TW200821837A - System and method for controlling information supplied from memory device - Google Patents

Abstract

A memory storing public and confidential information is removably connected to a host device. General information on data stored in memory devices is accessible to the host device without authentication. Only a portion of confidential information stored in the memory device is accessible through the host device to an authenticated entity, where the entity has access rights to such portion. The entity is not able to access other portions of confidential information to which it has no rights. The public and confidential information is stored in a non-volatile storage medium, and a controller controls the supply of information. Preferably, the non-volatile storage medium and the controller are enclosed in a housing.

Description

200821837 IX. INSTRUCTIONS: TECHNICAL FIELD OF THE INVENTION The present invention relates generally to memory systems, and more particularly to a memory system having multi-purpose control features. [Prior Art] A storage device such as a flash card has become a choice for storing a storage medium such as digital content of a photo. Flash memory cards can also be used to distribute other types of media content. Moreover, an increased variety of host devices (such as computers, digital cameras, mobile phones, personal digital assistants, and media players such as players) now have the ability to present media content stored in a flash memory card. Therefore, for flash memory cards and other types of mobile storage devices, there is a great potential to become a widely used medium for distributing digital content.

More and more confidential and public information is stored on the storage device, and it is determined by the state of the entity making the inquiry to determine what kind of barn is available. Therefore, there is a need to provide an improved system for providing confidential and public information to entities such as S Hai depending on the state of the entity. [Summary of the Invention]

Ik more and more confidential and public information is stored on the storage device, and it is necessary to be able to determine what type of information is available depending on the state of the entity that the extension 4 has ordered. Because of this, in one embodiment of the invention, a memory device is removably reconfigured to a host device. In response to the general information query from the host device, the memory device provides a access to the confidential information stored in the memory device. 122365.doc 200821837 X is under control Control data structure. In response to a cautious information query sent by the authenticating entity from the host device, the memorandum device only supplies the portion of the confidential information that is permitted to be accessed by the authenticated entity by the control data structure. Even when authenticated, the entity is only allowed to access the confidential information portion allowed by the control data structure. In this way, the access control scheme is resilient so that different entities can only access portions of the machine that are allowed to access, while not allowing such entities to access other portions of the confidential information. f

All patents, patent applications, articles, books, specifications, other publications, documents and things referred to herein are hereby incorporated by reference in their entirety. In the case of any referenced publication, document or thing and the content of this document, there shall be some degree of inconsistency or rushing in the use of the word (4). The definition and standard of the words in this document shall be used. . [Embodiment] A block diagram of two shows an exemplary memory system in which various aspects of the present invention can be implemented. As shown in Figure i, the memory mivm, central processing unit (CPU) 12, a buffer management unit - host interface module ("6" and - flash memory interface: A and M, 22M) 18, a flash Memory 2° and a peripheral device access module: The memory system 10 is provided through the host interface bus 26 and the port 26a and a host device (NAND) type. It can be stored in the data of the anti-Korean-digital camera 4, which is equipped with a digital camera, a personal computer, a number of assistants, 122365.doc 200821837 a digital media player (such as an MP3 player), a mobile phone , a video converter or other digital device or device. The software code for central processing = yuan 2 can also be stored in the flash memory 20. The flash interface module 18 is a through-flash memory interface The busbars 28 and Tan are connected to the flash memory 20. The host interface module 16 is suitable for connection to a host device. The peripheral device access module 22 is selected for communication with the central processing unit 12. Appropriate controller module, such as flash memory Surface module, host interface module and buffer management unit. In one embodiment, all components of the system 10 within the dashed box may be enclosed in a single unit, such as a memory card or a memory stick. Preferably, the memory system 10 is removably coupled to the host device such that the contents of the system 10 are accessible by each of a plurality of different host devices. Hereinafter, the memory system 10 is also referred to as a memory device 10, or simply as a memory device or device. Although the invention is referenced herein by reference to a flash memory, the present invention is also applicable Poetry other types of memory 'such as disks, compact discs, and other types of rewritable non-volatile memory systems. 4 Buffering unit 14 includes a host direct memory access (HDMA) 32 'a flash direct memory Access (FDMA) 34, an arbiter 36' a buffered random access memory (BRAM) 38 and a cryptographic engine. The arbiter 36 is a shared bus arbiter such that only one master (_ Call or initiator (which can be called The machine direct memory access 32, the flash direct memory access 34 or the central processing unit η) can be active at any time 122365.doc 200821837, the j_slave or target buffer 38. The arbiter Responsible for channelizing the appropriate initial access memory access memory 38. The host direct memory buffer buffer random memory access 34 is responsible for the host interface module 16,:, flash direct § face module 18 Between the buffered random access memory and the memory access memory (CPURAM) 12a == 妒愔驴 妒愔驴 妒愔驴 妒愔驴 妒愔驴 枓 枓 枓 枓 枓 枓 枓 枓 枓 枓 枓 枓 该 该 该 该 该 该 该 该 该The operation of flash direct memory access 34 is traditionally detailed in the text f % k 俜. The buffer random access memory 38 is transmitted between the storage device 24 and the flash memory 2; 4: the host direct memory access 32 and the flash direct memory access negative, The host interface module 16/the (four) (four) body interface module (4) = the random access memory 38 or the central processing unit random access memory 12a transfers data, and is used to indicate the segment (sect〇r) completion . In the embodiment, the memory system 1 generates a key value 'in the 'encryption and/or decryption' which is preferably substantially unreservable by an external device (such as the host device 24). take. Alternatively, the (four) value may also be generated (e.g., by a license server) and transmitted to the system 1〇. Regardless of how the secret value is generated, the key value is stored in system 1(), and only the authenticated entity has access to the key value. However, encryption and decryption are typically performed on a case-by-case basis. This is because the host device retrieves and writes the data items to the memory system in the form of files. Similar to many other types of storage devices, the hidden device is not managed! Although the memory does store a Play-Batch Configuration Table (FAT) (where the logical addresses of the files are known as 122365.doc 200821837), the file configuration table is typically accessed by the host device 24 and Management, not accessed and managed by the controller u. Therefore, in order to encrypt the data in the -specific file, the controller 12 must rely on the host device to transfer the logical address of the material in the file in the memory 20 so that the system 10 can be used by the system only. 1. The key value that can be obtained to find and encrypt and/or decrypt the data of the particular file. f \ In order to provide a control code (haruUe) for both the host device 24 and the memory system, the system 1A is provided with the same key for pointing to the data in the file for cryptographic compilation. The reference to each key value transmitted by the system or transmitted to system 1() is such that the reference system can be only a key ID. Thus, the host device 24 is associated with a per-cast case that is processed by the system 10 in a cryptographically compiled manner with a key 1 and associated with the system for use with the secret provided by the host. m handles each key value of the data in a cryptographically compiled manner. Therefore, when the host requests the data processed by the cryptographic compilation method, it will transmit the request together with -(10)m money to self-remember (4) 2_ or take it into memory (4) The logical address of the data to the system 10β system 1 generates or receives a secret value 'and associates the key ID supplied by the host device 24 with the secret key value, and implements a cryptographic process. In this way, it is not necessary to change the manner in which the memory system 10# is made while allowing its key to be fully controlled, including exclusive access to the key value. In other words, 'once the secret value is stored in the system 1Q or generated by the system, the host device 24 allows the host device 24 to manage the rights by having exclusive control of the opposite table. At the same time, it maintains exclusive control over the management of key values used to cryptographically compile 122365.doc 200821837. After the key values are stored in the memory system 10, the host device μ has no responsibility for managing the key value for the data cryptographic process. In one embodiment, the key id provided by the host device 24 and the key value transmitted to the memory system or generated by the memory system form a quantity of two attributes, which are hereinafter referred to as For example, the content encryption key (1) (10) "plus = nCryption Key, CEK)" or "CEK,". Although the host device 24 can associate each key ID with one or more files, the host device Each key ID can be associated with unorganized material or organized in any way, and is not subject to the organization becoming a complete file. In order to enable users or applications to access the system 1 A protected inner valley or zone will need to authenticate to the user or application using a credential pre-login to the system. An authentication is associated with a particular user or application that is granted the certificate. The U1G storage-record in the pre-recorded private sequence, the record containing the identity and authentication of the user or application, and determined by the user or application and via the host device 24. Access rights associated with this identity and authentication. After the pre-login has been completed, when the user or application requests to write data to the memory 2, it will need to provide its identity through the host device And authentication, a key ID for encrypting the data, and a logical address where the encrypted data is stored. The system 1 generates or receives a key value and associates the remote key value with the host device The key ID is provided, and the key m for encrypting the key value of the material to be written is stored in a record or table for the user or application. Then, the capital is encrypted 122365.doc -11 - 200821837 and store the encrypted data at the address specified by the host and the key value it generates or receives. When a user or application requests to read encrypted data from memory 2, it will need Providing its identity and authentication, the key ID for the key previously used to encrypt the request poor, and the logical address where the encrypted data is stored. System 10 then compares the user provided by the host or Application identity and The identity and authentication stored in the record stored in it. If it matches, the system 10 will then retrieve from its memory the key associated with the key ID provided by the user or application. Value, using the key value to store the data stored at the address specified by the host device, and transmitting the decrypted data to the user or application. By separating the authentication authentication and for cryptographic processing The management of the key, and then the right to access the data without sharing the authentication is possible. Therefore, a group of users or applications with different authentications can access the same key used to access the same data. Users outside the group are not accessible. Although all users or applications in a group can access the same material, they can still have different rights. Therefore, some users may have read-only access, while other users may have write-only access, while other users may have both read-only access and write-only access. Because system 10 maintains a record containing the identity of the user or application and the access key 1D and the access rights associated with each key ID, for system 10, Or delete the user ID of the specific user or application and change the access rights associated with the secret ID, delegate access from the user or application to another user or application 122365.doc -12 - 200821837, or even delete or increase the use of the table -& 1 more user or application record „ 戈 , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , The secure channel required to access certain keys can be authenticated using symmetric or asymmetric algorithms and exhaustion. It is especially important that the memory system is protected within the internal environment. Accessing the key value is an embodiment controlled by the memory system, ... the memory system or the storage device of the system is maintained from the security of the content stored therein (4) 1 = the dense 7 system is generated by the memory system or originated from the When L is exhausted, the external system cannot access such content in the system.

The external L:: has been identified in a manner that is completely controlled by the memory system. Even after the authentication, the access system is completely controlled by the memory system and can only be accessed in accordance with the preset recording system in the memory system. If a request does not match such a record, the request will be rejected. In order to provide greater flexibility in protecting content, it is conceivable that only a properly authenticated user or application can access certain areas of the memory (hereinafter referred to as partitions). When combined with the above-mentioned features of dense data-based data encryption, 'system H' provides greater data protection. As shown in Fig. 2, the flash memory 20 is capable of dividing its storage capacity into a plurality of partitions: a user area or a partition and a custom partition. All users and applications can access the user area or partition without authentication. Although any application or user can read or write all the bits of the t material in the I area, the information read by the fake > 122365.doc 13· 200821837 is encrypted. A user or application that is not authorized to decrypt cannot access the information represented by the bit value stored in a user area. For example, 'displayed by files 102 and 104 stored in user area P0. Also stored in the user area are unencrypted files, such as 1,6, which can be read and understood by all applications and users. Thus, symbolically, the encrypted slot is shown as having a lock associated with it, such as for rights 102 and 1.4.

Although an unauthorized application or user cannot know the encrypted file in a user area P0, such an application or user still has the ability to delete or destroy the file, which may be unexpected. For this purpose, the memory 20 also contains protected custom partitions, such as partitions P1 & P2, which are inaccessible to them without prior authentication. The authentication procedures allowed in the examples in this application are described below. As also shown in Figure 2, various users or applications can access files within the memory 20. Therefore, Figure 2 shows the users 1 and 2 and the (executed on, install,) application. Before the entities are allowed to access the content protected by the memory 20, the entities such as the 2(4) described below are first identified by the authentication procedure. In this program, it is necessary to identify on the host side that the entity is being used for role-based access control. Therefore, the * 二 首先 首先 首先 首先 首先 二 二 二 二 二 二 二 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先 首先Then, in the controller 12 12: 2, the authentication information and the request are stored in the memory (4) or the controller, and the rice is in accordance with all the conditions, the access system is granted to the entity 122365.doc -14-200821837 . As shown in FIG. 2, the user 1 is allowed to read and write the configuration 1〇 to the partition P1, but the user 1 has the unrestricted read and write file 1〇6 to the partition P0. In addition to rights, it can only read files i 〇 2 and 104. On the other hand, the user 2 is not allowed to access the files 10 1 and 丨〇 4, but can access and write the access file 102. As shown in Figure 2, users 1 and 2 have the same login algorithm (AES), while application 3 has different login algorithms (for example, 8-8 and 001001), which are also associated with users 1 and 2. The login algorithm is different.

The Secure Storage Application (SSA) is a security application of the memory system 10 and illustrates an embodiment of the present invention that can be used to implement many of the features described above. The secure storage application system is constructed as a software or computer code having a database stored in a non-volatile memory (not shown) in the memory 20 or central processing unit 12, and is read into random access 5 The memory 12a is in the memory and is executed by the central processing unit 12. The abbreviations used in the safe memory application are described in the following table: Definitions, acronyms and abbreviations ACR AGP CBC CEK ECB ACANT^ PCR SSA Entity^^

Access Control Records ACR Group (Access Control Record Group)

Chain Block Cipher Content Encryption Key Electronic Codebook (Electronic Codebook) ACR Attributes Management (Access Control)

Permissions Control Record

Secure Storage Application entity, with real and individual presence (host side) and logged into the secure storage application and thus utilizing its functionality, what secure storage application system description 122365.doc -15- 200821837 Data security, integrity and access control are the main roles of the secure storage application. The poor material is a tank that is clearly stored on a large number of storage devices. The secure storage application system is located above the storage system and adds a level of security for the host file being stored, and provides security functionality through a security infrastructure, as described below. The primary task of the secure storage application is to manage the different rights associated with the stored (and secure) content in the memory. The memory application needs to manage multiple users and content rights for multiple stored content. The host application from its side sees the drivers and partitions visible to such applications, as well as the file configuration table (FAT) that manages and depicts the location of the files stored on the storage device. In this case, the storage device uses a reverse-flash memory chip that is divided into partitions, although other mobile storage devices may be used and are within the scope of the present invention. These partitions are consecutive logical bit threads, where a start and an end address define their boundaries. Thus, if desired, the restriction can be attached to the access to the hidden partition by software, such as software stored in memory 2, such software associating such restrictions within such boundaries. Address. The secure storage application can fully recognize the partition by the partition logical address boundary managed by the secure storage application. The secure storage application system uses partitions to virtually protect data from unauthorized host applications. For the host, these partitions are a mechanism for defining the exclusive space in which the data files are stored. The partitions may be: disclosed, wherein any one of the access devices may be visible and aware that the partition exists on 122365.doc -16 - 200821837 μ; or private or hidden, wherein Only the application can access and know that it exists on the storage device. Figure 3 is a schematic diagram of a memory which shows the partition of the memory (7) = Ρ 2 and Ρ 3 (obviously, less than or more than 4 partitions can be used), ", 〇 _ public partition" can be Any entity accesses 4 acknowledgments. A private partition (such as P1, Ρ2ΑΡ3) hides the right to be accessed. By preventing the host from accessing the partition, the flash memory device is listed, A flash memory card is a protection for transmitting data files in the partition. However, such protection is engulfed by the restriction of accessing the data stored at the logical addresses in the partition. Residing in the hidden partition = all files. @句说'The restrictions are related to the logical address range. All users/hosts that can access the partition can not access all internal files. $ Separate different files and another - different files or groups of files, the secure storage application system uses a secret and password reference or password to provide another level of security for each file or group of files and Integrity. Used for encryption in no At the same memory address; one of the material-specific secret values or the secret wheel (1) can be analogized to a container ((10)tainer) or a domain (d〇main) containing the encrypted data. In Figure 4, the key references or key IDs (e.g., "keys" and "key 2') are graphically displayed as a secret associated with the use of the keys π. The area of the key-value encrypted file. Referring to Figure 4, for example, the filer can be accessed by all entities without requiring 4, because it is displayed as not being enclosed by any key id. Doc -17· 200821837 enables all entities to read or overwrite the broadcast B in the public partition, but the standard B contains the information encrypted with a key with the ID"key, so the file B is made The information contained in the information cannot be accessed by the entity unless such entity has access to such a key. In this way, using the key value and the secret record 1 ', , or key ID provides only logic. Protection, which is relative to the type of protection provided by the above-mentioned partitions. Therefore, 'accessible one Any host of the cut zone (public: private) can read or write data in the entire partition, including encrypted data 'however' because the data is encrypted, so unauthorized users can only destroy Preferably, it is not arbitrarily arguable. By restricting access to the encryption and/or decryption key, this feature may only allow the authorized entity to use the data. In addition, a key with the key ID"key 2" is used to encrypt the file and C. The data confidentiality and integrity can be provided through symmetric encryption, which uses a content encryption key (c). 〇ntent EncrypU(10)Key ; CEK), one encryption key per content. In the secure storage application embodiment, the key value in each encryption key is generated or received by a flash memory device (for example, a flash memory card), and the key value is used only internally. And keep the secret to avoid the outside world. Data that is encrypted or cryptographically compiled can also be hashed or cryptographically compiled to ensure data integrity. Not all data in the segment is encrypted with a different key and associated with a different key. Certain logical addresses in the public or user profile or in the operating system area (ie, the file configuration table) may be associated with any key or key reference and are therefore associated with 122365.doc -18-200821837 Available to any entity that has access to the partition itself. A real system that requires the creation of keys and partitions and the ability to write and read data from or use the keys requires logging into the secure storage application system via an Access Control Record (ACR). The special privilege of an access control record within the secure storage application system is referred to as the action ''action). Each access control record has the following three implementations

Permissions for actions of the category • Establish partitions and keys/keys m; access partitions and keys; and create/update other access control records. Access control records are organized into groups called access control record groups or AGPs. Once an access control record has been successfully authenticated, the secure storage application is opened-scheduled (sessiGn), through which any access (4) can be performed (4). The access control record and the access control record group are used to control the security structure of the access partition and the key according to the principle. , " User partition/storage application system manages one or more public partitions, also known as user splits. This split is stored in the storage via the standard read writer command of the storage device. - bite more = partition. Obtaining information about the size of the partition and its presence (4) cannot be hidden from the host system. The Queen's Storage Application System is able to access partitions via standard read secure storage (4) program commands. Because of this, access to partitions cannot be restricted to specific access control records.然^122365.doc -19- 200821837 The secure storage #application-style system allows these hosts to be able to restrict access to the user. Read and write accesses can be enabled/disabled individually. All four combinations are allowed (for example, read only, write only (anti-write protection), read and write, and no access). . The Queen's Storage Application System enables access control records to associate keys with files within the user partition and encrypt individual files using keys associated with such key IDs. Accessing the encrypted files within the user partitions and setting access rights to the partitions will be performed using the secure storage application command set. The above features are also applied to information that has not been organized into a case. Safely store application partitions There are hidden partitions that can be accessed only through the secure storage application commands (avoiding parties that are not, d ^). Preferably, the secure storage application private system will not allow the host device to access a secure storage application blade, except through a session established by logging into an access control record. Similarly, preferably, the secure storage application will not provide information about the existence, size and access rights of a securely stored application partition unless the request is made through an established session. Access to the partition is derived from the access control record authority. Once an access control record is logged into the secure storage application, the partition can be shared with other access control records (described below). When a partition is created, the host provides a reference name or ID for the partition (e.g., P〇-P3 in Figures 3 and 4). This reference is used among further read and write commands for the partition. 122365.doc -20- 200821837 Partitioning of storage devices Preferably, all available storage capacity of the device is configured for the user partitioning area and the currently configured secure storage application partition. Therefore, any re-segmentation operation can involve reconfiguration of existing partitions. The net change for the device (the sum of the sizes of all partitions) will be zero. The ID of the partition in the memory space is defined by the host system. The host system may re-segment one of the existing partitions into two smaller partitions, or merge two existing partitions (which may or may not be phase w) into a partition. The material τ in the divided or merged partition is deleted or left untouched, according to the judgment of the host. Since the re-segmentation of the storage device can result in the loss of data (because the data is deleted or the data is moved within the logical address space of the storage device), the strict restriction on re-segmentation is managed by the secure storage application system. Only one access control record (described below) residing within an access control record group is allowed to issue a re-segmentation command, and it can only refer to the segmentation ^ owned by it. Since the application system does not know how the data is organized in the partitions (file configuration table or other file system structure), each time the device is re-segmented, the structures are re-constructed. responsibility. The re-segmentation of the user partition will change the size and other attributes of the partition viewed by the primary operating system. After splitting, ensure that any access control records within the secure storage application system are not responsible for the primary partition. If these access control records are not properly deleted or updated, the future will be detected and rejected on behalf of these access control records. About being: ... will be considered by the department. The key, key ID and logical protection ^ similar to the key and key iD are written to the grass, and the public is f for the public. Thinking about it. However, the illusion and the murder of the knives and the knives are made available and easy to understand. In order to further make the file An-☆ Illustrated Wangbian women's full storage application program can be added to the f 彡 f f f f f f f f . . . . 保 保 保 保 保 保 保 保 保 保 保 保 保 保 保 保 保 保 保Different from the authentication used to access the partition. Since the fact that the rights are completely controlled and managed by the host, a content encryption key is associated with the file system. Attaching the file to an object (the key ID) recognized by the secure application fixes the problem. Thus, when a key is established by the secure storage application, the host associates the encrypted key ID with the key used by the secure storage application with the encrypted key. If the key is transmitted to the secure storage application along with the key 1 , the key and key ID can be easily associated with each other. The record value and the password ID provide logical security. All data associated with a given key ID (regardless of its location) is ciphered by the same key value in the content encryption secret (CEK), the reference name of the content encryption key Or the key ID is uniquely provided by the host application at the time of creation. If an entity (by means of an access control record for authentication) obtains access to a hidden partition and wants to read or write to the encrypted area of the partition 122365.doc -22-200821837 In case, it is necessary to have access to the key ID associated with the file. When the access to the key for the key (1) is granted, the secure store: the application manned is associated with the secret encryption key of the secret (10) and is decrypted before the data is transferred to the host. The material is encrypted or encrypted before it is written to the flash memory. In an embodiment, a key value within a content encryption key associated with a key ID is randomly established and maintained by the secure storage application system. In the

Any entity outside the secure storage application system is unaware or not available = the key value in the content encryption key. The outside world only provides and uses a reference or key ID, not the key value within the content encryption key. The key value is fully documented and preferably only accessible by the secure storage application. Alternatively, the key can be provided to the secure storage application system using any (user-defined) of the following secret mode (the actual cryptographic compilation algorithm used and the content encryption key) The key value within the system is controlled by the system and is not disclosed to the outside world.): The block mode_data is divided into blocks, each of which is individually encrypted. This mode is generally considered to be less secure and vulnerable to dictionary attacks. However, it will allow the user to randomly access any of the data blocks. Chain mode - The data is split into chunks that are chained during the encryption process. Each block is used as one of the inputs to the next encryption program. In this mode, although considered safer, the data is written and read sequentially from start to finish, creating an over-capacity that may not be accepted by the user. 122365.doc -23- 200821837 Hash-of-the-chain model with additional collaterals, which can be used to confirm the integrity of the subject. Access Control Recording and Access Control / The Anson Storage Application Private System is designed to handle multiple applications, each of which is represented as a tree with nodes in the system repository. Mutual exclusion between such applications is achieved by ensuring that there is no crosstalk between the branches of the trees.

In order to gain access to the secure storage application system, an entity needs to establish a connection through one of the access control records of the system. The secure storage application manages the login procedure based on (4) the definition of the access control record to be connected to the user. ^ Access Control Recording System - a separate login point for this secure storage application system. The access control record retains login authentication and authentication methods. Also in the registered area, the login right in the secure storage application system is used to buy and write special permissions. This is shown in Figure 5, /, long,,,, and the n access control records in the same access control record group. At least some of the access control records may share access to the same mountain key. Therefore, the access control record #丨 and the access control record, for example, share access to the key having the key ID "key 3", in which access control. The record #1 and the access control record, if the access control record ID, and the key 3, are used to add the key ID of the key associated with the data of the "key 3,". The same key can also be used to encrypt and/or decrypt multiple files, or multiple sets of data. The secure storage application system supports several types of logins to the system, 122365.doc -24- 200821837 where the 'authentication algorithm and user authentication system can be changed, because once the user successfully logs in, the user within the system is special. Permissions can be changed. Figure 5 shows the different login algorithms and authentication again. Access Control Record #1 refers to the code entry algorithm and password for authentication, while Access Control Record #2 refers to a public key infrastructure (PKI) login algorithm and public key for authentication. Therefore, in order to log in, an entity will need to submit a valid access control record ID along with the correct login algorithm and authentication. Once an entity logs into one of the secure storage application systems, the access control record defines its permissions in the access control record (%R) associated with the access control record (its right to use the secure storage application command) ). In FIG. 5, the access control record grants read-only access to the material associated with "key 3" based on the displayed rights control record, and access control record #2 grants the pair associated with the "key" 5,, the read and write permissions of the data. Different access control records can share the common interests and special permissions in the system 'such as the key to read and write. In order to achieve this, there is a common The access control records of these things are grouped in the access control record group (ACR group). Therefore, the access (4) record (10) and the access control record such as the shared pair have the key ID "key 3" Key access. The access control record group and its accesses (4) records are organized in a tree hierarchy, and therefore, in addition to establishing a security key to maintain sensitive data security, the '-access control record is The preferred system may also establish other access control record entities corresponding to its key (1)/partition. These access control record children will have the same or less rights as their parent (founder) 122365. Doc -25- 200821837 Limit And can be given the authority of any key established by the parent. Without the addition, the children get access to any keys they establish. This is shown in Figure 6. Therefore, the access control record group All access control records within 12 pages are established by access control record 122, and both of such access control records are associated with access to the access control record 122 associated with the π key 3" Permissions for data. The access control record group is logged into the secure storage application system by specifying an access control group, and an access control record in the group. Each access control record group has a unique m (reference name) that is used as an index to point to the set of access control record groups in the secure storage application database. The access control record group name is provided to the secure storage application system. If the provided access control record group name is already present in the system, the secure storage application will reject the setup operation. The Access Control Record Group is used to manage the restrictions on delegation of access rights and administrative rights as will be described below. One of the functions provided by the two trees in Figure 6 is the access to manage completely separate entities (such as two different applications, or two different computer users). For this purpose, it is important that the two access procedures are substantially independent of each other (i.e., substantially free of crosstalk), even if both occur simultaneously. This means that the access, permissions, and establishment of additional access control records and access control record groups in each tree are not connected to other trees and are not dependent on other trees. Therefore, when the secure storage application is used for dead search in 122655.doc -26-200821837, the memory system 10 is allowed to simultaneously serve a plurality of applications. ^ ; j brothers and sweats two applications independently access two separate sets of data (for example, a set of photos and a permission to delete the access control record group. Group songs). This is shown in Figure 6. Therefore, the application or user is accessing the "key 3""keyX" and "key 2" through the nodes (access control records) in the tree in the upper part of Figure 6 The data may include a photo. The application or user is accessing the node (access control record) in the tree in the lower part of Figure 6 and associated with "key 5 " &"cryptogamma" The data may include songs. The access control record establishing the access control record group is limited to the entity's secure storage application entry point when the access control record group has no access control record entry (entry p〇int ): Access Control Record (ACR) An access control record in the secure storage application system describes the manner in which the entity is allowed to log into the system. When an entity logs into the secure storage application system, it needs to specify Corresponding to the access control record of the authentication program that it will execute. An access control record contains a rights control record (PCR) 'which indicates that the user once determined in the access control record as shown in FIG. After authenticate, the user can perform through the grant of action. The host side entity provides access control records all data fields.

When a real system successfully logs into an access control record, the entity will be able to query the partition and key access rights of all access control records and access control record attribute management (Acam) permissions (described below). . Access Control Record ID 122365.doc -27- 200821837 When a secure storage application system entity initiates a login procedure, it is required to specify an access control record m corresponding to the login method (as when establishing a metric access) The control record is provided by the host when it is received so that the secure storage application will set the correct algorithm and select the correct permission control record when it has been 'different to σ. When the access control record is established, the access control record ID is provided to the secure storage application system. ~ Completion Login/Authorization Algorithm This authentication algorithm specifies which login program will be used by the entity, and which authentication system is required to provide proof of the user's identity. The secure storage application system supports several standard drop-in algorithms ranging from no-program (and no authentication) and password-based programs to a two-way authentication protocol based on symmetric or asymmetric cryptography. Authentication The authentication of the entity corresponds to the login algorithm and is used by the secure storage application to verify and authenticate the user. An example for authentication can be a password/personal identification number for password authentication, a login algorithm for login algorithm verification, and the like. The type/format of such authentication (ie, personal identification number, symmetric key, etc.) is predefined and derived from the authentication mode; when the access control record is established, the authentication is Provided to the secure storage application system. The secure storage application system has no exceptions for defining, distributing, and managing these authentications, except for public key infrastructure-based authentication exceptions, where the device can be used (eg, flash memory). The physical card) is used to establish the RSA or other type of cryptographic pair 'and the public key can be used for authentication establishment. The Rights Control Record (PCR) privilege control record shows the acknowledgment of the "Holding matter" and the successful transmission of the access control record after logging in to the Secure Storage Application System. There are three types of permission categories: partition and key establishment rights ^ partition and key access rights; and entity access control record authority. 3 Access Partition The permission control record for this paragraph contains a list of partitions that the entity can access when successfully completing the access control record phase (using the ID provided to the secure storage application system). For each partition, the store is defined as write-only or read-only or can specify full write/read = profit. Therefore, the access control record #1 in Fig. 5 can access the partition area ^^ and the access area #1 is not accessible. Restrictions specified in this privilege control record Use these to securely store application partitions and public partitions. Formal reading by means of a device (eg, h, flash memory card) loaded with the secure storage application system

F. See the capture and write commands to access the public splitter J or access the public split by the secure repository * _ ^ 4 command. § When an access control record system #, , and ^ are established to have the authority to limit the open area of Yihai, the bean is limited to T, and the transport authority is to its descendants. Preferably, the access control record can only be limited to $丨. The public eight_ upper limit normal entry and write command access to the J-zone. Preferably, the memory control (4) stored in the application system of the Queen is only limited when it is established. Once the control record has the right to read/write the public partition, it is preferable that its permission cannot be removed. earth

Access Key ID The access control record for this paragraph contains information about the list of key IDs that the entity's login program can access for access to the entity. The designated key (1) is associated with one or more files residing in the partitioning area present in the rights control record. Because the secrets are not associated with a logical address within the device (eg, a flash memory card), so when more than one partition is associated with a particular access control record, the blocks The case may be located in any of the partitions. The keys 10 specified in the rights control record may each have a different set of accesses. Access to the material pointed to by the key m may be restricted to write-only or read-only, or a full write/read may be specified. right. Access Control Record Attribute Management (ACAM) This paragraph describes how to change the attributes of the access control record system in some cases. The access control record attribute management action system permitted in the secure storage application system is to create/delete/update access control record groups and access control records. 2. Create/delete partitions and keys. 3 · Delegate access to keys and partitions. It is better to edit the access control record attributes (4) permissions. Preferably, this requires deletion and re-establishment of the access control record. Moreover, preferably, access rights of one of the access control records established by the access control record cannot be removed. An access control record may have the capacity to create other access control records and to store the record group. The establishment of an access control record may also mean a committee: by: some or all of the access control record attribute management, and other access control records held by the creator. Once there is a postal code, the permission to establish an access control record is intended to have the following actions: \Defining and editing the authentication of the child is better, and the access is established.

,system. I have recorded and sighed that the method of identification cannot be edited. These certifications can be changed within the boundaries of the authentication algorithm that can be used for the child. 2. Delete an access control record. 3—Delegation establishes permissions to child access control records (and thus grandchildren). An access control record having permission to create other access control records has the authority to delegate unblocked (unblGek) permissions to the access control record it establishes (although it may not have the authority to unblock access control records) The generation will place a reference to the unblocked person in the child access control record. ^ The parent access control record has a unique access control record that deletes the permissions of its child access control records. When an access control record deletes its ... lower level access control record, all access control records that are logged by the lower level access control record are automatically deleted. When an access control record is deleted, all keys (1) and partitions it establishes are removed. The access control record can update its own record system with two exceptions: 1 · start, code / PIN 'Although the password / PIN is set by the control record set by the establishment of the control record, only included The password/personal identification code access control record can update the password/personal identification number. 2. The root access control record can delete itself and its group of access control records. Delegate access rights to keys and partitions. The control records and their access control record groups are combined into a tree hierarchy, wherein the root access control record group and the same therein The access control record is above the tree (e.g., root access control record groups 130 and 132 in Figure 6). There may be several access control record groups in the secure storage application system, although the access control record groups are separated from each other. An access control record within an access control record group can delegate access rights to its keys to all access control records within the same access control record group in which it resides, and delegate to all access control records Its established access control record. Preferably, the authority to establish a key includes the authority to delegate access rights to the secret record. The rights to the key are divided into three categories: 1 - Access - This defines the access rights to the key, that is, read and write. B2 2. Ownership - By definition, an access control record that establishes a key is its owner. This ownership may be delegated from one access control record to another access control record (provided that their access control records are in the same access control record group or in a child access control record group) ). One of the keys to a private offer provides the right to delete it and delegate permissions to it. 3. Access Rights Delegation - This privilege enables the access control record to delegate its rights to 122365.doc -32- 200821837. An access control record can delegate access to the partitions it establishes and other partitions that have access rights. The delegation of authority is carried out by adding the names and keys (1) of the divisions to the authority control record of the specified access control record. Delegate access rights can be enforced by the key m, A, and the narration access rights are used to delegate all established keys to the access control record.

Blocking and Unblocking of Access Control Records An access control record may have a lockout counter that accumulates (four) lock counters when the entity accesses (4) records (4) and (4) the system. The secure storage application private system will block the access control record when a certain maximum number of unsuccessful authentications is reached. The blocked access control record can be unblocked by another access control record, which is referenced by the blocked access control record. The reference to the unblocked access control record is set by its creator. Preferably, the unblocking access control record is in an access control record group located in the creator (4) of the blocked access (4) record, and has "unblocking, privilege. Any other within the system. The access control record cannot unblock the blocked access control record... The access control record can be configured to have a -blocking counter' but no unblocker access control record. In this case, false access The control record is blocked, so it cannot be unblocked. Root access control record group - build an application database. The secure storage application system is designed to handle multiple applications, 122365.doc -33 - 200821837 And isolating the data of each of the plurality of applications. The tree structure of the access control group system is a main tool for identifying and isolating application specific materials. eHigan access control The record group is at the top of the application security storage silkscreen database and adheres to certain different behavior rules. It can be configured in the secure storage application system. Root access & system group. Two root access control record groups I% / and 132 are shown in Figure 6. Obviously, more or fewer access control record groups can be used. And within the scope of the present invention. Login to a device for a new application (for example, a flash memory card) or a new application for the application of the device, through the new access The control record group/access control record tree is implemented by adding a program to the device. The secure storage program system supports three (four) (four) type root access control record group establishment (and the root access (four) record group All access control records and their rights): • Open • Any user or entity that does not require any kind of authentication: or access to the user/entity of the control record identification (described in 2 below) through the system Establish a new root access control record group. The open core mode now has no security measures to establish the root access control record and all data transfer is on an open channel (ie, A release of Dai Huiyou (issuan In the security environment of ce agency), or the security channel (also known as 'through the air (〇TA) and post-release procedure) established by the Reader & If the system access control record is not configured (this is an optional feature), 122365.doc -34- 200821837 and the root access (4) record group establishment mode is set to only the open channel option The system is available in an open format: the entity that accesses the control record only through the system = the new root access control record group. If the system access control record = configured, the secure storage The application (10) cannot be set to this style.

