US20140337592A1 - Peripheral device data integrity - Google Patents
Peripheral device data integrity Download PDFInfo
- Publication number
- US20140337592A1 US20140337592A1 US14/171,146 US201414171146A US2014337592A1 US 20140337592 A1 US20140337592 A1 US 20140337592A1 US 201414171146 A US201414171146 A US 201414171146A US 2014337592 A1 US2014337592 A1 US 2014337592A1
- Authority
- US
- United States
- Prior art keywords
- memory
- storage device
- peripheral storage
- data
- host computer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1456—Hardware arrangements for backup
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1448—Management of the data involved in backup or backup restore
- G06F11/1451—Management of the data involved in backup or backup restore by selection of backup contents
Definitions
- the present invention relates generally to peripheral devices. More specifically, the present invention relates to maintaining the integrity of data on a peripheral storage device.
- backup refers to making copies of data so that these additional copies may be used to restore the original after a data loss event (e.g., data corruption).
- data loss event e.g., data corruption
- data can be stored on a peripheral device, such as a secure data storage device (an external hard drive or a Universal Serial Bus (USB) flash drive, for example).
- a peripheral device such as a secure data storage device (an external hard drive or a Universal Serial Bus (USB) flash drive, for example).
- USB Universal Serial Bus
- data corruption can occur. For example, if a device is disconnected from a host computer without initially performing a clean ejection, then data can be corrupted. Consequently, there is a need in the art for an improved system and method for maintaining the integrity of data stored on a peripheral storage device.
- Embodiments of the present invention allow for protecting against corruption of data stored on a peripheral storage device, such as a USB flash drive for example.
- PCI Data Security Standard (PCI DSS), Ethernet, etc., couplings are also contemplated.
- the data can include at least a portion of an operating system (OS) or a virtual machine (VM).
- OS operating system
- VM virtual machine
- a method for protecting against corruption of data stored in a peripheral storage device.
- the peripheral storage device is communicatively coupled with a host computer.
- the peripheral storage device includes at least memory and a controller. Data from the host computer is stored to a first portion of the peripheral storage device memory.
- the controller backs up some or all of the data to a second portion of the data to a second portion of the peripheral storage device memory.
- the controller also restores some or all of the data from the second portion of the peripheral storage device memory to the first portion of the peripheral storage device memory.
- a system for protecting against corruption of data stored in a peripheral storage device.
- the system includes a peripheral storage device with at least memory and a controller.
- the memory includes a first portion of memory and a second portion of memory.
- the system further includes a host computer communicatively coupled with the peripheral storage device.
- the system also includes a controller configured to backup some or all of the data to the second portion of the peripheral storage device memory, and configured to restore some or all of the data from the second portion of the peripheral storage device memory to the first portion of the peripheral storage device memory.
- a third claimed embodiment includes a computer readable storage medium having a program embodied thereon.
- the program is executable by a processor to perform a method for protecting against corruption of data stored in a peripheral storage device.
- the method includes communicatively coupling the peripheral storage device with a host computer, the peripheral storage device comprising at least memory and a controller; storing data from the host computer to a first portion of the peripheral storage device memory; the controller backing-up some or all of the data to a second portion of the peripheral storage device memory; and the controller restoring some or all of the data from the second portion of the peripheral storage device memory to the first portion of the peripheral storage device memory.
- FIG. 1 is a block diagram of an exemplary environment for practicing embodiments of the present invention.
- FIG. 2 is a block diagram of an exemplary peripheral device employed in the environment of FIG. 1 .
- FIG. 3 is a block diagram of an exemplary memory included in the peripheral device of FIG. 2 .
- FIG. 4 is a block diagram of an exemplary unsecure area included in the peripheral device of FIG. 2 .
- FIG. 5 is a flowchart of an exemplary method for protecting against data corruption of an operating system run from a peripheral storage device.
- the present invention provides methods and systems for protecting against data corruption on a peripheral storage device, such as, for example, corruption of an OS or VM run from a peripheral storage device.
- a peripheral storage device such as, for example, corruption of an OS or VM run from a peripheral storage device.
- the peripheral device is a portable storage device, such as a USB flash drive, for example.
- the device can be coupled to a host computer. If the device disconnected from the host computer without initially performing a clean ejection, then data can be corrupted.
- a “clean ejection” refers to the instance where the host computer and operating system, or virtual machine, are shut down properly, and the peripheral device was not removed from the host computer (or the power to the peripheral device shut off) before an ejection.
- the device may be running an OS or VM image on a host computer, as discussed in “Running a Computer from a Secure Portable Device.” Consequently, there is a need in the art for an improved system and method for protecting against data corruption on a peripheral storage device.
- the environment 100 includes a peripheral storage device 105 and a host computer 110 .
- the peripheral storage device 105 is communicatively coupled with the host computer 110 .
- communicative couplings may be wireless or wired. In some exemplary embodiments, the communicative coupling is done over a secure channel, or secure communication path.
- the peripheral storage device 105 can be a secure peripheral storage device (e.g., encrypted) and include a device secure channel engine.
- the host computer 110 in one embodiment, is communicatively coupled with a network and a server.
- the server includes a server secure channel engine.
- the device secure channel engine includes a device cryptography module, a challenge generation module, a verification module, and a device storage module. Execution of the device cryptography module allows the controller 210 (e.g. a processor) to encrypt and decrypt information stored by the memory 205 and transferred between the peripheral storage device 105 and the server, for example.
- the device cryptography module 305 implements one or more of a variety of cryptographic technologies. Examples of cryptographic technologies include symmetric algorithms such as Twofish, Serpent, AES (Rijndael), Blowfish, CAST5, RC4, TDES, and IDEA, as well as asymmetric algorithms that use one key to encrypt given information and another key to decrypt that information.
- the device cryptography module may also be executable to concatenate information transferred between the peripheral storage device 105 and a server. Concatenation may be achieved through usage of message authentication code (MAC).
- MAC message authentication code
- MAC describes a hashing mechanism with an associated secret that is used to identify a piece of data.
- Execution of the challenge generation module allows the controller 210 to generate a server challenge.
- the server challenge may include a set of random numbers and be used to confirm an identity of the server.
- the server challenge is generated through execution of the challenge generation module on numerous occasions. For example, the server challenge may be generated each time a secure channel is established between the peripheral storage device 105 and the server.
- Execution of the verification module allows the controller 210 to verify various information sent by the server to the peripheral storage device 105 .
- the verification module is executable to verify signatures applied by the server to transferred information.
- the verification module may also be executable to verify that a server challenge received back from the server is consistent with a corresponding server challenge initially sent from the peripheral storage device 105 to the server. Additionally, it may be necessary to decrypt such a server challenge returned from the server. Decryption of the server challenge is achieved through execution of the device cryptography module.
- the device storage module may be configured to manage information associated with formation of a secure channel between the peripheral storage device 105 and the server. This information may be stored on the controller 210 or the memory 205 , and is accessed through execution of the device storage module. In exemplary embodiments, this information includes a device token.
- the device token may be created when the peripheral storage device 105 is fabricated or at a later time.
- the device token may include a unique device identification (ID).
- ID includes a series of bytes that identify the peripheral storage device 105 in exemplary embodiments.
- the device token may include a public key. In general, public key cryptography is a method for secret communication between two parties without requiring an initial exchange of secret keys.
- the public key may be one of a set of keys that includes the public key and a private key.
- the private key may be retained by the peripheral storage device 105 .
- the public key and the private key may be used by the cryptography module to encrypt and decrypt information stored by the memory 205 and transferred between the peripheral storage device 105 and the server.
- the server secure channel engine may be included in the memory and/or storage of the server.
- the server secure channel engine includes a server cryptography module, a shared secret module, a signature module, and a server storage module.
- Execution of the server cryptography module allows the processor of the server to encrypt and decrypt information stored by the memory and storage of the server and transferred between the peripheral storage device 105 and the server.
- the server cryptography module implements one or more of a variety of cryptographic technologies in accordance with exemplary embodiments.
- the server cryptography module may also be executable to concatenate information transferred between the peripheral storage device 105 and the server.
- Execution of the shared secret generation module allows the processor of the server to generate a shared secret.
- This shared secret may be distributed to the peripheral storage device 105 .
- the shared secret includes an AES key concatenated with a MAC in exemplary embodiments. Those skilled in the art will be familiar with AES keys.
- Execution of the signature module allows the processor of the server to digitally sign certain information transferred to the portable storage device 105 .
- the signature module may utilize an RSA signature.
- RSA is an algorithm for public key cryptography that is suitable for signing as well as encryption.
- the server storage module may be configured to manage information associated with a secure channel formed between the peripheral storage device 105 and the server. This information may be stored by the memory or storage of the server, and is accessed through execution of the server storage module. In exemplary embodiments, this information includes information associated with the peripheral storage device 105 . For example, this information may include the device ID of the peripheral storage device 105 .
- the secure channel (or secure communication path), including the device secure channel engine and the server secure channel engine, are described more fully in “Establishing a Secure Channel Between a Server and a Portable Storage Device,” which was referenced above.
