TW200907681A - Memory device with circuitry for improving accuracy of a time estimate used in digital rights management (DRM) license validation and method for use therewith - Google Patents

Abstract

A memory device with circuitry for improving accuracy of a time estimate used in digital rights management (DRM) license validation and a method for use therewith are disclosed. In one embodiment, a memory device receives a request to validate a DRM license stored on the memory device, wherein the DRM license is associated with a time stamp update policy (TUP) that specifies when a new time stamp is needed. Before attempting to validate the DRM license, the memory device determines if a new time stamp is needed based on the TUP associated with the DRM license. If a new time stamp is needed, the memory device receives the new time stamp and then attempts to validate the DRM license using a time estimate based on the new time stamp. Other embodiments are disclosed, and each of the embodiments can be used alone or together in combination.

Description

200907681 IX. INSTRUCTIONS: This application is related to US Patent Application No. 11/811,284 "Method for Improving Accuracy of a Time Estimate"; U.S. Patent Application No. 11/8 11,347 "Memory Device with Circuitry for Improving Accuracy of a Time Estimate"; US Patent Application No. 11/811,289 Method for improving the accuracy of the time to identify the entity to the memory device Method) Method for Improving Accuracy of a

Time Estimate Used to Authenticate an Entity to a Memory Device) "; US Patent Application No. 11/811,344 " Memory Device with a Circuit for Improving the Accuracy of Time Estimation for Entity Recognition (Memory) Device with Circuitry for Improving Accuracy of a Time Estimate Used to Authenticate an Entity)"; US Patent Application No. 1 1/8 1 1, 3 54" for improvement in the use of digital rights management (DRM) grants Method of estimating the accuracy of time (Method for

(J

Improving Accuracy of a Time Estimate Used in Digital Rights Management (DRM) License Validation) "; US Patent Application No. 1 1/811, 348" has a time estimate for improving the use of digital rights management (DRM) authorization Memory Device with Circuitry for Improving Accuracy of a Time Estimate Used in Digital Rights Management (DRM) License Validation "; US Patent Application 131992.doc 200907681 No. 11/8 11,346 "Method for Using Time from a Trusted Host Device"; and U.S. Patent Application Serial No. 11/81 1,345, using memory from a trusted host device Memory Device Using Time from a

Each of these applications is in the same application as the present application and is hereby incorporated by reference. [Prior Art] Ο

Some memory devices, such as the TrustedFlashTM memory device from SanDisk Corporation, need to know the time to perform time-based operations, such as digital rights management (DRM) authorization. Due to the security issues involved in such operations, the memory device may not be able to rely on a host device to provide the correct time. While the memory device can be able to obtain the correct time from a trusted component in the network, the host device hosting the memory device may not be connected to the network when the memory needs to know the time. The memory device can be designed to measure its effective time, but if the memory device does not continuously measure the effective time (for example, if the measurement device starts to be powered off), the m is determined by the effective time of the measurement. The time estimate is not the actual measurement of the actual time. 1 The time estimate when the measurement is valid actually indicates only the lower limit that the actual time may be. The estimation may not provide the precise sound required in some time-based operations. : Although the memory device can be equipped with a battery backup clock to continuously track the cost of the time even if the device is inactive. The invention will be defined by the scope of the patent application. An example provides a memory device having circuitry for improving the accuracy of time estimation of digital rights management (DRM) authorization and methods of use thereof. In the real_me, the (4) device receives a request to validate the DRM authorization stored on the memory device, wherein the DRM authorization is associated with a timestamp update policy (TUP) specifying the time at which the new timestamp is required. Before attempting to validate the dRM grant, the memory device determines whether a new timestamp is needed based on the TUP associated with the DRM grant. If a new timestamp is required, the memory device receives the new time frame and then attempts to use the time estimate based on the new timestamp to validate the DRM authorization. In another embodiment, the memory device receives the memory device to be stored on the memory device.

A valid request for one of a plurality of DRM grants, wherein each drm authorization is associated with a different τυρ specifying the time at which a new timestamp is required. Before attempting to validate one of the plurality of DRM grants, the memory device determines whether a new timestamp is needed based on _τυρ associated with one of the plurality of DRM grants. If a new timestamp is needed, the memory device receives a new timestamp and then attempts to validate one of the plurality of DRM grants based on the new timestamp using a time estimate. Other embodiments are also disclosed, and each of the embodiments can be used alone or in combination. These embodiments will now be described with reference to the drawings. [Embodiment] Turning now to the drawings, Fig. 1 is a description of a system 1B for explaining the embodiments. As shown in FIG. 1, system 10 includes a plurality of memory devices 20, 131992.doc 200907681 "40 which is removably coupled to a plurality of individual host devices: a personal computer (PC) 5", digital media (eg, , Μ ρ3) player 6 〇 and mobile phone 70. The host device is a device that can read data from a memory device and/or write data to a hidden device. Information may include, but is not limited to, digital media such as audio files or video files (with or without audio), such as games, books, maps, data files, or software programs. For example, p can download data from the server in the network to the memory device, pre-load data from the manufacturer or other second-chamber side, or load from another device side.

(side-load) information. Appropriate form, and is not limited to that shown in Figure 1.

__ A yCV host device can take any example + example and 5, the host device can take the following forms: notebook computer, palm-sized computer, handheld email / text messaging device, handheld game console, video broadcast player (eg 'DVD player or portable video player'), audio and/or video recorders, digital cameras, video converters, display devices (eg TV), printers, car stereo systems and navigation systems. At the same time, the Φ Chengshang device can contain mixed functionality. For example, the device can be a mobile phone that can also media (for example, music and/or video) in addition to making and receiving phone calls. The host device (such as PC5G ride (4) (4)) can have (4) connected to a = for example, the Internet 80 or the wireless network 9 〇 ' although other capabilities can be used. A host device having this capability will be referred to herein as "connected". Temple: Connected device " may not start, actually connected to the network, such as when operating under the mobile (4) or when the PC 50 is in the 4th + transport mode C 50 does not establish an Internet connection . A host device (such as digital media player 60) that has its own ability to communicatively connect to a network will be referred to herein as "unconnected device". By connecting the unconnected device to the connected device, the unconnected device can communicate with a network as shown in Figure 1 in which case the digital media player 6 is connected to the PC 50. Even if connected in this way, if the device is not connected for this function (for example, a simple Mp3 player), the unconnected device may not be able to obtain information from the network. In this case, components in the network may push information to the device. It should be noted that although the map shows positive

The digital media player 60 is connected to the PC 50 via a wired connection, but a wireless connection can be used. Similarly, the terms "connected" and "coupled, do not necessarily denote a wired connection or a direct connection. A network (e.g., Internet 80 or wireless network 9A) may allow a connected device (or connect to a connected device) The device's disconnected device) accesses external components such as, but not limited to, a time-stamped time server 100 and a digital rights management server that provides DRM protected content and authorization to access the content ( DRM) 110. These two servers will be described in more detail below. Although the time server 100 and the DRM server 110 are shown as separate devices in Figure}, these two servers can be combined into a single device. In addition, these servers may contain other functionality. Similarly, if necessary, components other than the time server (10) and the DRM server 11 may be accessed via the Internet 8G and the wireless network 9. 2 is a block diagram of a memory device 200 of an embodiment, which takes the form of a memory card or a memory stick. The memory device 200 shown in Tire 2 and Figure 2 contains non-volatile Memory eve" For example, flash memory 131992.doc -10- 200907681 body) 2 1 0 and circuit set 220. In this embodiment, the non-volatile memory array 21 is in the form of a solid state memory, in particular, a flash memory 21 〇. It should be noted that other types of solid state memory can be used in place of the flash memory. It should also be noted that memory other than solid state memory, such as, but not limited to, a magnetic disk or an optical CD may be used. Similarly, for the sake of simplicity, 'terms "circuits" will be used herein to refer to hardware/software (or firmware) implementations that are purely hardware implemented and/or combined. Thus, a "circuit" can take the form of one or more of the following: a special application integrated circuit (ASIC), a programmable logic controller, an embedded microcontroller, and a single board computer, as well as a processor and storage A computer readable medium readable by a processor, such as a software or a phantom. The circuit set 22 of FIG. 2 includes a plurality of components: a host interface module (HIM) 230, a flash interface module (FIM) 24, a buffer management unit (BMU) 250, a CPU 260, and a hard Body timer block 270. The HIM 230 provides interface functionality for the host device and the FIM 24 provides interface functionality for the flash memory 210. BMU 25〇 is included for providing encryption/

