EWS-005810
`
`Early Warning Services 1017
`IPR of U.S. Pat. No. 8,887,308
`
`

`

`Patent Application Publication
`
`Jan. 10, 2008 Sheet 1 of 33
`
`afiuse|4
` jJeouenbas
`
`US 2008/0010685 Al
`
`EWS-005811
`
`EWS-005811
`
`

`

`Patent Application Publication
`
`Jan. 10, 2008 Sheet 2 of 33
`
`US 2008/0010685 Al
`
`SIUM
`
`PpeoYds
`
`OHMS
`
`
`
`OdBalyJasn(s)ealypapejolgpueg
`
`
`
`pesy
`
`ps}osjold
`
`Wdd9/as
`
`pddy
`
`3U}S|
`
`pled
`
`Zeuinuasy
`
`pesys
`
`SIMS
`
`yo(0
`
`PIED
`
`
`
`EWS-005812
`
`
`
`
`
`
`
`SpieduoeloueyMeNYSIGQUeS
`
`JOJ:
`
`udJeoyNUSp]sOboaw7JUSP]JSOH
` ziasnNY~9
`LddyoeNyO)
`ssacoypaseg|eddywy|SO}OY
`jOUOD|Sjl4peoy
`uolvesUeLNY
`
`EWS-005812
`
`
`
`
`
`
`
`

`

`Patent Application Publication
`
`Jan. 10, 2008 Sheet 3 of 33
`
`US 2008/0010685 Al
`
`UOWIEdWeayskS
`
`uowedwayshs
`
`ONANOd
`
`uonped
`
`-Od
`
`oNane
`
`uonmey
`
`“Id
`
`UOWed
`
`-Zd
`
`UOWIUed
`
`-€d
`
`uoned
`
`UOHIHEdbd
`
`UOIIHEdZed
`
`uoHIHedEd
`
`EWS-005813
`
`EWS-005813
`
`
`
`

`

`Patent Appl
`
`icat
`
`ion
`
`Publ
`
`icat
`
`ion
`
`Jan
`
`. 10, 2008
`
`Sheet 4 of 33
`
`US 2008/0010685 Al
`
`syy6ry
`
`SIUM/PESY|peey|STuANPeSE_
`
`
`SUIRWO‘SHOY‘a}9]EC/e12A1D
`
`
`s}UBIyj0..U0Dsseooy
`‘ayepdpayepeqseyeain
`
`SONSHO}OBIEYDUOIOW
`
`Q|YORE,
`
`Q|UORIHE
`wayshSYSS
`
`peoy
`
`er
`
`wyuobyy|HOV
`
`uoyeojueuny
`UOREORUSYINY
`uonesyusyjny
`pouay
`poujeyw
`seep
`sjequepald
`Kayaygnd
`sjenuepeig
`4SAVSav
`wyoBly|YOV
`wyobyy|FOV
`
`poujsi|
`
`al
`
`YoVv
`
`YOV
`
`L#
`
`EWS-005814
`
`EWS-005814
`
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 5 of 33
`
`US 2008/0010685 Al
`Level 3
`
`Level 1
`
`Level 3
`
`EWS-005815
`
`EWS-005815
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 6 of 33
`
`US 2008/0010685 Al
`
`
`
`
`
` AGP
` Level 2
`
`
`
`
`
`
`
`
`
`AGP
`Level 1
`
`AGP
`
`Level 3
`
`
`
`
`AGP
`Level 1
`
`AGP
`Level 1
`
`AGP
`
`Level 2
`
`AGP
`Level n
`
`AGP
`Level n
`
`AGP
`Level n
`
`
`
`
`
`
`
`
`Level 3
`
`
`
`
`AGP
`Level 1
`
`Level 2
`
` AGP
`
`
`
`AGP
`Level 2
`
`AGP
`Level 1
`
`AGP
`Level 2
`
`
`
`Level 1
`
`Root
`
`—o
`
`FIG. 7
`
`EWS-005816
`
`EWS-005816
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 7 of 33
`
`US 2008/0010685 Al
`
`Create System ACR
`
`Host Side
`
`Create System ACR
`
`Card Side
`
`issue SSA Command to
`
`
`
`
`
`Create System ACR
`Status OK
`
`Card
`
`
`
` Issue SSA Commandto
`
`
`Define System ACR
`
`Login Credential
`
`
`
`Issue SSA Command:
`System ACR Ready
`
`FIG. 8A
`
`Command Received
`
` System
`
`
`ACR Already
`
`Exist
`
`
`
`ACR Creation
`
`
` System
`
`210
`
` Create System ACR
`
`
`
`?
`Allowed
`
`
`
` System ACR Credentials
`Command Received:
`
`Update System ACR
`Record, Return Status OK,
`and Wait for Creation Done
`
`
`
`
`
`System ACR|System ACR Creation Done
`
`
`Command Received: Return
`Cannot Be
`Updated or
`OK Status, Mark System
`
`
`ACRas Existing and Active
`Replaced
`
`FIG. 8B
`
`EWS-005817
`
`EWS-005817
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 8 of 33
`
`US 2008/0010685 Al
`
`
`
`
`Does
`
`
`
`Adding Root
`System
`ACR Exists
`AGP Require System ACR?
`
`
`
`(Set to Controlled)
`9
`
`
`
`
`
`
`
`Switch the AGPs to Operational
`{DisableRootAGP Addition|
`
`
`Mode. Existing ACRs in AGP(s)
`
`
`Feature: Additional AGP |=FIG, 9
`
`Cannot Be Updated, No Addition
`
`
`Cannot Be Created
`of New ACRsto the Root AGP
`
`
`258
`
`270
`
`Process Used
`to Create
`m1, m2, $1,
`s2
`
`
`
`Authorized
`2
`
`Stop 276
`
`
`HIC
`
`
`
`ACR Created
`
`FIG. 10
`
`EWS-005818
`
`EWS-005818
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 9 of 33
`
`US 2008/0010685 Al
`
`Create 2 ACRs (m1, m2) in Marketing AGP, 2ACRs(s1, s2) in Sales AGP
`
`Level 1
`
`Level 2
`
`
`
`
`Create Sales
`Marketing AGP
`
`
`
`mi (ACR) —&
`7/
`
`
`m2 (ACR)
`
`
`
`
`
`Sales AGP
`
`s1 (ACR)
`s2 (ACR)
`
`R Only
`
`~~.
`
`RAV
`
`~~
`
`Marketing
`Information
`
`
`
`280
`
`Marketing AGP
`
`
`
`Stop
`
`
`
`
`
`si (ACR)
`
`m2 ACR)\
`
`
`
`mi
`
`(ACR
`
`H
`
`H
`
`Cc
`
`:
`
`FIG. 13
`
`
`
`Request to Create Key,
`Provide Reference Name
`
`302
`
`304
`
`10
`
`
`° Rohs. Has All
`4 Assign Rights
`
`(RIW Delegate...)
`and Permissions
`
`
`312 + Share Rights with
`
`Other Accounts
`
`* Share Keys
`
`FIG. 14
`
`EWS-005819
`
`EWS-005819
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 10
`
`of 33.
`
`US 2008/0010685 Al
`
`Authentication Process
`
`330
`
`332
`
`
`
`H/C
`
`H
`
`Request Deletion of Access
`Rights/Permission of Another Account
`
`.
`
`
`
`
`Specify Account
`
` 334
`
`
`
`
`336
`
`Authorized
`?
`
`Stop
`
`Yes
`
`338
`
`Access Rights or
`Permission Deleted
`
`FIG. 15
`
`
`
` Request Access
`
`350
`
`Access Authorized
`9
`
`352
`
`No
`
`Yes
`
`_—
`
`354
`
`Specify Account
`
`356
`
`Request Protected Content
`
`Stop (Access
`Rights Deleted)
`
`
`
`
`
`
`
`
`
`Authorized
`?
`
`Yes
`
`3
`
`360
`
`Stop (Permission
`Deleted or Expired)
`
`Permission Granted
`
`FIG. 16
`
`
`
`EWS-005820
`
`EWS-005820
`
`

`

`Patent Application Publication
`
`Jan. 10, 2008 Sheet 11 of 33
`
`US 2008/0010685 Al
`
`CLP
`
`uadgjoaiqey
`
`uolssas
`
`
`
`eyeqpayeiossy
`
`bly
`
`
`
`Buisnsseooy
`
`pueyuoisses
`
`XGIAe»
`
`XGIAey<-Xeld
`
`ssa00y8014GNWN
`
`XGIAeyupXaiAayUMOra4sseo0y|zopUOReOHUBUINYGal]SSOODYsuoneoquayiny
`
`
`
`
`
`
`
`
`
`SUOISSASJOYIO“SAUOISSEgUedOSUOISSISJBUIO“SAUOISSASUdo
`GZb‘OldVZLOld
`
`
`NAND-——
`
`NAND———
`
`EWS-005821
`
`Open Access
`
`EWS-005821
`
`
`
`
`
`
`

`

`Patent Application Publication
`
`Jan. 10, 2008 Sheet 12 of 33
`
`US 2008/0010685 Al
`
`SWENSOUSIEjOYajpueyy
`
`
`
`‘SUM‘peoy)s}yBry
`
`uonebajagsseo0y
`
`(‘938
`
`
`
`(piomsse‘Aay)adAy
`
`JOJOQUINNxe
`
`(‘oye
`
`
`
`Aayyuayu0y
`
`enjeaAeyse
`
`JOJOqUINNUl)‘sso00y
`
`
`
`AjuOjeuueyyainoeg
`
`yoo}oiqdnyoeg.
`
`
`JauUeYDeINdeSgsQI0O4
`
`SOUSIBJSYSUIeIJSUOD
`
`
`
`
`‘VSUY‘SSYV)Pou(oye
`
`
`‘uBis‘yjny)ebesn
`‘deimun
`
`
`
`JOJOQUUNNSAjoNysu0y
`
`
`
`SSa00V/paeZLOUNy-u
`
`
`
`pezuounyAljnjsseoons
`
`paey|eqoigxeyy
`
`
`ssoo0y
`
`PaleyJEQO|SJUSUND
`
`
`
`
`‘aul‘seyAqy)edd,
`
`
`
`JOYSUIeI]SUODJeqo|s
`
`HSI]YOR!JOSUA
`
`QUONJO
`
`
`
`a}e}SjueuND
`
`
`
`(‘038‘3a]UN0D
`
`XeJOule
`
`uopeyWIT
`
`oyisedsAeyJojeqojg«
`JoyAvyjuagjuoyCe
`
`
`ISI]YOR|JOSYA
`
`8b‘Sl
`
`
`Huryooquy0}Jey
`sjenuepal9
`
`
`
`abesppayle4jueuing
`
`abesnpoe
`
`4YOO|Qu!]O}[EHUSPa1D
`
`JOJOQUINNUl
`
`EWS-005822
`
`EWS-005822
`
`
`
`
`
`
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 13 of 33.
`
`US 2008/0010685 A1
`
`Login/Password Type
`
`
`
`Host Card
`
`Send Password
`
` Specify Account
` Check if Password
`
`
`etc.
`
`
`
`
`and Account Match
`
` Yes:
`No:
`Increment
`Set Account
`Error Counter
`
`
`as Authenticated
`~
`for Account
`
`
`FIG. 19
`
`EWS-005823
`
`EWS-005823
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 14 of 33.
`
`US 2008/0010685 A1
`
`
`
`502
`
`
`
`
`Host 1 CA
`Host n CA
`(Level 2)
`(Level 2)
`
`
` 504
`Cert
`Cert
`
` Host Root
`CA Cert
`
` Host 1 CA
` 506
`
`(Level 3)
`Cert Host Cert
`
`514
`
`Host Cert
` 5712
`Bt
`
`FIG. 20
`
`
`Device Root
`
`
`
`520
`
`
`
`Device 1 CA
`Device n CA
`(Manufacturer)
`(Manufacturer)
`
`
`
`Cert
`
`
`
`522
`
`CA Cert
`Cert Device Cert
`
`Device Cert
` 524
`A2
`B2
`
`FIG. 27
`
`EWS-005824
`
`EWS-005824
`
`

