DATA STORAGE DEVICE WITH SECURITY FEATURE

US 20090067079A1
Filed: 11/10/2008
Published: 03/12/2009
Est. Priority Date: 08/09/2004
Status: Active Grant

First Claim

Patent Images

1. A data storage device comprising:

at least two partitions, anda set of switches to separately enable and disable read and write operations to each of said partitions,wherein read and/or write operations for at least one of said partitions is disabled when said data storage device is accessible by one or more potentially malicious processes.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data storage device is disclosed with at least two partitions and a set of switches to separately enable and disable read and write operations to each of the partitions, wherein read and/or write operations for at least one of the partitions is disabled when the data storage device is accessible by one or more potentially malicious processes. In one embodiment, there are five partitions for (1) operating systems and trusted applications, (2) applications from non-trusted sources, (3) confidential data, (4) non-confidential data, and (5) all other data. A mode switch can be used to enable and disable reading and writing for each of the partitions according to a predetermined set of rules that effectively prevent viruses and other malware from altering or accessing programs and data.

22 Citations

View as Search Results

20 Claims

1. A data storage device comprising:

at least two partitions, anda set of switches to separately enable and disable read and write operations to each of said partitions,wherein read and/or write operations for at least one of said partitions is disabled when said data storage device is accessible by one or more potentially malicious processes.
View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)

2. The data storage device of claim 1, further comprising separate partitions for (1) operating systems and trusted applications, (2) applications from non-trusted sources, (3) confidential data, (4) non-confidential data, and (5) all other data.
3. The data storage device of claim 1, further comprising a magnetic hard drive, wherein each of said partitions comprises at least one platter surface.
4. The data storage device of claim 1, wherein said set of switches comprises at least one mechanical switch mounted such that it can be manually operated from outside the case containing said data storage device.
5. The data storage device of claim 4, wherein said set of switches further comprises separate switches for each read channel and each write channel for each partition.
6. The data storage device of claim 4, wherein said set of switches further comprises a mode switch, wherein the positions of said mode switch enable and disable reading and writing for each of said partitions according to a predetermined set of rules.
7. The data storage device of claim 6, further comprising separate partitions for (1) operating systems and trusted applications, (2) applications from non-trusted sources, (3) confidential data, (4) non-confidential data, and (5) all other data;
- wherein said mode switch has four positions and the predetermined set of rules is defined by the following table;
  
  Position Partition 1 Partition 2 Partition 3 Partition 4 Partition 5 1 Read only Read only Disabled Read only Read/write 2 Read only Read only Read/write Read/write Disabled 3 Read only Read/write Disabled Read only Disabled 4 Read/write Read/write Read/write Read/write Read/write

8. The data storage device of claim 6, further comprising separate partitions for (1) operating systems and trusted applications, (2) applications from non-trusted sources, (3) confidential data, (4) non-confidential data, and (5) all other data;

wherein said mode switch has seven positions and the predetermined set of rules is defined by the following table;

Position Partition 1 Partition 2 Partition 3 Partition 4 Partition 5 1-(A, B, C) Read only Read only Disabled Read only Read/write 2-A Read only Read only Read/write Read/write Disabled 2-B Read only Disabled Read/write Read/write Disabled 2-C Read only Read/write Read only Read only Disabled 3-(A, B) Read only Read/write Disabled Read only Disabled 3-C Read/write Disabled Disabled Disabled Disabled 4-(A, B, C) Read/write Read/write Read/write Read/write Read/write

9. The data storage device of claim 8, wherein said mode switch comprises a main switch with four positions (1-4) and a protection switch with three positions (A-C), and wherein the seven positions are defined by the combined settings of the main switch and the protection switch according to column 1 of the table.
10. The data storage device of claim 7, further comprising a first latch which must be released before said mode switch can be moved from position 2 to position 3.
11. The data storage device of claim 10, further comprising a second latch which must be released before said mode switch can be moved from position 3 to position 4.
12. The data storage device of claim 11, further comprising a third latch which must be released before said mode switch can be moved from position 1 to position 2.

13. A computing machine comprising a processor, system memory, and a data storage device;
- wherein said data storage device comprises;
  
  at least two partitions, anda set of switches to separately enable and disable read and write operations to each of said partitions,wherein read and/or write operations for at least one of said partitions is disabled when said data storage device is accessible by one or more potentially malicious processes; and
  
  wherein said system memory comprises at least two memory partitions, and wherein one of said memory partitions is used for all data accessed by non-trusted applications and erased when all non-trusted applications are terminated or before said data storage device is configured to enable write access to trusted applications or data.
- View Dependent Claims (14)
- - 14. The computing machine of claim 13, further comprising a user-accessible switch to manually erase at least one of said memory partitions.

15. A method for protecting a data storage device from malicious data alteration, comprising:
- dividing said data storage device into at least two partitions, anddisabling write operations to at least one of said partitions whenever said data storage device is accessible by one or more potentially malicious processes.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, further comprising disconnecting or disabling network connections to all processors capable of accessing said data storage device whenever said at least one of said partitions is not disabled.
  - 17. The method of claim 15, wherein said dividing can only be performed when all network connections to all processors capable of accessing said data storage device are disconnected or disabled, any of said partitions containing runnable processes are disabled for reading, and any system memory that could have been accessed by one or more potentially malicious processes has been erased.
  - 18. The method of claim 15, wherein said dividing can only be performed when a manual switch is activated.
  - 19. The method of claim 18, wherein said manual switch is a momentary contact switch.
  - 20. The method of claim 18, wherein said manual switch automatically deactivates after a period of time somewhat longer than the minimum required for performing said dividing.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Jasim Saleh Al-Azzawi
Original Assignee
Jasim Saleh Al-Azzawi
Inventors
Al-Azzawi, Jasim Saleh

Granted Patent

US 8,112,601 B2
Time in Patent Office

Days
Field of Search
US Class Current

360/62
CPC Class Codes

G06F 21/74   operating in dual or compar...

G06F 21/80   in storage media based on m...

G06F 2221/2105   Dual mode as a secondary as...

DATA STORAGE DEVICE WITH SECURITY FEATURE

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

22 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

DATA STORAGE DEVICE WITH SECURITY FEATURE

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links