 1 The secure storage application within the device establishes an access control record (block 276). Figure 11 shows two access control record groups that are displayed - a tree useful for security applications using the method of Figure 10. Therefore, the access control record having the body #ml in the marketing access control record group has the authority to establish an access control record. The control record ml also has the use of 122367.doc -47-200820037 for reading or writing the data associated with the secret ID &quot;Liangshan, the sales of the news and the associated key ID" price list, The data is in the key of the key. Using the method of Figure 10, the sales access control record group with two access control rules is created: s 1 and s2, which are only right Oblique you, there is a pricing information for accessing the price list associated with the key ID "price list", and the access is associated with the key IDπ sales information, The read permission of the key required for the shell of the mussel 31. In this way, the system with access and system 冗 si si si and S2 can only buy and not change the pricing data. And

^ i will not be able to access marketing materials. Another aspect of the access control record m2; F has the authority to establish an access control record, and only has marketing information for accessing the key associated with the key m&quot;price list&quot; and associated key ID. The secret read permission of the f material. Therefore, the access method can be delegated in the above manner, where... the right to read the pricing data is delegated to sl&amp;s2. In the case of large marketing and sales groups involved This is particularly useful in (4). Under only a few or a few salespeople, the method of Figure 10 may not be required. Instead, the access rights may be delegated to the same access control record group by an access control record. An access control record within a group at a lower level or the same level, as shown in FIG. 12, first, the entity enters a tree for such an access control record group by transmitting the method in a manner described above The host specifies one of the access control records in the tree (block 280). The host then specifies the access control record and the rights delegated to it. The secure storage application checks for such access control records. And whether the access control record has the right to delegate rights to the specified other access control record (block 282). If it is, then the rights are delegated (block 284); if not, then stop. 122367.doc -48- 200820037 The effect is shown in Figure 13. In this case, the access control record (10) has the authority to delegate the access control record sl, so that after the delegation, the mountain can be made - The key to access the price. This can be implemented if there is an access pricing material and the same or greater rights to such delegated rights. In the embodiment, ml maintains its existence after delegation. Preferably, access rights can be delegated under restricted conditions, rather than permanently, such as a limited time, a limited number of accesses, and the like.

Figure 14 shows the poem creation - key and money (1). The entity authenticates via an access control record (block 3〇2). The entity requests to establish a key establishment with the ID specified by the host (block 3〇4). The secure storage application checks and sees if the specified access control record has the authority to do so (diamond 3G6). For example, if the secret recording system is used to store data in a particular partition, the secure storage application will check and see if the access control record has access to the partition. If the access control record is authorized, the memory device 10 establishes a key value associated with the key ID provided by the host (block 308), and stores the password for the access control record. And storing the key value in its memory (control 1 § associated memory or memory 2), and assigning rights and rights based on the information provided by the entity (block 31〇), The rights control records of such access control records are modified with such assigned rights and rights (block 312). Thus, the creator of the key has all available rights, such as read and write access, delegation and access control with other access control records in the same access control record group or at a lower level. Rights, and the right to transfer ownership of the key. 122367.doc -49- 200820037 An access control record can be changed to the right (or in existence) of another access control record in the secure storage application system, as shown in Figure 5. A real system can enter a tree through an access control record as before; in the case of a month, the entity is authenticated and then it specifies an access control record (blocks 330, 332). It requests a deletion of a target access control record or a permission within a target access control record (block 334). If the specified access control record or the access control record in the active state at this time has the right to do so (diamond 336), then the target access control record is deleted, or the target access control record has permission The control record is changed to delete such permissions (block 338). If this is not authorized, the system stops. After the above private sequence, the target will no longer be able to access the data it was able to access before the program. As shown in Figure 16, a real system may attempt to enter the target access control record (block 35A) and find that the authentication procedure failed because the pre-existing access control record ID no longer appears in the secure storage. Among the applications, the access rights are denied (diamond 352). Assuming that the access control record ID has not been deleted, the entity specifies an access control record (block 354) and a key (1) and/or data within a particular partition, and then the secure storage application is based on such The access control record of the access control record checks whether the key 1 or partition access request is granted (diamond 358). If the permission has been deleted or has expired, the request is rejected again. Otherwise, the request is granted (block 360). The above procedure describes how the device (eg, a flash memory card) manages access to the fork protected data, whether or not the access control record and its rights control system have just been controlled by another access control system. The record is changed or opened 122367.doc -50- 200820037. Session The Secure Storage Application System is designed to handle multiple users logging in at the same time. When this feature is used, all commands received by the Anjun store application private are associated with each other only if the access control record used to authenticate a particular entity has the authority for the requested action. This entity is executed. , /'

. Multiple real systems are supported through the concept of the session. A session is established between the authentication private sequence and a periodic ID is assigned by the secure storage application system. The ID is internally associated with the access control record used to log into the system, and is spoofed by the entity, for use in all further secure storage application commands. . The full storage application system supports two types of session periods: an open session, and the type of session associated with the month is defined in the access control record. The secure storage application system will enforce the session build in a manner similar to the enforcement of the authentication itself. Because the 2 control record defines these entity permissions, this mechanism allows the system to design this to enable the secure channel to be associated with accessing a particular crypto 1 or to call a specific privilege: control record management operations (ie, 'establish new access control' Record and set the certification). Open-ended session On = session is a session that is identified by a session ID but not encrypted by a bus. Standby: Commands and data are publicly transmitted. This mode of operation is preferably in a squatter or multi-entity environment where the real system is not part of the threatening model and is not part of the eavesdropping on the bus. Although the transfer of unprotected data does not enable an efficient firewall between the applications on the host side, the open session mode enables the secure storage application system to only allow access to the current clock. News. The open session can also be used in a partition or a key system needs to be protected. However, after a valid authentication procedure, access is granted to all entities on the host. The only thing that the various host applications need to share in order to gain access to the access control record is the session ID. This is shown in Figure 17A. The online_upper step is the step taken by the host. After the real system has authenticated the access control record (block 402), it requests access to the memory device 1() - associated with A file of key ID X (block 4 () 4, instrument and gram). If the access control record 该 the privilege control record allows such access ' then the device 1 〇 grant the request (diamond 41 〇). If not, the system returns to block 402. After the authentication is completed, the memory system 1 identifies the publishing entity only by the assigned session ID (and not the access control record authentication). - If the access control record 1 is obtained in the access control record of the open session, the data associated with the secret m is associated with any other application or user. The host has the correct duration of 1 共用 shared by different applications to access the same data. This feature is beneficial in the application 'where, for the user, only the monthly b is enough to log in - times, can Access all associated with different applications It is more convenient to log in to the account account. Therefore, a mobile phone 122367.doc -52· 200820037 user can access the email stored in the memory 20 and listen to the music stored in the library' without much need On the other hand, the data not contained in the access control record 1 is inaccessible. Therefore, the user of the same mobile phone can have valuable content, such as being stored through a separate account. Take control of the game and photos accessed by the record 2. This is the material that he does not want to access by the other person on the phone, even though he may not mind that other people can access the control record through his first account. In the open session (4) access to the data separates 0 separate accounts, accessing access control records1, providing easy protection and providing valuable data protection. ', in order to be more advanced, easy to be in these The order of the session ID is shared between the host applications. When an access control record is requesting an open session, it can explicitly request that the session be assigned &quot;〇&quot; IE^ The application can be designed to use a predefined session ID. The only restriction is that, for obvious reasons, it is only possible to identify an access control record that is being requested at a specific time. - An attempt to request an access control record for the session q will be rejected. Security session To add a layer of security, the session (1) can be used, as shown in Figure HB. Then, the memory 10 is also in storage. The period of the status period I is in Figure 17B, for example, in order to be able to access the dog; the key ID X is marked 'after the entity is allowed to access the standard, the entity is also A session (10) will be required, such as the duration m &quot;A" (squares * 412 and 414). In this way, unless the requesting system knows the correct ID of the period, it cannot access the memory. Since the session (1) is deleted after the end of the session and is different for each session, the real system can only be accessed if it is already able to provide the session number. &quot; The secure storage process is based on the use of the session, and the follow-up is really from the correct entity. The host application uses a secure session (a secure channel) for applications and usage scenarios where an attacker will attempt to use an open channel to transmit malicious commands. When a secure channel is used, the session 1D and the entire command are encrypted with a secure channel encryption (session) key, and the security level is as high as the host implementation. Termination of a session in the following - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2. The communication time is overdue. - A specific entity has not issued any commands in the paragraph (4) (as defined by one of the access control record parameters). 3. Terminate all open sessions after resetting and/or power cycling of the device (eg flash memory card). Data Integrity Service The Queen Storage Application &amp; System verifies that the secure storage application database (which contains all access control records, permission control records, etc.) is complete! Provide information for physical information 122367.doc -54· 200820037 Integrity Services. As the beginning, the key ID group, the ^ ^ hash value system and the _ capacity p = chic ride for its encryption algorithm, then the ~ 铱 铱 及 and 1V are stored side by side in the content encryption in the key 6 recorded in. The value written in the value is read ##_^# and the hash value is stored. The value stored in the hash is compared to the extra data per write operation period. 6 When the parent domain is accessing the key ID, it is connected to the old one by the ',, 1 (one) code ## method). Information and updated f

(for item or write) suitable for hash values. = The host knows that it is associated with a secret or by a material right' so the host explicitly manages several aspects of the meta-feature function in the following way: J. One is associated with a key 1D or by - The data file pointed to by the key ID is written or read from beginning to end. Any attempt to access a portion of the file will confuse the reason that the secure storage application system is using a chain block cipher encryption method and generating a hash message digest of the entire data. 2. Don't deal with it - the data in the continuous stream (the data stream can be interleaved with other shells of the secret ID and can be split over multiple sessions), because the middle of the hash value is This secure storage application system is maintained. However, if the data stream is reopened #, the entity will need to explicitly deny the secure storage application system to reset the hash values. 3. When a read operation is completed, the host explicitly requests the secure storage application system to confirm the hash of the read by comparing the hashes it has read and the hash values that were calculated during the write operation. 4 • The female full storage application system also provides a “set read” operation. 122367.doc -55- 200820037 This feature will not stream the data that is streamed through the encryption engine to the host. This feature can be used to confirm data integrity before the material is actually read from the device (eg, a flash card). The random number generation / An Wang storage application system will enable the external entity to use the internal random number to generate ± g ' and request the random number to be outside the secure storage application private system. This service is available to any host and does not require authentication 0 i

RSA Key Pair Generation The secure storage application system will enable external users to create features using internal SA pairs and request-pair key pairs are used outside of the secure storage application system. This service is available to any host and does not require authentication. Alternate embodiments do not use a hierarchical architecture approach, similar results can be made by the Becco rhymes, as shown in Figure 18 + = not Figure 18 8 - contains authentication for entities, clock recognition methods, failures 曰 4 The maximum number of times and the minimum number of authentications required to release the blockade are stored in a database in the controller 12 or the memory 2, and the list is related to the authentication requirement associated with the control by the memory. : The principle in this database (for the reading of secrets and partitions:: Take the 'safe channel requirements'). It is also stored in the library and the constraints and restrictions on the storage and division. Therefore, some entities (such as the official) can be on a white list, which means that these entities can store all keys and partitions. Other real systems can: :: Any attempt to information will be blocked. This restriction 2 accesses the apple 2 and/or the partition material. This means that only certain entities can secretly record a partition, and some entities cannot do so. Zone 戎, not the division where the content is located. 2 What is the key to encrypt or decrypt the content? Therefore, some materials (such as 'songs') can have only eight beans, only enough to be accessed by the other five users who access them! ^Attributes, or other materials (for example, movies) can only A property of a limited number of times, regardless of which entities have access rights. Forging Password Protection • Password protection means that a password needs to be submitted to access the protected area. Unless it cannot exceed a password', the password can be associated with different rights, such as read access and/or write access. A 1-code protection means that the device (e.g., a 'flash memory card') can verify the password provided by the host, i.e., the device also has a password stored in the device management secure memory area. Release and Restrictions. Passwords are subject to replay attacks. Since the password does not change after each submission, it can be retransmitted identically. It means that if the protected data is valuable, then the mother should not be used and the communication bus is easily accessible. • Passwords protect access to stored data, but should not be used to protect data (not a key). 122367.doc -57- 200820037 • In order to increase the level of security associated with a password, it can be diversified using a master key, with the result that a database of hackers does not mess up the entire system. A secure communication channel based on the session key can be used to transfer the password. Figure 19 is a flow chart showing the use of a password for authentication. The real system transmits an account ID and password to system 10 (e.g., a flash memory card). The system checks to see if the password matches the password in its memory. if