3. Blocked · Root access control record group establishment is disabled, and additional root access control record groups can be added to the system. Two secure storage application commands control this feature (these commands can be used by any user/entity without having to authenticate). 1. Method configuration commands - used to configure the secure storage application system to Use any of the three root access controls to record any of the group establishment modes. Only the following mode changes are allowed: open + controlled, controlled, now blocked (ie, if the secure storage application system is currently configured to be controlled, it can only be changed to blockade). 2. Method configuration lock command _ Used to deactivate the method configuration command and permanently lock the currently selected method. A group of access control records is created, which is in a special initialization mode that enables the establishment and configuration of its access control records (using the same access restrictions as those applied to the root access control record group). . At the end of the root access control record group configuration program, when the entity explicitly switches it to the operating mode, the existing access control record can no longer be updated and additional access control records can no longer be created. . Once an access control record group is placed in the standard mode, only 122365.doc -35-200821837 °: through the access control 5 has been assigned to delete the root access control, The root access control record group can be deleted by logging into the system with an access control record of the group and the rights. This is another exception to the 'root access control record group' except for this special initialization mode; preferably, it may contain only one access control record with its own set of access control records deleted. The access control § the recorded group, which is relative to the access control record group within the next tree level. The third and final difference between an access control record and a standard access control record is that it is the only access control record in the system that has the authority to create and delete partitions. Access Control Record of Secure Storage Application System The system access control record can be used for the following two secure storage application operations: 』1. Established in a hostile environment-safe channel protection-access control record/access control Record the group tree. 2. Identify and remember the device that loads the secure storage application system. Preferably, the secure storage system may have only system access control records within the system, and once defined, preferably, it cannot be changed. When the system access control record is established, system authentication is not required; only - secure storage of application commands. The "establish system access control record" feature can be deactivated (similar to "establishing a root access control record group, feature"). After the handbook is created, the system access control record is established. = 1 is not effective, because preferably only one system access control record is allowed. 122365.doc -36- 200821837 at::Γ之Γ:Γ’ The system access control record is not operational. The command to take control 2 = needs to be issued, indicating that the system has no record entry established and that the ready access control record is preferably not updated or replaced. Thereafter, the system access control record is recorded in the secure storage access control record/access control record group. two? Medium: Establish the permissions of the root level until the host is satisfied... Lock = change the root to block # + ~ eight and block the time. The connection record group basically cuts off the current tamper proof (tam (four) prGGf) that is connected to the system. At this time, the second access control record group and its record cannot be changed/edited. It is implemented through a secure storage root access system, .... private order. The establishment of the deactivated record group has - permanent (four): the original two shows the above-mentioned special system involving the system access control record in Figure 7. The system access control record is used to establish three different root access control groups. After these root access control record groups are established, the data is transmitted from the host at 2 o'clock. The application command, in order to block the root access control record group from the control record, thereby stopping/establishing the root access control record group" feature, as shown in Figure 7, connecting the system access control The records and the dotted lines of the root access control record groups are shown. This presents the tamper proof of the three root access control record groups. Before or after the access control record group is blocked, Use the three roots: take control record group The sub-generation access control records the group to form three individual trees. The above characteristics provide the content owner with the flexibility to configure the content of the security product 122365.doc -37- 200821837. I" π was released. The publishing system places the identification secret, and the identification key is used to identify the host, and vice versa. Identifying the device (e.g., the express port) allows the host to have its secrets. On the other hand, identifying the master (four) can enforce the security principle (granting and executing a specific host command) only if the host is allowed. The key is:: The product of the majority of the application will have several identifications: :: The product can be: "pre-release", the key is stored before shipment during manufacturing; or "post-release" Add a new key after installing ▲. For::... The memory device (such as 'memory card') needs to contain a master & or device level key, which is used to identify the application that is allowed to be used. The entity added to the device. The above features enable a product to be configured for activation/deactivation and release. This == safely performs the post-release configuration after the show. The device is purchased as a retail product. The zero f product does not have a margin other than the = group= or device level, and then the new owner, ', sad' to enable or disable the post-release application. Therefore, The feature access capability of the system access control record: < 曰 之 存取 ( 四 四 四 记录 记录 记录 记录 记录 记录 记录 记录 记录 记录 记忆 记忆 记忆 记忆 记忆 记忆 = = = = = = = = = = = = = = = = = = = = = Deactivated sub-take control Established, which means that there is no control to add new ways (unless the feature of establishing a new root access control record group is also disabled.) The memory with system access control records is also disabled. The device will only allow the application to be added in a controlled manner via a secure channel established by the authentication program using the system access control record authentication. The device with system access control record can be (4) applied The add-on application feature is deactivated before or after the program has been added. Key ID list f The key ID is established according to a specific access control record request, and is only used by the security in the memory system 1G. Used by the storage application system. When the -key ID is created, the following data is provided by the establishment access control record or provided to the establishment access control record: ^Key ID. The origin is transmitted by the entity through the host Provided, and used to refer to the data encrypted or decrypted using the key in all incoming or write access. Blocked, chained, and keyed. And the data integrity mode (the above-mentioned hash mode and described below). The system is maintained by the program system in addition to the attributes provided by the host: The following data is stored by the secure key owner: the key ID owner. It is the owner.: When the game is established, the access control record of the founder is its owner = and the secret (10) ownership can be transferred to another access control record. 'Only the money is allowed to transfer— The possession of Feng (1) (4) 1D. The key to delegate access rights to the phase and the abolished nuclear rights can be managed by the secret owner or any other access control record assigned to delegate authority. Whenever an attempt is made to perform any of its operations, the secure storage application system grants the attempt only if the requested access control token is authorized. 2. Content Encryption Key (CEK). This is the key value used to encode the content encryption key associated with the key ID or the content to which the key ID is directed. The key value can be a 128-bit login algorithm random key established by the secure storage application system. 3. MAC and IV values. Dynamic information (message identification code and start vector) used in the Chain Block Coding (CBC) encryption algorithm. Referring to the flowchart of FIG. 8A-16, various features of the secure storage application are displayed, wherein the left side of the step is "H", which means that the operation is implemented by the host, and the "C" system This means that the operation is carried out by the memory card. Although these secure storage application features are displayed with reference to the memory card, it should be understood that these features can also be applied to other memory devices. To establish a system access control record, the host issues a command to the secure storage application within the memory device 1 to establish a system access control record (block 202). The device 10 responds by checking if a system access control record system already exists (block 2〇4, diamond 2〇6). If the system already exists, the device 1 returns a failure and a stop (oval 208). If the system does not yet exist, the memory 1 checks whether the system access control record establishment is allowed (diamond 21 〇), and if not allowed, returns a failure status (block 212). Therefore, there may be several cases in which the issuer of the system does not allow the establishment of a system access control record, such as the required security features have been predetermined so that the system 122365.doc -40- is not required. 200821837 Access control records. If so, the device 10 returns an OK status and waits for system access control record authentication from the host (block 214). The host checks the status of the secure storage application and whether the device 10 has indicated that a system access control record is established (block 216 and diamond 218). If the establishment is not allowed or a system access control record already exists, the host is stopped (oval 22〇). If the device 10 has indicated that the establishment of a system access control record is allowed

k, the host issues a secure storage application command to define its login credentials and transmits the login authentication to the device (block 222). The device 10 updates (10) the access control record with the received authentication, and returns "determination" status (block 224) β in response to the status signal, the host issues a secure storage application command indicating The system access control record is ready (block 226). The device 1G responds to the system access control 5 so that it cannot be updated or replaced (block. This locks the features of the system access control record and its identity for identifying the device for the host. The procedure for creating a new tree (new root access control record group and access control, recording) is due to the way in which the functions are configured in the device. Figure 9 illustrates the programs. The memory system 10 follows this. If the addition of a new root access control record group is completely disabled, a new root access control record group (diamond 246) cannot be added. For example, == requires a system to save Take the control record, then the host phase: = Γ 进行 ,, and in the release, the establishment of the root access control 3 record group command (block 254) to build - secure channel (diamond (10), 122365.doc -41 - 200821837 Block 252). If the system access control record (diamond (10)) is not required, the host 24 may issue the "Create Root Access Control Record Group" command without dreaming and proceed to block 254. False (four) unified access control record Indeed ^ in the host system can use it, even if it is not required (not private map). If the function is disabled, the device (such as flash e-fee card) will refuse to establish - new The root access control records any attempt of the group, and if the system access control record is required, it will reject an attempt to create a new root access control record group without identification (diamonds 246 and 25 0) The newly established access control record group and access control in block 254 are switched to the operation mode so that the access control record in such an access control record group cannot be updated or changed. And no access control = recorded is added to their access control record group (block 25 magic. Then, the system is optionally locked, making it impossible to create additional root access control record groups ( Block 258). The dashed box 258 is a convention indicating the steps selected for this step. The flow chart (10) i within the drawings of the present application has a dashed line of steps selected. This allows the content owner to block, f Hai device 1G for moldable - other illegal purposes of a genuine memory device with legal content. In order to establish an access control record (in addition to the access control record within the root access control record group, as described above), an access control record may be established Any access control record of the right begins (block 27), as shown in Figure 10. Any entity may attempt to control the record identity through the host 24 by providing access to the entry point and have all the necessary attributes to establish. The access control record is entered (block 272). The secure storage application checks 122365.doc • 42- 200821837 to take control record identity match and access control with such identity: 疋 no setup-access control record Permissions (block 274). False == is verified as authorized' then the device's secure storage application creates an access control record (block 276). Figure η shows two access control record groups, which are displayed - a tree useful for the security application using the method of Figure 10. Therefore, having a fine access control record in the row lock access control record group has the authority to establish a control record. The access control record ml also has the authority to use the data used to read or write the data associated with the key ID" marketing information" and the information associated with the key ID"price list". Using the method of Figure 10 to create a sales access control record group with two access control records: S1 and S2, which have only the associated access to the Miyu ID"price list" The read permission of the secret wheel of the price data, and the access permission of the key required for accessing the information associated with the key ID"sales information,|in this way 'has access control record' and ^ The real system can only read but not change the pricing data, and the marketing information will not be accessible. On the other hand, the access control record claw 2 does not have the authority to establish an access control record and has only the association for access. The read permission of the key ID "price list" and the information related to the key ID" marketing information" (4). Therefore, the access method can be delegated using the above method, where...(4)(4) to slAs2 This is particularly useful in situations involving large marketing and sales groups. Under one or a few salespeople, the method of Figure 10 may not be required. Instead, access rights may be saved by one Take control Delegate to the same access control record group 122365.doc • 43- 200821837 within a lower level or the same level of access control records, as shown in Figure 12. First, the entity enters for such access Controlling the tree of the record group by specifying an access control record in the tree through the host in a manner described above (block 280). The host then specifies the access control record and delegates to it. The secure storage application checks the tree for the access control record and whether the access control record has the right to delegate rights to the specified other access control record (block 282). If it is, then The rights are delegated (block 284); if not, then stop. The result is shown in Figure 13. In this case, the access control record is called the delegate read permission to the access control record sl, So that after the delegation, Sl will be able to use a key to access the price data. If ml has the same or a larger right to access pricing data and such delegated rights, then this can be implemented in 'ml' The access rights are then maintained. Preferably, access rights can be delegated under restricted conditions, rather than permanently, such as a limited time, limited number of accesses, etc. Figure 14 shows the use of establishing a secret The program of the key and the key ID. The actual Ή^7 two-t AAr ":" record for identification (please request). The entity requests to establish a key (blocked) with the specified (1). The safe storage = check and watch so the access control record has such a = push (magnification). For example, if the key is used to view data within 2: £, the secure storage application will check if the sub-control record has access to the partition. If the access device mentions (4) 'the memory device iq is established - is associated with the key value (party (4) 8), and stores the secret record 122365.doc -44-200821837 in the access control record, And storing the key value in its memory (the memory or memory 20 associated with the controller), and assigning rights and rights based on the information provided by the entity (block 3 1〇), and using this class The rights control records of such access control records are modified by the assigned rights and permissions (block 312). Thus, the creator of the key has all available rights, such as master and write access, delegation and access control records in the same access control record group or a lower level access control record. The right to share and the right to transfer ownership of the key. An access control record can be changed to another access control (or all present) in the secure storage application system, as shown in Figure 5. A real system can enter a tree through an access control record as before; in one case, the entity is authenticated and then it specifies an access control record (blocks 330, 332). It requests a deletion of a target access control record or a permission within a target access control record (block 334). If the specified access control record or the access control record in the active state at this time has the right to do so (diamond 336), then the target access control record is deleted, or the target access control record has permission The control record is changed to delete such permissions (block 338). If this is not authorized, the system stops. After the above procedure, the target will no longer be able to access the data it was able to access before the program. As shown in FIG. 16, a real system may attempt to enter the target access control record (block 350) and find that the authentication procedure failed because the pre-existing access control record ID is no longer present in the secure storage application. In the program, access rights are denied (diamond 352). Assuming that the access control record ID has not been deleted, the entity specifies an access control 122365.doc -45 - 200821837 Lu Cui Lu (block 3 54) and the secret ID and/or data in a special segment. And then the secure storage application checks whether the key ID or partition access request is granted based on the access control record of such access control record (diamond 3 5 8). If the permission has been deleted or has expired, the request is rejected again. Otherwise, the request is granted (block 360). The above procedure describes how the device (e.g., a flash memory card) manages access to protected material regardless of whether the access control record and its access control record have just been recorded by another access control record. Change or open ' is configured as such. Session The Secure Storage Application System is designed to handle multiple users logging in at the same time. When this feature is used, all commands received by the secure storage application are associated with the entity only if the access control record used to authenticate a particular entity has rights for the requested action. Executed. Multiple real systems are supported through the concept of the session. - The duration is built during the authentication process and a session ID is assigned by the secure application system. The session ID is internally associated with the access control record used to log into the system and is exported to the entity for use in all further secure storage application commands. : 琢 Safe Storage Application Eight Winds W Neck Period • Smell-style combination and safety meeting period. The session class associated with a particular authentication procedure: in the access control record. The safe storage should be purely forcibly implemented in a manner similar to H. Because the access control record defines that the person can enable the secure channel phase, the mechanism allows the system design to take control records to access specific (4) IDs or (4) specific stored credentials). , that is, to establish a new access control record and to set up an open session. The system uses a one-session ID to identify but not to encrypt the bus. All commands and data are publicly transmitted. This mode of operation is more than (4) r used in a multi-user bite/physical clothing disturbance, wherein the real system does not constitute a threat model and is not part of the eavesdropping on the bus. Although the protection of the data does not implement the firewall of the host-side application, the open session mode enables the secure storage application system to only allow access to the currently recognized access. Control the information allowed by the record. The open session can also be used in a partition or a key system needs to be protected. However, after a valid authentication procedure, access is granted to all entities on the host. The only thing that the various host applications need to share in order to gain access to the access control record is the session ID. This is shown in Figure 17A. The steps above the line 4 are followed by the steps taken by the host. After a real system has authenticated the access control record (block 4 0 2 ), it requests access to the memory device 1 within a slot associated with an input ID X (blocks 404, 406 and 408). If the access control record of the access control record 1 allows such access, then the request is granted 1 (diamond 410). If not allowed, the system returns to block 4〇2. After the completion of the authentication, the 5 Retirement System 10 identifies the entity being issued - the command only by the assigned session number 122365.doc -47 - 200821837 ID (and not the access control record authentication) . Once the access control record is obtained from an access control record in an open session that is associated with the key 1 , any other application or user may specify The correct information shared by different applications on the host ^ is used to access the same data. This feature is advantageous in the application. It is more convenient for the user to log in once and have access to all the accounts associated with different applications for login. Therefore, a mobile phone = the user can access the stored email of the memory 2 (4) and listen to the stored music ' without having to log in multiple times. On the other hand, the data not contained in the access control record 1 is not accessible. Thus, users of the same mobile phone can have valuable content, such as games and photos that can be accessed via the access control record 2. This is the material that he does not want to access by someone else on his phone's office, even though he may not mind that someone else can access the control record through his first account. In the open session, access to the data is separated into two separate accounts1 while allowing access control records to be accessed, providing easy protection and providing valuable information protection. In order to further facilitate the sharing of the session ID between the host applications, when an access control record is requesting an open session, it can explicitly request that the session be assigned. "ID. In this way, the application can be designed to use a predefined duration m. The only restriction, for obvious reasons, is that only the specific time is identifiable—the session access control is being requested. Recorded. An attempt to identify another access control that is being requested will be rejected. 122365.doc -48- 200821837 The attempt to record will be rejected. Security Period In order to add a layer of security, the session ID can be used, as shown in Figure 17B. Then, the memory 1 储存 also stores the session ID of the active state session. In FIG. 1B, for example, in order to be able to access a file associated with the key ID X, the entity will also need to provide a session ID before the entity is allowed to access the file, such as Period ID "A" (blocks 4〇4, 406, 412, and 414). In this way, unless the requesting system knows the correct session ID, it cannot access the memory. Since the session m is deleted after the end of the session and is different for each session, a real system can only be accessed if it has been able to provide the session number. By using the session number, the female full storage application system tracks whether a command system is actually from a properly authenticated entity. The host application uses a secure session (a secure channel) for applications and usage scenarios where an attacker will attempt to use an open channel to transmit malicious commands. When a secure channel is used, the session ID and the entire command are encrypted with a secure channel encryption (session) key and the security level is as high as the host implementation. Termination of a session In any of the following conditions, the termination of a backup (three) period, and the logout of the access control record · 1 · The system issued a clear end of the session order. 122365.doc -49- 200821837 』2. The overnight time is overdue. A particular entity has not issued any commands during a period of time (as defined by access control § parameters). 3. Reset and/or power cycle 4 of the device (such as flash memory card), and all open sessions of the winter. The Data Integrity Service Library is used to verify that the secure storage application data (which contains all access control records, permission control records, etc.) is provided through the male and key 1D mechanisms. Data integrity services for physical data. If the key ID is configured to use hashing as its encryption algorithm, then the = value is stored side by side with the content encryption key and IV in the content encryption key. Have been recorded. Calculate and store hash values during writer operations. The hash (4) is again calculated during the read operation and compared to the value stored during the previous write operation. Whenever the entity is accessing the secret, the external data is (in cryptographically compiled) concatenated to the old data and updated (for reading or writing) suitable hash values. = For only the host knows that it is associated with a key m or by a key 〇 to point to the file 'so the host explicitly manages several aspects of the data element integrity function in the following way: ' Associated The data key file pointed to by -key 1〇 or by a secret output is written or read from the end to the end. Any attempt to access the portion of the file will confuse it 'cause that the secure storage program is using one: block exhaustion encryption method and generate the entire data - miscellaneous message extract 122365.doc -50- 200821837 2. It is not necessary to process a continuous stream (the data stream can be interleaved and his data stream is streamed, and the data can be divided into multiple sessions (1), the reason is that the middle of the hash value is This secure storage application system maintains. However, if the data stream is reopened #, the entity will need to explicitly refer to (4) the secure storage application pure reset (4) hash value. 3_ When a fetch operation is completed At the time, the host explicitly requests the secure storage application H (4) to confirm the hash of the read by comparing the read (4) and the hash value calculated during the writer operation. 4. The secure storage application system also provides a &quot Set the read "Operation. This feature will stream the data through the encryption engine, but will not transfer it out to the host. This feature can be used to actually get the data from the device (such as a flash memory card) ) read Previously, confirm the integrity of the data. The random number generation of the provincial Angkor storage application system will enable external entities to use the internal m to generate n ' and the request random number is used outside the secure storage application system. This service can be Any host use, and no need to remember. The RSA key pair generation of the secure storage application system will enable external users to use the internal RSA key pair to establish features 'and request a pair of key pairs to be used for the secure storage application Outside the program system. This service can be used by any host and does not require authentication. Alternate embodiments do not use a hierarchical architecture, similar results can be achieved using the database method 122365.doc -51 - 200821837, such as Shown in Figure 18. If not in Figure 18, a list containing the maximum number of authentications, authentication methods, failure attempts, and the minimum number of authentications required to unblock the entity may be stored in the controller 12 or Among the data banks in the memory 2, the / month order makes the tolerance requirement related to the implementation of the controller η of the memory 1 Principles (for key and partition read, write access, secure channel requirements). Also stored in the database are constraints and restrictions on access secrets and partitions. Therefore, some entities (for example , System Lawr) can be on a white list, which means that these entities can access all the secrets and partitions. Other real systems can be on the _ black list, and their attempts to access any information will be Blocking. This restriction can be global, or key and/or partition-specific. This means that only certain entities have access to certain keys and partitions, and some entities cannot do so. It can also be placed on the content itself, regardless of the partition in which the content is located or the key used to encrypt or decrypt the content. Therefore, certain materials (such as 'songs) can have only the first 5 Attributes accessed by the host device accessing them, or other materials (eg, movies), can only be attributed to a number of times, regardless of which entities have access rights. 4 Privilege, code protection / password protection means that a password needs to be submitted to access the protected area "unless it cannot exceed a password", otherwise the password can be associated with different rights, such as read access and / Or write access. • Password protection means that the device (for example, a flash memory card) can verify the password provided by the host, that is, the device is also stored in the device management. Passwords in the secure memory area. Publishing and Restrictions • Passwords are subject to replay attacks. Because the password does not change after each submission, it can be retransmitted in the same way. It means that if it is to be protected If the system is valuable, the password should not be used, and the 汇fl bus system is easy to access. • The password can protect the data stored in the store#, but should not be used to protect the data (not a key) In order to increase the security level associated with the password, it can be used as a master key, and the result is that the hacker does not mess up the entire system. - Based on the session period The basic secure communication channel can (4) transmit the password. Figure 19 shows a flow chart for authentication using a password. The real system transmits the account ID and password to the system! 〇 (for example, a flash memory card). Check to see if the password matches the password in its memory. If it matches, return the authenticated status. Otherwise, accumulate the error count II for the account, and the real system is required to re-enter Person-account ID and password ° If the count is 11 full, then the system returns the access denied access. Symmetric key pair: Second: the algorithm means that the same is used at both ends of the encryption and decryption. The secret / : is forbidden that the key has been pre-approved before the communication. In addition, the parent 1 should implement each other's inversion algorithm, that is, the encryption of the end - end 122365.doc 53 - 200821837 and the other end The decryption algorithm. The two ends do not need to implement the two algorithms for communication. The identification of the symmetric and key authentication means that the device (for example, the flash memory card) and the host share the same key and have the same Password compilation algorithm (direct and reverse, for example, DES and DES-1) Response (Protection prevents the challenge of replaying other devices, and both • Symmetric key authentication means challenge-hit). Protected devices produce one to