`

`Patent Application Publication
`
`Jan. 10, 2008 Sheet 15 of 33
`
`US 2008/0010685 Al
`
`
`
`JOOYJSOH
`
`
`
`SILIIOD
`
`Gc9
`
`Kayo4qNd
`
`og)
`SyeOYyES
`
`}SOH
`
`UOREOYRUSYINY,,
`
`.yejdwoy
`
`é¢Old
`
`
`
`JOquNNwopuey
`
`UOISSESYe\|S
`
`ééGINDWSS
`
`
`
`(uoHeoUsyynyAeM-auQ)
`
`SIeUSPaIDYOV
`
`washSWSS
`
`
`
`Wua}shS}SOH
`
`cvsOFS
`(JELGWOWSS)|Aven|UOHEOUIUSYNY,,
`
`a}9|dw0DuoHeonUeYINy
`
`-uOoIssee(9¢4GINOWSs)SAVwUOISSESHe}g,,
`
`
`
`JO108SJd}Se/\-BldsdIAEq19HgaSeYdUdHeSID
`
`—Aayuolsseas
`UJEYDS}EOYIN9DJSOH|AySJEAUSOH
`
`
`
`Kayayqnd
`
`UONEDIOA,
`
`aseud
`
`
`
`Kays}eAuid
`
`UOHEOYUOA
`
`aseud
`
`Aayuolsses
`
`,2}9|dWI0D
`
`EWS-005825
`
`EWS-005825
`
`
`
`
`

`

` VE?‘Sid‘BezOld|EZ‘Old+----4|VEZ“ONS|
`
`
`
`(uojeonuayinyjeniny)
`AayoqndKeyaand
`S}EOIHED891A9Q38~—ayeoyNIED
`
`Q}EOYITIED
`
`}SOH
`
`=)
`
`ééGWOWSS
`
`ééQWDWSS
`
`
`SyeoyeBJEOWIMSDJSOH18Sae
`
`
`
`econ°Aayouyqnd
`
`Patent Application Publication
`
`Jan. 10, 2008 Sheet 16 of 33
`
`US 2008/0010685 Al
`
`
`
`JOOYJSOH
`
`S}EOYINED
`
`SolAeq
`
`S|EUBPAIQYOV
`
`
`
`Wua}shsSWSSWaj}shsjsoH]
`
`
`
`eolAaq
`
`
`
`JOOYao1A8q
`
`SILOYIIOD
`
`UOHeOyUea/,
`
`ayeoyIHEg
`
`EWS-005826
`
`EWS-005826
`
`
`
`
`

`

`Patent Application Publication
`
`Jan. 10, 2008 Sheet 17 of 33
`
`US 2008/0010685 Al
`
`uoHeoynusUINy,,
`
`.2}9|dWog
`
`
`
`Jequinywopuey
`
`
`UOISSagLEIS,
`en
`
`
`
`
`
`aHuaeyyso1neqye
`
`Aey}S0HAus,
`ééGWOWSS
`
`
`ééAINDWSS
`
`abusjleydISOH38S
`
`AayaolaagAa;
`ééGWOWSS
`
`
`
`Jequinywopuey
`
`eredwoy
`
`Kayuolsses
`
`UOILOYLIa/\
`
`eased
`
` Gée
`‘Did2h
`
`
`
`J81DBSJB}SC|\-SiqISOHJOS
`
`_—Aayudissag
`
`JOIISSJO}SE|-Sq]SI/ASC]JODaseyduoeaig
`
`
`
`
`
`a}e|dwoduolyeoqueyyny
`é¢GIDINSSKayaqeAl
`
`
`(ZE1GINDWSS)
`
`
`JequnNwopueyUOISSESLEISLo41dAjouy
`
`éé¢QWOWSS
`
`é¢QWOWSS
`
`jatooa]+
`
`(91GWOWSs)
`
`4-S3av
`
`UOISSESYe}S,
`
`Ors
`
`UOHEOYHUSUINY,,
`
`.e|dwog
`
`EWS-005827
`
`EWS-005827
`
`
`
`
`
`
`
`
`
`

`

`Patent Application Publication
`
`Jan. 10, 2008 Sheet 18 of 33
`
`US 2008/0010685 Al
`
`SUCSE]OU}SIUIEYDOU}Ul
`
`SJEOYINSDJUSUNDJseyeoipujBel
`siy,
`
`a}as0sIq]
`
`wJ@UlySh,
`
`Be|4
`
`
`
` 66S26SG6S~~Lo™||?||||||:||hy~L|__|owltoji—..—J(6)06S(Z)06¢(¢)06S(¢)o6¢(L)06¢
`
`
`
`(goes(9)o6g(y)o6s(06s
`
`
`
`iO06S
`
`adhowen
`
`
`“Bayquowinbiy
`
`“Biy
`
`yybue7
`
`S}eOYINBOjoyjbue]
`
`seyAgulAoy
`
`sajAgul
`
`
`
`OZISa}eOyIHIE9
`
`JabajuycL-0
`
`[ELSJo3sI7
`
`Jaquiny
`
`WU,OB7ubIS einyeuBis
`JOUIOF9yeq
`
`uoZe“Ol-l
`
`SJEOYINSD
`
`‘dxg
`jeuas
`
`Jequinn
`
`EWS-005828
`
`EWS-005828
`
`
`
`
`
`
`
`

`

`Patent Application Publication
`
`Jan. 10, 2008 Sheet 19 of 33
`
`US 2008/0010685 Al
`
`CERTIFICATE CHAIN
`
`CERTIFICATE CHAIN
`
`Card
`(Card Authenticating Host)
`
`Host
`(Card Authenticating Host)
`
`Certificate Chain
`From Entity Being
`Authenticated
`
`Certificates Received
`
`602
`
`604
`
` Receiving Sequentially
`
`
`
`
` Verifying Each of
` Aborting the Process
`
` 606
`
`?
` Proceed to
`
`
`
`
`if Any One of
`Certificates Faiis
`to be Verified and
`Notify Entity
`
`
`
`
`608
`
`
`Last Certificate
`Been Received
`
`and Verified
`
`610
`
`Next Phase
`After Certificate
`Verification
`
`
`
`
`
`
`
`
`
`
`Send Next
`Certificate in
`Chain
`
`620
`
`
` 622
` Has
`9
`Failure Notice
`Been Received
`From Card
` 626 Has
`
`
`Last Certificate
`Been Sent
`?
`
`Next Phase
`After Certificate
`Verification
`
` Proceed to
`628
`
`FIG. 27
`
`FIG. 26
`
`EWS-005829
`
`EWS-005829
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 20 of 33.
`
`US 2008/0010685 A1
`
`CERTIFICATE CHAIN
`
`Card Actions
`(Host Authenticating Card)
`
`CERTIFICATE CHAIN
`
`Host
`(Host Authenticating Card)
`
`630
`
`
`
`
`Receive
`Request for
`Next Certificate
`
`632
`in Chain
` Send Next
`
`
` 636 Has
`
`
`
`640
`
`642
`
` Send Requestfor
`
`
`
`Next Certificate
`in Chain
`
`
`
`Certificate
`Received, Abort
`and Notify if Fails
`
` Verify Each
`
`
`Has
`Last Certificate
`Been Received and
`Successfully
`Verified
`9
`
`
`
`Next Phase
`After Certificate
`Verification
`
`
`
`
`646
`
`644
`
`
`
`
` Proceed to
`
`FIG. 29
`
`
`
`634
`
`Certificate
`in Chain
`
`Failure
`Notice Been
`Received
`9
`
`
`
`Has
`
`Last Certificate
`Been Sent
`?
`
`Next Phase
`After Certificate
`Verification
`
`
`
` Proceed to
`
`FIG. 28
`
`639
`
`EWS-005830
`
`EWS-005830
`
`

`

`Patent Application Publication
`
`Jan. 10, 2008 Sheet 21 of 33
`
`US 2008/0010685 Al
`
`Host
`(CRL on Card)
`
`Reads CRL
`From Card
`User(Public)
`Partition
`
`Sends CRL
`and Cerificate
`to Card
`
`
`
`Proceed to
`Next Phase
`Unless Receive
`Failure Notice
`
`652
`
`654
`
`656
`
`Card
`(CRL on Card)
`
`Receive CRL
`From Host
`with Certificate
`
`
`
`Check Whether
`Cerificate
`S.N. is on CRL
`
`Send Failure
`Notice to Host
`if Certificate
`S.N. is on CRL
`
`658
`
`660
`
`662
`
`FIG. 30
`
`FIG. 31
`
`EWS-005831
`
`EWS-005831
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 22 of 33
`
`US 2008/0010685 A1
`
`REVOCATION
`
`At Authenticating
`Entity (Card)
`
`At Entity to be
`Authenticated (Host)
`
`Receive Certificate
`
`704
`
` 702
`
`
`and CRL From Entity
`
`
`Process Portions of CRL
`and Search for Certificate
`
`
`
`S.N. in CRL Concurrently,
`Processing Includes
`Hashing CRL Portions
`and Comparing to
`
`Decrypted Hashed Portions
`
`
`Expiration Time Period
`
`
`in CRL has Passed
`
`
`Authentication fails if
`Certificate S.N. is on CRL,
`
`
`or if Current Time
`
`
`is not Within CRL
`Expiration Time
`Period, or Time for Next
`
`Updated CRL has Passed
`FIG. 33
`
`Checking if Current Time
`is not Within CRL
`
`706
`
`Check Whether Time
`for Next Updated CRL
`
`708
`
`710
`
` 722
`
`
`
`Send Certificate
`
`and CRL
`
`Proceed to Next
`Phase After
`
`
`Certificate and CRL
`
`Verification
`
`
`124
`
`FIG. 34
`
`EWS-005832
`
`EWS-005832
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 23 of 33.
`
`US 2008/0010685 A1
`
`Card
`
`Host Sends Data to Card
`
`Authenticate Host
`
`
`
`Has
`
`
`
`Send
`Host Request
`
`
`Certificate
`for Certificate Been
`
`
`to Host
`
`Received
`
`2
`
`
`
`
`
`
`Has
`Data and
`
`Command Been
`Received From
`
`802
`
`Host
`
`
`Return Data
`
`
`814
`
` for Signing
`Data
`
`
`?
`
`
`Use Private
`Key to
`
`Decrypt Data
`
`812
`
`Sign and
`
`FIG. 35
`
`EWS-005833
`
`EWS-005833
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 24 of 33.
`
`US 2008/0010685 Al
`
`Host
`Host Receives Signed Data
`
`Host
`
`Host Sends Data to Card
`
`Data Back
`
`Send Authentication
`Information
`
`Request and
`Receive
`Certificate Chain
`
`Send Data and
`Receive Signed
`
`822
`
`824
`
`826
`
`Information to Card
`
`862
`
` Send Authentication
`
`
`
`
`
`
`Request and Receive
`Certificate Chain
`to Certify Card
`Public Key
`
`864 Encrypt Data
` 868
`
`
`
`Using Public Key
`
`866
`
`
`
`Send Encrypted
`Data to Card
`
`FIG. 36
`
`FIG. 37
`
`EWS-005834
`
`EWS-005834
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 25 of 33.
`
`US 2008/0010685 A1
`
`Receive General Information|
`Query From Entity
`
`~ 902
`
`
`Has
`Entity Been
`
`
`Authenticated
`
`?
`
`
`
`
`
`
`
`
`Supply Public
`Supply Public and
`Information to
`Shared Confidential
`
`
`Entity
`Information to Entity
`
`
`
`
`906
`
`FIG. 38
`
`Receive Discreet
`Information Query
`
`922
`
`924
`
`Has
`Entity Been
`
`Authenticated
`?
`
`
`
`
`
`
`
`Deny
`Access
`
`
`
`Supply Only Portion
`of Confidential
`
`Information Allowed
`by Control Structure
`
`
`FIG. 39
`
`926
`
`EWS-005835
`
`EWS-005835
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 26 of 33.
`
`US 2008/0010685 A1
`
`24
`
`Host Host Side
`
`FIG. 40B
`
`SSA
`Manager
`IT
`
`SSA
`Secure|
`Operations
`
`1028
`
`1026
`SSA Non
`Secure
`Operations
`
`EWS-005836
`
`EWS-005836
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 27 of 33.
`
`US 2008/0010685 A1
`
`1052
`
`Authentication
`Service
`
` Internet
`
`
`Service
`
`
`
`1054
`
`a 1050
`
`1056
`
`1058
`
`
`
`
`
`Physical
`Token
`
`ESE
`OTP GENERATION USING SEED
`Controlled by
`CARD
`FSE ACR
`SSM SYSTEM
`HOST
`
`
`User Authentication
`
` 1172
`1
`to User ACR
`
`
`Authentication Successful 1 1174
`
`FSE with
`
`
`
`Assoc.
`Forward with FSE ID
`Associated with SDO
`FSE ID
`Invoked
`
`XI
`1178
`
`
`oO 1180
`4 1182
`
`
`Generate
`OTP From
`Seed
`
`
`
`Get SDO
`
`1176
`
`1082
`
`Request to Read
`Seed From SDO
`Seed Read From SDO
`
`Server
`
`Forward
`
`OTP
`
`1 1184
`
`FIG. 44
`
`EWS-005837
`
`C
`
`Authenti-
`cation
`
`EWS-005837
`
`

`

`Patent Application Publication
`
`Jan. 10, 2008 Sheet 28 of 33
`
`US 2008/0010685 Al
`
` COLL
`UOHEOUSYINYG
`
`
`
`
`
`PLLL-PLLL-bLLL
`
`cvOld
`
`ddvVJoo"
`
`cons
`
`(BuluolsiAoid)
`
`dV
`
`JaAIEs
`
`Comm. Pipe
`
`dlo
`
`uol}e1auac)
`
`dov
`
`EWS-005838
`
`EWS-005838
`
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 29 of 33.
`
`US 2008/0010685 A1
`
`SEED PROVISIONING
`
`1102 >
`
`HOST
`
`
`Authentication Request
`to Authentication ACR
`
`Generate
`Seed
`Request
`
`
`
`1124
`
`
`
`
`
`
`FSE
`invoked
`
`
`
`
`
`FSE
`Controlled by
`CARD
`OTP FSE ACR
`SSM SYSTEM
`
`
`
`
` 1122
`
`
`Authentication Successful 4
`
`
`oS
`Forward Request Through
`Send Request to Sign Seed
`|Request, Select COMM. PIPE] COMM. PIPE
`Nal
`1128
`1126
`Request Signature by Key
`rq 1130
`in IDO
`] 1132
`Signing Completed
`Request IDO Certificate Chain a 1134
`C 1052
`IDOCertificate Chain Provided-}~
`1136
`
`
`Authenti-
`Signed Seed Request and
`cation
`IDO Certificate Chain
`
`Server|Forward Through COMM. PIPE 1138
`
`
`
`Seed Encrypted with
`Authenti-|Assy ID Public Key and
`
`cation|User ACR Information 1142
`
`
`
`Server|Select COMM. PIPE Forward Through COMM. PIPE/| FSE
`
`
`L 1052
`invoked
`1140
`Request Decryption of Seed
`
`Using Private Key in Assy ID - 1144
`
`A 1146
`Decryption Completed
`Request Creation of SDO and
` 1148
`Storing Seed Therein, Request
`to Associate SDO with FSE ID (1
`
`
`
`SDO Creation, Seed Storing,
`
`Association with FSE 1D
`Completed
`a
`
`
`
`
`Request to Delegate Access
`Rights to SDO to User ACR J
`
`
`Host
`Binds
`Slot ID
`to
`User ACR
`
`
`
`
`Delegation Completed
`- SDO Name(Slot 1D) Through
`1
`COMM. PIPE
`Forward
`
`
`
`
`
`
`1158
`FIG. 43
`
`‘1
`
`1150
`
`1182
`
`1154
`
`1156
`
`EWS-005839
`
`EWS-005839
`
`

