Single-Chip Virtualizing and Obfuscating Storage System for Portable Computing Devices
First Claim
1. A portable computing device, comprising:
- at least one operating system;
at least one virtualized storage device configured to be accessed by the operating system;
at least one physical storage device configured not to be directly accessible by the operating system; and
at least one virtualizing and obfuscating storage firmware module configured for executing concurrently with the operating system on a processor.
4 Assignments
0 Petitions
Accused Products
Abstract
In certain embodiments, an information obfuscation service may be incorporated directly into the main applications processor of a portable computing device such that the applications processor and its relevant storage peripherals may be securely shared via a virtualization firmware module, avoiding the use of specialized hardware or major modifications of the operating system. The virtualizing and obfuscating storage firmware module may enable a much higher level of assurance in information-at-rest protection while using only the memory protection and privilege mode facilities inherent in common portable device applications microprocessors. The virtualizing and obfuscating storage firmware may interpose storage accesses originating from the operating system. This interposition may be performed seamlessly, without explicit knowledge of the operating system.
20 Citations
61 Claims
-
1. A portable computing device, comprising:
-
at least one operating system; at least one virtualized storage device configured to be accessed by the operating system; at least one physical storage device configured not to be directly accessible by the operating system; and at least one virtualizing and obfuscating storage firmware module configured for executing concurrently with the operating system on a processor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A method of information-in-transit protection, comprising:
-
configuring at least one virtualized storage device to be accessed by an operating system; configuring at least one physical storage device not to be directly accessible by the operating system; and configuring at least one virtualizing and obfuscating firmware module for executing concurrently with the operating system on a processor. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61)
-
Specification