专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2007033321A3 SECURE YET FLEXIBLE SYSTEM ARCHITECTURE FOR SECURE DEVICES WITH FLASH MASS STORAGE MEMORY 审中-公开
公开(公告)号：WO2007033321A3
公开(公告)日：2007-03-22
申请号：PCT/US2006/035839
申请日：2006-09-13
申请人： SANDISK CORPORATION , DISCRETIX TECHNOLOGIES LTD. , HOLTZMAN, Michael , BAR-EL, Hagai , GREENSPAN, Ronen , SHAPIRO, Rony
发明人： HOLTZMAN, Michael , BAR-EL, Hagai , GREENSPAN, Ronen , SHAPIRO, Rony
IPC分类号： G06F21/00 , G06F9/445
摘要： A device with mass storage capability that uses a readily available non secure memory for the mass storage but has firmware (and hardware) that provides security against unauthorized copying of data. This is true even though the firmware itself is stored in the non secure mass storage memory, and therefore potentially vulnerable to hacking. An indication of the authenticity of the firmware must be present before it will be executed by the device. This protects the device contents from unauthorized duplication or tampering. Additional functionality can be added to the device with additional firmware applications, and the authenticity of those additional applications will also be verified before they will be executed. This further prevents unauthorized copying or tampering of secure content through any mechanisms that may be unscrupulously introduced. Any data within the mass storage memory may also be encrypted.

2. 发明申请

WO2006071725A2 MEMORY SYSTEM WITH IN-STREAM DATA ENCRYPTION/DECRYPTION 审中-公开
标题翻译：具有流内数据加密/解码的存储器系统
公开(公告)号：WO2006071725A2
公开(公告)日：2006-07-06
申请号：PCT/US2005/046586
申请日：2005-12-21
申请人： SANDISK CORPORATION , DISCRETIX TECHNOLOGIES LTD. , HOLTZMAN, Michael , COHEN, Baruch Boris , DEITCHER, David , BAR-EL, Hagai , YERUCHAMI, Aviram
发明人： HOLTZMAN, Michael , COHEN, Baruch Boris , DEITCHER, David , BAR-EL, Hagai , YERUCHAMI, Aviram
IPC分类号： G06F21/78
CPC分类号： G06F21/78
摘要： The throughput of the memory system is improved where data in a data stream is cryptographically processed by a circuit without involving intimately any controller. The data stream is preferably controlled so that it has a selected data source among a plurality of sources and a selected destination among a plurality of destinations, all without involving the controller. The cryptographic circuit may preferably be configured to enable the processing of multiple pages, selection of one or more cryptographic algorithms among a plurality of algorithms to encryption and/or decryption without involving a controller, and to process data cryptographically in multiple successive stages without involvement of the controller. For a memory system cryptographically processing data from multiple data streams in an interleaved manner, when a session is interrupted, security configuration information may be lost so that it may become impossible to continue the process when the session is resumed. To retain the security configuration information, the controller preferably causes the security configuration information for the session to be stored before the interruption so that it is retrievable after the interruption.
摘要翻译：在数据流中的数据由电路加密处理而不涉及任何控制器的情况下，存储器系统的吞吐量得到改善。优选地控制数据流，使得其具有多个源中的选择的数据源和多个目的地中的所选择的目的地，全部不涉及控制器。优选地，加密电路可被配置为能够处理多个页面，在多个算法之间选择一个或多个加密算法以加密和/或解密而不涉及控制器，并且在多个连续阶段以密码方式处理数据，而不涉及控制器。对于以交织方式从多个数据流加密处理数据的存储器系统，当会话被中断时，可能丢失安全配置信息，从而当会话被恢复时可能变得不可能继续该过程。为了保持安全配置信息，控制器优选地在中断之前存储会话的安全配置信息，以便在中断之后可以检索会话的安全配置信息。

3. 发明申请

WO2006086232A2 SECURE MEMORY CARD WITH LIFE CYCLE PHASES 审中-公开
标题翻译：安全存储卡与生命周期相位
公开(公告)号：WO2006086232A2
公开(公告)日：2006-08-17
申请号：PCT/US2006/003876
申请日：2006-02-01
申请人： SANDISK CORPORATION , DISCRETIX TECHNOLOGIES LTD. , HOLTZMAN, Michael , COHEN, Baruch Boris , BARZILAI, Ron , BAR-EL, Hagai , DEITCHER, David
发明人： HOLTZMAN, Michael , COHEN, Baruch Boris , BARZILAI, Ron , BAR-EL, Hagai , DEITCHER, David
CPC分类号： G06F11/2273
摘要： A secure memory card with encryption capabilities comprises various life cycle states that allow for testing of the hardware and software of the card in certain of the states. The testing mechanisms are disabled in certain other of the states thus closing potential back doors to secure data and cryptographic keys. Controlled availability and generation of the keys required for encryption and decryption of data is such that even if back doors are accessed that previously encrypted data is impossible to decrypt and thus worthless even if a back door is found and maliciously pried open.
摘要翻译：具有加密功能的安全存储卡包括允许在某些状态下测试卡的硬件和软件的各种生命周期状态。测试机制在某些其他状态下被禁用，从而关闭潜在的后门以保护数据和加密密钥。受控的可用性和数据加密和解密所需的密钥的生成使得即使后门被访问，以前加密的数据也不可能解密，因此即使发现后门被恶意打开也是无价值的。

