DATA MANAGEMENT DEVICE, STORED DATA MANAGEMENT METHOD AND COMPUTER PROGRAM

US 20100138933A1
Filed: 04/03/2008
Published: 06/03/2010
Est. Priority Date: 04/19/2007
Status: Active Grant

First Claim

Patent Images

1-14. -14. (canceled)

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Provided is a data management device for managing data recorded onto a readable and writable recording medium by an application that is verified based on a digital certificate. The recording medium has a plurality of areas and access to each area is restricted to a different application. The data management device includes an application authentication module, a mapping module, and a local storage display module. The application authentication module verifies that an application is an authentic application based on a digital certificate attached to the application. The mapping module associates, if the application is verified, an area accessible by the application with a subject name described in the digital certificate used for the verification. The local storage display module displays information regarding the area accessible by the application, with the use of the subject name associated with the area.

29 Citations

View as Search Results

33 Claims

1-14. -14. (canceled)

15. A data management device for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management device comprising:
- a verification unit operable to verify authenticity of an application program based on a digital certificate attached to the application program;
  
  a mapping unit operable, if the application program is verified, to associate (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate; and
  
  a presentation unit operable to present information relating to data written into the directory accessible by the application program, by using the text information associated with the directory, whereinthe digital certificate is composed of a plurality of certificate portions,the partial certificates include (i) a root certificate portion verifying a subordinate certificate portion and (ii) a leaf certificate portion being verified by a superordinate certificate portion,each certificate portion has, as the text information, subject name information described therein,the digital certificate attached to the application program includes information specifying (i) an organization directory superordinate to an application directory into which data is written by executing the application program, and (ii) a root certificate directory superordinate to the specified organization directory, and the directly accessible by the application program is the application directory that is subordinate to the specified organization directory that in turn is subordinate to the specified root certificate directory, andthe association by the mapping unit is to associate the specified organization directory with the subject name information described in the leaf certificate, and the specified root certificate directory with the subject name information described in the root certificate.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The data management device according to claim 15, whereinthe association is established by using an information item selected out of a country name, an organization name, an organization unit, and a common name that are included in the subject name information.
  - 17. The data management device according to claim 16, whereinthe mapping unit is operable to associate the specified organization directory with the subject name information described in the leaf certificate portion, by using a text string that is obtained by removing, from the organization name included in the subject name information, an organization ID attached at an end of the organization name.
  - 18. The data management device according to claim 16, whereinthe mapping unit is operable to receive a user selection selecting which of the information items included in the subject name information is to be used in the association.
  - 19. The data management device according to claim 15, whereinthe application program is included in a virtual package created by merging (i) data on a disc loaded into a playback device that executes the application program with (ii) data on the recording medium that the playback device is provided with,the virtual package includes application management information indicating details of the application program, andthe mapping information is further operable to associate the application directory with a name of the application program indicated by the application management information.
  - 20. The data management device according to claim 15, whereinthe application program is included in a virtual package created by merging (i) data on a disc loaded into a playback device that executes the application program with (ii) data on the recording medium that the playback device is provided with,the virtual package includes application management information indicating details of the application program, andthe mapping unit is further operable to associate the application directory with information relating to an icon that is specified by the application management information as denoting the application program.

21. A data management device for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management device comprising:
- a verification unit operable to verify authenticity of an application program based on a digital certificate attached to the application program;
  
  a mapping unit operable, if the application program is verified, to associate (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate; and
  
  a presentation unit operable to present information relating to data written into the directory accessible by the application program, by using the text information associated with the directory, whereinthe verification of the application program by the verification unit is processed before the application program is activated for execution, andthe association by the mapping unit is performed with the verification process.

