Data security for digital data storage

US 20070016805A1
Filed: 09/20/2006
Published: 01/18/2007
Est. Priority Date: 03/26/1999
Status: Active Grant

First Claim

Patent Images

1. A computing apparatus comprising:

a digital data storage device; and

a bus-to-bus bridge configured to receive digital data from a host processor and to forward the digital data to the digital data storage device in an encrypted form;

wherein the bus-to-bus bridge is configured to encrypt the digital data and forward the digital data to the digital data storage device without intervention by the host processor; and

wherein the bus-to-bus bridge comprises information identifying whether the digital data storage device is selected to receive encrypted data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computing system includes data encryption in the data path between a data source and data storage devices. The data encryption may utilize a key which is derived at least in part from an identification code stored in a non-volatile memory. The key may also be derived at least in part from user input to the computer.

Citations

20 Claims

1. A computing apparatus comprising:
- a digital data storage device; and
  
  a bus-to-bus bridge configured to receive digital data from a host processor and to forward the digital data to the digital data storage device in an encrypted form;
  
  wherein the bus-to-bus bridge is configured to encrypt the digital data and forward the digital data to the digital data storage device without intervention by the host processor; and
  
  wherein the bus-to-bus bridge comprises information identifying whether the digital data storage device is selected to receive encrypted data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The computing apparatus of claim 1, further comprising encrypted data for storage on the digital data storage device when the digital data storage device is selected to receive encrypted data.
  - 3. The computing apparatus of claim 1, further comprising unencrypted data for storage on the digital data storage device when the digital data storage device is not selected to receive encrypted data.
  - 4. The computing apparatus of claim 1, wherein the bus-to-bus bridge is positioned in a data path between the host processor and the digital data storage device.
  - 5. The computing apparatus of claim 1, further comprising an identification code associated with the computing apparatus.
  - 6. The computing apparatus of claim 5, further comprising a non-volatile memory location, the non-volatile memory location storing the identification code.
  - 7. The computing apparatus of claim 6, further comprising a cryptographic key based at least in part on the identification code.
  - 8. The computing apparatus of claim 7, wherein in the cryptographic key is based at least in part on user input.
  - 9. The computing apparatus of claim 8, further comprising a second memory location for storing the cryptographic key, wherein the cryptographic key is accessed by the bus-to-bus bridge to encrypt the digital data for storage on the digital data storage device when the digital data storage device is selected to received encrypted data.

10. A computing apparatus comprising:
- data storage media;
  
  a bus-to-bus bridge configured to store information, the information identifying which data storage media are selected to receive encrypted data; and
  
  an encryption engine for encrypting data that is transmitted to the data storage media and for decrypting data that is retrieved from the data storage media, wherein the encryption engine is configured to disable encryption of data routed to the data storage media in response to the information.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The computing apparatus of claim 10, wherein encrypted data is stored on the data storage media selected to receive encrypted data.
  - 12. The computing apparatus of claim 10, wherein unencrypted data is stored on the data storage media not selected to receive encrypted data.
  - 13. The computing apparatus of claim 10, wherein the encryption engine uses at least in part a hardware identifier and at least in part user input to encrypt and decrypt the data.
  - 14. The computing apparatus of claim 13, wherein the hardware identifier is stored in a non-erasable memory location.
  - 15. The computing apparatus of claim 10, wherein the bus-to-bus bridge comprises the encryption engine.
  - 16. The computing apparatus of claim 10, wherein the encryption engine is positioned in a data path between a host processor and the data storage media.
  - 17. The computing apparatus of claim 10, wherein the data storage media comprises one or more hard disk drives, and one or more floppy disk drives.

18. A personal computer having encryption hardware and a processor comprising:
- means for retrieving information from a bus-to-bus bridge in a personal computer, the information identifying which data storage media are selected to receive encrypted data;
  
  means for disabling encryption of data routed to one of the data storage media in response to the retrieved information;
  
  means for encrypting and decrypting data based on the means for disabling, for storage on and retrieval from the data storage media; and
  
  means for storing the data in the data storage media either in encrypted form or non-encrypted form based on the disabling step.
- View Dependent Claims (19, 20)
- - 19. The personal computer of claim 18, wherein the means for encrypting and decrypting comprises a cryptographic key.
  - 20. The personal computer of claim 19, wherein the cryptographic key is based at least in part on an identification code stored in the personal computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Round Rock Research LLC
Original Assignee
Round Rock Research LLC
Inventors
Klein, Dean

Granted Patent

US 7,979,720 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 21/80   in storage media based on m...

G06F 21/85   interconnection devices, e....

H04L 2209/12   Details relating to cryptog...

H04L 9/0861   Generation of secret inform...

H04L 9/0866   involving user or device id...

H04L 9/0894   Escrow, recovery or storing...

Data security for digital data storage

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Data security for digital data storage

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links