-
公开(公告)号:US11698975B2
公开(公告)日:2023-07-11
申请号:US16801830
申请日:2020-02-26
IPC分类号: G06F21/57
CPC分类号: G06F21/577 , G06F2221/034
摘要: A distributed data storage system can have an attestation module that is connected to the data storage device to disconnect the device from a distributed data storage network or prevent the data storage device from being initialized into the distributed data storage network. A first security evaluation of the data storage device can be conducted with the attestation module to verify an authenticity of the data storage device. The attestation module may then disconnect the network controller from the distributed data storage network and verify an authenticity of the network controller to allow the network controller and data storage device to service a data access request from a host of the distributed data storage network.
-
公开(公告)号:US20210144133A1
公开(公告)日:2021-05-13
申请号:US16677726
申请日:2019-11-08
IPC分类号: H04L29/06
摘要: Apparatus and method for local authentication of a collection of processing devices, such as but not limited to storage devices (e.g., SSDs, etc.). In some embodiments, an edge computing device is coupled between the collection of processing devices and an external network. The edge computing device performs a network authentication over the external network with a remote server using an edge token. The edge computing device further performs a local authentication of the collection using storage tokens of the respective processing devices, with the local authentication not utilizing the external network or the remote server. Both the edge token and the storage tokens may be generated from a client token of a client device.
-
公开(公告)号:US10956068B2
公开(公告)日:2021-03-23
申请号:US16409425
申请日:2019-05-10
摘要: A data storage device can have one or more timestamps to indicate chronological information associated with data stored in the data storage device. A controller may be connected to a timestamp module and a transducing head to allow a timestamp to be written to a magnetic data storage medium as directed by the timestamp module. The timestamp can consist of chronological information relating to user-generated data stored on the data storage medium.
-
公开(公告)号:US10382201B1
公开(公告)日:2019-08-13
申请号:US15214965
申请日:2016-07-20
IPC分类号: H04L29/06 , H04L9/08 , H04L9/32 , G06F21/80 , G06F9/4401
摘要: Security of data storage devices and servers can be improved by the system and methods described herein. In some embodiments, a key management device of a server can be a locally (or virtually) located data storage device such as a HDD or SDD. The key management device may be part of a server system and can have a secure area protected by a cryptographic module (e.g. hardware integrated circuit). The secure area can store a certificate needed to authenticate another data storage device coupled to the server. A second server may authenticate the certificate and provide the access key to the another data storage device.
-
公开(公告)号:US11645393B2
公开(公告)日:2023-05-09
申请号:US16946478
申请日:2020-06-24
CPC分类号: G06F21/575 , G06F3/0622 , G06F3/0632 , G06F3/0658 , G06F3/0673 , G06F21/54 , G06F21/554 , G06F21/78
摘要: A data storage device can employ a front end bus for boot operations. The physical connection of a secure boot assembly to the front end bus can provide efficient and reliable booting of the data storage device without a connection to a remote host or network. A secure boot assembly can provide a security module that connects to the boot module of the data storage device to authenticate a trustworthiness of the data storage device while the data storage device is disconnected from any remote host.
-
公开(公告)号:US11449643B2
公开(公告)日:2022-09-20
申请号:US16801861
申请日:2020-02-26
摘要: A distributed data storage system can connect a customization module to at least one host and a second data storage device via a network controller. The customization module may disconnect the first data storage device from the host and second data storage device prior to assessing a security operation of the first data storage device with the customization module, generating an optimization strategy with the customization module based on the assessed security operation, implementing the optimization strategy in the first data storage device to alter at least one security parameter of the first data storage device, and then connecting the first data storage device to the host and second data storage device to allow at least one data access to be executed to the first data storage device with the altered at least one security parameter.
-
公开(公告)号:US11120151B1
公开(公告)日:2021-09-14
申请号:US15667533
申请日:2017-08-02
摘要: Security of computers, data storage devices, and servers can be improved with a multiple key access system. In some embodiments, a local key management device can be a locally (or virtually) located data storage device such as a HDD or SDD. The key management device may be part of a computer or server system and can have a first secure area protected by a cryptographic module (e.g. hardware integrated circuit). The first secure area can store a key to access a second secure area, which may function as a local key management server (LKMS) and store access information to securely communicate with and unlock another data storage device coupled to the computer. For example, the LKMS may store an access key to provide the computer with access to another data storage device. Communications between the LKMS and the other data storage device may be encrypted using a communication key.
-
公开(公告)号:US10803206B2
公开(公告)日:2020-10-13
申请号:US16278571
申请日:2019-02-18
摘要: Systems and methods for wireless enabled security in relation to a storage drive are described. In one embodiment, the systems and methods may include receiving, at a storage drive, a request from a host of the storage drive. In some cases, the request may be received via a wired connection between the storage drive and the host. In some embodiments, the systems and methods may include determining whether the request is flagged by the host as a secure connection request, processing the request upon determining the request is not flagged as a secure connection request, and establishing a wireless connection with the host upon determining the request is flagged by the host as a secure connection request.
-
9.发明授权公开(公告)号:US10474361B1
公开(公告)日:2019-11-12
申请号:US15969332
申请日:2018-05-02
摘要: Apparatus and method for managing data. A host device is coupled to multiple hybrid data storage devices each having a primary non-volatile memory (NVM), a secondary NVM, a top level controller and a secondary controller. During a normal I/O processing mode, host access commands are serviced by the top level controllers to direct transfers with the respective primary and secondary NVMs. During a front end I/O processing mode, the host device forms a consolidated, distributed memory space in which data are separately stored to the secondary NVMs by the host device. The primary NVM may be rotatable recording media and the secondary NVM may be flash memory. The secondary NVM may be in the form of removable SSD cards that plug into the storage devices to support replacement and performance upgrades, as well as allowing transitions between cold and hot data storage modes in a single system.
-
公开(公告)号:US20210194870A1
公开(公告)日:2021-06-24
申请号:US16719288
申请日:2019-12-18
摘要: Method and apparatus for implementing data security and privacy for a processing device. In some embodiments, the processing device is authenticated using a trusted authority. Self-authentication information is stored in a keystore of the processing device as a result of the authentication. The processing device subsequently operates in an untrusted mode by performing self-authentications using the self-authentication information in the keystore without further reference to the trusted authority. The trusted authority can be a remote server with which the processing device communicates over a network. The processing device can subsequently transition to a trust mode in which all authentications take place with the trusted authority without reference to the keystore. The processing device can be a data storage device such as a solid-state drive (SSD), a hard disc drive (HDD) or a hybrid drive (HDSD). The processing device can use untrust mode during manufacturing, and trust mode during field use.
-
-
-
-
-
-
-
-
-
搜索结果
27 条记录 (耗时 0.021 秒)