22. A data management device for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management device comprising:
- a verification unit operable to verify authenticity of an application program based on a digital certificate attached to the application program;
  
  a mapping unit operable, if the application program is verified, to associate (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate; and
  
  a presentation unit operable to present information relating to data written into the directory accessible by the application program, by using the text information associated with the directory, whereinthe application program is included in a virtual package created by merging (i) data on a disc loaded into a playback device that executes the application program with (ii) data on the recording medium that the playback device is provided with,the virtual package includes a metafile indicating details of the application program, andthe mapping unit is further operable to establish the association by using information contained in the metafile.
- View Dependent Claims (23)
- - 23. The data management device according to claim 22, whereinthe mapping unit is operable to establish the association by using text information relating to a recipient of the digital certificate and included in the digital certificate, if the virtual package does not include the metafile.

24. A data management device for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management device comprising:
- a text-string receiving unit operable to receive a user input of text information;
  
  a verification unit operable to verify authenticity of an application program based on a digital certificate attached to the application program;
  
  a mapping unit operable, if the application program is verified, to receive a user input selecting whether or not the text information received by the text-string receiving unit is to be used, the mapping unit being further operable to associate a directory accessible by the application program out of the plurality of directories with (i) text information included in the digital certificate and relating to an owner of the digital certificate used for the verification, if the received user input indicates not to use the received text information, and with (ii) the text information received by the text-string receiving unit, if the received user input indicates to use the received text information; and
  
  a presentation unit operable to present information relating to data written into the directory accessible by the application program, by using the text information associated with the directory.
- View Dependent Claims (25)
- - 25. The data management device according to claim 24, whereinthe text-string receiving unit is operable to receive input of the text-string via an entry field presented on a display screen, andthe entry field is presented by default with a text string contained in the subject-name information.

26. A computer program for controlling a computer to manage data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the computer program comprising code operable to cause the computer to perform:
- a verification step of verifying authenticity of an application program based on a digital certificate attached to the application program;
  
  a mapping step of associating, if the application program is verified, (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate; and
  
  a presentation step of presenting information relating to data written into the directory accessible by the application program, by using the text information associated with the directory, whereinthe digital certificate is composed of a plurality of certificate portions,the partial certificates include (i) a root certificate portion verifying a subordinate certificate portion and (ii) a leaf certificate portion being verified by a superordinate certificate portion,each certificate portion has, as the text information, subject name information described therein, the digital certificate attached to the application program includes information specifying (i) an organization directory superordinate to an application directory into which data is written by executing the application program, and (ii) a root certificate directory superordinate to the specified organization directory, and the directly accessible by the application program is the application directory that is subordinate to the specified organization directory that in turn is subordinate to the specified root certificate directory, andthe association in the mapping step is to associate the specified organization directory with the subject name information described in the leaf certificate, and the specified root certificate directory with the subject name information described in the root certificate.

27. A data management method for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management method comprising:
- a verification step of verifying authenticity of an application program based on a digital certificate attached to the application program;
  
  a mapping step of associating, if the application program is verified, (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate; and
  
  a presentation step of presenting information relating to data written into the directory accessible by the application program, by using the text information associated with the directory, whereinthe digital certificate is composed of a plurality of certificate portions,the partial certificates include (i) a root certificate portion verifying a subordinate certificate portion and (ii) a leaf certificate portion being verified by a superordinate certificate portion,each certificate portion has, as the text information, subject name information described therein,the digital certificate attached to the application program includes information specifying (i) an organization directory superordinate to an application directory into which data is written by executing the application program, and (ii) a root certificate directory superordinate to the specified organization directory, and the directly accessible by the application program is the application directory that is subordinate to the specified organization directory that in turn is subordinate to the specified root certificate directory, andthe association in the mapping step is to associate the specified organization directory with the subject name information described in the leaf certificate, and the specified root certificate directory with the subject name information described in the root certificate.

28. A computer program for controlling a computer to manage data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the computer program comprising code operable to cause the computer to perform:
- a verification step of verifying, before an application program is activated for execution, authenticity of the application program based on a digital certificate attached to the application program;
  
  a mapping step of associating, if the application program is verified, (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate, the mapping step being performed with the verification step; and
  
  a presentation step of presenting information relating to data written into the directory accessible by the application program, by using the text information associated with the directory.

