DATA MANAGEMENT DEVICE, STORED DATA MANAGEMENT METHOD AND COMPUTER PROGRAM
2 Assignments
0 Petitions
Accused Products
Abstract
Provided is a data management device for managing data recorded onto a readable and writable recording medium by an application that is verified based on a digital certificate. The recording medium has a plurality of areas and access to each area is restricted to a different application. The data management device includes an application authentication module, a mapping module, and a local storage display module. The application authentication module verifies that an application is an authentic application based on a digital certificate attached to the application. The mapping module associates, if the application is verified, an area accessible by the application with a subject name described in the digital certificate used for the verification. The local storage display module displays information regarding the area accessible by the application, with the use of the subject name associated with the area.
29 Citations
33 Claims
-
1-14. -14. (canceled)
-
15. A data management device for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management device comprising:
-
a verification unit operable to verify authenticity of an application program based on a digital certificate attached to the application program; a mapping unit operable, if the application program is verified, to associate (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate; and a presentation unit operable to present information relating to data written into the directory accessible by the application program, by using the text information associated with the directory, wherein the digital certificate is composed of a plurality of certificate portions, the partial certificates include (i) a root certificate portion verifying a subordinate certificate portion and (ii) a leaf certificate portion being verified by a superordinate certificate portion, each certificate portion has, as the text information, subject name information described therein, the digital certificate attached to the application program includes information specifying (i) an organization directory superordinate to an application directory into which data is written by executing the application program, and (ii) a root certificate directory superordinate to the specified organization directory, and the directly accessible by the application program is the application directory that is subordinate to the specified organization directory that in turn is subordinate to the specified root certificate directory, and the association by the mapping unit is to associate the specified organization directory with the subject name information described in the leaf certificate, and the specified root certificate directory with the subject name information described in the root certificate. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A data management device for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management device comprising:
-
a verification unit operable to verify authenticity of an application program based on a digital certificate attached to the application program; a mapping unit operable, if the application program is verified, to associate (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate; and a presentation unit operable to present information relating to data written into the directory accessible by the application program, by using the text information associated with the directory, wherein the verification of the application program by the verification unit is processed before the application program is activated for execution, and the association by the mapping unit is performed with the verification process.
-
-
22. A data management device for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management device comprising:
-
a verification unit operable to verify authenticity of an application program based on a digital certificate attached to the application program; a mapping unit operable, if the application program is verified, to associate (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate; and a presentation unit operable to present information relating to data written into the directory accessible by the application program, by using the text information associated with the directory, wherein the application program is included in a virtual package created by merging (i) data on a disc loaded into a playback device that executes the application program with (ii) data on the recording medium that the playback device is provided with, the virtual package includes a metafile indicating details of the application program, and the mapping unit is further operable to establish the association by using information contained in the metafile. - View Dependent Claims (23)
-
-
24. A data management device for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management device comprising:
-
a text-string receiving unit operable to receive a user input of text information; a verification unit operable to verify authenticity of an application program based on a digital certificate attached to the application program; a mapping unit operable, if the application program is verified, to receive a user input selecting whether or not the text information received by the text-string receiving unit is to be used, the mapping unit being further operable to associate a directory accessible by the application program out of the plurality of directories with (i) text information included in the digital certificate and relating to an owner of the digital certificate used for the verification, if the received user input indicates not to use the received text information, and with (ii) the text information received by the text-string receiving unit, if the received user input indicates to use the received text information; and a presentation unit operable to present information relating to data written into the directory accessible by the application program, by using the text information associated with the directory. - View Dependent Claims (25)
-
-
26. A computer program for controlling a computer to manage data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the computer program comprising code operable to cause the computer to perform:
-
a verification step of verifying authenticity of an application program based on a digital certificate attached to the application program; a mapping step of associating, if the application program is verified, (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate; and a presentation step of presenting information relating to data written into the directory accessible by the application program, by using the text information associated with the directory, wherein the digital certificate is composed of a plurality of certificate portions, the partial certificates include (i) a root certificate portion verifying a subordinate certificate portion and (ii) a leaf certificate portion being verified by a superordinate certificate portion, each certificate portion has, as the text information, subject name information described therein, the digital certificate attached to the application program includes information specifying (i) an organization directory superordinate to an application directory into which data is written by executing the application program, and (ii) a root certificate directory superordinate to the specified organization directory, and the directly accessible by the application program is the application directory that is subordinate to the specified organization directory that in turn is subordinate to the specified root certificate directory, and the association in the mapping step is to associate the specified organization directory with the subject name information described in the leaf certificate, and the specified root certificate directory with the subject name information described in the root certificate.
