会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 33. 发明申请
    • Versatile content control with partitioning
    • 多功能内容控制与分区
    • US20060242066A1
    • 2006-10-26
    • US11314053
    • 2005-12-20
    • Fabrice Jogand-CoulombMichael HoltzmanBahman QawamiRon Barzilai
    • Fabrice Jogand-CoulombMichael HoltzmanBahman QawamiRon Barzilai
    • G06Q99/00
    • G06F21/6218G06F21/10G06F21/78G06F2221/2145
    • In some mobile storage devices, content protection is afforded by dividing the memory into separate areas where access to protected areas requires prior authentication. While such feature does provide some protection, it does not protect against a user who obtained a password by illicit means. Thus, another aspect of the invention is based on the recognition that a mechanism or structure may be provided to divide a memory into partitions and so that at least some data in the partitions can be encrypted with a key, so that in addition to authentication that is required for accessing some of the partitions, access to one or more keys may be required to decrypt the encrypted data in such partitions. In some applications, it may be more convenient to the user to be able to log in the memory system using one application, and then be able to use different applications to access protected content without having to log in again. In such event, all of the content that the user wishes to access in this manner may be associated with a first account, so that all such content can be accessed via different applications (e.g. music player, email, cellular communication etc.) without having to log in multiple times. Then a different set of authentication information may then be used for logging in to access protected content that is in an account different from the first account, even where the different accounts are for the same user or entity.
    • 在一些移动存储设备中,通过将存储器划分成对保护区的访问需要事先认证的单独区域来提供内容保护。 虽然这样的功能确实提供了一些保护,但是它不能防止以非法手段获得密码的用户。 因此,本发明的另一方面基于这样的认识:可以提供机制或结构来将存储器划分成分区,并且使得可以用密钥对分区中的至少一些数据进行加密,使得除了认证 是访问某些分区所必需的,可能需要访问一个或多个密钥来对这些分区中的加密数据进行解密。 在某些应用中,用户可以使用一个应用程序登录存储系统更方便,然后能够使用不同的应用来访问受保护的内容,而无需再次登录。 在这种情况下,用户希望以这种方式访问​​的所有内容可以与第一帐户相关联,使得可以通过不同的应用(例如,音乐播放器,电子邮件,蜂窝通信等)来访问所有这样的内容,而没有 多次登录。 然后可以使用一组不同的身份验证信息来登录访问与第一帐户不同的帐户的受保护内容,即使不同帐户是针对同一用户或实体的。
    • 35. 发明申请
    • Portable Mass Storage Device with Virtual Machine Activation
    • 便携式大容量存储设备,虚拟机激活
    • US20100205457A1
    • 2010-08-12
    • US12762786
    • 2010-04-19
    • Fabrice Jogand-CoulombBahman QawamiFarshid Sabet-ShargiCarlos J. Gonzalez
    • Fabrice Jogand-CoulombBahman QawamiFarshid Sabet-ShargiCarlos J. Gonzalez
    • G06F9/455G06F12/14
    • G06F21/33G06F21/10G06F21/6209G06F21/78G06Q20/1235
    • A portable mass storage device is used to store large files such as digital pictures, movies and music. The mass storage device has firmware with security mechanisms that limit access to read write operations to ensure reliable operation of the device to prevent unwanted copying or storing of secure content such a copyrighted material. Although the security mechanisms generally limit access, the firmware is operable to work with a virtual machine and allows the virtual machine to access the secure content and work in conjunction with the firmware to read and write data to the mass storage memory, if the virtual machine is present. The virtual machine is either loaded but not activated at the time of manufacture, or is downloaded and activated post manufacture. Any royalty for the virtual machine is paid for only if and when the virtual machine is both present and activated in the device.
    • 便携式大容量存储设备用于存储数字图像,电影和音乐等大型文件。 大容量存储设备具有带有安全机制的固件,其限制对读写操作的访问,以确保设备的可靠操作,以防止不必要地复制或存储诸如受版权保护的材料之类的安全内容。 虽然安全机制通常限制了访问,但是固件可操作地与虚拟机一起工作,并且允许虚拟机访问安全内容并且与固件一起工作以将数据读取和写入大容量存储存储器,如果虚拟机 存在。 虚拟机加载但在制造时未激活,或者在后期制造下载并激活。 只有当虚拟机在设备中存在并激活时,虚拟机的任何版税才会支付。
    • 36. 发明申请
    • Portable Mass Storage Device With Virtual Machine Activation
    • 便携式大容量存储设备,虚拟机激活
    • US20080082447A1
    • 2008-04-03
    • US11463256
    • 2006-08-08
    • Fabrice Jogand-CoulombBahman QawamiFarshid Sabet-ShargiCarlos J. Gonzalez
    • Fabrice Jogand-CoulombBahman QawamiFarshid Sabet-ShargiCarlos J. Gonzalez
    • H04L9/00
    • G06F21/33G06F21/10G06F21/6209G06F21/78G06Q20/1235
    • A portable mass storage device is used to store large files such as digital pictures, movies and music. The mass storage device has firmware with security mechanisms that limit access to read write operations to ensure reliable operation of the device to prevent unwanted copying or storing of secure content such a copyrighted material. Although the security mechanisms generally limit access, the firmware is operable to work with a virtual machine and allows the virtual machine to access the secure content and work in conjunction with the firmware to read and write data to the mass storage memory, if the virtual machine is present. The virtual machine is either loaded but not activated at the time of manufacture, or is downloaded and activated post manufacture. Any royalty for the virtual machine is paid for only if and when the virtual machine is both present and activated in the device.