If it matches, it will return to the authenticated state. Otherwise, the error counter for the account is accumulated and the real system is required to re-enter an account m and password. If the counter is full, then (4) the status of the access denied is 0. Symmetric Key The symmetric secret recording algorithm means that the same key is used at both ends of the encryption and decryption. It means that the key should implement each other's inverse algorithm at each end of the communication and the decryption algorithm at the other end to communicate. I have previously agreed in advance. In addition, the law, that is, the encryption at one end. Both ends do not need to implement the two types of symmetric key authentication means that the device (for example, a flash memory card) and the host share the same secret and have the same cryptographic algorithm (direct and reverse, for example, DES and DES-1). • Symmetric key authentication means challenge-response (protection against replay attacks). Protected devices generate - challenges for other devices, and both calculate responses. The authentication device returns the response and the protected device checks the response 122367.doc -58- 200820037 and accordingly confirms the authentication.荽 ^ ^ ^ Ha, Jun, the right related to identification can be granted. Authentication can be: • External: The device (such as a flash memory card) recognizes the outside world, that is, the device confirms - the authentication of a given host or application. • Mutual: creates a challenge on both ends. • Internal: The host application authenticates the device (i.e., the flash memory card), that is, the host checks if the device is authentic for its application. In order to increase the security level of the entire system (i.e., destroying the non-destructive all), the μ symmetric key system is usually combined with diversification using a master key. Mutual identification uses challenges from both ends to ensure that the challenge is always challenging. An encrypted symmetric key cipher is also used for encryption because it is an efficient algorithm that does not require a powerful central processing unit to handle cryptographic compilation. 70 When used to secure a communication channel: • Both devices must know the session key used to secure the channel (ie, encrypt all outgoing data and decrypt all incoming data). This is usually done using a pre-shared secure symmetric key or using a public key infrastructure. • Both devices must know and implement the same cryptographic compilation algorithm. 122367.doc -59- 200820037 Signature The symmetric key can also be used for signature data. In this case, the signature is added with a 4-knife result. Keeping the result as part of the allowed signature is as many times as needed without revealing the secret value. Release and Limitation Symmetric algorithms are very efficient and secure, yet they are based on pre-common secrets. The release securely shares this secret in a dynamic way

Confidential, and may make it random (like - session key). This idea is that a shared secret system is not easy to maintain safe for a long time, and it is almost impossible for fish to be shared by multiple people.公开 In order to facilitate this operation, a public key algorithm has been invented because it allows secret exchanges without sharing the secrets. Asymmetric authentication procedures Asymmetric key-based authentication uses a series of transmission commands that are ultimately constructed for the secure transmission of secure channel communications. The basic agreement identifies the user for the secure storage application system. The protocol change allows for mutual authentication, where the user must identify the access control record he wants to use; and two-factor authentication. Preferably, the asymmetric authentication protocol of the secure storage application uses a public key infrastructure (PKI) and an RSA algorithm. As determined by these algorithms 2, each party within the authentication procedure is allowed to establish its own rsa key pair. Each RSA key pair is composed of a public key and a private key because the "Han" is anonymous, so it cannot provide the identity of the month. The public key infrastructure layer seeks a third party and is trusted. The person in charge 122367.doc -60- 200820037, who signed each of these public keys. The public key of the trusted party is pre-shared between the parties who authenticate each other and is used to verify the public key of the parties. Once the trust is established (the two parties decide that the public key provided by the other party can be trusted), the agreement is continuous authentication (verifying each party to hold the matching private key) and key exchange. This can be implemented by the challenge response mechanism shown in Figures 22 and 23, as described below. The structure containing the signed public key is called a credential. Signing Trusted parties to these credentials are referred to as Credential Authorization Units (CAs). In order for a party to be authenticated, it has an RSA key pair and a certificate that proves the authenticity of the public key. The voucher is signed by a voucher authority that is authorized by another (authenticated) party. The acknowledgment party is expected to have a public key of its trusted voucher authority on its property. The secure storage application system allows a credential chain. This means that the public key of the person being identified can be signed by a different credential authority that is trusted by the identifying party. In this case, in addition to providing its own credentials, the identified party also provides credentials for the certificate authority that has signed the public secret. A third level of credentials may be provided if the second level of credentials is still not trusted by another party (not signed by its trusted certificate authority). In this voucher chain algorithm, each party will hold a complete list of documents that need to be authenticated. & is shown in Figures 23 and 24. The authentication required for mutual authentication of this type of access control record is the RSA key pair of the selected length. 122367.doc -61 - 200820037 Secure Storage Application Credentials The Secure Storage application uses the [X·509] version 3 digital certificate. [X·5 09] is a painful and use standard; the secure storage application voucher data file described herein further describes and limits the content of the voucher definition block. The voucher data file also defines a hierarchy of trusts defined by the credential chain, the confirmation of the secure storage application credentials, and the management of the credential revocation list (CRL) profile. The voucher is considered to be public information (like an internal public key) and is therefore not encrypted. However, it contains an RSA signature that verifies that the public key and all other information interceptions have not been tampered with. [X.509] defines each interceptor to be formatted by the ffiASN standard, which in turn uses the DER format for data encoding. An example of the secure storage application voucher management structure shown in Figures 20 and 21 includes an infinite hierarchical hierarchy for the host and at most 3 hierarchical hierarchies for the device, however The device may use more or less than 3 levels. Wang Ji voucher hierarchy The device authenticates the host according to two factors: the root certificate authority unit certificate stored in the device (as the access control record authentication, stored when the access control record is established) and A voucher/credential chain (for that particular access control record) provided by the entity attempting to access the device. For access control records, the host credential authorization unit is preemptive (this is the credential that resides in the access (4) record authentication 122367.doc -62- 200820037). For example, for a &gt; access control § record, the root certificate authority can be, the host old certificate authority (level 2) certificate, and for another access control record In other words, the root certificate authority may be the "host root certificate authority unit certificate". Each entity 7 holding one of the credentials signed by the root certificate authority (or a certificate chain connecting the root certificate authority to the terminal entity certificate) is logged into the access control record for each_access control record, The premise is that it has (4) the private secret of the corresponding entity in the terminal entity. As t y ^ ^ ^ As mentioned above, the voucher is a publicly available knowledge and is not kept secret. The fact that all the certificate holders (and corresponding private keys) issued by the root certificate authority can vote for the access control record means that the authentication for a particular access control record is stored in the The issuer of the root certificate authority within the access control record certificate is determined by the issuer. In other words, the issuer of the root certificate authority can (4), the management access (4) record the entity of the clock recognition program. Host root certificate

»Haigen, the “Full Female Storage Application” is being used to start verifying the trusted voucher authority certificate of the public key of the entity attempting to log in (host). When the access (four) record is created as a stock This certificate is provided when the part of the control record authentication is taken. It is based on the root of the trust of the publicly available infrastructure system and, therefore, is assumed to be controlled by a trusted entity (a parent access control record or manufacturing/ The configuration is provided by the trusted environment. The security application uses the certificate to verify the signature and verify the heart. Also, the host root certificate is encrypted and stored in a non-volatile 122367. .doc •63- 200820037 ishi ji's body (not shown in Figure 1, g ^ W- ^ &lt; I 'port U and the secret key of the device is preferably only available from system 10 Accessed by the central processing unit 12 of Figure 1. The host credential chain host credential chain is a credential provided to the secure storage application during authentication. After the processing of the host credential chain is completed, the device should not be stored. Memory of the host credential chain Figure 20 illustrates a schematic diagram of a host credential hierarchy of a number of different host credential chains. As shown in Figure 20, the host credential can have many different credential chains, of which only three are displayed: Α1·Host Root certificate authority unit certificate 5〇2, host i certificate authority unit (second level) certificate 504 and host certificate 5〇6; B1. host root certificate authority unit certificate 5〇2, host n certificate authority unit (second level) Voucher 508, host 1 voucher authorization unit (third level) voucher 5 10 and host voucher 512; C1 · host root voucher authorization unit voucher 5〇2, host n voucher authorization unit (second level) voucher 508 and host voucher 514. The above three credential chains A1, Β1 and C1 show three possible host credential chains that can be used to prove that the host's public key is authentic. Referring to the voucher chain Α1 and Figure 20, the host 1 credential The public key in the authorization unit (second level) voucher 504 is signed by the private Φ key of the host root certificate authority (ie, by encrypting the summary of the public key), the host root The public key of the authorized unit is within the host root certificate authority unit voucher 502. The host public key in the host voucher 506 is then followed by the private key of the host 1 voucher authority (second level) Signed 122367.doc -64 - 200820037, the host! Credential Authorization Unit (Level 2) of the Host 1 Credential Authorization Unit (Second Level (4) Wide Key System is provided to the public key with the host root certificate authority Therefore, the authenticity system of the above-mentioned voucher chain VIII will be able to test, and the F-Mart will take a step, and the 哕 哕 哕 从 从 其 拥有 拥有 拥有 拥有 拥有 主机 主机 主机 主机 主机 主机 主机 主机 主机Host/Certificate Authorized Order/ Ο The signed public key, and compare the solution == and) by _ and the host's old certificate issued by the host is not authorized by the name of the public key A summary of the public key. If the two match, the host 1 credential authorization unit (the second authentication, and the entity will then make the poem host;, :) the public key is used by the 1st host 1 credential authorization unit ( The second layer is authenticated to disclose the secret transmitted by the host: by the private key of the host 1 credential authorization unit (second level) in the 506: the public key of the host of the name. If the decrypted signature value matches the value of the digest of the public secret in the host credential 506 communicated by the host, then the public secret of the beta host is then also authenticated. This can be used in a similar manner. The voucher chain B1 &amp; C1 is used for authentication. As noted by the above-mentioned procedure involving the credential chain, the first public key from the host that needs to be verified by the entity is tied to the host 1 The key in (the second level), and not the master certificate, the sheep certificate. Therefore, the host only needs to send the host i certificate authority (second level) certificate 504 and the host certificate 506 The entity, making ^host 1 credential authorization The (second level) voucher will be the first voucher in the voucher chain that needs to be forwarded. As shown above, the sequence of voucher verification is as follows 122367.doc -65 - 200820037. The verification entity (in this case, That is, the memory device 1) first verifies the authenticity of the public key in the first credential in the credential chain, which in this case is the credential of the credential authority unit under the root credential authority unit. After the public key in the class certificate is verified as authentic, the wearer 10 proceeds to verify the next voucher, in this case the host credential 506. The signature of the phase (five) is applicable - similar verification a sequence wherein the credential chain contains more than two credentials starting with the credentials of the party immediately ending with the credentials of the entity to be authenticated. Device Credential Hierarchy The host is based on two factors Identifying the device: a device root certificate authority unit voucher stored in the host and a voucher/credential chain provided by the device to the host (which is provided to the device when the access control record is established) The procedure for authenticating the device by the host is similar to the procedure for the device to authenticate the host as described above. The device voucher chain v. Green is taking control of the voucher from the pair. The control record is provided to the card when it is created. The secure storage application stores the credentials and provides the voucher machine one by one during the purely recognized period. The secure storage application uses the credentials to authenticate the master: The squad can handle a voucher chain with 3 vouchers, 'however, several vouchers of the same = can be used. The number of vouchers is because the access control record is not =:. When the access control record is created It is decided that the voucher chain is dedicated to the host. However, it is not necessary to analyze the reason why it does not use the voucher chain data. 122367.doc -66- 200820037 Figure 2 1 shows the device credential hierarchy structure Schematic diagram for displaying 1 to n different credential chains using a secure storage application for devices such as storage devices. The n different credential chains shown in Figure 21 are as follows: Α2·Device Root Credential Authorization Unit Credential 520, Device 1 Credential Authorization Unit (Manufacturer) Credential 522 and Device Credential 5; 24; Β2·Device Root Credential Authorization Unit voucher 520, device n voucher authorization unit (manufacturer) voucher 526 and device voucher 528. The secure storage application device can be manufactured by 1 to n different manufacturers, each manufacturer having its own device certificate authority certificate. Thus, the public key in the device credential for a particular device is signed by its manufacturer's private key, and then the manufacturer's public key is the private key of the device's root credential authority. Sign it. The manner in which the public privilege of the device is verified is similar to the manner in which the host's public key is described above. When in the above-mentioned case for the verification of the certificate chain of the host, it is not necessary to transmit the device root certificate authority unit certificate, and the first certificate system device i certificate authority (manufacturer) that needs to be transmitted in the certificate chain The voucher followed by the device voucher, i is an integer from 1 to η. In the embodiment shown in Figure 21, the device will submit two credentials: the device i voucher authority (manufacturer) voucher followed by its own device credential. The device i certificate authority (manufacturer) voucher is the manufacturer's certificate that manufactures the device and provides the private key to sign the device's public key. When the device i certificate authority (manufacturer) certificate is received by the host, the host uses its own root certificate authority unit 122367.doc -67-200820037 to disclose the secret correction to decrypt and verify the device i certificate. Authorization order to open the key. If the verification fails, the host will abort ";i) public::=set_ has failed. If the authentication is successful, then the second transmission = 0 month, the remote device, for the next Feng card. Connected to, /, M + i, the device transmits its own device credentials to be verified by the host in the form of -> The above verification procedures are also shown in more detail in Figures 22 and U. 5 »1 ^ , solid 22

The "/Service Module System" is a software module that implements the secure storage application system as described in this document and other functions described below. The security service module system can be constructed as a software or computer code with storage. The database in the memory 20 or a non-volatile memory in the central processing unit 12 is read by the central processing unit 12 into the random access memory 12a and executed. In Figure 22, there are three phases in the program, wherein the security service module system 542 within the device ι identifies a host system 540. In the first public key verification phase, the host system 540 transmits the security service module. The host credential chain within the group command is given to the security service module system 542. The security service module system 542 uses the root credential within the host root credential 548 within the access control record 55 to authorize the unit public key, and Verifying (block 552) the authenticity of the host credential 544 and the host public key 546. If an intermediate credential authorization unit between the root credential authority and the host is involved 54 9 'At block 552, the intermediate voucher authority 549 is also used for verification. Assuming the verification or procedure (block 552) is successful, the security service module system 542 proceeds to the second phase. The service module system 542 generates a random number 554 and transmits the same as the 122367.doc -68-200820037 machine number 5 5 4 for the rabbit. The host "screams to the host system 54°. System 54. Using and 僖μ", the private key 547 signs the random number 554 (block 556), I z, the worker-signed random number as a response to the challenge. The response causes the m-machine public key 546 to decrypt (block Moreover, the machine number 554 is compared (square state. Assuming that the decrypted response matches the Ik machine j code 554, the challenge response is successful. f % u In the phase: the random number 562 is used to disclose the secret. Then, the random number 562 is secreted. The host system, the first 540 can be decrypted by using its private secret (block $ is called encrypted from the security service «group system 542 The random number is committed, and the session key is obtained. By means of the session key, then the secure communication between the host system 540 and the security service module system 542 can be initiated. Symmetric authentication, wherein the host system 540 is authenticated by the security service module system 542 within the device 10. The figure is a protocol diagram showing a two-way mutual similar to the one-way clocking agreement of Figure 22. The clock recognizes the private order, which is the one in Figure 23. The full service module system 542 is also authenticated by the host system 54. Figure 24 is a diagram of a credential chain 59A of an embodiment of the present invention. As described above, it needs to be submitted for verification. The voucher chain may contain several voucher. Therefore, the voucher chain of Figure 24 contains a total of 9 voucher, all of which may need to be verified for authentication. As explained in the prior art section above, for voucher verification. In an existing system, an incomplete voucher chain is transmitted, or if the entire voucher is transmitted, and the voucher is not transmitted in any particular order, the recipient will not be able to analyze the voucher 122367.doc - 69- 200820037 certificate, until the entire voucher group has been received and stored as soil. Because the number of voucher in a voucher chain is not known in advance, this can present a problem. A large amount of storage space may need to be retained For storing a voucher chain of indeterminate length. This may be a problem for a storage device that performs verification. An embodiment of the present invention is based on: the problem can be solved by a host The knowledge mitigated by one of the voucher chains that are transmitted in the same order as the voucher chain will be verified by the storage device. Thus, as shown in Figure 24, the voucher chain 590 of the voucher begins: voucher chain 590 (1) ), which is the credential immediately below the host root credential; and ends with credential 590(9), which is the host credential. Thus, device 10 will first verify the public key in credential 590(1), followed by The verification of the public key in voucher 590(2) is followed, and so on, until the host public key in voucher 590(9) is verified. Then, this completes the verification process for the entire credential chain 59. If the host device transmits the credential chain 59 to the memory device 10 in the same order or sequence as the credential chain is to be verified, the memory device 1 can be connected to each voucher (; Each credential is verified to be verified without waiting until all nine credentials in the credential chain 590 have been received. Thus, in one embodiment, the host device transmits a credential in the credential chain 590 to the memory device 1 at a time. Next, the memory device 1 will have to store a single voucher at a time. After the voucher has been verified, it can be overwritten by a voucher sent by the host, except for the last voucher in the voucher chain. In this way, at any time, the memory device 10 will need to reserve space for storing only a single credential. 122367.doc -70- 200820037 The memory device will need to know when the entire credential chain 590 has been received. Therefore, preferably, the last voucher 590(9) contains an indication or an indication that it is one of the last voucher in the voucher chain. This feature is shown in Figure 25, which shows a table of information for a control section that is transmitted by the host to the credential buffer of the memory device 10. As shown in Figure 25, the control section of voucher 590(9) contains an argument name &quot;, which is the last 'flag.' Next, memory device 10 can check if the 'be the last' flag The verification voucher 590(9) is the last voucher in the voucher chain to determine whether the received voucher is the last voucher in the voucher chain. In an alternative embodiment, the voucher chain is within 5 0 0 The voucher may not be transmitted one by one, but is transmitted in groups containing one, two or three voucher. Obviously, the same number of voucher in a group or group with other numbers of voucher may be used. Thus, credential chain 590 contains five consecutive credential strings 591, 593, 595, 597, and 599. Each of the credential strings contains at least one credential. A contiguous credential string is a credential string containing the following credentials: a voucher (starting voucher) of the voucher string located in the voucher chain before the voucher string in the voucher; a voucher (end credential) of the voucher string following the voucher string in the voucher chain; Start voucher and knot All credentials between the trailing vouchers. For example, the credential string 593 contains three credentials 590(2), 590(3), and 590(4). The five credential strings are verified by the memory device 10 in the following sequence: 591, 593, 595, 597 and ending with 599. Therefore, if the five credential strings are transmitted and received in the same sequence as the verification performed by the memory device 10, the memory device is at the same end. 71 - 200820037

After the credential string has been verified, there will be no need to store any credential string, and all but the next one of the credential strings can be overwritten by the next thread from the host. As in the previous embodiment, it is desirable that the last in the voucher chain contains an indication such as a flag that is set to a specific value to indicate that it is the last voucher in the voucher chain. In this embodiment, the memory device will only need to reserve enough space to store the credentials in the maximum number of the five credential strings. Therefore, if the host first notifies the memory device 1G of the longest credential string it intends to transmit, the memory device 1 only needs to reserve enough space for the longest credential string. In the vehicle, the length of each voucher in the voucher chain transmitted by the host does not exceed 4 times the length of the public key authenticated by the voucher. Similarly, the length of the voucher transmitted by the memory device 1G to the host device to verify the public device of the memory device is no more than four times the length of the public key authenticated by the voucher. The above-described embodiment for verification of the credential chain is shown in the flow chart of Fig. 26, and 'for the sake of simplicity', the number of documents in each group is assumed to be 1. As shown in Figure 26, the host sequentially transmits the credentials in the voucher chain to the card. Starting with the first voucher in the voucher chain (typically, the voucher following the root voucher as described above), the card sequentially receives the voucher chain from the host that is being recognized (block 6 is followed, The card verifies each received credential, and if the credential-authentication verification fails, the card notifies the machine if the verification fails (blocks 6G4, 6G6). Then, the card is ] Detect if the last craving has been received and verified (diamond, if the last vouch has not been received 122367.doc • 72· 200820037 and verified, then the card returns to block 602 to continue receiving and verifying from the host Voucher. If the last voucher has been received and verified, the card proceeds to the next stage (610) after the voucher is verified. Although the features in Figure 26 and the following figures refer to the memory card as an example, it should be understood. Yes, these features can also be applied to memory devices having a physical form other than a memory card.

§ The program implemented by the host while the card is authenticating the host is shown in Figure 27. As shown in Figure 27, the host transmits the next voucher in the voucher chain to the card (block 620), typically starting with a credential following the root credential. Next, the host determines whether an abort notification (diamond 622) from one of the cards indicating that the authentication failed has been received. If an abort has been received, the host stops (Block 624). If a suspension notification has not been received, the host checks to see if the last token in the credential chain has been transmitted by checking if the last flag has been set in the last voucher being transmitted (block 626). ). If the last credential has been transmitted, then after the credential verification, the host proceeds to the next stage (block 628). As shown in Figures 22 and 23, the next phase can be a challenge response followed by the establishment of a session key. If the last credential in the credential chain has not been transmitted, the host returns to block 620' to transmit the next credential within the credential chain. The actions taken by the card and the host when the card is being authenticated are shown in Figures 28 and 29. As shown in Fig. 28, after the start, the card waits for a request from the host to transmit the voucher in the voucher chain (block 63, man shape 632). If a request from the host is not received, the card will return to diamond 632. If the _Request (4) card 122367.doc -73- 200820037 received from the host is then transmitted, the voucher chain will be transferred to the voucher, which begins with the first voucher that should be transmitted (typically, to the root certificate) The subsequent voucher begins with eight blocks 634). The card determines if a failure notification has been received from the host (block 636). If a failure notification has been received, the card is stopped (block 637). If no failure notification is received, the card determines if the last-voucher has been transmitted (diamond 638). If the last "voucher" has not been transmitted, the card returns to diamond 632 and waits until it receives the next request from the host for transmitting the next voucher in the voucher key. If the last voucher has been transmitted, the card proceeds to the next stage (block 639). Ο Figure 29 shows the actions taken by the host when the card is being authenticated. The host transmits a request for the next voucher in the voucher chain to the card, starting with a request for the first voucher to be transmitted (block 640). The host then verifies each received credential and if the verification fails, the program is aborted and the card is notified (block 642). If the verification is passed, then the host is privately checked to see if it has been received and the last certificate has been successfully verified (diamond 644). If the last credential has not been received and successfully verified, the host returns to block 640 to transmit a request for the next credential within the credential chain. If the last credential has been received and successfully verified, then after the credential verification, the host proceeds to the next stage (block 646). Voucher abolition When a voucher is issued, it is expected to be used throughout its validity period. However, various situations may result in a voucher becoming ineffective until the expiration of the validity period. Such circumstances include a change in the name of the subject change and the authority of the certificate authority (eg 'an employee termination relationship with an organization'), 122367.doc -74- 200820037 in such cases, the compromise or It is suspected that the corresponding private immigration authorization unit is in danger of abolishing the certificate. = The staggered application enables credential revocation in different ways, and each access control record can be configured for use in abolishing the remedy. An access control record can be configured to not support _discontinuation, and each-voucher is considered valid until it expires::. Alternatively, a voucher revocation list can be used. As another 方 为 ❹ = scheme can be specified for a particular application, or application:: abolish the value, and specify the abolishment of the three abolition schemes = an access control record is established as With the abolition scheme, for ^: = a can be activated by the access control record owner can be -. The abolition of the memory device credentials is enforced by the host: 'And: is enforced by the secure storage application security system; :::: The child control record owner is responsible for managing the waste records of a host root certificate. Implemented with credentials. Special Access 凭证 Credential Revocation List (CRL) Week: = The application system makes the &quot;Stop scheme, which involves the non-vouching vouchers of the signed data structure - the certificate authority. A voucher revocation list is a time-stamped list, and the pot identification is issued by the voucher authorized unit (issuing the abolished voucher signed by the m-smart unit m of the voucher in question, and implemented as a public second: using each abolition certificate It is identified by its voucher serial number in the list of voucher abolitions 122367.doc -75- 200820037. The size of the voucher revocation list is arbitrary and depends on the number of expired unexpired voucher. When the voucher (for example, to verify the identity of a host), the device not only checks the voucher signature (and validity), but also verifies the voucher against the serial number list received through a voucher revocation list. If the identification of the serial number of a voucher is found on the voucher revocation list issued by the voucher authority, the system indicates that the voucher has been revoked and is no longer valid. The voucher revocation list will also need to be verified as authentic. For the purpose of confirming the voucher. The voucher revocation list is the private use of the voucher authority that issued the voucher revocation list. The key is signed and can be verified as authentic by decrypting the signed voucher revocation list using the voucher authority's public key. If the decrypted voucher revocation list matches the unsigned voucher revocation list Abstract, this means that the voucher revocation list has not been tampered with and is true. The voucher revocation list is usually hashed using a hash algorithm to obtain a summary thereof, and the abstracts are authorized by the voucher. The unit's private key is encrypted. In order to verify whether a voucher revocation list is valid, the signed voucher revocation list (ie, the hashed and encrypted voucher revocation list) is the public key used to authorize the voucher Declassified to obtain a decrypted and hashed voucher revocation list (ie, a summary of the voucher revocation list). It is then compared to the hashed voucher revocation list. Therefore, the verification process can often involve The step of hashing the voucher revocation list for comparison with the decrypted and hashed voucher revocation list. One of the characteristics of the voucher revocation list scheme is that the confirmation of the voucher (for the document revocation list of 122367.doc -76-200820037) can be implemented separately from obtaining the revocation list of the voucher. The voucher revocation list is also issued by the appropriate voucher. The signature is signed, and in the manner described above, the voucher revocation list is verified in a similar manner to voucher verification using the public key of the voucher authority that issued the voucher revocation list. The memory device verifies the signature system The issuer of the voucher revocation list and the issuer of the voucher revocation list matches the issuer of the voucher. Another feature of the voucher revocation list scheme is that the voucher revocation list can be distributed by means of exactly the same as the voucher itself, ie Through an untrusted server and untrusted communication, the certificate revocation list and its characteristics are detailed in the X.509 standard. Secure Storage Application Infrastructure for Credential Revocation List The Secure Storage application uses this voucher to abolish the inventory scheme to provide an infrastructure for host abolition. When the RSA-based access control record is authenticated by the voucher revocation list revocation scheme, the host system will be used as one of the additional fields to revoke the list (if the issuer certificate authority does not revoke any voucher, it may be An empty voucher revocation list is added to a set of voucher commands. This field will contain a list of vouchers that are signed by the issuer of the voucher. When this field is present, the memory device 10 first verifies the credentials within the set of credentials commands. Obtaining and accessing the voucher revocation list repository is entirely the responsibility of the host. The voucher revocation list is issued during the period in which it is valid (Certificate Revocation List Expiration Period (CET). During the verification period, if the current time is found to be out of the time period, the voucher revocation list is considered to have Defective, and can not be used for credential verification. Then, the result is that the credential's identification loss is 122367.doc -77- 200820037. In the traditional credential verification method, the authentication or verification entity is expected to hold the credential Abolish the list or be able to retrieve the voucher revocation list from the voucher authority to compare the (4) list to check the serial number of the voucher submitted for verification to determine whether the submitted voucher has been revoked. In the authentication or verification system - memory In the case of a county, the memory device may not have been used by itself to obtain a voucher revocation list from the certificate authority. If a voucher revocation list is pre-stored in the device, such a list may become expired. The voucher that was revoked after the installation date will not appear on the list. This will enable the user to access the revocation certificate. This is not desirable. In one embodiment, the above problem can be solved by a system in which an entity that wants to be authenticated submits a voucher revocation list along with the voucher to be authenticated. The authenticating entity may be a memory device 1. The authenticating entity then verifies the authenticity of the received voucher and the voucher revocation list. The authenticating entity checks whether the voucher is identified (such as the credential) The serial number appears on the voucher revocation list, and it is checked whether the voucher is on the voucher revocation list. In view of the above, an asymmetric authentication scheme can be used between a host display and a mnemonic Mutual authentication between devices 1 . The host device that is to be authenticated for the ticker and device 10 will need to provide its credential chain and corresponding vouchers list. On the other hand, the host device is already Used to connect to the voucher authorization early to obtain a voucher revocation list so that when the memory device 10 is to be authenticated by the host device, the memory device does not need to be 122367.doc -78- 200820037 The voucher revocation list is submitted to the host device along with its voucher or voucher chain. In recent years, Cui has an expanded number of different types of portable devices that can be used to play inside, such as different built-in or independent music playback. Machine 'claws...players, incitement phones, personal digital assistants, and notebook computers. Although it is possible to connect such devices to the global network (www) to store the voucher verification list from a voucher authority, typically many The user does not go to the web every day = instead of just getting new content or updating the subscription (such as every few weeks) to connect to the Web. Therefore, for such users, the credentials must be abolished more frequently from the certificate authority. The list may be a whisker. For such users, the voucher revocation list may be stored in a better area of the storage device itself and may also be submitted to a storage shelf for storage. Take the host certificate of the protected content. Among many types of storage devices (e.g., flash memory), the unprotected areas of the storage devices are managed by the host device rather than being managed by the storage devices themselves. In this way, it is not necessary for the user (to the host device) to be connected to the network to obtain more up-to-date voucher revocation lists. 2 host t can only retrieve such information from the unsecured area of the storage device 'and then turn and submit such credentials and list to the storage or memory device' to access the protected content in the storage device . Since the voucher used to access the protected content and its corresponding voucher revocation list are typically valid for a certain period of time, the user will not need to obtain the latest voucher or voucher revocation list as long as the system is still valid. . The above feature enables the user to have access to the voucher and the voucher revocation list when the voucher and the voucher revocation list are both valid, and does not need to be connected to 122367.doc -79- 200820037 Authorized unit for updated information. The above procedure is shown in the flowcharts of Figs. As shown in Figure 30, the host 24 reads from the unsecure open area of the memory device 10 a voucher list for the one of the voucher that the host will submit to the memory device for identification (block 652). Since the voucher revocation list is stored in an unsafe area of the memory, no authentication is required until the voucher revocation list can be obtained by the host. Since the voucher revocation list is stored in the public area of the memory device, the reading of the voucher revocation list is controlled by the host device 24. Next, the host transmits a voucher revocation list along with the voucher to be verified to the memory device (block 654) and proceeds to the next stage unless it receives a failure notification from the memory device 1 (block 656). Referring to Figure 31, the memory device receives a voucher revocation list and credentials from the host (block 658) and checks if the voucher number is on the voucher revocation list (block 66), and other aspects (a) Whether the voucher revocation list has expired). If the serial number of the voucher is found on the voucher revocation list or fails for other reasons, the memory device transmits a failure notification to the host (block 662). The host that is different in this way can obtain the heart stored in the public area of the memory device and also revoke the π list, because the same certificate revocation list can be used for the clock recognition of the host. As described above, for the convenience of the user, the certificate that is verified by using the heart and also the abolished q is preferably stored in an unsafe area of the memory device 10 together with the voucher. However, the Ή certificate can be used for the authentication of the memory device by the host that is issued only by the vouchers. 122367.doc 200820037 In the case where the voucher revocation list is included in the field for the next update time, as shown in Figure 32, the secure storage application system in device 1 is also checked against this time. The current time to see if the current time is after this time; if it is, then the recognition will also fail. Therefore, preferably, the secure storage application checks the time of the next update and the expiration date of the voucher revocation list against the current time (or the time received by the memory device 10 against the voucher revocation list).

As described above, if the voucher revocation list contains a long-term revoked voucher identification list, then the processing (eg, hash) and the search list application are submitted by the host = the serial number of the voucher may take a long time, especially in the process. And the search system is implemented in sequence. Therefore, $ speeds up the process, and the processing and search systems can be implemented at the same time. Furthermore, if the entire voucher revocation list needs to be received before it is processed and searched, the program can also be time consuming. The applicant system recognizes that the procedure can be quickly executed by processing (searching) and searching as soon as the portion of the voucher revocation list is received, such that when the last part of the voucher revocation list is received, the The program is about to be completed. Figures 33 and 34 show the features of the abolition scheme described above. At the authentication entity (e.g., - such as a memory card memory device), the voucher and voucher revocation list is received from the entity that is desired to be queried (block 7〇2). The portion of the unencrypted voucher revocation list is processed (e.g., hashed) and the identification of the voucher (e.g., serial number) in the submitted portion is also searched for. The processed W as a hashed voucher revocation list portion is compiled into a hashed complete voucher revocation list that is associated with the complete decrypted and hashed 122367.doc -81-200820037 voucher revocation list. In comparison, the complete decrypted voucher revocation list is formed by the decrypted voucher list that is compiled from the entity to be authenticated. If the flat, the 1st and the private are not to compare "," and match, the authentication system fails. The time of the authentication entity 乂 θ..., 曰刖

To check the time of the next update and the expiration of the voucher revocation list (block, predicate). If the identification of the submitted voucher is found on the voucher revocation list, or if the current time is not within the voucher revocation list _ period or if the time of the next updated voucher revocation list has been exceeded (block 71〇), then The identification also failed. In some embodiments, storing the hashed voucher list portion and the level decrypting the voucher revocation list portion compiled with the second file may not require a large amount of memory space. When an entity (e.g., the host) wants to be authenticated, it will transmit its voucher and voucher revocation list to the authenticating entity (block 722) and proceed to the next stage (block 724). This is shown in Figure 34. If the real system submits a credential chain for authentication, a procedure similar to that described above can be implemented. In this event, the above procedure will need to be repeated for each voucher in the voucher chain along with its corresponding voucher revocation list. Each voucher and its voucher revocation list can be processed as it is received, without waiting to receive the remaining voucher in the voucher chain and its corresponding voucher revocation list. Identity Object (IDO) An identity object is a protected object that is designed to allow a memory device, such as a flash card, to store an RSA key pair or other type of weight compilation ID. The identity object contains any type of cryptographic compilation m that can be used to sign and verify identity, as well as encrypt and decrypt data. The identity object also contains a voucher from a voucher authority (or a voucher chain from multiple voucher authorities) to verify that the public key within the pair is authentic. The identity object can be used to provide identification of an external entity or an internal card entity (i.e., the device itself, an internal application, etc., referred to as the owner of the identity object). Therefore, the card is not using the RSA key pair or other - through the challenge response mechanism - to identify the host, to provide the information to its name == = proof. In other words, the identity object contains its owner's password code ID. In order to access the password compilation ID in the identity object, the host will first break the authentication. As described above, the authentication procedure is controlled by an access control d-record. After the host system has been successfully (4), the identity object owner can use the password to compile m to establish the identity of the owner for another party. For example, the cryptographic compilation ID (e.g., a public-private key pair private key) can be used to sign material submitted by other parties through the host. The signed f material and the owner of the identity (4) identity object are submitted to other parties. The public key of the public private key pair in the voucher is verified by the technical unit (i.e., the trusted authority) to make the other party I: the public secret is true. Then, the other party can 丄 = the public key to decrypt the signed data, and compare the:: greed with the information transmitted by other parties. If the decrypted two matches the information transmitted by other parties, then this shows that the owner of the four pieces really has the right to access the real private secret. 122367.d〇( -83 - 200820037 利利' And thus the representative system is true. The second use of the X-injury object uses the cryptographic ID (such as the key itself) to protect the information assigned to the owner of the identity object. X This information is expected Encrypted using the identity object public key. For example, the memory card's memory will be used to unpack the private secret. - The body object can be used for any type of access control record. An object is created. In one embodiment, an access control record can have only one: part of the object. Both the data signature and the protection feature are provided by the secure memory application system to any one that can authenticate the access control. The service of the recorded entity. The protection level of the identity object is as high as the login authentication scheme of the access control record. For the transaction control record with one of the _ identity objects, you can choose any (4) The recognition algorithm is determined by the creator (host) and (4) which algorithm can best protect the identity object usage. One is: access to the identity object (4) Saki provides (4) the chain, in response to the second The order to pay the public key of the identity object. When the identity object is being used for data protection, the decrypted (four) material system requires a small amount of output. In this case, == encourages the use of one through the available The secure channel established by any of the clock recognition algorithms. When: the identity object is selected, select the secret correction length and pKc version = two embodiments: open key and private secret correction use such as KCS#1 2.1 The definition (index, modulus) of the version definition. In the embodiment, the information contained in the identity object creation period 122367.doc -84- 200820037 is an RSA key (4) and a voucher chain with a selected length. It recursively proves the authenticity of the public key. The access control record with 4 objects will allow the user's data to be signed. This is implemented by two secure storage application commands. Information: For the free-form data buffer to be signed. • Secure storage application signature: The card will provide the -rsa signature (using the access control to record the private key). Depending on the object, type, The format and size of the signature are set according to the pkCS#1 h5 version or version. The operation of using an identity object is shown in Figure 35_37, where the memory device 10 is a flash memory card and the card is the identity The owner of the object Figure 5 shows the private order of the yoke of the data transmitted by the card signature to a host. Referring to Figure 35, after a host is authenticated (block 8〇2), as described above One of the nodes at the node is controlled by an access control record that is waiting for one of the credentials of a host request (diamond 8〇4). After receiving the request, the card transmits the voucher and returns to diamond 8〇4 for the next host request (block 806). If a voucher chain needs to be transmitted to verify the public key of the identity object owned by the card, the above action is repeated until all credentials in the voucher chain have been transferred to the host. After each voucher has been transferred to the host, the card waits for other commands from the host (diamond 808). If the command from the host is not received during a predetermined period of time, the card returns to diamond 804. Upon receiving the data from the host and a command, the card checks to see if the command is for signatures (diamond 810). If the command is for ..v ^ ^ ^, the name of the Becco, then the card is the caution of the private key sign A in the identity object... and then the signed host (block 812) ) 'and return diamond _. If the command from the host is not used to sign the data of the host, then the card makes

With the private key in the identity object, A' is drawn to resolve the received data (block 814) and returns to diamond 8.4. Figure 36 shows the procedure implemented by the host when the name of the shirt is transferred to the host. Referring to Figure 36, the host transmits authentication information to the card (block 822). After the success (4) controlled by the access control record at one of the nodes of the tree structure as described above, 'the host transmits a request to the card for the voucher chain' and receives the voucher chain (block 824) β has been verified After the public key of the card, the host transmits the data to the card for signing and receiving the information signed by the private key of the card (block 82).

G Figure 37 shows the procedure implemented by the host when the host decrypts the material using the card's public key and transmits the decrypted material to the card. Referring to Figure 37, the host transmits authentication information to the card (block 862). After successful implementation of the authentication by the access control δ record control, the host transmits a request to the card to request a credential chain (block 864) that is required to verify the public key of the card within the identity object. And send a request to the card to request information. After the public key of the card in the identity object has been verified, the host encrypts the material from the card using the verified public key of the card and transmits it to the card (blocks 866, 868). ‘ Query host and application systems need to hold the system and applications that are working together to implement the system. The host and application are not public rights. Some information about the memory device or the card that the host can operate. For example, an application may need to know which of the dependencies stored on the memory card are available (inv_tiQn). The information required by the host is sometimes open to the knowledge that it does not have to have it. In order to authenticate authorized and unauthorized users, there is a need to provide a method of use. General Information Enquiry This inquiry discloses system public information without restriction. The confidential information stored in the ticker device comprises two parts: a shared part and a non-shared port P-tool. The part of the information contains a partial message that can be exclusive to the individual entity, so that each entity should be Allows access to only its own proprietary information, as well as access to proprietary confidential information from other entities. Such confidential information types are not shared and form an unshared portion of the confidential information. '

Some of the information that is often thought of as public may in some cases be considered hunted, such as the name of the application residing on the card and its life cycle state. Another example of this is to root the access control record name, which is considered publicly 'although it can be confidential for some secure storage application usage. For these cases, the system should provide an option in response to a general information query 'keep this information available only to all authenticated users', however it cannot be used by unidentified users. Such information constitutes a common part of the confidential information. An example of a shared portion of the confidential information may include a list of access control records, i.e., a list of all root access control records currently present on the device. Access to the public information through the general information query does not require the host/122367.doc -87- 200820037 user to log in to an access control record. Therefore, any entity with knowledge of secure storage application standards can execute and receive this information. In the case of a secure storage application, this query command is placed under a no-session number. However, if it is desired to have access to the shared portion of the confidential information by an entity, then the entity must first be authenticated by any control structure (e.g., any access control record) that controls access to the data within the memory device. After successful identification, the entity will be able to access the shared portion of the confidential information through general information enquiries. As explained above, the authentication procedure will result in accessing one of the secure storage application session numbers or IDs. Cautious Information Enquiries Private information about individual access control records and their system access and assets is considered prudent and requires explicit identification. Therefore, such a query requires access control record entry and authentication (if the authentication is specified by the access control record) before receiving the authorization for the information inquiry. This query requires a secure storage application session number. Before describing two types of queries in detail, it would be useful to first describe the concept of index groups as a practical solution for implementing such queries. Index Group The application executed on the possible secure storage application host is specified by the operating system and system driver requirements on the host. Then, this means that the host application needs to know how many segments to read for each secure storage application read operation. 122367.doc -88- 200820037 Because the nature of the query operation is called Gutongdang Γ The entity requesting the message and the second (four) province A °, the poor news 'so for the host application, it is difficult to publish the query and guess the number of segments required for the operation. Ο Ο Only, : Solution:: Ask 74 ’ The secure storage application query output buffer Qiu t3 mother - request request - section (512 octets). The object of the -^ knife for outputting information is organized into an index group. Each type of object can have a different byte size, taking into account the number of objects that can be adapted to a single segment. This defines the index group for this object. If an object has a size of 7 bits, the index group for that object will contain = 2: objects. If there are 56 such objects in total, then they will have been indexed by ^, 3, where object τ (the first object) starts the first index group, object "25, 'starts the first + D4 〇, “An index group and object, 5〇” starts with the second and is the last index group. System Enquiry (General Information Enquiry) This inquiry provides general information about the current secure system of the supported secure storage application system in the slot, such as the different trees and applications implemented on the device. Inferior 5, He Han application style. Similar to the access control record query described below (Cautious 杳% \ 4 n + M), the wiki query is structured to give several query options: • General - Secure Storage Application Support Version. • Secure Storage Application - The current list of applications for all secure applications on the device, including their execution status. The information listed above is public information. As the access control record is 'in order for the host to not need to know the output buffer for the query to be read 122367.doc •89- 200820037 eve; the ΐϋ ΐϋ 'will have a segment returned from the device, while the host Ability to step through additional index groups. Because &amp;, if the number of control record objects exceeds the number of output buffer sizes used to index group T' then the host can send another query request to the next index group &quot;i&quot;. Access control record query (careful information query)