The cryptographically functional cryptographic engine 252 and the host direct memory access (DMA) component 254 and the flash component 256 are used for communication with the HIM 230 and the FIM 240, respectively. The CPU 260 executes the software and firmware stored in the CPU RAM 26 and/or the flash memory 210. The hardware timer block 27A is described below in conjunction with this force of the measurement time of the memory device. Other components of the device 200, such as electrical and physical connectors for removably connecting the memory device 200 to the host device 3, are not shown in FIG. 2 to simplify the drawing. . Regarding the memory device 2〇〇 and its operation, 131992.doc 200907681 E-Bai-Bai can be found in U.S. Patent Application Serial No./3丨4 4 No. and No. 11/557,028, The disclosures are hereby incorporated by reference. U.S. Patent Application Serial No. 11/322,812 and No. 11/322,766, the disclosure of which are incorporated herein by reference. In this document, the components and functionality described in the literature should not be added to the following claims unless explicitly stated therein. In this embodiment, the memory device 2 is stored for unlocking and stored in memory. Digital rights management (drm) of protected content on body device 200

Key and authorization. (It should be noted that these embodiments may also be used with DRM keys and authorized D memory devices that do not store protected content stored on the memory device.) DRM keys and authorizations may be used The memory device 200 is generated or generated external to the memory device 2 (eg, by the DRM server 11) and transmitted to the memory device 2A. Since the drm key and the authorization move together with the suffix device 2, the protected content is effectively associated with the memory device 2, instead of the host device 3, thereby being protected The content is portable and accessible by any host device that can prove to the memory device 2 that it is an approved device. From SanDisk

Corporation's TrustedFlashTM memory device is an example of a memory device that stores a drm key and authorization on a memory device such that the protected content can be moved with the memory device. In some embodiments, the memory device 200 also validates the DRM authorization by the DRM key stored on the memory device 200, while in other embodiments, the memory device provides the DRM key to the host device 300. It is used by the DRM key to make the DRM authorization effective. 131992.doc -12. 200907681 In this embodiment, the CPU 260 of the memory device 200 executes a Secure Storage Application (SSA) to ensure that only authenticated entities with appropriate credentials can access the DRM key and authorization. The computer readable code for the SSA can be stored in another storage location in the flash memory 210, CPU RAM 262 or memory device 2A. The SSA is described in more detail in the above mentioned application, 〇28 patent application. Figure 3 is an illustration of various power modules in the memory device 200 that will be used to illustrate the operation of the SSA. As shown in FIG. 3, the memory device 2 includes various access control records (&quot;ACR&quot;): a first asymmetry AcR 2 〇1, a second asymmetry ACR 202, and a symmetry ACR 203. The first asymmetry ACR 201 and the second asymmetry ACR 2〇2 include first and second time update strategies (TUP1 and TUP2, respectively), which will be described in more detail below, although multiple are shown in FIG. ACR 'but the memory device 2 〇〇 can only contain a single ACR. Each ACR 201, 202, and 203 specifies the authentication method to be used and the credentials required to provide evidence of the identity of the entity. Each ACR 2〇1, 2〇2, and 203 also contains permission to perform various actions, such as 'accessing the drm key and authorization. Once the ACR has successfully authenticated an entity, the SSA system opens for a period of time 'through the session, any of the ACR actions can be performed. As used herein, the term "entity" refers to any person or thing that attempts to access a memory device 2. For example, an entity may be an application executing on a host device, a host device itself, or a human user. In Figure 3, three entities are attempting to access the memory device 200: a media (e.g., audio and/or video) player 301, a storage application 3〇2, and another application 3〇3. 301, 3〇2, 303 may be on the same or different host devices. 131992.doc 200907681 Each entity 301, 03, 303 is associated with a particular ACR (ACR 201, ACR 202, and ACR 203, respectively). An additional entity (not shown) may be associated with one or more of ACR 201, ACR 202, and ACR 203. When an entity initiates a login process, it sends a request for authentication, the request including its correlation Associated with the ACR identifier, the ACR specifies the authentication method to be used and the evidence required to provide evidence of the identity of the entity. In Figure 3, ACR 201 and ACR 202 specify an asymmetry authentication method, while ACR 203 Specify the symmetry identification method. Any other authentication method (such as a password-based program) may be used, and the ACR may also specify that no authentication is required. In addition to specifying a specific authentication method, the ACR may also contain a grant control record (PCR), which is described. Once an action is recognized by an entity, some authentication mechanisms (such as one-way and two-way asymmetric identification using the X.509 certificate chain for authentication) may be based on time, which requires a memory device 200 knows the time in order to verify the credentials presented by the entity. (The symmetry authentication mechanism used by the symmetric ACR 203 does not require the memory device 200 to know the time. In symmetry authentication, an entity and its associated ACR The shared key is used to authenticate the entity.) In an asymmetric authentication, it may take time to evaluate whether the credentials supplied by an entity, such as RS A certificates and/or certificate revocation lists (CRLs), are valid. (As used herein, "certificate" may refer to a single certificate or a plurality of certificates (eg, a series of certificates), and "CRL" may refer to a single CRL or a plurality of CRLs.) Upon transfer to a memory device Before a mechanism 200 can be used to generate a time estimate for performing this validation, a brief discussion of the certificate and CRL will be presented with respect to asymmetry authentication. Asymmetric authentication uses a public key infrastructure (PKI) system, which is known in 131992.doc • 14-200907681 as a trusted institution of one of the certification authorities (CA) to issue RS A for the identity of the entity. certificate. An entity wishing to determine the identity is registered with the CA by sufficient evidence to prove its identity. After the identity of the entity has been certified by the CA, the CA issues a certificate to the entity. The certificate typically includes the name of the CA from which the certificate was issued, the name of the entity to which the certificate was issued, the public key of the entity, and the entity that was signed by the CA's private key (usually by encrypting the summary of the public key) Key. The certificate may contain a data field for the expiration date of the store. In this case, the entity with the certificate can only access the content protected by the ACR (until the certificate expires) for a limited amount of time. The certificate may also contain a data field for the time of storage of future validity. In this case, the ACR will not authenticate the entity until the certificate becomes valid. If the memory device 200 determines that the current date is after the expiration date or before the expiration date (i.e., if the memory device 200 determines that the certificate is not valid), the memory device 200 will not recognize the entity presenting the certificate. Various situations, such as name changes, changes in the association between an entity and a CA, and the disclosure or suspected compromise of a private key, can invalidate a certificate before its expiration. In these cases, the CA needs to revoke the certificate. In operation, the CA periodically issues a Certificate Revocation List (CRL), which is a signed data structure containing a time-stamped list of revoked certificates. Therefore, in order to authenticate an entity, the memory device 200 not only checks to see if the certificate is timely, but also checks the CRL to see if the certificate is listed on the CRL. (The CRL may be provided by the entity along with the certificate, or the memory device 200 may obtain the CRL itself (eg, via the Internet 80 if the memory device 200 is a connected device).) If the certificate is listed on the CRL, the certificate is not There will be 131992.doc -15- 200907681 (even if it has not expired), and the entity will not be recognized. Like a certificate, the issued CRL has an expiration date' expiration date indicating when the CRL should be updated. This ensures that the memory device 200 is using the most recent (10). In the identification: If the memory device 200 finds that the current time has passed the CRL period, if the memory device 200 determines that the CRL is not valid, then (10) is defective, and the superiority is not good. It is used for certificate verification.记忆 ’ </ RTI> In this embodiment, the memory device 2 needs to know the authentication credentials (here, the certificate and the CRL). There are several options that allow the memory to be able to sleep ^ in time. - The option is to cause the memory device to request a time from a trusted time server via a host device whenever the memory device 2 is to know the time.戗This solution is suitable for connected installations, because the recording device can be used for connected devices and = (for example, 'not connected to the Internet home (four), then the player, thrift station on the plane) ))), so when the D-concealed device needs to know that it can't rely on the share when it can be used for the time of the sequence, the option is to equip the memory device - the battery is wounded. However, this may increase the cost. Again - the option is dependent: two of its own internal clock or from the time of the trace (from the set. However, in many cases, the record is supplied to the memory to install the 楹徂 隹, 隹 * body device can not rely on the host device Filling period=1 allows the user to "down the current clock on the host device": 2:: (that is, 'set the clock on the host device to be earlier than the time of the field), then the user will be smarter than The specific time limit to be executed. In addition, the memory device (or the implementation of the memory device in 131992.doc -16 - 200907681) can rely on the host device, memory The body device (or the application executing in the memory k-synchronization) will be able to rely on the host device to obtain more information when the host time is available. 1 used in this embodiment Another option is to use the limited time and vertical ability of the memory device; specifically t^ _ 骽., the ability of the memory device 200 to measure its effective time. The effective time can be ok Body device 20 0 is connected to the host and is actually used (that is, the daytime fight, the occupation

