Data storage drive with target of opportunity recognition
First Claim
1. A computer-implemented method, comprising:
- receiving, by a computer, a request to store data on data storage media;
obtaining, by the computer, a data key;
generating, by the computer, an encryption encapsulated data key using the data key;
generating, by the computer, a session encrypted data key using the data key;
providing the session encrypted data key to a machine configured to write encrypted data to the data storage media, the session encrypted data key being configured for use by the machine in writing encrypted data to the data storage media by extracting and using the data key embedded in the session encrypted data key; and
providing the encryption encapsulated data key to the machine for enabling the machine to store the encryption encapsulated data key with the data on the data storage media.
1 Assignment
0 Petitions
Accused Products
Abstract
A method according to one embodiment includes receiving a request to store data on media, and generating a data key. An encryption encapsulated data key is generated using the data key. A session encrypted data key is generated using the data key. The encryption encapsulated data key and session encrypted data key are provided for use in writing encrypted data to the media. A method according to another embodiment includes receiving a request to read data from media, and receiving an encryption encapsulated data key. The encryption encapsulated data key is processed to obtain a data key. A session encrypted data key is generated using the data key. The encryption encapsulated data key and session encrypted data key are provided for use in reading the encrypted data from the media.
-
Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
receiving, by a computer, a request to store data on data storage media; obtaining, by the computer, a data key; generating, by the computer, an encryption encapsulated data key using the data key; generating, by the computer, a session encrypted data key using the data key; providing the session encrypted data key to a machine configured to write encrypted data to the data storage media, the session encrypted data key being configured for use by the machine in writing encrypted data to the data storage media by extracting and using the data key embedded in the session encrypted data key; and providing the encryption encapsulated data key to the machine for enabling the machine to store the encryption encapsulated data key with the data on the data storage media. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer-implemented method, comprising:
-
receiving, by a computer, a request to read data from data storage media; receiving, by the computer from a machine configured to read encrypted data from the data storage media, an encryption encapsulated data key stored on the data storage media; processing the encryption encapsulated data key to obtain a data key; generating a session encrypted data key using the data key; and providing the session encrypted data key to the machine for use by the machine in reading the encrypted data from the data storage media, the session encrypted data key being configured for use by the machine in reading encrypted data from the data storage media by extracting and using the data key embedded in the session encrypted data key; and receiving the data from the machine in unencrypted form. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A computer program product for reading data from data storage media, the computer program product comprising a non-transitory computer readable storage medium having program instructions embodied therewith, the program instructions executable by a processing circuit to cause the processing circuit to perform a method, comprising:
-
receiving, by the processing circuit, a request to read data from data storage media; receiving, by the processing circuit, an encryption encapsulated data key read from the data storage media; processing, by the processing circuit, the encryption encapsulated data key to obtain a data key; generating, by the processing circuit, a session encrypted data key using the data key; discarding the data key after generating the session encrypted data key therewith; providing, by the processing circuit, the session encrypted data key to a machine configured to read encrypted data from the data storage media for use by the machine configured to read encrypted data from the data storage media in reading the encrypted data from the data storage media, wherein the session encrypted data key is provided without an unencrypted data key to the machine; and receiving the data from the machine in unencrypted form. - View Dependent Claims (20)
-
Specification