`

`Patent Application Publication
`
`Jan. 10, 2008 Sheet 30 of 33
`
`US 2008/0010685 Al
`
`Sv‘SIA
`
`ddV}00¥Y
`
`
`(Buluclsiaol)(jeuse}u})NdvJONaS—
`
`
`somes3s4wua/soehola\yeqkeld
`oeqhe
`
`dOVYyovYOovV
`
`
`Comm. Pipe
`
`‘COLL
`
`Ee
`
`~—
`
`EWS-005840
`
`EWS-005840
`
`
`
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 31 of 33
`
`US 2008/0010685 A1
`
`LICENSE PROVISIONING AND CONTENT
`DOWNLOAD, KEYIN LICENSE OBJECT
`
`License
`Server
`
`
`FSE
`Invoked
`
`1208
`1210
`
`License File Written
`
`FSE
`CARD
`Controlled by
`SSM SYSTEM
`DRM ACR
`HOST
`
`
`Authenticate to License
`Server ACR
` fe
`Authentication Successful 4
`License File, CEK (KeyID,
`
`Key Value)
`
`
`
`SELECT COMM. PIPE
`Forward License File, CEK
`
`
`Player Information
`
`Through COMM. PIPE
`
` 1212|
` Request to Write License File
`to Hidden Partition
`
`Object with FSE ID Attribute
`Create CEK Object, Store Key
`Value in Object, Associate CEK
`
`
`
`CEK Object Creation, Key Storing,
`
`Association Completed 1216
`
`
`
`Delegate Read Access Rights
`
`to CEK Objectto Playback ACR-t~
`
`
`Access Rights Delegation
`Completed
`I 1220
`
`License
`License Stored Through
`
`
`
`
`
`Server|Forward 1224|COMM.PIPE yy 1222
`
` Write Content File Encrypted
`
`1214
`
`1218
`
`
`
`
`
`License
`with Key Value in CEK
`
`Server
`to Public Card Area
`
`
`
`FIG. 46
`
`EWS-005841
`
`EWS-005841
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 32 of 33
`
`US 2008/0010685 A1
`
`PLAYBACK
`
`HOST
`
`Authenticate
`to Playback ACR
`
`FSE
`Invoked
`
`FSE
`Controlled by
`CARD
`DRM ACR
`SSM SYSTEM
`
`
`
`
`1242
`
`{|
`
`
`
`
`1244
`Authentication Successful (1
`
`
`FSE with ID Associated with
`Read Content Associated
`with Key ID
`Key ID in CEK
`
`
`
`
`4250
`.
`Request to Read License
`Associated with Key ID
`
`Read License From
`Hidden Partition
`
`
`
`Check
`License
`
`
`
`
`
`Content Decryption Approved
`Content Playback
`
`
`
`1252i
`
`1248
`
`1254
`
`FIG. 47
`
`EWS-005842
`
`EWS-005842
`
`

`

`Patent Application Publication
`
`Jan. 10,2008 Sheet 33 of 33.
`
`US 2008/0010685 A1
`
`LICENSE PROVISIONING AND CONTENT
`DOWNLOAD, KEY CREATED BY CARD
`
`- CARD.
`SSM SYSTEM
`HOST
`Authenticate to License
`Server ACR
`
`KI
`
`Authentication Successful a
`
`FSE
`Controlled by
`DRM ACR
`
`License File, Key ID
`SELECT COMM. PIPE
`Player Information
`
`Forward License File, Key ID
`Through COMM. PIPE
`Request to Write License File
`
`to Hidden Partition
`
`FSE
`Invoked
`toqa
`
`|
`
`Generate Key Value, Create
`CEK Object, Store Key Vaiue
`in Object, Associate CEK
`Object with FSE ID Attribute
`
`Key Value Generation, CEK
`Creation, Storing in CEK Object,
`Association with FSE ID
`Attribute Completed
`
`Delegate Read Access Rights
`to CEK Object to Playback ACR/7~
`Access Rights Delegation
`Completed
`
`—
`
`1224)
`
`License Stored Through
`COMM. PIPE
`
`4214
`
`1216
`
`1278
`
`1220
`
`1222
`
`License
`Server
`
`License
`Server
`
`License File Written 1212
`
`License|Write Content File Content File with KeyValue
`
`Server
`Associated with Key ID
`identified by Key ID
`
`.
`
`.
`
`Security System Encrypts
`
`FIG. 48
`
`EWS-005843
`
`EWS-005843
`
`