C

The amount of time that L is idle or in the sleep mode, compared to when there is activity on the bus between the memory device 200 and the anchor device 300. Alternatively, the effective 昧Ρ卩&quot;T 4b ^ effect time may refer to the entire amount of time that the memory device 200 is connected to the host device 300 and the power is transferred from the host device 3. The terms "valid time," and "time of use" will be used interchangeably herein. As described below, in this embodiment, the hardware timer block 270 can generate a clock timing unit as an interrupt to the CPU 260. The memory device is finely active, and the CPU 260 can increment the active time counter. In operation, the hardware timer block 270 (eg, an ASIC controller) contains a vibrator that generates a periodic clock timing unit, and These timing units are provided to the CPU 260 as an interrupt. (Preferably, the oscillator operates at a very low frequency and operates when the CPU is asleep.) Thus, the hardware timer block 270 periodically (e.g., each The millisecond or microsecond interrupts the CPU 260. When the CPU 26 gets a ten-break, a special clock interrupt service routine (eg, in the body executed by the CPU 260) is called and a cycle/unit is added to the valid time. The counter, the valid time counter is stored in the cpURAM 262 and also in the non-volatile flash memory 210. Therefore, if a power outage occurs, the count 131992.doc -17-200907681 = will not be lost. Excessive wear of the body 21〇 preferably, the effective time counter in the memory (4) is periodically updated (e.g., about the mother minute, as long as the memory device 2 is energized instead of responding to each unit. If a power outage occurs before updating the material counter, this can result in additional time for the measured time.

This sacrifice can be considered acceptable for the benefit of memory durability. : Further (4) memory durability, the value stored in the valid time counter can be packaged, indicating that the counter has been written by the number of times the block 1 write value exceeds a certain amount, then the counter can be stored in the memory. In a position. The bits in the counter can also be shifted by one. This is useful for durability. It is also preferable that the writing to the valid time counter does not affect the performance of the memory device 2 (in addition to the power consumption of writing) and the regular activities. (In other words, preferably, the write to the time-of-day counter is part of the process that serves the host command.) For example, the write to the valid time counter can be processed as a background task and in servicing the host device command Execute before. At the end of the host device command, the firmware in the memory device 2 can be verified by staging the valid time counter by comparing it with the memory and comparing it with the desired money line. Also, preferably, the value of the valid time counter is securely stored in the memory 21 (e.g., signed using the key hash message authentication code (HMAC) via the cryptographic engine 252) so that it cannot be easily tampering with it. . In the case of a signature mismatch, the data can be treated as uninitialized, as the attacker tampers with it. In addition, it should be noted that other mechanisms for measuring the effective time can be used. 131992.doc 18- 200907681 cm 260 is used to convert the stored value into a real time gate =26G when the hardware timer block is used to generate the actual time, the stored value. For example, if the value 5_;:... frequency multiply memory timer block 270 generates a clock two counters every 5 milliseconds and hardly calculates a valid time gate of 2,500 milliseconds (5 〇〇 by 5), then The CPU 260 detects that the translated valid time is added: the body receives the timestamp in order to generate the time-reliable source. Change: = = = - can be lined, where the measurement of the memory device has a &quot;start stamp. Time 戮 can take any form, such as year, month, 拉 ^ pull, desired degree of precision, time, minute, second, etc. to indicate time. Compared with the memory device, which is trusted by the memory device, the time device is used to supply the device to the memory device. The timestamp can take any form and be sent separately in other information. The memory farm preferably securely stores the timestamp via the cryptographic engine&apos; so it cannot be easily tampered with. When a new time 戮 is received by the memory device 2, the new time 戮 is stored in the memory device 2 ’ 0 and the valid time counter is reset. Therefore, the effective time will then be measured in relation to the new timestamp instead of the old time 戮. Alternate reset (and therefore, &quot;recalculate") ancient + narration;) juice counter, the effective time counter value existing at the new timestamp can be recorded and subtracted from the current time to measure the effective time Now that we have discussed the memory tracking time, we will describe the actual combination of the clock and the sequence of the clock, and Figure 4 is an agreement diagram of the asymmetry identification process of an embodiment. In the following example The player 3〇ι is trying to log in to the memory device 2 by ACR 201 via 131992.doc •19·200907681. μ - .Λ1 . , Liu is described in more detail below.

Play Yi 3 01 contains the voucher (for example, RS is in the Correction, Certified List (CRL)), and ACR 2〇丨 is responsible for and also θ abolishes the magnetic (four)... Negative and true player 3 〇 1 authenticity and will be right To the object (in this case, the female full channel between the player 301 and DRiv^&amp; 〇7). As shown in FIG. 4, ΛΛ ^ _ TW is not, the first step is that the host installs a request for authentication of the player 3〇1 to the memory device action 402). If the time stamp is not yet installed in the memory device, In the middle, the memory device 2〇(m-delete failure message responds to the clock request 404). The following series of actions describe the process of providing time 戮 to the memory device 200, and will be combined with FIG. 5 and FIG. 5 and FIG. 6 are respectively a system diagram and a flow chart illustrating a specific manner in which the memory device 200 can obtain a time stamp. It should be understood that the memory device 2 can obtain different time stamps and time stamps in different manners. Forms It should also be understood that a single memory device that is connected to multiple feeders or host interfaces can handle multiple forms at the same time. Therefore, specific details of this example should not be included in the scope of the patent application unless explicitly stated. As shown in FIG. 5, the memory device 200 communicates with the host device 3 via a memory device-host device communication channel 3〇5, and the host device 3〇〇 and the time server 100 via the host device-time servo The communication channel 3 15 communicates. Although the time server 100 can include a single server, in this embodiment the 'time server 100 includes a plurality of servers 102, 104, 1 that are synchronized with each other via the inter-server communication channel 325. 〇 6. Similarly, as mentioned above, 'the time server 1〇〇 is not used to obtain the time stamp, but can be used for the time stamp of the host device 300 from 13I992.doc • 20·200907681, preferably, only when When it is a trusted host device, in this embodiment, the program for requesting the timestamp is started by the host device 300, and the host device 300 sends a get flag command to the memory device 200. 405) (see Figures 4, 5, and 6). In this embodiment, the temporary flag is 160 bits that are later used by the memory device 200 to verify the authenticity of the timestamp generated by the time server 100. The random number. The memory device 200 generates a random number (temporary flag) (action 410) and stores it in the CPU RAM (i.e., volatile memory) 262 (or otherwise, the memory 210) for later verification. Step. Memory device 200 then The temporary flag is sent to the host device 300 (act 415). The memory device 200 also begins measuring time (described below) to determine later whether a timeout has occurred. When the host device 300 receives the temporary flag, it will A get time stamp request containing the temporary flag is sent to the time server 100 (act 420). The time server 100 signs the time with its private key (eg, UTM Zulu format world time) and The temporary flag server 00 then sends a timestamp response (in this embodiment, it includes a temporary flag, a timestamp, a certificate chain, and a CRL chain) to the host device 300 (act 425). (It should be noted that this certificate and CRL are sent from the time server 100 to authenticate it, and are different from the certificate and CRL sent to authenticate the player 301.) The host device 300 then sends a time update command along with this response. To the memory device 200 (act 430). In response to the command, the memory device 200 attempts to verify the certificate and CRL (act 435). (again, the certificate and the CRL are different from the certificate and CRL sent to authenticate the player 301.) As described in 131992.doc -21 - 200907681, the validity period of the certificate and CRL of the time server 1 is assumed. It may be preferred to check for effectiveness in comparison to the time estimate produced by the memory device 2〇〇. If the verification fails, the memory device 200 resets the volatile memory 262 and returns to the idle process (ACT 44). If the certificate and the CRL are verified (ACT 445), the memory device 2 比 compares the temporary flag in the response with the temporary flag in the volatile memory 262 (act 450). If the comparison fails, the memory device resets the volatile memory 262 and returns to the idle process (action 455). ^ If the comparison is successful, then the memory device 200 stores the new time stamp in the memory 210. Preferably, the storage is stored in a safe manner to prevent tampering. It should be noted that after the memory device 2 has generated the temporary flag 41 and is waiting for a response (ACT 460), the host device 3 can obtain another temporary flag. It is possible that a command is sent to the memory device 200 (act 465). As mentioned above, after the temporary flag is generated, the memory device 2 starts measuring time. The right reaches a certain timeout during the measured time. Upon receipt of a new temporary standard command (465) before the limit, the memory device finely ignores the new temporary command (465). However, if a new temporary flag is received after the timeout limit (465) ' The memory device will reset the volatile memory and generate a new temporary flag (act 470). Therefore, the temporary flag is only aging for a limited time 'and the timeout limit ("travel time error") is the memory device. 200 test for The time used to wait for the timestamp from the time server (10). Since the timestamp stored in the memory device 2 contains the time when the server 100 signs the data, the time indicated in the timestamp may be 131992. Doc -22* 200907681 is not the actual real-world time of the host device 3 requesting the timestamp or the actual real-world time of the timestamp, its apparent time: the degree of precision (eg, year, month, day, hour, minute, second) It depends on the delay involved in requesting and receiving responses.

