Content control method using versatile control structure
First Claim
Patent Images
1. A storage device comprising:
- a non-volatile memory operative to store a data object;
one or more software applications; and
an access control structure containing information for authenticating an entity, further information for determining a permission of the entity to access the data object, and further information to associate the data object with a particular one of the software applications, wherein the particular one of the software applications is operative to process the data object; and
a controller operative to;
receive a request for the data object from the entity;
if the entity is authenticated, is a user of the data object, and has permission to access the data object, invoke the particular one of the software applications based on the association stored in the access control structure, wherein the request from the user of the data object is a request to access the data object; and
if the entity is authenticated and is an owner of the data object, execute the request, wherein the request from the owner of the data object is a request to perform at least one of the following;
read the data object, write to the data object, delete the data object, delegate ownership of the data object, and delegate permission to use the data object.
3 Assignments
0 Petitions
Accused Products
Abstract
A data object storing data in the memory device is associated with at least one software application. Accessing the object will invoke the at least one software application which processes the data in the object. Individual ones of a plurality of first sets of protocols are selectable for enabling data to be provided and stored in a data object. A second set of protocols can be used to retrieve data from the data object, or data derived from such data, irrespective of which of the first set of protocols was used to enable the provision and storing of data in the object.
-
Citations
74 Claims
-
1. A storage device comprising:
-
a non-volatile memory operative to store a data object; one or more software applications; and an access control structure containing information for authenticating an entity, further information for determining a permission of the entity to access the data object, and further information to associate the data object with a particular one of the software applications, wherein the particular one of the software applications is operative to process the data object; and a controller operative to; receive a request for the data object from the entity; if the entity is authenticated, is a user of the data object, and has permission to access the data object, invoke the particular one of the software applications based on the association stored in the access control structure, wherein the request from the user of the data object is a request to access the data object; and if the entity is authenticated and is an owner of the data object, execute the request, wherein the request from the owner of the data object is a request to perform at least one of the following;
read the data object, write to the data object, delete the data object, delegate ownership of the data object, and delegate permission to use the data object. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 36, 37)
-
-
11. The storage device of 10, wherein the one or more software applications sends requests to the secure storage application, and wherein the secure storage application does not distinguish between requests from the entity and from the one or more software applications.
-
35. The storage device of 34, wherein the non-volatile memory stores encrypted data, and the access control structure controls decryption of the encrypted content in response to the indication.
-
38. A method for providing data processing services to an entity, the method comprising:
performing the following in a storage device comprising a controller, a non-volatile memory storing a data object, one or more software applications, and an access control structure containing information for authenticating an entity, further information for determining a permission of the entity to access the data object, and further information to associate the data object with a particular one of the software applications, wherein the particular one of the software applications is operative to process the data object; receiving a request for the data object from an entity; if the entity is authenticated, is a user of the data object, and has permission to access the data object, invoke the particular one of the software applications based on the association stored in the access control structure, wherein the request from the user of the data object is a request to access the data object; and if the entity is authenticated and is an owner of the data object, execute the request, wherein the request from the owner of the data object is a request to perform at least one of the following;
read the data object, write to the data object, delete the data object, delegate ownership of the data object, and delegate permission to use the data object.- View Dependent Claims (39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74)
Specification