Abstract: Methods and apparatus for enabling a power up process of a non-volatile memory to occur efficiently are disclosed. According to one aspect of the present invention, a method for utilizing a memory system that has a non-volatile memory with at least one reserved memory area includes providing power to the memory system, initializing the non-volatile memory, and writing a first signature into the reserved memory area. The first signature is arranged to indicate that the memory system was successfully initialized. In one embodiment, the method also includes executing a power down process on the memory system, and writing a second signature into the reserved memory area which indicates that the power down process has been executed.

Abstract: One or more rights objects (RO) files may be used for storing RO's preferably in the protected area available only to authenticated users. A RO navigation file is stored preferably in an unprotected public area containing status bits, where each status bit identifies whether a location in a RO file contains a valid RO or not. Preferably, there is a one-to-one correspondence between the location for a RO in a RO file and a location in the RO navigation file for the status bit which identifies whether its corresponding location in the RO file contains a valid RO or not. Whether a particular location in a RO file contains a valid RO or not can be found by checking its corresponding status bit in the RO navigation file. By finding out whether a particular location in a RO file contains a valid RO or not in this manner, it is possible to delete ROs without having to go through an authentication process. The process of finding an empty slot in the RO file for storing a new RO is also simplified.

Abstract: A portable mass storage device is used to store large files such as digital pictures, movies and music. The mass storage device has firmware with security mechanisms that limit access to read write operations to ensure reliable operation of the device to prevent unwanted copying or storing of secure content such a copyrighted material. Although the security mechanisms generally limit access, the firmware is operable to work with a virtual machine and allows the virtual machine to access the secure content and work in conjunction with the firmware to read and write data to the mass storage memory, if the virtual machine is present. The virtual machine is either loaded but not activated at the time of manufacture, or is downloaded and activated post manufacture. Any royalty for the virtual machine is paid for only if and when the virtual machine is both present and activated in the device.

Abstract: A method of accessing content includes installing a file system filter for a secure removable memory device on a host device. A challenge is sent from the file system filter to a software entity on the host device, and a software entity response is received at the file system filter in response to the challenge. A file system filter response is calculated at the file system filter using the challenge, and access to first content on the secure removable memory device is provided if the software entity response matches the file system filter response.

Abstract: A method for distributing digital content is disclosed. The method includes receiving, at an operator of a wireless communications network, a request for digital content from a first mobile device. The method further includes determining, at the operator, that a second mobile device has the digital content.

Abstract: The memory device contains control structures that allow media content to be stored securely and distributed in a manner envisioned by the content owner, or service providers involved in the distribution. A wide variety of different avenues become available for distributing media content using such memory devices, such as where the devices contain one or more of the following: abridged preview media content, encrypted unabridged media content, prepaid content, rights and/or rules governing access to such content. The memory device has a type of control structures that enable a service provider (who can also be the content owner) to create a secure environment for media content distribution where end users and terminals register with the service provider, and gain access to the content in a manner controlled by the service provider. The various components to be loaded (e.g.

Abstract: A portable mass storage device is used to store large files such as digital pictures, movies and music. The mass storage device has firmware with security mechanisms that limit access to read write operations to ensure reliable operation of the device to prevent unwanted copying or storing of secure content such a copyrighted material. Although the security mechanisms generally limit access, the firmware is operable to work with a virtual machine and allows the virtual machine to access the secure content and work in conjunction with the firmware to read and write data to the mass storage memory, if the virtual machine is present. The virtual machine is either loaded but not activated at the time of manufacture, or is downloaded and activated post manufacture. Any royalty for the virtual machine is paid for only if and when the virtual machine is both present and activated in the device.

Abstract: Methods and apparatus for allowing different mapping implementations, including a many-to-one logical to physical block mapping, to be used within a memory system are disclosed. According to one aspect of the present invention, a method for mapping a plurality of logical blocks to a physical block includes identifying a first logical block meets at least one criterion. The method also includes identifying a second logical block which is substantially complementary to the first logical block, and providing contents associated with the first logical block and contents associated with the second logical block to the physical block.

Abstract: The owner of proprietor interest is in a better position to control access to the encrypted content in the medium if the encryption-decryption key is stored in the medium itself and substantially inaccessible to external devices. Only those host devices with the proper credentials are able to access the key. An access policy may be stored which grants different permissions (e.g. to different authorized entities) for accessing data stored in the medium. A system incorporating a combination of the two above features is particularly advantageous. On the one hand, the content owner or proprietor has the ability to control access to the content by using keys that are substantially inaccessible to external devices and at the same time has the ability to grant different permissions for accessing content in the medium. Thus, even where external devices gain access, their access may still be subject to the different permissions set by the content owner or proprietor recorded in the storage medium.

Abstract: A system and method are disclosed for testing operation of a memory card within an electronic host device. The system includes a flat flexible cable, or strip, for electrically coupling between the memory card slot in a host device and a test assembly. The test assembly may have a card slot for accepting an external memory card, and a debug header for receiving a cable connected to a debug apparatus such as a logic analyzer and/or an oscilloscope.