`

`US 2008/0010685 Al
`
`Jan. 10, 2008
`
`CONTENT CONTROL METHOD USING
`VERSATILE CONTROL STRUCTURE
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`[0001] This application claims the benefit of U.S. Provi-
`sional Application No. U.S. 60/819,507 filed Jul. 7, 2006.
`[0002] This application is related to U.S. application Ser.
`No. 11/313,870,
`filed Dec. 20, 2005; which application
`claims the benefit of U.S. Provisional Application No.
`60/638,804, filed Dec. 21, 2004. This application is further
`related to U.S. patent application Ser. No. 11/314,411, filed
`Dec. 20, 2005; this application is further related to U.S.
`patent application Ser. No. 11/314,410, filed Dec. 20, 2005;
`this application is further related to U.S. patent application
`Ser. No. 11/313,536, filed Dec. 20, 2005; this application is
`further related to U.S. patent application Ser. No. 11/313,
`538, filed Dec. 20, 2005; this application is further related to
`USS. patent application Ser. No. 11/314,055, filed Dec. 20,
`2005;
`this application is further related to U.S. patent
`application Ser. No. 11/314,052, filed Dec. 20, 2005; this
`application is further related to U.S. patent application Ser.
`No. 11/314,053, filed Dec. 20, 2005.
`[0003] The present application is related to U.S. applica-
`tion Ser. No.
`of Holtzmanet al., entitled “Content
`Control Method Using Certificate Chains,” filed on
`;
`USS. application Ser. No.
`of Holtzmanetal., entitled
`“Content Control System Using Certificate Chains,” filed on
`, U.S. application Ser. No.
`of Holtzmanetal.,
`entitled “Content Control Method Using Certificate Revo-
`cation Lists,” filed on
`, US. application Ser. No.
`of Holtzmanet al., entitled “Content Control System
`Using Certificate Revocation Lists,” filed on
`, and
`USS. application Ser. No.
`of Holtzmanetal., entitled
`“Content Control System Using Versatile Control Struc-
`ture,” filed on
`, U.S. application Ser. No.
`of
`Holtzmanet al, entitled “Method for Controlling Informa-
`tion Supplied From Memory Device,”filed on
`,US.
`application Ser. No.
`of Holtzmanet al., entitled
`“System for Controlling Information Supplied From
`Memory Device,” U.S. application Ser. No.
`of
`Holtzmanet al., entitled “Control Method Using Identity
`Objects,” and U.S. application Ser. No.
`of Holtzman
`et al., entitled “Control System Using Identity Objects”.
`[0004] The applications listed above are incorporated
`herein in their entirety by reference as if fully set forth
`herein.
`
`BACKGROUND
`
`[0005] This invention relates in general to memory sys-
`tems, and in particular to a memory system with versatile
`content control features.
`
`Storage devices such as flash memory cards have
`[0006]
`become the storage medium of choice for storing digital
`content such as photographs. Flash memory cards may also
`be used to distribute other types of media content. Moreover,
`an increasing variety of host devices such as computers,
`digital cameras, cellular telephones, personal digital assis-
`tants (PDAs) and media players such as MP3 players now
`have the capability of rendering the media content stored in
`flash memory cards. There is thus great potential for flash
`
`memory cards, as well as other types of mobile storage
`devices, to become a widely used vehicle for distributing
`digital content.
`[0007] With the growing use of storage devices such as
`smart cards for various purposes, there is a need for storage
`devices to be provided with more control and processing
`capabilities. Thus, in some applications, it may be desirable
`for certain control structures to be stored in storage devices.
`These control structures enable the storage devices to con-
`trol access to data stored in the devices. For example, smart
`cards have been used to store banking related information
`such as credentials for access to bank accounts or health
`insurance
`related information. Control
`structures
`are
`
`installed in smart cards to prevent unauthorized access to
`such information. Information on smart cards can be found
`in Smart Cards Handbook, Third Edition, by Rankl and
`Effing, John Wiley & Sons, Ltd., England, 2003. At present,
`smart cards have been primarily used for single uses or
`purposes, such as in the form of prepaid telephone cards,
`bank cards or health insurance cards.
`[0008]
`In other applications, it may be desirable for soft-
`ware applications to be stored in storage devices. These
`software applications enable the storage devices to process
`data stored in the devices. For example, some smart cards
`known as JAVA cards contain software applications for
`supporting services, such as banking services. Information
`on JAVA cards can be foundin the article “An Introduction
`to Java Card Technology—Part 1,” by C. Enrique Ortiz,
`published May 29, 2003 on the Sun Developer Network. By
`their design, however, smart cards including JAVA cards are
`used to control access either to data, or to applications, but
`not to both.
`
`[0009] Due to the various issues and problems described
`above, none of the systems currently in use in storage and
`host devices is entirely satisfactory. It is therefore desirable
`to provide improved systems with better characteristics.
`
`SUMMARY
`
`In many applications, it is advantageousto run data
`[0010]
`processing activities on the storage devices. The resulting
`system will be more secure, more efficient and less host
`dependent than solutions where all of the data processing
`tasks are executed on the host. In one embodiment, at least
`one software application is stored in a non-volatile memory
`system wherethe atleast one software application is capable
`of being invoked by hosts to perform processing of data in
`the memory system. A security data structure stored in the
`memory system controls access to information obtainable
`from the data and to the at least one software application.
`[0011]
`In another embodiment, a data storage apparatus is
`used to provide data processing services to hosts. At least
`one software application stored in a non-volatile memory
`system of the data storage apparatus is capable of being
`invoked by a host to perform processing of data in the
`memory system. A set of protocols stored in the memory
`system is for communication between the hosts and the data
`storage apparatus. When theat least one software applica-
`tion is invoked,at least one of the protocols is modified. This
`feature enables communication between the hosts and the
`data storage apparatus to be moreflexibly controlled by the
`invocation of the at least one software application.
`[0012]
`In yet another embodiment, a security data struc-
`ture stored in a non-volatile memory system controls access
`to data stored in the memory system by hosts according to
`
`EWS-005844
`
`EWS-005844
`
`