- the peripheral storage device 105 can include any device that is capable of storing digital information.
- the peripheral storage device 105 can be a removable or unpluggable data storage device (e.g., a USB drive).
- the peripheral storage device 105 can be portable in one embodiment, but it is not limited to being a portable device.
- the peripheral storage device 105 can be an encrypted device (e.g., hardware encrypted).
- the peripheral storage device 105 can also be encrypted in software or firmware in other embodiments.
- the peripheral storage device 105 is described herein in the context of a secure USB flash drive. The peripheral storage device 105 is discussed in further detail in connection with FIG. 2 .
- the host computer 110 includes any computing device that can interface with the peripheral storage device 105 .
- Examples of the host computer 110 include a personal computer (PC), a personal digital assistant (PDA), a Smartphone, and other various devices.
- the host computer 110 includes one or more communications interfaces (not depicted) to facilitate communicative coupling with the peripheral storage device 105 .
- the host computer 110 can include a processor, memory such as random access memory (RAM), and storage such as read-only memory (ROM) (which are not depicted).
- RAM random access memory
- ROM read-only memory
- the host computer 110 can include a control panel (not depicted). According to exemplary embodiments, the control panel can be effectuated by instructions that are executed by the processor of the host computer 110 . The control panel can also allow a user to manage digital information stored within the peripheral storage device 105 .
- These instructions can be stored within the peripheral storage device 105 and retrieved by the host computer 110 for execution. In one embodiment, these instructions can be stored as software in a control panel module in the peripheral storage device 105 . However, it is contemplated that the instructions can be stored as software, firmware, hardware, as a combination, or in various other ways. It is also envisioned that the instructions associated with the control panel can be stored by the host computer 110 , or stored remotely and accessed by the host computer 110 via a network.
- FIG. 2 is a block diagram of the exemplary peripheral storage device 105 employed in the environment 100 of FIG. 1 .
- the peripheral storage device 105 can be any device that is that is used to store digital information, and in one embodiment the peripheral storage device 105 is portable.
- the peripheral storage device 105 depicted in FIG. 2 includes a memory 205 , a controller 210 , and an interface 215 , which is a USB interface in one embodiment.
- the memory 205 can include a computer-readable storage medium. While common forms of computer-readable storage media include, for example, a floppy disk, a flexible disk, a hard disk, magnetic tape, any other magnetic medium, a CD-ROM disc, digital video disc (DVD), and any other optical medium, the memory 205 is described in the context of non-volatile memory that can be electrically erased and rewritten. Examples of such non-volatile memory include NAND flash and NOR flash. Additionally, the memory 205 can comprise other existing memory technologies. The memory 205 can also comprise various other memory technologies as they become available in the future.
- the controller 210 can be a processor or microcontroller with an amount of on-chip ROM and/or RAM.
- the controller 210 is communicatively coupled with the memory 205 and the interface 215 .
- the controller 210 can include software and/or firmware that can execute various modules, such as modules described herein.
- the controller 210 functions as an intermediary between the host computer 110 and the memory 205 .
- the controller 210 or various modules executed thereby, can receive write commands from the host computer 110 and determine how data associated with those write commands is to be managed with respect to the memory 205 .
- the peripheral storage device 105 can be communicatively coupled with the host computer 110 in either a wireless or wired manner.
- the interface 215 facilitates this coupling by allowing information to be transferred between the peripheral storage device 105 and the host computer 110 .
- the interface 215 includes a USB plug that is insertable into a mating USB port of the host computer 110 .
- the interface 215 can include other standards for communicative coupling such as FireWire, Ethernet, Wireless USB, ESATA, Bluetooth, or other standards.
- the interface 215 can comprise other interface technologies as they become available.
- FIG. 3 is a block diagram of the exemplary memory 205 included in the peripheral storage device 105 of FIG. 2 .
- the memory 205 includes an unsecure area 305 such as a CD volume or CD partition, for example.
- the memory 205 also includes a secure area 310 such as a secure volume or secure partition, for example.
- the secure area 310 is encrypted.
- unsecure area can mean an area of memory of the peripheral storage device 105 that is completely unsecure.
- unsecure area can refer to an area of memory of the peripheral storage device 105 that includes some level of protection to prevent a user from updating the area.
- unsecure area can be an area of memory emulating a CD-ROM.
- the term “secure area” can refer to an area of memory of the peripheral storage device 105 that is encrypted in order to keep unauthorized users from accessing the area.
- the term “secure area” can refer to a secure volume on the peripheral storage device 105 .
- the term “secure area” can refer to an area of memory that is unwritable to one or more users.
- a VM image 315 which is considered to be a guest OS, is stored in the secure area 310 .
- the virtual machine image 315 is stored in the unsecure area 305 .
- the secure area 310 of the memory 205 includes a first portion of memory, such as a memory area A 320 .
- the secure area 310 of the memory 205 further includes a backup portion of memory, such as a memory area B 325 .
- the memory area A 320 can be backed-up to the memory area B 325 by the backup module 330 .
- the restoration module 335 upon either a command from the host computer 110 or as determined by the controller 210 .
- the contents of the memory area A 320 and the contents of the memory area B 325 can include files, VM images, OSes, applications, various types of data, etc.
- the contents can be encrypted, in one embodiment.
- the memory area A 320 and the memory area B 325 can be located in the unsecure area 305 .
- the memory area A 320 can be the backup area for the memory area B 325 .
- the memory area A 320 and the memory area B 325 can include blocks of NAND flash, for example.
- the backing-up and restoring can be accomplished by the controller 210 and/or the backup module 330 and the restoration module 335 .
- the backup module 330 and/or the restoration module 335 can be stored on the controller 210 .
- FIG. 4 is a block diagram of the exemplary unsecure area 305 included in the peripheral device of FIG. 2 .
- the unsecure area 305 includes a VM player 405 , an unlocker module 410 , and a first OS 415 (which could be considered a host OS and could be a small OS in one embodiment).
- Modules mentioned herein, such as those included in the unsecure area 305 and secure area 310 can be stored as software, firmware, hardware, as a combination, or in various other ways. It is contemplated that various modules can be removed or included in other suitable locations besides those locations specifically disclosed herein. In various embodiments, additional modules can be included in the exemplary system described herein. It is envisioned that in various embodiments the first OS 415 is not required.
- the VM player 405 is configured to run the VM image 315 , which is considered to be a guest OS as mentioned herein.
- the VM image 315 is specifically node-locked to the VM player 405 .
- the unlocker module 410 is configured to unlock the secure area 310 of the memory 205 .
- the unlocker module 410 is further configured to launch the VM player 405 on the first OS 415 .
- the first OS 415 launches the VM player 405 .
- the first OS 415 runs a program that calls the unlocker module 410 . The program might check to see if the secure area 310 is opened first, and if it is, indicate that no unlocking is currently needed.
- a launching module is used to launch the VM player 405 .
- FIG. 5 is a flowchart of an exemplary method for protecting against data corruption of an OS run from the peripheral storage device 105 .
- the OS can be run natively or virtually from the peripheral storage device 105 .
- the peripheral storage device 105 is communicatively coupled with the host computer 110 , thus forming a secure channel.
- the memory area A 320 is saved (written) to the memory 205 of the peripheral storage device 105 .
- the memory area A 320 might contain a portion of an OS, or an entire OS, for example.
- the memory area A 320 is then optionally flagged as being in a known good state.
- a pointer is set to point to the memory area A 320 , indicating that the memory area A 320 is to be used (e.g. run) and is not considered a backup.
- the OS stored in the memory area A 320 is then run.
- the pointer is still pointing to the memory area A 320 .
- a clean ejection command from the host computer 110 is received by the peripheral storage device 105 .
- the contents of the memory area A 320 are copied (i.e. backed up) to the memory area B 325 .
- the memory area B 325 is then optionally flagged as good.
- step 520 if there is corruption of the contents of the memory area B 325 (e.g. a user disconnects the peripheral storage device 105 from the host computer 110 ) before completion of saving to the memory area B 325 then restoration is performed.
- the memory area A 320 is copied to the memory area B 325 .
- the memory area B 325 is then optionally flagged as being in a known good state after the backup is complete and verified.
- the pointer still points to the memory area A 320 .
- the memory area B 325 is considered to be the backup.
- the OS in the memory area A 320 is then run. If corruption of the memory area A 320 is detected then the system restores by copying the memory area B 325 to the memory area A 320 .
- the memory area A 320 is optionally flagged as being in a known good state when the backup is complete and verified. The pointer then points to the memory area B 325 , and the memory area A 320 is considered to be the backup.
- the OS in the memory area B 325 is then run. If corruption of the memory area B 325 is detected, then a restore is performed and the memory area A 320 is copied to the memory area B 325 . When the backup is complete and verified, the memory area B 325 is optionally marked as good. The pointer is then set to point to the memory area A 320 .
- the backups are verified before changing the pointer. In another embodiment the backups are not verified before changing the pointer.
- the pointer when the system performs a backup of, say, the memory area A 320 to the memory area B 325 , the pointer then points to the memory area B 325 and the system runs the memory area B 325 with the memory area A 320 being considered a backup.
