Abstract: Method and system for transferring encrypted content from a server to a storage device are provided. The method includes encrypting the content using a first key, wherein the server encrypts the content; establishing a secure communication channel between the server and the storage device using a random session key; sending the first key to the storage device via the secure communication channel; replacing the random session key with the first key; sending the encrypted content to the storage device after the random session key is replaced with the first key; decrypting the encrypted content using the first key, wherein the storage device decrypts the encrypted content; re-encrypting the decrypted content using a second key generated by the storage device; and storing the re-encrypted content at the storage device.

Abstract: A method of accessing content includes installing a file system filter for a secure removable memory device on a host device. A challenge is sent from the file system filter to a software entity on the host device, and a software entity response is received at the file system filter in response to the challenge. A file system filter response is calculated at the file system filter using the challenge, and access to first content on the secure removable memory device is provided if the software entity response matches the file system filter response.

Abstract: A software entity on a host device attempting to access protected content in a secure memory device must be authenticated using a challenge/response authentication mechanism before the secure file system can be accessed. A file system filter determines whether requested content is protected. If the content is protected, the file system filter provides a challenge to the software entity and generates a file system filter response using the same challenge. The software entity must then send a software entity response using the challenge to the file system filter. If the file system filter determines that the software entity response matches the file system filter response, the software entity is allowed to access the protected content through a secure file system installed on the host device for the memory device.

Abstract: A method of installing an application on a SIM card is disclosed. A host agent in a host device installs an application on a Subscriber Identity Module card from a non-volatile storage device. The host agent coordinates mutual authentication between the non-volatile storage device and a Subscriber Identity Module card in the host device. If the mutual authentication is successful, the host agent reads an application from the non-volatile storage device and installs the application on the Subscriber Identity Module card, wherein installing the application enables the Subscriber Identity Module card to execute the application. The application may be protected from tampering or unauthorized copying during the host agent transfer by creation of a secure communication channel or transferring encrypted applications. The Subscriber Identity Module card may verify the signature associated with an application before installation to prevent the installation of unauthorized or tampered applications.

Abstract: Methods, systems, and architectures for multiplatform booting from a portable module with nonvolatile memory. Preferably the portable module carries the correct binaries for booting multiple system architectures, together with a table from which the host, at power-up, can calculate the correct offset to load the appropriate binary.

Abstract: A portable flash memory storage device such as a memory card can configure a host device upon insertion. The configuration may specify applications or other sequences of operations to be executed by the host upon insertion of the card. Files on the card may be associated with an appropriate application and then automatically opened with the appropriate application. A secure configuration may override a more freely modifiable configuration in certain embodiments.

Abstract: A portable flash memory storage device such as a memory card can configure a host device upon insertion. The configuration may specify applications or other sequences of operations to be executed by the host upon insertion of the card. Files on the card may be associated with an appropriate application and then automatically opened with the appropriate application. A secure configuration may override a more freely modifiable configuration in certain embodiments.

Abstract: A method for re-allocating memory partition space is provided. The method comprises determining when a first memory partition is full or has reached a threshold value, determining that a second memory partition has unused storage space that can be allocated to the first memory partition, and assigning the unused storage space from the second memory partition to the first memory partition. A memory controller embedded within the mass storage device and having an interface to an external host assigns the unused storage space from the second memory partition to the first memory partition.

Abstract: A method of accessing content includes installing a file system filter for a secure removable memory device on a host device. A challenge is sent from the file system filter to a software entity on the host device, and a software entity response is received at the file system filter in response to the challenge. A file system filter response is calculated at the file system filter using the challenge, and access to first content on the secure removable memory device is provided if the software entity response matches the file system filter response.

Abstract: The memory device contains control structures that allow media content to be stored securely and distributed in a manner envisioned by the content owner, or service providers involved in the distribution. A wide variety of different avenues become available for distributing media content using such memory devices, such as where the devices contain one or more of the following: abridged preview media content, encrypted unabridged media content, prepaid content, rights and/or rules governing access to such content. The memory device has a type of control structures that enable a service provider (who can also be the content owner) to create a secure environment for media content distribution where end users and terminals register with the service provider, and gain access to the content in a manner controlled by the service provider. The various components to be loaded (e.g.