4. 发明申请

WO2006069194A2 MEMORY SYSTEM WITH VERSATILE CONTENT CONTROL 审中-公开
标题翻译：带有多种内容控制的内存系统
公开(公告)号：WO2006069194A2
公开(公告)日：2006-06-29
申请号：PCT/US2005/046478
申请日：2005-12-21
申请人： SANDISK CORPORATION , DISCRETIX TECHNOLOGIES LTD. , JOGAND-COULUMB, Fabrice , HOLTZMAN, Michael , QAWANI, Bahman , BARZILAI, Ron , HAGAI, Bar-el
发明人： JOGAND-COULUMB, Fabrice , HOLTZMAN, Michael , QAWANI, Bahman , BARZILAI, Ron , HAGAI, Bar-el
IPC分类号： G06F21/31 , G06F21/62 , G06F21/79
CPC分类号： G06F21/79 , G06F21/31 , G06F21/6218 , G06F2221/2103
摘要： The owner of proprietor interest is in a better position to control access to the encrypted content in the medium if the encryption-decryption key is stored in the medium itself and substantially inaccessible to external devices. Only those host devices with the proper credentials are able to access the key. An access policy may be stored which grants different permissions (e.g. to different authorized entities) for accessing data stored in the medium. A system incorporating a combination of the two above features is particularly advantageous. On the one hand, the content owner or proprietor has the ability to control access to the content by using keys that are substantially inaccessible to external devices and at the same time has the ability to grant different permissions for accessing content in the medium. Thus, even where external devices gain access, their access may still be subject to the different permissions set by the content owner or proprietor recorded in the storage medium. When implemented in a flash memory, the above features result in a particularly useful medium for content protection. Many storage devices are not aware of file systems while many computer host devices read and write data in the form of files. The host device provides a key reference or ID, while the memory system generates a key value in response which is associated with the key ID, which is used as the handle through which the memory retains complete and exclusive control over the generation and use of the key value for cryptographic processes, while the host retains control of files.
摘要翻译：如果加密 - 解密密钥存储在介质本身中并且基本上不能被外部设备访问，则所有者感兴趣的所有者能够更好地控制对介质中加密内容的访问。只有具有正确凭据的主机设备才能访问密钥。访问策略可以被存储，其授予不同的许可（例如，针对不同的授权实体）以访问存储在介质中的数据。包含上述两个特征的组合的系统是特别有利的。一方面，内容拥有者或所有者能够通过使用外部设备基本上不可访问的密钥来控制对内容的访问，并且同时能够授予访问介质中内容的不同权限。因此，即使外部设备获得访问权限，他们的访问仍可能受到记录在存储介质中的内容所有者或所有者设置的不同权限的限制。当在闪存中实施时，上述特征导致用于内容保护的特别有用的介质。许多存储设备不知道文件系统，而许多计算机主机设备以文件形式读取和写入数据。主机设备提供密钥引用或ID，而存储器系统产生与密钥ID相关联的响应中的密钥值，该密钥值用作通过其存储器保持完整和排他地控制生成和使用密钥处理的关键价值，而主机保留对文件的控制。

5. 发明申请

WO2011002435A1 METHOD AND MEMORY DEVICE FOR PERFORMING AN OPERATION ON DATA 审中-公开
标题翻译：用于执行数据操作的方法和存储器件
公开(公告)号：WO2011002435A1
公开(公告)日：2011-01-06
申请号：PCT/US2009/006395
申请日：2009-12-04
申请人： SANDISK CORPORATION , DOLGUNOV, Boris , HOLTZMAN, Michael , BARZILAI, Ron , SHEN, Eran
发明人： DOLGUNOV, Boris , HOLTZMAN, Michael , BARZILAI, Ron , SHEN, Eran
IPC分类号： G06F13/38
CPC分类号： G06F13/385
摘要： A method and memory device for implementing long operations and supporting multiple streams are provided. In one embodiment, a memory device receives data and a command from a host to perform an operation on the data, wherein a time required for the memory device to complete the operation exceeds a maximum response time for the memory device to respond to the command. The memory device begins performing the operation on the data and, before exceeding the maximum response time and before completing the operation, sends the context of the operation to the host. At a later time, the memory device receives from the host: (i) a command to resume performing the operation and (ii) the context. The memory device then resumes performing the operation on the data based on the context received from the host.
摘要翻译：提供了一种用于实现长操作并支持多个流的方法和存储器件。在一个实施例中，存储器设备从主机接收数据和命令以执行对数据的操作，其中存储器设备完成操作所需的时间超过存储器设备响应命令的最大响应时间。存储设备开始对数据执行操作，并且在超过最大响应时间之前并且在完成操作之前，将操作的上下文发送到主机。在稍后的时间，存储器装置从主机接收：（i）恢复执行操作的命令和（ii）上下文。然后，存储器设备基于从主机接收的上下文恢复对数据的操作。

6. 发明申请

WO2008008244A3 CONTENT CONTROL SYSTEM AND METHOD USING VERSATILE CONTROL STRUCTURE 审中-公开
公开(公告)号：WO2008008244A3
公开(公告)日：2008-01-17
申请号：PCT/US2007/015431
申请日：2007-06-28
申请人： SANDISK CORPORATION , HOLTZMAN, Michael , BARZILIA, Ron , JOGAND-COULOMB, Fabrice
发明人： HOLTZMAN, Michael , BARZILIA, Ron , JOGAND-COULOMB, Fabrice
IPC分类号： G06F21/00
摘要： At least one software application is stored in a memory device, where a security data structure controls access to information obtainable from data stored in the device and to the at least one software application. A set of protocols control communication between a host and a memory device. Invocation of at least one software application stored in the memory device modifies the protocol. A security data structure controls access to data stored in the memory device according to an access policy. Invocation of at least one software application stored in the memory device imposes at least one condition in addition to the access policy for accessing the data. A data object storing data in the memory device is associated with at least one software application. Accessing the object will invoke the at least one software application which processes the data in the object. Individual ones of a plurality of first sets of protocols are selectable for enabling data to be provided and stored in a data object. A second set of protocols can be used to retrieve data from the data object, or data derived from such data.

7. 发明申请

WO2007030760A2 MOBILE MEMORY SYSTEM FOR SECURE STORAGE AND DELIVERY OF MEDIA CONTENT 审中-公开
标题翻译：用于安全存储和传送媒体内容的移动存储系统
公开(公告)号：WO2007030760A2
公开(公告)日：2007-03-15
申请号：PCT/US2006/035155
申请日：2006-09-07
申请人： SANDISK CORPORATION , QAWAMI, Bahman , JAGOND-COULOMB, Fabrice , SABET-SHARGHI, Farshid , HOLTZMAN, Michael , CAILLON, Pascal , DWYER, Patricia , MCAVOY, Paul , VARGAS, Pedro , YUAN, Po , CHANG, Robert, C.
发明人： QAWAMI, Bahman , JAGOND-COULOMB, Fabrice , SABET-SHARGHI, Farshid , HOLTZMAN, Michael , CAILLON, Pascal , DWYER, Patricia , MCAVOY, Paul , VARGAS, Pedro , YUAN, Po , CHANG, Robert, C.
IPC分类号： G06F21/00
CPC分类号： G06F21/10 , G06F21/105 , G11B20/00086 , G11B20/0021 , G11B20/0071 , G11B20/00724 , G11B20/00731 , G11B20/00797 , G11B20/00862 , G11B20/00985 , G11B2220/61
摘要： The memory device contains control structures that allow media content to be stored securely and distributed in a manner envisioned by the content owner, or service providers involved in the distribution. A wide variety of different avenues become available for distributing media content using such memory devices, such as where the devices contain one or more of the following: abridged preview media content, encrypted unabridged media content, prepaid content, rights and/or rules governing access to such content. The memory device has a type of control structures that enable a service provider (who can also be the content owner) to create a secure environment for media content distribution where end users and terminals register with the service provider, and gain access to the content in a manner controlled by the service provider. The various components to be loaded (e.g. abridged preview media content, encrypted unabridged media content, prepaid content, rights and/or rules governing access to such content) may be generated and loaded in a secure and efficient manner.
摘要翻译：存储设备包含控制结构，其允许以内容所有者或参与分发的服务提供者所设想的方式安全地分发媒体内容。各种不同的途径可用于使用这样的存储器设备来分发媒体内容，例如设备包含以下一个或多个：缩减的预览媒体内容，加密的未删节的媒体内容，预付费内容，管理访问的权限和/或规则到这样的内容。存储设备具有一种控制结构，其使得服务提供商（也可以是内容所有者）为最终用户和终端向服务提供商注册的媒体内容分发创建安全环境，并且获得对该内容的访问由服务提供商控制的方式。可以以安全和有效的方式生成并加载要加载的各种组件（例如，预先预览的媒体内容，加密的未删节的媒体内容，预付费内容，管理对这些内容的访问的权限和/或规则）。