- Backing up and restoring can be performed manually in one embodiment. In another embodiment the backing up can be performed automatically at checkpoints.
- the checkpoints can occur every time a lock or unlock command is received in one embodiment. Alternatively, the checkpoints can occur at set intervals of time, or even randomly. Any other suitable checkpoints can be used in accordance with the present invention.
- Backing-up can be performed at a startup time of the peripheral storage device 105 if the peripheral storage device 105 was cleanly ejected or shutdown previously. Monitoring of whether the peripheral storage device 105 and a host operating system were shutdown cleanly can be performed by the peripheral storage device and the host computer.
- a hash of A and a hash of B can be taken and results compared to each other.
- Checksums can be used in another embodiment. Any other suitable methods can be utilized in accordance with the present invention.
- backing-up of the saved portion of the OS (or other content) to a backup area is performed on a subset of the saved portion of the OS.
- the subset of the saved portion of the operating system comprises data that was modified since a previous backup.
- the backup and restoration can be performed remotely, such as by backing up and restoring over a network.
- a wi-fi or any other suitable network can be implemented.
- a power supply can be included with the peripheral storage device 105 .
- the power supply can be a battery, capacitor, solar cell(s), or any other suitable type of power supply.
- the power supply allows for backup to proceed if the device is prematurely ejected (i.e. not cleanly ejected) from the host computer 110 , or if the host computer 110 is shutdown completely before backup is complete.
- compressing and decompressing can be performed during backup and recovery, respectively. Thus, less storage is used.
Abstract
A system and method for protecting against corruption of data stored in a peripheral storage device. The peripheral storage device is communicatively coupled with a host computer. The peripheral storage device includes at least memory and a controller. Data from the host computer is stored to a first portion of the peripheral storage device memory. The controller backs up some or all of the data to a second portion of the data to a second portion of the peripheral storage device memory. The controller restores some or all of the data from the second portion of the peripheral storage device memory to the first portion of the peripheral storage device memory.
Description
- The present application is related to U.S. Provisional Patent Application No. 61/126,473 filed May 2, 2008 and entitled “Enterprise Device Recovery,” U.S. patent application Ser. No. 12/434,628 filed May 2, 2009 and entitled “Enterprise Device Recovery,” U.S. patent application Ser. No. 12/412,844 filed Mar. 27, 2009 and entitled “Establishing a Secure Channel Between a Server and a Portable Storage Device,” and U.S. patent application Ser. No. ______, filed concurrently herewith and entitled “Running a Computer from a Secure Portable Device,” the disclosures of which are incorporated herein by reference.
- 1. Field of the Invention
- The present invention relates generally to peripheral devices. More specifically, the present invention relates to maintaining the integrity of data on a peripheral storage device.
- 2. Related Art
- It is typically desirable to maintain the integrity of data stored in data storage devices and other peripheral devices. Corruption of memory at the application level is often an issue in data storage devices. Corruption can occur when less than all the appropriate data is written during an update of an area of memory. These problems can occur readily due to events such as device contention, surprise eject, forceful application termination, and application malfunctioning, whether crashing or otherwise.
- Additional copies of the data that are made are typically called “backups.” The term “backup,” in this context, refers to making copies of data so that these additional copies may be used to restore the original after a data loss event (e.g., data corruption).
- Presently, data can be stored on a peripheral device, such as a secure data storage device (an external hard drive or a Universal Serial Bus (USB) flash drive, for example). These devices can be coupled to a host computer. However, data corruption can occur. For example, if a device is disconnected from a host computer without initially performing a clean ejection, then data can be corrupted. Consequently, there is a need in the art for an improved system and method for maintaining the integrity of data stored on a peripheral storage device.
- Embodiments of the present invention allow for protecting against corruption of data stored on a peripheral storage device, such as a USB flash drive for example. PCI Data Security Standard (PCI DSS), Ethernet, etc., couplings are also contemplated. In some exemplary embodiments, the data can include at least a portion of an operating system (OS) or a virtual machine (VM).
- In a first claimed embodiment, a method is disclosed for protecting against corruption of data stored in a peripheral storage device. The peripheral storage device is communicatively coupled with a host computer. The peripheral storage device includes at least memory and a controller. Data from the host computer is stored to a first portion of the peripheral storage device memory. The controller backs up some or all of the data to a second portion of the data to a second portion of the peripheral storage device memory. The controller also restores some or all of the data from the second portion of the peripheral storage device memory to the first portion of the peripheral storage device memory.
- In a second claimed embodiment, a system is set forth for protecting against corruption of data stored in a peripheral storage device. The system includes a peripheral storage device with at least memory and a controller. The memory includes a first portion of memory and a second portion of memory. The system further includes a host computer communicatively coupled with the peripheral storage device. The system also includes a controller configured to backup some or all of the data to the second portion of the peripheral storage device memory, and configured to restore some or all of the data from the second portion of the peripheral storage device memory to the first portion of the peripheral storage device memory.
- A third claimed embodiment includes a computer readable storage medium having a program embodied thereon. The program is executable by a processor to perform a method for protecting against corruption of data stored in a peripheral storage device. The method includes communicatively coupling the peripheral storage device with a host computer, the peripheral storage device comprising at least memory and a controller; storing data from the host computer to a first portion of the peripheral storage device memory; the controller backing-up some or all of the data to a second portion of the peripheral storage device memory; and the controller restoring some or all of the data from the second portion of the peripheral storage device memory to the first portion of the peripheral storage device memory.
-
FIG. 1 is a block diagram of an exemplary environment for practicing embodiments of the present invention. -
FIG. 2 is a block diagram of an exemplary peripheral device employed in the environment ofFIG. 1 . -
FIG. 3 is a block diagram of an exemplary memory included in the peripheral device ofFIG. 2 . -
FIG. 4 is a block diagram of an exemplary unsecure area included in the peripheral device ofFIG. 2 . -
FIG. 5 is a flowchart of an exemplary method for protecting against data corruption of an operating system run from a peripheral storage device. - The present invention provides methods and systems for protecting against data corruption on a peripheral storage device, such as, for example, corruption of an OS or VM run from a peripheral storage device. In one embodiment, the peripheral device is a portable storage device, such as a USB flash drive, for example.
- As described herein, the device can be coupled to a host computer. If the device disconnected from the host computer without initially performing a clean ejection, then data can be corrupted. (A “clean ejection” refers to the instance where the host computer and operating system, or virtual machine, are shut down properly, and the peripheral device was not removed from the host computer (or the power to the peripheral device shut off) before an ejection.) The device may be running an OS or VM image on a host computer, as discussed in “Running a Computer from a Secure Portable Device.” Consequently, there is a need in the art for an improved system and method for protecting against data corruption on a peripheral storage device.
- Referring now to
FIG. 1 , a block diagram of anexemplary environment 100 is presented. As depicted, theenvironment 100 includes aperipheral storage device 105 and ahost computer 110. Theperipheral storage device 105 is communicatively coupled with thehost computer 110. It is noteworthy that communicative couplings may be wireless or wired. In some exemplary embodiments, the communicative coupling is done over a secure channel, or secure communication path. - In one embodiment, the
peripheral storage device 105 can be a secure peripheral storage device (e.g., encrypted) and include a device secure channel engine. Thehost computer 110, in one embodiment, is communicatively coupled with a network and a server. The server includes a server secure channel engine. - The device secure channel engine includes a device cryptography module, a challenge generation module, a verification module, and a device storage module. Execution of the device cryptography module allows the controller 210 (e.g. a processor) to encrypt and decrypt information stored by the
memory 205 and transferred between theperipheral storage device 105 and the server, for example. In exemplary embodiments, thedevice cryptography module 305 implements one or more of a variety of cryptographic technologies. Examples of cryptographic technologies include symmetric algorithms such as Twofish, Serpent, AES (Rijndael), Blowfish, CAST5, RC4, TDES, and IDEA, as well as asymmetric algorithms that use one key to encrypt given information and another key to decrypt that information. Those skilled in the art will be familiar with symmetric and asymmetric approaches to cryptography. The device cryptography module may also be executable to concatenate information transferred between theperipheral storage device 105 and a server. Concatenation may be achieved through usage of message authentication code (MAC). Generally speaking, MAC describes a hashing mechanism with an associated secret that is used to identify a piece of data. - Execution of the challenge generation module allows the
controller 210 to generate a server challenge. The server challenge may include a set of random numbers and be used to confirm an identity of the server. Furthermore, the server challenge is generated through execution of the challenge generation module on numerous occasions. For example, the server challenge may be generated each time a secure channel is established between theperipheral storage device 105 and the server. - Execution of the verification module allows the
controller 210 to verify various information sent by the server to theperipheral storage device 105. In exemplary embodiments, the verification module is executable to verify signatures applied by the server to transferred information. The verification module may also be executable to verify that a server challenge received back from the server is consistent with a corresponding server challenge initially sent from theperipheral storage device 105 to the server. Additionally, it may be necessary to decrypt such a server challenge returned from the server. Decryption of the server challenge is achieved through execution of the device cryptography module. - The device storage module may be configured to manage information associated with formation of a secure channel between the
peripheral storage device 105 and the server. This information may be stored on thecontroller 210 or thememory 205, and is accessed through execution of the device storage module. In exemplary embodiments, this information includes a device token. The device token may be created when theperipheral storage device 105 is fabricated or at a later time. The device token may include a unique device identification (ID). The device ID includes a series of bytes that identify theperipheral storage device 105 in exemplary embodiments. In addition, the device token may include a public key. In general, public key cryptography is a method for secret communication between two parties without requiring an initial exchange of secret keys. The public key may be one of a set of keys that includes the public key and a private key. The private key may be retained by theperipheral storage device 105. The public key and the private key may be used by the cryptography module to encrypt and decrypt information stored by thememory 205 and transferred between theperipheral storage device 105 and the server. - The server secure channel engine, or certain modules thereof, may be included in the memory and/or storage of the server. The server secure channel engine includes a server cryptography module, a shared secret module, a signature module, and a server storage module.
- Execution of the server cryptography module allows the processor of the server to encrypt and decrypt information stored by the memory and storage of the server and transferred between the
peripheral storage device 105 and the server. Much like device cryptography module, the server cryptography module implements one or more of a variety of cryptographic technologies in accordance with exemplary embodiments. The server cryptography module may also be executable to concatenate information transferred between theperipheral storage device 105 and the server. - Execution of the shared secret generation module allows the processor of the server to generate a shared secret. This shared secret may be distributed to the
peripheral storage device 105. The shared secret includes an AES key concatenated with a MAC in exemplary embodiments. Those skilled in the art will be familiar with AES keys. - Execution of the signature module allows the processor of the server to digitally sign certain information transferred to the
portable storage device 105. In exemplary embodiments, the signature module may utilize an RSA signature. RSA is an algorithm for public key cryptography that is suitable for signing as well as encryption. - The server storage module may be configured to manage information associated with a secure channel formed between the
peripheral storage device 105 and the server. This information may be stored by the memory or storage of the server, and is accessed through execution of the server storage module. In exemplary embodiments, this information includes information associated with theperipheral storage device 105. For example, this information may include the device ID of theperipheral storage device 105. - The secure channel (or secure communication path), including the device secure channel engine and the server secure channel engine, are described more fully in “Establishing a Secure Channel Between a Server and a Portable Storage Device,” which was referenced above.
- It is contemplated that the
peripheral storage device 105 can include any device that is capable of storing digital information. In one embodiment according to aspects of the present invention, theperipheral storage device 105 can be a removable or unpluggable data storage device (e.g., a USB drive). Theperipheral storage device 105 can be portable in one embodiment, but it is not limited to being a portable device. Theperipheral storage device 105 can be an encrypted device (e.g., hardware encrypted). Theperipheral storage device 105 can also be encrypted in software or firmware in other embodiments. For illustrative purposes, theperipheral storage device 105 is described herein in the context of a secure USB flash drive. Theperipheral storage device 105 is discussed in further detail in connection withFIG. 2 . - The
host computer 110 includes any computing device that can interface with theperipheral storage device 105. Examples of thehost computer 110 include a personal computer (PC), a personal digital assistant (PDA), a Smartphone, and other various devices. Thehost computer 110 includes one or more communications interfaces (not depicted) to facilitate communicative coupling with theperipheral storage device 105. Additionally, thehost computer 110 can include a processor, memory such as random access memory (RAM), and storage such as read-only memory (ROM) (which are not depicted). Those skilled in the art will be familiar with the components and functionality of computing devices such as thehost computer 110. - The
host computer 110 can include a control panel (not depicted). According to exemplary embodiments, the control panel can be effectuated by instructions that are executed by the processor of thehost computer 110. The control panel can also allow a user to manage digital information stored within theperipheral storage device 105. - These instructions can be stored within the
peripheral storage device 105 and retrieved by thehost computer 110 for execution. In one embodiment, these instructions can be stored as software in a control panel module in theperipheral storage device 105. However, it is contemplated that the instructions can be stored as software, firmware, hardware, as a combination, or in various other ways. It is also envisioned that the instructions associated with the control panel can be stored by thehost computer 110, or stored remotely and accessed by thehost computer 110 via a network. -
FIG. 2 is a block diagram of the exemplaryperipheral storage device 105 employed in theenvironment 100 ofFIG. 1 . Theperipheral storage device 105 can be any device that is that is used to store digital information, and in one embodiment theperipheral storage device 105 is portable. In one embodiment, theperipheral storage device 105 depicted inFIG. 2 includes amemory 205, acontroller 210, and aninterface 215, which is a USB interface in one embodiment. - The
memory 205 can include a computer-readable storage medium. While common forms of computer-readable storage media include, for example, a floppy disk, a flexible disk, a hard disk, magnetic tape, any other magnetic medium, a CD-ROM disc, digital video disc (DVD), and any other optical medium, thememory 205 is described in the context of non-volatile memory that can be electrically erased and rewritten. Examples of such non-volatile memory include NAND flash and NOR flash. Additionally, thememory 205 can comprise other existing memory technologies. Thememory 205 can also comprise various other memory technologies as they become available in the future. - The
controller 210 can be a processor or microcontroller with an amount of on-chip ROM and/or RAM. Thecontroller 210 is communicatively coupled with thememory 205 and theinterface 215. Additionally, thecontroller 210 can include software and/or firmware that can execute various modules, such as modules described herein. As such, thecontroller 210 functions as an intermediary between thehost computer 110 and thememory 205. For example, thecontroller 210, or various modules executed thereby, can receive write commands from thehost computer 110 and determine how data associated with those write commands is to be managed with respect to thememory 205. - As mentioned, the
peripheral storage device 105 can be communicatively coupled with thehost computer 110 in either a wireless or wired manner. Theinterface 215 facilitates this coupling by allowing information to be transferred between theperipheral storage device 105 and thehost computer 110. In exemplary embodiments, theinterface 215 includes a USB plug that is insertable into a mating USB port of thehost computer 110. Alternatively, theinterface 215 can include other standards for communicative coupling such as FireWire, Ethernet, Wireless USB, ESATA, Bluetooth, or other standards. Furthermore, theinterface 215 can comprise other interface technologies as they become available. - In keeping with embodiments according the present invention,
FIG. 3 is a block diagram of theexemplary memory 205 included in theperipheral storage device 105 ofFIG. 2 . Thememory 205 includes anunsecure area 305 such as a CD volume or CD partition, for example. Thememory 205 also includes asecure area 310 such as a secure volume or secure partition, for example. In one embodiment, thesecure area 310 is encrypted. - As used herein, the term “unsecure area” can mean an area of memory of the
peripheral storage device 105 that is completely unsecure. Alternatively, the term “unsecure area” can refer to an area of memory of theperipheral storage device 105 that includes some level of protection to prevent a user from updating the area. In one embodiment, “unsecure area” can be an area of memory emulating a CD-ROM. - As used herein, the term “secure area” can refer to an area of memory of the
peripheral storage device 105 that is encrypted in order to keep unauthorized users from accessing the area. In one embodiment, the term “secure area” can refer to a secure volume on theperipheral storage device 105. In one embodiment, the term “secure area” can refer to an area of memory that is unwritable to one or more users. - A
VM image 315, which is considered to be a guest OS, is stored in thesecure area 310. In an alternate embodiment, thevirtual machine image 315 is stored in theunsecure area 305. - The
secure area 310 of thememory 205 includes a first portion of memory, such as amemory area A 320. Thesecure area 310 of thememory 205 further includes a backup portion of memory, such as amemory area B 325. As described herein, thememory area A 320 can be backed-up to thememory area B 325 by thebackup module 330. Thus, if the contents of thememory area A 320 become corrupted then the contents of thememory area B 325 can be copied back to memory area A by therestoration module 335 upon either a command from thehost computer 110 or as determined by thecontroller 210. This is referred to as “restoring” or “restoration.” The contents of thememory area A 320 and the contents of thememory area B 325 can include files, VM images, OSes, applications, various types of data, etc. The contents can be encrypted, in one embodiment. In another embodiment, thememory area A 320 and thememory area B 325 can be located in theunsecure area 305. As described herein, at various times thememory area A 320 can be the backup area for thememory area B 325. Thememory area A 320 and thememory area B 325 can include blocks of NAND flash, for example. - It is contemplated that the backing-up and restoring can be accomplished by the
controller 210 and/or thebackup module 330 and therestoration module 335. In one embodiment, thebackup module 330 and/or therestoration module 335 can be stored on thecontroller 210. -
FIG. 4 is a block diagram of the exemplaryunsecure area 305 included in the peripheral device ofFIG. 2 . Theunsecure area 305 includes aVM player 405, anunlocker module 410, and a first OS 415 (which could be considered a host OS and could be a small OS in one embodiment). Modules mentioned herein, such as those included in theunsecure area 305 andsecure area 310, can be stored as software, firmware, hardware, as a combination, or in various other ways. It is contemplated that various modules can be removed or included in other suitable locations besides those locations specifically disclosed herein. In various embodiments, additional modules can be included in the exemplary system described herein. It is envisioned that in various embodiments thefirst OS 415 is not required. - In keeping with embodiments according to the present invention, the
VM player 405 is configured to run theVM image 315, which is considered to be a guest OS as mentioned herein. In one embodiment, theVM image 315 is specifically node-locked to theVM player 405. Theunlocker module 410 is configured to unlock thesecure area 310 of thememory 205. Theunlocker module 410 is further configured to launch theVM player 405 on thefirst OS 415. In other embodiments, thefirst OS 415 launches theVM player 405. In one embodiment, thefirst OS 415 runs a program that calls theunlocker module 410. The program might check to see if thesecure area 310 is opened first, and if it is, indicate that no unlocking is currently needed. In another embodiment, a launching module is used to launch theVM player 405. - In “Running a Computer from a Secure Portable Device,” which has been incorporated herein, more information is disclosed regarding booting a VM or secondary OS from a peripheral storage device.