29. A data management method for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management method comprising:
- a verification step of verifying, before an application program is activated for execution, authenticity of the application program based on a digital certificate attached to the application program;
  
  a mapping step of associating, if the application program is verified, to associate (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate, the mapping step being performed with the verification step; and
  
  a presentation step of presenting information relating to data written into the directory accessible by the application program, by using the text information associated with the directory.

30. A computer program for controlling a computer to manage data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the computer program comprising code operable to cause the computer to perform:
- a verification step of verifying authenticity of an application program based on a digital certificate attached to the application program;
  
  a mapping step of associating, if the application program is verified, (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate; and
  
  a presentation step of preening information relating to data written into the directory accessible by the application program, by using the text information associated with the directory, whereinthe application program is included in a virtual package created by merging (i) data on a disc loaded into a playback device that executes the application program with (ii) data on the recording medium that the playback device is provided with,the virtual package includes a metafile indicating details of the application program, andin the mapping step, the association is established by further using information contained in the metafile.

31. A data management method for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management method comprising:
- a verification step of verifying verify authenticity of an application program based on a digital certificate attached to the application program;
  
  a mapping step of associating, if the application program is verified, (i) a directory accessible by the application program out of the plurality of directories with (ii) text information that is included in the digital certificate used for the verification and that relates to an owner of the digital certificate; and
  
  a presentation step of preening information relating to data written into the directory accessible by the application program, by using the text information associated with the directory, whereinthe application program is included in a virtual package created by merging (i) data on a disc loaded into a playback device that executes the application program with (ii) data on the recording medium that the playback device is provided with,the virtual package includes a metafile indicating details of the application program, andin the mapping step, the association is established by further using information contained in the metafile.

32. A computer program for controlling a computer to manage data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the computer program comprising code operable to cause the computer to perform:
- a text-string receiving step of receiving a user input of text information;
  
  a verification step of verifying authenticity of an application program based on a digital certificate attached to the application program;
  
  a mapping step of;
  
  receiving, if the application program is verified, a user input selecting whether or not the text information received in the text-string receiving step is to be used; and
  
  associating a directory accessible by the application program out of the plurality of directories with (i) text information included in the digital certificate and relating to an owner of the digital certificate used for the verification, if the received user input indicates not to use the received text information, and with (ii) the text information received in the text-string receiving step, if the received user input indicates to use the received text information; and
  
  a presentation step of presenting present information relating to data written into the directory accessible by the application program, by using the text information associated with the directory.

33. A data management method for managing data written into a restricted area on a readable and writable recording medium by executing application programs, the restricted area being protected against any access other than by application programs verified based on digital certificates, and each of a plurality of directories within the restricted area being accessible by a different one of the application programs, the data management method comprising:
- a text-string receiving step of receiving a user input of text information;
  
  a verification step of verifying authenticity of an application program based on a digital certificate attached to the application program;
  
  a mapping step of;
  
  receiving, if the application program is verified, a user input selecting whether or not the text information received in the text-string receiving step is to be used; and
  
  associating a directory accessible by the application program out of the plurality of directories with (i) text information included in the digital certificate and relating to an owner of the digital certificate used for the verification, if the received user input indicates not to use the received text information, and with (ii) the text information received in the text-string receiving step, if the received user input indicates to use the received text information; and
  
  a presentation step of presenting present information relating to data written into the directory accessible by the application program, by using the text information associated with the directory.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sovereign Peak Ventures, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
Panasonic Corporation (Panasonic Holdings Corporation)
Inventors
Yamashita, Ken

Granted Patent

US 8,433,929 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/30
CPC Class Codes

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 21/6218   to a system of files or obj...

G06F 21/78   to assure secure storage of...

DATA MANAGEMENT DEVICE, STORED DATA MANAGEMENT METHOD AND COMPUTER PROGRAM

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

29 Citations

33 Claims

Specification

Use Cases

Quick Links

Others

DATA MANAGEMENT DEVICE, STORED DATA MANAGEMENT METHOD AND COMPUTER PROGRAM

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

29 Citations

33 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others