Secure direct platter access

US 8,103,844 B2
Filed: 02/01/2008
Issued: 01/24/2012
Est. Priority Date: 02/01/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

defining a protected area in addition to a user area for data storage in a data storage device;

defining a secured sub-area within the protected areareceiving a request to execute a command associated with a logical block address (LBA) between a minimum LBA and a maximum LBA of the secured sub-area;

accessing the secured sub-area while executing the command; and

buffering data in the secured sub-area when the command is to read or write data to the user area.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Bulk data transfers by directly accessing a persistent and secured area on the data storage device, e.g., a disk drive having a magnetic storage medium, without relying on the system operating system to execute its read/write operations. For a disk drive, the Protected Area Run Time Interface Extension (PARTIES) technology is applied to create and organize a secured sub-area within a secured storage area. The secured sub-area is a data buffer to and from which large data file transfers can be made with data authenticity and confidentiality. Since this new secured sub-area is not organized and protected by the operating system, it is inherently protected from attack by viruses or Trojan horse software whose effectiveness depends on their ability to maliciously direct the operating system. In addition, the read/write operations bypass command payload limits while reducing data and command validation costs.

51 Citations

View as Search Results

19 Claims

1. A method comprising:
- defining a protected area in addition to a user area for data storage in a data storage device;
  
  defining a secured sub-area within the protected areareceiving a request to execute a command associated with a logical block address (LBA) between a minimum LBA and a maximum LBA of the secured sub-area;
  
  accessing the secured sub-area while executing the command; and
  
  buffering data in the secured sub-area when the command is to read or write data to the user area.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the protected area is not user accessible under operation of an operating system of a host device to which the data storage device is associated.
  - 3. The method of claim 1, wherein the data storage device comprises a disk drive having a magnetic storage medium, and wherein the protected area is at least one of a Hidden System Area and PARTIES Area on the magnetic storage medium.
  - 4. The method of claim 1, wherein the data storage device comprises a disk drive having a magnetic storage medium, and wherein the protected area comprises a Host Protected Area on the magnetic storage medium which is accessible by software or firmware.
  - 5. The method of claim 1, wherein the data storage device comprises a disk drive having a magnetic storage medium in which the protected area is located, and wherein the secured sub-area is defined by a range of LBA values within the protected area, and the secured sub-area is accessed by addressing using LBA values.
  - 6. The method of claim 5, wherein the buffering step comprises accessing data in the protected area using LBA.
  - 7. The method of claim 1, further comprising, while buffering data in the secured sub-area, performing a data authentication operation.
  - 8. The method as in claim 1, wherein at least one of accessing of the secured sub-area data buffering in the secured sub-area is under control by a controller provided within the data storage device.
  - 9. The method as in claim 1, wherein at least one of accessing of the secured sub-area and data buffering in the secured sub-area is under control by software or firmware external to the data storage device.

10. A method comprising:
- receiving a request that references a secured sub-portion of a protected area in a data storage device that is separate from a user data storage area of the data storage device;
  
  buffering a command in the secured sub-portion when the command is to read or write data to the user data storage area;
  
  in response to the request, accessing the secured sub-portion of the protected area to retrieve a command stored in the secured sub-portion of the protected area; and
  
  executing the command.

11. A device, comprising:
- a data storage medium, wherein a protected area in addition to a user area are defined for data storage;
  
  a secured sub-area is defined within the protected area for buffering data in the secured sub-area when a command is to read or write to the user area;
  
  a controller adapted to;
  
  receive a request from a host system to execute a command, the request comprising at least one logical block address (LBA), andexecuting the command when the at least one LBA is within the secured sub-area of the protected area.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The device of claim 11, wherein the protected area is not user accessible under operation of an operating system of a host device to which the data storage medium is associated.
  - 13. The device of claim 11, wherein the device comprises a disk drive having a magnetic storage medium, and wherein the protected area is at least one of a Hidden System Area and PARTIES Area on the magnetic storage medium.
  - 14. The device of claim 11, wherein the device comprises a disk drive having a magnetic storage medium, and wherein the protected area comprises a Host Protected Area on the magnetic storage medium which is accessible by software or firmware.
  - 15. A data processing system, comprising:
    - a data storage device comprising the device of claim 11; and
      
      a host system operatively coupled to the data storage device, said host system comprising a processor and an operating system, wherein the processor is adapted to transfer data to and from the data storage device for read and write operations.
  - 16. The system as in claim 15, wherein the protected area is not user accessible under operation of the operating system of the host system.
  - 17. The device of claim 11 wherein the secured sub-area is set aside to facilitate temporary data buffering between the host system and the user area of the data storage medium.
  - 18. The device of claim 17, wherein the secured sub-area comprises a portion of the protected area set aside to facilitate bulk data transfer, wherein data and commands are buffered in the secured sub-area for data read and write operations to the user area.
  - 19. The device of claim 18, wherein the device comprises a disk drive having a magnetic storage medium on which the protected area is located, and wherein the secured sub-area is defined by a range of LBA values within the protected area, and the secured sub-area is accessed by addressing using LBA values.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Seagate Technology LLC (Seagate Technology Holdings Plc)
Original Assignee
Seagate Technology LLC (Seagate Technology Holdings Plc)
Inventors
Beaver, Donald Rozinak
Primary Examiner(s)
Bataille, Pierre-Michel
Assistant Examiner(s)
Fishburn, John P

Application Number

US12/012,261
Publication Number

US 20090198932A1
Time in Patent Office

1,453 Days
Field of Search

None
US Class Current

711/163
CPC Class Codes

G06F 21/79 in semiconductor storage me...

Secure direct platter access

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

51 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Secure direct platter access

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

51 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links