Abstract: In order to create and access a secure storage account in a non-volatile memory device, an account identification value is calculated. A memory identification value is read from a first non-volatile memory device. The memory identification value and the account identification value are transmitted to a second non-volatile memory device, and a calculated credential is received. A command is transmitted to create a secure storage account in the first non-volatile memory device, where the command contains the credential and the account identification value. To access the account, a sequence is transmitted, containing the account identification value and a value based on the credential. A secure storage system contains a first non-volatile memory device that stores a memory identification value and contains a secure partition accessible using a credential, a second non-volatile memory device that can compute the credential, and a host adapted to create and access the secure partition.

Abstract: A software entity on a host device attempting to access protected content in a secure memory device must be authenticated using a challenge/response authentication mechanism before the secure file system can be accessed. A file system filter determines whether requested content is protected. If the content is protected, the file system filter provides a challenge to the software entity and generates a file system filter response using the same challenge. The software entity must then send a software entity response using the challenge to the file system filter. If the file system filter determines that the software entity response matches the file system filter response, the software entity is allowed to access the protected content through a secure file system installed on the host device for the memory device.

Abstract: One or more rights objects (RO) files may be used for storing RO's preferably in the protected area available only to authenticated users. A RO navigation file is stored preferably in an unprotected public area containing status bits, where each status bit identifies whether a location in a RO file contains a valid RO or not. Preferably, there is a one-to-one correspondence between the location for a RO in a RO file and a location in the RO navigation file for the status bit which identifies whether its corresponding location in the RO file contains a valid RO or not. Whether a particular location in a RO file contains a valid RO or not can be found by checking its corresponding status bit in the RO navigation file. By finding out whether a particular location in a RO file contains a valid RO or not in this manner, it is possible to delete ROs without having to go through an authentication process. The process of finding an empty slot in the RO file for storing a new RO is also simplified.

Abstract: In order to create and access a secure storage account in a non-volatile memory device, an account identification value is calculated. A memory identification value is read from a first non-volatile memory device. The memory identification value and the account identification value are transmitted to a second non-volatile memory device, and a calculated credential is received. A command is transmitted to create a secure storage account in the first non-volatile memory device, where the command contains the credential and the account identification value. To access the account, a sequence is transmitted, containing the account identification value and a value based on the credential. A secure storage system contains a first non-volatile memory device that stores a memory identification value and contains a secure partition accessible using a credential, a second non-volatile memory device that can compute the credential, and a host adapted to create and access the secure partition.

Abstract: Methods for transmitting application specific or extended commands between a host and a memory card are disclosed. Commands for an extended card protocol are embedded in messages, along with a marker, in the data or command portion of a base card transmission protocol that is used to communicate between the host and the memory card. This allows for the transmission of application specific commands that lack a corresponding command in the base card protocol. The method can be implemented on the host side at the device driver level or the file level. In order to implement a read command in the extended card protocol, a write command in the base card protocol with an encapsulated read command in the extended protocol is first sent to a logical address, followed by a read command to the same logical address. Message set identifiers associate embedded commands and data received in separate transmissions.

Abstract: Methods for transmitting application specific or extended commands between a host and a memory card are disclosed. Commands for an extended card protocol are embedded in messages, along with a marker, in the data or command portion of a base card transmission protocol that is used to communicate between the host and the memory card. This allows for the transmission of application specific commands that lack a corresponding command in the base card protocol. The method can be implemented on the host side at the device driver level or the file level. In order to implement a read command in the extended card protocol, a write command in the base card protocol with an encapsulated read command in the extended protocol is first sent to a logical address, followed by a read command to the same logical address. Message set identifiers associate embedded commands and data received in separate transmissions.

Abstract: Methods of storing and accessing data using a header portion of a file are disclosed. In an embodiment, a method of storing content in a non-volatile memory is disclosed. The method includes reading a content file including media content and including a trailer, storing information related to the trailer together with secure data in a header portion of a file, and storing the file to a storage element of the non-volatile memory or a memory area of a host device coupled to the non-volatile memory device.

Abstract: A secure software package for original equipment manufacturers to run in electronic devices in order to access and dynamically decrypt encrypted audio video or other content from a memory storage device such as a memory card, optical or hard disk such that the user interface of the device need only send simple commands and the decrypted content is output.

Abstract: A method for re-allocating memory partition space is provided. The method comprises determining when a first memory partition is full or has reached a threshold value, determining that a second memory partition has unused storage space that can be allocated to the first memory partition, and assigning the unused storage space from the second memory partition to the first memory partition. A memory controller embedded within the mass storage device and having an interface to an external host assigns the unused storage space from the second memory partition to the first memory partition.