-
-
27. A data management method for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management method comprising:
-
a verification step of verifying authenticity of an application program based on a digital certificate attached to the application program; a mapping step of associating, if the application program is verified, (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate; and a presentation step of presenting information relating to data written into the directory accessible by the application program, by using the text information associated with the directory, wherein the digital certificate is composed of a plurality of certificate portions, the partial certificates include (i) a root certificate portion verifying a subordinate certificate portion and (ii) a leaf certificate portion being verified by a superordinate certificate portion, each certificate portion has, as the text information, subject name information described therein, the digital certificate attached to the application program includes information specifying (i) an organization directory superordinate to an application directory into which data is written by executing the application program, and (ii) a root certificate directory superordinate to the specified organization directory, and the directly accessible by the application program is the application directory that is subordinate to the specified organization directory that in turn is subordinate to the specified root certificate directory, and the association in the mapping step is to associate the specified organization directory with the subject name information described in the leaf certificate, and the specified root certificate directory with the subject name information described in the root certificate.
-
-
28. A computer program for controlling a computer to manage data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the computer program comprising code operable to cause the computer to perform:
-
a verification step of verifying, before an application program is activated for execution, authenticity of the application program based on a digital certificate attached to the application program; a mapping step of associating, if the application program is verified, (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate, the mapping step being performed with the verification step; and a presentation step of presenting information relating to data written into the directory accessible by the application program, by using the text information associated with the directory.
-
-
29. A data management method for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management method comprising:
-
a verification step of verifying, before an application program is activated for execution, authenticity of the application program based on a digital certificate attached to the application program; a mapping step of associating, if the application program is verified, to associate (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate, the mapping step being performed with the verification step; and a presentation step of presenting information relating to data written into the directory accessible by the application program, by using the text information associated with the directory.
-
-
30. A computer program for controlling a computer to manage data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the computer program comprising code operable to cause the computer to perform:
-
a verification step of verifying authenticity of an application program based on a digital certificate attached to the application program; a mapping step of associating, if the application program is verified, (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate; and a presentation step of preening information relating to data written into the directory accessible by the application program, by using the text information associated with the directory, wherein the application program is included in a virtual package created by merging (i) data on a disc loaded into a playback device that executes the application program with (ii) data on the recording medium that the playback device is provided with, the virtual package includes a metafile indicating details of the application program, and in the mapping step, the association is established by further using information contained in the metafile.
-
-
31. A data management method for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management method comprising:
-
a verification step of verifying verify authenticity of an application program based on a digital certificate attached to the application program; a mapping step of associating, if the application program is verified, (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate; and a presentation step of preening information relating to data written into the directory accessible by the application program, by using the text information associated with the directory, wherein the application program is included in a virtual package created by merging (i) data on a disc loaded into a playback device that executes the application program with (ii) data on the recording medium that the playback device is provided with, the virtual package includes a metafile indicating details of the application program, and in the mapping step, the association is established by further using information contained in the metafile.
-
-
32. A computer program for controlling a computer to manage data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the computer program comprising code operable to cause the computer to perform:
-
a text-string receiving step of receiving a user input of text information; a verification step of verifying authenticity of an application program based on a digital certificate attached to the application program; a mapping step of; receiving, if the application program is verified, a user input selecting whether or not the text information received in the text-string receiving step is to be used; and associating a directory accessible by the application program out of the plurality of directories with (i) text information included in the digital certificate and relating to an owner of the digital certificate used for the verification, if the received user input indicates not to use the received text information, and with (ii) the text information received in the text-string receiving step, if the received user input indicates to use the received text information; and a presentation step of presenting present information relating to data written into the directory accessible by the application program, by using the text information associated with the directory.
-
-
33. A data management method for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management method comprising:
-
a text-string receiving step of receiving a user input of text information; a verification step of verifying authenticity of an application program based on a digital certificate attached to the application program; a mapping step of; receiving, if the application program is verified, a user input selecting whether or not the text information received in the text-string receiving step is to be used; and associating a directory accessible by the application program out of the plurality of directories with (i) text information included in the digital certificate and relating to an owner of the digital certificate used for the verification, if the received user input indicates not to use the received text information, and with (ii) the text information received in the text-string receiving step, if the received user input indicates to use the received text information; and a presentation step of presenting present information relating to data written into the directory accessible by the application program, by using the text information associated with the directory.
-
Specification