Retrieval of Data Across Multiple Partitions of a Storage Device Using Digital Signatures

US 20120331563A1
Filed: 06/24/2011
Published: 12/27/2012
Est. Priority Date: 06/24/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

determining whether a received request for data associated with a first partition of a storage device is received from an application included in the first partition;

responsive to determining that the application is not included in the first partition, determining a signature associated with the application;

determining whether the signature associated with the application is authorized to access data associated with the first partition; and

responsive to determining that the signature associated with the application is authorized to access data associated with the first partition, using the received request to identify the data associated with the first partition and transmitting the data from the first partition to the application.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for exchanging data among partitions of a storage device is disclosed. For example, data stored in a first partition is exchanged with an application included in the first partition or with a second application included in a second partition. In one embodiment, the second application is associated with a global certificate while the first application is associated with a different platform certificate. A verification module included in the first partition receives a request for data and determines if the request for data is received from the first application. If the request for data is not received from the first application, the verification module determines whether the request is received from the second application and whether the global certificate is an authorized certificate. For example, the verification module determines whether the global certificate is included in a listing of authorized certificates.

Citations

19 Claims

1. A method comprising:
- determining whether a received request for data associated with a first partition of a storage device is received from an application included in the first partition;
  
  responsive to determining that the application is not included in the first partition, determining a signature associated with the application;
  
  determining whether the signature associated with the application is authorized to access data associated with the first partition; and
  
  responsive to determining that the signature associated with the application is authorized to access data associated with the first partition, using the received request to identify the data associated with the first partition and transmitting the data from the first partition to the application.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising:
    - responsive to determining that the application is included in the first partition, using the received request to identify the data associated with the first partition and transmitting the data from the first partition to the application.
  - 3. The method of claim 1, wherein determining whether the signature associated with the application is authorized to access data associated with the first partition comprises:
    - determining whether the signature associated with the application is associated with a global certificate, the global certificate associated with the application and with a second application included in the first partition.
  - 4. The method of claim 1, wherein determining whether the signature associated with the application is authorized to access data associated with the first partition comprises:
    - determining whether an identifier associated with the signature associated with the application matches at least one signature identifier included in a certificate listing.
  - 5. The method of claim 4, further comprising:
    - responsive to determining the identifier associated with the signature associated with the application does not match at least one signature identifier included in the certificate store, requesting an updated certificate listing; and
      
      responsive to the identifier associated with the signature associated with the application matching a signature identifier included in the updated certificate listing, using the received request to identify the data associated with the first partition and transmitting the data from the first partition to the application.
  - 6. The method of claim 1, wherein using the received request to identify the data associated with the first partition comprises:
    - using a key associated with the signature to retrieve data from a server using a client-server interface included in the first partition.
  - 7. The method of claim 1, wherein using the received request to identify the data associated with the first partition comprises:
    - using a key associated with the signature to retrieve data from a data store included in the first partition.

8. An apparatus comprising:
- a processor;
  
  a storage device coupled to the processor, the storage device including a first partition, a second partition and instructions that, when executed by the processor, cause the processor to;
  
  determine whether a request for data associated with the first partition is received from an application included in the first partition;
  
  responsive to determining that the application is not included in the first partition, determine a signature associated with the application;
  
  determine whether the signature associated with the application is authorized to access data associated with the first partition; and
  
  responsive to determining that the signature associated with the application is authorized to access data associated with the first partition, retrieve data identified by the received request from the first partition and transmit the data from the first partition to the application.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The apparatus of claim 8, wherein the storage device further includes instructions that, when executed by the processor, cause the processor to:
    - responsive to determining that the application is included in the first partition, retrieve data identified by the received request from the first partition and transmit the data from the first partition to the application and transmit the data from the first partition to the application.
  - 10. The apparatus of claim 8, wherein determine whether the signature associated with the application is authorized to access data associated with the first partition comprises:
    - determining whether the signature is associated with a global certificate that is associated with a second application included in the first partition and also associated with the application.
  - 11. The apparatus of claim 10, wherein the application is included in the second partition.
  - 12. The apparatus of claim 8, wherein the storage device further includes:
    - a certificate store including a certificate listing identifying one or more certificates associated with one or more applications authorized to access data included in the first partition.
  - 13. The apparatus of claim 12, wherein determine whether the signature associated with the application is authorized to access data associated with the first partition comprises:
    - determining whether the signature associated with the application matches a signature identified by the certificate listing included in the certificate store.
  - 14. The apparatus of claim 8, further comprising:
    - a communication unit coupled to the processor and to the storage device, the communication unit retrieving data identified by the received request from a server responsive to the processor determining that the signature associated with the application is authorized to access data associated with the first partition.
  - 15. The apparatus of claim 14, further comprising:
    - responsive to determining the signature associated with the application does not match a signature included in a certificate store included in the storage device, requesting an updated certificate listing from the server via the communication unit.

16. A method comprising:
- receiving a request for data included in a first partition of a storage device from an application included in a second partition of the storage device and associated with a global certificate;
  
  verifying that the global certificate is also associated with an application included in the first partition of the storage device; and
  
  responsive to verifying that the global certificate is associated with the application included in the second partition of the storage device and the application included in the first partition of the storage device, transmitting the requested data form the first partition to the application included in the second partition.
- View Dependent Claims (17, 18, 19)
- - 17. The method of claim 16, further comprising:
    - receiving a second request for data included in the first partition from a second application included in the first partition of the storage device and associated with a platform certificate, the platform certificate different from the global certificate;
      
      verifying that the second application is included in the first partition of the storage device; and
      
      responsive to verifying that the second application is included in the first partition of the storage device, transmitting the requested data form the first partition to the second application.
  - 18. The method of claim 17, wherein transmitting the requested data form the first partition to the second application comprises:
    - retrieving the requested data from a server using a client-server interface included in the first partition.
  - 19. The method of claim 16, wherein transmitting the requested data form the first partition to the application included in the second partition:
    - retrieving the requested data from a server using a client-server interface included in the first partition; and
      
      transmitting the requested data from the client-server interface to the application included in the second partition.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google Technology Holdings LLC (Alphabet Inc.)
Original Assignee
Motorola Mobility, Inc. (Lenovo Group Ltd.)
Inventors
Chaudhury, Rashmi, Attaluri, Srinivas, Liu, Fangge, Thyagarajan, Lakshmi

Granted Patent

US 8,938,809 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/27
CPC Class Codes

G06F 21/6218   to a system of files or obj...

H04L 63/0815   providing single-sign-on or...

H04L 63/0823   using certificates cryptogr...

Retrieval of Data Across Multiple Partitions of a Storage Device Using Digital Signatures

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Retrieval of Data Across Multiple Partitions of a Storage Device Using Digital Signatures

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links