`

`US 2008/0010685 Al
`
`Jan. 10, 2008
`
`an access policy. When a software application stored in the
`memory system is invoked, at least an additional condition
`that is different from the access policy is imposed for access
`to the data by the hosts.
`[0013]
`In one more embodimentof the invention, at least
`one software application and at least one data object are
`stored in a non-volatile memory system. An association
`between the at least one data object and the at least one
`software application is established, so that whenthe at least
`one data object
`is accessed,
`the at
`least one software
`application is invoked to process data in the at least one data
`object.
`Instill another embodiment, a plurality of software
`[0014]
`applications are stored in a non-volatile memory device. A
`first software application of the plurality of applications is
`invoked in responseto a host request to create a data object
`for storing data or derivative data received from a source.
`The data object
`is associated with the second software
`application of the plurality of software applications. When
`the data object is accessed, the second software application
`is invoked.
`
`In yet another embodiment, at least one software
`[0015]
`application is stored in a non-volatile memory system where
`the at least one software application is capable of being
`invokedby hosts to perform processing of data stored or to
`be stored in a memory system to obtain information. A
`security data structure stored in the memory system com-
`prises a first control structure for controlling access by the
`hosts to said information and a second control structure for
`
`controlling invocation of the at least one software applica-
`tion, where the first and second control structures employ
`substantially the same control mechanism.
`[0016]
`In still one more embodimentof the invention, at
`least one data object is stored in a non-volatile memory
`system. A plurality offirst sets of different protocols are also
`stored in a memory system, where individual sets of the first
`sets are selectable by hosts to enable data from the hosts or
`derivative data derived from the data to be provided to and
`stored in the at
`least one data object. A second set of
`protocols stored in the memory system enables the data or
`derivative data to be retrieved from the at least one data
`
`object. The secondset of protocols is capable of enabling the
`retrieval of the data or derivative data irrespective of which
`of the first sets of protocols enabled the providing and
`storing.
`[0017] The above-described features may be used indi-
`vidually, or may be combined in any combination, in storage
`systems to provide greater versatility of control and/or
`protection for the content owner.
`[0018] All patents, patent applications, articles, books,
`specifications, standards, other publications, documents and
`things referenced herein are hereby incorporated herein by
`this reference in their entirety for all purposes. To the extent
`of any inconsistency or conflict in the definition or use of a
`term between any of the incorporated publications, docu-
`ments or things and the text of the present document, the
`definition or use of the term in the present documentshall
`prevail.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 is a block diagram of a memory system in
`[0019]
`communication with the host device useful for illustrating
`this invention.
`
`FIG. 2 is a schematic view ofdifferent partitions of
`[0020]
`a memory and of unencrypted and encrypted files stored in
`differentpartitions where access to certain partitions and the
`encrypted files is controlled by access policies and authen-
`tication procedures useful forillustrating different embodi-
`ments of the invention.
`
`FIG. 3 is a schematic view of a memory illustrating
`[0021]
`the different partitions in the memory.
`[0022]
`FIG. 41s a schematic view offile location tables for
`the different partitions of the memory shownin FIG. 3 where
`some ofthe files in the partitions are encrypted useful for
`illustrating different embodiments of the invention.
`[0023]
`FIG. 5 is a schematic view of access control
`records in an access controlled record group and the asso-
`ciated key references usefulfor illustrating different embodi-
`ments of the invention.
`
`FIG. 6 is a schematic view oftree structures formed
`[0024]
`by access controlled records groups and access controlled
`records useful for illustrating different embodiments of the
`invention.
`[0025]
`FIG. 7 is a schematic diagram ofa tree illustrating
`three hierarchical trees of access controlled record groups to
`illustrate a process of formation of the trees.
`[0026]
`FIG. 8A and 8B are flow charts illustrating the
`processes carried out by a host device and a memory device
`such as a memory card for creating and using a system
`access control record.
`[0027]
`FIG. 9 is a flow chart illustrating a process using a
`system access control record to create an access controlled
`record group useful for illustrating different embodiments.
`[0028]
`FIG. 10 is a flow chart illustrating a process for
`creating an access control record.
`[0029]
`FIG. 11 is a schematic view of two access control
`record groups useful for illustrating a particular application
`of the hierarchicaltree.
`
`FIG. 12 is a flow chart illustrating a process for
`[0030]
`delegation of specific rights.
`[0031]
`FIG. 13 is a schematic view of an access controlled
`record group and an access control record to illustrate the
`process of delegation of FIG. 12.
`[0032]
`FIG. 14 is a flowchart illustrating the process for
`creating a key for the purpose of encryption and/or decryp-
`tion.
`
`FIG. 15 is a flow chart illustrating a process for
`[0033]
`removing access rights and/or permission for data access
`according to an accessed controlled record.
`[0034]
`FIG. 16 is a flow chart illustrating a process for
`requesting access when access rights and/or permission to
`access has been deleted or has expired.
`[0035]
`FIGS. 17A and 17B are schematic views illustrat-
`ing an organization of a rule structure for authentication and
`policies for granting access to cryptographic keys useful for
`illustrating different embodiments of the invention.
`[0036]
`FIG. 18 is a block diagram of a database structure
`illustrating an alternative method for controlling access to
`protected information according to policies.
`[0037]
`FIG. 19 isa flow chart illustrating an authentication
`processes using passwords.
`[0038]
`FIG. 20 is a diagram illustrating a numberofhost
`certificate chains.
`
`FIG. 21 is a diagram illustrating a numberof device
`[0039]
`certificate chains.
`
`FIGS. 22 and 23 are protocol diagramsillustrating
`[0040]
`processes for one way and mutual authentication schemes.
`
`EWS-005845
`
`EWS-005845
`
`

`

`US 2008/0010685 Al
`
`Jan. 10, 2008
`
`FIG. 24 is a diagram ofa certificate chain useful for
`[0041]
`illustrating one embodiment of the invention.
`[0042]
`FIG. 25 is a table illustrating the information in a
`control sector that precedesthe certificate buffer that is sent
`by the host for sending the last certificate to a memory
`device, showing an indication that the certificate is the last
`certificate in the certificate chain to illustrate another
`embodiment of the invention.
`
`[0062] The figures illustrate features in various embodi-
`ments of aspects of the invention. For simplicity in descrip-
`tion, identical components are labeled by the same numerals
`in this application.
`
`DETAILED DESCRIPTION OF EXEMPLARY
`EMBODIMENTS
`
`[0063] An example memory system in which the various
`aspects of the present invention may be implemented is
`FIGS. 26 and 27 are flow charts illustrating card
`[0043]
`illustrated by the block diagr