WO2008013655A3 - Système et procédé de contrôle de contenu au moyen de listes de révocation de certificats - Google Patents

Système et procédé de contrôle de contenu au moyen de listes de révocation de certificats Download PDF

Info

Publication number
WO2008013655A3
WO2008013655A3 PCT/US2007/015301 US2007015301W WO2008013655A3 WO 2008013655 A3 WO2008013655 A3 WO 2008013655A3 US 2007015301 W US2007015301 W US 2007015301W WO 2008013655 A3 WO2008013655 A3 WO 2008013655A3
Authority
WO
WIPO (PCT)
Prior art keywords
certificate revocation
revocation lists
memory device
certificate
control system
Prior art date
Application number
PCT/US2007/015301
Other languages
English (en)
Other versions
WO2008013655A2 (fr
Inventor
Michael Holtzman
Ron Barzilai
Rotem Sela
Fabrice Jogand-Coulomb
Original Assignee
Sandisk Corp
Michael Holtzman
Ron Barzilai
Rotem Sela
Fabrice Jogand-Coulomb
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US11/557,006 external-priority patent/US8245031B2/en
Priority claimed from US11/557,026 external-priority patent/US20080010452A1/en
Application filed by Sandisk Corp, Michael Holtzman, Ron Barzilai, Rotem Sela, Fabrice Jogand-Coulomb filed Critical Sandisk Corp
Priority to JP2009518323A priority Critical patent/JP5178716B2/ja
Priority to EP07835952A priority patent/EP2038802A2/fr
Publication of WO2008013655A2 publication Critical patent/WO2008013655A2/fr
Publication of WO2008013655A3 publication Critical patent/WO2008013655A3/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/603Digital right managament [DRM]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Databases & Information Systems (AREA)
  • Mathematical Physics (AREA)
  • Data Mining & Analysis (AREA)
  • Storage Device Security (AREA)

Abstract

Des dispositifs hôtes présentent les certificats hôtes et les listes de révocation de certificats pertinents au dispositif à mémoire, en vue d'une authentification, de sorte que le dispositif à mémoire n'a pas besoin d'obtenir la liste de lui-même. Le traitement de la liste de révocation de certificats et la recherche de l'identification de certificat peuvent être effectués concurremment par le dispositif à mémoire. Les listes de révocation de certificats pour les dispositifs hôtes d'authentification aux dispositifs à mémoire peuvent être stockées dans une aire non sécurisée du dispositif à mémoire pour la commodité des utilisateurs.
PCT/US2007/015301 2006-07-07 2007-06-28 Système et procédé de contrôle de contenu au moyen de listes de révocation de certificats WO2008013655A2 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2009518323A JP5178716B2 (ja) 2006-07-07 2007-06-28 証明書取消リストを使用するコンテンツ管理システムおよび方法
EP07835952A EP2038802A2 (fr) 2006-07-07 2007-06-28 Système et procédé de contrôle de contenu au moyen de listes de révocation de certificats

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US81950706P 2006-07-07 2006-07-07
US60/819,507 2006-07-07
US11/557,006 US8245031B2 (en) 2006-07-07 2006-11-06 Content control method using certificate revocation lists
US11/557,026 US20080010452A1 (en) 2006-07-07 2006-11-06 Content Control System Using Certificate Revocation Lists
US11/557,006 2006-11-06
US11/557,026 2006-11-06

Publications (2)

Publication Number Publication Date
WO2008013655A2 WO2008013655A2 (fr) 2008-01-31
WO2008013655A3 true WO2008013655A3 (fr) 2008-03-20

Family

ID=38819675

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/015301 WO2008013655A2 (fr) 2006-07-07 2007-06-28 Système et procédé de contrôle de contenu au moyen de listes de révocation de certificats

Country Status (5)

Country Link
EP (1) EP2038802A2 (fr)
JP (1) JP5178716B2 (fr)
KR (1) KR20090028806A (fr)
TW (1) TW200823715A (fr)
WO (1) WO2008013655A2 (fr)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7748031B2 (en) 2005-07-08 2010-06-29 Sandisk Corporation Mass storage device with automated credentials loading
JP5604929B2 (ja) * 2010-03-29 2014-10-15 ソニー株式会社 メモリ装置およびメモリシステム
WO2015087465A1 (fr) * 2013-12-09 2015-06-18 パナソニックIpマネジメント株式会社 Procédé d'authentification et système d'authentification
KR102485830B1 (ko) 2015-02-13 2023-01-09 삼성전자주식회사 보안 정보의 처리
KR102639075B1 (ko) 2016-11-30 2024-02-22 현대자동차주식회사 차량용 진단기 및 그 인증서 관리 방법
JP6480528B2 (ja) * 2017-08-10 2019-03-13 アイビーシー株式会社 電子証明システム
TWI668633B (zh) * 2018-07-06 2019-08-11 英研智能移動股份有限公司 電腦任務判行方法及具有電腦任務判行功能的伺服器系統
US12086898B2 (en) * 2019-07-12 2024-09-10 Microsoft Technology Licensing, Llc Media provenance certification via fragile watermarking