The secure storage application access control record query command is intended to provide information about the system resources of the access control record user regarding the access control record, such as the key and application 10, the partition and the child access control record. . The query information is only about the login access control record and not about other access control records on the system tree. In other words, the access is limited to the portion of the confidential information that is accessible only to the rights τ of the access control record involved. The user can query the following three different access control record objects: • Partition - Name and access rights (owner, read, write). • Key ID and Application ID - Name and Access Rights (Owner, Read, Write • Child Access Control Record - A Direct Child Access Control Record Access Control Record and Access Control Record Group Name. • Identity and security data objects (described below) _ name and access rights (owner, read, write). Because the number of objects connected to an access control record can be changed, and the information may be More than 512 bytes (one segment). Without knowing the number of objects in advance, the user cannot know the security that needs to be read from the device. 122367.doc -90- 200820037 How much does the storage application system read? The area &amp; to get the full list. Therefore, each item list provided by the secure storage application system is divided into several index groups, which are similar to the above system query. An index group The number of items that are adapted to a segment, that is, how many items are transferred to the host from a secure storage application system within the device to the host. This enables the secure storage in the device. The program system transports a segment of the requested index group. The host/user will receive a buffer of the object being queried, the number of objects in the buffer. If the buffer is full, The user can then query the next object index group. Figure 38 shows a flow diagram of an operation involving a general information query. Referring to Figure 38, the secure storage application system receives a general information query from an entity (block 902). When the system determines whether the entity has been authenticated (diamond 904). If the entity has been authenticated, the system supplies the entity with the public information and the shared portion of the confidential information (block 906). If the entity has not been authenticated, then the system supplies the entity with only public information (block 908). Figure 39 shows a flow diagram of an operation involving a cautious information query. Referring to Figure 39, when the secure storage application system receives When a cautious information query from an entity (block 922), the system determines if the entity has been authenticated (diamond 924). If the entity has been authenticated, then The system supplies the entity with confidential information (block 926). If the entity has not been authenticated, the system denies the entity access to the confidential information (block 928). Feature Group Extension (FSE) 122367.doc •91 - 200820037 In the case of Xu Xi, the implementation of the secure storage application on the card; the activities in the battlefield (for example, the identification of the right to use the drm) are very advantageous for all data processing operations performed on the host. Alternative solutions, the resulting system will be more secure, more efficient, and less dependent on the host. /Hai Queen Storage Application Security System includes a set of recognition algorithms and

^Basic Singcheng controls access and use of the collection of objects stored and used by the memory card. Once a host gains access, the host will then process the data stored in the memory device, where access is made. The L-body is controlled by the secure storage application. Narrowly, it is assumed that the material is very application-specific and, therefore, the data format and data processing system are not defined in the secure storage application. The secure storage program does not process the library on the device. data of. The present invention is based on the recognition that the secure storage application system can be enhanced to allow the host to perform functions that are typically performed by hosts within the memory card. Therefore, some of the software application knowers of these hosts can be split into two parts: one that is still implemented by the host and another part that is now implemented by the card. For many applications, this enhances the safety and efficiency of lean processing. For this purpose, a mechanism called feature set extension can be added to enhance the capabilities of the secure storage application. In this document, the host application within the feature set extension performed by the card in this manner is also referred to as an internal application or an internal application. μ Extended Basic Security The enhanced Secure Storage Application System provides a mechanism for storing application command groups, which provides authentication and access control for the card through the import of the card application. ^ The application is assumed to be a service other than the service of the secure storage application (for example, DRM mechanism, e-commerce transaction). The Secure Storage Application Feature Group extension is a mechanism designed to enhance the standard secure storage application security system with data processing software/hardware modules, which can be proprietary. In addition to the information that can be obtained using the above query, the service defined by the secure storage application feature set extension system enables the host device to query the card for available applications, select and communicate with a particular application. The above general query and cautious query can be used for this purpose. 0 The method of using the two extended cards to securely store the application feature set to extend the inner feature set: • Provide the service - the way to implement this feature is by allowing the authorized entity C Use a command channel called a pipe to communicate directly with the internal application, which can be proprietary. • Extension of the standard access control principle for secure storage applications - the way to achieve this feature is by associating internal protected data objects (eg, content = dense secrets, security data objects (SD) described below) For internal card applications. Whenever such an object is accessed, if the defined criteria are met!! Safely store the application principle, then the associated application is invoked. In addition to using the standard secure storage:::! At least - condition. Preferably, this condition will conflict with the principle of the female full storage application. Access is granted only if the additional conditions of 122367.doc -93 - 200820037 are also met. Before proceeding with the detailed description of the ability of the Hurst Group to extend, it will now explain the feature set extension and the architectural aspects of the communication pipeline and the full data object. Security Service Module (SSM) and related modules FIG. 40A is a functional block diagram of a system architecture 1000 connected to a host device 24 by a memory device (such as a flash memory card) to illustrate one of the present inventions. Item. The main components of the software module in the memory device of the card 20 are as follows: Secure Storage Application Transport Layer 1〇〇2 The Secure Storage Application Transport Layer is card-dependent. It handles the host-side secure storage application request (command) on the protocol layer of the card, and then relays it to the security service module Αρι. All host card synchronization and secure storage application command identification is implemented in this module. The transport layer is also responsible for all data transfer between the host 24 and the card. Security Services Module Core 1 〇〇4 This module is an important part of this secure storage application implementation. The security service module core implements the secure storage application architecture. More specifically, the security service module core implements the secure storage application tree and access control record system and all of the above corresponding rules that make up the system. The security service module core module uses a password compilation library 1〇12 to support the secure storage application security and password compilation features such as encryption, decryption and hashing. Security Service Module Core API 1006 This host and internal applications will be interfaced to the Security Services Module Core 122367.doc -94 - 200820037 to implement a layer of secure storage application operations. As shown in Figure 4A, the host 24 and the internal application 1〇1〇 will use the same Αρι. Security Application Administrator Module (SAMM) 1008 The Security Application Administrator Module is not part of the Secure Storage Application System. However, it controls the internal application of the Secure Storage Application System. An important module in the card. The security application administrator module manages all of the internal applications of the device's including: 1 • Application lifecycle monitoring and control. 2 · Application initialization. 3. Application/host/security service module interface. In-device application 1010 The internal application of the device is the application that is permitted to execute on the card. Their internal applications are managed by the Security Application Administrator module and are accessible to the Secure Storage Application System. The security {) service module core also provides a communication channel between the host applications and the internal applications. The example for such an internal execution application is the DRM application and the single-password (〇ne time passw de d; 〇τρ) application, as further explained below. Device Management System (DMS) 101 This module contains the procedures and protocols required to update the card's system and application firmware and add/remove services in a post-shipment (commonly referred to as post-release) mode. FIG. 40B is a block diagram of the internal software module of the core of the security service module core 122 12 367.doc -95 - 200820037. As shown in Figure 40B, core 1-4 includes a secure storage application command handler handler 〇22. Processing routines 〇22 analyze the commands originating from the host or originating from the internal application of the device before the command is transmitted to the secure storage application administrator 1〇24. All secure storage application security data structures (such as access control record groups and access control records) and all secure storage application rules and principles are stored in the secure storage application private scam library 1026. The secure storage application manager 1 24 performs the control exercised by the access control record and access control record groups and other control structures stored in the database 1026. Other items (such as identity items) and security data items are also stored in the secure storage application database 1026. The secure storage application manager 1 24 performs the control exercised by the access control record and access control record groups and other control structures stored in the database 106. The non-secure operation of the secure storage application is handled by the secure storage application non-secure operating module 1028. The secure storage application security operating module 1030 handles security operations under the secure storage application architecture. The module 1032 is an interface between the connection module 1030 and the cryptographic compilation library 〇12. The module 1034 is a layer connecting the modules 1026 and 1028 to the flash memory of FIG. 1. The communication (or Pass-Through) pipeline is used by the security service module core and the security application administrator. When the module is controlled, the pipeline objects enable the entity of the authorized host to communicate with the internal application. The host and the internal application are between 122367.doc -96-200820037/(4) This is done by the send and RECEIVE commands (defined below). The actual command should be specific to the genre. The entity that created the pipe (access control record) will need to provide the pipe name and the application to be opened - the channel to it. ID. As with all other protected objects, the access control record becomes its owner and is allowed to delegate usage rights and ownership to other access control records according to standard rules and restrictions. If the CREATE_PIPE privilege is set in the attribute management of the access control record of the authentication entity, then the identifiable entity will be allowed to establish the pipe material. Only the authority of the entity (4) The communication with the internal application is allowed only when the authority of the official channel is read or read. Only the real system of the pipeline owner or the delegated access right in the authority control record of the entity is allowed to own. Rights and Access Rights Delegation: With all other rights 'When delegated ownership to another access control record, 'preferably' strips the original owner's authority over the device application. Preferably, for - a specific application, establishing only the communication pipeline. The tricky 'establishment - the second pipeline and the connection to the second pipeline to the connected application will be rejected by the security service module system 10 (eight). 'Better' is a relationship between one of the internal applications 1010 of the device and a communication pipe. 'However, multiple access control records can communicate with an internal application of the device (through the delegation mechanism) A single access control record can communicate with several devices (via delegation or ownership of multiple pipes connected to different applications). Preferably, control is not 122367.doc •9 7- 200820037 The access control record of the same pipeline is located at the node of the 6 π π fully separated tree, so that there is no crosstalk between the communication pipes. The data is transmitted between the host and a specific application. The following commands are implemented: • WRITE PASS THR〇UGH (Write Value, Sore, (Mass In) - will transfer an unformatted data buffer from the host to the internal application. • READPASSTH GH (read pass) _ will transfer an unformatted data buffer from the field to the internal application of the device, and once the internal processing system is completed, the data buffer will be output. The host. The write transfer command and the read transfer command P are provided for the host to communicate with the device. The ID of the internal application 1008 is used as a parameter. The voice y and entity privilege will be acknowledged, and if the requesting entity (ie, the access control record hosting the session in use by the entity) has permission to use the pipe connected to the requested application' The data buffer will be interrupted and the command will be executed. The communication method allows the host application to access the control record session channel to transmit the vendor/specific specific command to an internal device application through the secure application. Safety Data Object (SDO) A useful item that can be used in conjunction with a feature set extension to make a meal 1 a safety item. ' This safety data item is used as a general purpose barn for women to store sensitive information. Similar to the content encryption key ^ ^ Q is owned by an access control record, and can be delegated access between the access control and has the right to have 122367.doc -98- 200820037. The safety data item contains information that is protected and used in accordance with pre-defined principles and, optionally, has an internal application to the device.

Ο Link of 1008. Preferably, the sensitive material is not used or interpreted by the secure storage application system, but is used or interpreted by the owner and user of the object. In other words, the secure storage application system does not identify the information in the data it disposes. In this way, when the data is transferred between the host and the data objects, the owner and user of the data in the object can be less concerned with the sensitivity caused by the connection to the secure storage application system. Loss of information. Therefore, the secure data object is created by the host system (or internal application) and assigned a string of ids similar to the way the content encryption key is established. In addition to providing the name, the host also provides an application ID linked to the secure data object and one of the data blocks to be stored, integrity verified and received by the secure storage application. . Similar to the content encryption key, the security data item is preferably created only during the secure storage application session. The child control record used to open the session control record becomes the owner of the security data object, and is the right to secure the data object, write and read the sensitive data, and delegate the rights to the second party and access the security object. Within the same access control record group). These writers and read operations are reserved exclusively for the possession of the secure data item. - Write the data buffer provided by the person. (4) The object information of the data object. - The read operation will record the complete data of the county. Wang Beiwu Objects 122367.doc -99- 200820037 Allow non-owner access control records with appropriate access rights to secure data access operations. The following operations are defined: • SDO Set, the application (1) is defined: the data will be processed by the internal secure storage application with the application ID. The application is invoked by being associated with the secure data object. As a result of the selection, the application will write the security data object.

• SDO Set (safe data object setting), application m is null (null): This option is invalid and will prompt an illegal command error. This command requires an internal application that is executed on the card. SDO Get (the security tribute object is obtained), the application id is defined: the request will be processed by the device (4) with the application D (4). The application is made by associating the security data object. The output (although not defined) will be passed back to the requester. The security object will optionally be read by the affiliation. SDO Get (secure data object acquisition), the application is null (this option is invalid) and will prompt - illegal command error. The Get command requires an internal application that is executed on the card. Queen's beaker object related permissions: an access control record can be the king of the object owner or just have access rights (Μ, (4), or two = additional '- access control records can be allowed to pass for non-owned The access rights of the female (four) object to the other - access (four) (four). If _ = system 2 has access control record attribute management authority ' then the access control: the record system can be explicitly allowed to establish a secure data object and delegate access 122367.doc •100- 200820037 Internal Access Control Recording An internal access control record is similar to any access control record with an access control record, except that an entity outside the device 10 cannot log into the access control record. When the object under the control of the secure storage application manager 1024 of FIG. 40B or the application associated with it is invoked, the secure storage application administrator 1 24 of FIG. 40B automatically logs in to the internal access. Controlling the record. Because it attempts to gain access to the real system of the card or the entity inside the memory device, no authentication is required. The secure storage application administrator 1024 will only transmit a session key to the internal access control record to enable internal communication. Two examples will be used to show the ability to extend feature sets: single-password generation and digital rights management. Before the example, the release of two-factor authentication will be explained first. Two-factor authentication (DFA) Two-factor authentication is a recognition agreement designed to add an additional secret. The second factor "to standard user authentication (ie, user name and weight)" enhances the security of the individual's login to, for example, a web service server. The second secret is typically held by the user. Some of the things that are stored in the body are all stored in the store. During the login process, the user needs to provide proof of possession as part of the login authentication. A single-password, which is only suitable for a single-entry password, which is generated and output by the security token. If the user can provide the correct one-time password, it is considered to be charged. Sub-certificate 122367.doc -101 - 200820037 Zeng Wei: f ^'s possession 'Because there is no such code under the cryptographic compilation method: ☆ The horse system is not practicable. Because the single password is only suitable for people. The H user system should have this token when you log in, because the old password captured by -, ,, using - from - previous login will no longer be valid. : The following is the &amp; Securely store the application security data structure, plus a feature set extension design to calculate the next password in the single Mickey series to implement a flash memory card with multiple "virtual" security tokens Each token generates a different series of passwords (which can be used to: enter a different _ website). The block diagram of this system is shown in Figure 41. The throttled system 1050 includes an authentication server 1〇52, an internet server 1054, and a user 1〇56 having a token. The first step is to agree to a shared secret (also known as seed t, should) between the server and the user. User 1 〇 56 will request a secret or seed to be posted and will store it in the security token 1〇58. The next step is to tie the secret or seed to a specific web service server. Once the system is completed, the identification takes place. The user will instruct the token to generate a single password. A one-time password with the username and password is transmitted to the Internet server 1054. The Internet server 1054 forwards the one-time password to the authentication server 1052 and asks it to verify the ID of the user. The clock authentication server will also generate a single password, and since the single password is generated from a common secret along with the token, it should match the single password generated from the token. If a match is found, the user's ID is verified and the authentication server will send back a positive confirmation to the internet server 1054, which will complete the use. 122137.doc -102- 200820037 Login procedure. The feature set extension implementation for the single cipher generation has the following features to securely store (encrypt) the single cipher seed within the card. • The password generation algorithm is executed within the card. • The device Π) can simulate multiple virtual tokens, each virtual token is stored in a different seed, and different passwords can be used to generate the algorithm.

• The ahai device 1 0 provides an order f, and the A protocol transmits the seed from the authentication server to the device. Secure Health Application for Single Cipher Seed Provisioning and Single Password Generation The private feature is shown in Figure 42, where the solid arrow indicates ownership or silk weight and the dashed arrow indicates relevance or link. As shown in FIG. 42, in the secure storage application feature group extension system 1100, the software code feature group extension can be accessed through one or more communication channels 1104, and the communication channel 1104 is controlled by N applications. Each of the access control records is shown in the following K example, only a feature set extension software application 'and for each feature group extension application, only the communication pipe. However, it should be understood that more than one feature group can be used to extend the application. Although Figure 42 shows only one communication pipe, it should be understood that a plurality of communication pipes can be used. All such changes are possible. The model group extension (10) can be used for a single; password-applied application' and forms the device internal application subset σ control structure of Figure 4A (access control record 1) 1 〇 1, 1 1 03, 1110) is a fully stored data security structure in the application 122367.doc 200820037 P knife is stored in the secure storage application database (7)%: Know the object 1120 , the identity object 1122 and the communication pipe 11〇4, material,. The structure is also stored in the secure storage application database (7)^. &gt; Map GA and 4GB, involving such access control records and data structure = security related operations (such as data transfer during the session, and operations such as encryption, decryption and hashing) are provided in the interface and password compilation With the help of the library 1〇12, it is disposed of by the module. The Security Services Module Core I 1006 does not distinguish between operations involving access control records (external access control records) that interact with the host and internal access control that does not interact with the host. The recorded operations, and thus the indiscriminate operation of the host, relative to the operation of the in-app application 1010. In this way, the same control is performed by the access performed by the host entity and by the access system (4) implemented by the internal application of the device. This results in the flexibility to divide the data processing between the host application and the internal application of the device. The internal applications 1010 (eg, feature set extensions in FIG. 42) are associated with the internal access control records (eg, access control records n〇3 in FIG. 42) and are transmitted through the internals. The control of the access control record is invoked. Furthermore, the security data structure of the access control record and access control record group, such as the associated secure storage application rules and principles, preferably controls the important information. Accessing information such as content within a secure data object or content that can be derived from content within a secure data object, such that external or internal applications can only be stored according to such secure storage applications 122367.doc -104 - 200820037

存取 then access the content or information. For example, if two different users can call an internal application of one of the internal applications of the device to process the data, the internal access control record located in the separated tree hierarchy is used. To control the two users to implement ^ access 'such that there is no crosstalk between them. In this way, both users are able to access the co-group device internal application i 〇i 〇 for processing the data without fear that the owner of the content or information within the secure data object loses the content. Or control of information. For example, access to stored secure material object data accessed by the device internal application 1010 can be controlled by access control records located within a separate tree hierarchy such that there is no crosstalk between the two The four control methods are similar to the way the secure storage application controls access to data. This provides the content owner and user with the security of the data stored in those data items. Referring to FIG. 42, S is stored in the one-time password (four) host application &lt;-part of the required software application code (for example, pre-stored before the memory card is released or loaded after the memory card is released) The memory device 10 is possible as an application within the feature set extension 1102. In order to execute such a code, the host will first need to authenticate through one of the N authenticated access control records 1106 (N is a positive integer) to gain access to the pipeline 11〇4. The host will also need to provide an application m for identifying the application associated with the single password associated with it. After being authenticated, such code can be accessed for execution via the pipeline 11〇4 associated with the single password-related application. As noted above, preferably, there is a one-to-one relationship between a pipe 11〇4 and a particular application (such as 122367.doc • 105-200820037 a single weight related internal application). . If not in Figure 42, a plurality of access control records 116 can have control over a common conduit 11 04. An access control record can also control more than one pipe. Figure 42 shows a security data item 1, a security data item 2, and a security data item 3, collectively referred to as an object 1114, each containing data, such as one seed for a single desire to generate, the seed being valuable and more Jia is Jiaxiong. The link or association between the three data objects and the feature set extensions 2108 indicates that the attributes of the objects are: when accessing any of the objects, having the secure data object The application within the attribute ID of the application ID extension 11〇2 will be called, and the application will be executed by the central processing unit 12 of the memory device without receiving any further host commands (Fig. ). Referring to FIG. 42, the security profile (access control records 11〇1, 11〇3, 11〇6, and 1110) has been established to have control before a user can start the one-time password procedure. The permission control record of the single password program. The user will need to have access rights to invoke a single cryptographic device internal application 1102 through one of the authentication server access control records 1106. The user will also need to have access to a single password generated by accessing one of the N user access control records 11 1 . The secure data objects 1114 can be created during the single cryptographic seeding process. Preferably, the internal access control record 丨1〇3 has established and controlled the identity object 1116. The internal access control record 丨丨〇3 also controls the secure data items 1114 after it is created. When the secure data item 1114 is accessed, the secure storage application manager 122367.doc -106 - 200820037 in FIG. 40B automatically logs the internal access control record 11G3. The internal access control, the recorded 11 G3 system is associated with the feature set extension. During the single password seed t, the county order, how the security data objects (1) become associated with the temple, I stretch, as shown by the dotted line 丨丨〇 8. After the association is ready, when the security information object is accessed by the device, the association i(10) will cause the 2 syndrome extension 1102 to be invoked, without requiring a further explicit request from the host to pass through N The security application manager 1024 in the access control record 1106 accessing the communication channel 1G4% of the target side also automatically accesses the control record ii 〇3. In both cases (access to secure bedding object 1114 and official J 1〇4), the secure storage application administrator will communicate the session number to the feature group extension, which will identify the session number. The channel to the internal access control record 1103. The single cryptographic operation involves two phases: one is shown in the seed supply phase of Figure 43; and the single cryptographic generation phase is shown in Figure 44. Referring to Figure 40 42 will also be sufficient to aid in the description. Figure 43 is a diagram showing the agreement of the seed supply procedure. As shown in Figure 43, various actions are taken by the host (such as host 24) and by the card. The security service module system of the security system module is included in the card of the various actions and the security system module of the 40B. Another real system on the card that takes various actions is shown in Figure 42 as the feature set extension 11〇2. In two-factor authentication, the user requests a child to be published, and once the seed is published, the seed is stored in a security token. In this example, the security token is the memory device or card. The user authenticates one of the authentication access control records 11〇6 in Fig. 42 and accesses the security service module (arrow 1122) at 122367.doc • 107-200820037. Assume (4) success (Shantou 1124) ‘(4) The user requests a kind of child (arrow ιΐ26). The host transmits the request to sign the seed request to the card by selecting a particular application U02 for signing the seed request. If the user does not know the particular application m to be called, the information can be obtained from the device 10, for example, through a cautious query for the device. In response, the user enters the application ID of the application that should be invoked, thereby selecting - corresponding to the communication pipeline of the application. Then, through the corresponding communication pipe, the user command is forwarded to the application specified by the application ID of the user (arrow 1128). The called application requests a signature by the public key in the specified identity object (identity object 1112 in Figure 42). The security service module system signs the seed request using the public key of the identity object and notifies the application that the signature is complete (arrow 1132). The invoked application then requests the credential chain of the identity object (arrow 1134). In response, the security service module system provides a credential chain of the identity object controlled by the access control record 1103 (arrow 1136). Then, the called application provides the signed seed request and the credential chain of the identity object to the security service module system through the communication pipeline, and the security service module system forwards the signed seed request And the credential chain of the identity object is linked to the host (arrow U38). Transmitting the signed seed request and the credential chain of the identity object through the communication pipeline through the security application administrator module 1008 and the security service module core 1004 constructed in FIG. 40A The callback function 122367.doc -108- 200820037 can 'which will be explained below. Next, the signed seed request received by the host and the credential chain of the identity object are transmitted to the (4) fingerprint server 1052 as shown in FIG. The credential chain provided by the card verifies that the signed seed request originates from a trusted token such that the authentication server 1〇52 wants to provide the secret seed to the card. Therefore, the clock server (4) transmits the seed of the public key encryption of the identity object to the host along with the user access control record information. The user information indicates an access control record that gives the user the right to access the single password to be generated in the n user access control records. The host invokes the feature set to extend a single-password application within 11〇2 by providing the application ID, thereby selecting a communication channel corresponding to the application, and forwarding the user access control record information to The security service module system (arrow 丨 14〇). Then, . The seed, and the user access control record information are forwarded to the selected application (arrow 1142) through the communication pipe. The called application transmits a request to the security service module system for decrypting the seed using the private key of the identity object (arrow 1144). The security service module system decrypts the seed and transmits a notification that the decryption has been completed to the application (arrow 1146). The invoked application then requests to establish a secure data object and store the seed in the secure data object. It also requests that the secure profile object be associated with the ID of the single cipher application (which may be the same as the application being requested) for generating the single passcode (arrow 1148). The security service module system establishes one of the security data objects 1114, and stores the seed in the security component 122367.doc -109-200820037: and associates the security data object with the single password The application's m' and when notified completes the notification to the application (arrow =. Then 'the application requests the security service module system to delegate the user access information based on the user information provided by the machine Accessing the secure data item 1114, accessing the control record to the appropriate user (arrow 1152). After the delegation has been completed, the security service module system notifies the application (arrow 1154). The application transmits the name of the U-face (thin) to the security service module system (arrow ιΐ56) through the communication pipe through the callback function. The receiver's full service module system transfers the The name of the security data object is sent to the host (arrow 1158). Then, the host binds the security data object to the user access control record, so that the user system can now save The secure data item will now be described with reference to the protocol diagram in Figure 44. In order to obtain the single password, the user will log in to the user access control record with access rights (arrow 1172). If the authentication is successful, the security service module (4) informs the host, and the host transmits a "correct security data object" command to the security service module (arrow: 174 1 176) ° as described above 'The security data object that stores the seed has been associated with the application used to generate the single password. Because: 4: Select the application through the communication channel as before, this: the person generates the application in the code It is invoked by the association between the security element (arrow 1176) accessed by the command and the single password generation application (arrow 1178). Next, the single password generation application please 122367. Doc -110- 200820037 ...Hai security service module system since the security: (4) the object reads the content (that is, ^ seed K arrow said). Preferably, the security service module does not know that the female is completely greedy The information contained in the content of the piece, and will only be processed according to the feature: indication to process the data in the security data object. If the seed is encrypted, then this may involve the extension of the feature group before reading Decrypting the seed. The security service module (4) automatically reads the seed from the seed to the single password generation application (= 1182). Then, the single password generation application generates the single password and provides the A single password is given to the security service module system (arrow ιΐ8. Then the single password is forwarded by the security service module to the host (arrow U86). Then, the host forwards the single password to the certificate. The server 1052' is acknowledged to complete the two-factor authentication and authentication procedure. Callback function 建 A general-purpose callback function is established between the security service module core 1〇〇4 and the security application administrator module 丨008 in FIG. 40A. Different device internal applications and communication pipes can be logged in to have such functionality. Therefore, when an internal application is invoked, the application can use the callback function to transmit the processed data to the secure service module through the same communication channel used to transmit a host command to the application. Group system. DRM System Embodiment FIG. 45 depicts a functional block diagram of a non-DRM system employing a communication pipe 1104, a content encryption key 1114 having a link 1108' to a feature group extension application 11〇2, and for controlling These functions are implemented to implement DRJV [function control structures ιι01, 11〇3, and 11〇6. As will be noted 122367.doc • 111 · 200820037 to 'Architecture in Figure 45 is quite similar to the architecture of Figure 42, but the security data structure now contains the usage rights server access control record n 〇 6, and play save The control record 111 0' (instead of the authentication server access control record and the user access control record) and the content encryption key 1114 (excluding the security data object) are excluded. Moreover, the identity object is not involved, and thus the identity object is omitted in Figure 45. The content addition key 1114' can be established in the usage right provisioning program. The protocol diagram of Fig. 46 shows a procedure for use rights provisioning and intranet downloading where the key is provided in the usage rights object. As in the single-password embodiment, a user who wants to obtain an authorization will first need to have one of N access control records π 0 6 ' and N access control records 1110, one of which The access rights are obtained such that the content can be presented by a media player, such as a media player software application. As shown in Fig. 46, the host authenticates to a usage right server access control record 11 〇 6 彳 arrow 1202). Assuming the authentication is successful (arrow 12〇4), the usage right server provides a license file with the same content encryption key (key ID and key value) to the host. The host also selects the invoked application by providing the application ID to the secure service module system on the card. The host also transmits player information (e.g., information on a media player software application) (arrow 12〇6). The player information will indicate under which of the N player access control records 111, the player has access. The security service module system forwards the usage right through the communication channel corresponding to the selected application, and encrypts the content to the DRM application (arrow 12〇8). Then the called application requests the security service module system to write the 122367.doc -112-200820037 rights file into the hidden partition (arrow 1210). When the usage rights file is thus written, the security service module system notifies the application (arrow 1212). Next, the DRM application requests an established content encryption key object 1114, and stores the key value from the usage rights file in the created content encryption key object 1114. The drm application also requests the content encryption key object to be associated with the ID of a drm application (the D R Μ application checks the authorization associated with the provided key) (arrow 1214). The security service module system performs these tasks and thus notifies the application (arrow 1216). Next, the application requests to delegate read access to the content encryption key 1114' to the player access control record based on the player information transmitted by the host (the player has the player stored in the player) Take the permission to control the stored #content) (arrow (2) ^, the full service module system implements the delegation, and thus informs the application private U header 122G). Transmitted by the communication channel through the communication pipe

The security function is involved, so that the security is stored. The content encryption key provided to the card. The encrypted content is stored by the primary name. The encrypted full-service module system is not involved in the transmission of the user through the host, as indicated by arrows 1152 and 1154 above. The playback operation is shown in Figure 47. Suitable playback access control record (also 122367.doc -113 - 200820037

The user is delegated the right to play the access control record) for authentication (arrow 1242). Assuming the authentication is successful (arrow 124 sentences, the user then transmits a request to read the content associated with the key m (arrow 1246). Upon receiving the request, the security service module system will discover The m of the DRM application is associated with the content encryption key object being accessed, and thus will result in the call of the identified DRM application (arrow 48).

The private π-seeking security service module system reads the data associated with the key ID (i.e., the 'right to use') (arrow 125 〇). The security service module does not know the information (4) that it is requested to read, and the request is processed from the feature group extension to implement the data reading process. The security service module system reads data (i.e., usage rights) from the hidden partition and provides the information to the DRM application (arrow m2). Next, the drm application interprets the data and checks the usage rights information in the data to see if the usage rights are valid. If the usage right is still valid, the application will notify the security service module system to permit content decryption (arrow 1254). Next, the full-service module system uses the content encryption key object. The value decrypts the content of the request and provides the decrypted content to the host for playback (arrow 1256). If the usage right is no longer valid, the request for content access is denied. If no secret is provided within the usage rights from the usage server, the usage rights and content downloads will be slightly different from the one shown in the figure. Such different schemes are shown in the agreement diagram of Figure 48. The same steps between Figure 钧 and Figure 48 are identified by the same component symbol. Therefore, the host and the security service module system are first authenticated (arrow 122367.doc -114- 200820037 1202, 1204) The usage right server provides the usage rights file and the key ID (but no such key value) to the host, and the host will forward the provided usage rights file and the key ID together with the host The ID of the drm application is to be called to the security service module system. The host also transmits the player's poor message (arrow 1206'). Then, the security service module system transmits the application corresponding to the selected one. The communication pipeline forwards the usage rights and the key ID to the selected DRM application (arrow 12〇8). Then, the DRM application requests to write the usage right file to the hidden partition. Among (arrow 1210). When the usage rights file has been written in this way, the security service module system notifies the DRM application (arrow. Then, the DRM application requests the security service module system to generate a key value, establish a content encryption key object, storing the key value therein and associating the content encryption key object with a DRM application (arrow 1214). After the request has been met, the security service module system transmits A notification to the DRM application (arrow 1216). The DRM application will then request the security service module to delegate read access to the content (four) object based on the player's poor message transmitted by the host. The player is given access control record (arrow 1218). When the system is completed, the security service module system thus notifies the DRM application (arrow 122). The recipient of the DRM application to the security service module The group system notifies that the usage right has been stored, wherein the notification is transmitted through the communication tube by a callback function (front 1222). The notification is forwarded to the usage right. The server (arrow 1224). The usage server then transmits the 4 files associated with a cipher D to the security service module system (arrow η%). The security 122367.doc -115- 200820037 service module The system encrypts the content with the key value identified by the key 10 without involving any application. The content so encrypted and stored on the card can be played using the protocol of Figure 47. In the secondary password and DRM embodiments, the feature set extension and 1102' may contain a number of different single-password and drm applications for host device selection. The user has the option of selecting and invoking the desired internal application of the device. 'The overall relationship between the security service module and the feature set extension remains the same, enabling users and data providers to use standard protocol groups for interaction with the security service module and for invoking This feature set extends. Users and providers do not need to be traits that involve many different internal applications of the device, and some of the internal applications of such devices can be proprietary. Furthermore, the supply agreements may be slightly different, as in the case of Figures 46 and 48. In the case of Fig. 46, the usage right object contains a _ secret value, and in the case of Fig. 48, the usage right object has no key value. This difference requires slightly different agreements, as described above. However, the playback in Figure 47 is the same, regardless of how the usage rights are provided. Therefore, this difference will only be with the content provider and the distributor, but typically it is not related to the consumer, and the consumer t-type system is only involved. To the playback stage. Therefore, this architecture provides great flexibility to content providers and distributors to customize agreements, while maintaining easy access to customers, and information derived from data supplied by more than two supply agreements can still be used. Two agreement access. Another advantage provided by the above embodiments is that external entities (such as users) and internal applications of the devices can share the use of data controlled by the security 122367.doc • 116- 200820037 data structure. However, the user can only access the results derived from the stored data by the internal applications of the devices. Therefore, in the embodiment of the single-password, the user who passes through the host devices can obtain the single password only for the month b, and the seed value cannot be obtained. In the second DRM embodiment, the user of the host device is only able to obtain the presented content, but does not access the usage rights file or password compilation key. This feature allows the consumer to be convenient without compromising security. In the embodiment, the internal application and the host of the device do not have access to the cryptographic key; only the security data structure can access the code, the squad, and the key. In other embodiments, the real system other than the security profile can also access the cryptographic key. The secrets can also be generated by the internal applications of the devices and then controlled by the security data structure. Access to the internal applications of such devices and access to information (eg, a single cipher and the inner valley presented) are controlled by the same security data structure. This reduces the complexity of the control system and cost.委 ^ by delegating access from the internal access control record (which controls access to % of the devices in the device) to an access control record (which controls the host access by calling the etc.) The ability to obtain information from the internal applications of the device' This feature makes it possible to achieve the above features and functions. Application-specific abolition scheme When an internal application system is invoked, the access control protocol for the security lean structure can also be modified. For example, the voucher revocation agreement may be a standard agreement or a proprietary agreement that uses the voucher revocation list. Because of the extension of the 1 levy group, the revoked list of vouchers of the standard can be replaced by the exclusive agreement of the feature group extension. Two quick abolition list abolition scheme, secure storage application 1 - resides in the device (4) specific internal programming, can be between the device internal application disk, spear and 4 certificate authority or any other abolished authorization unit - 钇古, s~ ^ ^ #有通巩 channels and abolish the host. This internal application exclusive abolished Fang Xiaochuan's yang system is limited to this host-application relationship. Ο C) When the configuration should be _typed, the safe storage application, 糸, 、 will reject the vouchers list (if provided), otherwise it will use “and β-specific application data (S Pre-existing through the application-specific communication pipeline to determine whether the given certificate is revoked. As stated, the access control record is specified by the abolition value and the abolition scheme (no abolition scheme, The standard voucher revocation list scheme uses which of the % specific abolition schemes is adopted. When the application option is selected, the access control record is also specified for: the internals of the abolition scheme One of the application ID IDs, and the value in the voucher revocation list expiration period/APP-ID field will correspond to the internal application ID that manages the abolition case. When the device is authenticated, the secure storage application % The system will then support the proprietary solution of the internal application. The set of agreements is replaced by another set of agreements, and the invocation of a device internal application can be performed by the secure storage application. The access control grants the amount of access conditions. For example, a feature group extension can further check the right to access one of the key values in the content encryption key. The Anwang storage application system determines one. After the access control record has access rights to a secret value of 122367.doc -118-200820037, the feature set will be queried during the grant of the grant to the σH. This feature allows the content owner to control the content. The nature of the access will be understood, and the present invention will be described with reference to various embodiments, and variations and modifications may be made without departing from the scope of the invention. (4) Set by the attached application and its equals [Simplified description of the drawings]

Ο / Figure 1 illustrates a block diagram of a memory system that facilitates communication with a host device in accordance with the present invention. FIG. 2 illustrates an unencrypted and encrypted file stored in different partitions of the memory of different embodiments of the present invention, wherein some partitions and The access to the encrypted file is controlled by the access principle and the clock recognition program. Figure 3 depicts a schematic diagram of memory that does not store different partitions within the body. Figure 4 illustrates a different embodiment of the present invention to facilitate the interpretation of the present invention. 3 is a schematic diagram of a file location table of different partitions of the memory of FIG. 3, wherein certain files in the partitions are encrypted. Figure 5 illustrates an access control record that facilitates explaining one of the different embodiments of the present invention. A schematic diagram of access control records and associated key references within a group. Figure 6 illustrates a tree structure formed by access control record groups and access control records to facilitate the interpretation of various embodiments of the present invention. Figure 7 is a schematic diagram of a tree of three tree hierarchy structures of an access control record group to illustrate the procedure of the tree. Figures 8 and 8 illustrate a host device and a memory card such as a memory card. 122367.doc • 119- 200820037 A flow chart of a program for establishing and accessing a system access control record is implemented by the memory device. Figure 9 is a diagram illustrating the use of a system access control record to facilitate the interpretation of one of the various embodiments of the present invention. A flow chart for establishing a program for accessing a control record group. Figure 1 is a flow chart showing a procedure for establishing an access control record. Figure 11 is a diagram showing a specific application of a tree hierarchy structure. A schematic diagram of two access control record groups. Figure 12 depicts a flow chart for a procedure for delegating a child's rights to the rights of the child. Figure 13 shows an access control report. A schematic diagram of an access control record to illustrate the delegating procedure of Figure 12. Figure 14A shows a flow diagram of a procedure for establishing a key for an escalation and/or decryption use. A flow chart for a procedure for removing access rights and/or poor access rights based on access control records. When the access rights and/or access rights for the field have been deleted or have expired Flowchart of the program requesting access. Figure 17Α and 17Β </ RTI> </ RTI> </ RTI> </ RTI> </ RTI> </ RTI> </ RTI> </ RTI> </ RTI> </ RTI> </ RTI> A block diagram that controls the data structure of the accepted alternative method. : 9 depicts the flow chart of the 7F password-using authentication procedure. No main-chain m 122367.doc -120- 200820037 Figure 21 shows several device credential chains Figure 22 and Figure 23 (including Figures 23A and 23B) illustrate a protocol diagram for a unidirectional and mutual authentication scheme. Figure 24 illustrates one of the embodiments of the present invention. The schema of the credential chain.

