摘要:
A non-volatile memory interface device contains first, second, and third communication interfaces configured for first, second, and third protocols, respectively. The device also contains a memory controller that selectively communicates between the first and second communication interfaces, and between the first and third communication interfaces. The device also contains a receptacle that can receive a removable non-volatile memory card and electrically connect the card to the second and third communication interfaces. The first communication interface may be a Universal Serial Bus Interface and may be in communicatively coupled to a USB connector. The second communication interface may be an ISO 7816 interface. A communications adapter is an enclosure containing a receptacle that can receive a non-volatile memory card and a USB connector. The USB connector is communicatively coupled with the non-volatile memory card in the receptacle. The receptacle's second communication interface with the non-volatile memory card is disabled.
摘要:
Technology for replacing a first storage unit operatively coupled to a device is provided. Content of the first storage unit is sent to a new storage unit that serves as the replacement of the first storage unit. In one embodiment, the content is first sent to a trusted third-party server and then transferred from the server to the new storage unit. A portion of the content on the new storage unit is adjusted in one embodiment to maintain content security features that were implemented in the first storage unit. The upgrading can be performed under the control of a software entity that is installed on the device. In various embodiments, the first storage unit may be bound to a third storage unit prior to the upgrade process. In such cases, the process can include measures to bind the new storage unit to the third storage unit.
摘要:
A first storage unit is bound to a second storage unit based on a binding type associated with content on the first storage unit, the first storage unit being operated through a first host device, and the second storage unit being operated through a second host device. When content on the first storage unit is requested in the first host device, the first host device will calculate an account identifier based on the binding type associated with the requested content and send the account identifier to a server. The server will send the account identifier to the second host device, and the second storage unit will use the account identifier to calculate a credential. The credential will be sent to the first host device through the server. The credential can be used to access the requested content if the credential is valid.
摘要:
Technology for replacing a first storage unit operatively coupled to a device is provided. Content of the first storage unit is sent to a new storage unit that serves as the replacement of the first storage unit. In one embodiment, the content is first sent to a trusted third-party server and then transferred from the server to the new storage unit. A portion of the content on the new storage unit is adjusted in one embodiment to maintain content security features that were implemented in the first storage unit. The upgrading can be performed under the control of a software entity that is installed on the device. In various embodiments, the first storage unit may be bound to a third storage unit prior to the upgrade process. In such cases, the process can include measures to bind the new storage unit to the third storage unit.
摘要:
A method of accessing content includes installing a file system filter for a secure removable memory device on a host device. A challenge is sent from the file system filter to a software entity on the host device, and a software entity response is received at the file system filter in response to the challenge. A file system filter response is calculated at the file system filter using the challenge, and access to first content on the secure removable memory device is provided if the software entity response matches the file system filter response.
摘要:
A method of accessing content includes installing a file system filter for a secure removable memory device on a host device. A challenge is sent from the file system filter to a software entity on the host device, and a software entity response is received at the file system filter in response to the challenge. A file system filter response is calculated at the file system filter using the challenge, and access to first content on the secure removable memory device is provided if the software entity response matches the file system filter response.
摘要:
A software entity on a host device attempting to access protected content in a secure memory device must be authenticated using a challenge/response authentication mechanism before the secure file system can be accessed. A file system filter determines whether requested content is protected. If the content is protected, the file system filter provides a challenge to the software entity and generates a file system filter response using the same challenge. The software entity must then send a software entity response using the challenge to the file system filter. If the file system filter determines that the software entity response matches the file system filter response, the software entity is allowed to access the protected content through a secure file system installed on the host device for the memory device.
摘要:
In order to create and access a secure storage account in a non-volatile memory device, an account identification value is calculated. A memory identification value is read from a first non-volatile memory device. The memory identification value and the account identification value are transmitted to a second non-volatile memory device, and a calculated credential is received. A command is transmitted to create a secure storage account in the first non-volatile memory device, where the command contains the credential and the account identification value. To access the account, a sequence is transmitted, containing the account identification value and a value based on the credential. A secure storage system contains a first non-volatile memory device that stores a memory identification value and contains a secure partition accessible using a credential, a second non-volatile memory device that can compute the credential, and a host adapted to create and access the secure partition.
摘要:
Methods for transmitting application specific or extended commands between a host and a memory card are disclosed. Commands for an extended card protocol are embedded in messages, along with a marker, in the data or command portion of a base card transmission protocol that is used to communicate between the host and the memory card. This allows for the transmission of application specific commands that lack a corresponding command in the base card protocol. The method can be implemented on the host side at the device driver level or the file level. In order to implement a read command in the extended card protocol, a write command in the base card protocol with an encapsulated read command in the extended protocol is first sent to a logical address, followed by a read command to the same logical address. Message set identifiers associate embedded commands and data received in separate transmissions.