Method and System for Access Control and Data Protection in Digital Memories, Related Digital Memory and Computer Program Product Therefor
1 Assignment
0 Petitions
Accused Products
Abstract
A digital memory such as a memory card for mobile communication equipment, is adapted to be accessed by a plurality of users and have protected data stored therein. The memory is dynamically partitionable in private memory areas for storing data therein and has associated therewith a secrecy tool for securely allocating to the users respective private areas and permitting the users to access the respective private areas via a secure session channel to perform read/write commands in the respective private areas. Typically, the memory/card includes: a card interface controller for managing a physical communication layer between the digital memory and external host equipment, an internal memory having associated therewith a hardware lock to control access to the internal memory, a set of cryptographic modules to manage the secure session channel between the users and the digital memory, and a memory certificate for certifying a public key associated with the digital memory.
50 Citations
81 Claims
-
1-49. -49. (canceled)
-
50. A method of controlling access by a plurality of users to a digital memory and protecting data in said digital memory comprising the steps of:
-
dynamically partitioning said digital memory in private areas for storing data in said digital memory, said users in said plurality being securely allocated respective private areas in said digital memory; and
permitting said users in said plurality to access said respective private areas via a secure session channel to perform read/write commands in said respective private areas. - View Dependent Claims (51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 81)
-
- 65. A digital memory adapted to be accessed by a plurality of users and have protected data stored therein, said memory being dynamically partitionable in private memory areas for storing data therein and having associated therewith a secrecy tool for securely allocating respective private memory areas to said users in said plurality and permitting said users in said plurality to access said respective private areas allocated in said digital memory via a secure session channel to perform read/write commands in said respective private areas.
Specification