Access control for secure portable storage device
First Claim
1. A secure portable storage device capable of being detachably connected to a host comprising a first decrypting module, a second decrypting module, and a pre-stored first key, said secure portable storage device comprising:
- a file system, coupled to the host and configured to store an encrypted content data, having a first temporary space and a second temporary space;
a controlling/processing module being coupled to the file system; and
a memory, coupled to the controlling/processing module, storing therein an encrypted content key;
wherein when the host transmits the first key to the first temporary space of the secure portable storage device, the controlling/processing module accesses the thirst key and verifies if the first key is valid, and if the first key is verified to be valid, duplicates the encrypted content key into the second temporary space, and then the encrypted content key is stored in the second temporary space, the encrypted content is also uploaded to the host, the first decrypting module decrypts the encrypted content key into a content key by use of the first key, the second decrypting module decrypts the encrypted content data into content data by use of the content key.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention provides an access control for a secure portable storage device. The control method is applied to a host for accessing from the secure portable storage device. The control method includes the following steps. First, the host transmits a first key into a first temporary space in the file system of the secure portable storage device. Next, the secure portable storage device verifies if the first key is valid. If the first key is valid, an encrypted content key is duplicated into a second temporary space. Then, the encrypted content key is uploaded to the host. Afterward, the encrypted content key is decrypted into a content key. Lastly, an encrypted content data stored in the secure portable storage device is decrypted into a content data by use of the content key.
-
Citations
15 Claims
-
1. A secure portable storage device capable of being detachably connected to a host comprising a first decrypting module, a second decrypting module, and a pre-stored first key, said secure portable storage device comprising:
-
a file system, coupled to the host and configured to store an encrypted content data, having a first temporary space and a second temporary space; a controlling/processing module being coupled to the file system; and a memory, coupled to the controlling/processing module, storing therein an encrypted content key; wherein when the host transmits the first key to the first temporary space of the secure portable storage device, the controlling/processing module accesses the thirst key and verifies if the first key is valid, and if the first key is verified to be valid, duplicates the encrypted content key into the second temporary space, and then the encrypted content key is stored in the second temporary space, the encrypted content is also uploaded to the host, the first decrypting module decrypts the encrypted content key into a content key by use of the first key, the second decrypting module decrypts the encrypted content data into content data by use of the content key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A control method for accessing from a secure portable storage device by a host comprising a pre-stored first key, the secure portable storage device, capable of being detachably connected to the host, comprising a memory therein storing an encrypted content key and a file system, the file system, coupled to the host and configured to store an encrypted content data, having a first temporary space and a second temporary space, said control method comprising the steps of:
-
transmitting the first key to the first temporary space; verifying if the first key is valid, and if the first key is verified to be valid, duplicating the encrypted content key stored in the memory into the second temporary space; uploading the encrypted content key stored in the second temporary space to the host; decrypting the encrypted content key into a content key by use of the first key; and decrypting the encrypted content data into a content data by use of the content key. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
Specification