-
FIG. 5 is a flowchart of an exemplary method for protecting against data corruption of an OS run from theperipheral storage device 105. The OS can be run natively or virtually from theperipheral storage device 105. Atstep 505, theperipheral storage device 105 is communicatively coupled with thehost computer 110, thus forming a secure channel. - At
step 510, thememory area A 320 is saved (written) to thememory 205 of theperipheral storage device 105. Thememory area A 320 might contain a portion of an OS, or an entire OS, for example. Thememory area A 320 is then optionally flagged as being in a known good state. A pointer is set to point to thememory area A 320, indicating that thememory area A 320 is to be used (e.g. run) and is not considered a backup. The OS stored in thememory area A 320 is then run. - At
step 515, the pointer is still pointing to thememory area A 320. A clean ejection command from thehost computer 110 is received by theperipheral storage device 105. Before ejection, the contents of the memory area A 320 are copied (i.e. backed up) to thememory area B 325. Thememory area B 325 is then optionally flagged as good. - At
step 520, if there is corruption of the contents of the memory area B 325 (e.g. a user disconnects theperipheral storage device 105 from the host computer 110) before completion of saving to thememory area B 325 then restoration is performed. In this case, thememory area A 320 is copied to thememory area B 325. Thememory area B 325 is then optionally flagged as being in a known good state after the backup is complete and verified. The pointer still points to thememory area A 320. Thememory area B 325 is considered to be the backup. - The OS in the
memory area A 320 is then run. If corruption of thememory area A 320 is detected then the system restores by copying thememory area B 325 to thememory area A 320. Thememory area A 320 is optionally flagged as being in a known good state when the backup is complete and verified. The pointer then points to thememory area B 325, and thememory area A 320 is considered to be the backup. - The OS in the
memory area B 325 is then run. If corruption of thememory area B 325 is detected, then a restore is performed and thememory area A 320 is copied to thememory area B 325. When the backup is complete and verified, thememory area B 325 is optionally marked as good. The pointer is then set to point to thememory area A 320. - In one embodiment, the backups are verified before changing the pointer. In another embodiment the backups are not verified before changing the pointer.
- In another embodiment, when the system performs a backup of, say, the
memory area A 320 to thememory area B 325, the pointer then points to thememory area B 325 and the system runs thememory area B 325 with thememory area A 320 being considered a backup. - Backing up and restoring can be performed manually in one embodiment. In another embodiment the backing up can be performed automatically at checkpoints. The checkpoints can occur every time a lock or unlock command is received in one embodiment. Alternatively, the checkpoints can occur at set intervals of time, or even randomly. Any other suitable checkpoints can be used in accordance with the present invention.
- Backing-up can be performed at a startup time of the
peripheral storage device 105 if theperipheral storage device 105 was cleanly ejected or shutdown previously. Monitoring of whether theperipheral storage device 105 and a host operating system were shutdown cleanly can be performed by the peripheral storage device and the host computer. - There are various ways to verify if an area of memory is in a known good state. For example, a hash of A and a hash of B can be taken and results compared to each other. Checksums can be used in another embodiment. Any other suitable methods can be utilized in accordance with the present invention.
- In one embodiment, backing-up of the saved portion of the OS (or other content) to a backup area is performed on a subset of the saved portion of the OS. The subset of the saved portion of the operating system comprises data that was modified since a previous backup.
- In another embodiment, the backup and restoration can be performed remotely, such as by backing up and restoring over a network. A wi-fi or any other suitable network can be implemented.
- In yet another embodiment, a power supply can be included with the
peripheral storage device 105. The power supply can be a battery, capacitor, solar cell(s), or any other suitable type of power supply. The power supply allows for backup to proceed if the device is prematurely ejected (i.e. not cleanly ejected) from thehost computer 110, or if thehost computer 110 is shutdown completely before backup is complete. - In yet another embodiment, compressing and decompressing can be performed during backup and recovery, respectively. Thus, less storage is used.
- Another way to free up storage is to backup and verify the backup, and then delete the other copy (or the backup). Policies for this and other features can be set by an administrator, as discussed in “Enterprise Device Recovery.”
- Thus, a system and method have been disclosed for protecting against corruption of data, (e.g. an OS or VM) run from a peripheral storage device.
- While various embodiments have been described above, it should be understood that they have been presented by way of example only, and not limitation. The descriptions are not intended to limit the scope of the invention to the particular forms set forth herein. Thus, the breadth and scope of a preferred embodiment should not be limited by any of the above-described exemplary embodiments. It should be understood that the above description is illustrative and not restrictive. To the contrary, the present descriptions are intended to cover such alternatives, modifications, and equivalents as may be included within the spirit and scope of the invention as defined by the appended claims and otherwise appreciated by one of ordinary skill in the art. The scope of the invention should, therefore, be determined not with reference to the above description, but instead should be determined with reference to the appended claims along with their full scope of equivalents.
Claims (14)
1-45. (canceled)
46. A method comprising:
communicatively coupling a peripheral storage device with a host computer, the peripheral storage device comprising memory and a controller;
storing data from the host computer to a first portion of the memory;
backing up some or all of the data to a second portion of the memory;
setting a pointer to indicate that the first portion of the memory is to be used and the second portion of the memory is a backup portion;
restoring some or all of the data from the backup portion of the memory to the first portion of the memory to be used; and
changing the pointer to indicate that the second portion of the memory is to be used and the first portion is to be considered the backup portion.
47. The method of claim 46 , wherein the memory comprises an unsecure area and a secure volume.
48. The method of claim 47 , further comprising storing a virtual machine image within the secure volume, the virtual machine image comprising a guest operating system.
49. The method of claim 46 , wherein restoring some or all of the data is initiated upon detection of data corruption of at least a portion of the data stored in the portion of the memory to be used.
50. The method of claim 46 , wherein backing up some or all of the data is performed on a subset of the data that was modified since a previous backup.
51. The method of claim 50 , further comprising tracking blocks of the memory modified since the peripheral storage device was communicatively coupled with the host computer, wherein only such modified blocks are copied to the second portion of memory.
52. The method of claim 46 , wherein backing up some or all of the data is performed at startup to the peripheral storage device.
53. The method of claim 46 , further comprising storing a previous shutdown state of the peripheral storage device.
54. The method of claim 53 , wherein the peripheral storage device was cleanly ejected or shutdown previous to backing up some of all of the data.
55. The method of claim 46 , further comprising the host computer booting an operating system from the peripheral storage device.
56. A system comprising:
a peripheral storage device comprising a memory and a controller, the memory including a first portion of memory and a second portion of memory, the peripheral storage device communicatively coupled with a host computer for storing data from the host computer to the first portion of memory; and
a controller configured to:
backup some or all of the data to the second portion of memory;
set a pointer to indicate that the first portion of memory is to be used and the second portion of memory is a backup portion;
restore some or all of the data from the backup portion of memory to the first portion of memory to be used; and
change the pointer to indicate that the second portion of memory is to be used and the first portion of memory is to be considered the backup portion.