The Temple &amp; Super Day period can be set to ensure that the time stamp will have the exact level of time required by the memory device 2〇0. Thus, the memory device 200 has control over the maximum acceptable delay in the two timestamp requests. Similarly, in the alternative example, the time 产生 generated by the time server 1GG may indicate some other time 'such as the estimated time of the host device 鸠 request time stamp, the time stamp will be stored in the memory device 2〇〇 The expected time or somewhere. The above agreement allows the memory device 2 to be connected to the time server 1 in an insecure connection system (eg 'Internet, WiFi network, GSM network, etc.) in the 5 memory device 200 cannot be assumed by time The connectivity system is not fully realized in the sense that the timestamp sent by the server 100 will not be tampered during transmission. Since the timestamp cannot be relied upon by the network, the above protection mechanism (or some other protection mechanism) can be used between the time server 100 and the cryptographic device 200. The encryption protocol allows the cryptogram to be falsified if the timestamp is tampered with. In other words, because the connectivity system is uneasy, the system itself cannot prevent others from changing the bits in the timestamp, however, the memory device 2 can detect tampering and reject the timestamp. In an alternate embodiment, a secure communication system is used (i.e., the data line is protected again), and since no one can tamper with the timestamp, the timestamp can simply be sent as a plaintext. 131992.doc • 23- 200907681 Returning to FIG. 4, the new timestamp is now stored in the memory device 200, and the message is sent back to the host device 300 (act 452), and the host is The device fan then sends an authentication request to the memory device 2 (action 454). Since the memory device has a time stamp, the memory device 2 will check the ACR 201 time gate. Stamp Update Strategy (TUP) (ACT 500). Since the time estimate is based on a timestamp, making the time estimate based on an outdated timestamp can result in an inaccurate f-test. Therefore, the TUP is used to determine when the memory device 200 is See above that there is a timestamp that is obsolete and needs to be updated (ie, new time 戮). As shown in Figure 3 t and as discussed in more detail below, different acr can have different tups (ie, different ACRs) There may be different time tolerance levels, and the different TUPs may be established when the ACR is generated. Ο In this embodiment, the TUP is represented by four values: (1) the number of thresholds of the power cycle, and (2) valid Time limit '(3)' extended &quot; effective time Threshold: and (4) means that there is no logical or ceramic relationship between the parameters (ie, 'whether it is only necessary if the single-parameter is unqualified, or if it needs time to update if all parameters are unqualified) yuan. The following is a detailed description of the mothers of these numbers φ 息 _ _ _ _ _. (It should be noted that other parameters besides these parameters or (iv) other parameters of these parameters may be considered.) Figure 7 is a flow chart showing more details of the check τυρ action (action 5〇〇). First, a check is made to determine whether the memory device 2/1 has been initialized to check the TUP 'for example' by viewing the group stored in the memory 210~, the bedding material (action 5G5), if the memory device 2QG has not been Initialization to check tup, the memory device 2 uses a 131992.doc -24-200907681 timestamp to generate a time estimate (act 510) from the memory device and uses the time estimate to Try to recognize the entity. If the memory device 2 has been initialized to check the TUP, the memory device 200 begins the check. First, the memory device 200 determines whether τ υ ρ includes a check on the number of power cycles of the memory device since the last time stamp (ACT 5). In this embodiment, II is checked by the above-mentioned &quot;power cycle&quot;; value to do this. If the &quot;power cycle&quot; value is zero, then the number of power cycles is not checked. If the &quot;power cycle, the heart is zero, then the value is used as a light limit to check the number of power cycles. The number of the last force cycle is the count of the number of times the memory device is activated. JL stroke + ώ , ^ The date is not from the previous time stamp. The memory device 200 is powered off. The number of times (that is, for each power-on, there must be already - power-off). The number of power uncovering loops can be experienced by (10) 26 〇 体 装置 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 200 Such as the special rDTT. A unit is added to the effective time meter &quot;, by the device resetting routine, the CPU 260 adds a unit to the CPU RAM 262 for / ten ▲ t

The power cycle counter in the L or 5 memory 210. As with the effective time count ^ °, the power cycle count g w can be periodically updated to reduce memory wear. The number of dry adjustments is based on the fact that when the memory device 2 is turned off, the actual time is indicated by at least one of the measurements (10), and the memory power cycle is passed. , 1). Because the memory device is not known, t _ 夕 v time, so the number of power cycles is not effective without speculation. The number is not too accurate. However, 'it does provide a preliminary indication of whether or not the page is forked and the memory device is used. 131992.doc -25- 200907681 Large (four) indicates how effective the measurement time may be. . ♦] and... The time estimate of the memory device's 2 power cycles since the last timestamp may be more accurate than the n 戮 memory device one-single-power cycle::in::. When T is late η ο If the TUP includes a check on the number of power cycles, then 2:° checks the power cycle of the memory device since the last-time = = to see if the number exceeds the &quot;power cycle&quot; The threshold amount set in the value == the threshold number is the time limit for each 峨 group W. For example, if the authentication is sensitive and you need to ensure that the expiration date of the certificate or CRL has not been exceeded, you can set the threshold number to one. Thus, if the memory device 200 is turned off even once (and therefore, there is at least some amount of time that cannot be accounted for by the effective time of the measurement), the TM of the parameter will fail. On the other hand, if the clock is not sensitive, the number of power cycles can be set to a higher number (or even not considered at all) to allow the TUP to pass, even if there are a certain number of power cycles (and because of The quantity / then the effective time indicates the amount of time). The check of the number of right power cycles fails, and it is determined that there is a 0R relationship between the τ υ ρ parameters (ACT 525), then the TUP check fails (ACT 53). The memory slot 200 sends a message indicating the failure to the host device, and the above program is used to obtain a new time 戮. If the check of the number of power cycles passes or the right fails and it is determined that there is no OR relationship between the TUP parameters, the process determines whether the TUP includes a check for the valid time since the last timestamp (act 535). And continue. 131992.doc -26- 200907681 Similar to the above power cycle procedure, check the effective time. However, if "3, the value between zeros" is not used as a threshold number of seconds (or some of them are not zero, then the value of the value is η 士 寺 寺) to check the effective time. Like the number of power cycles, The limit energy w β * can be set to each ACR in the effective time to reflect the desired time. The π+ 舣 is huge, and the longer the memory device 200 is effective, the measured ancient士小 m ^, the effective time will be more accurate. Prisoner's right bell is very sensitive and praises _, sensitive α and need to ensure that the certificate has not been exceeded or the expiration of (10) period can be measured Effective 眭.Λ, the threshold for the release time is set to be very low. On the contrary, the right recognition is not sensitive, then – or &gt; ^ sets the threshold of the effective time of the quantity/then to be more south (or even Do not consider). The check of the validity time failed 'and it is judged that there is 0 off between the τυρ parameters (action call, please check failure (action 55G). The memory device 2 sends a message that does not fail to obtain New timestamp. If there is a day = set 300' and the above program is valid Passing, or if it fails and determines that there is no UR relationship between the TUP parameters (act 545), then the process determines whether the TUP includes 斟&quot; from ..., including the "extended" check (Action 555) continues. As mentioned above, if the memory device 2 does not continuously measure the effective time 'the measured effective time may not be the actual measurement of the actual effective time. That is, if the memory Body device, set to *active&quot; (for example, when the memory device is idle or in a sleep mode, .^, 式, or 'memory device 200 is powered off or when the memory device is 〇0 From the time when the host device_removed - in this embodiment 'causes the hardware timer block 270 to stop generating the clock timing unit and/or causes the CPU 260 to stop reacting to the clock timing unit, no matter what 131992.doc -27· 200907681 event), the measured effective time will be less than the actual time elapsed since the measurement began. The reason is that there is nothing in the memory device to tell that time is elapsed when it is inactive. For example, , Fang said that the timestamp was received on January 1 and the memory device 200 measured two days: the effective time. (For the sake of simplicity, in this example, the time is measured in days.] However, As mentioned, any desired time list can be used: :) Therefore, the time estimate generated by the memory device 2 at this point will be &quot;, date j is two days (ie, two days will be The effective time is added to — a timestamp above the day of the month. If the memory device 200 continuously measures the effective time' then this time estimate will accurately represent the actual time (assuming the hardware timer block 270 and the CPU 260 are accurate) The ground works). However, if the memory device 200 does not continuously measure the effective time (that is, if the memory device _ is inactive at any point after it starts measuring the effective time), the time estimate will not be accurately represented. real time. A time estimate of at most will indicate that the actual time is at least - three months. The actual time may be January 4th or some later time (June 29th, November 2nd, December 5th, 2nd year, etc.). Therefore, the check of the effective time in action 540 may not give an accurate result. In order to solve this problem, the TUP may include a check on the "extended" effective time (acts 555 and 560). The "extended" effective time is adjusted based on the accuracy of the valid time of the previous measurement of the decision. The result of the effective time. Therefore, if the memory device 200 measures the effective time of three days and knows that the measurement effective time is above or above the time, it is generated as a value of 50% of the actual time, and the memory The body device can be adjusted by a factor of two (or, for example, 13I992.doc •28·200907681 measured three days effective time and six days (because the measured time is 50% of the actual time). About &quot "Extension" is stated in US Patent Application No. 11/811,284.

Roving Ac acy of a Time Esti_ " &amp; Me, evice and U.S. Patent Application Serial No. 11/8,1,347" Memory Device with Cireuitry f〇r Impr〇ving Eight (10) is called 〇f &amp;

