Method, system and computer program product for integrity-protected storage in a personal communication device
First Claim
Patent Images
1. A system for integrity-protected storage in a personal communication device, comprising:
- a first storage device;
a second storage device and a processor disposed in communication with said first and said second storage device configured to;
authenticate said second storage device;
create a secure object to be stored in said second storage device using at least one secret key from said first storage device; and
granting access to data stored in said second storage device using said secret key.
1 Assignment
0 Petitions
Accused Products
Abstract
Method, system and computer program product for achieving integrity-protected storage in a personal communication device by implementing DRM in a personal communication device. In particular, the method, system and computer program product utilizes cryptography and an external, read-write storage device that stores important state information that need not be secret, but should be unmodifable or replayable without detection. Using the present invention, the integrity of data storage in a personal communication can be assured even if data is stored in an insecure storage device.
-
Citations
40 Claims
-
1. A system for integrity-protected storage in a personal communication device, comprising:
-
a first storage device;
a second storage device and a processor disposed in communication with said first and said second storage device configured to;
authenticate said second storage device;
create a secure object to be stored in said second storage device using at least one secret key from said first storage device; and
granting access to data stored in said second storage device using said secret key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system for integrity-protected storage of data in a personal communication device, comprising:
-
a tamper-resistant storage device that stores at least one secret key;
an external tamper-resistant storage device that stores an encryption key pair and a compliance certificate; and
a processor for executing a plurality of protocols for communication between said tamper-resistant storage device and said external tamper-resistant storage device;
wherein upon initiation of a communication protocol said tamper-resistant storage device requests the compliance certificate from said external tamper-resistant storage device and said tamper-resistant storage device sends the integrity-protected key along with a unique identifier to said external tamper-resistant storage device, which is used by said external tamper-resistant storage device to authenticate a subsequent request to read and update data stored in said external tamper-resistant storage device. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. The method for storing data in a personal communication device, comprising:
-
authenticating a second storage device;
creating a secure object following the authentication of said second storage device using a secret key of a first storage device;
storing said secure object in said second storage device; and
granting access to data stored in said second storage device using said secret key. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30)
-
-
31. A method of storing data in a personal communication device, comprising:
-
requesting of a compliance certificate from a second storage device;
verifying the authenticity of the compliant card sent by said second storage device;
sending an integrity key and an object identifier from a first storage device to said second storage device upon authentication of said compliant card;
storing said integrity key and object identifier in said second storage device;
authenticating a read request from said first storage device using the stored integrity key in said second storage device;
authenticating an update request from the first storage device using said stored integrity key in said second storage device; and
granting access to data stored in said second memory device. - View Dependent Claims (32, 33, 34, 35, 36, 37)
-
-
38. A computer program product for storing data in a personal communication device, comprising:
-
a computer readable medium;
program code in said computer readable medium for authenticating a second storage device;
program code in said computer readable medium for creating a secure object using a secret key from a first storage device following the authenticating of said second storage device;
program code in said computer-readable medium for storing the secure object in said second storage device program code in said computer readable medium for granting access to the data in said second storage device using said secret key. - View Dependent Claims (39, 40)
-
Specification