STORAGE DEVICE HAVING AN ANTI-MALWARE PROTECTION

US 20090307452A1
Filed: 06/06/2008
Published: 12/10/2009
Est. Priority Date: 06/06/2008
Status: Active Grant

First Claim

Patent Images

1. A method of protecting a storage device when interfacing with a host device, the method comprising:

operatively interfacing a storage device with a host device, the storage device including a storage area for storing data, a storage controller for managing the storage area, and a security processor;

upon interfacing the storage device with the host device, operating the security processor in a “

security”

mode in which the security processor filters commands that are received from the host device and are targeted to the storage controller; and

upon determining by the security processor that the “

security”

mode is no longer required, operating the security processor in a “

safe”

mode in which the security processor (i) does not filter commands it receives from the host device and (ii) forwards to the storage controller such unfiltered commands.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A storage device is protected, when interfaced with a host device, by operating a security processor of the storage device in a “security” mode in which the security processor filters commands that are received from the host device and are targeted to the storage controller, and upon determining by the security processor that the “security” mode is no longer required, by operating the security processor in a “safe” mode in which the security processor (i) does not filter commands it receives from the host device and (ii) forwards to a storage controller of the storage device such unfiltered commands.

27 Citations

View as Search Results

11 Claims

1. A method of protecting a storage device when interfacing with a host device, the method comprising:
- operatively interfacing a storage device with a host device, the storage device including a storage area for storing data, a storage controller for managing the storage area, and a security processor;
  
  upon interfacing the storage device with the host device, operating the security processor in a “
  
  security”
  
  mode in which the security processor filters commands that are received from the host device and are targeted to the storage controller; and
  
  upon determining by the security processor that the “
  
  security”
  
  mode is no longer required, operating the security processor in a “
  
  safe”
  
  mode in which the security processor (i) does not filter commands it receives from the host device and (ii) forwards to the storage controller such unfiltered commands.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method according to claim 1, wherein the storage device is a removable storage device or a fixed storage device
  - 3. The method according to claim 1, wherein the storage device contains flash memory.
  - 4. The method according to claim 1, wherein operating the security processor in the “
    - security”
      
      mode includes;
      
      i) receiving, by the security processor, a command from the host device;
      
      ii) storing in the storage area, by the security processor, the received command, information pertaining to the received command, or both; and
      
      iii) determining, by the security processor, whether the received command is alertable and, if the received command is alertable, logging, by the security processor, the received command in a command alert log.
  - 5. The method according to claim 4, wherein if the received command is determined to be alertable, blocking it, by the security processor, from reaching the storage controller, or ignoring it, and if the received command is non-alertable, passing, by the security processor, the received command to the storage controller.
  - 6. The method according to claim 4, further comprising, responsive to transitioning the security processor from the “
    - security”
      
      mode to the “
      
      safe”
      
      mode, allowing, by the security processor, the host device to access the command alert log.
  - 7. The method according to claim 4, wherein determination by the security processor whether the received command is alertable is contingent on a previously received command or on a sequence of previously received commands.
  - 8. The method according to claim 7, wherein the sequence of commands includes alretable commands interspersed within other commands.
  - 9. The method according to claim 4, wherein determination by the security processor whether the received command is alertable is contingent on security rules.
  - 10. The method according to claim 1, wherein transition from the security mode to the safe mode is triggered by one of (1) a message received from the host device, (2) a message received over a secure session that is established between the storage device and the host device, and (3) a signal received at the security processor from the host during mutual authentication between the storage device and the host device.
  - 11. The method according to claim 10, wherein the secure session is established using a key-exchange mechanism.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Western Digital Israel Limited (Western Digital Corporation)
Original Assignee
SanDisk IL Ltd. (Western Digital Corporation)
Inventors
BEN-TSVI, YAAKOV, HAHN, JUDAH GAMLIEL

Granted Patent

US 8,484,736 B2
Time in Patent Office

Days
Field of Search
US Class Current

711/164
CPC Class Codes

G06F 21/57 Certifying or maintaining t...

G06F 21/78 to assure secure storage of...

STORAGE DEVICE HAVING AN ANTI-MALWARE PROTECTION

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

27 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

STORAGE DEVICE HAVING AN ANTI-MALWARE PROTECTION

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links