Storage apparatus, memory card accessing apparatus and method of reading/writing the same

US 8,219,824 B2
Filed: 06/29/2007
Issued: 07/10/2012
Est. Priority Date: 06/29/2007
Status: Active Grant

First Claim

Patent Images

1. A storage apparatus, comprising:

a non-volatile memory including a root directory area and a data area, wherein the root directory area is used for storing a password file, and the password file comprises a personal password;

a controller electrically connected to the non-volatile memory for controlling the operation of the storage apparatus and communicating with a host through a universal interface, the controller is further used for looking for the password file in the root directory area to determine whether the password file is stored in the root directory area; and

an encryption/decryption unit disposed in the controller and having a key,wherein when the controller cannot find the password file in the root directory area, the controller allows the host to write a new password file into the root directory area;

wherein when the controller finds the password file in the root directory area, the controller records a cluster of the password file and detects whether the password file is written, and the controller triggers a password comparison operation when a user of the host writes a password into the password file,wherein during the password comparison operation, the controller compares the password with the personal password stored in the password file from the cluster in order to identify the user, and if the password matches the personal password in the password file, the controller allows the host to access the data stored in the data area, while if the password does not match the personal password in the password file, the controller only allows the host to read data in the root directory area and responds a predetermined response to any other read operation for reading the data stored in the data area.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A storage apparatus having a non-volatile memory and a controller is provided, wherein the non-volatile memory includes a root directory area and a data area, and a password file is stored in the root directory area. The controller identifies a user by using a password in the password file, and the user can access the data area through an encryption/decryption unit of the controller only if the user passes the identification. By using the secured storage apparatus, the risk of the password and encrypted data being cracked is reduced. Accordingly, the protection over the data stored in the storage apparatus is enhanced.

22 Citations

View as Search Results

18 Claims

1. A storage apparatus, comprising:
- a non-volatile memory including a root directory area and a data area, wherein the root directory area is used for storing a password file, and the password file comprises a personal password;
  
  a controller electrically connected to the non-volatile memory for controlling the operation of the storage apparatus and communicating with a host through a universal interface, the controller is further used for looking for the password file in the root directory area to determine whether the password file is stored in the root directory area; and
  
  an encryption/decryption unit disposed in the controller and having a key,wherein when the controller cannot find the password file in the root directory area, the controller allows the host to write a new password file into the root directory area;
  
  wherein when the controller finds the password file in the root directory area, the controller records a cluster of the password file and detects whether the password file is written, and the controller triggers a password comparison operation when a user of the host writes a password into the password file,wherein during the password comparison operation, the controller compares the password with the personal password stored in the password file from the cluster in order to identify the user, and if the password matches the personal password in the password file, the controller allows the host to access the data stored in the data area, while if the password does not match the personal password in the password file, the controller only allows the host to read data in the root directory area and responds a predetermined response to any other read operation for reading the data stored in the data area.
- View Dependent Claims (2, 3, 4, 5, 6, 15)
- - 2. The storage apparatus according to claim 1, wherein the encryption/decryption unit uses the key to encrypt and decrypt the data stored in the data area of the non-volatile memory.
  - 3. The storage apparatus according to claim 1, wherein the non-volatile memory is a flash memory.
  - 4. The storage apparatus according to claim 3, wherein the flash memory is a NAND flash memory.
  - 5. The storage apparatus according to claim 1, wherein the universal interface is an universal serial bus (USB) interface.
  - 6. The storage apparatus according to claim 1, wherein the universal interface is an IEEE1394 interface.
  - 15. The storage apparatus according to claim 1, wherein the encryption/decryption unit uses the key to encrypt and decrypt the data stored in the data area of the non-volatile memory, and the key is different from the personal password.

7. A memory card accessing apparatus, comprising:
- a controller, for looking for a password file in a root directory area of a memory card to determine whether the password file is stored in the root directory area, and the controller being further used for comparing a personal password in the password file and controlling the operation of the memory card accessing apparatus;
  
  a memory card interface, electrically connected to the controller, for communicating with the memory card;
  
  an universal interface, electrically connected to the controller for communicating with a host; and
  
  an encryption/decryption unit, wherein the encryption/decryption unit is disposed in the controller and has a key;
  
  wherein when the controller cannot find the password file in the root directory area, the controller allows the host to write a new password file into the root directory area;
  
