Securing information relating to data compression and encryption in a storage device
First Claim
1. A computer implemented method comprising:
- receiving input data from a host into a buffer memory;
applying data compression to the input data to provide compressed data;
encrypting the compressed data using an encryption key to generate encrypted data;
storing the encrypted data in a first location of a main memory of a data storage device;
generating and storing, in a second access controlled location of the main memory, a system parameter value associated with the storage of the encrypted data, the system parameter value being a parameter value of a data storage system that includes the main memory and a controller circuit that performs the encrypting and storing, the system parameter value encrypted prior to storage thereof in the second access controlled location of the main memory;
establishing a trusted relationship to authenticate the host responsive to a request for the system parameter value, the trusted relationship established using a challenge value; and
transferring, from the data storage device to the host, the system parameter value from the second access controlled location of the main memory responsive to the established trusted relationship.
1 Assignment
0 Petitions
Accused Products
Abstract
Apparatus and method for data security in a data storage environment. In some embodiments, input data from a host is received into a buffer memory. Data compression is applied to the input data to provide compressed data. Encryption is applied to the compressed data to generate encrypted data, and the encrypted data are stored in a main memory of a data storage device. A system parameter value associated with the storage of the encrypted data is generated and stored in a memory, such as the main memory of the storage device. The system parameter value may include information relating to the compression of the data. A trusted relationship is established to authenticate the host responsive to a request for the updated system parameter value. The system parameter value is transferred to the host responsive to the established trusted relationship.
35 Citations
18 Claims
-
1. A computer implemented method comprising:
-
receiving input data from a host into a buffer memory; applying data compression to the input data to provide compressed data; encrypting the compressed data using an encryption key to generate encrypted data; storing the encrypted data in a first location of a main memory of a data storage device; generating and storing, in a second access controlled location of the main memory, a system parameter value associated with the storage of the encrypted data, the system parameter value being a parameter value of a data storage system that includes the main memory and a controller circuit that performs the encrypting and storing, the system parameter value encrypted prior to storage thereof in the second access controlled location of the main memory; establishing a trusted relationship to authenticate the host responsive to a request for the system parameter value, the trusted relationship established using a challenge value; and transferring, from the data storage device to the host, the system parameter value from the second access controlled location of the main memory responsive to the established trusted relationship. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A data storage device comprising:
-
a non-volatile main memory; and a controller circuit configured to receive input data from a host into a buffer memory, apply data compression to the input data to provide compressed data, encrypt the compressed data using an encryption key to generate encrypted data, store the encrypted data in a first location of the main memory, generate and store in a second access controlled location of the main memory a system parameter value associated with the storage of the encrypted data, establish a trusted relationship to authenticate the host responsive to a request for the system parameter value, and transfer the updated system parameter value from the second access controlled location of the main memory to the host responsive to the established trusted relationship, the system parameter value being a parameter value of the data storage device, the system parameter value indicating a compression parameter associated with the compression of the input data, the system parameter value encrypted by the controller circuit prior to storage thereof in the second access controlled location of the main memory, the trusted relationship established using a challenge value. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. An apparatus comprising:
-
a plurality of data storage devices arranged to form a multi-device memory space; and a controller circuit configured to transfer data between the memory space and a host device by applying data compression to input data received from the host to provide compressed data, encrypting the compressed data using an encryption key to generate encrypted data, storing the encrypted data in a first location of a main memory, and generating and storing in a second access controlled location of the main memory a system parameter value associated with the storage of the encrypted data, the controller circuit further configured to, responsive to a request from the host for the system parameter value, establish a trusted relationship with the host and to transfer the system parameter value from the second access controlled location of the main memory to the host responsive to the established trusted relationship, the controller circuit encrypting the system parameter value prior to storage thereof in the second access controlled location of the main memory, the trusted relationship established using a challenge value. - View Dependent Claims (18)
-
Specification