[go: up one dir, main page]

WO2008013655A3 - Content control system and method using certificate revocation lists - Google Patents

Content control system and method using certificate revocation lists Download PDF

Info

Publication number
WO2008013655A3
WO2008013655A3 PCT/US2007/015301 US2007015301W WO2008013655A3 WO 2008013655 A3 WO2008013655 A3 WO 2008013655A3 US 2007015301 W US2007015301 W US 2007015301W WO 2008013655 A3 WO2008013655 A3 WO 2008013655A3
Authority
WO
WIPO (PCT)
Prior art keywords
certificate revocation
revocation lists
memory device
certificate
control system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/US2007/015301
Other languages
French (fr)
Other versions
WO2008013655A2 (en
Inventor
Michael Holtzman
Ron Barzilai
Rotem Sela
Fabrice Jogand-Coulomb
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SanDisk Corp
Original Assignee
SanDisk Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US11/557,026 external-priority patent/US20080010452A1/en
Priority claimed from US11/557,006 external-priority patent/US8245031B2/en
Application filed by SanDisk Corp filed Critical SanDisk Corp
Priority to JP2009518323A priority Critical patent/JP5178716B2/en
Priority to EP07835952A priority patent/EP2038802A2/en
Publication of WO2008013655A2 publication Critical patent/WO2008013655A2/en
Publication of WO2008013655A3 publication Critical patent/WO2008013655A3/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/603Digital right managament [DRM]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)

Abstract

Host devices present both the host certificate and the pertinent certificate revocation lists to the memory device for authentication so that the memory device need not obtain the list on its own. Processing of the certificate revocation list and searching for the certificate identification may be performed concurrently by the memory device. The certificate revocation lists for authenticating host devices to memory devices may be stored in an unsecured area of the memory device for convenience of users.
PCT/US2007/015301 2006-07-07 2007-06-28 Content control system and method using certificate revocation lists Ceased WO2008013655A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2009518323A JP5178716B2 (en) 2006-07-07 2007-06-28 Content management system and method using certificate revocation list
EP07835952A EP2038802A2 (en) 2006-07-07 2007-06-28 Content control system and method using certificate revocation lists

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US81950706P 2006-07-07 2006-07-07
US60/819,507 2006-07-07
US11/557,026 2006-11-06
US11/557,026 US20080010452A1 (en) 2006-07-07 2006-11-06 Content Control System Using Certificate Revocation Lists
US11/557,006 US8245031B2 (en) 2006-07-07 2006-11-06 Content control method using certificate revocation lists
US11/557,006 2006-11-06

Publications (2)

Publication Number Publication Date
WO2008013655A2 WO2008013655A2 (en) 2008-01-31
WO2008013655A3 true WO2008013655A3 (en) 2008-03-20

Family

ID=38819675

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/015301 Ceased WO2008013655A2 (en) 2006-07-07 2007-06-28 Content control system and method using certificate revocation lists

Country Status (5)

Country Link
EP (1) EP2038802A2 (en)
JP (1) JP5178716B2 (en)
KR (1) KR20090028806A (en)
TW (1) TW200823715A (en)
WO (1) WO2008013655A2 (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7748031B2 (en) 2005-07-08 2010-06-29 Sandisk Corporation Mass storage device with automated credentials loading
JP5604929B2 (en) * 2010-03-29 2014-10-15 ソニー株式会社 Memory device and memory system
WO2015087465A1 (en) * 2013-12-09 2015-06-18 パナソニックIpマネジメント株式会社 Authentication method and authentication system
KR102485830B1 (en) * 2015-02-13 2023-01-09 삼성전자주식회사 Processing for secure information
KR102639075B1 (en) 2016-11-30 2024-02-22 현대자동차주식회사 Diagnostics device for vehicle and method of managing certificate thereof
JP6480528B2 (en) * 2017-08-10 2019-03-13 アイビーシー株式会社 Electronic certification system
TWI668633B (en) * 2018-07-06 2019-08-11 英研智能移動股份有限公司 Method of authorization for computer tasks and server system with funtion of authorization for computer tasks
US12086898B2 (en) * 2019-07-12 2024-09-10 Microsoft Technology Licensing, Llc Media provenance certification via fragile watermarking
US20250175460A1 (en) * 2023-11-24 2025-05-29 Amazon Technologies, Inc. Mechanism for enforcing access control at scale to an internet service using transport layer security (tls)
US20250306775A1 (en) * 2024-03-27 2025-10-02 Rockwell Collins, Inc. Methods and device for multi-level portable secure data storage