8. 发明申请

WO2008154309A1 MEMORY DEVICE USING THE TIME FROM A TRUSTED HOST DEVICE AND METHOD FOR USE THEREWITH 审中-公开
标题翻译：使用来自受信任主机设备的时间的存储器件及其使用方法
公开(公告)号：WO2008154309A1
公开(公告)日：2008-12-18
申请号：PCT/US2008/065970
申请日：2008-06-05
申请人： SANDISK CORPORATION , CONLEY, Kevin, M. , HOLTZMAN, Michael , SELA, Rotem , BARZILAI, Ron , JOGAND-COULOMB, Fabrice, E.
发明人： CONLEY, Kevin, M. , HOLTZMAN, Michael , SELA, Rotem , BARZILAI, Ron , JOGAND-COULOMB, Fabrice, E.
IPC分类号： G06F21/00
CPC分类号： G06F21/10 , G06F21/725 , G06F2221/0771
摘要： A memory device for using time from a trusted host device and a method for use therewith are disclosed. In one embodiment, an application on a memory device receives a request to perform a time-based operation from an entity authenticated by the memory device, wherein the entity is running on a host device. The application selects time from the host device instead of time from a time module on the memory device to perform the time-based operation and uses the time from the host device to perform the time-based operation. Other embodiments are disclosed, and each of the embodiments can be used alone or together in combination.
摘要翻译：公开了一种用于从可信主机设备使用时间的存储设备及其使用方法。在一个实施例中，存储设备上的应用从由存储器设备认证的实体接收执行基于时间的操作的请求，其中所述实体在主机设备上运行。应用程序从主机设备中选择时间，而不是从存储设备上的时间模块开始执行时间操作，并使用主机设备执行时间操作的时间。公开了其它实施例，并且每个实施例可以单独使用或组合使用。

9. 发明申请

WO2008008243A3 CONTROL SYSTEM AND METHOD USING IDENTITY OBJECTS 审中-公开
公开(公告)号：WO2008008243A3
公开(公告)日：2008-01-17
申请号：PCT/US2007/015430
申请日：2007-06-28
申请人： SANDISK CORPORATION , HOLTZMAN, Michael , BARZILAI, Ron , JOGAND-COULOMB
发明人： HOLTZMAN, Michael , BARZILAI, Ron , JOGAND-COULOMB
IPC分类号： G06F21/00
摘要： An object known as an identity object comprises a public key and a private key pair and at least one certificate issued by a certificate authority that certifies that the public key of the pair is genuine. This object may be used as proof of identification by using the private key to sign data provided to it or signals derived from the data. An identity object may be stored in a non-volatile memory as proof of identity. The memory is controlled by a controller. Preferably, a housing encloses the memory and the controller. The memory system is removably connected to a host device. After the host device has been successfully authenticated, the private key of the object is used to encrypt data from the host device or signals derived from said data, and the at least one certificate and the encrypted data or signals are sent to the host device. After an entity has been authenticated by a control data structure of the memory system, the public key of the identity object and the at least one certificate to certify the public key are provided to the entity. If encrypted data encrypted by means of the public key of the identity object is received from the entity, the memory system will then be able to decrypt the encrypted data using the private key in the identity object.

10. 发明申请

WO2006069273A2 MEMORY SYSTEM WITH IN STREAM DATA ENCRYPTION/DECRYPTION AND ERROR CORRECTION 审中-公开
标题翻译：具有流数据加密/解码和错误校正的存储器系统
公开(公告)号：WO2006069273A2
公开(公告)日：2006-06-29
申请号：PCT/US2005/046688
申请日：2005-12-21
申请人： SANDISK CORPORATION , HOLTZMAN, Michael , COHEN, Baruch, B. , ISLAM, Muhammed, R. , DAVIDSON, Matthew
发明人： HOLTZMAN, Michael , COHEN, Baruch, B. , ISLAM, Muhammed, R. , DAVIDSON, Matthew
CPC分类号： G06F12/1408 , G06F11/1008
摘要： The throughput of the memory system is improved where error correction of data in a data stream is cryptographically processed with minimal involvement of any controller. To perform error correction when data from the memory cells are read, the bit errors in the data in the data stream passing between the cells and the cryptographic circuit are corrected prior to any cryptographic process performed by the circuit. Preferably the error correction occurs in one or more buffers employed to buffer the data between the cryptographic circuit and the memory where latency is reduced by using multiple buffers.
摘要翻译：改进了存储器系统的吞吐量，其中数据流中的数据的错误校正在任何控制器的最少参与下进行密码处理。为了在从存储器单元读取数据时执行纠错，在电路执行的任何密码处理之前校正在单元和密码电路之间通过的数据流中的数据位错误。优选地，误差校正发生在用于通过使用多个缓冲器来缓存延迟减小的密码电路和存储器之间的数据的一个或多个缓冲器中。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式