Abstract: A system and method are disclosed for testing operation of a memory card within an electronic host device. The system includes a flat flexible cable, or strip, for electrically coupling between the memory card slot in a host device and a test assembly. The test assembly may have a card slot for accepting an external memory card, and a debug header for receiving a cable connected to a debug apparatus such as a logic analyzer and/or an oscilloscope.

Abstract: A first storage unit is bound to a second storage unit based on a binding type associated with content on the first storage unit, the first storage unit being operated through a first host device, and the second storage unit being operated through a second host device. When content on the first storage unit is requested in the first host device, the first host device will calculate an account identifier based on the binding type associated with the requested content and send the account identifier to a server. The server will send the account identifier to the second host device, and the second storage unit will use the account identifier to calculate a credential. The credential will be sent to the first host device through the server. The credential can be used to access the requested content if the credential is valid.

Abstract: Technology for replacing a first storage unit operatively coupled to a device is provided. Content of the first storage unit is sent to a new storage unit that serves as the replacement of the first storage unit. In one embodiment, the content is first sent to a trusted third-party server and then transferred from the server to the new storage unit. A portion of the content on the new storage unit is adjusted in one embodiment to maintain content security features that were implemented in the first storage unit. The upgrading can be performed under the control of a software entity that is installed on the device. In various embodiments, the first storage unit may be bound to a third storage unit prior to the upgrade process. In such cases, the process can include measures to bind the new storage unit to the third storage unit.

Abstract: A set of code for a peripheral device is installed on a host device. The set of code is used to control access to the peripheral device from the host device. The set of code also contains one or more subsets of code that can be used by software entities on the host device for access to the peripheral device. A software entity on a host device must be successfully authenticated with the set of code installed on the host device. Once the software entity is successfully authenticated, the set of code will provide access to the one or more subsets of code specific to the software entity. The one or more subsets of code can be used by the software entity to access the peripheral device.

Abstract: A host connected to two or more memory cards includes an interface manager that assigns card identifiers to memory cards according to the types of memory cards present. The interface manager also assigns volume identifiers to partitions within memory cards. Applications use a pathname that includes a card identifier and a volume identifier to access a partition and files.

Abstract: Methods for transmitting application specific or extended commands between a host and a memory card are disclosed. Commands for an extended card protocol are embedded in messages, along with a marker, in the data or command portion of a base card transmission protocol that is used to communicate between the host and the memory card. This allows for the transmission of application specific commands that lack a corresponding command in the base card protocol. The method can be implemented on the host side at the device driver level or the file level. In order to implement a read command in the extended card protocol, a write command in the base card protocol with an encapsulated read command in the extended protocol is first sent to a logical address, followed by a read command to the same logical address. Message set identifiers associate embedded commands and data received in separate transmissions.

Abstract: Methods and apparatus for dynamically configuring a redundant area of a physical page are disclosed. According to one aspect of the present invention, a method for dynamically configuring a redundant area of a page associated with a physical block of a non-volatile memory of a memory system includes determining when at least one byte associated with the redundant area is to be altered. The byte includes error correction code (ECC) information associated with a first ECC algorithm at the time of the determination. The method also includes altering the byte when it is determined that the byte is to be altered. Altering the byte includes altering the byte to include ECC information associated with a second ECC algorithm.

Abstract: In order to create and access a secure storage account in a non-volatile memory device, an account identification value is calculated. A memory identification value is read from a first non-volatile memory device. The memory identification value and the account identification value are transmitted to a second non-volatile memory device, and a calculated credential is received. A command is transmitted to create a secure storage account in the first non-volatile memory device, where the command contains the credential and the account identification value. To access the account, a sequence is transmitted, containing the account identification value and a value based on the credential. A secure storage system contains a first non-volatile memory device that stores a memory identification value and contains a secure partition accessible using a credential, a second non-volatile memory device that can compute the credential, and a host adapted to create and access the secure partition.

Abstract: A non-volatile memory interface device contains first, second, and third communication interfaces configured for first, second, and third protocols, respectively. The device also contains a memory controller that selectively communicates between the first and second communication interfaces, and between the first and third communication interfaces. The device also contains a receptacle that can receive a removable non-volatile memory card and electrically connect the card to the second and third communication interfaces. The first communication interface may be a Universal Serial Bus Interface and may be in communicatively coupled to a USB connector. The second communication interface may be an ISO 7816 interface. A communications adapter is an enclosure containing a receptacle that can receive a non-volatile memory card and a USB connector. The USB connector is communicatively coupled with the non-volatile memory card in the receptacle.

Abstract: A method for encrypting data may generate an encryption instruction and combine it with a payload of data to form a packet. The packet is associated with a command and passed to a host file system process. The packet, now associated with a second command, is received from the host file system process. The encryption instruction and the payload of data are extracted from the packet. At least a portion of the payload of data is encrypted based on the encryption instruction. A method for decrypting data may receive a packet and generate a decryption instruction. At least a portion of the packet is decrypted using at least the decryption instruction. The second packet comprising the decrypted packet is passed to a host file system process. A third packet comprising the decrypted packet is received from the host file system process. The decrypted packet is extracted from the third packet.