Abstract: The memory device contains control structures that allow media content to be stored securely and distributed in a manner envisioned by the content owner, or service providers involved in the distribution. A wide variety of different avenues become available for distributing media content using such memory devices, such as where the devices contain one or more of the following: abridged preview media content, encrypted unabridged media content, prepaid content, rights and/or rules governing access to such content. The memory device has a type of control structures that enable a service provider (who can also be the content owner) to create a secure environment for media content distribution where end users and terminals register with the service provider, and gain access to the content in a manner controlled by the service provider. The various components to be loaded (e.g.

Abstract: The memory device contains control structures that allow media content to be stored securely and distributed in a manner envisioned by the content owner, or service providers involved in the distribution. A wide variety of different avenues become available for distributing media content using such memory devices, such as where the devices contain one or more of the following: abridged preview media content, encrypted unabridged media content, prepaid content, rights and/or rules governing access to such content. The memory device has a type of control structures that enable a service provider (who can also be the content owner) to create a secure environment for media content distribution where end users and terminals register with the service provider, and gain access to the content in a manner controlled by the service provider. The various components to be loaded (e.g.

Abstract: The memory device contains control structures that allow media content to be stored securely and distributed in a manner envisioned by the content owner, or service providers involved in the distribution. A wide variety of different avenues become available for distributing media content using such memory devices, such as where the devices contain one or more of the following: abridged preview media content, encrypted unabridged media content, prepaid content, rights and/or rules governing access to such content. The memory device has a type of control structures that enable a service provider (who can also be the content owner) to create a secure environment for media content distribution where end users and terminals register with the service provider, and gain access to the content in a manner controlled by the service provider. The various components to be loaded (e.g.

Abstract: A software entity on a host device attempting to access protected content in a secure memory device must be authenticated using a challenge/response authentication mechanism before the secure file system can be accessed. A file system filter determines whether requested content is protected. If the content is protected, the file system filter provides a challenge to the software entity and generates a file system filter response using the same challenge. The software entity must then send a software entity response using the challenge to the file system filter. If the file system filter determines that the software entity response matches the file system filter response, the software entity is allowed to access the protected content through a secure file system installed on the host device for the memory device.

Abstract: Method and system for transferring encrypted content from a server to a storage device are provided. The method includes encrypting the content using a first key, wherein the server encrypts the content; establishing a secure communication channel between the server and the storage device using a random session key; sending the first key to the storage device via the secure communication channel; replacing the random session key with the first key; sending the encrypted content to the storage device after the random session key is replaced with the first key; decrypting the encrypted content using the first key, wherein the storage device decrypts the encrypted content; re-encrypting the decrypted content using a second key generated by the storage device; and storing the re-encrypted content at the storage device.

Abstract: A method for re-allocating memory partition space is provided. The method comprises determining when a first memory partition is full or has reached a threshold value, determining that a second memory partition has unused storage space that can be allocated to the first memory partition, and assigning the unused storage space from the second memory partition to the first memory partition. A memory controller embedded within the mass storage device and having an interface to an external host assigns the unused storage space from the second memory partition to the first memory partition.

Abstract: A portable flash memory storage device such as a memory card can configure a host device upon insertion. The configuration may specify applications or other sequences of operations to be executed by the host upon insertion of the card. Files on the card may be associated with an appropriate application and then automatically opened with the appropriate application. A secure configuration may override a more freely modifiable configuration in certain embodiments.

Abstract: A portable flash memory storage device such as a memory card can configure a host device upon insertion. The configuration may specify applications or other sequences of operations to be executed by the host upon insertion of the card. Files on the card may be associated with an appropriate application and then automatically opened with the appropriate application. A secure configuration may override a more freely modifiable configuration in certain embodiments.

Abstract: A mass storage memory system and a method for re-allocating memory partition space is provided. The storage system includes a memory controller with a microprocessor that is adapted to receive data via a logical interface from a host system; a first memory partition with a system area and a data area; and a second memory partition with a system area and a data area; wherein the memory controller re-allocates memory space from the second memory partition to the first memory partition that is either full or has reached a threshold value, by using a virtual block address for the system area and the data area such that the system area and the data area appear contiguous to the host system.

Abstract: Methods, systems, and architectures for multiplatform booting from a portable module with nonvolatile memory. Preferably the portable module carries the correct binaries for booting multiple system architectures, together with a table from which the host, at power-up, can calculate the correct offset to load the appropriate binary.