Abstract: A method for encrypting data may generate an encryption instruction and combine it with a payload of data to form a packet. The packet is associated with a command and passed to a host file system process. The packet, now associated with a second command, is received from the host file system process. The encryption instruction and the payload of data are extracted from the packet. At least a portion of the payload of data is encrypted based on the encryption instruction. A method for decrypting data may receive a packet and generate a decryption instruction. At least a portion of the packet is decrypted using at least the decryption instruction. The second packet comprising the decrypted packet is passed to a host file system process. A third packet comprising the decrypted packet is received from the host file system process. The decrypted packet is extracted from the third packet.

Abstract: A memory device and method for content virtualization are disclosed. In one embodiment, a plurality of directories are created in the memory of the memory device, wherein each of the plurality of directories points to a same storage location of the digital content. In another embodiment, a first header for the digital content is stored in each of the different directories, wherein the first header comprises information about where to find the digital content in the memory. In yet another embodiment, the memory device comprises circuitry that receives an identification of a host device in communication with the memory device and reorganizes a directory structure of the memory in accordance with the identification of the host device, wherein the reorganization results in the digital content appearing to be located in a directory expected by the host device.

Abstract: A memory device and method for content virtualization are disclosed. In one embodiment, a plurality of directories are created in the memory of the memory device, wherein each of the plurality of directories points to a same storage location of the digital content. In another embodiment, a first header for the digital content is stored in each of the different directories, wherein the first header comprises information about where to find the digital content in the memory. In yet another embodiment, the memory device comprises circuitry that receives an identification of a host device in communication with the memory device and reorganizes a directory structure of the memory in accordance with the identification of the host device, wherein the reorganization results in the digital content appearing to be located in a directory expected by the host device.

Abstract: In order to create and access a secure storage account in a non-volatile memory device, an account identification value is calculated. A memory identification value is read from a first non-volatile memory device. The memory identification value and the account identification value are transmitted to a second non-volatile memory device, and a calculated credential is received. A command is transmitted to create a secure storage account in the first non-volatile memory device, where the command contains the credential and the account identification value. To access the account, a sequence is transmitted, containing the account identification value and a value based on the credential. A secure storage system contains a first non-volatile memory device that stores a memory identification value and contains a secure partition accessible using a credential, a second non-volatile memory device that can compute the credential, and a host adapted to create and access the secure partition.

Abstract: A method for encrypting data may generate an encryption instruction and combine it with a payload of data to form a packet. The packet is associated with a command and passed to a host file system process. The packet, now associated with a second command, is received from the host file system process. The encryption instruction and the payload of data are extracted from the packet. At least a portion of the payload of data is encrypted based on the encryption instruction. A method for decrypting data may receive a packet and generate a decryption instruction. At least a portion of the packet is decrypted using at least the decryption instruction. The second packet comprising the decrypted packet is passed to a host file system process. A third packet comprising the decrypted packet is received from the host file system process. The decrypted packet is extracted from the third packet.

Abstract: A method and system of controlling access to a hardware or software feature provided by a host is disclosed. An application seeking authorization to access a feature transmits a credential and an index to a host agent within the host. The index is associated with the requested feature. The host agent reads credential validation data from a storage location corresponding to the index in a non-volatile storage device in communication with the host. The validity of the credential is determined based on the credential validation data, and an authorization is transmitted if the credential is valid. A third party can control the outcome of the validity determination by sending an instruction to the host to replace the credential validation data with invalid data that causes the validity test to fail. The third party can also control the non-volatile storage device data used by the application to calculate the credential.

Abstract: Methods for transmitting application specific or extended commands between a host and a memory card are disclosed. Commands for an extended card protocol are embedded in messages, along with a marker, in the data or command portion of a base card transmission protocol that is used to communicate between the host and the memory card. This allows for the transmission of application specific commands that lack a corresponding command in the base card protocol. The method can be implemented on the host side at the device driver level or the file level. In order to implement a read command in the extended card protocol, a write command in the base card protocol with an encapsulated read command in the extended protocol is first sent to a logical address, followed by a read command to the same logical address. Message set identifiers associate embedded commands and data received in separate transmissions.

