Drive security session manager

US 7,493,656 B2
Filed: 06/02/2005
Issued: 02/17/2009
Est. Priority Date: 06/02/2005
Status: Active Grant

First Claim

Patent Images

1. A storage device comprising:

a storage medium partitioned into one or more security partitions;

a controller adapted to read and write data to and from the storage medium, the controller adapted to enable security sessions between one or more host systems and one or more security partitions; and

a session manager within the storage device adapted to monitor parameters associated with a plurality of security sessions, wherein the session manager is adapted to monitor security session activity for each security session after authentication of each security session.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A storage device has a storage medium, a controller, and a session manager. The storage medium is partitioned into one or more security partitions. The controller is adapted to read and write data to and from the storage medium and to enable security sessions over an interface between one or more host systems and one or more security partitions. The session manager within the storage device is adapted to monitor parameters associated with the one or more security sessions.

111 Citations

View as Search Results

20 Claims

1. A storage device comprising:
- a storage medium partitioned into one or more security partitions;
  
  a controller adapted to read and write data to and from the storage medium, the controller adapted to enable security sessions between one or more host systems and one or more security partitions; and
  
  a session manager within the storage device adapted to monitor parameters associated with a plurality of security sessions, wherein the session manager is adapted to monitor security session activity for each security session after authentication of each security session.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The storage device of claim 1, and further comprising an interface configured to receive a request from a host system, wherein the interface is an ATA or SCSI interface.
  - 3. The storage device of claim 1 wherein the session manager is adapted to terminate selected security sessions of the plurality of security sessions based on the monitored parameters.
  - 4. The storage device of claim 1 wherein the controller comprises:
    - a processor adapted to process commands and data; and
      
      firmware containing instructions for operation of the controller.
  - 5. The storage device of claim 4 wherein the session manager manages processing resources of the processor.
  - 6. The storage device of claim 1 wherein the session manager comprises a software application.
  - 7. The storage device of claim 1 wherein the monitored parameters comprise a session priority level, and wherein the session manager is adapted to terminate a selected security session for a security session having a higher priority level.
  - 8. The storage device of claim 1 wherein the monitored parameters comprise a session duration parameter and wherein the session manager is adapted to terminate a selected security session based on the session duration.

9. A method for managing security sessions on a storage device comprising:
- hosting one or more security sessions between a host system and one or more security partitions using a controller within the storage device, wherein hosting comprises receiving a request from the host system for creation of a security session, authenticating the host system, and creating a security session between the requesting entity and a security partition of the storage device;
  
  monitoring the one or more security sessions for a termination condition using a session manager within the storage device; and
  
  terminating selected security sessions of the one or more security sessions with the session manager based on the termination condition.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The method of claim 9 wherein the step of managing comprises:
    - receiving input associated with security sessions;
      
      directing the received input to an associated security session; and
      
      monitoring security session activity for the termination condition.
  - 11. The method of claim 9 wherein the termination condition comprises a session duration that exceeds a predetermined limit.
  - 12. The method of claim 9 wherein the step of managing further comprises:
    - retrieving session token information associated with the security session; and
      
      testing the session token information before processing security session information received over the peripheral interface.
  - 13. The method of claim 9 wherein the termination condition comprises an unauthorized user.
  - 14. The method of claim 9 wherein the step of terminating further comprising:
    - flushing information associated with the security session from an input buffer if the termination condition is detected during monitoring.
  - 15. The method of claim 9 and further comprising:
    - logging information related to termination of the security session.

16. A system for managing security sessions on a storage device comprising:
- a storage medium partitioned into one or more security partitions;
  
  a controller adapted to establish an active security session with one or more security partitions; and
  
  a session manager within the storage device adapted to manage the active security session with the one or more security partitions, wherein the session manager is adapted to terminate the active security session upon detection of a termination condition associated with the active security session.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The system of claim 16 wherein the termination condition comprises excessive session time or no available security sessions.
  - 18. The system of claim 16 wherein the termination condition comprises a non-recoverable error condition after a number of retry attempts.
  - 19. The system of claim 16 and further comprising:
    - a set of commands stored on the storage device, the set of commands accessible to the session manager for managing, monitoring and terminating security sessions.
  - 20. The system of claim 16 wherein the session manager is configured to monitor security session activity associated with the active security session after authentication of the active security session.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Seagate Technology LLC (Seagate Technology Holdings Plc)
Original Assignee
Seagate Technology LLC (Seagate Technology Holdings Plc)
Inventors
Scwartzkopf, Thomas, Thibadeau, Robert, Goodwill, William, Nestor, John
Primary Examiner(s)
Parthasarathy; Pramila

Application Number

US11/142,978
Publication Number

US 20060277600A1
Time in Patent Office

1,356 Days
Field of Search

None
US Class Current

726/9
CPC Class Codes

G06F 21/80 in storage media based on m...

Drive security session manager

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

111 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Drive security session manager

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

111 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links