TW200820037A - Content control system and method using certificate chains - Google Patents

Content control system and method using certificate chains Download PDF

Info

Publication number
TW200820037A
TW200820037A TW096124594A TW96124594A TW200820037A TW 200820037 A TW200820037 A TW 200820037A TW 096124594 A TW096124594 A TW 096124594A TW 96124594 A TW96124594 A TW 96124594A TW 200820037 A TW200820037 A TW 200820037A
Authority
TW
Taiwan
Prior art keywords
voucher
entity
credential
chain
access control
Prior art date
Application number
TW096124594A
Other languages
English (en)
Chinese (zh)
Inventor
Michael Holtzman
Ron Barzilai
Rotem Sela
Fabrice Jogand-Coulomb
Original Assignee
Sandisk Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US11/557,010 external-priority patent/US20080010449A1/en
Priority claimed from US11/557,028 external-priority patent/US8140843B2/en
Application filed by Sandisk Corp filed Critical Sandisk Corp
Publication of TW200820037A publication Critical patent/TW200820037A/zh

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3265Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/603Digital right managament [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Databases & Information Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
TW096124594A 2006-07-07 2007-07-06 Content control system and method using certificate chains TW200820037A (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US81950706P 2006-07-07 2006-07-07
US11/557,010 US20080010449A1 (en) 2006-07-07 2006-11-06 Content Control System Using Certificate Chains
US11/557,028 US8140843B2 (en) 2006-07-07 2006-11-06 Content control method using certificate chains

Publications (1)

Publication Number Publication Date
TW200820037A true TW200820037A (en) 2008-05-01

Family

ID=38981952

Family Applications (1)

Application Number Title Priority Date Filing Date
TW096124594A TW200820037A (en) 2006-07-07 2007-07-06 Content control system and method using certificate chains

Country Status (5)

Country Link
EP (1) EP2038803A2 (enrdf_load_stackoverflow)
JP (1) JP2009543208A (enrdf_load_stackoverflow)
KR (1) KR20090026357A (enrdf_load_stackoverflow)
TW (1) TW200820037A (enrdf_load_stackoverflow)
WO (1) WO2008013656A2 (enrdf_load_stackoverflow)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103116470A (zh) * 2011-11-16 2013-05-22 群联电子股份有限公司 存储器储存装置、存储器控制器及数据串传送与识别方法
TWI576719B (zh) * 2015-03-20 2017-04-01 伊克斯卡萊柏智慧財產有限責任公司 經由嵌套內嵌框架接收敏感資訊之保全服務

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7748031B2 (en) 2005-07-08 2010-06-29 Sandisk Corporation Mass storage device with automated credentials loading
US8365279B2 (en) 2008-10-31 2013-01-29 Sandisk Technologies Inc. Storage device and method for dynamic content tracing
US20100241852A1 (en) * 2009-03-20 2010-09-23 Rotem Sela Methods for Producing Products with Certificates and Keys
US8429365B2 (en) 2009-06-26 2013-04-23 Sandisk Technologies Inc. Memory device and method for embedding host-identification information into content
CN104023009B (zh) * 2014-05-26 2017-08-22 国云科技股份有限公司 一种Web系统许可证验证方法
CN108768664B (zh) * 2018-06-06 2020-11-03 腾讯科技(深圳)有限公司 密钥管理方法、装置、系统、存储介质和计算机设备
CN116506134B (zh) * 2023-06-28 2023-09-15 山东海量信息技术研究院 数字证书管理方法、装置、设备、系统及可读存储介质
CN119254546B (zh) * 2024-12-06 2025-04-22 鹏城实验室 基于浏览器的网站访问方法、装置、设备及介质

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6189097B1 (en) * 1997-03-24 2001-02-13 Preview Systems, Inc. Digital Certificate
US6513116B1 (en) * 1997-05-16 2003-01-28 Liberate Technologies Security information acquisition
FR2825209A1 (fr) * 2001-05-23 2002-11-29 Thomson Licensing Sa Dispositifs et procede de securisation et d'identification de messages
EP1361527A1 (en) * 2002-05-07 2003-11-12 Sony Ericsson Mobile Communications AB Method for loading an application in a device, device and smart card therefor
JP3880957B2 (ja) * 2003-10-20 2007-02-14 日本電信電話株式会社 ルート証明書配布システム、ルート証明書配布方法、コンピュータ実行可能なルート証明書配布プログラム、サーバ装置及びクライアント装置
TW201017514A (en) * 2004-12-21 2010-05-01 Sandisk Corp Memory system with versatile content control
TW200700991A (en) * 2004-12-21 2007-01-01 Sandisk Corp Control structure for versatile content control and method using structure

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103116470A (zh) * 2011-11-16 2013-05-22 群联电子股份有限公司 存储器储存装置、存储器控制器及数据串传送与识别方法
CN103116470B (zh) * 2011-11-16 2016-04-13 群联电子股份有限公司 存储器储存装置、存储器控制器及数据串传送与识别方法
TWI576719B (zh) * 2015-03-20 2017-04-01 伊克斯卡萊柏智慧財產有限責任公司 經由嵌套內嵌框架接收敏感資訊之保全服務

Also Published As

Publication number Publication date
WO2008013656A2 (en) 2008-01-31
KR20090026357A (ko) 2009-03-12
JP2009543208A (ja) 2009-12-03
WO2008013656A3 (en) 2008-05-08
EP2038803A2 (en) 2009-03-25

Similar Documents

Publication Publication Date Title
US8245031B2 (en) Content control method using certificate revocation lists
US8140843B2 (en) Content control method using certificate chains
CN101490687B (zh) 使用身份对象的控制系统及方法
US8639939B2 (en) Control method using identity objects
US8613103B2 (en) Content control method using versatile control structure
US8266711B2 (en) Method for controlling information supplied from memory device
JP4848039B2 (ja) 多目的コンテンツ制御を備えたメモリシステム
KR101238848B1 (ko) 파티셔닝을 포함한 다기능 컨텐트 제어
TW201136266A (en) Content control method using certificate revocation lists
US20080010449A1 (en) Content Control System Using Certificate Chains
US20080010452A1 (en) Content Control System Using Certificate Revocation Lists
US20080034440A1 (en) Content Control System Using Versatile Control Structure
US20080022395A1 (en) System for Controlling Information Supplied From Memory Device
US20080010458A1 (en) Control System Using Identity Objects
JP5180203B2 (ja) メモリ装置から供給される情報を制御するシステムおよび方法
TW200820037A (en) Content control system and method using certificate chains
TW200822670A (en) Content control system and method using versatile control structure
JP5178716B2 (ja) 証明書取消リストを使用するコンテンツ管理システムおよび方法
JP2008524758A5 (enrdf_load_stackoverflow)
JP4972165B2 (ja) アイデンティティオブジェクトを使用する制御システムおよび方法
KR20070087175A (ko) 다기능 컨텐트 제어를 위한 제어구조 및 상기 구조를이용한 방법