Patents by Inventor Fabrice Jogand-Coulomb
Fabrice Jogand-Coulomb has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8245031Abstract: Host devices present both the host certificate and the pertinent certificate revocation lists to the memory device for authentication so that the memory device need not obtain the list on its own. Processing of the certificate revocation list and searching for the certificate identification may be performed concurrently by the memory device. The certificate revocation lists for authenticating host devices to memory devices may be stored in an unsecured area of the memory device for convenience of users.Type: GrantFiled: November 6, 2006Date of Patent: August 14, 2012Assignee: SanDisk Technologies Inc.Inventors: Michael Holtzman, Ron Barzilai, Rotem Sela, Fabrice Jogand-Coulomb
-
Patent number: 8220039Abstract: A portable mass storage device for use in two factor authentication systems and methods. A secure portable mass storage device protects content from being freely copied with security mechanisms and firmware. The security functionality also protects confidential user credentials and passwords, as well as algorithms and seeds needed for two factor authentication or asymmetric authentication methods. A client application residing in the mass storage device acts as both a password manager and an authentication manager that seamlessly performs the authentication procedures in the background while signing a user into various institutions of his choosing. A very high level of security is integrated into a mass storage device the user has for purposes other than two factor authentication, and the convenience of highly secure password management also comes in a convenient pocket sized package easy for the user to transport.Type: GrantFiled: February 26, 2010Date of Patent: July 10, 2012Assignee: SanDisk Technologies Inc.Inventors: Carlos J. Gonzalez, Joerg Ferchau, Fabrice Jogand-Coulomb
-
Publication number: 20120173593Abstract: A method and system of managing data in a storage device is provided. The method includes receiving a request to store content in a storage device. If the content is discardable content, the content is divided into a plurality of discardable data objects, each associated with at least one type of discarding priority data. The discardable data objects in the storage device are managed based on the discarding priority data associated with each discardable data object. Management of discardable objects may include selection and deletion of discardable objects based on discarding priority data, as well as further subdivision of existing discardable objects, to maintain a desired amount of free space on the storage device. The system may include a host having a processor and a storage device interface configured to execute the method, or a storage device having a processor configured to execute the disclosed methods.Type: ApplicationFiled: December 30, 2011Publication date: July 5, 2012Inventors: Fabrice Jogand-Coulomb, Shalin Patel, Brendan Kavanagh, Judah Gamliel Hahn
-
Publication number: 20120173594Abstract: A method and system of managing data in a storage device is provided. The method includes receiving a request to store content in a storage device. If the content is discardable content, the content is divided into a plurality of discardable data objects, each associated with at least one type of discarding priority data. The discardable data objects in the storage device are managed based on the discarding priority data associated with each discardable data object. Management of discardable objects may include selection and deletion of discardable objects based on discarding priority data, as well as further subdivision of existing discardable objects, to maintain a desired amount of free space on the storage device. The system may include a host having a processor and a storage device interface configured to execute the method, or a storage device having a processor configured to execute the disclosed methods.Type: ApplicationFiled: December 30, 2011Publication date: July 5, 2012Inventors: Fabrice Jogand-Coulomb, Shalin Patel, Brendan Kavanagh, Judah Gamliel Hahn
-
Publication number: 20120159644Abstract: One or more rights objects (RO) files may be used for storing RO's preferably in the protected area available only to authenticated users. A RO navigation file is stored preferably in an unprotected public area containing status bits, where each status bit identifies whether a location in a RO file contains a valid RO or not. Preferably, there is a one-to-one correspondence between the location for a RO in a RO file and a location in the RO navigation file for the status bit which identifies whether its corresponding location in the RO file contains a valid RO or not. Whether a particular location in a RO file contains a valid RO or not can be found by checking its corresponding status bit in the RO navigation file. By finding out whether a particular location in a RO file contains a valid RO or not in this manner, it is possible to delete ROs without having to go through an authentication process. The process of finding an empty slot in the RO file for storing a new RO is also simplified.Type: ApplicationFiled: February 20, 2012Publication date: June 21, 2012Inventors: Oktay Rasizade, Bahman Qawami, Fabrice Jogand-Coulomb, Robert C. Chang, Farshid Sabet-Sharghi
-
Publication number: 20120151576Abstract: In order to create and access a secure storage account in a non-volatile memory device, an account identification value is calculated. A memory identification value is read from a first non-volatile memory device. The memory identification value and the account identification value are transmitted to a second non-volatile memory device, and a calculated credential is received. A command is transmitted to create a secure storage account in the first non-volatile memory device, where the command contains the credential and the account identification value. To access the account, a sequence is transmitted, containing the account identification value and a value based on the credential. A secure storage system contains a first non-volatile memory device that stores a memory identification value and contains a secure partition accessible using a credential, a second non-volatile memory device that can compute the credential, and a host adapted to create and access the secure partition.Type: ApplicationFiled: February 21, 2012Publication date: June 14, 2012Inventors: Po Yuan, Javier Cañis Robles, Mei Yan, Fabrice Jogand-Coulomb, Ahmet Altay, Bahman Qawami, Patricia Dwyer, Robert Chin-Tse Chang, Oktay Rasizade, Farshid Sabet-Sharghi
-
Publication number: 20120137355Abstract: A method for accessing content stored on a memory device is provided. In this method, a request to access the content is transmitted and a session ticket is received. The session ticket includes a parameter used to decrypt the content and the session ticket is generated based on a variable that is configured to change at a session. The content may be accessed based on the session ticket.Type: ApplicationFiled: November 18, 2011Publication date: May 31, 2012Inventors: Fabrice Jogand-Coulomb, Haluk Kent Tanik, Oktay Rasizade
-
Patent number: 8156563Abstract: One or more rights objects (RO) files may be used for storing RO's preferably in the protected area available only to authenticated users. A RO navigation file is stored preferably in an unprotected public area containing status bits, where each status bit identifies whether a location in a RO file contains a valid RO or not. Preferably, there is a one-to-one correspondence between the location for a RO in a RO file and a location in the RO navigation file for the status bit which identifies whether its corresponding location in the RO file contains a valid RO or not. Whether a particular location in a RO file contains a valid RO or not can be found by checking its corresponding status bit in the RO navigation file. By finding out whether a particular location in a RO file contains a valid RO or not in this manner, it is possible to delete ROs without having to go through an authentication process. The process of finding an empty slot in the RO file for storing a new RO is also simplified.Type: GrantFiled: November 18, 2005Date of Patent: April 10, 2012Assignee: SanDisk Technologies Inc.Inventors: Oktay Rasizade, Bahman Qawami, Fabrice Jogand-Coulomb, Robert C. Chang, Farshid Sabet-Sharghi
-
Patent number: 8156255Abstract: A portable mass storage device is used to store large files such as digital pictures, movies and music. The mass storage device has firmware with security mechanisms that limit access to read write operations to ensure reliable operation of the device to prevent unwanted copying or storing of secure content such a copyrighted material. Although the security mechanisms generally limit access, the firmware is operable to work with a virtual machine and allows the virtual machine to access the secure content and work in conjunction with the firmware to read and write data to the mass storage memory, if the virtual machine is present. The virtual machine is either loaded but not activated at the time of manufacture, or is downloaded and activated post manufacture. Any royalty for the virtual machine is paid for only if and when the virtual machine is both present and activated in the device.Type: GrantFiled: April 19, 2010Date of Patent: April 10, 2012Assignee: SanDisk Technologies Inc.Inventors: Fabrice Jogand-Coulomb, Bahman Qawami, Farshid Sabet-Shargi, Carlos J. Gonzalez
