Methods and systems for promoting security in a computer system employing attached storage devices
First Claim
1. A method for promoting security in a computer system having an operating system in operative connection with at least one storage device, wherein said storage device includes a processor and firmware for processing data stored on said storage device, said method comprising:
- partitioning at least a portion of said storage device to form a security partition having at least one authority record and at least one data set associated with said authority record;
limiting access to at least a portion of said storage device by said operating system of said computer system.
7 Assignments
0 Petitions
Accused Products
Abstract
The present methods and systems use specially isolated techniques for promoting security in a computer system. In one embodiment of these methods and systems, a simple file system is concealed in the storage of the computer system and is managed with a processor and simple non-writeable code operating on the storage device. Strong cryptographic design permits the present computer security methods and systems to secure data on the storage device. In one method embodiment, a computer system is provided with an operating system in operative association with at least one storage device, wherein the storage device includes firmware and a processor for processing data and instructions stored on the storage device. The method includes creating at least one security partition in, and restricting access to, at least a portion of the storage device by the operating system. The method also includes creating at least one security partition in the storage device. The method also includes providing at least one authority record and data associated with the authority record in the storage device. System and computer-readable medium embodiments structured in accordance with the method embodiments discussed herein are also provided.
130 Citations
122 Claims
-
1. A method for promoting security in a computer system having an operating system in operative connection with at least one storage device, wherein said storage device includes a processor and firmware for processing data stored on said storage device, said method comprising:
-
partitioning at least a portion of said storage device to form a security partition having at least one authority record and at least one data set associated with said authority record;
limiting access to at least a portion of said storage device by said operating system of said computer system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A system for promoting security in a computer system having an operating system in operative connection with at least one storage device, wherein said storage device includes a processor and firmware for processing data stored on said storage device, said system for promoting security comprising:
-
a security partition formed in said storage device having at least one authority record and at least one data set associated with said authority record;
wherein access to said security partition in said storage device by said operating system of said computer system is limited. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55)
-
-
56. A computer-readable medium containing instructions for promoting security in a computer system having an operating system in operative connection with at least one storage device, wherein said storage device includes a processor and firmware for processing data stored on said storage device, said medium comprising:
-
instructions for partitioning at least a portion of said storage device to form a security partition having at least one authority record and at least one data set associated with said authority record;
instructions for limiting access to at least a portion of said storage device by said operating system of said computer system. - View Dependent Claims (57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88)
-
-
89. A system for promoting security in a computer system having an operating system in operative connection with at least one storage device, wherein said storage device includes a processor and firmware for processing data stored on said storage device, said system for promoting security comprising:
-
means for partitioning at least a portion of said storage device to form a security partition having at least one authority record and at least one data set associated with said authority record;
means for limiting access to at least a portion of said storage device by said operating system of said computer system. - View Dependent Claims (90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122)
-
Specification