57. The system of claim 56 , wherein the memory comprises an unsecure area and a secure volume.
58. The system of claim 57 , further comprising a virtual machine image comprising a guest operating system stored within the secure volume.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/171,146 US20140337592A1 (en) | 2009-08-06 | 2014-02-03 | Peripheral device data integrity |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/537,172 US8683088B2 (en) | 2009-08-06 | 2009-08-06 | Peripheral device data integrity |
US14/171,146 US20140337592A1 (en) | 2009-08-06 | 2014-02-03 | Peripheral device data integrity |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/537,172 Continuation US8683088B2 (en) | 2009-08-06 | 2009-08-06 | Peripheral device data integrity |
Publications (1)
Publication Number | Publication Date |
---|---|
US20140337592A1 true US20140337592A1 (en) | 2014-11-13 |
Family
ID=43535647
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/537,172 Active 2029-12-02 US8683088B2 (en) | 2009-08-06 | 2009-08-06 | Peripheral device data integrity |
US14/171,146 Abandoned US20140337592A1 (en) | 2009-08-06 | 2014-02-03 | Peripheral device data integrity |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/537,172 Active 2029-12-02 US8683088B2 (en) | 2009-08-06 | 2009-08-06 | Peripheral device data integrity |
Country Status (1)
Country | Link |
---|---|
US (2) | US8683088B2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20180039437A1 (en) * | 2016-08-02 | 2018-02-08 | Samsung Electronics Co., Ltd. | Method of executing data scrubbing inside a smart storage device |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100228906A1 (en) * | 2009-03-06 | 2010-09-09 | Arunprasad Ramiya Mothilal | Managing Data in a Non-Volatile Memory System |
US8745365B2 (en) * | 2009-08-06 | 2014-06-03 | Imation Corp. | Method and system for secure booting a computer by booting a first operating system from a secure peripheral device and launching a second operating system stored a secure area in the secure peripheral device on the first operating system |
US8782434B1 (en) | 2010-07-15 | 2014-07-15 | The Research Foundation For The State University Of New York | System and method for validating program execution at run-time |
US9122873B2 (en) | 2012-09-14 | 2015-09-01 | The Research Foundation For The State University Of New York | Continuous run-time validation of program execution: a practical approach |
US9069782B2 (en) | 2012-10-01 | 2015-06-30 | The Research Foundation For The State University Of New York | System and method for security and privacy aware virtual machine checkpointing |
Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040135241A1 (en) * | 2002-11-18 | 2004-07-15 | Storcard, Inc. | Secure transaction card with a large storage volume |
US6901493B1 (en) * | 1998-02-24 | 2005-05-31 | Adaptec, Inc. | Method for protecting data of a computer system |
KR20050078027A (en) * | 2004-01-30 | 2005-08-04 | 주식회사 포인칩스 | Portable data storage device for performing data backup function |
US20070179926A1 (en) * | 2006-01-27 | 2007-08-02 | Giga-Byte Communications Inc. | Data backup and restoration methods |
US7337313B2 (en) * | 2002-03-22 | 2008-02-26 | Kabushiki Kaisha Toshiba | Information device, storage medium and initial state restoration method |
US20080196081A1 (en) * | 2006-10-08 | 2008-08-14 | International Business Machines Corporation | Switching between unsecure system software and secure system software |
US20080192928A1 (en) * | 2000-01-06 | 2008-08-14 | Super Talent Electronics, Inc. | Portable Electronic Storage Devices with Hardware Security Based on Advanced Encryption Standard |
US20080209132A1 (en) * | 2007-02-23 | 2008-08-28 | Inventec Corporation | Disk snapshot acquisition method |
US7496765B2 (en) * | 2004-03-22 | 2009-02-24 | International Business Machines Corporation | System, method and program product to prevent unauthorized access to portable memory or storage device |
US20090132752A1 (en) * | 2005-04-19 | 2009-05-21 | Trek 2000 International Ltd | Interface for Non-Volatile Memories |
US7620761B2 (en) * | 2006-10-02 | 2009-11-17 | Egis Technology Inc. | Multi-functional storage apparatus and control method thereof |
US7624233B2 (en) * | 2006-08-22 | 2009-11-24 | Hewlett-Packard Development Company, L.P. | Portable storage device |
Family Cites Families (129)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4578530A (en) | 1981-06-26 | 1986-03-25 | Visa U.S.A., Inc. | End-to-end encryption system and method of operation |
US5010571A (en) | 1986-09-10 | 1991-04-23 | Titan Linkabit Corporation | Metering retrieval of encrypted data stored in customer data retrieval terminal |
JP3641280B2 (en) | 1992-10-30 | 2005-04-20 | インテル・コーポレーション | Method for determining blocks to be cleaned up in a flash EEPROM array |
US5404485A (en) | 1993-03-08 | 1995-04-04 | M-Systems Flash Disk Pioneers Ltd. | Flash file system |
US5479638A (en) * | 1993-03-26 | 1995-12-26 | Cirrus Logic, Inc. | Flash memory mass storage architecture incorporation wear leveling technique |
IL110891A (en) * | 1993-09-14 | 1999-03-12 | Spyrus | System and method for data access control |
US5857021A (en) * | 1995-11-07 | 1999-01-05 | Fujitsu Ltd. | Security system for protecting information stored in portable storage media |
US5893920A (en) * | 1996-09-30 | 1999-04-13 | International Business Machines Corporation | System and method for cache management in mobile user file systems |
JP3656688B2 (en) * | 1997-03-31 | 2005-06-08 | 栄司 岡本 | Cryptographic data recovery method and key registration system |
US6081875A (en) * | 1997-05-19 | 2000-06-27 | Emc Corporation | Apparatus and method for backup of a disk storage system |
US5937425A (en) * | 1997-10-16 | 1999-08-10 | M-Systems Flash Disk Pioneers Ltd. | Flash file system optimized for page-mode flash technologies |
US6094721A (en) * | 1997-10-31 | 2000-07-25 | International Business Machines Corporation | Method and apparatus for password based authentication in a distributed system |
US6092196A (en) * | 1997-11-25 | 2000-07-18 | Nortel Networks Limited | HTTP distributed remote user authentication system |
US6223284B1 (en) * | 1998-04-30 | 2001-04-24 | Compaq Computer Corporation | Method and apparatus for remote ROM flashing and security management for a computer system |
US6987927B1 (en) | 1998-09-09 | 2006-01-17 | Smartdisk Corporation | Enhanced digital data collector for removable memory modules |
US6292899B1 (en) | 1998-09-23 | 2001-09-18 | Mcbride Randall C. | Volatile key apparatus for safeguarding confidential data stored in a computer system memory |
US6539480B1 (en) * | 1998-12-31 | 2003-03-25 | Intel Corporation | Secure transfer of trust in a computing system |
US7272723B1 (en) * | 1999-01-15 | 2007-09-18 | Safenet, Inc. | USB-compliant personal key with integral input and output devices |
US7269844B2 (en) * | 1999-01-15 | 2007-09-11 | Safenet, Inc. | Secure IR communication between a keypad and a token |
AU3312300A (en) | 1999-03-31 | 2000-10-16 | British Telecommunications Public Limited Company | Server computer for guaranteeing files integrity |
US6226752B1 (en) | 1999-05-11 | 2001-05-01 | Sun Microsystems, Inc. | Method and apparatus for authenticating users |
US20020029215A1 (en) | 1999-07-09 | 2002-03-07 | Whitmyer Wesley W. | Web site automating transfer of intellectual property |
WO2001018636A1 (en) | 1999-09-09 | 2001-03-15 | American Express Travel Related Services Company, Inc. | System and method for authenticating a web page |
US20080082813A1 (en) * | 2000-01-06 | 2008-04-03 | Chow David Q | Portable usb device that boots a computer as a server with security measure |
US20010045451A1 (en) * | 2000-02-28 | 2001-11-29 | Tan Warren Yung-Hang | Method and system for token-based authentication |
JP2004508608A (en) | 2000-03-20 | 2004-03-18 | コモド リサーチ ラボ リミテッド | Improvements in how web pages are accessed and used, and improvements related to those methods |
US6715016B1 (en) * | 2000-06-01 | 2004-03-30 | Hitachi, Ltd. | Multiple operating system control method |
GB2369202B (en) * | 2000-08-31 | 2003-03-19 | Sun Microsystems Inc | Computer system and method of operating a computer system |
DE10057697A1 (en) | 2000-11-21 | 2002-05-29 | Fujitsu Siemens Computers Gmbh | storage medium |
WO2002047080A2 (en) | 2000-12-07 | 2002-06-13 | Sandisk Corporation | System, method, and device for playing back recorded audio, video or other content from non-volatile memory cards, compact disks or other media |
US6731536B1 (en) | 2001-03-05 | 2004-05-04 | Advanced Micro Devices, Inc. | Password and dynamic protection of flash memory data |
JP2002278838A (en) | 2001-03-15 | 2002-09-27 | Sony Corp | Memory access control system, device managing device, partition managing device, memory packaged device, memory access control method and program storage medium |
JP4049297B2 (en) | 2001-06-11 | 2008-02-20 | 株式会社ルネサステクノロジ | Semiconductor memory device |
WO2003003295A1 (en) | 2001-06-28 | 2003-01-09 | Trek 2000 International Ltd. | A portable device having biometrics-based authentication capabilities |