Counting responses. The 4 monitoring device returns the target, and the protected device checks the response, and accordingly confirms the authentication. Next, the _ associated with the authentication can be granted. The authentication can be: External: The device (e.g., a flash memory card) identifies the external world', i.e., the device confirms - the authentication of the given host or application. • Mutual: creates a challenge on both ends. • The internal ··································································································· Increase the security level of the entire system (also destroys all), control the key and combine with diversity. Challenges to ensure that the challenge system – the real • symmetric key system usually uses a master • mutual authentication to use challenges from both ends. Encryption 122365.doc -54- 200821837, 冉山隹, code compilation is also used for encryption, because it is a very efficient shoulder, that is, it does not require a powerful central processing to handle cryptography . When used to secure a communication channel, both devices must know the session key used to secure the channel (i.e., encrypt and decrypt all the packets). This session is usually set up using a pre-shared secure symmetric key or using a public key infrastructure. It is necessary to know and implement the same cryptographic compilation algorithm. The signature / (4) key can also be used for signature data. In this case, the signature is added. ρ knife results. Keeping the result as part of the allowed signature is as many as needed, without revealing the key value. The release and restriction of the symmetry system is very efficient and safe, but it is based on a pre-common=secret. The release is safely shared in a dynamic manner and can be made random (like a session). The idea that a shared secret is not easy to maintain for a long time is almost impossible to share with multiple people. In order to facilitate this operation, public key algorithms have been invented because they allow secret exchanges without sharing the secrets. Asymmetric Clocking Procedures Asymmetric key-based authentication uses a series of transmission commands that ultimately construct the session key for secure channel communication. The Basic Association 122365.doc -55- 200821837 determines the user for the secure storage application system. The protocol change allows for mutual authentication, where the user must identify the access control record he wants to use; and two-factor authentication. Preferably, the asymmetric authentication protocol of the secure storage application uses a publicly cryptographic infrastructure (PKI) and an RS A algorithm. As defined by these algorithms, each party within the authentication procedure is allowed to establish its own Rs A key pair. Each RSA key pair is composed of a public key and a private key. Because these keys are anonymous, they cannot provide proof of identity. The public key infrastructure layer seeks a third party and trusted party that signs each of the public keys. The public key of the trusted party is pre-shared between the parties who authenticate each other and is used to verify the public key of the party. Once the trust system is established (two parties decide that the public key provided by the other party can be trusted), the association continues to monitor 4 (verify each party to save the matching private key) and key exchange . This can be implemented by the challenge response mechanism shown in Figures 22 and 23, as described below. The structure containing the signed public key is called a credential. Signing Trusted parties to these credentials are referred to as Credential Authorization Units (CAs). In order for a party to be authenticated, it has an RSA key pair and a certificate proving the authenticity of the public key. The voucher is signed by the voucher authority, which is authorized by another (authenticated) party. The identifiable party is expected to have a public secret of its trusted voucher authority on the property of 苴. The secure storage application 糸# a i Λ糸, first allow the credential chain. This means that the public key of the party identified is 122365.doc • 56· 200821837 can be signed by a different credential authority that is trusted by the identifying party. In this case, the identified party, in addition to providing its own credentials, also provides credentials for the certificate authority that has signed the public key. If the second level of credentials is still not trusted by another party (not signed by its trusted certificate authority), a third level of credentials may be provided. In this voucher chain algorithm, each party will hold a complete list of documents that need to be authenticated for their public key. This is shown in Figures 23 and 24. The authentication required for mutual authentication of this type of access control record is the RSA key pair of the selected length. Secure Storage Application Credentials The Secure Storage application uses the [X.509] version 3 digital certificate. [X.509] is a general purpose standard; the secure storage application voucher data file described herein further describes and limits the content of the voucher definition block. The voucher data file also defines a hierarchy of trusts defined by the credential chain, the confirmation of the secure storage application credentials, and the management of the credential revocation list (CRL) profile. The voucher is considered to be public information (like an internal public key) and is therefore not encrypted. However, it contains an RSA signature that verifies that the public key and all other information fields have not been tampered with. [X.509] defines that each block is formatted using the ASN.1 standard, which in turn uses the DER format for data encoding. An example of the secure storage application voucher shown in Figures 20 and 21 includes an infinite hierarchical hierarchy for the host and for the 122365.doc -57-200821837 The device may use more than or a number of levels of up to 3 for at most 3 levels of hierarchy. Host Credential Hierarchy Architecture The device is based on two factors: ^ ^ W host · The heart of the device is also stored in the device and also voted for the early voucher (for helmet ^ ^ ^ 1 as an access control record authentication, in the Take the control record to establish the health record, "..." and the certificate/credential chain provided by the entity attempting to access the device (use 1 for the δHite access control record) For the parent-access control exemption record + ._ . 11, 彔 and s, the host certificate authority unit is the root certificate authority (the certificate in this system). For example, the ancient 'for / beat control Recording authentication, cattle 1J meat σ For an access control record, the step-by-step certificate authority unit can be linked to the host j Feng ^, 铖 杈榷 杈榷 ( ( ( level 2) vouchers,,, and for another For the control record, the root certificate authority may be the "master root certificate authority unit certificate". For each access control record: each entity holding a certificate signed by the root certificate authority (or - a certificate chain connecting the root certificate authority to the end entity certificate) can log into the access control record The premise is that it has a corresponding private key for the end entity voucher. As mentioned above, a voucher is a publicly available knowledge and is not kept secret. The fact that all the certificate holders (and corresponding private keys) issued by the root certificate authority can log into the access control record means that the (4) of a particular access control record is stored in the deposit. It is determined by the issuer of the authorized unit of the root certificate within the control record certificate. In other words, the issuer of the root certificate authority may be the entity of the (4) access control record access control scheme. 122365.doc -58- 200821837 Host Root Credential This root credential is the trusted credential authorized unit credential that the secure storage application is using to begin verifying the public key of the entity attempting to log in (host). This credential is provided when the access control record is established as part of the access control record authentication. It is used for the root of the trust of the public key infrastructure system and, therefore, is assumed to be provided by a trusted entity (a parent access control record or a manufacturing/configuration trusted environment). The secure storage application verifies the voucher by using its public key to verify the voucher signature. The host root certificate is stored encrypted in a non-volatile memory (not shown in Figure 1), and the secret key of the device is preferably only available from central processing unit 12 of system 1 of system 10. access. Host Credential Chain The host credential chain is the credential that is provided to the secure storage application during authentication. After the processing of the host credential chain is completed, the memory of the host credential chain should not be stored in the device. Figure 20 is a schematic diagram showing the hierarchy of host credential levels of a number of different host credential chains. As shown in Figure 20, the host certificate can have many different credential chains, of which only three are displayed: A1. Host Root Credential Authorization Unit Credential 502, Host 1 Credential Authorization Unit (Second Level) Credentials 5〇 4 and host certificate 5〇6; B1. Host root certificate authority unit certificate 502, host n certificate authority unit (second level) certificate 5 0 8 'Host 1 certificate authority unit (third level) certificate 5 10 and host certificate 512 C1. Host Root Certificate Authorization Unit Credential 502, Host η Document Authorization Order 122365.doc -59- 200821837 Bit (Second Level) Document 5〇8 and Host Credential 514. The three credential chains A1, 扪 and 显示 show above can be used to prove that the host's public key is authentic three possible host credential keys. Refer to the above voucher chain A1 and Figure 20, the host! The public gun in the voucher authority (second level) voucher 504 is signed by the host root credential authorization unit: private key (ie, by encrypting the public secret summary of the Guangkouhai host root certificate) The publicly-restricted state of the authorized unit is within the host root certificate authority unit voucher 502. The host public key in the 4 main device voucher 506 is then authorized by the host 1 voucher authority unit. The private key of the (second level) is signed, and the public key of the host certificate authority (second level) is provided in the certificate 1 (second level) certificate 504 of the host 1. Therefore, one The system of the public secret with the host root certificate authority will be able to verify the authenticity of the above-mentioned voucher chain A1. As a step, the real system uses Eight possessed the host root certificate authorization ^ ^ ^ ^ ^ ^ ^ 哕 main value, "Gan early position. Hai public read, to decrypt the host communicated to the host by the host 1 Feng machine heart ° and the right (second level) voucher 504 signed Public key, and compare the signed public key of the ^^^ ^ 乂 乂 亥 亥 亥 亥 及 及 及 及 及 及 及 及 及 及 及 及 及 及 签名 签名 签名 504 504 504 504 504 504 504 504 504 504 504 504 504 a summary of the unsigned public, $. If the two match, then the public key of the host 1 voucher, Η ^ (first level) is compromised, and the The entity will then cause the authenticated public key of the TM host 1 credential authorization unit (篦-厣 level) to be early (the fourth layer 4, and the host host transmitted by the host is also the host of the host 506! The public key of the host signed by the private key of the tearing 1i level 1 ^ level 1 ^ ^ ^ The summary of the public key of the host certificate communicated by the host 122365.doc -60- 200821837 The value, then the public key of the host is then also recognized. The credential chain B1 and C1 can be used in a similar manner for authentication. As will be noted by the above-mentioned procedure involving the credential chain A1, from the need The first public secret of the host verified by the entity is attached to the host certificate authority ( The key in the second level), and the host root certificate is not authorized for the early time certificate. Therefore, the host only needs to transmit the host/credential authorization unit (first level) certificate 5〇4 and the host certificate 5〇6 To the entity, the host 1 credential authorization unit (second level) credential will be the first credential in the credential chain that needs to be transmitted. As shown above, the sequence of credential verification is as follows. Next, the memory device 10) first verifies the authenticity of the public secret within the first voucher in the beta chain, which in this case is the voucher 504 of the voucher authority under the root credential authorization unit. After the public key in such a voucher is verified as authentic, loading = 10 is followed by verification to the next voucher, in which case the host can apply a similar one by using the same token. A verification sequence in which 'the credential chain contains more than two credentials starting with the credentials immediately below the root and ending with the credentials of the entity to be authenticated. The device credential hierarchy architecture identifies the device according to two factors: a device root credential authorization unit voucher stored in the host and a code/credential chain provided by the device to the host (which is attached to the device) When the control record is established, it is provided to the device as 2 - authentication). The program for the device to be recognized by the host is similar to the program described above for authenticating the host. Device Credentials Keys 122365.doc 61 200821837 The device credential chain is the credential of the key pair for this access control record. It is provided to the card when the access control record is created. The secure storage application stores these credentials individually and will provide credentials to the host one by one during the authentication period. The secure storage application uses these credentials to authenticate the host. The device is capable of processing a voucher chain with 3 credentials, however several credentials other than 3 can be used. The number of vouchers varies depending on the access control record. It is determined when the access control record is created. The device can transmit the credential chain to the host, however, it does not need to analyze them because it does not use the credential chain data. Figure 21 is a diagram showing the hierarchy of device credential hierarchy for displaying a 1 to n different credential chain using a secure storage application for a device such as a storage device. The n different credential chains shown in Figure 21 are as follows: Α 2. Device Root Credential Authorization Unit Credential 520, Device 1 Credential Authorization Unit (Manufacturer) Credential 522 and Device Credential 524; Β 2 • Device Root Credential Authorization Unit Credential 520 The device η certificate authority unit (manufacturer) certificate 526 and device certificate 528. The secure storage application device can be manufactured by 1 to n different manufacturers, each manufacturer having its own device certificate authority certificate. Thus, the public key in the device credential for a particular device is signed by its manufacturer's private key, and then the manufacturer's public key is the private key of the device's root credential authorized unit. Sign it. The manner in which the public key of the device is verified is similar to the manner in which the host's public key is described above. When in the above-mentioned case for the verification of the credential chain A1 of the host, it is not necessary to transmit the device root certificate authority unit with the certificate of 122365.doc -62-200821837, authorizing the integer voucher device i voucher 'i system from 1 to η And the first I bit to be transmitted in the voucher chain (manufacturing certificate, followed by the device in the embodiment shown in Figure 21, i voucher authorized unit (manufacturer) (four) ^ parent two voucher ··Device said. $ # n " ϋ心也, followed by its own device by the early (裟埏商) voucher system to manufacture such a device and is a private secret manufacturer. When the device's public key system is issued by the machine: to receive, the main mechanism has the root certificate authorization unit A key To decrypt and verify the device 1 certificate authority (manufacturer) public key. If the verification fails, then the host will abort the program and notify the device that the authentication has failed. If the authentication is successful, the host transmits A request to the device 'for the next voucher The device then transmits its own device credentials that will be verified by the host in a similar manner.

The above verification procedures are also shown in more detail in Figures 22 and 23. In Figure U, the 'Security Service Module System' is a software module that implements the secure storage application system described herein and other functions described below. The security service module system can be constructed as a software or computer. The code has a database stored in a non-volatile memory (not shown) in the memory 20 or the central processing unit 12, and is read by the central processing unit 12 into the random access memory 12a. And as shown in Figure 22, there are three stages in the program, wherein the female full service module system 542 in the device 1 identifies a host system 540. In the first public key verification phase, the The host system 540 transmits the host credential chain to the security service module system 542 within the security service module command 122365.doc -63 - 200821837. The security service group system 542 uses the access control record 55 The host root authenticates the unit public key by the root credential within 548, and verifies (block 552) the authenticity of the host credential 544 and the host public key 546. If the root credential authorization is involved An intermediate credential authorization unit with the host is at block 552, and the intermediate credential authorization unit 549 is also used for verification. Assuming the verification or procedure (block 552) is successful, the security service module system 5 The system then proceeds to the second phase. The security service module system 542 generates a random number 554 and transmits the random weight 554 as a challenge to the host system 54. The system 54 uses the private secret of the host system. The key 547 signs the random number 554 (block 556) and transmits the signed random number as a response to the challenge. The response is decrypted using the host public key 546 (block 558), and the random number 554 Comparing (block 56 〇), the challenge response is successful assuming the decrypted response matches the random number 554. In the third phase, the random number 562 is encrypted using the host public key. The number 562 is a session key. The host system 540 can be decrypted by using its private key (the block % sentence comes from the encrypted random number of the security service group system 542) Code 562, and obtain the session key. By means of the session key, then the secure communication between the host system: 540 and the security service module system 542 can be initiated. To the asymmetric authentication, wherein the host system 540 is authenticated by the security service module system 542 within the device 1. The map is a protocol map that displays - a one-way clocking agreement similar to that of Figure 22. The two-way mutual authentication = 122365.doc • 64-200821837 program, wherein the security service module system 542 of Figure 23 is also authenticated by the host system 540. Figure 24 illustrates an embodiment of the present invention Schema of the credential chain 590. As mentioned above, the credential chain that needs to be submitted for verification can contain several credentials. Thus, the voucher chain of Figure 24 contains a total of nine credentials, all of which may need to be verified for authentication. As explained in the prior art section above, in an existing system for credential verification, an incomplete voucher chain is transmitted, or if the entire voucher is transmitted, and the voucher is not transmitted in any particular order, The recipient will not be able to analyze the credentials until the entire credential group has been received and stored. This is because the number of voucher in a voucher chain is not known in advance. A large amount of storage space may need to be reserved for storing credential chains of unknown length. This can be a problem with the storage device that performs the verification. An embodiment of the present invention is based on the recognition that the problem can be mitigated by the host device transmitting its system of credentials in the same order that the credential chain will be verified by the storage device. Thus, as shown in FIG. 24, the voucher chain 590 of the voucher begins with voucher chain 590(1), which is the voucher immediately below the host root voucher; and ends with voucher 590(9), which is Host credentials. Thus, device 10 will first verify the disclosure secret in voucher 590(1), followed by the verification of the public secret in voucher 590(2), and so on, until the host in voucher 590(9) is publicly exposed. The key is verified. Then, this completes the verification process of the entire credential chain 59. Therefore, if the host device transmits the voucher chain 122365.doc-65-200821837 59〇 to the memory device 1G' in the same order or sequence as the voucher chain is to be verified, the memory device 1G can be used as a voucher. The verification of each-voucher is initiated upon receipt without waiting until all nine credentials in the credential chain 590 have been received. 10 will need to reserve space for storing only a single credential. The memory device will need to know when the entire credential chain 590 has been received. Thus, preferably, the last voucher 590(9) contains an indication of the last-voucher-indicator or item in the voucher chain. This feature is shown in the 'in the embodiment, the host device transmits the voucher chain 59-password to the memory device 1G. Next, the memory device bay must be - person stored - single - voucher. After the voucher has been verified, it can be overwritten by the voucher that is transmitted by the host, except for the last-voucher in the voucher key. In this manner, at any time, the memory device is not in the table of FIG. 25's information showing the control segment, which is before the certificate buffer transmitted by the host to the memory device 1 . If not in Fig. 25, the control section of the voucher 59 (9) contains an argument name, which is the final flag. Next, the memory device 1 can be set by checking whether the last 'flag system is set, and the verification voucher 590 (9) is the last voucher in the voucher chain to determine whether the received voucher is the voucher. The last voucher in the chain. In an alternate embodiment, the voucher in voucher chain 590 may be transmitted in a one-by-one manner, but in groups of one, two or three voucher. Obviously, the same number of credentials in a group or group with other numbers of credentials can be used. Thus, credential chain 590 contains 5 consecutive credential strings 591, 593, 595, 597, and 599. Each of the voucher strings 122365.doc -66- 200821837 contains at least one voucher. A contiguous credential string is a credential string containing the following credential: a credential (start credential) of the credential string immediately preceding the credential string in the voucher chain; immediately preceding the voucher chain in the voucher chain The voucher (end credential) of the subsequent voucher string; and all voucher between the start voucher and the end voucher. For example, credential string 593 contains three credentials 590(2), 590(3), and 590(4). The five credential strings are verified by the memory device 10 in the following sequence: 591, 593, 595, 597 and ending at 599. Therefore, if the five credential strings are transmitted and received in the same sequence as the verification performed by the memory device, the memory device will not need to store any credential after the credential strings have been verified. The string, and all except the last one, can be overwritten by the next credential from the host. As with the previous embodiment, it is expected that the last voucher in the voucher chain contains an indicator such as a flag that is set to a specific value to indicate that it is the last voucher in the voucher chain. In this embodiment, the memory device will only need to reserve enough space to store the maximum number of credentials in the five credential strings. Therefore, if the host first notifies the memory device 10 of the longest credential string it wishes to transmit, the memory device 10 only needs to reserve enough space for the longest credential string. Preferably, the length of each credential in the credential chain transmitted by the host does not exceed four times the length of the public key authenticated by the credential. Similarly, preferably, the length of the voucher transmitted by the memory device 10 to a host device to verify the public key of the memory device is no more than four times the length of the public secret recorded by the voucher. The above-described embodiment for verification of the credential chain is shown in the flow chart 122365.doc-67-200821837 of Fig. 26, in which the number of voucher in each group is assumed to be 1 for the sake of simplicity. As shown in Figure 26, the host sequentially transmits the credentials in the voucher chain to the card. Starting with the first credential within the credential chain (typically the credential following the root credential, as described above), the card sequentially receives the credential chain from the host being authenticated (block 6〇2) . Next, the card verifies each received credential and if any of the credential verification fails, the program is aborted. If any of the credentials fails to be verified, the card notifies the host (blocks 604, 606). Next, the card detects if the last credential has been received and verified (diamond 608). If the last credential has not been received and verified, the card returns to block 6〇2 to continue receiving and verifying credentials from the host. If the last voucher has been received and verified, the card proceeds to the next stage (61〇) after the voucher is verified. Although the features in Figure 26 and the following figures refer to the memory card as an example, it should be understood that these features can also be applied to a memory device having a physical form other than a memory card. The program implemented by the host when the card is authenticating the host is shown in FIG. As shown in Figure 27, the host transmits the next voucher in the voucher chain to the card (block 620), typically starting with a credential following the root credential. Next, the host determines whether an abort notification (diamond 622) from one of the cards has failed to be authenticated has been received. If an abort notification has been received, the host stops (block 624). If a suspension notification has not been received, then the host checks to see if the last token in the credential chain has been transmitted by checking if the last flag has been set in the last voucher being transmitted (block 626). ). If the last voucher has been transmitted, the host proceeds to the next stage after verification by 122365.doc -68-200821837 (block 628). As shown in Figures 22 and 23, the next stage can be a challenge response followed by a session key establishment. If the last credential in the credential chain has not been transmitted, the host returns to block 620 to transmit the next credential within the credential chain. The actions taken by the card and the host when the card is being authenticated are shown in Figures 28 and 29. As shown in Figure 28, after the start, the card waits for a request from the host to transmit one of the credentials in the voucher chain (block 63, diamond 632). If a request from the host is not received, the card will return to diamond 632. If a request is received from the host, the card will then transmit the next voucher in the voucher chain, starting with the A that should be transmitted (typically starting with the voucher following the root credential) (block 634). The card determines if a failure notification has been received from the host (block 636). If a failure notification has been received, the card is stopped (block 63 7). If no failure notification is received, the card determines if the last document has been transmitted (diamond 638). If the last credential has not been transmitted, the card returns to diamond 632 and waits until it receives the next request from the host for transmitting the next credential within the credential chain. If the last voucher has been transmitted, the card proceeds to the next stage (block 639). Figure 29 shows the action taken by the host when the card is being authenticated. The host transmits a request for the next voucher in the voucher chain to the card, beginning with a request for the first voucher to be transmitted (block 640). The host then verifies each received credential and if the verification fails, the program is aborted and the card is notified (block 642). If the verification passes, the host checks to see if it has received and successfully verified the last pass (diamond 644). If the last credential has not been received and successfully verified, the host returns to block 640 to transmit a request for the next credential within the credential chain. If the last credential has been received and successfully verified, then after the credential is verified, the host proceeds to the next stage (block 646). Voucher abolition When a voucher is issued, it is expected to be used throughout its validity period. However, various situations may result in a voucher becoming ineffective until the expiration of the validity period. Such cases include a name change, an employee's termination of employment with an organization between the subject and the certificate authority, and a compromise or suspected compromise of the corresponding private key. In such cases, the certificate authority is required to revoke the certificate. The secure storage application enables credential revocation in different ways, and each access control record can be configured for a specific method for revoking the voucher. An access control record can be configured to not support an abolition scheme. Under this October condition, each voucher is considered valid until its expiration date. Or you can use the voucher to ruin the vast expanse. From 屯π 口 u .

~▼ The owner of the record system is responsible for managing a waste that is enforced by the host to enforce a host root certificate. The mechanism implemented by the host root certificate is to update the deposit. Implemented by taking the credentials of the control record. Credential Revocation List (CRL) This secure storage application system uses an abolition scheme that involves the periodic issuance of each credential authority unit called a signed data structure called a voucher revocation list. A voucher revocation list is a timestamp list that identifies the revoked voucher signed by a voucher authority (the same voucher authority that issued the voucher in question) and is implemented to be freely available to the public. Each revoked voucher is identified in a voucher revocation list by its voucher number. The size of the voucher revocation list is arbitrary and depends on the number of revoked unexpired vouchers. When a device uses a credential (e.g., to verify the identity of a host), the device not only checks the credential signature (and validity), but also verifies the credential against a list of serial numbers received through a credential revocation list. If the certificate issuing the voucher authorizes the identification of a serial number such as a voucher on the voucher revocation list issued in the early position, then this indicates that the voucher has been revoked and is no longer valid. The voucher revocation list will also need to be verified as authentic for the purpose of the voucher. The voucher revocation list is signed using the private key of the voucher authority that issued the voucher revocation list, and can be verified as authentic by decrypting the signed voucher revocation list using the voucher authority's public key. If the decrypted voucher revocation list matches the digest of the unsigned voucher revocation list, this means that the voucher revocation list has not been tampered with and is true. The voucher revocation list is usually hashed using a hash algorithm to obtain a summary thereof, and the digest is encrypted by the private key of the voucher authority by 122365.doc 200821837. In order to verify whether a voucher revocation list is valid, the signed voucher revocation list (ie, the hashed and encrypted voucher revocation list) is decrypted using the voucher authority's public key to obtain a decrypted And a hashed voucher revocation list (ie, a summary of the voucher revocation list). It is then compared to the hashed vouchers list. Therefore, the verification procedure can often involve the step of hashing the voucher revocation list for comparison with the decrypted and hashed voucher revocation list. One of the characteristics of the voucher revocation list scheme is that the confirmation of the voucher (for the voucher revocation list) can be implemented separately from obtaining the voucher revocation list. The voucher revocation list is also signed by the issuer of the appropriate voucher, and in the manner described above, using the public key of the voucher authority that issued the voucher revocation list, the voucher is verified in a similar manner to voucher verification. Abolish the list. The memory device verifies that the signature belongs to the voucher revocation list and the issuer of the voucher revocation list matches the issuer of the voucher. Another feature of the voucher revocation list scheme is that the voucher revocation list can be distributed by means of exactly the same as the voucher itself, i.e., via an untrusted server and untrusted communication. The list of revoked documents and their characteristics are detailed in the X.509 standard. Secure Storage Application Infrastructure for Credential Revocation List The Secure Storage application uses this voucher to abolish the inventory scheme to provide an infrastructure for host abolition. When the RSA-based access control record is authenticated by the voucher revocation list abolition scheme, the host system will be used as one of the additional fields for the voucher revocation list (if the issuer certificate authority unit has not been revoked 122365.doc -72- 200821837 Any vouchers may be added to a set of voucher orders. This field will contain a list of vouchers that are signed by the issuer of the voucher. When the block is present, the memory device J 〇 first verifies the credentials within the set of voucher commands. Obtaining and accessing the voucher revocation list repository is entirely the responsibility of the host. The voucher revocation list is issued during the period in which it is valid (Certificate Revocation List Expiration Period (CET). During the verification period, if the current time is found to be out of the time period' then the voucher revocation list is considered to have Defective, and can not be used for credential verification. Then, the result is that the credential's authentication failed. In the traditional credential verification method, the authentication or verification entity is expected to hold the voucher revocation list or be able to self-certify the unit Retrieving the voucher revocation list 'and comparing the serial number of the voucher submitted for verification to determine whether the submitted voucher has been revoked. In the case of authenticating or verifying the real system-memory device, The memory device may not have been used by itself to obtain a voucher revocation list from the voucher authority. If a voucher revocation list is pre-stored in the device, such a list may become expired, such that after the installation date The revoked voucher will not appear on the / monthly order. This will enable the user to access the storage device using the revoked voucher. This is not desirable. In one embodiment, the above problem can be solved by a system in which the entity that wants to be authenticated submits a voucher revocation list along with the voucher to be authenticated to the authenticating entity, The authenticating entity can be a memory device 1. The authenticating entity then verifies the authenticity of the received voucher and voucher revocation list. The authenticating entity checks whether the voucher is identified by checking (such as the serial number of the voucher) appears on the voucher revocation list, and checks whether the voucher is on the voucher revocation list. In view of the above, the conversion financial plan can be (4) between the host device and the memory device 10 The mutual recognition between the host device and the host device that is to be authenticated for the memory device 10 will be required to provide its voucher key and corresponding voucher revocation list. Another-old; Shi Dexian β early aspect, host The device has been used to connect to the voucher authority to obtain a voucher revocation list so that when the memory device 10 is to be authenticated by the host device, the memory device does not need to be The abolition/monthly order is submitted to the host device along with its voucher or voucher chain. Cui Jin, come, has an expanded number of different types of portable devices that can be used to play content, such as different built-in or independent music. Players, mp3 players, mobile phones, personal digital assistants, and notebook computers. Although connecting such devices to the global network (www) to access from the certificate authority, "verification lists are possible, but typically many Non-daily = to web 'but instead only get new content or update subscriptions (such as every few weeks) to connect to the Web. Therefore, for such users, it is necessary to obtain a voucher revocation list from the voucher authority It is cumbersome. For such users, the (four) storage device itself - preferably not = the certificate abolition list and optional host credentials that will need to be submitted to the subscription step 1 to access the protected content. In many types of (^ flash memory), the storage devices are not insured, and the area is managed by the host device' rather than the storage devices themselves, in this manner, for the user (to the For host devices, you do not need 122365.doc -74· 200821837 to be connected to the network to get more up-to-date vouchers. Two host devices: such devices can be retrieved from the unsecured area of the storage device and then redirected and presented to the storage device or memory device to access the protected content in the health device. Because it is used for storage and protection.蒦 内谷's voucher and its corresponding voucher revocation list are typically valid for a certain period of time, so if the grievance is still valid, then the user will not need to obtain the latest vouchers. Or voucher revocation list. The above features enable the user to conveniently access the voucher and voucher revocation list when the voucher and voucher revocation list are valid for a relatively long period of time, without the voucher authority for updating The above program is shown in the flowcharts of FIGS. 30 and 31. As shown in FIG. 30, the host 24 reads from the unsecure open area of the memory device 1 that the host will submit to the memory device. A voucher revocation list for identifying one of the voucheres (block 652). Since the voucher revocation list is stored in an unsafe area of the memo body, before the voucher revocation list can be obtained by the host, Need to be authenticated. Since the voucher revocation list is stored in the public area of the memory device, the reading of the voucher revocation list is controlled by the host device 24. Then, the main The voucher revocation list is transmitted along with the voucher to be verified to the memory device (block 654) and proceeds to the next stage unless it receives a failure notification from the memory device 1 (block 656). Referring to Figure 31, The memory device receives the voucher revocation list and credentials from the host (block 658) and checks if the voucher number is on the voucher revocation list (block 660), and other aspects (eg, 'whether the voucher revocation list The system has expired. If the certificate expires or fails for other reasons, the memory device 偯& . ^ ^, — V finds a failure notification to the host (Block 662). The host, the host of $ can obtain the voucher revocation list stored in the public area of the memory device. The original voucher revocation list can be used for the non-= machine. As described above, for the convenience of the user, the certificate that is verified using the heart, 苽 π π singly is preferably stored in the memory device together with the vouchers list. In an unsafe area. However, the voucher can be used for the host to be advertised by the host only for the voucher. The voucher revocation list is included in its field for one next update time. In the case, as shown in Fig. 32, the secure storage application system in the device 1 checks the current time against the time to see if the current time is after this time; if it is, then the identification It also fails. Therefore, preferably, the secure storage application checks the time of the next update and the expiration date of the voucher revocation list against the current time (or the time received by the memory device 1〇 against the voucher revocation list). As described above, if the voucher revocation list contains a long-term revoked voucher identification list, it may take a long time to process (eg, hash) and search the list for the serial number of the voucher submitted by the host, especially in the process. And the search system is implemented in sequence. Therefore, in order to speed up the process, the processing and search systems can be implemented simultaneously. Furthermore, if the entire voucher revocation list needs to be received before it is processed and searched, the program can also be time consuming. The applicant's department recognizes that the process can be quickly executed by processing (searching) and searching as part of the voucher revocation list is received (slowly), so that when the voucher is abolished Finally - when the part is received, the program is about to be completed. Figures 33 and 34 show the features of the abolition scheme described above. At the authentication entity (e.g., a memory device such as a memory card), a voucher and a voucher revocation list are received from the entity that is to be authenticated (block 7〇2). The portion of the unencrypted voucher revocation list is processed (e.g., hashed) and the identification of the voucher (e.g., serial number) in the submitted portion is also searched for. The processed (e.g., hashed) and abolished early portions are compiled into a hashed complete voucher revocation list that is compared to the complete decrypted and hashed voucher revocation list. The complete decrypted and hashed voucher is abolished/monthly formed by the portion of the voucher revocation list compiled for the portion of the entity that is to be authenticated. If the comparison indicates that there is no match in the comparison, then the authentication system fails. The authentication entity also checks 7 against the current time 7:06; the time of the update and the expiration of the voucher revocation list (block if the submitted voucher is found on the voucher revocation list = in " as current time system Not in the expiration of the voucher revocation list, if the time of the next updated voucher revocation list has been exceeded (block 1G), the authentication also fails. In some embodiments, the voucher for storing the voucher is stored. The abolition list part and the level decryption hash certificate abolish the early part may not require a large amount of memory space. 'When the entity (such as 'the host') wants to be authenticated, it and the voucher revocation list to the secret entity (block) And proceed to the ^^ segment (block 724). 0 This is shown in Figure 34. If the real system is submitted - for the voucher chain, it can be implemented in a class 122365.doc -77- 200821837. In this event, the above procedure will need to be repeated for each voucher in the voucher chain along with its corresponding voucher revocation list. Each voucher and its voucher revocation list can be processed as it is received, without Waiting to receive the remaining voucher in the voucher chain and its corresponding voucher revocation list 0 * Identity Object (IDO) identity object is a protected object designed to allow the memory such as _flash, memory card The device 1 stores an RSA key pair or other type of child, code compilation ID. The identity object includes any type of password compilation m, which can be used to sign and verify identity, and encrypt and decrypt data. The identity object also includes a A voucher from a voucher authority (or a voucher chain from multiple voucher grant units) to verify that the public key within the key pair is authentic. The identity object can be used to provide an external entity or _ The identity of the internal card entity (ie, the device itself, an internal application, etc., referred to as the owner of the identity object). Therefore, the card is not using the RSA key pair through a challenge response mechanism. Or other type of cryptographically compiled ID to authenticate the host, but as a proof of identity by signing the data stream provided to it. In other words, the identity object contains its owner. The password compile ID. In order to access the password compilation ID in the identity object, the host will first need to be authenticated. As described above, the authentication procedure is controlled by the access control record. After successful authentication, the identity object owner can use the password to compile the ID to establish the identity of the owner for the other person. For example, the password is compiled with an ID (for example, a public-private key pair) The private key) can be used to sign the information submitted by other parties through the host computer. The signed information and the identity object; Ma Min is the owner of the identity object submitted to Other parties. The certificate authority (that is, the 'trusted authority unit) verifies the certificate:

The open beta private key pair is open to the public, so that other parties can trust the public key to be authentic. Next, the other party may use the public key in the cough certificate to decrypt the signed material and compare the: the decrypted material with the information transmitted by other parties. If the (4) of the solution: matches the information transmitted by the other party, then it indicates that the owner of the injured article has the right to access the real private secret ship, and thus the representative system real. The second use is to use the cipher to compile (1) (such as the RS: A key itself) to protect the information assigned to the owner of the identity object. The data is expected to use 兮玄|4 from 4 The injured object is encrypted by public key. The memory device, such as a memory card, will use the private key to decrypt the asset. The file can be created for any type of access control record, an access control. The record can have only one body injury. Both the greedy signature and the protection feature are provided by the secure storage application to any entity capable of authenticating the access control record. The protection level of the body object is as high as the access control record of the access control record. For ^^, ――, 、, 二, (7) with one identity object access control, you can choose any authentication algorithm. It is up to the creator (host) to determine and evaluate: which algorithm best protects the identity object usage. The access control record of the identity object provides its credential chain in response to the command to obtain the public key of the identity object in response to the second 122365.doc -79-200821837. When the identity object is being used for data protection, the decrypted data output from the card may require further protection. In (4), the host system is encouraged to use the secure channel established by the available authentication algorithm. When creating the identity object, select the key length and the pKcs#i version. In the embodiment, the public key and the private key are being used as defined by the PKCS#1 version 2.1 (exponent, modulus}. In the embodiment, the information contained during the establishment of an identity object is included. An RSA key pair having a selected length and a voucher chain, which recursively proves the authenticity of the public secret. An access control record possessing the identity object will allow the signature of the user data. Implemented by Secure Storage Application Command: • Set User Profile: Provide - Freely formatted data buffer to be signed. Knowing An Wang Storage Application Signature: This card will provide an RSA signature (using 忒 access control) Record the private key. Depending on the type of the object, the format and size of the signature can be determined according to PKCS#1 version 1.5 or version 21. The operation of using an identity object is shown in Figure 35_37, where the memory The device 10 is a flash memory card, and the card is the owner of the identity object. Figure 35 shows the program implemented by the card to the data of the host. Referring to Figure K, ', ΰ 35 After a host is authenticated (block 802), as controlled by one of the above-mentioned access control records, one of the points of the 纟 纟 播 、 , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Used for one of the main vouchers ▲ main, 々 host solicitation (diamond 804). After receiving the request, the card transmits the voucher, 0 and returns diamond 8 〇 4 for the next host request (block 8 06). If the cloud is most 彳*, ,, Μ, and if a voucher chain is to be passed to verify the public key of the identity object owned by the card, the above action is repeated until the voucher All credentials in the chain have been transferred to the host. At each voucher the host's command is not used to sign material from the host, the card uses the private key in the identity object to decrypt the received The data (block 814), and returns to the diamond 8〇4. After having been transferred to the host, the card waits for other commands from the host (diamond_). If it is not received from the host during the preset period Command, then the card returns to the diamond. The data of the host and the ν 7 hour, 4 card check to see if (4) the command is used for the signature data (diamond 81G). If the command is used for the name information, the card is the private secret in the identity object. Key signature, and then transfer the signed bead to the host (block 8丨2), and return to diamond 8〇4. If from Figure 36, the data signed by the card is transmitted to the host by the host The program implemented. Referring to Figure 36, the host transmits authentication information to the card (block 822) after successful authentication controlled by one of the access control records at one of the nodes of one of the tree structures above, the host transmits The card is requested for the voucher chain and the voucher chain is received (block 824). After the public key of the card has been verified, the host transmits the data to the card for signing and receives the information signed by the private key of the card (block 826). Figure 3 7 shows the procedure implemented by the host when the host decrypts the material using the card's public key and transmits the decrypted material to the card. Referring to 122365.doc -81 - 200821837, FIG. 37, the host transmits authentication information to the card (block 862). After successfully implementing (4) control by an access control record, the host transmits a request to the card to request a credential chain (block 864), which is required to verify the public key of the card within the identity object, And send a request to the card to request information. After the public key of the card in the identity object has been verified, the host encrypts the data from the card using the verified public key of the card and transmits it to the card (blocks 866, 868). Query Hosts and applications need to hold certain information about the memory devices or cards they are working together to perform system operations. For example, the host and application may need to know which applications stored on the memory card are invocation. The information required by the host is sometimes not publicly available. It means that not every real system has the right to own it. In order to identify authorized and unauthorized users, it is necessary to provide two methods that can be used by the host. General information inquiry

This inquiry publishes system public information' without limitation. The confidential information stored in the memorable devices consists of two parts: a part. Part of this confidential information contains information that can be used for two entities: exclusive information, so that each entity should be allowed to access only its own proprietary information, and not to access proprietary confidential information of other entities. Such confidential information types are not shared and form an unshared portion of the confidential information. Certain information that is usually thought of as public may in some cases be considered confidential, such as the name of the application residing on the card and its life week. Another example of this may be root access control record names, which are considered public, but may be confidential for certain secure storage application usage. In these cases, the system should provide an option in response to a general information query to keep this information available only to all authenticated users, but not to unidentified users. Such information constitutes a common part of the confidential information. An example of a shared portion of the confidential information may include a list of access control records, i.e., a list of all root access control records currently present on the device. Accessing the public information through the general information inquiry does not require the host/user to log in to an access control record. Therefore, any entity with knowledge of secure storage application standards can execute and receive this information. In the case of a secure storage application, this query command is placed under no one session number. However, if it is desired to have access to the shared portion of the confidential information by an entity, then the entity must first be authenticated by any control structure (e.g., any access control record) that controls access to the data within the memory device. After a successful authentication, the entity will be able to access the shared portion of the confidential information through a general information inquiry. As explained above, the authentication procedure will result in a private information for accessing one of the secure storage application session numbers or iDe cautious information queries regarding individual access control records and their system access and assets. And need to be clearly identified. Therefore, such a query requires access control record entry and authentication (if the authentication is specified by the access control record) before receiving the authorization for the information inquiry. This query requires a secure storage application session number. I. 122365.doc -83- 200821837 Before I describe the two types of queries, the first description of the index group as a practical solution for implementing such queries will be the 0 index group. = The application on the possible secure storage application host is specified for the operating system and system driver requirements to be read & Next, this means that the host application needs to know how many segments need to be read for the parent-girl full storage application read operation. One reason: the nature of the query operation is to supply information about an entity requesting information, which is usually not known. So for the host application, the number of segments required to publish the query and guess the operation is difficult. ° To solve this problem, the secure storage application queries the output buffer for only 3 parent-query requests-segments (512 octets). The parts of the object for outputting information are organized in a class called an index group. Each type of object can have a different byte size, taking into account the number of objects that can be adapted to a single-segment. This defines the index group for this object. If an object has a size of -20 bytes, the index group for that object will contain up to 25 objects. If there are a total of % of such objects in total, then it will have been organized into 3 index groups 'where the object "〇" (first object) start first - index group 'objects' 25" The second index group and the object "5g" starts with the third and is the last index group. System Enquiry (General Information Enquiry) This inquiry provides general information about the supported secure storage application system 122365.doc -84- 200821837 and the set (4) system in the device, as it is executed on the device. Not 8 trees and applications. Similar to the access record query (careful query) described below, the system query is structured to give several query options: • General - Secure Storage Application Support Version. • Secure Storage Application • A list of applications for all secure storage applications on the device, including their execution status. 2. The information listed above is public information. As the access control record checks, 'in order for the host to not need to know the output buffer to be read for the query, the area & 'will have - the segment returned from the device, while still enabling the host to enter - Step to query additional index groups. (4) If the number of root access control record objects exceeds the number of output buffer sizes used for indexing groups, the host may send another query request to the next index group "丨" Access control record query (careful information query) The secure storage application access control record query command is intended to provide the access control record user with information about the system resources of the access control record, such as a key and Application m, partition and child access control records. The information is only relevant to the login access control record and not to other access control records on the system tree. In other words, access is limited to The part 0 of the confidential information that can be accessed under the authority of the access control record can query the following three different access control record objects: • Partition - Name and access rights (owner, read, Write) 122365.doc -85- 200821837 • Key ID and application ID_name and access rights (owner write) • Child access control record - direct + you left % Access control record and access control record group name for access control records • Identity object and security data object (τ Dinggan (described below) name and access rights (owner, read, write). Because the number of objects connected to the access control record can be changed, and the information may exceed 512 bytes (_segment). The user cannot know the need to do so without knowing the number of objects in advance. The number of segments read by the secure storage application system in the device to obtain a full list. Therefore, each object list provided by the secure storage application system is divided into several index groups, which are similar In the case of the above system query, an index group is adapted to the number of objects in a segment, that is, how many objects are transferred to the host in a segment from the secure storage application system in the device. The secure storage application system within the device communicates a segment of the requested index group. The host/user will receive a buffer of the one of the queried objects. The number of objects in the buffer. If the buffer is full, the user can query the next object index group. Figure 38 shows a flow chart of the operation involving the general information query. Referring to Figure 38 'When the security is concerned When the storage application system receives a general information query from an entity (block 902), the system determines if the entity has been authenticated (diamond 904). If the entity has been authenticated, the system supplies the entity with public information. And the shared portion of the confidential information (block 906). If the body is not yet identifiable, the system supplies the entity with only public information (block 908). Figure 39 shows - involved A flow chart of the operation of a cautious information inquiry. Referring to FIG. 39, when the secure storage application system receives a gossip from an entity (block 9 2 2), the system determines whether the entity has been identified as (Rhombus 924). If the entity has been authenticated, the system supplies confidential information to the entity (block 926). If the entity has not been authenticated, the system denies the entity access to the confidential information (block 928). Feature Set Extension (FSE) In the case of Xu Xi, it is very advantageous to perform the bedding processing activities in the secure storage application on the card (for example, (10) River use rights object confirmation). The resulting system will be more secure, more efficient, and less dependent on the host, as opposed to all data processing systems being implemented on the host. It is assumed that the nature of the data is very formatted and the data processing system is not defined. The secure storage application security system includes a set of authentication algorithms and authorization principles. The system is designed to control access and use stored by the memory card. 'Collection of objects managed and protected. Once the host gains access, the host will then process the data stored in the memory device, wherein accessing the memory device is controlled by the secure storage application. However, the program is specific and, therefore, the data is intended to be in the secure storage application, and the secure storage application does not process the data stored on the device. One embodiment of the present invention is based on the recognition that the secure storage application system can be enhanced to allow the host to execute, typically by the memory card, 122365.doc-87-200821837, the second target. Therefore, some of the software deer programs of these hosts can be split into two parts - _... 八 θ, 目 + + + upper 丨 .. Still implemented by the host one part two = / another part of the application. For many applications = two: strong: material handling safety and efficiency. For this purpose, the ability to add (8) the full storage application. The host application within the feature group extension performed by this handle is also called the internal w application & or the device internal application A. The enhanced secure storage program system provides a mechanism for extending the basic secure storage application command group, which provides authentication and access control of the card through the guide card application. The card application is assumed to be a service other than the service of the secure storage application (for example,

Check the card for available applications, select and communicate with a specific application. The above general and cautious queries can be used for this purpose. DRM mechanism, e-commerce transactions). The Security Application Profile Feature Extension is a mechanism designed to enhance the standard security storage application security system with data processing software/hardware modules, which can be proprietary. In addition to the information that can be obtained using the above query, the service defined by the Secure Storage Application Feature Group Extension System enables the host device to use the two extended cards to securely store the application feature set to extend the feature set: Service - The way to implement this feature is to allow the authorized entity to use a command channel called a pipe directly to communicate with the internal 122365. Doc -88 - 200821837 Program communication, the communication pipeline can be proprietary. • Extension of the standard access control principle for secure storage applications - this feature is achieved by associating internal protected data objects (eg, content encryption keys, security data objects (SD〇) described below) internally Card application. Whenever such an object is accessed, if the secure storage application principle of the defined standard is met, the associated application is invoked 'by taking advantage of at least the standard secure storage application principles' A condition. Preferably, this condition will not conflict with the standards of these standard secure storage application principles. Access is granted only if this additional condition is met. Before further detailing the ability of the feature set to extend, the feature set extension and the architectural aspects of the communication conduit and the full data object will now be described. Security Service Module (SSM) and related modules Figure 40A is a functional block diagram of a system architecture 1 of a memory device 1 (such as a flash memory card) connected to a host device 24 to illustrate this An embodiment of the invention. The main components of the software module in the memory device of the card 20 are as follows: Secure Storage Application Transport Layer 10Q2 The secure storage application transport layer is card-dependent. It handles the host-side secure storage application request (command) on the contract layer of the card 10 and then relays it to the secure service module API. All host-card synchronization and secure storage application command identification is implemented within this module. The transport layer is also responsible for all data transfer between the host 24 and the card. Security Service Module Core 1004 122365. Doc -89- 200821837 This module is one of the most important implementations of the secure storage application implementation of the secure storage application architecture. More specifically, the security service module core implements the secure storage application tree and access control record system and all of the above corresponding rules that make up the system. The security service module core module uses a password compilation library 12 to support the secure storage application security and password compilation features, such as encryption, decryption, and hashing. Security Service Module Core API 1 〇〇6 This host and internal application will be interfaced to the core of the security service module to implement a layer of secure storage application operations. As shown in Figure 4a, the host 24 and the internal application 1〇1〇 will use the same AH. Security Application Administrator Module (samm)1〇〇8 Female Full Application# The Presentation Administrator Module is not part of the Secure Storage Application System, but its control is interfaced to the Secure Storage Application System. An important module within the card of the internal application of the device. The security program management module (4) all devices (4) executing applications, including: 1. Application life cycle monitoring and control. 2. Application initialization. 3. Application/host/security service module interface. The internal application 1010 is set, and the application is approved by the application on the card side. The internal application of the device is protected by the security application administrator, and the system is The secure storage application system is accessible. The security 122365. Doc 200821837 The Service Module Core also provides a communication channel between these host applications and these internal applications. The examples for such internal execution applications are DRM applications and single-password (OTP) applications, as further explained below. Device Management System (DMS) 101 This module contains the procedures and protocols required to update the card's system and application firmware and add/remove services in a post-shipment (commonly referred to as post-release) mode. / Figure 40B is a functional block diagram of the internal software module of the security service module core 1004. As shown in Figure 40B, core 1004 includes a secure storage application command handler 1022. The processing routine 1022 analyzes the secure storage application commands originating from the host or originating from the internal application of the device before the command is transmitted to the secure storage application administrator. All secure storage application security data structures (such as access control record groups and access control records) and all secure storage application rules and principles are stored in the secure storage application database 1026. The secure storage application administrator performs the control exercised by the access control records and access control record groups and other control structures stored in the database. Other items (such as identity items) and security data items are also stored in the secure storage application database 1026. The safe storage in the Putian i丄 Wenwang Storage Application Manager 1024 is implemented by these access control records and access control k city. The recorded groups and other control structures stored in the database 1026 are controlled by 1T. Disposal by the safe storage application non-safe operating module 1〇28 does not involve a secure storage application 122365. Doc -91 - 200821837 Non-safe operation. The secure storage application security operating module 1030 handles security operations under the secure storage application architecture. The module 1032 is a connection module 1〇3〇 to the interface of the password compiling library 1〇12. The module 1034 is a layer connecting the modules 1〇26 and 1〇28 to the flash memory in FIG. i. The communication (or Pass-Through) pipeline is used by the security service module core and security. When the application manager module controls, the pipeline objects enable the entity of the authorized host to communicate with the internal applications. The data transfer between the host and the internal application is via the SEND and RECEIVE commands. The actual command is application-specific. The entity that created the pipe (access control record) will need to provide the pipe name and the ID of the application that will open a channel to it. For other protected objects, the access control record becomes its owner and is allowed to delegate usage rights and ownership rights to other access control records in accordance with standard rules and restrictions. 〇 If in the case of the identified entity Take the control record attribute management in the μ CREATE-PI bay limit, then - the (four) entity will be allowed to build: the pipe object. Only set in the entity's permission control record The communication with the internal application is allowed only when the authority of the official channel is written or read. Only the actual (10) of the tube (4) or the authority control record of the entity: 疋 delegate access rights, Ownership and access rights are allowed to be delegated. As with all other rights, when the delegates have the right to give another access control record, the 'original owner' of the device for the device is stripped 122365. Doc -92- 200821837 has permission. Earthmoving is good for a specific application, establishing a communication-only pipeline. The second pipe and the second pipe connected to the already connected pipe will be rejected by the 5H Safety Service Module System. Therefore, preferably, there is a relationship between one of the internal applications 1010 of the devices and a communication (4). However, multiple access controls (10) can communicate with the internal application (through the delegation mechanism). A single access (4) record can communicate with several device applications (through delegation or ownership of multiple pipes connected to different applications). Preferably, the control is different: the access control records of the pipeline are located on nodes of the completely separate tree such that there is no crosstalk between the communication conduits. Transferring data between the host and the specific application is performed using the following command: RITE PASS THROUGH will transfer an unformatted data buffer from the host to the internal application of the device. READ PASS THR 〇 UGH (Read Transfer) _ will transfer an unformatted data buffer from the host to the internal application of the device, and will output an unformatted data buffer once the internal processing is completed. Return to the host. The write delivery command and the read delivery command provide the user of the P application private 1010 as a parameter to be communicated by the host. The entity authority will be confirmed, and if the request entity (ie, the master) The access control record that the entity is using during the session) has the right to use the pipe connected to the requested application. Then the data buffer will be interrupted and the command will be executed. Doc •93- 200821837 This communication method allows the host application to transmit vendor/specific specific commands to an internal application via the secure storage application private access control session. Safety Data Object (SDO) A useful item that can be used in conjunction with a feature set extension is a safety data item. ' This safety data item serves as a general purpose container for the safe storage of sensitive information. Similar to a content encryption key object, it is owned by an access control record and can delegate access and ownership between access control records. The secure data item contains information that is protected and used in accordance with pre-defined principles and, optionally, has a link to an in-app application 1010. Preferably, the sensitive material is not used or interpreted by the secure storage application private system, but is used or interpreted by the owner and user of the object. In other words, the secure storage application system does not identify the information in the data it disposes. In this way, when the data is transferred between the host and the data objects, the owner and user of the data in the object can be less concerned with the sensitivity caused by the connection to the secure storage application system. Loss of information. Therefore, the secure data object is created by the host system (or internal application) and assigned a string similar to the way the content encryption key is established. At the time of establishment, the host is in addition to the name: it is also long: the application ID of one of the applications linked to the secure data object and will be stored, integrity verified and received by the secure storage application. A poor block. Similar to the content encryption key, the security data object is preferably only one amp. Doc •94· 200821837 The full storage application will establish control during the session. § The owner of the safety data object, and the right to the safety data object, the cold weather, the sensitive information from the β and 26, and the delegation Have the right to access and access the secure data object to another access (4) its children or within the same access control record group (for the writer and the read operation system specifically for the security data object) Owner: Retain. For a write operation; provide a data buffer to overwrite the existing female full data object 杳袓# ^ t 仵贝枓. A read operation will retrieve the integrity of the security data object The data record. Queen Beko allows the appropriate access rights (4) owner access control records for the security data object access operating system. Define the following operations: SDO Set (woman all poor object settings), the application is defined: will be The application has the internal secure storage application processing the data. The application is invoked by the associated (four) security material. As a result, the application will write the user. . Data objects SDO Set (female full data object set), an application to a null value ㈣1): This option is not valid 'and will not prompt a lawful command error. (d) The command requires an internal application to be executed on the card. SDO Get, the application ι〇 is defined: The request will be processed by the device's internal application with the application ID. The application is invoked by being associated with the secure data object. The output (although not defined) will be passed back to the requester. The application will optionally read the security data object. SDO Get (secure and poor object acquisition), application 1 空 null value 122365. Doc -95- 200821837 This option is invalid and will prompt an illegal command error. The Get command requires an internal application to execute on the card. • Security data object related permissions: An access control record can be an owner of an object or just have access (Set, Get, or both). In addition, an access control record can be allowed to pass access to security data objects that it does not have access to another access control record. If an access control record has access control record attribute management rights, the access_record system can be explicitly permitted to create a secure data object and delegate access rights. Internal Access Control Record An internal access control record is similar to any access control record with an access control record, except that an entity outside the open access cannot access the access control record. And, when the object under the control of the secure storage application manager 1024 or the application associated with it is invoked in FIG. 4B, the secure storage application manager ι〇24 of FIG. 40B Automatically log in, internal access control records. Since there is an attempt to gain access to the real system of the card or the entity inside the memory device, no authentication is required. The secure storage application private programmer 1 〇 24 will only transmit a session key to the internal access control record to enable internal communication. Two examples will be used to show the ability of feature group extensions · one-time password generation and digital rights management. Before describing the example of a single password generation, the release of two-factor authentication will be explained first. Single-password embodiment Two-Factor Authentication (DFA) 122365. Doc -96 - 200821837 The two-factor 4 stipulations of the secret "----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- : Λ Λ 増 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人 个人, the: and: provide the proof of possession as part of the login authentication. - Proof that the use of the eight-eight way is a single-password, the system is only suitable for - the military is the second generation is generated by the security token And output. If the ^ η β is supplied with the correct single-password, it is considered to be sufficient to prove that the possession of the ^^ note is 'unable because the code is not compiled under the code. ^The early password is not practicable because The single password is only suitable for early 7 people, so the user should have this token when logging in, because the old password captured by the previous login will no longer be valid. Duan Luo’s products use this safe storage should The program security data structure 'plus a feature set extension design to calculate the next password in the single poor code series to implement a flash memory card having multiple "virtual," security tokens, each A token generates a different series of passwords (which can be used to log in to different _ websites). A block diagram of this system is shown in Figure 4's complete system 1G50 contains - clock acknowledgment device 1 () 52 - Internet Internet feed is 1054 and - User with a password of 1.58. The first step is to agree to a shared secret between the authentication server and the user (also known as seed supply). The user 1056 will request a secret or seed to be posted and will store it in the security token 1. The next step is to tie the system 122365. Doc -97- 200821837 Released the secret or seed with a specific web service server. Once the system is completed, the identification takes place. The user will instruct the token to generate a single password. A one-time password with the username and password is transmitted to the Internet server 1054. The Internet server 1 转 54 forwards the one-time password to the authentication server 1052 and asks it to verify the ID of the user. The authentication servo state will also generate a one-time password, and since the single-password is generated from a common secret along with the token, the system should match the single-password generated from the token. If the &&''''''''''''''''''''''''' The device 1〇54 will complete the user login procedure. The feature set extension implementation for 忒-personal code generation has the following characteristics: • Securely store (encrypt) the single cipher seed within the card. • The password generation algorithm is executed within the card. • 4 devices 1G can simulate multiple virtual tokens, each _virtual token is stored in a different seed, and different passwords can be used to generate the algorithm. 4 The Table 1 G system provides a security protocol to transfer the seed from the authentication server to the device. The secure storage application feature for single password seed provisioning and single password generation is shown in Figure 42, where the solid arrows indicate ownership or access rights and the dashed arrows indicate associations or links. As shown in Fig. 42, in the secure storage program feature group extension system 11G(), the software code feature group extension ιι〇2 can be accessed through - or multiple communication pipes m4, through 122365. Doc -98- 200821837 The pipeline 1104 is controlled by n itch 鋥 ★ left horse with red access control record 1106. In the following embodiments, 'only display - feature group extension software application' and for each feature group extension application, only - communication pipeline. However, it should be understood that it is possible to use a feature set to extend the application. Although Fig. 42 shows only one sentence, it is understood that a plurality of communication pipes can be used. Right μ «牛 g(四)〆 ^ All such changes are feasible. With reference to the code maps 40A, 40B and 42, this feature is drawn! 】 γ Less Bamboo, and Extension 1102 can be an application for a single password supply, and form a subset of the device internal application 10 10 of Figure 4 . The control structure (access control records U 〇 1, 11, 11 11 111G) is stored in the secure storage application database. The data structures such as identity object 112, identity object 1122 and communication pipe view are also stored in the secure storage (4) program database. 0 Referring to Figure 40 and Qing, the security of such access control records and data structures is involved. Sex-related operations (e.g., data transfer during the session, as well as operations such as encryption, decryption, and hashing) are handled by module 1030 with the aid of interface (10) and cryptographic compilation library 1012. The security service module core API 1006 does not distinguish between the operation of the access control record (external access control record) that interacts with the host and the operation of the internal access control record that does not interact with the host, and thus does not materialize The operation involving the host is relative to the operation of the internal application 1010 of the device. In this way, the access control implemented by the host entity and the access system implemented by the internal application ι 〇 使用 use the same control mechanism. This leads to the use of partitioning host applications 122365. Doc -99- 200821837 The flexibility of data processing between private and device internal applications 1 〇 1 。. The internal applications 1010 (e.g., feature set extensions i 1 〇 2 in FIG. 42) are associated with the internal access control records (e.g., access control records 1103 in FIG. 42) and are transmitted through the internal memory. Called to take control of the control record. Furthermore, security data structures such as access control records and access control record groups having associated secure storage application rules and principles preferably control access to important information, such as within security data objects. The content or information that can be derived from the content within the secure data object allows the external or internal application to access the content or information only in accordance with the rules and principles of the secure storage application. For example, if two different users can call an individual device internal application of the device internal application 1010 to process the data, the internal access control record located in the separate tree hierarchy is used to control the The accesses implemented by the two users are such that there is no (4) between them. In this manner, both users are able to access a common set of device internal applications 1010 for processing data without fear that the owner of the content or information within the secure data object loses content or information for the side. control. For example, access to stored secure material object data accessed by the device internal application 10 10 can be controlled by access control records located within a separate tree hierarchy, such that there is no Crosstalk. This type of control is similar to the way the secure storage application controls access to data. This provides the content owner and user with the security of the data stored in those data items. Referring to Figure 42, the softness required for the single-password-related host application is 122365. Doc -100- 200821837 One of the body application code portions is stored (eg, pre-stored before the memory cloth or loaded after the memory card is released) in the memory device 10 as the application system within the feature group extension 1102 possible. In order to execute such a code, the host will first need to authenticate (N is a positive integer) through one of the N authenticated access control registers to obtain access to the pipeline 1104. The host will also need to provide an application m for identifying the application associated with the single password that it wants to invoke. After a successful authentication, such code can be accessed for execution via the pipeline 11〇4 associated with the single password-related application. As noted above, preferably, there is a 丨-between relationship between a pipe 1 i 04 and a particular application, such as a single-password-related internal application. As shown in Fig. 42, a plurality of access control records 11 〇 6 may share the completion of a common pipe 1 1 0 4 . An access control record can also control more than one pipe. Figure 42 shows a security data item 1, a security data item 2, and a security data item 3, collectively referred to as an item 1114, each containing data, such as one for a single-person weight generation, the seed being valuable and It is preferably encrypted. A link or association between the three data objects and the feature group extension 11 〇 2 08 indicates that the attributes of the objects are: when accessing any of the objects, having the security data object The application within the attribute ID group extension ι 102 within the attribute will be invoked and the application will be executed by the central processing unit 12 of the memory device without receiving any further host commands (Fig. 。). Referring to Figure 42, the security data structures (access control records 11〇1, 11〇3, 丨丨(10), and 122365) before a user can start the single cryptographic procedure. Doc 200821837 1110) has been established to have the authority to control the single (four) program H 彔 4 users will need to have access rights to access the control record 1106 through the clock authentication server - single call The cryptographic device internal application 022 4 user will also need to have access to a single password generated by the N user access & system, recorded 111G. The data item 1114 can be installed in the single password seed supply program. Preferably, the internal access control record 1103 has established and controlled the identity object 1116. The internal access control record 1103 also controls the secure data items 1114 after it has been created. When the secure data item 1114 is accessed, the secure storage application manager 1024 in Figure 4B automatically logs into the internal access control record 丨丨〇3. The internal access control record 11〇3 is associated with the feature set extension 11〇2. During the single cryptographic seeding procedure, the security data objects 1114 may become associated with the escrow group extension as indicated by the dashed line 1108. After the association is ready, when the host accesses the secure data objects, the association 1108 will cause the special U group extension 11 〇 2 to be invoked without requiring a further request from the host. When the communication channel U〇4 is accessed through one of the N access control records 6, the secure storage application manager 1〇24 in Fig. 40B also automatically logs in the access control record 1丨03. In both cases (access to secure bedding object 1114 and pipe 11〇4), the secure storage application administrator will transmit a session number to the feature set extension 1102, which will be identified to the internal Access control records the channel of 丨丨〇3. The single cryptographic operation involves two phases: one is shown in the seed supply phase of Figure 43; and the single cryptographic generation phase is shown in Figure 44. See figure 122365. Doc 200821837 40-42 will also help explain. The diagram shows the agreement diagram for the seed supply program. As shown in Figure 43, various actions are taken by the host (such as host 24) and by the card. Take the action of the card on the card of various actions: 40B of the security service module system' which contains the security service module core 1〇〇4. Another real system on the card that takes various actions is shown in the figure "This feature group extends 1 1 02. In the two-factor authentication, the user requests a child to be released, and once the seed is released, the The seed system is stored in a security token. In this example, the security token is the memory device or card. The user performs the recording to one of the authentication access control records (10) in FIG. The authentication is obtained to obtain access to the security service module system (arrow 1122). Assuming the authentication is successful (arrow 1124), the user requests a child (arrow 丨 126). The host transmits the request to select by The seed application is signed to the card by a special application 11〇2 for signing the seed request. If the user does not know the ID of the particular application that needs to be called, the device 10 can obtain the Information, for example, through a cautious inquiry about the device. The user then enters the application ID of the application to be invoked, thereby selecting a communication channel corresponding to the application. Corresponding communication pipeline, in a delivery command, forwards the user's life to the application specified by the application ID from the user (arrow 1128). The called application uses the specified identity object. A signature is requested by a public key (such as the identity object 11 12 in Figure 42.) The security service module system signs the seed request using the public key of the identity object and notifies the application that the signature is complete (arrow 122365. Doc -103- 200821837 1132). The invoked application then requests the ♦ chain of the identity object (arrow 1134). In response, the security service module system provides a chain of credentials for the identity object controlled by the access control record (arrow 1136). Then, the called application provides the signed seed request and the credential chain of the identity object to the security service module system through the communication pipeline, and the security service module system forwards the signed seed request And the credential chain of the identity object is linked to the host (arrow 1138). Transmitting the signed seed request and the credential chain of the identity object through the communication pipeline through the security application administrator module 1008 and the security service module core i004 built in FIG. 40A The caiiback function 'where the callback function will be explained below. Next, the signed seed request received by the host and the credential chain of the identity object are transmitted to the authentication server 1052 as shown in FIG. The credential chain provided by the card verifies that the signed seed request originates from a trusted token such that the authentication server 1052 wants to provide the secret seed to the card. Accordingly, the authentication server 1 〇 52 transmits the seed encrypted with the public key of the identity object along with the user access control record information to the host. The user f indicates an access (four) record in the n user access control records that gives the user access to the one-time password to be generated. The host invokes the feature group extension 11 () 2 _ single cipher application by providing the application m, thereby selecting the communication pipe corresponding to the affiliation, and forwarding the user access control record Information to the security service module system (arrow U4g). Then, the encrypted seed and the user access control record information are transmitted through the pass 122365. Doc -104- 200821837 The eunuch is transferred to the selected m m 4- ^ ^ ^ ^轾 (former 1) 42). The called application privately transmits a request to the private poor service service group using the identity object for decrypting the seed (arrow H44). The Queen Service Module system decrypts the s 4A and passes the decryption completed application (arrow 1146). Next, the called application is two! The full data item is stored in the safety data item. The security information object is associated with the ID (arrow (10)) of the one-time password application (which may be the same as the program being requested) for generating the two-person code. The security service module system establishes and stores the seed in the secure asset security data object associated with the single password application 2 = and when notified completes the notification to the application (arrow). The application 'the application requests the security service module system to access the access control record access' to the appropriate access control record (arrow 1152) based on the provision provided by the host. After the delegation has been completed, the An Wang service module system notifies the shore to use the money 19 1 1154). Then, the (4) Γ callback function 'transmits the security link' through the communication pipe, and the 2 name (slot 1D) is sent to the security service module system (arrow H56). The female full service module system forwards the security data item to the host (arrow 1158). Then, the host name dial #W 胄 ... 亥 亥 全 全 全 全 全 全 ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ ’ The process of generating a single password will be described with reference to the agreement diagram in Fig. 44. Doc 200821837 Preface. In order to obtain the single password, the ^ ^ m user will be logged into the user access control record with access (arrow 1172). Assuming that the clock is successful, the security service module (4) informs the host, and the host transmits a "(4) SDO" (acquisition of security data objects) a-recognition - JP 7, O, Hai female full service module ( Arrow k.  1174 ’ 1176). As described above, the security data item storing the seed has been generated by the (4) program of the single-cut code. Since the application is not selected through the communication channel as before, the single password generation application Called by the association between the security profile object (arrow 1176) accessed by the command and the single password generation application (arrow 1178). The single password generation application then requests the security service. The module system reads the content (ie, the seed) from the security data object (arrow 1180). Preferably, the security service module does not know the information contained in the content of the security data object, and will only press The feature set extension indication processes the data in the secure data object. If the seed is tagged, the system may involve decrypting the seed prior to reading according to the feature set extension command. The security data object is read and the seed is provided to the single password generation application (arrow 1182). Then, the single password generation application The single password is generated and the single password is provided to the security service module system (arrow U84). The single password is then forwarded by the security service module to the host (arrow 11 86) 'Next' the host The single password is forwarded to the authentication server 1052' to complete the two-factor authentication and authentication process. The callback function is shown in Figure 40. The security service module core 1 〇〇 4 and the security application 122365. Doc -106- 200821837 The establishment of a universal callback function between the Lv staff and the group 1008. Different device internal applications and communication pipes can be logged in to have such functionality. Therefore, the internal application of the Taguchi weekly device is used to transmit the processed data to the same communication channel used to transmit a host command to the application. The security service module system. DRM System Embodiment FIG. 45 depicts a functional block diagram of a non-DRM system. The DRM system uses a pass-through, a pipe 1104', and a feature set extension application n〇2, which connects the U08 inner valley encryption key 1114' and Control structures 控制1〇1, 11〇3, and 11〇6 for controlling these functions to implement DRM functions. As will be noted, the architecture in Figure 45 is quite similar to the architecture of Figure 42, except that the security data structure now includes the usage rights server access control record 1, 6 and the playback access control record 1 1 1 〇, (instead of the authentication server access control record and the user access control record) and the content encryption key 1 1 14' (instead of the security data object). Moreover, the identity object is not involved, and thus the identity object is omitted in Figure 45. The content encryption keys 11 14' can be established in the usage rights provider. The protocol diagram of Figure 46 shows a procedure for usage rights provisioning and content downloading in which a key is provided in a usage rights object. As in the single-password embodiment, a user wishing to obtain an authorization will first need to obtain one of the N access control records 1106' and one of the N access control records 1110. Access rights enable presentation of content by a media player, such as a media player software application. As shown in Figure 46, the host authenticates to a usage rights server access control record 1106' (arrow 1202). Assuming the recognition is successful (arrow 1204), then 122365. Doc -107- 200821837 The usage right server provides a license fiie with the same content encryption key (key mountain and key value) to the host. The host also selects the called application by providing the application id to the security service on the card. The host also transmits player information (e.g., information on a media player software application) (arrow 12〇6). The player information will indicate under which of the player access control records 111, which player has access. The security service module system forwards the usage rights file and the content encryption key to the DRM application via a communication pipe corresponding to the selected application (arrow 12〇8). The called application then requests the security service module system to write the usage rights file into the hidden partition (arrow 1210). When the user violates the right to use (4), the security service module system notifies the application (front 1212). Next, the DRM application requests an established content encryption key object 1114|' and stores the secret value from the usage rights file in the created content encryption key object 1114. The ❹rm application also requests that the content encryption key object be associated with the ID of a drm application (the DRM application checks the authorization associated with the provided secret) (arrow 1214). The security service module system performs these tasks and thus notifies the application (arrow 1216). Next, the application requests to delegate read access to the content encryption key 1114' to a player access control record based on the player information transmitted by the host (the player has the player's access control record) Take the permission to control the access of the recorded content arrow 1118). The security service module system enforces the delegation and thus notifies the application (arrow U20). The application transmits 2 122365 through the communication channel. Doc 200821837

2 After completing the storage of the authorization message to the security service module system, and the heart model A (4) relays the message to the usage server (arrows 1222 and 1224) n callback function through the communication pipeline This action. Once the notification is received, the usage right server then provides a content copy encrypted with the key value provided to the (4) password of the card. The encrypted content is stored in the public card area by the host: storing the encrypted content (4) does not "go to the security function, so that the security service module system does not involve the storage. The playback operation system displays In Figure 47, the user accesses the access control record through the host (i.e., the playback access control record has been delegated to the arrow 丨 1 U and 11 上文 above). An authentication is made (arrow 1242). Assuming the authentication is successful (arrow 1244), the user then transmits a request to read the content associated with the key ID (arrow 1246). Upon receiving the request, the The security service module system will discover that the ID of a DRM application is associated with the content encryption key object being accessed, and thus will result in the call to the identified DRM application (arrow 1248). The drm application requests The security service module system reads the data (ie, usage rights) associated with the key ι〇 (arrow 125〇). The security service module does not know the information in the data that it is intended to read. And only processed from The feature group extends the request to execute the data reading program. The security service module system reads the data (ie, usage rights) from the hidden partition and provides the data to the DRM application (arrow 1252). Then, the DRM application interprets the data 'and checks the usage rights information in the data to see if the usage right is valid. If the usage right is still valid, the drm application 122365.doc -109- 200821837 The security service module system will be notified to permit content decryption (arrow 1254). The security service module system then decrypts the inner $ of the request using the key value in the content encryption key object and provides the The decrypted content is sent to the host for playback (arrow 1256). If the usage right is no longer valid' then the request for content access is rejected. If the usage right from the usage server is not provided For any key, the usage rights supply and content download system will be slightly different from the one shown in Fig. 48. Such different schemes are shown in the agreement diagram of Figure 48. Between the figure and Figure 48 The same steps are identified by the same component symbols. Therefore, the host and the security service module system are first authenticated (arrows 1202, U04). The usage right server provides the usage rights file and the key ID (but no such key value) to the host, and the host will forward the provided usage rights file and the key ID together with the host The ID of the drm application is called to the security service module system. The host also transmits player information (arrow 1206'). Then, the security service module system transmits the usage right slot and the key ID to the selected 〇11^1 application through the communication tube corresponding to the selected application. Arrow 12〇8). Next, the DRM application requests that the usage rights file be written to the hidden partition (front 1210). When the usage rights file has been written as such, the security service module system notifies the DRM application (arrow 丨2丨2). Then, the DRM application requests the security service module system to generate a key value, establish a content encryption key object, store the key value therein, and associate the inner valley encryption key object with a DRM application. lD (arrow 1214'). After the request has been met, the security service module system sends a notification to the DRM application (arrow 1216) 122652.doc -110-200821837. Then, the drm application will request the security service module system to transmit the player information transmitted by the host, and delegate read access to the content encryption key object to the player access control record (arrow 1218). Upon completion of the system, the security service module system thus notifies the DRM application (arrow 122). The DRM application notifies the security service module system that the money has been stored, wherein the notification is communicated through the communication pipe by a callback function (front 1222). This notification is forwarded to the usage server (arrow 1224). The usage rights server then transmits the content file associated with the __ID to the security service module system (arrow η%). The security service module system encrypts the content with the key value identified by the key 1〇 without involving any application. The content so encrypted and stored on the card can be played using the protocol of Figure 47. In the single-password and DRM embodiments described above, the feature set extensions (4) and 1102 can contain a number of different single-password and drm applications for host device selection. The user has the opportunity to select and invoke the internal application of the desired device. Nonetheless, the overall relationship between the security service modules and the feature group extensions remains the same, allowing users and data providers to use standard protocol groups for interaction with the security service model 2 This feature group extension is called. Users and providers do not become special to many different device internal applications, and some of these internal applications can be proprietary. Furthermore, these supply agreements may be slightly different, as in the case of Figures 46 and 48. In the case of Fig. 46, the usage right object contains a key value, but = 122365.doc -111 - 200821837 In the case of Fig. 48, the usage right object has no key value. This difference requires slightly different defects, as described above. However, the playback in Fig. 47 is the same regardless of how the usage right is supplied. Thus, this difference will only be with respect to content providers and distributors, but typically is independent of the consumer, who typically only involves the playback phase. Because of &, this architecture provides great flexibility to content providers and distributors' customization agreements while maintaining customer ease of use. Obviously, information derived from data supplied by more than two supply agreements can still be accessed using the second agreement. Another advantage provided by the above embodiments is that although external entities (such as users) and internal applications of the devices can share the use of the material controlled by the security data structure, the user can only save Take the results derived from the stored data by the attacked internal application. Therefore, in the embodiment of the single-password, the user passing through the host devices can only obtain the single-password and cannot obtain the seed value. In the example of the Buddhism, the user of the host device is only able to obtain the presented content 'but does not access the usage rights file or the password compilation key. This feature allows the consumer to be convenient without compromising security. & In the -DRM embodiment, the internal and external hosts of the devices should not use the cryptographic key; only the security data structure can access the cryptographic keys. In other embodiments, the security profile is & the cryptographic key is also accessible to the real system. These margins are also generated by the application of the device in the device, and then controlled by the safety material structure. Accessing these devices' internal applications and accessing information (for example, the single-pass code and the content presented) is controlled by the same security data structure, the parental control system and the cost complexity. degree. Delegate access to an access control record by providing access to the internal access control record (which controls access to the device: = 2) (which controls 4 host access by calling the internal application of the device) The ability to obtain the information, this feature makes it possible to achieve the above features and functions. Application-specific abolition scheme When invoked—the internal application system of the device, the access control protocol for the security lean structure can also be modified. For example, the voucher revocation agreement may: - use a standard agreement or a proprietary agreement to revoke the list. Therefore, by revoking a feature set extension, the standard abolition list abolition agreement can be replaced by a feature group extension exclusive agreement. i In addition to supporting the voucher revocation list abolition scheme, the secure health application enables a particular internal application residing within the device to pass between the internal application of the device and the voucher authority or any other abolition authority One of the private communication channels and the host is abolished. This internal application exclusive abolition scheme is limited by the host-application relationship. When the application-specific abolition party (4) is configured, the secure storage application system will reject the voucher revocation list (if provided), otherwise the device will be used and the proprietary application data (previously passed through - application specific The flg channel is provided to determine whether the given certificate is revoked. As described above, the '-access control record is adopted by specifying - the abolition value, and the non-abolition scheme, the standard certificate revocation list scheme, and the application-specific abolition scheme). When selecting the response, the access control record will also specify one of the internal application IDs of the 1/Hai abolition scheme, and the certificate is invalid: The value in the early expiration/APP-ID field will correspond to the management of the abolished p = #鉴(4) device, and the secure storage application "" will then support the proprietary solution of the internal application. Group Agreement Replacement - Group I - Device Internal Application: Week = Additional access conditions have been granted by the access control exercised by the secure storage application. For example, the content encryption can be further accessed by a feature set extension. The security system determines that an access control record has a pair of key values: < Inquiring about the feature set extension before accessing. To allow the content owner to control the large elasticity of access to the content. \ Having described the invention with reference to various embodiments, variations and modifications can be implemented without departing from the invention. Fan Ming, (4) of the present invention only by the latter (four), please, and the equivalents [simplified description of the drawings] # Figure 1 is a block diagram of the system and the system for facilitating the explanation of the present invention. 2 Illustrated to help (4) to explain the different partitions of the memory of different embodiments of the present invention and the unencrypted and schematic diagrams of the gambling stored in different partitions, wherein 'the principle of taking some partitions and encrypting the files And the identification process is controlled. The Kurdish 4 Figure 3 shows a schematic diagram of the memory of different partitions in the memory. 122365.doc -114- 200821837 Figure 4 is a diagram illustrating the different embodiments of the present invention. The memory shown in Figure 3 Schematic diagram of a file location table for different partitions, wherein certain files within the partitions are encrypted. Figure 5 illustrates access facilitating interpretation of access control record groups in one of the different embodiments of the present invention. A schematic diagram of a control record and associated key reference.Figure 6 is a schematic diagram of a tree structure formed by an access control record group and an access control record to facilitate the interpretation of various embodiments of the present invention.

Figure 7 depicts a schematic diagram of a tree of three tree hierarchy architectures that do not access control record groups to illustrate the formal procedures of the tree. 8A and 8B are flow diagrams showing the execution of a program for establishing and using a system access control record by a host device and a memory device such as a memory card. Figure 9 depicts a flow diagram of a procedure that does not help to illustrate one of the different embodiments of the present invention using a system access control record to establish an access control record group. Figure 10 depicts no - for establishing an access control A flow chart of the recorded program. Figure 11 is a specific application of the tree-like hierarchy. _ Two access control of the presentation. Figure 12 depicts a flow chart of a procedure for delegating a particular right. ®, a shows the control record group and the access control record's voice diagram is used to close the program of Figure 12. Figure 14 depicts a flow diagram of a procedure for establishing a key for twirling and/or decryption purposes. Figure 15 illustrates a flow diagram of a procedure for removing access rights and/or 122365.doc -115-200821837 data access rights from an access control record. Figure 16 is a flow chart showing a procedure for requesting access when the access rights and the buffering limit have been deleted or have expired. 17A and 17B are diagrams showing an organization that facilitates the explanation of the different embodiments of the present invention for authentication and (iv) access to the cryptographic material key. f ί Figure 18 illustrates a block diagram of the data structure of an alternative method of controlling access to protected information according to principles. Figure 19 is a flow chart showing the authentication procedure using a password. Figure 20 illustrates a diagram of a number of host credential chains. Figure 2 illustrates the schema of several device credential chains. Figures 22 and 23 (including Figures 23A and 23B) are green diagrams showing the protocol for the one-way and mutual authentication schemes. Figure 24 is a diagram of a voucher chain that facilitates the interpretation of one embodiment of the present invention. Figure 25 is a table showing information in a control section before the credential buffer. The information is transmitted by the host for transmitting the last credential to a 1* body device, which displays the voucher. An indication of the last voucher in the voucher chain to illustrate another embodiment of the present invention. Figures 26 and 27 are flow diagrams showing the card and host program for the authentication scheme, respectively, where a memory card is authenticating a host device. Figures 28 and 29 show flow diagrams of the card and host program for the authentication scheme, respectively, where the host device is authenticating a memory card. 3 and 31 are respectively implemented by a host device and a memory device, and the host device is stored in the memory list to explain the present invention. Another embodiment. Figure = vouchers of the vacant list in the vouchers list. A further embodiment of the invention is disclosed. Figures 33 and 34 respectively (4) Heart (4) Voucher revocation list to verify the certificate card and the host program flow chart. Figure 35 is a flow diagram of a card program for a card to sign a message transmitted to the host and to decrypt the material from the host. Figure 36 is a flow chart of the host program in which the card signs the data transmitted to the host. Figure 37 illustrates a flow diagram of a host program in which the host transmits encrypted data to the memory card. 38 and 39 are flowcharts showing procedures for general information inquiry and cautious information inquiry, respectively. Figure 40A is a functional block diagram of a system architecture of a memory device (such as a flash memory card) coupled to a host device to illustrate an embodiment of the present invention. Figure 40B is a functional block diagram of the internal software module of the core of the security service module of Figure 40. Figure 41 is a block diagram of a system for establishing a one-time password. Figure 42 is a block diagram showing the function of a single password seed supply and a single password generation. Figure 43 is a diagram showing the agreement of the seed supply phase. Figure 44 illustrates a protocol diagram for a single password generation phase. 122365.doc -117- 200821837 Figure 45 shows a functional block diagram of the DRM system. Figure 46 is a diagram showing the protocol for the usage rights supply and the content ± download procedure, in which the key is provided in the usage rights object. Figure 47 is a diagram showing the protocol for a program for a playback operation. Fig. 48 is a diagram showing a procedure for using a program for downloading and downloading. In the 'use right object, no key is provided. [Main component symbol description] 10 Memory system 10? A memory card or memory bank 12 Central processing unit 12a Central processing unit Random access memory 14 Buffer management unit (BMU) 16 Host interface module (HIM) 18 Flash Memory Interface Module (FIM) 20 Flash Memory 22 Peripheral Device Access Module (p AM) 24 Host Device 26 Host Interface Bus 26a 埠28 Flash Memory Interface Bus 28a 埠32 Host Direct Memory Volume Access (HDMA) 34 Flash Direct Memory Access (FDMA) 36 Arbiter 122365.doc 200821837 38 Buffered Random Access Memory (BRAM) 40 Password Compilation Engine 101 File 102, 104 File 106 Unencrypted File 130 Root access control record group 132 root access control record group 502 host root certificate authority unit voucher 504 host 1 voucher authorization unit (second level) voucher 506 host voucher 508 host n voucher authorization unit (second level) voucher 510 Host 1 Credential Authorization Unit (Tier 3) Credential 512 Host Credential 514 Host Credential 520 Device Root Credential Authorization Unit Credential 522 Device 1 Document Authorization Unit (Manufacturer) Document 524 Device Document 526 Device n Document Authorization Unit (Manufacturer) Document 528 Device Document 542 Security Service Module System 540 Host System 550 Access Control Record 548 Host Root Document 544 Host Document 122365.doc -119- 200821837 546 Host Public Key 549 Intermediate Document Authorization Unit 554 Random Number 547 Private Key 562 Random Number 590 Document Key 590(1) Document Chain 590(2) Document 590(9) Document 591, 593, 595, Credential String 597 > 599 1000 System Architecture 1002 Secure Storage Application Transport Layer 1004 Security Service Module Core 1012 Password Compilation Library 1006 Security Service Module Core API 1010 Device Internal Application 1008 Security Application Manager Module 1011 Device Management System 1022 Secure Storage Application Command Processing 1024 Secure Storage Application Administrator 1026 Secure Storage Application Database 1028 Secure Storage Application Non-Security Operation Module 1030 Secure Storage Application Security Operation Module 122365.doc - 120- 200821 837 1032 Module 1034 Module 1050 System 1052 Authentication Server 1054 Internet Server 1058 Symbol 1056 User 1100 Secure Storage Application Feature Group Extension System 1102 Software Code Feature Group Extension 1104 Communication Pipeline 1106 Application Access Control record 1101 Access control record 1103 Access control record 1106 Access control record 1110 Access control record 1120 Identity object 1122 Identity object 1114 Security data object 1116 Identity object 1104' Communication pipe 1102f Feature group extension application 1108f Link (association 11141 Content Encryption Key 1101, 1103', 1106' Control Structure 1110! Access Control Record 122365.doc -121 -

Claims (1)

200821837 X. Patent application scope: 1. A method for supplying information from a memory device, the memory device storing public and confidential information and comprising a control structure controlled by different authenticated entities Access to confidential information such that access to the authenticated entity is restricted to only a portion of the confidential information, the method includes: (a) removably connecting the memory device to a host device; (b) responding An item-specific information query sent by an individual entity of the host device from the host device, the memory farm providing the public information; and (c) responding to the entity from the host device A cautionary information inquiry sent by the authentication entity, the memory device only supplies the portion of the confidential information that is permitted by the authentication entity to be accessed by the control structure. The method of claim 1, wherein the public information is supplied in the step (4), and the entity that sent the general information query has been authenticated. The method of claim 1, wherein the confidential information comprises a shared portion and a non-shared portion 'in step (4) the shared portion is only supplied to the individual recognized entities in the -, and is not supplied to the An unidentified entity in an entity. 4) The method of requesting jg 1 Xi Shi, Bay J, wherein the memory device stores a human body application with a life, and the shared part of the confidential information includes a software application name and a life cycle state thereof. . 5. If the request item 3 $ t, , ^ ^ , / ' wherein the control structure includes at least one sub-control 122365.doc 200821837 structure, the at least one sub-control structure each controlling the confidential information by the at least one authenticated entity The shared portion is accessed, and the shared portion that is supplied in response to the general information query includes a list of the at least one sub-control structure. 6. The method of claim 5, wherein the at least one sub-control structure comprises at least one access control record ' the unshared portion that is supplied in response to the general information query includes a list of the at least one access control record. 7. The method of claim 5, wherein the at least one sub-control structure comprises at least one sub-sub-control structure, wherein the confidential information that is supplied in response to a cautious information query from an authenticated entity comprises the following At least one of: the name of the partition and the access rights to the partition, the name of the key and the application, and the access rights to the password and software application, at least one child control structure, security information Objects and identity objects. 8. The method of claim 7, wherein the at least one sub-control structure comprises at least one access control record, the at least one child sub-control structure comprising at least a child access control record and including the at least one child Take the access control record group that controls the record. The method of claim 1, wherein the public information that is provided in response to the general information query includes a list of software applications on the device and their execution status. The method of claim 1, wherein the public information and the confidential information are provided in at least one information object group, and one of the groups is sent in response to each query in a sequence of queries. 122365.doc 200821837 11. The method of claim 10, wherein each of the information object groups comprises no more than 5 12 bytes. 12. A memory device comprising: a controller that controls operation of the memory device; a non-volatile storage medium that stores confidential and public information and a control structure 'the control structure is controlled by a different The access of the entity to the confidential information is such that access to the authenticated entity is restricted to only a portion of the confidential information; in response to a general information inquiry by an entity, the controller supplies the public information; One of the forensic entities is cautiously inquiring that the controller only supplies a portion of the confidential information that is permitted to be accessed by the authenticated entity by the control structure; and a housing that encloses the non-volatile storage medium and the controller. 13. The device of claim 12, wherein the controller supplies the public information regardless of whether the entity that sent the general information query has been authenticated. 14. The device of claim 12, wherein the confidential information comprises a shared portion and a non-shared portion, and wherein the controller supplies the shared portion only to one of the other entities that are not authenticated, and does not supply To unidentified entities in such entities. 15. The device of claim 14, wherein the shared portion of the confidential information includes a name of the software application and a lifecycle state thereof. The device of claim 14, wherein the control structure comprises at least one sub-control structure, each of the at least one sub-control structure controlling access to the at least one portion of the confidential information by the at least one authenticated entity, The shared portion of the confidential information provided by the controller in response to a general information query includes a list of the at least one sub-control structure. 17. The device of claim 16, wherein the at least one sub-control structure comprises at least one access control record, wherein the shared portion that is supplied in response to a general information query, the shared portion of the beta includes the at least one A list of root access control records. 18. The device of claim 16, wherein the at least one sub-control structure comprises at least one child sub-control structure, wherein the confidential information provided by the controller in response to a cautious information query from an authenticated entity comprises the following At least one of the following: the name of the partition and the access rights to the partition, the name of the key and software application, and the access rights to the key and software application, the child control structure, and the security data. Objects and identity objects. 19. The apparatus of claim 18, wherein the at least one sub-control structure comprises at least one access control record, the at least one child sub-control structure comprising at least a child access control record and including the at least one child access Controls the record access control record group. 2〇·: The device of claim 12, wherein the public information is responded to by the item-specific information query, and the public information includes a list of <software application spear expression and basin execution status on the device. / Such as. The device of claim 12, wherein the controller is at least _ information object group /fj£# _ /, Μ the A open poor news and the confidential information, and responds to a sequence of queries less ~, heart The parent sends one of the groups as a query. 122365.doc 200821837 Each of the information object groups contains no more than 22. The request item 21 is set to 5 12 bytes. 23. The device of claim 12, wherein the device comprises a non-volatile memory. The device is adapted to be removably coupled to the host device. 24. The device of claim 12, wherein the housing has a card shape. 122365.doc