WO2006069312A3 - System for creating control structure for versatile content control - Google Patents

System for creating control structure for versatile content control Download PDF

Info

Publication number
WO2006069312A3
WO2006069312A3 PCT/US2005/046795 US2005046795W WO2006069312A3 WO 2006069312 A3 WO2006069312 A3 WO 2006069312A3 US 2005046795 W US2005046795 W US 2005046795W WO 2006069312 A3 WO2006069312 A3 WO 2006069312A3
Authority
WO
WIPO (PCT)
Prior art keywords
trees
purchaser
permissions
creating
permission
Prior art date
Application number
PCT/US2005/046795
Other languages
French (fr)
Other versions
WO2006069312A2 (en
Inventor
Fabrice Jogand-Coulomb
Michael Holtzman
Bahman Qawami
Ron Barzilai
Original Assignee
Sandisk Corp
Fabrice Jogand-Coulomb
Michael Holtzman
Bahman Qawami
Ron Barzilai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US11/313,538 external-priority patent/US8051052B2/en
Priority claimed from US11/314,055 external-priority patent/US20060242067A1/en
Application filed by Sandisk Corp, Fabrice Jogand-Coulomb, Michael Holtzman, Bahman Qawami, Ron Barzilai filed Critical Sandisk Corp
Priority to EP05855366A priority Critical patent/EP1836643A2/en
Priority to CN200580048232.3A priority patent/CN101120355B/en
Priority to JP2007548523A priority patent/JP4857284B2/en
Publication of WO2006069312A2 publication Critical patent/WO2006069312A2/en
Publication of WO2006069312A3 publication Critical patent/WO2006069312A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1491Protection against unauthorised use of memory or access to memory by checking the subject access rights in a hierarchical protection system, e.g. privilege levels, memory rings
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2113Multi-level security, e.g. mandatory access control
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2117User registration
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2145Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy

Abstract

The mobile storage device may be provided with a system agent that is able to create at least one hierarchical tree comprising nodes at different levels for controlling access to data stored in the memory by corresponding entities. Each node of the tree specifies permission or permissions of a corresponding entity or entities for accessing memory data. The permission or permissions at the node of each of the trees has a predetermined relationship to permission or permissions at nodes at a higher or lower or the same level in the same tree. Thus, the mobile storage devices may be issued without any trees already created so that the purchaser of the devices has a free hand in creating hierarchical trees adapted to the applications the purchaser has in mind. Alternatively, the mobile storage devices may also be issued with the trees already created so that a purchaser does not have to go through the trouble of creating the trees. In both situations, preferably certain functionalities of the trees can become fixed after the devices are made so that they cannot be further changed or altered. This provides greater control over access to the content in the device by the content owner. Thus, in one embodiment, the system agent can preferably be disabled so that no additional trees can be created.
PCT/US2005/046795 2004-12-21 2005-12-21 System for creating control structure for versatile content control WO2006069312A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
EP05855366A EP1836643A2 (en) 2004-12-21 2005-12-21 System for creating control structure for versatile content control
CN200580048232.3A CN101120355B (en) 2004-12-21 2005-12-21 System for creating control structure for versatile content control
JP2007548523A JP4857284B2 (en) 2004-12-21 2005-12-21 Control structure generation system for multi-purpose content control

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US63880404P 2004-12-21 2004-12-21
US60/638,804 2004-12-21
US11/313,538 2005-12-20
US11/313,538 US8051052B2 (en) 2004-12-21 2005-12-20 Method for creating control structure for versatile content control
US11/314,055 US20060242067A1 (en) 2004-12-21 2005-12-20 System for creating control structure for versatile content control
US11/314,055 2005-12-20

Publications (2)

Publication Number Publication Date
WO2006069312A2 WO2006069312A2 (en) 2006-06-29
WO2006069312A3 true WO2006069312A3 (en) 2006-11-09

Family

ID=36146948

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2005/046795 WO2006069312A2 (en) 2004-12-21 2005-12-21 System for creating control structure for versatile content control

Country Status (6)

Country Link
EP (1) EP1836643A2 (en)
JP (1) JP4857284B2 (en)
KR (1) KR20070091349A (en)
CN (2) CN101120355B (en)
TW (1) TWI388985B (en)
WO (1) WO2006069312A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9104618B2 (en) 2008-12-18 2015-08-11 Sandisk Technologies Inc. Managing access to an address range in a storage device