Abstract: In order to create and access a secure storage account in a non-volatile memory device, an account identification value is calculated. A memory identification value is read from a first non-volatile memory device. The memory identification value and the account identification value are transmitted to a second non-volatile memory device, and a calculated credential is received. A command is transmitted to create a secure storage account in the first non-volatile memory device, where the command contains the credential and the account identification value. To access the account, a sequence is transmitted, containing the account identification value and a value based on the credential. A secure storage system contains a first non-volatile memory device that stores a memory identification value and contains a secure partition accessible using a credential, a second non-volatile memory device that can compute the credential, and a host adapted to create and access the secure partition.

Abstract: In order to create and access a secure storage account in a non-volatile memory device, an account identification value is calculated. A memory identification value is read from a first non-volatile memory device. The memory identification value and the account identification value are transmitted to a second non-volatile memory device, and a calculated credential is received. A command is transmitted to create a secure storage account in the first non-volatile memory device, where the command contains the credential and the account identification value. To access the account, a sequence is transmitted, containing the account identification value and a value based on the credential. A secure storage system contains a first non-volatile memory device that stores a memory identification value and contains a secure partition accessible using a credential, a second non-volatile memory device that can compute the credential, and a host adapted to create and access the secure partition.

Abstract: Methods for transmitting application specific or extended commands between a host and a memory card are disclosed. Commands for an extended card protocol are embedded in messages, along with a marker, in the data or command portion of a base card transmission protocol that is used to communicate between the host and the memory card. This allows for the transmission of application specific commands that lack a corresponding command in the base card protocol. The method can be implemented on the host side at the device driver level or the file level. In order to implement a read command in the extended card protocol, a write command in the base card protocol with an encapsulated read command in the extended protocol is first sent to a logical address, followed by a read command to the same logical address. Message set identifiers associate embedded commands and data received in separate transmissions.

Abstract: A memory device and method for content virtualization are disclosed. In one embodiment, a plurality of directories are created in the memory of the memory device, wherein each of the plurality of directories points to a same storage location of the digital content. In another embodiment, a first header for the digital content is stored in each of the different directories, wherein the first header comprises information about where to find the digital content in the memory. In yet another embodiment, the memory device comprises circuitry that receives an identification of a host device in communication with the memory device and reorganizes a directory structure of the memory in accordance with the identification of the host device, wherein the reorganization results in the digital content appearing to be located in a directory expected by the host device.

Abstract: Methods for transmitting application specific or extended commands between a host and a memory card are disclosed. Commands for an extended card protocol are embedded in messages, along with a marker, in the data or command portion of a base card transmission protocol that is used to communicate between the host and the memory card. This allows for the transmission of application specific commands that lack a corresponding command in the base card protocol. The method can be implemented on the host side at the device driver level or the file level. In order to implement a read command in the extended card protocol, a write command in the base card protocol with an encapsulated read command in the extended protocol is first sent to a logical address, followed by a read command to the same logical address. Message set identifiers associate embedded commands and data received in separate transmissions.

Abstract: A memory device and method for content virtualization are disclosed. In one embodiment, a plurality of directories are created in the memory of the memory device, wherein each of the plurality of directories points to a same storage location of the digital content. In another embodiment, a first header for the digital content is stored in each of the different directories, wherein the first header comprises information about where to find the digital content in the memory. In yet another embodiment, the memory device comprises circuitry that receives an identification of a host device in communication with the memory device and reorganizes a directory structure of the memory in accordance with the identification of the host device, wherein the reorganization results in the digital content appearing to be located in a directory expected by the host device.

