发明授权
US07757100B2 Protected volume on a data storage device with dual operating systems and configurable access and encryption controls
有权
具有双操作系统和可配置访问和加密控制的数据存储设备上的受保护卷
- 专利标题: Protected volume on a data storage device with dual operating systems and configurable access and encryption controls
- 专利标题(中): 具有双操作系统和可配置访问和加密控制的数据存储设备上的受保护卷
-
申请号: US12126759申请日: 2008-05-23
-
公开(公告)号: US07757100B2公开(公告)日: 2010-07-13
- 发明人: Gregg D. Weissman , Hon Tran , Gregory W. Dalcher , Jay H. Hoffmeier , James E. Zmuda , Mark J. Sutherland , Michael T. Guttman
- 申请人: Gregg D. Weissman , Hon Tran , Gregory W. Dalcher , Jay H. Hoffmeier , James E. Zmuda , Mark J. Sutherland , Michael T. Guttman
- 申请人地址: US CA San Jose
- 专利权人: Spyrus, Inc.
- 当前专利权人: Spyrus, Inc.
- 当前专利权人地址: US CA San Jose
- 代理机构: Sheldon Mak Rose & Anderson
- 代理商 Norman R. Van Treeck
- 主分类号: G06F11/30
- IPC分类号: G06F11/30 ; G06F12/14 ; G06F9/00 ; G06F15/177 ; H04L9/32 ; H04L9/00 ; G06F12/00 ; G06F13/00 ; G06F13/28 ; G06F15/167
摘要:
A method provides a protected region of a data storage device associated with a computational device, where data in the protected region is primarily protected by preventing access without proper access authorization. The method comprises the steps of providing, in an unprotected region of the data storage device, a first operating system and associated operating system data; monitoring operating system data accessed by the computational device until a predetermined functionality becomes available; storing, in the protected region, the monitored operating system data; providing, in the protected region, a second operating system; transferring control of the computational device from the first operating system to the second operating system; storing data in the protected region; and preventing access to the stored data in the protected region without access authorization. In a further embodiment of the method, the second operating system optionally provides a second level of security by preventing decryption of data stored in the protected region without decryption authorization.