US6834795B1 (en) | 2001-06-29 | 2004-12-28 | Sun Microsystems, Inc. | Secure user authentication to computing resource via smart card |
MXPA03011964A (en) | 2001-07-05 | 2004-03-26 | Matsushita Electric Ind Co Ltd | Recording apparatus, medium, method, and related computer program. |
US6993661B1 (en) | 2001-08-09 | 2006-01-31 | Garfinkel Simson L | System and method that provides for the efficient and effective sanitizing of disk storage units and the like |
US7266699B2 (en) * | 2001-08-30 | 2007-09-04 | Application Security, Inc. | Cryptographic infrastructure for encrypting a database |
US7747531B2 (en) | 2002-02-05 | 2010-06-29 | Pace Anti-Piracy | Method and system for delivery of secure software license information |
US20030159053A1 (en) * | 2002-02-19 | 2003-08-21 | Charles Fauble | Secure reconfigurable input device with transaction card reader |
JP3743509B2 (en) | 2002-03-20 | 2006-02-08 | セイコーエプソン株式会社 | Data transfer control device and electronic device |
US8332650B2 (en) | 2002-03-22 | 2012-12-11 | Microsoft Corporation | Systems and methods for setting and resetting a password |
US20030204754A1 (en) | 2002-04-26 | 2003-10-30 | International Business Machines Corporation | Controlling access to data stored on a storage device of a computer system |
JP3933003B2 (en) * | 2002-07-30 | 2007-06-20 | 株式会社日立製作所 | IC card and payment terminal |
US20050044385A1 (en) | 2002-09-09 | 2005-02-24 | John Holdsworth | Systems and methods for secure authentication of electronic transactions |
CZ2005209A3 (en) | 2002-09-10 | 2005-12-14 | Ivi Smart Technologies, Inc. | Safe biometric verification of identity |
US7395435B2 (en) | 2002-09-20 | 2008-07-01 | Atmel Corporation | Secure memory device for smart cards |
US7437752B2 (en) * | 2002-09-23 | 2008-10-14 | Credant Technologies, Inc. | Client architecture for portable device with security policies |
US7325134B2 (en) | 2002-10-08 | 2008-01-29 | Koolspan, Inc. | Localized network authentication and security using tamper-resistant keys |
US7478248B2 (en) | 2002-11-27 | 2009-01-13 | M-Systems Flash Disk Pioneers, Ltd. | Apparatus and method for securing data on a portable storage device |
US20040103325A1 (en) | 2002-11-27 | 2004-05-27 | Priebatsch Mark Herbert | Authenticated remote PIN unblock |
US20040123113A1 (en) | 2002-12-18 | 2004-06-24 | Svein Mathiassen | Portable or embedded access and input devices and methods for giving access to access limited devices, apparatuses, appliances, systems or networks |
US6776332B2 (en) | 2002-12-26 | 2004-08-17 | Micropin Technologies Inc. | System and method for validating and operating an access card |
US7181016B2 (en) | 2003-01-27 | 2007-02-20 | Microsoft Corporation | Deriving a symmetric key from an asymmetric key for file encryption or decryption |
US7596625B2 (en) * | 2003-01-27 | 2009-09-29 | Microsoft Corporation | Peer-to-peer grouping interfaces and methods |
US6920527B2 (en) | 2003-02-11 | 2005-07-19 | Standard Microsystems Corporation | Portable RAM drive |
US20040177258A1 (en) | 2003-03-03 | 2004-09-09 | Ong Peng T. | Secure object for convenient identification |
US7003621B2 (en) | 2003-03-25 | 2006-02-21 | M-System Flash Disk Pioneers Ltd. | Methods of sanitizing a flash-based data storage device |
US6961852B2 (en) * | 2003-06-19 | 2005-11-01 | International Business Machines Corporation | System and method for authenticating software using hidden intermediate keys |
US20050015540A1 (en) | 2003-07-18 | 2005-01-20 | Hung-Chou Tsai | Auto-executable portable data storage device and the method of auto-execution thereof |
GB2404305B (en) * | 2003-07-22 | 2005-07-06 | Research In Motion Ltd | Security for mobile communications device |
US20050044377A1 (en) * | 2003-08-18 | 2005-02-24 | Yen-Hui Huang | Method of authenticating user access to network stations |
US7107416B2 (en) | 2003-09-08 | 2006-09-12 | International Business Machines Corporation | Method, system, and program for implementing retention policies to archive records |
US7762470B2 (en) | 2003-11-17 | 2010-07-27 | Dpd Patent Trust Ltd. | RFID token with multiple interface controller |
US7313691B2 (en) | 2003-11-18 | 2007-12-25 | International Business Machines Corporation | Internet site authentication service |
US7330977B2 (en) * | 2003-12-30 | 2008-02-12 | Lenovo Pte Ltd | Apparatus, system, and method for secure mass storage backup |
JP4701615B2 (en) | 2004-01-23 | 2011-06-15 | ソニー株式会社 | Information storage device |
EP1745660B1 (en) * | 2004-04-30 | 2012-01-11 | Research In Motion Limited | System and method for handling restoration operations on mobile devices |
US7370166B1 (en) | 2004-04-30 | 2008-05-06 | Lexar Media, Inc. | Secure portable storage device |
US7325724B2 (en) * | 2004-07-01 | 2008-02-05 | American Express Travel Related Services Company, Inc. | Method for registering a biometric for use with a smartcard |
US20060041932A1 (en) * | 2004-08-23 | 2006-02-23 | International Business Machines Corporation | Systems and methods for recovering passwords and password-protected data |
US7421440B2 (en) | 2004-08-24 | 2008-09-02 | Microsoft Corporation | Method and system for importing data |
US20060069819A1 (en) | 2004-09-28 | 2006-03-30 | Microsoft Corporation | Universal serial bus device |
JP2006127106A (en) | 2004-10-28 | 2006-05-18 | Hitachi Ltd | Storage system and its control method |
US7587608B2 (en) | 2004-11-30 | 2009-09-08 | Sap Ag | Method and apparatus for storing data on the application layer in mobile devices |
US7502256B2 (en) | 2004-11-30 | 2009-03-10 | Siliconsystems, Inc. | Systems and methods for reducing unauthorized data recovery from solid-state storage devices |
US7275139B1 (en) | 2004-12-02 | 2007-09-25 | Tormasov Alexander G | Secure deletion of information from hard disk drive |
US7581118B2 (en) | 2004-12-14 | 2009-08-25 | Netapp, Inc. | Disk sanitization using encryption |
US7305387B2 (en) * | 2004-12-30 | 2007-12-04 | Sap, Aktiengesellschaft | Method and apparatus for managing data object size in a multi-user environment |
US7418568B2 (en) * | 2005-01-05 | 2008-08-26 | Sap Ag | Memory management technique |
US8045714B2 (en) | 2005-02-07 | 2011-10-25 | Microsoft Corporation | Systems and methods for managing multiple keys for file encryption and decryption |
US7721115B2 (en) * | 2005-02-16 | 2010-05-18 | Cypress Semiconductor Corporation | USB secure storage apparatus and method |
WO2006093917A2 (en) * | 2005-02-28 | 2006-09-08 | Trust Digital | Mobile data security system and methods |
US7698442B1 (en) | 2005-03-03 | 2010-04-13 | Voltage Security, Inc. | Server-based universal resource locator verification service |
US7224209B2 (en) * | 2005-03-03 | 2007-05-29 | Etron Technology, Inc. | Speed-up circuit for initiation of proportional to absolute temperature biasing circuits |
EP1882242A4 (en) * | 2005-05-19 | 2011-05-25 | Fusionone Inc | Remote cell phone auto destruct |
US7461218B2 (en) * | 2005-06-29 | 2008-12-02 | Intel Corporation | Size-based interleaving in a packet-based link |
US8438647B2 (en) | 2005-07-14 | 2013-05-07 | Imation Corp. | Recovery of encrypted data from a secure storage device |
US8321953B2 (en) * | 2005-07-14 | 2012-11-27 | Imation Corp. | Secure storage device with offline code entry |
US8015606B1 (en) | 2005-07-14 | 2011-09-06 | Ironkey, Inc. | Storage device with website trust indication |
US8335920B2 (en) * | 2005-07-14 | 2012-12-18 | Imation Corp. | Recovery of data access for a locked secure storage device |
TWM288401U (en) | 2005-07-15 | 2006-03-01 | Genesys Logic Inc | Highly efficient data characteristics recognition device for flash memory |
TW200705180A (en) | 2005-07-29 | 2007-02-01 | Genesys Logic Inc | Adjustable flash memory management system and method |
TW200705179A (en) | 2005-07-29 | 2007-02-01 | Genesys Logic Inc | Efficient data property identification method for a flash memory |
US7409489B2 (en) * | 2005-08-03 | 2008-08-05 | Sandisk Corporation | Scheduling of reclaim operations in non-volatile memory |
US20070067620A1 (en) | 2005-09-06 | 2007-03-22 | Ironkey, Inc. | Systems and methods for third-party authentication |
US8528096B2 (en) * | 2005-10-07 | 2013-09-03 | Stmicroelectronics, Inc. | Secure universal serial bus (USB) storage device and method |
WO2007058732A2 (en) | 2005-11-10 | 2007-05-24 | Markmonitor Inc. | B2c authentication system and methods |
US8353029B2 (en) | 2005-11-10 | 2013-01-08 | Microsoft Corporation | On demand protection against web resources associated with undesirable activities |
US7680643B2 (en) * | 2005-11-17 | 2010-03-16 | International Business Machines Corporation | Method for carrying multiple suspended runtime images |
EP1952575B1 (en) * | 2005-11-18 | 2017-12-27 | Security First Corp. | Secure data parser method and system |
US20070180509A1 (en) | 2005-12-07 | 2007-08-02 | Swartz Alon R | Practical platform for high risk applications |
US20070143530A1 (en) | 2005-12-15 | 2007-06-21 | Rudelic John C | Method and apparatus for multi-block updates with secure flash memory |
US7747837B2 (en) | 2005-12-21 | 2010-06-29 | Sandisk Corporation | Method and system for accessing non-volatile storage devices |
TWI312112B (en) * | 2005-12-30 | 2009-07-11 | Ind Tech Res Inst | Data managing method, method and apparatus to snapshot data for multiple volumes to a single snapshot volume in a data processing system |
US20070181698A1 (en) | 2006-02-09 | 2007-08-09 | Wilson Jeff K | Portable programmable memory device insertable into a computer controlled display system with apparatus for recognizing computer display system and displaying dialog prompting selection of featured files for the system |
US8291226B2 (en) | 2006-02-10 | 2012-10-16 | Qualcomm Incorporated | Method and apparatus for securely booting from an external storage device |
CN100580642C (en) * | 2006-02-28 | 2010-01-13 | 国际商业机器公司 | Universal serial bus storage device and access control method thereof |
US20070206247A1 (en) | 2006-03-01 | 2007-09-06 | Intouch Group, Inc. | System, apparatus, and method for managing preloaded digital files for preview on a digital media playback apparatus |
US7926054B2 (en) | 2006-03-03 | 2011-04-12 | Novell, Inc. | System, method, and computer-readable medium for virtual machine instantiation from an external peripheral device |
US7395377B2 (en) * | 2006-04-20 | 2008-07-01 | International Business Machines Corporation | Method and system for adaptive back-off and advance for non-volatile storage (NVS) occupancy level management |
US20070266421A1 (en) * | 2006-05-12 | 2007-11-15 | Redcannon, Inc. | System, method and computer program product for centrally managing policies assignable to a plurality of portable end-point security devices over a network |
US8140863B2 (en) | 2006-05-18 | 2012-03-20 | Research In Motion Limited | Automatic security action invocation for mobile communications device |
US20070300031A1 (en) | 2006-06-22 | 2007-12-27 | Ironkey, Inc. | Memory data shredder |
US7698480B2 (en) * | 2006-07-06 | 2010-04-13 | Sandisk Il Ltd. | Portable storage device with updatable access permission |
US20080040613A1 (en) * | 2006-08-14 | 2008-02-14 | David Carroll Challener | Apparatus, system, and method for secure password reset |
EP1890493A1 (en) * | 2006-08-17 | 2008-02-20 | Nagracard S.A. | Method for revocating security modules used to secure broadcast messages |
US7743422B2 (en) * | 2006-08-21 | 2010-06-22 | International Business Machines Corporation | System and method for validating a computer platform when booting from an external device |
US7631158B2 (en) * | 2007-01-31 | 2009-12-08 | Inventec Corporation | Disk snapshot method using a copy-on-write table in a user space |
US8701010B2 (en) * | 2007-03-12 | 2014-04-15 | Citrix Systems, Inc. | Systems and methods of using the refresh button to determine freshness policy |
US7809818B2 (en) * | 2007-03-12 | 2010-10-05 | Citrix Systems, Inc. | Systems and method of using HTTP head command for prefetching |
US8037126B2 (en) * | 2007-03-12 | 2011-10-11 | Citrix Systems, Inc. | Systems and methods of dynamically checking freshness of cached objects based on link status |
US8024790B2 (en) * | 2007-04-11 | 2011-09-20 | Trend Micro Incorporated | Portable secured computing environment for performing online confidential transactions in untrusted computers |
JP2008287505A (en) * | 2007-05-17 | 2008-11-27 | Toshiba Corp | Information processor and legacy emulation processing stop control method |
WO2009137371A2 (en) * | 2008-05-02 | 2009-11-12 | Ironkey, Inc. | Enterprise device recovery |
US20090307451A1 (en) | 2008-06-10 | 2009-12-10 | Microsoft Corporation | Dynamic logical unit number creation and protection for a transient storage device |
US20100228906A1 (en) | 2009-03-06 | 2010-09-09 | Arunprasad Ramiya Mothilal | Managing Data in a Non-Volatile Memory System |
US20100250796A1 (en) * | 2009-03-27 | 2010-09-30 | David Jevans | Establishing a Secure Channel between a Server and a Portable Device |
US8745365B2 (en) * | 2009-08-06 | 2014-06-03 | Imation Corp. | Method and system for secure booting a computer by booting a first operating system from a secure peripheral device and launching a second operating system stored a secure area in the secure peripheral device on the first operating system |
-
2009
- 2009-08-06 US US12/537,172 patent/US8683088B2/en active Active
-
2014
- 2014-02-03 US US14/171,146 patent/US20140337592A1/en not_active Abandoned
Patent Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6901493B1 (en) * | 1998-02-24 | 2005-05-31 | Adaptec, Inc. | Method for protecting data of a computer system |
US20080192928A1 (en) * | 2000-01-06 | 2008-08-14 | Super Talent Electronics, Inc. | Portable Electronic Storage Devices with Hardware Security Based on Advanced Encryption Standard |
US7337313B2 (en) * | 2002-03-22 | 2008-02-26 | Kabushiki Kaisha Toshiba | Information device, storage medium and initial state restoration method |
US20040135241A1 (en) * | 2002-11-18 | 2004-07-15 | Storcard, Inc. | Secure transaction card with a large storage volume |
KR20050078027A (en) * | 2004-01-30 | 2005-08-04 | 주식회사 포인칩스 | Portable data storage device for performing data backup function |
US7496765B2 (en) * | 2004-03-22 | 2009-02-24 | International Business Machines Corporation | System, method and program product to prevent unauthorized access to portable memory or storage device |
US20090132752A1 (en) * | 2005-04-19 | 2009-05-21 | Trek 2000 International Ltd | Interface for Non-Volatile Memories |
US20070179926A1 (en) * | 2006-01-27 | 2007-08-02 | Giga-Byte Communications Inc. | Data backup and restoration methods |
US7624233B2 (en) * | 2006-08-22 | 2009-11-24 | Hewlett-Packard Development Company, L.P. | Portable storage device |
US7620761B2 (en) * | 2006-10-02 | 2009-11-17 | Egis Technology Inc. | Multi-functional storage apparatus and control method thereof |
US20080196081A1 (en) * | 2006-10-08 | 2008-08-14 | International Business Machines Corporation | Switching between unsecure system software and secure system software |
US20080209132A1 (en) * | 2007-02-23 | 2008-08-28 | Inventec Corporation | Disk snapshot acquisition method |
US7809908B2 (en) * | 2007-02-23 | 2010-10-05 | Inventec Corporation | Disk snapshot acquisition method |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20180039437A1 (en) * | 2016-08-02 | 2018-02-08 | Samsung Electronics Co., Ltd. | Method of executing data scrubbing inside a smart storage device |
CN107678982A (en) * | 2016-08-02 | 2018-02-09 | 三星电子株式会社 | Safe storage and the method that data scrubbing is performed in smart storage device |
US10824348B2 (en) * | 2016-08-02 | 2020-11-03 | Samsung Electronics Co., Ltd. | Method of executing conditional data scrubbing inside a smart storage device |
Also Published As
Publication number | Publication date |
---|---|
US20110035513A1 (en) | 2011-02-10 |
US8683088B2 (en) | 2014-03-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9722977B2 (en) | Secure host authentication using symmetric key crytography | |
US20140337592A1 (en) | Peripheral device data integrity | |
US8745365B2 (en) | Method and system for secure booting a computer by booting a first operating system from a secure peripheral device and launching a second operating system stored a secure area in the secure peripheral device on the first operating system | |
KR101699998B1 (en) | Secure storage of temporary secrets | |
US8464073B2 (en) | Method and system for secure data storage | |
US8225109B1 (en) | Method and apparatus for generating a compressed and encrypted baseline backup | |
JP2016025616A (en) | Method for protecting data stored in disk drive, and portable computer | |
US11368299B2 (en) | Self-encryption drive (SED) | |
CN108170562B (en) | Solid state disk and data processing method and system thereof | |
Skillen et al. | Mobiflage: Deniable storage encryptionfor mobile devices | |
JP2008072717A (en) | Hard disc streaming cryptographic operations with embedded authentication | |
Swanson et al. | Safe: Fast, verifiable sanitization for ssds | |
TWI711940B (en) | Device, system, and method for secure snapshot management for data storage devices | |
WO2022127464A1 (en) | Crypto-erasure of data stored in key per io-enabled device via internal action | |
CN109766215B (en) | Data processing method and device | |
US9384353B2 (en) | System and method for encryption of disk based on pre-boot compatibility testing | |
US10642984B2 (en) | Secure drive and method for booting to known good-state | |
US9330282B2 (en) | Instruction cards for storage devices | |
CN106845261A (en) | A kind of method and device of destruction SSD hard disc datas | |
US10261920B2 (en) | Static image RAM drive | |
EP4174701A1 (en) | Methods and systems for secure data storage | |
US20130117550A1 (en) | Accessing secure volumes | |
US20220123932A1 (en) | Data storage device encryption | |
RU2580014C2 (en) | System and method for changing mask of encrypted region during breakdown in computer system | |
CN110334501B (en) | Data protection method, device and equipment based on USB flash disk |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |