Abstract: Some demonstrative embodiments of the invention include a method, device and/or system to selectively operate a host connected to a token. The device may include, for example, a host processor to communicate with the token; and a secure module including a secure unit; and a controller to authenticate an identity of the token and, based on the identity, to selectively allow the secure unit to interact with another unit of the host. Other embodiments are described and claimed.

Abstract: Some demonstrative embodiments of the invention include a method, device and/or system to encrypt and/or decrypt data. In one demonstrative embodiment, the device may include, for example, a storage; and an encryption/decryption module to: receive externally-encrypted data to be stored in the storage, wherein the externally-encrypted data is encrypted using an external key; decrypt the externally-encrypted data using the external key to generate decrypted data; and encrypt the decrypted data using a securely maintained internal key to generate internally-encrypted data. Other embodiments are described and claimed.

Abstract: The owner of proprietor interest is in a better position to control access to the encrypted content in the medium if the encryption-decryption key is stored in the medium itself and substantially inaccessible to external devices. Only those host devices with the proper credentials are able to access the key. An access policy may be stored which grants different permissions (e.g. to different authorized entities) for accessing data stored in the medium. A system incorporating a combination of the two above features is particularly advantageous. On the one hand, the content owner or proprietor has the ability to control access to the content by using keys that are substantially inaccessible to external devices and at the same time has the ability to grant different permissions for accessing content in the medium. Thus, even where external devices gain access, their access may still be subject to the different permissions set by the content owner or proprietor recorded in the storage medium.

Abstract: The throughput of the memory system is improved where data in a data stream is cryptographically processed by a circuit without involving intimately any controller. The data stream is preferably controlled so that it has a selected data source among a plurality of sources and a selected destination among a plurality of destinations, all without involving the controller. The cryptographic circuit may preferably be configured to enable the processing of multiple pages, selection of one or more cryptographic algorithms among a plurality of algorithms to encryption and/or decryption without involving a controller, and to process data cryptographically in multiple successive stages without involvement of the controller. For a memory system cryptographically processing data from multiple data streams in an interleaved manner, when a session is interrupted, security configuration information may be lost so that it may become impossible to continue the process when the session is resumed.

Abstract: Some demonstrative embodiments of the invention include a method, device and/or system of selectively accessing data. An apparatus able to selectively access classified data, include, according to some demonstrative embodiments of the invention, a storage to store a plurality of encrypted classified files; an encryption module; a secure memory to securely store a plurality of keys to decrypt the classified files and access information related to the classified files; and a controller to selectively enable the encryption module to decrypt a requested file of the classified files using a key of said plurality of keys based on access information related to said requested file. Other embodiments are described and claimed.

Abstract: A secure memory card with encryption capabilities comprises various life cycle states that allow for testing of the hardware and software of the card in certain of the states. The testing mechanisms are disabled in certain other of the states thus closing potential back doors to secure data and cryptographic keys. Controlled availability and generation of the keys required for encryption and decryption of data is such that even if back doors are accessed that previously encrypted data is impossible to decrypt and thus worthless even if a back door is found and maliciously pried open.

Abstract: Some demonstrative embodiments of the invention include a method, device an/or system of securely storing data, for example, by preventing unauthorized disclosure of the stored data, and/or ensuring the integrity of the stored data. An apparatus able to securely store data may include, according to some demonstrative embodiments of the invention, a secure control configuration, which may include a secure memory to securely store a key; an encryption module to generate an encrypted record by encrypting a data record to be stored using the key; and a controller to generate authentication information for authenticating the integrity of the encrypted record based on the key. The apparatus may also include a storage for storing the encrypted record and the authentication information. Other embodiments are described and claimed.