Mechanism to manage access to user data area with bridged direct-attached storage devices
First Claim
1. A method of accessing a storage device by a host device, wherein the storage device comprises at least one disk drive, and wherein the at least one disk drive comprises a user data area and a reserved area, said method comprising:
- receiving a request for access to the user data area of the at least one disk drive, the user data area being encrypted;
mapping, through a translation module of the storage device, a logical device to the reserved area of the at least one disk drive, the logical device emulating another storage device;
routing the request to the logical device;
providing, to the host device, executable program code for receiving authentication information for access to the user data area, the executable program code stored on the reserved area, accessible by the host device through the logical device and executable by the host device; and
allowing access to the user data area based on the authentication information.
7 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a bridged, direct-attached storage device that can be secured and work with any host system. In one embodiment, the storage device is configured with a secured user area and an unlocking mechanism for access to the secured user area. The storage device may comprise a translation module having a bridge that presents multiple logical units to a host. In addition, the storage device may comprise a controller having its own encryption engine to encrypt the entire user area of the storage media. In one embodiment, the storage device presents the unlocking mechanism via a second logical device as a read-only device, such as a CD/DVD-ROM, or virtual CD device. The secondary logical device comprises executable code, which allows the user, for example, to enter, change, or remove the password and unlock the user area.
102 Citations
20 Claims
-
1. A method of accessing a storage device by a host device, wherein the storage device comprises at least one disk drive, and wherein the at least one disk drive comprises a user data area and a reserved area, said method comprising:
-
receiving a request for access to the user data area of the at least one disk drive, the user data area being encrypted; mapping, through a translation module of the storage device, a logical device to the reserved area of the at least one disk drive, the logical device emulating another storage device; routing the request to the logical device; providing, to the host device, executable program code for receiving authentication information for access to the user data area, the executable program code stored on the reserved area, accessible by the host device through the logical device and executable by the host device; and allowing access to the user data area based on the authentication information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A storage device configured to provide access by a host device to at least a secured portion of the storage device, said storage device comprising:
-
an interface configured for communications with a host device; at least one storage medium comprising a reserved area and a user data area the user data area being encrypted; a bridge circuit, coupled to the interface, configured to present the reserved area as a first logical unit and the user data area as a second logical unit; and a controller, coupled to the bridge circuit, configured to process requests from the bridge circuit and provide access to the at least one storage medium, the controller comprising a translation module configured to map the first logical unit to the reserved area and provide program code from the reserved area to the host device for receiving authentication information and access the user data area via the second logical unit based on the authentication information, the program code executable by the host device. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method of recovering access to a storage device by a host device, wherein the storage device comprises at least one disk drive, and wherein the at least one disk drive comprises a user data area and a reserved area, said method comprising:
-
receiving a request for access to the user data area of the at least one disk drive, the user data area being encrypted; determining when an authentication attempt by a host device has failed for access to the user data area of the at least one disk drive; receiving a request for access to the reserved area of the at least one disk drive; presenting, through a translation module of the storage device, the reserved area of the at least one disk drive as a logical device that is independent of the user data area; and providing, from the reserved area to the host device, executable program code for recovering access to the user data area, the executable program code executable by the host device.
-
Specification