Apparatus and method for securing data on a portable storage device

US 7,941,674 B2
Filed: 12/29/2008
Issued: 05/10/2011
Est. Priority Date: 11/27/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A portable storage device comprising:

an interface to a host device; and

a storage medium including a first storage area associated with a first range of logical addresses and a second storage area associated with a second range of logical addresses, wherein the first storage area and the second storage area each comprise a respective sector 0, and wherein the first storage area comprises a clear user area and the second storage area comprises a secure storage area;

wherein the portable storage device is operative to;

offset a logical address received from the host device by an offset parameter to produce an offset logical address if the portable storage device is operating in a first mode of operation, wherein the logical address is outside of the second range of logical addresses and wherein the offset logical address is in the second range of logical addresses;

offset the logical address received from the host device by a second offset parameter if the portable storage device is operating in a second mode of operation, wherein the logical address offset by the second offset parameter is in the first range of logical addresses; and

transform the offset logical address to a physical address.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A portable storage device including a microprocessor and a secure user data area, the microprocessor operable to perform on-the-fly encryption/decryption of secure data stored on the storage device under a user password, the microprocessor also operable to exclude access to the secure user data area unless the user password is provided.

70 Citations

View as Search Results

20 Claims

1. A portable storage device comprising:
- an interface to a host device; and
  
  a storage medium including a first storage area associated with a first range of logical addresses and a second storage area associated with a second range of logical addresses, wherein the first storage area and the second storage area each comprise a respective sector 0, and wherein the first storage area comprises a clear user area and the second storage area comprises a secure storage area;
  
  wherein the portable storage device is operative to;
  
  offset a logical address received from the host device by an offset parameter to produce an offset logical address if the portable storage device is operating in a first mode of operation, wherein the logical address is outside of the second range of logical addresses and wherein the offset logical address is in the second range of logical addresses;
  
  offset the logical address received from the host device by a second offset parameter if the portable storage device is operating in a second mode of operation, wherein the logical address offset by the second offset parameter is in the first range of logical addresses; and
  
  transform the offset logical address to a physical address.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The portable storage device of claim 1, wherein the portable storage device is in the first mode of operation only after receiving a valid user password.
  - 3. The portable storage device of claim 1, wherein the second offset parameter is 0.
  - 4. The portable storage device of claim 1, wherein the portable storage device is in the first mode of operation if the portable storage device receives a valid user password and is in the second mode of operation if the portable storage device does not receive a valid user password.
  - 5. The portable storage device of claim 1, wherein the first storage area and second storage area comprise different attributes.
  - 6. The portable storage device of claim 5, wherein the portable storage device is operative to perform on-the-fly encryption/decryption to data transferred between the host device and the second storage area but not to data transferred between the host device and the first storage area.
  - 7. The portable storage device of claim 1, wherein the first storage area and the second storage area each comprise a respective file allocation table.
  - 8. The portable storage device of claim 1, wherein the first storage area and the second storage area each comprise a respective root directory.
  - 9. The portable storage device of claim 1, wherein the offset represents a difference between a total user memory area in the storage medium and a user-specified allocation for the second storage area.
  - 10. The portable storage device of claim 1, wherein the portable storage device is further operative to prompt the host device to remount the portable storage device to the host device before offsetting the logical address by the offset parameter.

11. A method for offsetting a logical address by an offset parameter, the method comprising:
- performing by a portable storage device comprising a storage medium including a first storage area associated with a first range of logical addresses and a second storage area associated with a second range of logical addresses, wherein the first storage area and the second storage area each comprise a respective sector 0, and wherein the first storage area comprises a clear user area and the second storage area comprises a secure storage area;
  
  offsetting a logical address received from a host device by an offset parameter to produce an offset logical address if the portable storage device is operating in a first mode of operation, wherein the logical address is outside of the second range of logical addresses and wherein the offset logical address is in the second range of logical addresses;
  
  offsetting the logical address received from the host device by a second offset parameter if the portable storage device is operating in a second mode of operation, wherein the logical address offset by the second offset parameter is in the first range of logical addresses; and
  
  transforming the offset logical address to a physical address.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The method of claim 11, wherein the portable storage device is in the first mode of operation only after receiving a valid user password.
  - 13. The method of claim 11, wherein the second offset parameter is 0.
  - 14. The method of claim 11, wherein the portable storage device is in the first mode of operation if the portable storage device receives a valid user password and is in the second mode of operation if the portable storage device does not receive a valid user password.
  - 15. The method of claim 11, wherein the first storage area and second storage area comprise different attributes.
  - 16. The method of claim 15 further comprising:
    - performing on-the-fly encryption/decryption to data transferred between the host device and the second storage area but not to data transferred between the host device and the first storage area.
  - 17. The method of claim 11, wherein the first storage area and the second storage area each comprise a respective file allocation table.
  - 18. The method of claim 11, wherein the first storage area and the second storage area each comprise a respective root directory.
  - 19. The method of claim 11, wherein the offset represents a difference between a total user memory area in the storage medium and a user-specified allocation for the second storage area.
  - 20. The method of claim 11 further comprisingremounting the portable storage device to the host device before offsetting the logical address by the offset parameter.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Western Digital Israel Limited (Western Digital Corporation)
Original Assignee
SanDisk IL Ltd. (Western Digital Corporation)
Inventors
Ziv, Aran, Bychkov, Eyal
Primary Examiner(s)
GERGISO, TECHANE

Application Number

US12/345,286
Publication Number

US 20090119502A1
Time in Patent Office

862 Days
Field of Search

713/189, 711/200
US Class Current

713/189
CPC Class Codes

G06F 12/1466   Key-lock mechanism

G06F 21/31   User authentication

G06F 21/602   Providing cryptographic fac...

G06F 21/72   in cryptographic circuits

G06F 21/78   to assure secure storage of...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2145   Inheriting rights or proper...

G06F 2221/2153   Using hardware token as a s...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/3226   using a predetermined code,...

Apparatus and method for securing data on a portable storage device

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

70 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Apparatus and method for securing data on a portable storage device

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

70 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others