-
Patent number: 8146153Abstract: In order to create and access a secure storage account in a non-volatile memory device, an account identification value is calculated. A memory identification value is read from a first non-volatile memory device. The memory identification value and the account identification value are transmitted to a second non-volatile memory device, and a calculated credential is received. A command is transmitted to create a secure storage account in the first non-volatile memory device, where the command contains the credential and the account identification value. To access the account, a sequence is transmitted, containing the account identification value and a value based on the credential. A secure storage system contains a first non-volatile memory device that stores a memory identification value and contains a secure partition accessible using a credential, a second non-volatile memory device that can compute the credential, and a host adapted to create and access the secure partition.Type: GrantFiled: December 31, 2007Date of Patent: March 27, 2012Assignee: Sandisk Technologies Inc.Inventors: Po Yuan, Javier Cañis Robles, Mei Yan, Fabrice Jogand-Coulomb, Ahmet Altay, Bahman Qawami, Patricia Dwyer, Robert Chin-Tse Chang, Oktay Rasizade, Farshid Sabet-Sharghi
-
Patent number: 8140843Abstract: Continuous strings of certificates in a certificate chain received by a memory device sequentially in the same order that the strings are verified. Each string except for the last may be overwritten by the next one in the sequence.Type: GrantFiled: November 6, 2006Date of Patent: March 20, 2012Assignee: SanDisk Technologies Inc.Inventors: Michael Holtzman, Ron Barzilai, Rotem Sela, Fabrice Jogand-Coulomb
-
Patent number: 8079071Abstract: A method for accessing content stored on a memory device is provided. In this method, a request to access the content is transmitted and a session ticket is received. The session ticket includes a parameter used to decrypt the content and the session ticket is generated based on a variable that is configured to change at a session. The content may be accessed based on the session ticket.Type: GrantFiled: November 14, 2006Date of Patent: December 13, 2011Assignee: SanDisk Technologies, Inc.Inventors: Fabrice Jogand-Coulomb, Haluk Kent Tanik, Oktay Rasizade
-
Patent number: 8069298Abstract: Methods of storing and accessing data using a header portion of a file are disclosed. In an embodiment, a method of storing content in a non-volatile memory is disclosed. The method includes reading a content file including media content and including a trailer, storing information related to the trailer together with secure data in a header portion of a file, and storing the file to a storage element of the non-volatile memory or a memory area of a host device coupled to the non-volatile memory device.Type: GrantFiled: June 29, 2007Date of Patent: November 29, 2011Assignee: SanDisk Technologies Inc.Inventors: Robert C. Chang, Po Yuan, Bahman Qawami, Farshid Sabet-sharghi, Junzhi Wang, Xian Jun Liu, Chieh-Hao Yang, June Li, Mei Yan, Fabrice Jogand-Coulomb
-
Patent number: 8051052Abstract: The mobile storage device may be provided with a system agent that is able to create at least one hierarchical tree comprising nodes at different levels for controlling access to data stored in the memory by corresponding entities. Each node of the tree specifies permission or permissions of a corresponding entity or entities for accessing memory data. The permission or permissions at the node of each of the trees has a predetermined relationship to permission or permissions at nodes at a higher or lower or the same level in the same tree. Thus, the mobile storage devices may be issued without any trees already created so that the purchaser of the devices has a free hand in creating hierarchical trees adapted to the applications the purchaser has in mind. Alternatively, the mobile storage devices may also be issued with the trees already created so that a purchaser does not have to go through the trouble of creating the trees.Type: GrantFiled: December 20, 2005Date of Patent: November 1, 2011Assignee: SanDisk Technologies Inc.Inventors: Fabrice Jogand-Coulomb, Michael Holtzman, Bahman Qawami, Ron Barzilai
-
Publication number: 20110131421Abstract: A method of installing an application on a SIM card is disclosed. A host agent in a host device installs an application on a Subscriber Identity Module card from a non-volatile storage device. The host agent coordinates mutual authentication between the non-volatile storage device and a Subscriber Identity Module card in the host device. If the mutual authentication is successful, the host agent reads an application from the non-volatile storage device and installs the application on the Subscriber Identity Module card, wherein installing the application enables the Subscriber Identity Module card to execute the application. The application may be protected from tampering or unauthorized copying during the host agent transfer by creation of a secure communication channel or transferring encrypted applications. The Subscriber Identity Module card may verify the signature associated with an application before installation to prevent the installation of unauthorized or tampered applications.Type: ApplicationFiled: December 2, 2009Publication date: June 2, 2011Inventors: Fabrice Jogand-Coulomb, Mei Yan, Javier Cañís Robles, Paul McAvoy
-
Publication number: 20110119767Abstract: A method and system of binding content at first access is disclosed. A non-volatile storage device may provide a content access script and a content binding script in order to access protected content. An accessing application may attempt to access the protected content by executing a content access script. The accessing application must have permission to access and execute the content access script. If the accessing application cannot access or execute the content access script, the accessing application may access and execute the content binding script. The content binding script contains instructions that enable the accessing application to successfully execute the content access script. The content binding script, when executed, may disable itself from being executed again by moving critical information associated with the access to protected data. Thus, the content binding script may be executed once to enable an accessing application to successfully execute the content access script.Type: ApplicationFiled: November 16, 2009Publication date: May 19, 2011Inventors: Oktay Rasizade, Haluk Kent Tanik, Fabrice Jogand-Coulomb
-
Patent number: 7917697Abstract: A portable flash memory storage device such as a memory card can configure a host device upon insertion. The configuration may specify applications or other sequences of operations to be executed by the host upon insertion of the card. Files on the card may be associated with an appropriate application and then automatically opened with the appropriate application. A secure configuration may override a more freely modifiable configuration in certain embodiments.Type: GrantFiled: June 27, 2007Date of Patent: March 29, 2011Assignee: SanDisk CorporationInventors: Paul McAvoy, Fabrice Jogand-Coulomb, Pascal Caillon, Benjamin Vigier, Chieh-Hao Yang
-
Publication number: 20110066772Abstract: Method for utilizing digital content is provided. The method includes controlling a throughput rate for utilizing the digital content by an accessing system, where the throughput rate is associated with information related to the digital content and is stored as a file. The throughput rate is controlled by a storage system that is operationally coupled to the accessing system.Type: ApplicationFiled: November 10, 2010Publication date: March 17, 2011Applicant: SANDISK CORPORATIONInventor: Fabrice JOGAND-COULOMB
-
Publication number: 20110061096Abstract: Method for utilizing digital content is provided. The method includes controlling a throughput rate for utilizing the digital content by an accessing system, where the throughput rate is associated with information related to the digital content and is stored as a file. The throughput rate is controlled by a storage system that is operationally coupled to the accessing system.Type: ApplicationFiled: November 10, 2010Publication date: March 10, 2011Applicant: SANDISK CORPORATIONInventor: FABRICE JOGAND-COULOMB
-
Publication number: 20100333155Abstract: Content is created at a first location using a video camera or other device. At least a subset of the created content is stored in non-volatile storage at the first location. At least a portion of the content stored in the non-volatile storage is transmitted to a remote entity via a network in response to a trigger. For example, a video camera may send video data to a server or other client. If the network becomes unavailable, the camera will store the video in a local flash memory and when the network becomes available, the camera can transmit the video from the flash memory to the server or other client. Alternatively, the camera may transmit low resolution video to the server while storing a high resolution version of the video in the local flash memory. If a trigger event occurs, the camera will then send the appropriate high resolution video the local flash memory to the server.Type: ApplicationFiled: June 30, 2009Publication date: December 30, 2010Inventors: Philip David Royall, Kinshuk Rakshit, Kevin Patrick Kealy, Fabrice Jogand-Coulomb, Itzhak Pomerantz