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5949877A (en) * 1997-01-30 1999-09-07 Intel Corporation Content protection for transmission systems
EP1117206A2 (fr) * 2000-01-14 2001-07-18 Hewlett-Packard Company Infrastructure pour clés publiques
WO2002063847A2 (fr) * 2001-02-06 2002-08-15 Certicom Corp. Distribution de certificats a des mobiles au sein d'une infrastructure a cles publiques
EP1594250A1 (fr) * 2004-05-03 2005-11-09 Thomson Licensing Administration distribuée d'une liste de révocation de certificats
WO2006069194A2 (fr) * 2004-12-21 2006-06-29 Sandisk Corporation Systeme de memoire a controle d'acces polyvalent

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004266652A (ja) * 2003-03-03 2004-09-24 Nippon Telegr & Teleph Corp <Ntt> 電子証明書の失効情報作成装置、方法、プログラム及び記録媒体、電子証明書の失効情報作成システム、並びに電子証明書の失効検証装置、方法、プログラム及び記録媒体

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5949877A (en) * 1997-01-30 1999-09-07 Intel Corporation Content protection for transmission systems
EP1117206A2 (fr) * 2000-01-14 2001-07-18 Hewlett-Packard Company Infrastructure pour clés publiques
WO2002063847A2 (fr) * 2001-02-06 2002-08-15 Certicom Corp. Distribution de certificats a des mobiles au sein d'une infrastructure a cles publiques
EP1594250A1 (fr) * 2004-05-03 2005-11-09 Thomson Licensing Administration distribuée d'une liste de révocation de certificats
WO2006069194A2 (fr) * 2004-12-21 2006-06-29 Sandisk Corporation Systeme de memoire a controle d'acces polyvalent

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
KIKUCHI H ET AL: "Performance evaluation of public-key certificate revocation system with balanced hash tree", PARALLEL PROCESSING, 1999. PROCEEDINGS. 1999 INTERNATIONAL WORKSHOPS ON AIZU-WAKAMATSU, JAPAN 21-24 SEPT. 1999, LOS ALAMITOS, CA, USA,IEEE, US, 21 September 1999 (1999-09-21), pages 204 - 209, XP010356033, ISBN: 0-7695-0353-5 *

Also Published As

Publication number Publication date
TW200823715A (en) 2008-06-01
JP5178716B2 (ja) 2013-04-10
WO2008013655A2 (fr) 2008-01-31
EP2038802A2 (fr) 2009-03-25
JP2009543207A (ja) 2009-12-03
KR20090028806A (ko) 2009-03-19

Similar Documents

Publication Publication Date Title
WO2008013655A3 (fr) Système et procédé de contrôle de contenu au moyen de listes de révocation de certificats
WO2010093636A3 (fr) Dispositifs, systèmes et procédés de vérification sécurisée d&#39;identité d&#39;utilisateur
WO2007149775A3 (fr) Système et procédé d&#39;authentification de consommateur
MX2013001603A (es) Interpretacion de contenido con base en la funcion.
WO2009031056A3 (fr) Fourniture de services à un dispositif invité dans un réseau personnel
EP2051178A4 (fr) Procédé, dispositif, serveur et système d&#39;authentification d&#39;identité avec un caractère biologique
EP1691523B8 (fr) Système et méthode pour le contrôle d&#39;accès d&#39;utilisateur au contenu dans un réseau
WO2011002622A3 (fr) Accès compteur sécurisé à partir d&#39;un lecteur mobile
WO2010011919A3 (fr) Gestion http d&#39;authentification et d&#39;autorisation
MX2015009491A (es) Procedimiento y aparato de autenticacion de usuarios basados en datos de audio y video.
EP2444933A4 (fr) Dispositif, procédé et programme informatique d&#39;authentification biométrique
EP2086162A4 (fr) Système, dispositif, procédé et programme pour authentifier un partenaire de communication au moyen d&#39;un certificat électronique incluant des informations personnelles
WO2007095265A3 (fr) Procédé et système de fourniture d&#39;un mot de passe destiné à fonctionner en association avec un navigateur
WO2008070330A3 (fr) Appareil et procédés permettant d&#39;authentifier la voix et des dispositifs de données sur le même port
WO2009038657A3 (fr) Procédé et appareil pour empêcher des attaques par hameçonnage
WO2008094765A3 (fr) Procédés et appareil permettant de contrôler l&#39;accès à un réseau à partir d&#39;un dispositif utilisateur
EP2336962A3 (fr) Appareil de traitement d&#39;informations, procédé, support de stockage et système de traitement d&#39;informations
EP1847941A3 (fr) Procédé et système pour réinitialiser les mots de passe
WO2012015615A3 (fr) Dispositif, système et procédé d&#39;autorisation de paiement basée sur l&#39;emplacement
WO2010060704A3 (fr) Authentification d’un canal de communication secondaire à base de jeton de client à serveur à travers des canaux de communication principaux authentifiés
WO2009158086A3 (fr) Techniques permettant d&#39;assurer une authentification et une intégrité de communications
WO2008095011A3 (fr) Procédés et systèmes pour authentification d&#39;un utilisateur
MY172709A (en) Method and system for abstracted and randomized one-time use passwords for transactional authentication
MX2015015140A (es) Autentificacion de usuario.
WO2012087708A3 (fr) Attestation d&#39;identité d&#39;utilisateur dans un commerce mobile

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200780025785.6

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07835952

Country of ref document: EP

Kind code of ref document: A2

WWE Wipo information: entry into national phase

Ref document number: 2009518323

Country of ref document: JP

Ref document number: 2007835952

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 1020097002314

Country of ref document: KR

NENP Non-entry into the national phase

Ref country code: RU