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7748031B2 (en) 2005-07-08 2010-06-29 Sandisk Corporation Mass storage device with automated credentials loading
EP1934878A2 (en) * 2005-09-08 2008-06-25 SanDisk Corporation Mobile memory system for secure storage and delivery of media content
CN101484904A (en) * 2006-07-07 2009-07-15 桑迪士克股份有限公司 Content control system and method using versatile control structure
EP2038804A2 (en) * 2006-07-07 2009-03-25 Sandisk Corporation Content control system and method using versatile control structure
JP5180203B2 (en) * 2006-07-07 2013-04-10 サンディスク テクノロジィース インコーポレイテッド System and method for controlling information supplied from a memory device
EP2256660B1 (en) * 2009-05-28 2015-08-12 Sap Se Computer-implemented method, computer system, and computer program product for optimization of evaluation of a policy specification
US10165007B2 (en) 2011-09-15 2018-12-25 Microsoft Technology Licensing, Llc Securing data usage in computing devices
CN102609368B (en) * 2012-01-11 2014-12-17 记忆科技(深圳)有限公司 Solid-state-drive data encryption and decryption method and solid state drive
CN103870724B (en) * 2012-12-12 2017-03-01 财团法人资讯工业策进会 Main managing device, proxy management device, electronic installation and authorization management method
GB2565411A (en) * 2017-06-12 2019-02-13 British Telecomm Improved hardware security module management
KR102227363B1 (en) * 2019-05-30 2021-03-15 트럼피아 주식회사 System and method for controlling data access of multy hierarchy structure
CN110321302B (en) * 2019-06-28 2021-10-01 兆讯恒达科技股份有限公司 Embedded system data storage area management method
US11050569B2 (en) * 2019-08-14 2021-06-29 Macronix International Co., Ltd. Security memory scheme
JP2021077208A (en) * 2019-11-12 2021-05-20 キオクシア株式会社 Storage device
AT524620A1 (en) * 2020-12-07 2022-06-15 Fachhochschule St Poelten Gmbh Procedure for migrating an IT application

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6026402A (en) * 1998-01-07 2000-02-15 Hewlett-Packard Company Process restriction within file system hierarchies
US20030061504A1 (en) * 2001-08-13 2003-03-27 Sprigg Stephen A. Application level access privilege to a storage area on a computer device
US20040139021A1 (en) * 2002-10-07 2004-07-15 Visa International Service Association Method and system for facilitating data access and management on a secure token

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002244552A (en) * 2001-02-13 2002-08-30 Sony Corp Information reproducing device, information reproducing method, and information recording medium and program storage medium
JP2002278838A (en) * 2001-03-15 2002-09-27 Sony Corp Memory access control system, device managing device, partition managing device, memory packaged device, memory access control method and program storage medium
US6895503B2 (en) * 2001-05-31 2005-05-17 Contentguard Holdings, Inc. Method and apparatus for hierarchical assignment of rights to documents and documents having such rights
JP4682498B2 (en) * 2003-04-09 2011-05-11 ソニー株式会社 Communication device and memory management method for communication device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6026402A (en) * 1998-01-07 2000-02-15 Hewlett-Packard Company Process restriction within file system hierarchies
US20030061504A1 (en) * 2001-08-13 2003-03-27 Sprigg Stephen A. Application level access privilege to a storage area on a computer device
US20040139021A1 (en) * 2002-10-07 2004-07-15 Visa International Service Association Method and system for facilitating data access and management on a secure token

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9104618B2 (en) 2008-12-18 2015-08-11 Sandisk Technologies Inc. Managing access to an address range in a storage device

Also Published As

Publication number Publication date
TWI388985B (en) 2013-03-11
CN102981980A (en) 2013-03-20
JP2008524758A (en) 2008-07-10
CN101120355A (en) 2008-02-06
KR20070091349A (en) 2007-09-10
TW200700992A (en) 2007-01-01
EP1836643A2 (en) 2007-09-26
WO2006069312A2 (en) 2006-06-29
CN101120355B (en) 2012-09-26
JP4857284B2 (en) 2012-01-18

Similar Documents

Publication Publication Date Title
WO2006069312A3 (en) System for creating control structure for versatile content control
WO2006069311A3 (en) Control structure for versatile content control and method using structure
ES2659835T3 (en) Communication and processing of credential data
WO2005121962A3 (en) Arrangement in a network for passing control of distributed data between network nodes for optimized client access based on locality
EP1370950A4 (en) System and method for policy based storage provisioning and management
WO2007106798A3 (en) Systems and methods for authoring and protecting digital property
WO2007120360A3 (en) Information management system
WO2004053650A3 (en) Data-aware data flow manager
WO2008080143A3 (en) Method and system for searching stored data
WO2005031547A3 (en) Separation of copy protection rules for digital rights management
WO2003017682A3 (en) Application level access privilege to a storage area on a computer device
WO2008033554A3 (en) Dual-access security system for medical records
WO2002027495A3 (en) Electronic information caching
WO2006127919A3 (en) Data management and distribution
AU2003250670A1 (en) Data store management system and method for wireless devices
JP2009522659A5 (en)
BRPI0513704A (en) packet aware programmer in wireless communication systems
WO2009066691A1 (en) Technique of controlling access of database
CN103268438A (en) Android authority management method and system based on calling chain
BRPI0317819A8 (en) DEVICE FOR RESTRICTED BROWSER ACCESS INSIDE A WIRELESS COMMUNICATION DEVICE AND METHOD FOR THE SAME
TW200725298A (en) System and method for storage management
DK1084465T3 (en) Procedure for secure access to data in a network
DE60142108D1 (en) STORAGE ARRANGEMENT WITH SUPPORT FOR UNAUTHORIZED ACCESS
CA2470158A1 (en) Electronic ink processing
DE602005016563D1 (en) FUSE DATA STORAGE SYSTEM WITH CORE MEMORY

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200580048232.3

Country of ref document: CN

AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KN KP KR KZ LC LK LR LS LT LU LV LY MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2007548523

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2005855366

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 1020077016639

Country of ref document: KR