Apparatus and method for protecting data recording on a storage medium
First Claim
1. A system to protect data, comprising:
- a processor;
at least one data storage device;
a data protection controller, the data protection controller connectable to the processor for receiving read and write requests from the processor and for transmitting a result to the processor, and the data protection controller connectable to the at least one data storage device for controlling the use of the at least one data storage device; and
computer logic embodied in the data protection controller, the computer logic and data protection controller to;
divide a data space provided by the at least one data storage device into a protected data space, a virtual data space associated with the protected data space and an unprotected data space;
present, to the processor only the protected and unprotected data spaces, so that the processor is unaware of the virtual data space during one mode of operation;
accept read requests from the processor;
determine if the read request is for data that is either in the protected data space or the unprotected data space; and
if the read request is for data in the protected data space, processing the read request such that;
only if requested data is not yet in the virtual data space, reading said requested data from the protected data space and writing said requested data into the virtual data space for future use; and
if the requested data is in the virtual data space, reading the requested data from the virtual data space.
1 Assignment
0 Petitions
Accused Products
Abstract
A controller for protecting data on a data storage medium is disclosed. A single physical data storage device is divided into a protected data space, a virtual data space and an unprotected data space in an installation mode. Subsequently, the protected and unprotected data space are presented as two separate physical data storage devices and the existence of virtual data space is concealed. The two data storage devices are respectively represented as having capacity equal to that of the protected and unprotected data space only. A set of protected data (which may include software and data) is initially installed in the protected data space. During use, data transmitted to the controller for recording in the data storage space is recorded only in the virtual data space. Data may be read from either the protected data space or the virtual data space, depending on whether the virtual data space contains newer data. In one embodiment, the contents of the virtual data space are discarded at the beginning of each session of the computing system in which the controller is installed. In another embodiment, the virtual data space is discarded only when the controller is instructed to do so and the contents of the virtual data space may be made permanent by copying them to the protected data space. The protected data space and virtual data space may be located on different data storage devices. The controller may also receive read data and write data requests for an unprotected data space, which may be used to record data permanently, independent of the protected and virtual data spaces.
38 Citations
9 Claims
-
1. A system to protect data, comprising:
-
a processor; at least one data storage device; a data protection controller, the data protection controller connectable to the processor for receiving read and write requests from the processor and for transmitting a result to the processor, and the data protection controller connectable to the at least one data storage device for controlling the use of the at least one data storage device; and computer logic embodied in the data protection controller, the computer logic and data protection controller to; divide a data space provided by the at least one data storage device into a protected data space, a virtual data space associated with the protected data space and an unprotected data space; present, to the processor only the protected and unprotected data spaces, so that the processor is unaware of the virtual data space during one mode of operation; accept read requests from the processor; determine if the read request is for data that is either in the protected data space or the unprotected data space; and if the read request is for data in the protected data space, processing the read request such that; only if requested data is not yet in the virtual data space, reading said requested data from the protected data space and writing said requested data into the virtual data space for future use; and if the requested data is in the virtual data space, reading the requested data from the virtual data space. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification