-
公开(公告)号:US09984256B2
公开(公告)日:2018-05-29
申请号:US14900962
申请日:2014-05-15
申请人: SEAGATE TECHNOLOGY LLC , Hong Liu , Abhay Kataria , Chao Chen , WeiWei Feng , Monty Forehand , William Erik Anderson
发明人: Hong Liu , Abhay Kataria , Chao Chen , WeiWei Feng , Monty A. Forehand , William Erik Anderson
IPC分类号: G06F1/26 , G06F11/00 , G08B13/00 , G08B21/00 , G08B29/00 , G06F21/73 , G06F21/57 , G06F21/86 , G06F21/79 , G06F21/80
摘要: Apparatus and method for detecting unauthorized tampering with a data storage device having a housing and a memory. A first identifier value is stored on an external surface of the housing and a second identifier value is stored within the memory. The first and second identifier values are combined in a predetermined order to form a combined identifier value for which a digital signature is generated using a private key, and the digital signature is stored on the storage device. The digital signature, the first and second identifier values, and one or more dummy identification values are retrieved from the storage device and stored in a memory of a verification device, which combines the retrieved first and second identifier values in the predetermined order to generate a retrieved combined identifier value. The storage device is authenticated using the retrieved combined identifier value, the digital signature and a public key.
-
2.发明申请公开(公告)号:US20160255063A1
公开(公告)日:2016-09-01
申请号:US14632243
申请日:2015-02-26
发明人: YiNan Zhang , David R. Kaiser , Wajahat Ali , Monty A. Forehand
CPC分类号: H04L63/08 , G06F11/0727 , G06F11/079 , H04L63/0428 , H04L63/0876 , H04L67/1097 , H04L69/40
摘要: Apparatus and method for in situ authentication and diagnostic repair of a data storage device in a multi-device user environment. In accordance with some embodiments, the method includes detecting an error condition associated with a selected data storage device in the multi-device user environment. A first level of user authentication is established by providing a challenge value generated by the selected data storage device to a remote device over a network associated with the selected data storage device. A first diagnostic tool stored on the selected data storage device is executed responsive to receipt of the first level of user authentication. A second level of user authentication is established by providing a second challenge value generated by the selected data storage device to the remote device. An output from the first diagnostic tool is used to execute a second diagnostic tool stored on the selected data storage device.
摘要翻译: 用于多设备用户环境中数据存储设备的原位认证和诊断修复的装置和方法。 根据一些实施例,该方法包括检测与多设备用户环境中的所选数据存储设备相关联的错误状况。 通过通过与所选择的数据存储设备相关联的网络向远程设备提供由所选择的数据存储设备生成的质询值来建立第一级用户认证。 响应于接收到第一级用户认证而执行存储在所选择的数据存储设备上的第一诊断工具。 通过向所述远程设备提供由所选数据存储设备生成的第二挑战值来建立第二级用户认证。 来自第一诊断工具的输出用于执行存储在所选择的数据存储设备上的第二诊断工具。
-
公开(公告)号:US09729534B2
公开(公告)日:2017-08-08
申请号:US14632243
申请日:2015-02-26
发明人: YiNan Zhang , David R. Kaiser , Wajahat Ali , Monty A. Forehand
CPC分类号: H04L63/08 , G06F11/0727 , G06F11/079 , H04L63/0428 , H04L63/0876 , H04L67/1097 , H04L69/40
摘要: Apparatus and method for in situ authentication and diagnostic repair of a data storage device in a multi-device user environment. In accordance with some embodiments, the method includes detecting an error condition associated with a selected data storage device in the multi-device user environment. A first level of user authentication is established by providing a challenge value generated by the selected data storage device to a remote device over a network associated with the selected data storage device. A first diagnostic tool stored on the selected data storage device is executed responsive to receipt of the first level of user authentication. A second level of user authentication is established by providing a second challenge value generated by the selected data storage device to the remote device. An output from the first diagnostic tool is used to execute a second diagnostic tool stored on the selected data storage device.
-
公开(公告)号:US09489508B2
公开(公告)日:2016-11-08
申请号:US14540784
申请日:2014-11-13
CPC分类号: G06F21/44 , G06F21/80 , G06F2221/2103 , G06F2221/2107 , H04L9/0643 , H04L63/0853
摘要: Apparatus and method for controlling access to protected functionality of a data storage device. In some embodiments, a plurality of identification (ID) values associated with a data storage device are combined to form a combined ID value. The combined ID value is cryptographically processed using a secret symmetric encryption key in combination with a hash function or a key derivation function to generate a unique device credential for the data storage device. The unique device credential is used as an input to a selected cryptographic function to control access to a protected function of the data storage device.
摘要翻译: 用于控制对数据存储设备的受保护功能的访问的装置和方法。 在一些实施例中,与数据存储设备相关联的多个识别(ID)值被组合以形成组合的ID值。 组合的ID值使用秘密对称加密密钥与散列函数或密钥导出函数组合进行加密处理,以生成用于数据存储设备的唯一设备凭证。 独特的设备凭证被用作所选密码功能的输入,以控制对数据存储设备的保护功能的访问。
-
公开(公告)号:US09584498B1
公开(公告)日:2017-02-28
申请号:US14245900
申请日:2014-04-04
IPC分类号: H04L29/06
CPC分类号: H04L63/08 , G06F21/12 , G06F21/445 , G06F21/74 , G06F2221/0731 , G06F2221/0735 , H04L63/126 , H04M1/7253 , H04M1/72563 , H04M1/72577 , H04W4/50 , H04W4/80
摘要: The present disclosure relates to feature activation using near field communication. In an embodiment, a device may include a chip to receive and store wireless communications. An activation package may be stored to the chip, and identify a set of features to enable or disable on the device. The device may include a processor to detect the activation package and initiate device operations based on the identified set of features. In some embodiments, the chip may receive and store information while the device is in a powered-off state, and the processor may detect the activation package at a power on event.
摘要翻译: 本公开涉及使用近场通信的特征激活。 在一个实施例中,设备可以包括用于接收和存储无线通信的芯片。 激活包可以被存储到芯片,并且识别在设备上启用或禁用的一组特征。 该设备可以包括处理器,用于基于所识别的特征集来检测激活包并启动设备操作。 在一些实施例中,芯片可以在设备处于关机状态时接收和存储信息,并且处理器可以在开机事件时检测激活包。
-
公开(公告)号:US20160140334A1
公开(公告)日:2016-05-19
申请号:US14540784
申请日:2014-11-13
IPC分类号: G06F21/44
CPC分类号: G06F21/44 , G06F21/80 , G06F2221/2103 , G06F2221/2107 , H04L9/0643 , H04L63/0853
摘要: Apparatus and method for controlling access to protected functionality of a data storage device. In some embodiments, a plurality of identification (ID) values associated with a data storage device are combined to form a combined ID value. The combined ID value is cryptographically processed using a secret symmetric encryption key in combination with a hash function or a key derivation function to generate a unique device credential for the data storage device. The unique device credential is used as an input to a selected cryptographic function to control access to a protected function of the data storage device.
摘要翻译: 用于控制对数据存储设备的受保护功能的访问的装置和方法。 在一些实施例中,与数据存储设备相关联的多个识别(ID)值被组合以形成组合的ID值。 组合的ID值使用秘密对称加密密钥与散列函数或密钥导出函数组合进行加密处理,以生成用于数据存储设备的唯一设备凭证。 独特的设备凭证被用作所选密码功能的输入,以控制对数据存储设备的保护功能的访问。
-
公开(公告)号:US20150248568A1
公开(公告)日:2015-09-03
申请号:US14194290
申请日:2014-02-28
CPC分类号: G06F21/78 , G06F21/6218 , G06F2221/0748
摘要: Apparatus and method for data security through the use of an encrypted keystore data structure. In accordance with some embodiments, first and second sets of input data are respectively encrypted using first and second encryption keys to form corresponding first and second encrypted data sets. The first and second encryption keys are combined to form a string. A hidden key stored within a system on chip (SOC) is used to encrypt the string to form an encrypted keystore data structure, and the first and second encrypted data sets and the encrypted keystore data structure are stored in a memory.
摘要翻译: 通过使用加密密钥库数据结构的数据安全的装置和方法。 根据一些实施例,使用第一和第二加密密钥分别加密第一和第二组输入数据,以形成对应的第一和第二加密数据集。 第一和第二加密密钥被组合形成一个字符串。 使用存储在片上系统(SOC)中的隐藏密钥来加密字符串以形成加密的密钥库数据结构,并且将第一和第二加密数据集和加密的密钥库数据结构存储在存储器中。
-
公开(公告)号:US09443111B2
公开(公告)日:2016-09-13
申请号:US14194290
申请日:2014-02-28
CPC分类号: G06F21/78 , G06F21/6218 , G06F2221/0748
摘要: Apparatus and method for data security through the use of an encrypted keystore data structure. In accordance with some embodiments, first and second sets of input data are respectively encrypted using first and second encryption keys to form corresponding first and second encrypted data sets. The first and second encryption keys are combined to form a string. A hidden key stored within a system on chip (SOC) is used to encrypt the string to form an encrypted keystore data structure, and the first and second encrypted data sets and the encrypted keystore data structure are stored in a memory.
摘要翻译: 通过使用加密密钥库数据结构的数据安全的装置和方法。 根据一些实施例,使用第一和第二加密密钥分别加密第一和第二组输入数据,以形成对应的第一和第二加密数据集。 第一和第二加密密钥被组合形成一个字符串。 使用存储在片上系统(SOC)中的隐藏密钥来加密字符串以形成加密的密钥库数据结构,并且将第一和第二加密数据集和加密的密钥库数据结构存储在存储器中。
-
公开(公告)号:US20150127930A1
公开(公告)日:2015-05-07
申请号:US14073034
申请日:2013-11-06
IPC分类号: G06F21/57
CPC分类号: G06F21/572 , G06F2221/2101 , G06F2221/2103 , G06F2221/2105
摘要: Apparatus and method for performing authentication processing during device initialization. In accordance with some embodiments, a data storage device has a main memory which stores user data from a host, and a controller with initialization programming stored in a boot memory. The initialization programming is executed by the controller to transition the data storage device from an inactive state to a normal operational mode. During a bootstrap mode, the controller generates a first authentication token, receives a second authentication token responsive to the first authentication token, and authorizes use of new system programming responsive to the second authentication token. The new system programming is stored in a local memory of the data storage device and executed by the controller during the normal operational mode.
摘要翻译: 在设备初始化期间执行认证处理的装置和方法。 根据一些实施例,数据存储设备具有存储来自主机的用户数据的主存储器和存储在引导存储器中的初始化程序的控制器。 由控制器执行初始化编程,以将数据存储设备从非活动状态转换到正常操作模式。 在引导模式期间,控制器生成第一认证令牌,响应于第一认证令牌接收第二认证令牌,并且响应于第二认证令牌授权使用新的系统编程。 新的系统编程存储在数据存储设备的本地存储器中,并且在正常操作模式期间由控制器执行。
-
-
-
-
-
-
-
-
搜索结果
9 条记录 (耗时 0.032 秒)
