System and method for providing data and device security between external and host devices
First Claim
Patent Images
1. A system comprising:
- an external device configured to store and retrieve data in response to approved data transfer requests, the external device including an external device communication interface;
a security device including a security engine and security policies, the security policies including data privacy policies, the security device further including at least one security device hardware processor configured to execute the security engine to evaluate redirected data transfer requests involving the external device against the security policies including against the data privacy policies, the security policies indicating an approvable data transfer request or indicating a disapprovable data transfer request, the security engine configured to assist in determining whether to approve or whether to disapprove each of the redirected data transfer requests based on the evaluation of the redirected data transfer requests against the security policies including against the data privacy policies, the security device including a security device connection interface, the security device configured to use the at least one security device hardware processor to;
receive a particular redirected data transfer request;
evaluate, using the security engine, the particular redirected data transfer request against the security policies including against the data privacy policies to determine whether to approve or whether to disapprove the particular redirected data transfer request; and
generate, using the security engine, a particular approval or a particular disapproval based on the evaluation of the particular redirected data transfer request; and
a host device including at least one host device hardware processor, a first host communication interface and a second host communication interface, the first host communication interface being communicatively coupled to the external device communication interface to enable data communications between the host device and the external device, the second host communication interface being communicatively coupled to the security device communication interface to enable data communications between the host device and the security device, the host device further including a redirection driver configured to automatically redirect received data transfer requests to the security device, the host device configured to use the at least one host device hardware processor to;
receive a particular data transfer request;
use the redirection driver to automatically redirect the particular data transfer request to the security device as the particular redirected data transfer request;
receive the particular approval or the particular disapproval from the security device; and
initiate performance of the particular data transfer request when the particular approval is received or when the particular disapproval is not received.
2 Assignments
0 Petitions
Accused Products
Abstract
A secure data exchange system comprising a security device including a first external device plug, and a security engine operative to enforce a security policy on data transfer requests received from the host; an external device including a second external device plug; and a host including a first external device port operative to communicatively couple with the first external device plug, a second external device port operative to communicatively couple with the second external device plug, and a driver, e.g., a redirect driver, operative to transfer a data transfer request to the security device before executing the data transfer request.
-
Citations
20 Claims
-
1. A system comprising:
-
an external device configured to store and retrieve data in response to approved data transfer requests, the external device including an external device communication interface; a security device including a security engine and security policies, the security policies including data privacy policies, the security device further including at least one security device hardware processor configured to execute the security engine to evaluate redirected data transfer requests involving the external device against the security policies including against the data privacy policies, the security policies indicating an approvable data transfer request or indicating a disapprovable data transfer request, the security engine configured to assist in determining whether to approve or whether to disapprove each of the redirected data transfer requests based on the evaluation of the redirected data transfer requests against the security policies including against the data privacy policies, the security device including a security device connection interface, the security device configured to use the at least one security device hardware processor to; receive a particular redirected data transfer request; evaluate, using the security engine, the particular redirected data transfer request against the security policies including against the data privacy policies to determine whether to approve or whether to disapprove the particular redirected data transfer request; and generate, using the security engine, a particular approval or a particular disapproval based on the evaluation of the particular redirected data transfer request; and a host device including at least one host device hardware processor, a first host communication interface and a second host communication interface, the first host communication interface being communicatively coupled to the external device communication interface to enable data communications between the host device and the external device, the second host communication interface being communicatively coupled to the security device communication interface to enable data communications between the host device and the security device, the host device further including a redirection driver configured to automatically redirect received data transfer requests to the security device, the host device configured to use the at least one host device hardware processor to; receive a particular data transfer request; use the redirection driver to automatically redirect the particular data transfer request to the security device as the particular redirected data transfer request; receive the particular approval or the particular disapproval from the security device; and initiate performance of the particular data transfer request when the particular approval is received or when the particular disapproval is not received. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
receiving a particular data transfer request by a host device, the particular data transfer request including a request to transfer particular data to or from an external data storage device, the external data storage device including an external device communication interface, the host device including a first host communication interface and a second host communication interface, the first host communication interface being communicatively coupled to the external device communication interface to enable data communications between the host device and the external data storage device, the host device further including a redirection driver configured to automatically redirect received data transfer requests including the particular data transfer request to a security device; using the redirection driver to automatically redirect the particular data transfer request from the host device to the security device as a redirected data transfer request, the security device including a security engine and security policies, the security policies including data privacy policies, the security policies indicating an approvable data transfer request or indicating a disapprovable data transfer request, the security device configured to evaluate data transfer requests involving the external data storage device against the security policies including against the data privacy policies, the security engine configured to assist in determining whether to approve or whether to disapprove each of the data transfer requests including the redirected data transfer request based on the evaluation of each of the data transfer requests against the security policies including against the data privacy policies, the security device including a security device connection interface communicatively coupled to the second host communication interface to enable data communications between the host device and the security device; using the security engine to evaluate the redirected data transfer request against the security policies including against the data privacy policies to determine whether to approve or whether to disapprove the redirected data transfer request; using the security engine to generate a particular approval or a particular disapproval based on the evaluation of the redirected data transfer request; and initiating performance of the particular data transfer request when the particular approval is received or when the particular disapproval is not received. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification