System and method for delivering versatile security, digital rights management, and privacy services
First Claim
Patent Images
1. A method comprising:
- partitioning a storage media in a storage device into a hidden partition and a storage partition in the storage media;
writing a base class to the hidden partition;
instantiating a security provider base class from the base class, the security provider base class adapted to control access to the storage media;
instantiating a security provider (SP) administration object and a SP controller object from the security provider base class;
logging into the SP administration object;
initializing the SP controller object using the SP administration object; and
creating an access control record identifying an user authorized to access the SP controller object and access permissions associated with the authorized user.
5 Assignments
0 Petitions
Accused Products
Abstract
A method for providing enhanced security features in a storage device involves partitioning a storage media in the storage device into a hidden partition and a storage partition in the storage media. A base class is written to the hidden partition. A security provider base class is instantiated from the base class. The security provider base class is adapted to control access to the storage media.
126 Citations
22 Claims
-
1. A method comprising:
-
partitioning a storage media in a storage device into a hidden partition and a storage partition in the storage media; writing a base class to the hidden partition; instantiating a security provider base class from the base class, the security provider base class adapted to control access to the storage media; instantiating a security provider (SP) administration object and a SP controller object from the security provider base class; logging into the SP administration object; initializing the SP controller object using the SP administration object; and creating an access control record identifying an user authorized to access the SP controller object and access permissions associated with the authorized user. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method comprising:
-
partitioning a storage media in the storage device into a hidden partition and a storage partition in the storage media; writing a base class to the hidden partition; initializing more than one security provider base class from the base class, each security provider base class adapted to control access to a specific storage location on the storage media creating an access control record identifying a user authorized to access a security provider controller object; and creating access permissions within the access control record associated with the specific storage location on the storage media, the access permissions adapted to control access to the specific storage location.
-
-
7. A method comprising:
-
writing trusted drive firmware to a controller of a storage device; partitioning a storage media of the storage device into a hidden portion and a data portion; writing a security provider object template to the hidden partition; and instantiating security providers using the security provider object template, each security provider adapted to control access to the storage device; and prohibiting access by a host operating system to the storage device except through authenticated access to the trusted drive firmware of the controller. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A method comprising:
-
writing trusted drive firmware to a controller of a storage device; partitioning a storage media of the storage device into a hidden portion and a data portion; writing a security provider object template to the hidden partition; instantiating security providers using the security provider object template, each security provider adapted to control access to the storage device; receiving an access request from for access to data stored on the storage device; querying a requesting device for trust information; determining whether the requesting device can be trusted using the trusted drive firmware and an instantiation of the security provider object template; and permitting storage controller access to a specific storage location when the requesting device can be trusted.
-
-
13. A storage device comprising:
-
a storage media partitioned into a hidden portion and a data portion; a storage controller adapted to control access to the storage media; a trusted drive feature stored in a firmware of the storage controller, the trusted drive feature adapted to authenticate access requests to determine whether each access request can be trusted; a security provider base object stored in the hidden portion and adapted to cooperate with the trusted drive feature to control access rights to data on the storage media; and a security protected log adapted to track and log the activity of other security providers based on successes and failures to gain access to data controlled by the other security provider. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
-
Specification