Self-encrypting module with embedded wireless user authentication
First Claim
1. A system comprising:
- one or more computer processors;
a data channel connected to the one or more computer processors; and
a self-encrypting device connected to the data channel, the self-encrypting device comprising;
an authentication subsystem comprising an authentication controller;
an encryption engine;
a storage media that stores encrypted data that is encrypted with an encryption key provided by the authentication subsystem;
a radio frequency (RF) transceiver for communications outside the data channel; and
a data interface of an interface controller coupled with the data channel, the data interface being locked from sending and receiving data until the self-encrypting device is unlocked by the authentication subsystem with user-authentication information received via the RF transceiver.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and computer programs are presented for a self-encrypting device (SED) incorporated into a host system. In one example, the host system includes a memory, a processor, a data channel in communication with the memory and the processor, and the SED. The SED comprises an authentication subsystem, a storage subsystem that stores encrypted data that is encrypted with an encryption key provided by the authentication subsystem, a radio frequency (RF) transceiver, and a data interface in electrical contact with the data channel. The data interface is locked from sending and receiving data until the SED is unlocked by the authentication subsystem with user-authentication information received via the RF transceiver.
257 Citations
20 Claims
-
1. A system comprising:
-
one or more computer processors; a data channel connected to the one or more computer processors; and a self-encrypting device connected to the data channel, the self-encrypting device comprising; an authentication subsystem comprising an authentication controller; an encryption engine; a storage media that stores encrypted data that is encrypted with an encryption key provided by the authentication subsystem; a radio frequency (RF) transceiver for communications outside the data channel; and a data interface of an interface controller coupled with the data channel, the data interface being locked from sending and receiving data until the self-encrypting device is unlocked by the authentication subsystem with user-authentication information received via the RF transceiver. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method comprising:
-
providing a self-encrypting device in a host computer system, the host computer system further having one or more processors and a data channel connected to the one or more processors and connected to the self-encrypting device; establishing a communication channel between a data interface of the self-encrypting device and the data channel, the communication channel being locked until the self-encrypting device is authenticated; receiving, via a radio frequency (RF) transceiver of the self-encrypting device for communications outside the data channel, user-authentication information; unlocking, by an authentication subsystem of the self-encrypting device, the communication channel based on the user-authentication information; encrypting data, received by the self-encrypting device through the data interface, with an encryption key provided by the authentication subsystem of the self-encrypting device; and storing the encrypted data in a storage subsystem of the self-encrypting device. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A non-transitory machine-readable storage medium including instructions that, when executed by a machine, cause the machine to perform operations comprising:
-
providing a self-encrypting device in a host computer system, the host computer system further having one or more processors and a data channel connected to the one or more processors and connected to the self-encrypting device; establishing a communication channel between a data interface of the self-encrypting device and the data channel, the communication channel being locked until the self-encrypting device is authenticated; receiving, via a radio frequency (RF) transceiver of the self-encrypting device for communications outside the data channel, user-authentication information; unlocking, by an authentication subsystem of the self-encrypting device, the communication channel based on the user-authentication information; encrypting data, received by the self-encrypting device through the data interface, with an encryption key provided by the authentication subsystem of the self-encrypting device; and storing the encrypted data in a storage subsystem of the self-encrypting device. - View Dependent Claims (18, 19, 20)
-
Specification