The two applications are the same as in the present application, and are hereby incorporated by reference. ί Γ ί... Instead of using the &quot;extended&quot; effective time, you can use the &quot;extended&quot; downtime. The downtime is the amount of time that the memory device 2 is inactive between time 。. The way to measure the length of time in which the memory device 200 is inactive is 'therefore, the downtime is the number of calculations; specifically, the actual time and the effective time between the timestamps when the device is stopped ^, the extended &quot;downtime is based on the determination The downtime calculation of the adjusted effective time of the previous measurement (or the downtime based on the measured effective time). The following is a list of other examples of downtime changes that can be considered. In this list, &quot ;DownTime&quot; refers to &quot;extended&quot; downtime (e.g., the average of downtime between previously known timestamps). Total downtime estimate (teD〇WnTime): (timestampi_timestampi' where the index i is from the second timestamp configured in the memory device 200 to the last timestamp. For the current timestamp since the specific timestamp - ( :D〇Wntime). This can be calculated relative to the number of power cycles %(pc) updated since the last timestamp (cD〇wntime=自 since the last time* 131992.doc •29· 200907681 (teDownTime/ PC)) or relative to the effective time since the last timestamp update (cDowntime=ActiveTime* (teDownTime/ActiveTime) since the last timestamp). If the DownTime parameter is configured to not be used, then... Then the mail value is set to 0. If the DownTime parameter is configured to be used, D〇wnTime is set to 1. The suffix device 200 will use the DownTime feature to estimate when a timestamp update is needed: serviceTime (for example, the validity of the certificate or the validity of the CRL) - time estimate is required when the time estimate &lt;D〇wnTime. Returning to Figure 7, if the &quot;extended&quot; validity time check fails (action 560 ), then TUP check The action is lost (act 565), and the memory device 2 sends a message to the host device 300. The program is then used to obtain a new timestamp. If the &quot;extended&quot; effective time check passes (or if the memory The device 200 is uninitialized to check tup), and the memory device 2 sends a TUP back to the host device 3 via the "messages 510, 570 (see Figure 4). The host device 300 then passes the certificate of the entity and The CRL is sent to the memory device 200, and the a memory device attempts to recognize the entity (action μ). Specifically, the memory device 200 generates a time based on the last received time stamp and the measured effective time. Time estimation to verify the certificate (act 585) and verify the CRL (act 590). If the expiration of the certificate and the CRL is estimated after the time of generation, the memory device 2 sends a κ message back to the host Apparatus 300, and if present, may perform other steps in the authentication method. If the entity is authenticated, ACR 20 1 grants the entity right to the object (here, played by 131992.doc -30-200907681) 301 and DRM module 207 A secure channel is established. Otherwise, if the certificate and/or the CRL is true, the memory device 2 can send a message stating that the authentication attempt has failed to the host device 300. As described above, the host device 300 can Start a timestamp update again. As mentioned above, the time estimate for the authentication attempt is generated by adding the measured effective time to the previous time stamp. Since the effective time of the measurement may be inaccurate, the "time extension" technique discussed above can be used to improve the accuracy of the time estimate. However, the extended "effective time" may actually be larger than the actual time. In the case of checking tup, this &quot;excessive extension&quot;, the effective time will result in a new timestamp. However, the validity of the over-extension in the case of verifying the certificate or crl prevents the other appropriate entity from being authenticated. Therefore, when generating a time estimate for authentication, it may be necessary to not use &quot;time extension." In summary, by the above method, the memory device 2 receives a request to authenticate an entity, and before attempting to authenticate the entity, the memory device 2 determines that it is &gt; whether a new time stamp is required. If a new timestamp is needed, the memory device #200 obtains the new timestamp and then attempts to generate a time estimate based on the new timestamp and estimates the time with the certificate and/or (: 111^ validity period Compare to identify the entity. If a new time m is not required, the memory device attempts to authenticate the entity by generating a time estimate based on the up-timestamp and comparing the time estimate to the certificate and/or CRL validity period It should be noted that in this embodiment, Tup is checked 'and if necessary, a new timestamp is obtained before the entity is authenticated. In other words, checking τυρ and obtaining a new timestamp does not require a new check or τυρ Identify the 131992.doc 200907681 entity before the timestamp. This is in contrast to a system that uses a single server to provide timestamps and drm authorization. This server will need to provide a timestamp (or other information) to the memory device before it is remembered. Body device identification. This presents the "Catch 22" situation - in order to recognize the server, it takes a new time, but only after the server has been authenticated to obtain a new time In order to avoid this It shape, some prior art systems do not use time at all during the identification process. Although they avoid the above "22nd military regulations," the situation, but ignoring the time can lead to identification. The entity to be authenticated (eg, because its certificate and/or CRL has expired;). The memory device 200 is playing by separating the time server 100 from the entity attempting to authenticate the memory device 2 A time channel between the device 3G1 and the memory device, and 204 creates a "free channel" that allows the player to pass a timestamp update from the time feeder U) 0 (see Figure 3). To generate a time estimate, the entity's credentials can be confirmed for verification in contrast to the time estimate. "Free channel" refers to a communication pipeline established without first authenticating the entity. Instead, &quot; "Safe channel" means a pipeline that is established only after the entity has been identified. Should, the idea 'although the player 3G1 does not need to be queried for use as a pipe to supply the memory device 200 with a timestamp from the time server 1 'but preferably' the authentication time server 1〇 〇 to ensure that the timestamp comes from a trusted source. This is illustrated in act 435 of Figures 4 and 6, in which the certificate and CRL of the time server (10) are verified prior to accepting its time stamp. However, in order to avoid the above-mentioned 22nd military regulations, it is preferable to assume that the validity period of the time-feeding device and the 131992.doc-32-200907681 CRL is valid, and Therefore, the valid period is not verified against the time estimate produced. When an entity is authenticated to the memory device 200, it can perform various actions clarified in the ACR's admission control record (PCR). For example, Referring again to FIG. 3, the player 3.1 can communicate with the DRM module 2〇7 via a secure channel in an attempt to access protected content 2〇5 in the memory device 200. (As another example, for storing applications The ACR of the program 302 allows the application 3〇2 to store the protected content 205 in the memory device 2〇〇.) Even if the player 1 301 has been authenticated, since the content is protected, the DRM module 2〇7 will still The DRM authorization 206 attempting to use the protected content 2〇5 prior to unlocking the protected content is valid (eg, by determining if the authorization is still valid or has expired). In order to proceed with this 'DRM module 207 will request From memory device The time estimate of the time module 204 in 200. (Time module 2〇4 refers to the storage and generation to generate the time estimate (eg, timestamp, effective time, number of power cycles, &quot;extension&quot;&quot The above-mentioned software and/or hardware of various components of the factor &quot;etc.) The DRM module 207 compares the generated time estimate with the expiration period and/or validity period in the authorization J 206 to determine whether the authorization is authorized effective. The DRM module 207 can perform additional checks to validate the authorization, such as, but not limited to, determining whether the protected content 205 has been played a greater number of times than a specified number of times. As mentioned above, the more recent the timestamp, the more accurate the time estimate will be. In the above embodiment, the TUP in the ACR determines whether a time stamp update is required. Therefore, the TUP effectively determines how accurate the time estimate will be for the DRM authorization to be valid. In determining the parameters of the TUP, 131992.doc -33- 200907681 requires the need for the service provider (which provides services with expiration considerations) and the end user (when it needs to connect its host device to a network) A balance is made between the need to make a new timestamp, which may make it inconvenient. If the time tolerance is too loose, the service provider can relax the income. On the other hand, if the time tolerance is too strict, if you frequently connect to the network to get the time needed о update is too annoying, the end user may decide to give up the service. When the memory device 200 has a single acr with a single τυρ (or multiple ACRs share the same - TUP), the single &quot;integrated (__))all)&quot; TUP may not be achieved for all service providers The right balance. Thus, in this implementation, the memory device 2 has a plurality of acr 201 ' ACRs 202, each having a different TUP (TUP!, D2) that can be configured by its associated service provider. As discussed above, via different ACRs, the memory device 2 can be configured to be authenticated using different authentication schemes (symmetric f, asymmetry, etc.). The use of different eight (3) also allows for configurable time tolerance. That is, by using the TUP in the acr, the service provider can inform the parameter by specifying when the memory device is available (eg, effective time, number of power cycles, &quot;extended&quot; effective time/ In the case of downtime, the latter is considered to be outdated and should trigger the inter-chapter update to define its own time tolerance. By enabling the service provider to configure its time tolerance based on its specific needs and its relationship with the end user, rather than relying on the _single &quot;one-piece application&quot; TUP. For example, δ, some service providers issue certificates for very short periods of time (Ή十刀如). By forcing the end user to get a new certificate whenever he wants to use the service on memory 131992.doc -34- 200907681 body device 200, the service provider can closely monitor the behavior of the end leader by riding each end. Μ Fees for requesting a certificate. Therefore, for this business model, service providers need strict tolerance for f currencyization. As another example, if the service provider has a highly mobile end-user basis, then (iv) the provider; it may be desirable to revoke the certificate frequently as an integral part of its business model. In this case, the service provider will also need strict time tolerance to ensure that the latest CRL is being used for authentication. On the other hand, if the service provider is providing a monthly subscription service where the user will periodically connect to the service provider's website to get new content and receive forced timestamp updates, then the service provider will not need to be as strict Time tolerance because end users will likely connect to the network to get new content. Instead of using a configurable iTup on the ACR or using a configurable TUP on the ACR, the configurable τυρ can be placed on the read permission of the individual piece of content. In this way, instead of treating the authenticated entities of all content slices equally, the entity can be forced to obtain a new timestamp for a certain content while using an existing timestamp for other content. (Unlike the TUP on the ACR checked only during the authentication period, the authorized TUP can be checked whenever the DRM module 2〇7 is trying to make the authorization valid.) For example, consider where the user will take the two-hour movie together Indicates that the movie can only be downloaded to its memory device within 24 hours. Although the service provider may not want the user to watch the movie after the 24-hour period, it may not want to make it conventional. Users connect to the network to get a new timestamp to make it inconvenient for regular users. Therefore, the service provider 131992.doc 35· 200907681 = can decide to set -TUP on the authorization, if the effective time is greater than four hours (the amount of time required to watch the two-hour movie twice), then the τυρ requires a new timestamp. If the DRM module 207 attempts to make the authorization valid, the effective time is greater than four hours, then the user will not be able to watch the movie - not necessarily because the authorization expires, but because a new time stamp is needed. (Instead of or in addition to the effective time, the number of power cycles can be used in the TUP. For example, based on the average usage mode, ten or more power cycles may refer to

No memory devices were used for more than 24 hours. If the time estimate generated by the new time 指示 indicates that the authorization is valid, the DRM module 2〇7 will allow the movie to be played again. By allowing tup to be configured for each grant, τυρ can be customized to fit within the valley. Therefore, if the movie expires after the 24 hours, the film expires at the end of the week, then the time tolerance for the authorization can be set differently. For example, if the service provider estimates that the memory device is used for 1 hour per day, the service provider can set the τυρ in the authorization to be valid for 7 hours (ie, 10 hours per day by 7). Time update is triggered after days). As a further example, if it is not a two-hour movie, the content is three minutes and only one pay-per-view video should be viewed. τυρ can be designed such that a new time stamp will be required after three minutes of validity. In the 4th TUP, the business model of the service provider can also be considered. For example, r, current, monthly subscription service is a popular business for distributing protected music rights. In the music reservation service towel, the user &quot; from the service provider's website freely downloads the music he wants, and is allowed to play his music any number of times in a month. After the month, the user will need to ^l^.doc • 36 - 200907681 to update their reservation to update the authorization; otherwise, the authorization will expire and the user will no longer be able to play the memory stored on their memory. music. Users who frequently visit the service provider's website to get more songs will receive a new: Time 戮 (when they are connected to the website), so their memory devices will be able to provide a more accurate time estimate. However, downloading a relatively large amount of music may not reconnect to the service provider's website until the monthly license expires. When the viewer finally reconnects to compose more music, the service provider can slap the user to the time when the user is allowed to play music outside the authorized period (4). Because of this, as a business (10) type, a monthly subscription service provider may want a very different time tolerance from the service provider who pays the paid content. In the case of the paid content, the user may not return to It receives a website that pays for paid content. In this case, since the user may come back to get more music in the monthly subscription service than in the paid service, the service provider may not want strict time tolerance because this may require the user to obtain new The time stamp (even if it would eventually return to the station) would make the Xiao Feier feel annoyed. With less stringent time tolerances, consumers who never return to the service provider's website in the month will be able to play music for a longer period of time than the one-month license period (for example, at -month effective time instead of - The actual time of the month). In summary, however, the service provider may determine that this unapproved use is an acceptable sacrifice in order to avoid inconvenience and confusion for the returning consumer. As another example, consider a business model in which a service provider wants to provide pomt adverting to a mobile phone when the user is using his mobile phone to play audio or video content from the memory device. If the 131992.doc -37- 200907681 point advertisement contains an advertisement for a store near the location of the mobile phone while the content is being played, the host device needs to be connected to the network while the content is being played; otherwise, the location-specific Click on the ad. To ensure this, the TUP of the content can be set to a very low amount (for example, one minute effective time) to ensure that the user will connect to the network to get a new timestamp. Once the user is connected to the network, the network will know the location of the mobile phone and will be able to push the appropriate advertising content to the mobile phone. On the other hand, if the service provider only makes money by knowing the number of times the content is played, the time margin f) can be loosely increased. As demonstrated by the above example, by using a configurable TUP on the authorization profile, the service provider at a particular time can make any balance as it deems appropriate with respect to the time update so that it is not required to connect its host device to its consumer. Timestamp updates to the network to make consumers messy. It should be noted that since the simon memory device in this embodiment has a plurality of multi-purpose, multi-application memory devices, one of the services on the memory device can be on a certain (four), at the same time, the memory device. Other services are still enabled: that is, a player (even if authenticated) may be able to play a certain valley on the memory device, but may be prevented from playing other content on the memory device, unless due to different content A new timestamp is obtained by authorizing the associated different TUPs. As explained above, in these embodiments, the memory device includes two components that are divided into T. - a central security system and - or a plurality of applications separate from the central security system. (Because the application is separate from the central security system, the application is sometimes referred to herein as "extension," or "internal extension." 131992.doc •38- 200907681 In the embodiment of Figure 3 The application takes the form of the dr job group 207. However, other applications can be used, such as providing, for example, e-commerce, banking, credit card, electronic money, biometrics, access control, personal data or secure email functionality. application. It should also be noted that although although only a single application is shown in the memory device 2 of FIG. 3, the memory device may have several applications (for example, a DRM module and an e-commerce module). ). By using ACR, the central security system recognizes an entity that attempts to access a protected piece of information stored in the memory device via an application (e.g., a DRM agent) internal to the memory device. Once the entity authenticates the memory device, a secure session is opened between the entity and the application designated by the ACR to authenticate the entity. The entity then sends the command/request to the associated application to access the protected material. In this way, the central security system acts as the primary monitor of the memory device. As described in more detail in the above-referenced 1 1/557,028 patent application, the central security system can also isolate various applications executing on the memory device 2, such that the application cannot access and Information associated with different applications. Although the center, the S system provides an access control machine (4), and protects the data stored in the memory device, so that the data is only accessed by an appropriately approved entity, the central security system itself may not be able to understand and handle it. Specific information being protected. An application that is capable of understanding and processing protected data is being executed on a memory device. For example, if the protected material is DRM authorized, then the DRM agent (non-central security system) will be able to make the authorization valid. Therefore, the central security system can be considered as a configurable toolbox that is not related to the program of 131992.doc •39- 200907681. In operation, the service provider places an application on the memory device and defines an ACR that associates a particular entity with the application. From the point of view of the central security system, it does not know what the application does (for example, whether the application provides DRM authorization, or provides e-commerce functionality, etc.), but does know that it only allows for specific ACR The entity is identified as communicating with the application defined in the ACR. Once an entity has been authenticated by the central security system, the central security system opens a secure channel between the entity and the application.

In some cases, both the central security system and the application require knowledge. For example, a central security system may need to know the time for time-based authentication (eg, asymmetry authentication), and the application may need to know the time for time-based operations (eg, drm authorization is valid) As mentioned above, the suffix device has a central time module that provides time to both the central security system and the application executing on the memory device. For example, referring to Fig. 3, time module 2〇4 can provide time to asymmetric mCR 2〇1, ACR 2() 2 to authenticate various entities, and to DRM module 207 to verify authorization validity. As will be described below and in conjunction with FIG. 8 'in some cases, the time from the t-module of the memory device or in place of the time module 2 from the memory device' on the memory device The program can optionally use a memory device 600 that does not communicate with the host device 700. The host set 700 contains a real-life 720-seat body (here, player 710) and has a mechanism for providing time (e.g., 'battery backup clock'). In this example memory 131992.doc 200907681 body device 600 has a symmetry ACR 6 丨〇 (although asymmetry ACR can be used), a time module 62 〇, a drm module 630, protected content 640 and one Authorization for protected content 640 65〇. (In Figure 8, the application in the memory device is the DRM module 63. It should be noted that other types of applications can be used, and more than one application can be executed in the memory device.) When the player 71〇 When the symmetry Acr 610 is used to authenticate the memory device 600, a secure channel 660 is established between the player 710 and the DRM module 630 based on the parameter 'established in the symmetry acr 610'. Since the service provider defines the symmetry acr 61 to associate the DRM module 630 with the player 710, the DRM module 63 and the player 71 are not unfamiliar with each other. Therefore, since the DRM module 630 and the player 710 are members of the same group, there is a certain degree of trust between the DRM module 630 and the player 710. Based on this trust, the DRM module 63 can be programmed to accept the host time 720 from the player 71 as a time source to perform DRM authorization. Thus, the DRM module 63 has two independent time sources that can be used to perform DRM authorization: host time 72 〇 and time from the central time module 62 of the memory device. There are advantages and disadvantages associated with each of these time sources. Since the time module 620 of the memory device does not continuously track the time, the time from the time module 62 may not be as accurate as the host time 720, and the host time 72 may be provided by the battery backup continuous clock. On the other hand, due to all of the security precautions discussed above, the time from the time module 62 can be safer than the host time 72, especially if the user of the host device 700 can change the host time using a simple user interface. in the case of. 131992.doc 41 200907681 An application (such as face module 630) executing on memory device 600 can be programmed to be used in any manner required to generate a time estimate for a time-based operation of an application. These two different time sources. (By preferably, the application cannot update the time module 620 using the host time 720.) For example, the application can be programmed to always use the host time 720 instead of the time module 62, or The time from the time module 620 is always used instead of the host time MO. As another example, the application can be programmed to use the lazy (or preemptor) in the time of the host time 72 and the time module. The application can also be programmed to use two time measurements in a certain manner (e.g., using host time 720 and the average of time from the time module _). As a further example, the application can be based on when the host device is: ^(d) which time source is used. The application can learn the type of host device via the authentication process (e.g., if asymmetric authentication is used, the application is notified of the identity associated with the host device). This information can be important because some host devices are safe. For example, if the host device is a PC, it can be easily accessed via a simple application on a software application. (In addition to not relying on the time from the relatively insignificant interface to lose time, for example, ':::: the host device of the host device, the authorization value or the term or change the authorization m is based on the content of the secret The host device of the sinus (four) + text change is executed outside the device and arrives at the master (10) (rather than the encryption key and = to the host device). However, if the host is a closed system (such as = 131992. Doc •42· 200907681), it may be much more difficult to manipulate the clock of the host. Therefore, when the spring host device 700 is a Μρ3 player, the application executed on the host 7 is installed on the computer. When the host device 700 is a PC, the host time is 72 更.一 In one embodiment, when the player 71G will (4) the brain of the song, it pushes the host time 72G to the DRM module 630. The DRM pull group 63G then decides whether to use the host time (four) or the time from the time module _, as described above. Preferably, the host time 72 will only be used for a particular login session (which will be a relatively short interval), rather than for an absolute current time measurement of a later session. Alternatively, the host time MO can be stored for future use by the application, where the &quot;time extension&quot; and other mechanisms discussed above (as appropriate) are used to improve the accuracy of the time. Bran, preferably 'host time Only for the specific time-based operations of the application and not for updating the time in the time module 620 (since the application is &quot;extended&quot; and not part of the same trust group as the central security system). Preferably, as described above, only the time in the time module 62 is updated using a trusted time server which is part of the same trust group as the central security system. It should also be noted that when several applications are executing on the memory device 6, each application may have two time sources: the time from the time module 620 and the host device from the entity operating the communication with the application. Time. Preferably, however, the host time associated with an application is only used with the application and not with other applications associated with different host devices. As discussed above, the application (e.g., 'DRM module 630) can be programmed to host the host time 72〇 from the time 131992.doc • 43- 200907681

