Control Method Using Identity Objects
First Claim
1. A method for providing proof of identity of an entity by means of a non-volatile memory system comprising:
- at least one control data structure; and
a non-volatile memory storing an object including a key pair owned by said entity, at least one certificate identifying said entity and said at least one control data structure, said method comprising;
removably connecting said memory system to a host device;
authenticating the host device to the memory system by means of said at least one control data structure;
after said host device has been successfully authenticated, employing said private key to encrypt data from the host device or signals derived from said data; and
sending the at least one certificate and the encrypted data or signals to the host device.
3 Assignments
0 Petitions
Accused Products
Abstract
An object known as an identity object comprises a public key and a private key pair and at least one certificate issued by a certificate authority that certifies that the public key of the pair is genuine. In one embodiment, this object may be used as proof of identification by using the private key to sign data provided to it or signals derived from the data. An identity object may be stored in a non-volatile memory as proof of identity, where the memory is controlled by a controller. Preferably, a housing encloses the memory and the controller. In another embodiment, an identity object may be stored in a non-volatile memory of a memory system as proof of identity. The memory system is removably connected to a host device. After the host device has been successfully authenticated, the private key of the object is used to encrypt data from the host device or signals derived from said data, and the at least one certificate and the encrypted data or signals are sent to the host device. In yet another embodiment, after an entity has been authenticated by a control data structure of the memory system, the public key of the identity object and the at least one certificate to certify the public key are provided to the entity. In one practical application of this embodiment, if encrypted data encrypted by means of the public key of the identity object is received from the entity, the memory system will then be able to decrypt the encrypted data using the private key in the identity object. The identity object and the at least one certificate are stored in a non-volatile memory where the memory is controlled by a controller. Preferably, a housing encloses the memory and the controller. In one more embodiment, an identity object may be stored in a non-volatile memory of a memory system. The memory system is removably connected to a host device. After the host device has been successfully authenticated, the public key of the identity object and the at least one certificate to certify the public key are provided to the host device. When encrypted data encrypted by means of the public key of the identity object is received from the host device, the memory system decrypts the encrypted data using the private key in the identity object.
-
Citations
2 Claims
-
1. A method for providing proof of identity of an entity by means of a non-volatile memory system comprising:
-
at least one control data structure; and a non-volatile memory storing an object including a key pair owned by said entity, at least one certificate identifying said entity and said at least one control data structure, said method comprising; removably connecting said memory system to a host device; authenticating the host device to the memory system by means of said at least one control data structure; after said host device has been successfully authenticated, employing said private key to encrypt data from the host device or signals derived from said data; and sending the at least one certificate and the encrypted data or signals to the host device.
-
-
2. A method for protecting data for an entity by means of a non-volatile memory system comprising:
-
at least one control data structure; and a non-volatile memory storing an object including a key pair comprising a private key and a public key, at least one certificate and at least one control data structure, said method comprising; removably connecting said memory system to a host device; authenticating the host device to the memory system by means of said at least one control data structure; after said host device has been successfully authenticated, supplying to the host device said at least one certificate to certify the public key; receiving data encrypted by means of the public key; and decrypting the data using the private key.
-
Specification