Abstract: A secure software package for original equipment manufacturers to run in electronic devices in order to access and dynamically decrypt encrypted audio video or other content from a memory storage device such as a memory card, optical or hard disk such that the user interface of the device need only send simple commands and the decrypted content is output.

Abstract: Methods and apparatus for enabling a power up process of a non-volatile memory to occur efficiently are disclosed. According to one aspect of the present invention, a method for utilizing a memory system that has a non-volatile memory with at least one reserved memory area includes providing power to the memory system, initializing the non-volatile memory, and writing a first signature into the reserved memory area. The first signature is arranged to indicate that the memory system was successfully initialized. In one embodiment, the method also includes executing a power down process on the memory system, and writing a second signature into the reserved memory area which indicates that the power down process has been executed.

Abstract: One or more rights objects (RO) files may be used for storing RO's preferably in the protected area available only to authenticated users. A RO navigation file is stored preferably in an unprotected public area containing status bits, where each status bit identifies whether a location in a RO file contains a valid RO or not. Preferably, there is a one-to-one correspondence between the location for a RO in a RO file and a location in the RO navigation file for the status bit which identifies whether its corresponding location in the RO file contains a valid RO or not. Whether a particular location in a RO file contains a valid RO or not can be found by checking its corresponding status bit in the RO navigation file. By finding out whether a particular location in a RO file contains a valid RO or not in this manner, it is possible to delete ROs without having to go through an authentication process. The process of finding an empty slot in the RO file for storing a new RO is also simplified.

Abstract: A method for distributing digital content is disclosed. The method includes receiving, at an operator of a wireless communications network, a request for digital content from a first mobile device. The method further includes determining, at the operator, that a second mobile device has the digital content.

Abstract: A method of accessing content includes installing a file system filter for a secure removable memory device on a host device. A challenge is sent from the file system filter to a software entity on the host device, and a software entity response is received at the file system filter in response to the challenge. A file system filter response is calculated at the file system filter using the challenge, and access to first content on the secure removable memory device is provided if the software entity response matches the file system filter response.

Abstract: The memory device contains control structures that allow media content to be stored securely and distributed in a manner envisioned by the content owner, or service providers involved in the distribution. A wide variety of different avenues become available for distributing media content using such memory devices, such as where the devices contain one or more of the following: abridged preview media content, encrypted unabridged media content, prepaid content, rights and/or rules governing access to such content. The memory device has a type of control structures that enable a service provider (who can also be the content owner) to create a secure environment for media content distribution where end users and terminals register with the service provider, and gain access to the content in a manner controlled by the service provider. The various components to be loaded (e.g.

Abstract: Methods and apparatus for allowing different mapping implementations, including a many-to-one logical to physical block mapping, to be used within a memory system are disclosed. According to one aspect of the present invention, a method for mapping a plurality of logical blocks to a physical block includes identifying a first logical block meets at least one criterion. The method also includes identifying a second logical block which is substantially complementary to the first logical block, and providing contents associated with the first logical block and contents associated with the second logical block to the physical block.

Abstract: A system and method are disclosed for testing operation of a memory card within an electronic host device. The system includes a flat flexible cable, or strip, for electrically coupling between the memory card slot in a host device and a test assembly. The test assembly may have a card slot for accepting an external memory card, and a debug header for receiving a cable connected to a debug apparatus such as a logic analyzer and/or an oscilloscope.

Abstract: A system and method are disclosed for testing operation of a memory card within an electronic host device. The system includes a flat flexible cable, or strip, for electrically coupling between the memory card slot in a host device and a test assembly. The test assembly may have a card slot for accepting an external memory card, and a debug header for receiving a cable connected to a debug apparatus such as a logic analyzer and/or an oscilloscope.

Abstract: Technology for replacing a first storage unit operatively coupled to a device is provided. Content of the first storage unit is sent to a new storage unit that serves as the replacement of the first storage unit. In one embodiment, the content is first sent to a trusted third-party server and then transferred from the server to the new storage unit. A portion of the content on the new storage unit is adjusted in one embodiment to maintain content security features that were implemented in the first storage unit. The upgrading can be performed under the control of a software entity that is installed on the device. In various embodiments, the first storage unit may be bound to a third storage unit prior to the upgrade process. In such cases, the process can include measures to bind the new storage unit to the third storage unit.

Abstract: A set of code for a peripheral device is installed on a host device. The set of code is used to control access to the peripheral device from the host device. The set of code also contains one or more subsets of code that can be used by software entities on the host device for access to the peripheral device. A software entity on a host device must be successfully authenticated with the set of code installed on the host device. Once the software entity is successfully authenticated, the set of code will provide access to the one or more subsets of code specific to the software entity. The one or more subsets of code can be used by the software entity to access the peripheral device.