  wherein when the controller finds the password file in the root directory area, the controller records a cluster of the password file and detects whether the password file is written, and the controller triggers a password comparison operation when a user of the host writes a password into the password file,wherein during the password comparison operation, the controller compares the password with the personal password stored in the password file from the cluster in order to identify the user, and if the password matches the personal password in the password file, the controller allows the host to access the data stored in a data area of the memory card, while if the password does not match the personal password in the password file, the controller only allows the host to read data in the root directory area and responds a predetermined response to any other read operation for reading the data stored in the data area.
- View Dependent Claims (8, 9, 10, 16)
- - 8. The memory card accessing apparatus according to claim 7, wherein the memory card is a multi-media card (MMC), a secure digital (SD) card, or a compact flash (CF) card.
  - 9. The memory card accessing apparatus according to claim 7, wherein the universal interface is a USB interface.
  - 10. The memory card accessing apparatus according to claim 7, wherein the universal interface is an IEEE1394 interface.
  - 16. The memory card accessing apparatus according to claim 7, wherein the encryption/decryption unit uses the key to encrypt and decrypt the data stored in the memory card, and the key is different from the personal password.

11. A method of reading/writing a storage apparatus, the method comprising:
- looking for a password file stored in a root directory area of a non-volatile memory of the storage apparatus to determine whether the password file is stored in the root directory area;
  
  when it is determined that the password file is not stored in the root directory area, allowing a host to write a new password file into the root directory area; and
  
  when it is determined that the password file is stored in the root directory area, recording a cluster of the password file;
  
  detecting whether a user of the host writes a password into the password file;
  
  comparing the password with a personal password in the password file from the cluster if the user writes the password into the password file;
  
  allowing the host to perform a reading operation or a writing operation in a data area of the non-volatile memory if the password matches the personal password in the password file; and
  
  allowing the host to read data in the root directory area only and responding a predetermined response to any other read operation for reading the data stored in the data area if the password does not match the personal password in the password file.
- View Dependent Claims (12, 17)
- - 12. The read/write method according to claim 11, wherein while performing the writing operation, the storage apparatus first encrypts data to be written using a key stored in the storage apparatus and then stores the encrypted data in the data area, and while performing the reading operation, the storage apparatus first decrypts data to be read using the key and then transmits the decrypted data.
  - 17. The read/write method according to claim 12, wherein the key is different from the personal password.

13. A method of reading/writing a memory card accessing apparatus, the method comprising:
- looking for a password file stored in a root directory area of a memory card to determine whether the password file is stored in the root directory area;
  
  when it is determined that the password file is not stored in the root directory area, allowing a host to write a new password file into the root directory area; and
  
  when it is determined that the password file is stored in the root directory area, recording a cluster of the password file;
  
  detecting whether a user of the host writes a password into the password file;
  
  comparing the password with a personal password in the password file from the cluster if the user writes the password into the password file;
  
  allowing the host to perform a reading operation or a writing operation in a data area of the memory card if password matches the personal password in the password file; and
  
  allowing the host to read data in the root directory area only and responding a predetermined response to any other read operation for reading the data stored in the data area if the password does not match the personal password in the password file.
- View Dependent Claims (14, 18)
- - 14. The read/write method according to claim 13, wherein while performing the writing operation, the memory card accessing apparatus first encrypts data to be written using a key stored in the memory card accessing apparatus and then stores the encrypted data in the data area, and while performing the reading operation, the memory card accessing apparatus first decrypts data to be read using the key and then transmits the decrypted data.
  - 18. The read/write method according to claim 14, wherein the key is different from the personal password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Phison Electronics Corporation
Original Assignee
Phison Electronics Corporation
Inventors
Chang, Ching-Wen
Primary Examiner(s)
Vu, Kim
Assistant Examiner(s)
BEHESHTI SHIRAZI, SAYED ARESH

Application Number

US11/771,112
Publication Number

US 20090006866A1
Time in Patent Office

1,838 Days
Field of Search

713/183, 711/152, 711/153, 711/161, 711/163, 711/164, 711/173, 709212-216, 717/155, 705/18
US Class Current

713/183
CPC Class Codes

G06F 12/1433   for a module or a part of a...

G06F 21/31   User authentication

G06F 21/34   involving the use of extern...

Storage apparatus, memory card accessing apparatus and method of reading/writing the same

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

22 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Storage apparatus, memory card accessing apparatus and method of reading/writing the same

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links