Method for Versatile Content Control with Partitioning

US 20140115698A1
Filed: 10/30/2013
Published: 04/24/2014
Est. Priority Date: 12/21/2004
Status: Abandoned Application

First Claim

Patent Images

1-19. -19. (canceled)

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mechanism or structure may be provided to divide a memory into partitions and so that at least some data in the partitions can be encrypted with a key, so that in addition to authentication that is required for accessing some of the partitions, access to one or more keys may be required to decrypt the encrypted data in such partitions. All of the content that the user wishes to access may be associated with a first account, so that all such content can be accessed via different applications (e.g. music player, email, cellular communication etc.) without having to log in multiple times. Then a different set of authentication information may then be used for logging in to access protected content that is in an account different from the first account, even where the different accounts are for the same user or entity.

10 Citations

View as Search Results

49 Claims

1-19. -19. (canceled)

20. A method for access control, the method comprising:
- performing by a storage device that contains an account with authentication credentials and further contains permissions;
  
  receiving a request to access the storage device, the request including a session ID, the session ID being associated with the permissions upon authenticating an entity to the account using the authentication credentials, wherein the storage device stores the permissions prior to receiving a request to authenticate the entity;
  
  using the session ID included in the request to look up in the storage device the permissions associated with the session ID;
  
  determining whether the permissions authorize the requested access to the storage device; and
  
  granting the requested access to the storage device if the permissions authorize the requested access to the storage device.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27)
- - 21. The method of claim 20, wherein the request is received in plain text.
  - 22. The method of claim 20, wherein the session ID is sharable among other entities to share access to the storage device, and wherein after the entity is authenticated to the account using the authentication credentials, the storage device identifies the other entities by the session ID and not the authentication credentials.
  - 23. The method of claim 20, wherein the memory comprises a partition, and wherein the method further comprises permitting authenticated entities to access data in the partition.
  - 24. The method of claim 23, wherein the partition comprises a continuous range of addresses.
  - 25. The method of claim 20, wherein a type of access to the storage device is independent from any authentication used to authenticate the entity to the account.
  - 26. The method of claim 20, wherein multiple accounts can be authorized for a type of access to the storage device.
  - 27. The method of claim 20, wherein the account is stored in a memory component of the storage device, and wherein information relating to the account is fetched from the memory component by a controller of the storage device during authentication.

28. A storage device comprising:
- a non-volatile memory containing an account with authentication credentials and further containing permissions; and
  
  a controller in communication with the non-volatile memory, wherein the controller is operative to;
  
  receive a request to access the storage device, the request including a session ID, the session ID being associated with the permissions upon authenticating an entity to the account using the authentication credentials, wherein the storage device stores the permissions prior to receiving a request to authenticate the entity;
  
  use the session ID included in the request to look up in the storage device the permissions associated with the session ID;
  
  determine whether the permissions authorize the requested access to the storage device; and
  
  grant the requested access to the storage device if the permissions authorize the requested access to the storage device;
  
  wherein the session ID is sharable among other entities to share access to the storage device, and wherein after the entity is authenticated to the account using the authentication credentials, the storage device identifies the other entities by the session ID and not the authentication credentials.
- View Dependent Claims (29, 30, 31, 32, 33, 34, 35)
- - 29. The storage device of claim 28, wherein the request is received in plain text.
  - 30. The storage device of claim 28, wherein the session ID is sharable among other entities to share access to the storage device, and wherein after the entity is authenticated to the account using the authentication credentials, the storage device identifies the other entities by the session ID and not the authentication credentials.
  - 31. The storage device of claim 28, wherein the memory comprises a partition, and wherein the controller is further operative to permit authenticated entities to access data in the partition.
  - 32. The storage device of claim 31, wherein the partition comprises a continuous range of addresses.
  - 33. The storage device of claim 28, wherein a type of access to the storage device is independent from any authentication used to authenticate the entity to the account.
  - 34. The storage device of claim 28, wherein multiple accounts can be authorized for a type of access to the storage device.
  - 35. The storage device of claim 28, wherein information relating to the account is fetched from the non-volatile memory by the controller during authentication.

36. A method for access control of a partition of a storage device, the method comprising:
- performing by a storage device that has a non-volatile memory with a partition;
  
  authenticating an entity to an account on the storage device;
  
  receiving permissions from the entity to restrict access to the partition; and
  
  applying the permissions to access the partition when an unauthenticated entity attempts to access the partition.
- View Dependent Claims (37, 38, 39, 40, 41, 42)
- - 37. The method of claim 36, wherein the memory comprises at least one additional partition.
  - 38. The method of claim 36, wherein the account comprises an access control record.
  - 39. The method of claim 36, wherein the account is stored in a memory component of the storage device, and wherein information relating to the account is fetched from the memory component by a controller of the storage device during authentication.
  - 40. The method of claim 36, wherein the partition comprises a continuous range of addresses.
  - 41. The method of claim 36, wherein the partition is a public partition.
  - 42. The method of claim 36, wherein the partition is accessed using regular read and write commands of the storage device.

43. A storage device comprising:
- a non-volatile memory having a partition; and
  
  a controller in communication with the non-volatile memory, wherein the controller is configured to;
  
  authenticate an entity to an account on the storage device;
  
  receive permissions from the entity to restrict access to the partition; and
  
  apply the permissions to access the partition when an unauthenticated entity attempts to access the partition.
- View Dependent Claims (44, 45, 46, 47, 48, 49)
- - 44. The storage device of claim 43, wherein the memory comprises at least one additional partition.
  - 45. The storage device of claim 43, wherein the account comprises an access control record.
  - 46. The storage device of claim 43, wherein the account is stored in a memory component of the storage device, and wherein information relating to the account is fetched from the memory component by a controller of the storage device during authentication.
  - 47. The storage device of claim 43, wherein the partition comprises a continuous range of addresses.
  - 48. The storage device of claim 43, wherein the partition is a public partition.
  - 49. The storage device of claim 43, wherein the partition is accessed using regular read and write commands of the storage device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SanDisk Technologies LLC (Western Digital Corporation)
Original Assignee
Sandisk Technologies Incorporated (Western Digital Corporation)
Inventors
Jogand-Coulomb, Fabrice, Holtzman, Michael, Qawami, Bahman, Barzilai, Ron

Application Number

US14/067,574
Publication Number

US 20140115698A1
Time in Patent Office

Days
Field of Search
US Class Current

726/21
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/62   Protecting access to data v...

G06F 21/6218   to a system of files or obj...

G06F 21/78   to assure secure storage of...

G06F 2221/2145   Inheriting rights or proper...

Method for Versatile Content Control with Partitioning

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

10 Citations

49 Claims

Specification

Use Cases

Quick Links

Others

Method for Versatile Content Control with Partitioning

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

49 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others