/ I

Figure 25 is a table of information in one of the control sections before the credential buffer, and the information is transmitted by the host for transmitting the last credential to a record, which is the voucher chain One of the last vouchers is shown to illustrate another embodiment of the present invention. Figures 26 and 27 are flow diagrams showing the card and host program for the authentication scheme, respectively, wherein a memory card is authenticating a host device. Figures 28 and 29 are flow diagrams of the card and host program for the authentication scheme, wherein the host device is authenticating a memory card.囷 3 3 3 3 3 3 3 ' ' ' ' ' ' 由 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机 主机To explain another embodiment of the present invention. The edge tf of Figure 32 lists the document revocation list schema for the fields in the voucher revocation list to illustrate another embodiment of the present invention. Referring back to 33 and 34, respectively, a flow chart for the card and host program for verifying the voucher using the voucher revocation list. Figure 3S shows a flow chart for a card program for card-to-carrying to the host and for signing and for decrypting the data from the host. Figure 36 shows the host program six times...a 'where the card is signed to the shell transmitted to the host. 122367.doc -121 - 200820037 Figure 37 illustrates a flow diagram of a host program in which the host transmits encrypted data to the memory card. 38 and 39 are flowcharts showing procedures for general information inquiry and cautious information inquiry, respectively. Figure 4 is a functional block diagram of a system architecture of a host device (such as a flash memory card) coupled to a host device to illustrate an embodiment of the present invention. 40B is a functional block diagram of an internal software module of the core of the security service module of FIG. 40A. Figure 41 is a block diagram of a system for establishing a one-time password. Figure 42 is a block diagram showing the function of a single password seed supply and a single password generation. Figure 43 depicts an agreement diagram for the seed supply phase. Figure 44 illustrates a protocol diagram for a single password generation phase. Figure 45 is a functional block diagram of the DRM system. Figure 46 is a diagram showing a protocol for a procedure for usage rights provisioning and content downloading, in which a key is provided in a usage rights object. Figure 47 is a diagram showing the protocol for a program for a playback operation. Figure 48 is a diagram showing a protocol for a procedure for use rights provisioning and content downloading in which a key is not provided in the usage rights object. [Main component symbol description] 10 Memory system 10, memory card or memory bank 12 Central processing unit 122367.doc • 122- 200820037 12a Central processing unit random access memory 14 Buffer management unit (BMU) 16 Host interface module Group (HIM) 18 Flash Memory Interface Module (FIM) 20 Flash Memory 22 Peripheral Access Module (PAM) 24 Host Device 26 Host Interface Bus 26a 埠 28 Flash Memory Interface Bus 28a 埠32 Host Direct Memory Access (HDMA) 34 Flash Direct Memory Access (FDMA) 36 Arbiter 38 Buffered Random Access Memory (BRAM) 40 Password Compilation Engine 101 Files 102 and 104 Files 106 Unencrypted Files 130 Root access control record group 132 root access control record group 502 host root certificate authority unit certificate 504 host 1 certificate authority unit (second level 506 host certificate 122367.doc • 123 200820037 508 host n certificate authority unit (second Level) Credential 510 Host 1 Credential Authorization Unit (Level 3) Credential 512 Host Credential 514 Host Credential 520 Device Document Authorization Unit Document 522 Device 1 Document Authorization Unit (Manufacturer) Document 524 Device Document 526 Device n Document Authorization Unit (Manufacturer) Document 528 Device Document 542 Security Service Module System 540 Host System 550 Access Control Record 548 Host Root Credential 544 Host Credential 546 Host Public Key 549 Intermediate Credential Authorization Unit 554 Random Number 547 Private Key 562 Random Number 590 Credential Key 590(1) Credential Chain 590(2) Credential 590(9) Credential 591, 593, 595, Credential String 122367.doc -124- 200820037 597 and 599 1000 System Architecture 1002 Secure Storage Application Transport Layer 1004 Security Service Module Core 1006 Security Service Module Core API 1008 Security Application Administrator Module 1010 Device Internal Application 1011 Device Management System 1012 Password Compilation Library 1022 Secure Storage Application Command Processing Normal 1024 Secure Storage Application Administrator 1026 Secure Storage Application Database 1028 Secure Storage Application Non-Security Operation 1030 Secure Storage Application Security Operation Mode 1032 Module 1034 Module 1050 System 1052 Authentication Server 1054 Internet Server 1056 User 1058 Symbol 1100 Secure Storage Application Feature Group Extension 1101 Access Control Record 1101, 1103 and Control Structure 122367.doc -125- 200820037 Ο

1106* 1102 Software Code Feature Group Extension 11021 Feature Group Extension Application 1103 Access Control Record 1104 Communication Pipeline 1104, Communication Pipeline 1106 Application Access Control Record 1106 Access Control Record 1108 丨 Link (Affinity) 1110 Access Control Record 1110' Access Control Record 1114 Security Data Object 1114* Content Encryption Key 1116 Identity Object 1120 Identity Object 1122 Identity Object 122367.doc 126-

Claims (1)

200820037 X. Patent application scope: 1. A method for authenticating a first entity by a second entity, comprising: receiving a credential chain at a second entity for use in the second entity ^4, the first entity, the voucher chain comprises a plurality of consecutive voucher strings, the v. voucher strings individually comprise at least one voucher; the second real system verifies the credential string in the voucher chain in a sequence, the entity The sequence receives the certificate in the voucher key (the string of the certificate; and the heart of the second entity detects whether the complete voucher chain has been received. 2·= the method of claim 1, wherein the detection system Detecting whether at least one of the vouchers received by the second shell is the last _ credential of the credential chain. 3. The method of claim 2, further comprising verifying the received credential. The method of claim 2, wherein the last voucher in the voucher chain contains an indication that the last voucher in the voucher chain is, and the detection system detects the indication. The method of item 2, wherein 'the first entity contains a memory device and the far second entity comprises a host device, the memory device being detachably connected to the host device. The method of claim 5, wherein the method further comprises receiving the voucher chain = Except after the last voucher, the second entity, after receiving each of the voucher strings, transmits a sequence of 122367.doc 200820037 for the next voucher string to the first entity in the sequence. The method of claim 6, wherein the second entity is requested from each of the second entities. 8. The method of claim 1, wherein the first entity includes a detachable connection to the host 9. The method of claim 1, wherein the card N step comprises the brother entity responding to, and transmitting one of the credential strings to the second entity comprising a memory device host device, the memory device The device is a device. The second entity contains a memory 10. The method of claim 1 sends the certificate string to the first entity. It further comprises continuously transmitting two entities according to the sequence for use in To the The method of the second entity to identify η·如相求1, in #, each of the voucher strings includes 〆: certificate, the second entity contains - memory oscillating, the method further The voucher received at the second entity is stored in the memory device and wherein each voucher other than the last-voucher stored in the voucher chain is received at the second entity The next voucher is overwritten. The method of the monthly requester 11 further includes configuring a memory space in the memory device that does not have enough to store a voucher. 13·- for identifying the second entity by the second entity A method of a first entity, comprising: transmitting a credential chain to the second entity for authenticating the second entity to the second entity, the credential chain comprising a plurality of consecutive credential strings, the 122367. Doc 200820037 The credential string individually contains at least one credential; 3H second real system continuously verifies the credential strings in the credential chain in the order - 'where the ones in the credential chain are continuously transmitted in this order . I 14. The method of claim 13 'the second real system validating the credentials transmitted to the second entity in a verification procedure, and when at least one certificate transmitted to the second entity is in the verification program In the event of a failure, the method further includes terminating the verification procedure and transmitting the terminating item indication to the second entity. 15. The method of claim 14 further comprising receiving at the first entity δ, and stopping the transmission when the indication is received. The method of claim 13, wherein the last-voucher in the voucher chain transmitted to the second entity includes a method of referring to a mean value of the last voucher in the voucher chain, wherein the voucher is The entity comprises a memory device and the first entity comprises a host device, the memory device being detachably connected to the host device. 18. The method of claim 17, further comprising, after receiving the last voucher in the voucher chain, the second entity transmitting in the order after receiving each of the strings: A request is made to the first entity for the next credential string. The method of item 18, wherein the step-by-step comprises: transmitting, by the first entity, each request of the second entity to the second entity to the second entity. 122367.doc 200820037: The method of Chang 2, wherein the second entity comprises a memory device and the first entity comprises a host device, the memory device being detachably connected to the host device. 21. The method of claim 13 wherein each of the credential strings comprises a certificate that the second real system verifies in a verification procedure, and wherein the pass (four) material delivery voucher chain To the k entity, for obstructing the entanglement of the second entity, until the entity has transmitted all the vouchers in the reliance chain, %, unless passed to The at least one of the credentials of the second entity fails in the verification procedure. 22, as in the set of claim j 3, the second entity contains a memory 卞 0 23. As in the method of claim 13, the mother of the τ β temple credential string contains a voucher, the second entity Included in each of the hidden bodies, the method further comprises receiving the 兮# at the second entity; the horse is collected in the memory, and the bean is stored in the memory , 兮 兮 八 — U U U U U U U U U U U U U U U U U U U U U U U U U U U U U U U U U U 忒 忒24. The method of claim 23, further comprising a memory space in the memory device that is not configured to store a voucher. 25. A method for mutual authentication between a _first, ^ entity and a second entity, comprising: (a) receiving a buddy chain at the discord of the brother Approving the first entity to the second entity, the horse (four) "the first voucher chain contains a plurality of consecutive ones: the second two brothers - the voucher strings in the voucher chain individually contain at least ^ ^ first real system to The first sequence sequentially verifies the plurality of credential strings in the first 122367.doc 200820037 credential chain, wherein the credential strings in the first credential chain are continuously received in the first order at the second entity; (b) detecting, at the second entity, whether a complete first credential chain from the first entity has been received; (c) receiving a second credential chain at the first entity for use in the first The entity authenticates the second entity, the second credential chain includes a plurality of consecutive credential strings, and the credential strings in the second credential chain individually comprise at least one credential, the first real system continuously in a second order Verifying the credential strings in the second credential chain, wherein the The plurality of credential strings in the credential chain are continuously received in the first order; and (d) detecting, at the first entity, whether a complete first credential chain from the second entity has been received. The method of item 25, wherein the detecting in (b) or (d) detects whether at least one of the received documents is the last voucher of the first voucher chain or the second voucher chain 27. The method of claim 26, further comprising verifying the received credentials in a verification procedure after (a) or (c), and transmitting to the first entity or the second entity The at least one voucher terminates the verification process when the verification process fails. 28. The method of claim 26, wherein the first voucher chain or the last voucher in the second voucher chain contains a 29. The method of claim 25, wherein the first entity comprises a memory device and the second entity comprises a host device, the memory device being 122367. Doc 200820037 Removable connection to this The method of claim 29, further comprising: except after receiving the last credential string in the first slave chain or the second credential chain, the first entity and the first The second entity, after receiving each credential string in (4) or (4), 'transfers in the _th order or the second order--for the next-voucher request to another entity. The method of claim 30' further includes The first entity and the second entity respond to each request from the other entity, and transmit one of the credential strings to the other entity. 32·=Request method ^ The second entity includes a -memory device and (4)-physical-host device, the memory device being detachably connected to the host device. 33. The method of claim 32, wherein the (four) two entity comprises a memory 34. The method of claim 33, wherein the further white chain to the first method identifies the first voucher. a method for the body to recognize the first entity 35. The method of claim 25, further comprising storing the certificate string in the first entity or (four) § memory Wherein, the pi stored in the record, It in the It, the last in the second voucher chain, the voucher in addition to the voucher chain or the sequential (4) cue string received sequentially in (4) or (4) is written. 4 and 2 Sequence Credentials 36. As in the method of claim 35, it is further configured in the 4 § Remembrance to not exceed the memory space of one of the voucher strings. 37. A system for accessing data at a _th entity by a second entity, the system comprising the second entity, the second entity comprising a voucher chain = voucher, the voucher chain being adapted The second entity is sequentially transmitted to the second entity, wherein the last attribute of the voucher chain that is sequentially transmitted &quot;five contains an indication that it is the last voucher in the voucher chain. The system of claim 37, further comprising: a location at the first entity for storing the credentials after the credentials are received, wherein the storage device causes the first entity to Each voucher received at the end of the chain, except for the last-voucher in the chain, is overwritten by the next voucher in the voucher chain received at the first entity. 39. The system of claim 38, wherein the storage device is configured to store no more than a memory space of the foot-storage voucher for storing the voucher received at the first entity. 4. The system of claim 37, wherein the entity is encrypted by the entity: &quot; the second entity further comprises a key for decrypting the data, the credential chain being compared to the key system Really, the secret (4) has a "length" and is transmitted to the second entity, and the length of each credential in the clever does not exceed 4 times the length of the key. 41. The system of claim 37, wherein the entity in the basin comprises a non-volatile LV-reminis device, and the second syllabus includes a host device, which is detachable The mode is connected to the memory device. 42. A supply of data to a host micro-displayed memory system, comprising: a non-volatile memory capable of storing data; 122367.doc 200820037 丝丝拉1 m machine I system detachable Connected to the memory ^4 control system through an authentication program to control the host device: access to the data in the non-volatile memory skirt; The medium 4 host device transmits a voucher chain including a plurality of credential strings to the system, each of the credential strings includes at least one credential, and the control mx-sequentially verifies the credential strings continuously, 1 The voucher strings are transmitted in the order, and the controller causes each of the strings to be stored in the non-volatile memory and causes at least the voucher string stored in the non-volatile memory to be The credential string is overwritten by a credential string received from the host device after being written. 43. The memory system of claim 42, wherein the controller does not have enough memory space to store each credential string at any time. 44. The memory system of claim 42, wherein the controller is to detect whether at least one of the credentials received by the host device is the last credential of the credential chain. 45. The memory system of claim 44, wherein the last voucher in the voucher chain includes an indication that the last voucher in the voucher chain is the controller detecting the indication. 46. The memory system of claim 42, wherein the memory system comprises a memory card. 122367.doc