The time between the modules 620 is compared, and when two time-firsts are used, the time is earlier than the time from the time module (4), because the host 7〇0 cannot be connected to its time feeder for a long enough time. Causes the time to skew in the host time of 72 ,, or because the host clock is invaded. As discussed above, the host time can be stored for future use by the application. In combination with this, the host time MO can be stored and used later (either alone or with the time from the time module 620) at a time compared to the time received from a different host device. Based on the comparison, the memory device can decide whether to perform the time-based operation using the time from the current host device or the time from the storage of the previous host device. For example, a memory device can be programmed to use a preemptive of two times in a time-based operation for &quot;not earlier than&quot; operation, and Behind the "operational situation, adopt the laggard of the two times. In this way, time stamps received from other trusted host devices can be used as a reference for a single multi-master anti-recalculation mechanism (as opposed to a single time server). As discussed above, a time-independent authentication system, such as symmetry authentication, can be used to authenticate the host device. This allows the application's time-based operations (for example, DMR operations) to be independent of the authentication time server. That is, since only the time from the host device or the DRM server is used, the time-based operation of the application does not depend on the time from the time module of the time server or the memory device. Therefore, for any reason, if there is a problem with the authentication time server or if the time-based application chooses not to use the time based on the authentication time server, then the time-based 131992.doc -44 - 200907681 application ^ still (4) The host time to perform its operations. Any other embodiment of the above embodiments that can be used in conjunction with the above embodiments can be described in the patent application incorporated by reference. In addition, while these embodiments are currently implemented in SanDisk Corporation's Trusted FlashTM memory device, it is to be understood that it is understood that such embodiments can be used in any type of memory device. . With the photo, the gentry every &amp;,, U-like this specific example can be used to encounter inaccuracies

Clocks and non-memory devices that need to know or use time-like problems. Μ 'The above description - some or all of the actions can be performed on the - host device (or some other device) JL instead of only executable The above detailed description of the present invention is to be understood as a description of the selected form of the invention, and should not be construed as a limitation of the invention. It is to be understood that the following claims are intended to be It should be noted that the actions stated in the scope of the claims can be performed in the order of __ _ not necessarily in the order in which they are stated. Finally, it should be noted that any of the preferred embodiments of the preferred embodiments described herein can be used alone or in combination with one another. BRIEF DESCRIPTION OF THE DRAWINGS Fig. 1 is an illustration of a system of an embodiment. 2 is a block diagram of a memory device of an embodiment. 3 is an illustration of various functional modules in the memory device of FIG. 2. FIG. 4 is an agreement diagram of an asymmetry authentication process of an embodiment. Figure 5 is a system diagram of an embodiment for obtaining a timestamp. 131992.doc • 45- 200907681 Figure 6 is a flow chart of a method for obtaining an embodiment of time 。. 7 is a flow diagram of a method for examining an embodiment of a timestamp update policy. Figure 8 is an illustration of a memory device for use with host time for an embodiment of an application executing in a memory device.

[Description of main component symbols] 10 System 20 Memory device 30 Memory device 40 Memory device 50 Personal computer 60 Digital media player 70 Mobile phone 80 Internet 90 Wireless network 100 Time server 102 Server 104 Server 106 Server 110 Digital Rights Management Server 200 Memory Device 201 First Asymmetric ACR 202 Second Asymmetric ACR 203 Symmetry ACR 131992.doc -46- 200907681 204 Time Module 205 Protected Content 206 DRM Authorization 207 DRM Module 210 Memory Array/Memory 220 Circuit Set 230 Host Interface Module (HIM) 240 Flash Interface Module (FIM) 250 Buffer Management Unit (BMU) 252 Password Engine 254 Host Direct Memory Access (DMA) Component 256 Flash DMA Component 260 CPU 262 CPU RAM / Volatile Memory 270 Hardware Timer Block 300 Host Device 301 Player / Entity 302 Storage Application / Entity 303 Application / Entity 305 Memory Device - Host Device Communication Channel 315 host device one time server communication channel 325 inter-server communication channel 510 &quot;TUP via "message 570 &quot;TUP pass" message 131992.doc -47- 200907681 600 memory device 610 symmetry ACR 620 time module 630 DRM module 640 protected content 650 authorization 660 secure channel 700 host device 710 Player 720 Host Time TUP Time Stamp Update Policy TUP1 First Time Update Policy TUP2 Second Time Update Strategy 1., 131992.doc 48-

Claims (1)

200907681 X. Patent Application Range: 1. A method for validating a digital rights management (DRM) authorization, the method comprising: ~ by means of a memory device: receiving a digital image stored on the memory device Rights Management (DRM) authorizes a valid request, wherein the DRM authorization is associated with a timestamp update policy (τυρ) specifying the time at which a new timestamp is required; 基于 based on the DRM before attempting to validate the DRM authorization Authorizing the associated TUP to determine if a new timestamp is needed; and if a new timestamp is needed, receiving the new timestamp, and then attempting to use the time estimate based on the new timestamp to validate the 011 River Authorization. 2. The method of claim 1, further comprising: by the memory device: the right is not required to be new, and the S-type graph is based on receiving a previous timestamp from the memory buzzer A time estimate is made to validate the DRM authorization. 3. The method of claim 1, wherein the TUP comprises one or more of the following parameters: a number of power cycles of the memory device since a last timestamp received by the memory device, since The effective time of the memory burst caused by the up-time and the effective time of the extension of the memory device from the up-time. 4. The method of claim 1, further comprising: 131992.doc 200907681 by the memory device: - receiving a request for a second drm authorization stored on the memory device to be valid, wherein the second The DRM authorization is associated with a second TUP different from the first mentioned TUP, which requires a new timestamp when specifying =; based on the second determination before attempting to validate the second DRM authorization Whether a new timestamp is needed; and if a new timestamp is needed, the new timestamp is received, and then an attempt is made to use the time estimate based on the new timestamp to validate the second authorization. 5. The method of claim 1 wherein the new timestamp is generated by a time server. 6. The method of claim 1, wherein the new timestamp is generated by a host device coupled to the memory device. 7. The method of claim 1, wherein the memory device stores a digital rights management (DRM) key and an authorization to unlock protected content stored on the memory device. 8. The method of claim 1, further comprising: by the memory device 'before receiving the request for the DRM authorization to be valid: receiving a request to authenticate an entity; before attempting to authenticate the entity Determining whether a new timestamp is needed based on a TUP associated with the entity, wherein the TUP associated with the entity is different from the TUP authorized by the DRM; and 131992.doc 200907681 receives a new time 戮' The new timestamp, and then the test, uses the time estimate to identify the entity based on the new timestamp. 9. A memory device comprising: a memory array; and circuitry in communication with the memory array and operative to: 'receive a plurality of digital rights management (DRM) for storage on the memory device One of the authorizations is a valid request, wherein each-DRM authorization is associated with a different timestamp update policy (tup) specifying when a new timestamp is required; attempting to validate the one of the plurality of DRM authorizations Pre-determining whether a new timestamp is needed based on -τυρ associated with the one of the plurality of DRM grants; and receiving a new timestamp if a new timestamp is needed, and then attempting to base the new timestamp A one-time estimate is used to validate the one of the plurality of DRM licenses. The memory device of claim 9, wherein the circuit is further operative to: &quot; if the new timestamp is not needed, attempting to use a time estimate based on receiving one of the timestamps by the memory device To make the one of the plurality of DRM licenses valid. 11. The memory device of claim 9, wherein the τ υ ρ includes one of the following parameters: one of the power cycles of the hidden body since the last time stamp received by the memory device The number, the effective time of the δ-remember device since the last timestamp, and the effective time of the extension of the memory of the memory from the last timestamp. 131992.doc 200907681 12. The memory device of claim 9, wherein the new timestamp is generated by a time server. 13. The memory device of claim 9, wherein the new timestamp is interfered with by the memory The connected host device generates 14. The memory device of claim 9, wherein the memory device stores a digital rights management (DRM) key and authorization for unlocking the protected content stored on the memory device. 15. The memory device of claim 9, wherein the circuit is further operative to receive a request to authenticate an entity before receiving the request to validate the one of the plurality of DRM grants; Attempting to Before the entity, based on a τυρ associated with the entity, a new timestamp is required, wherein the TUP associated with the entity is different from the τυρ associated with the plurality of DRM grants; and if needed A new timestamp receives the new timestamp and then attempts to identify the entity using a time estimate based on the new timestamp. 13I992.doc