Preventing access of a host device to malicious data in a portable device
First Claim
1. A method for protecting a host device, comprising:
- performing a mutual authentication between a storage device and the host device using a key exchange mechanism, the storage device contains a read only partition and a removable partition;
copying a protection application from the read only partition of the storage device to a memory in the host device, wherein the storage device is connected to the host device;
running the protection application on the host device, wherein the protection application restricts access from the removable partition of the storage device by the host device;
then requesting, by the protection application, access to a file allocation table data of the removable partition for analyzing information stored therein;
then sending the file allocation table data to the protection application on the host device;
then analyzing the file allocation table data;
determining if the protection application on the host device has finished a scanning of the file allocation table data; and
pursuant to the finishing of the scanning of the file allocation table data, sending an expose command to a controller of the storage device to notify that the data in the removable partition of the storage device is safe and available for use by the host device.
2 Assignments
0 Petitions
Accused Products
Abstract
A storage device comprising a memory, a controller, and a host interface operative to connect with a host. The memory containing data locations access to which are controllable by a protection application which is executable on a host. When the host interface operatively coupled to a host data locations in the memory are accessible to an operating system of the host only under permission from the protection application. The controller communicates with the protection application running on the host for allowing the protection application access to data locations in the memory. Upon a host request for access to a data location, the controller determines if permission to access the requested data location is acquired from the protection application. The permission is based on determination of the protection application that the data location does not contain malicious data harmful to the host operating system, to any application and/or to any data on the host.
23 Citations
20 Claims
-
1. A method for protecting a host device, comprising:
-
performing a mutual authentication between a storage device and the host device using a key exchange mechanism, the storage device contains a read only partition and a removable partition; copying a protection application from the read only partition of the storage device to a memory in the host device, wherein the storage device is connected to the host device; running the protection application on the host device, wherein the protection application restricts access from the removable partition of the storage device by the host device; then requesting, by the protection application, access to a file allocation table data of the removable partition for analyzing information stored therein; then sending the file allocation table data to the protection application on the host device; then analyzing the file allocation table data; determining if the protection application on the host device has finished a scanning of the file allocation table data; and pursuant to the finishing of the scanning of the file allocation table data, sending an expose command to a controller of the storage device to notify that the data in the removable partition of the storage device is safe and available for use by the host device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. An apparatus, comprising:
-
means for performing a mutual authentication between a storage device and a host device using a key exchange mechanism, the storage device contains a read only partition and a removable partition; means for storing data, the means for storing data being operatively connected to a host device; means for providing a copy protection application from the read only partition of the means for storing data to a memory in the host device; means for running the protection application on the host device, wherein the protection application restricts access from the removable partition of the storage device by the host device; means for requesting, by the protection application, access to a file allocation table data of the removable partition for analyzing information stored therein; means for sending the file allocation table data to the protection application on the host device; means for analyzing the file allocation table data; means for determining if the protection application on the host device has finished a scanning of the file allocation table data; and means for pursuant to the finishing of the scanning of the file allocation table data, sending an expose command to a controller of the storage device to notify that the data in the removable partition of the storage device is safe and available for use by the host device. - View Dependent Claims (19, 20)
-
Specification