Abstract: A memory device and method for content virtualization are disclosed. In one embodiment, a plurality of directories are created in the memory of the memory device, wherein each of the plurality of directories points to a same storage location of the digital content. In another embodiment, a first header for the digital content is stored in each of the different directories, wherein the first header comprises information about where to find the digital content in the memory. In yet another embodiment, the memory device comprises circuitry that receives an identification of a host device in communication with the memory device and reorganizes a directory structure of the memory in accordance with the identification of the host device, wherein the reorganization results in the digital content appearing to be located in a directory expected by the host device.

Abstract: A method and system of controlling access to a hardware or software feature provided by a host is disclosed. An application seeking authorization to access a feature transmits a credential and an index to a host agent within the host. The index is associated with the requested feature. The host agent reads credential validation data from a storage location corresponding to the index in a non-volatile storage device in communication with the host. The validity of the credential is determined based on the credential validation data, and an authorization is transmitted if the credential is valid. A third party can control the outcome of the validity determination by sending an instruction to the host to replace the credential validation data with invalid data that causes the validity test to fail. The third party can also control the non-volatile storage device data used by the application to calculate the credential.

Abstract: Methods for transmitting application specific or extended commands between a host and a memory card are disclosed. Commands for an extended card protocol are embedded in messages, along with a marker, in the data or command portion of a base card transmission protocol that is used to communicate between the host and the memory card. This allows for the transmission of application specific commands that lack a corresponding command in the base card protocol. The method can be implemented on the host side at the device driver level or the file level. In order to implement a read command in the extended card protocol, a write command in the base card protocol with an encapsulated read command in the extended protocol is first sent to a logical address, followed by a read command to the same logical address. Message set identifiers associate embedded commands and data received in separate transmissions.

Abstract: In order to create and access a secure storage account in a non-volatile memory device, an account identification value is calculated. A memory identification value is read from a first non-volatile memory device. The memory identification value and the account identification value are transmitted to a second non-volatile memory device, and a calculated credential is received. A command is transmitted to create a secure storage account in the first non-volatile memory device, where the command contains the credential and the account identification value. To access the account, a sequence is transmitted, containing the account identification value and a value based on the credential. A secure storage system contains a first non-volatile memory device that stores a memory identification value and contains a secure partition accessible using a credential, a second non-volatile memory device that can compute the credential, and a host adapted to create and access the secure partition.

Abstract: A method for encrypting data may generate an encryption instruction and combine it with a payload of data to form a packet. The packet is associated with a command and passed to a host file system process. The packet, now associated with a second command, is received from the host file system process. The encryption instruction and the payload of data are extracted from the packet. At least a portion of the payload of data is encrypted based on the encryption instruction. A method for decrypting data may receive a packet and generate a decryption instruction. At least a portion of the packet is decrypted using at least the decryption instruction. The second packet comprising the decrypted packet is passed to a host file system process. A third packet comprising the decrypted packet is received from the host file system process. The decrypted packet is extracted from the third packet.

Abstract: A memory device and method for content virtualization are disclosed. In one embodiment, a plurality of directories are created in the memory of the memory device, wherein each of the plurality of directories points to a same storage location of the digital content. In another embodiment, a first header for the digital content is stored in each of the different directories, wherein the first header comprises information about where to find the digital content in the memory. In yet another embodiment, the memory device comprises circuitry that receives an identification of a host device in communication with the memory device and reorganizes a directory structure of the memory in accordance with the identification of the host device, wherein the reorganization results in the digital content appearing to be located in a directory expected by the host device.

Abstract: A non-volatile memory interface device contains first, second, and third communication interfaces configured for first, second, and third protocols, respectively. The device also contains a memory controller that selectively communicates between the first and second communication interfaces, and between the first and third communication interfaces. The device also contains a receptacle that can receive a removable non-volatile memory card and electrically connect the card to the second and third communication interfaces. The first communication interface may be a Universal Serial Bus Interface and may be in communicatively coupled to a USB connector. The second communication interface may be an ISO 7816 interface. A communications adapter is an enclosure containing a receptacle that can receive a non-volatile memory card and a USB connector. The USB connector is communicatively coupled with the non-volatile memory card in the receptacle.