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5949877A (en) * 1997-01-30 1999-09-07 Intel Corporation Content protection for transmission systems
EP1117206A2 (en) * 2000-01-14 2001-07-18 Hewlett-Packard Company Public key infrastructure
WO2002063847A2 (en) * 2001-02-06 2002-08-15 Certicom Corp. Mobile certificate distribution in a public key infrastructure
EP1594250A1 (en) * 2004-05-03 2005-11-09 Thomson Licensing Distributed management of a certificate revocation list
WO2006069194A2 (en) * 2004-12-21 2006-06-29 Sandisk Corporation Memory system with versatile content control

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004266652A (en) * 2003-03-03 2004-09-24 Nippon Telegr & Teleph Corp <Ntt> Electronic certificate revocation information creation device, method, program, and recording medium, electronic certificate revocation information creation system, and electronic certificate revocation verification device, method, program, and recording medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5949877A (en) * 1997-01-30 1999-09-07 Intel Corporation Content protection for transmission systems
EP1117206A2 (en) * 2000-01-14 2001-07-18 Hewlett-Packard Company Public key infrastructure
WO2002063847A2 (en) * 2001-02-06 2002-08-15 Certicom Corp. Mobile certificate distribution in a public key infrastructure
EP1594250A1 (en) * 2004-05-03 2005-11-09 Thomson Licensing Distributed management of a certificate revocation list
WO2006069194A2 (en) * 2004-12-21 2006-06-29 Sandisk Corporation Memory system with versatile content control

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
KIKUCHI H ET AL: "Performance evaluation of public-key certificate revocation system with balanced hash tree", PARALLEL PROCESSING, 1999. PROCEEDINGS. 1999 INTERNATIONAL WORKSHOPS ON AIZU-WAKAMATSU, JAPAN 21-24 SEPT. 1999, LOS ALAMITOS, CA, USA,IEEE, US, 21 September 1999 (1999-09-21), pages 204 - 209, XP010356033, ISBN: 0-7695-0353-5 *

Also Published As

Publication number Publication date
JP5178716B2 (en) 2013-04-10
WO2008013655A2 (en) 2008-01-31
JP2009543207A (en) 2009-12-03
TW200823715A (en) 2008-06-01
EP2038802A2 (en) 2009-03-25
KR20090028806A (en) 2009-03-19

Similar Documents

Publication Publication Date Title
WO2008013655A3 (en) Content control system and method using certificate revocation lists
WO2010093636A3 (en) Devices, systems and methods for secure verification of user identity
WO2007149775A3 (en) Consumer authentication system and method
MX2013001603A (en) Role-based content rendering.
WO2009031056A3 (en) Providing services to a guest device in a personal network
WO2007120799A3 (en) Dynamic binding of access and usage rights to computer-based resources
EP1691523B8 (en) System and method for user access control to content in a network
WO2008042871A3 (en) Methods and apparatus for securely signing on to a website via a security website
WO2011002622A3 (en) Secure meter access from a mobile reader
WO2010011919A3 (en) Http authentication and authorization management
WO2008060820A3 (en) System and method for authenticating remote server access
EP2444933A4 (en) Biometric authentication device, biometric authentication method and computer program for biometric authentication
EP2086162A4 (en) System, device, method and program for authenticating communication partner by means of electronic certificate including personal information
MX2015009491A (en) User authentication method and apparatus based on audio and video data.
EP4425836A3 (en) Production console authorization permissions
WO2008070330A3 (en) Apparatus and methods for authenticating voice and data devices on the same port
CA2818955A1 (en) Method for authorizing access to protected content
EP2336962A3 (en) Information processing apparatus, program, storage medium and information processing system
EP1847941A3 (en) Method and system afor resetting passwords
IN2012DN02618A (en)
WO2012015615A3 (en) Device, system, and method forlocation-based payment authorization
WO2009158086A3 (en) Techniques for ensuring authentication and integrity of communications
WO2008095011A3 (en) Methods and systems for authentication of a user
WO2011035287A3 (en) Multi-identity access control tunnel relay object
MY172709A (en) Method and system for abstracted and randomized one-time use passwords for transactional authentication

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200780025785.6

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07835952

Country of ref document: EP

Kind code of ref document: A2

WWE Wipo information: entry into national phase

Ref document number: 2009518323

Country of ref document: JP

Ref document number: 2007835952

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 1020097002314

Country of ref document: KR

NENP Non-entry into the national phase

Ref country code: RU