Method and apparatus for providing a secure-private partition on a hard disk drive of a computer system via IDE controller

US 7,155,615 B1
Filed: 06/30/2000
Issued: 12/26/2006
Est. Priority Date: 06/30/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

providing a partition on an Integrated Device Electronics (“

IDE”

) storage device of a computer system, wherein said partition is invisible to an operating system of the computer system unless the partition is unlocked;

providing a software task having knowledge about an unlock handshake between the software task and an IDE controller,performing the unlock handshake including an alteration of an electrical signal on an IDE controller interface line; and

unlocking the partition in response to an unlock request received from the software task after the software task performs the unlock handshake to unlock the partition, wherein the partition is visible to the operating system when unlocked.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method are described for providing a secure-private partition on a storage device of a computer system. The secure-private partition is normally invisible to an operating system unless the partition is unlocked. The secure-private partition is configured to unlock so that it is visible to the operating system in response to an unlock request received from a software task having knowledge about a proper handshake for unlocking the partition.

Citations

25 Claims

1. A method comprising:
- providing a partition on an Integrated Device Electronics (“
  
  IDE”
  
  ) storage device of a computer system, wherein said partition is invisible to an operating system of the computer system unless the partition is unlocked;
  
  providing a software task having knowledge about an unlock handshake between the software task and an IDE controller,performing the unlock handshake including an alteration of an electrical signal on an IDE controller interface line; and
  
  unlocking the partition in response to an unlock request received from the software task after the software task performs the unlock handshake to unlock the partition, wherein the partition is visible to the operating system when unlocked.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the storage device is a hard disk drive having an IDE disk controller.
  - 3. The method of claim 1, wherein the software task requests a master token from the IDE controller when the computer system is first turned on and the unlock handshake between the software task and the IDE controller further comprises:
    - passing the master token back to the IDE controller as a parameter.
  - 4. The method of claim 2, wherein the software task requests a master token from the disk controller when the computer system is first turned on, said master token to be used by the software task to initiate the unlock handshake to unlock the partition.
  - 5. The method of claim 1, wherein the software receives a usage token from the IDE controller when the partition is unlocked and the unlock handshake between the software and the IDE controller includes passing the usage token back to the IDE controller as a parameter.
  - 6. The method of claim 1, further comprising:
    - locking the partition in response to a lock request received from a software task having knowledge about a lock handshake for locking the partition.
  - 7. The method of claim 1, further comprising:
    - providing a standard partition on the storage device, wherein said standard partition is always visible to the operating system and generally accessible to other software.
  - 8. The method of claim 1, further comprising:
    - preventing an access to the partition when the partition is unlocked unless the access is requested by a software that performs another handshake for accessing the partition.

9. A machine-readable medium that provides instructions, which when executed by a set of processors, causes said set of processors to perform operations comprising:
- receiving an open request from a software task to access a secure-private partition on an IDE hard drive of a computer system;
  
  validating the open request received from the software task;
  
  requesting unlocking of the secure-private partition in response to the validation of the open request received from the software task;
  
  unlocking the secure-private partition in response to the unlocking request such that the partition that was previously invisible to an operating system becomes visible to the operating system; and
  
  causing an IDE controller to prevent access to the secure-private partition when the secure-private partition is locked unless the access is requested by a software task having knowledge about an unlock handshake for accessing the secure-private partition, the unlock handshake to include altering an electrical signal on an interface line of the IDE controller, the electrical signal to cause the operating system to be granted access to the partition.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The machine-readable medium of claim 9, wherein the operations further comprise requesting locking of the secure-private partition in response to a close request received from the software.
  - 11. The machine-readable medium of claim 9, wherein the requesting of the unlocking of the secure partition further comprises:
    - requesting a master token from an IDE controller when the computer system is turned on;
      
      storing the master token in a secure storage location;
      
      retrieving the master token from the secure storage location when an access to a secure-private partition is needed; and
      
      passing the master token as a parameter to the IDE controller.
  - 12. The machine-readable medium of claim 9, wherein the operations further comprise requesting an access to the secure-private partition in response to an access request received from the software.
  - 13. The machine-readable medium of claim 12, wherein requesting access to the secure partition further comprises:
    - receiving a usage token; and
      
      passing the usage token to the IDE controller to gain an access to the secure partition.
  - 14. The machine-readable medium of claim 9, wherein the request from the software to access the secure-private partition is received by a privacy gatekeeper which prescreens the request to determine if the software has an authorization to access the secure-private partition.

15. A method comprising:
- partitioning a hard disk into a standard partition and a secure-private partition (SPP), the SPP operable in a locked mode and an unlocked mode;
  
  switching the SPP from the locked mode to the unlocked mode in response to a handshake, the handshake including altering an electrical signal on an IDE controller interface line causing the partition to be unlocked;
  
  receiving at least one read/write request from a requesting software program; and
  
  switching the SPP from the unlocked mode to the locked mode in response to a close request;
  
  whereineach of the at least one read/write requests is accompanied by a usage token.
- View Dependent Claims (16, 17, 18)
- - 16. The method of claim 15 wherein the handshake comprises:
    - receiving a secure token from a requesting software program;
      
      verifying the secure token; and
      
      returning the usage token to the requesting software program.
  - 17. The method of claim 15, further comprising:
    - validating the usage token received with a read/write request, and, if the token is valid, performing the request;
      
      orif the token is invalid, denying the request.
  - 18. The method of claim 15, further comprising:
    - generating a new usage token after the read/write request; and
      
      returning the new usage token to the requesting software program.

19. A system comprising:
- a first token;
  
  a hard disk drive including a disk controller and a secure-private partition;
  
  a handshake connection to toggle the secure-private partition between visible mode and invisible mode;
  
  an Integrated Drive Electronics (IDE) controller to initiate the handshake connection between the IDE controller and the disk controller upon receipt of the first token, the handshake connection including alteration of an electrical signal between the IDE controller and the disk controller.
- View Dependent Claims (20, 21, 22, 23, 24, 25)
- - 20. The system of claim 19 further comprising:
    - a requesting software task to request access to the secure-private partition.
  - 21. The system of claim 20 wherein an operating system is to launch the requesting software task.
  - 22. The system of claim 19 wherein the IDE controller is to validate the first token before initiating the handshake connection.
  - 23. The system of claim 22 wherein the IDE controller is to validate the first token by passing the first token through an internal hash mechanism.
  - 24. The system of claim 19 wherein the system includes handshake logic to strobe address and data lines high and to pass a second token through the data lines with the address lines pulled low.
  - 25. The system of claim 22 wherein the secure-private partition is to remain in invisible mode if the first token is invalid.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Round Rock Research LLC
Original Assignee
Intel Corporation
Inventors
Silvester, Kelan C.
Primary Examiner(s)
Moazzami, Nasser
Assistant Examiner(s)
HOFFMAN, BRANDON S

Application Number

US09/608,117
Time in Patent Office

2,370 Days
Field of Search

713/166, 711/152, 711/163
US Class Current

713/185
CPC Class Codes

G06F 21/80 in storage media based on m...

Method and apparatus for providing a secure-private partition on a hard disk drive of a computer system via IDE controller

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for providing a secure-private partition on a hard disk drive of a computer system via IDE controller

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links