    • 便携式大容量存储设备用于存储数字图像,电影和音乐等大型文件。 大容量存储设备具有带有安全机制的固件,其限制对读写操作的访问,以确保设备的可靠操作,以防止不必要地复制或存储诸如受版权保护的材料之类的安全内容。 虽然安全机制通常限制了访问,但是固件可操作地与虚拟机一起工作,并且允许虚拟机访问安全内容并且与固件一起工作以将数据读取和写入大容量存储存储器,如果虚拟机 存在。 虚拟机加载但在制造时未激活,或者在后期制造下载并激活。 只有当虚拟机在设备中存在并激活时,虚拟机的任何版税才会支付。
    • 37. 发明申请
    • Control structure for versatile content control
    • 多功能内容控制的控制结构
    • US20060242151A1
    • 2006-10-26
    • US11313536
    • 2005-12-20
    • Fabrice Jogand-CoulombMichael HoltzmanBahman QawamiRon Barzilai
    • Fabrice Jogand-CoulombMichael HoltzmanBahman QawamiRon Barzilai
    • G06F17/30
    • G06F21/10G06F2221/2145
    • A tree structure stored in the storage medium provides control over what an entity can do even after gaining access. Each of the nodes of the tree specifies permissions by an entity who has gained entry through such node of the tree. Some trees have different levels, where the permission or permissions at a node of the tree has a predetermined relationship to permission or permissions at another node at a higher or lower or the same level in the same tree. By requiring entities to comply with the permissions so specified at each of the nodes, the tree feature of this application allows a content owner to control which entities can take action, and which actions each of the entities can take, irrespective of whether the tree has different levels. To enhance the commercial value that can be provided by the mobile storage medium, it is desirable for mobile storage devices to be capable of supporting more than one application simultaneously. When two or more applications are accessing the mobile storage device at the same time, it can be important to be able to separate the operations of the two or more applications so that they do not interfere with one another in a phenomena referred to herein as crosstalk. Two or more preferably hierarchical trees control access to the memory. Each tree comprises nodes at different levels for controlling access to data by a corresponding set of entities where a node of each tree specifies permission or permissions of the corresponding entity or entities for accessing memory data. The permission or permissions at a node of each of the trees has a predetermined relationship to permission or permissions at another node at a higher or lower level in the same tree. Preferably, there is no crosstalk between at least two of the trees.
    • 存储在存储介质中的树结构提供对实体甚至在获得访问之后可以执行什么的控制。 树中的每个节点都指定通过树的这种节点获取入口的实体的权限。 一些树具有不同的级别,其中树的节点上的许可或许可与在同一树中较高或较低或相同级别的另一节点处的权限或权限具有预定关系。 通过要求实体遵守在每个节点上如此指定的权限,该应用的树特征允许内容所有者控制哪些实体可以采取行动,以及每个实体可以采取哪些动作,而不管树是否具有 不同层次。 为了增强可由移动存储介质提供的商业价值,期望移动存储设备能够同时支持多个应用。 当两个或多个应用程序同时访问移动存储设备时,能够分离两个或更多应用程序的操作是非常重要的,使得它们在这里被称为串扰的现象中不会彼此干扰 。 两个或更多个优选的分级树控制对存储器的访问。 每个树包括不同级别的节点,用于控制对应的实体集合的访问,其中每个树的节点指定用于访问存储器数据的对应实体或实体的许可或许可。 每个树的节点上的权限或权限与同一棵树中较高或较低级别的另一个节点的权限或权限具有预定关系。 优选地,在至少两棵树之间不存在串扰。
    • 38. 发明申请
    • Method using control structure for versatile content control
    • 使用控制结构进行多功能内容控制的方法
    • US20060242150A1
    • 2006-10-26
    • US11313870
    • 2005-12-20
    • Fabrice Jogand-CoulombMichael HoltzmanBahman QawamiRon Barzilai
    • Fabrice Jogand-CoulombMichael HoltzmanBahman QawamiRon Barzilai
    • G06F17/30
    • G06F21/6218G06F21/10G06F21/78
    • A tree structure stored in the storage medium provides control over what an entity can do even after gaining access. Each of the nodes of the tree specifies permissions by an entity who has gained entry through such node of the tree. Some trees have different levels, where the permission or permissions at a node of the tree has a predetermined relationship to permission or permissions at another node at a higher or lower or the same level in the same tree. By requiring entities to comply with the permissions so specified at each of the nodes, the tree feature of this application allows a content owner to control which entities can take action, and which actions each of the entities can take, irrespective of whether the tree has different levels. To enhance the commercial value that can be provided by the mobile storage medium, it is desirable for mobile storage devices to be capable of supporting more than one application simultaneously. When two or more applications are accessing the mobile storage device at the same time, it can be important to be able to separate the operations of the two or more applications so that they do not interfere with one another in a phenomena referred to herein as crosstalk. Two or more preferably hierarchical trees control access to the memory. Each tree comprises nodes at different levels for controlling access to data by a corresponding set of entities where a node of each tree specifies permission or permissions of the corresponding entity or entities for accessing memory data. The permission or permissions at a node of each of the trees has a predetermined relationship to permission or permissions at another node at a higher or lower level in the same tree. Preferably, there is no crosstalk between at least two of the trees.
    • 存储在存储介质中的树结构提供对实体甚至在获得访问之后可以执行什么的控制。 树中的每个节点都指定通过树的这种节点获取入口的实体的权限。 一些树具有不同的级别,其中树的节点上的许可或许可与在同一树中较高或较低或相同级别的另一节点处的权限或权限具有预定关系。 通过要求实体遵守在每个节点上如此指定的权限,该应用的树特征允许内容所有者控制哪些实体可以采取行动,以及每个实体可以采取哪些动作,而不管树是否具有 不同层次。 为了增强可由移动存储介质提供的商业价值,期望移动存储设备能够同时支持多个应用。 当两个或多个应用程序同时访问移动存储设备时,能够分离两个或更多应用程序的操作是非常重要的,使得它们在这里被称为串扰的现象中不会彼此干扰 。 两个或更多个优选的分级树控制对存储器的访问。 每个树包括不同级别的节点,用于控制对应的实体集合的访问,其中每个树的节点指定用于访问存储器数据的相应实体或实体的许可或许可。 每个树的节点上的权限或权限与同一棵树中较高或较低级别的另一个节点的权限或权限具有预定关系。 优选地,在至少两棵树之间不存在串扰。
    • 39. 发明申请
    • Method forversatile content control
    • 方法无效内容控制
    • US20060242068A1
    • 2006-10-26
    • US11314411
    • 2005-12-20
    • Fabrice Jogand-CoulombMichael HoltzmanBahman QawamiRon BarzilaiHagai Bar-El
    • Fabrice Jogand-CoulombMichael HoltzmanBahman QawamiRon BarzilaiHagai Bar-El
    • G06Q99/00
    • G06F21/6218G06F21/78
    • The owner of proprietor interest is in a better position to control access to the encrypted content in the medium if the encryption-decryption key is stored in the medium itself and substantially inaccessible to external devices. Only those host devices with the proper credentials are able to access the key. An access policy may be stored which grants different permissions (e.g. to different authorized entities) for accessing data stored in the medium. A system incorporating a combination of the two above features is particularly advantageous. On the one hand, the content owner or proprietor has the ability to control access to the content by using keys that are substantially inaccessible to external devices and at the same time has the ability to grant different permissions for accessing content in the medium. Thus, even where external devices gain access, their access may still be subject to the different permissions set by the content owner or proprietor recorded in the storage medium. When implemented in a flash memory, the above features result in a particularly useful medium for content protection. Many storage devices are not aware of file systems while many computer host devices read and write data in the form of files. The host device provides a key reference or ID, while the memory system generates a key value in response which is associated with the key ID, which is used as the handle through which the memory retains complete and exclusive control over the generation and use of the key value for cryptographic processes, while the host retains control of files.
    • 如果加密解密密钥存储在介质本身并且对外部设备基本不可访问,则所有者利益的所有者处于更好的位置以控制对介质中的加密内容的访问。 只有那些具有正确凭据的主机才能访问密钥。 可以存储访问策略,其授予不同的权限(例如,到不同的授权实体)以访问存储在介质中的数据。 结合上述两个特征的组合的系统是特别有利的。 一方面,内容所有者或所有者具有通过使用外部设备基本上不可访问的密钥来控制对内容的访问的能力,并且同时具有授予访问媒体中的内容的不同权限的能力。 因此,即使在外部设备获得访问的情况下,他们的访问仍然可能受到记录在存储介质中的内容所有者或所有者设置的不同权限。 当在闪存中实现时,上述特征导致用于内容保护的特别有用的介质。 许多存储设备不知道文件系统,而许多计算机主机设备以文件的形式读取和写入数据。 主机设备提供密钥引用或ID,而存储器系统生成响应中的密钥值,该密钥值与密钥ID相关联,该密钥ID用作存储器保持完整的句柄,并且专用于控制生成和使用 密码过程的关键值,而主机保留对文件的控制。