Trusted storage

Trusted storage

In one embodiment, a method for authenticating access to encrypted content on a storage medium, wherein the encrypted content is encrypted according to a full disk encryption (FDE) key, the storage medium including an encrypted version of the FDE key and an encrypted version of a protected storage a...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: LEE LANE W, HINES RANDAL, GURKOWSKI MARK J
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title
container_volume
creator LEE LANE W
HINES RANDAL
GURKOWSKI MARK J
description In one embodiment, a method for authenticating access to encrypted content on a storage medium, wherein the encrypted content is encrypted according to a full disk encryption (FDE) key, the storage medium including an encrypted version of the FDE key and an encrypted version of a protected storage area (PSA) key, and wherein the encrypted version of the FDE key is encrypted according to the PSA key, the method comprising: providing an authenticated communication channel between a host and a storage engine associated with the storage medium; at the storage engine, receiving a pass code from the host over the authenticated communication channel; hashing the pass code to form a derived key, wherein the encrypted version of the PSA key is encrypted according to the derived key; verifying an authenticity of the pass code; if the pass code is authentic, decrypting the encrypted version of the PSA key to recover the PSA key; decrypting the encrypted FDE key using the recovered PSA key to recover the FDE key; and decrypting the encrypted content using the FDE key.
format Patent
fullrecord <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US8307217B2</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US8307217B2</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US8307217B23</originalsourceid><addsrcrecordid>eNrjZOAPKSotLklNUSguyS9KTE_lYWBNS8wpTuWF0twMCm6uIc4euqkF-fGpxQWJyal5qSXxocEWxgbmRobmTkbGRCgBAFicHsA</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Trusted storage</title><source>esp@cenet</source><creator>LEE LANE W ; HINES RANDAL ; GURKOWSKI MARK J</creator><creatorcontrib>LEE LANE W ; HINES RANDAL ; GURKOWSKI MARK J</creatorcontrib><description>In one embodiment, a method for authenticating access to encrypted content on a storage medium, wherein the encrypted content is encrypted according to a full disk encryption (FDE) key, the storage medium including an encrypted version of the FDE key and an encrypted version of a protected storage area (PSA) key, and wherein the encrypted version of the FDE key is encrypted according to the PSA key, the method comprising: providing an authenticated communication channel between a host and a storage engine associated with the storage medium; at the storage engine, receiving a pass code from the host over the authenticated communication channel; hashing the pass code to form a derived key, wherein the encrypted version of the PSA key is encrypted according to the derived key; verifying an authenticity of the pass code; if the pass code is authentic, decrypting the encrypted version of the PSA key to recover the PSA key; decrypting the encrypted FDE key using the recovered PSA key to recover the FDE key; and decrypting the encrypted content using the FDE key.</description><language>eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRIC DIGITAL DATA PROCESSING ; ELECTRICITY ; PHYSICS ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2012</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20121106&amp;DB=EPODOC&amp;CC=US&amp;NR=8307217B2$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,778,883,25551,76302</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20121106&amp;DB=EPODOC&amp;CC=US&amp;NR=8307217B2$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>LEE LANE W</creatorcontrib><creatorcontrib>HINES RANDAL</creatorcontrib><creatorcontrib>GURKOWSKI MARK J</creatorcontrib><title>Trusted storage</title><description>In one embodiment, a method for authenticating access to encrypted content on a storage medium, wherein the encrypted content is encrypted according to a full disk encryption (FDE) key, the storage medium including an encrypted version of the FDE key and an encrypted version of a protected storage area (PSA) key, and wherein the encrypted version of the FDE key is encrypted according to the PSA key, the method comprising: providing an authenticated communication channel between a host and a storage engine associated with the storage medium; at the storage engine, receiving a pass code from the host over the authenticated communication channel; hashing the pass code to form a derived key, wherein the encrypted version of the PSA key is encrypted according to the derived key; verifying an authenticity of the pass code; if the pass code is authentic, decrypting the encrypted version of the PSA key to recover the PSA key; decrypting the encrypted FDE key using the recovered PSA key to recover the FDE key; and decrypting the encrypted content using the FDE key.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>ELECTRICITY</subject><subject>PHYSICS</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2012</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZOAPKSotLklNUSguyS9KTE_lYWBNS8wpTuWF0twMCm6uIc4euqkF-fGpxQWJyal5qSXxocEWxgbmRobmTkbGRCgBAFicHsA</recordid><startdate>20121106</startdate><enddate>20121106</enddate><creator>LEE LANE W</creator><creator>HINES RANDAL</creator><creator>GURKOWSKI MARK J</creator><scope>EVB</scope></search><sort><creationdate>20121106</creationdate><title>Trusted storage</title><author>LEE LANE W ; HINES RANDAL ; GURKOWSKI MARK J</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US8307217B23</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2012</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>ELECTRICITY</topic><topic>PHYSICS</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>LEE LANE W</creatorcontrib><creatorcontrib>HINES RANDAL</creatorcontrib><creatorcontrib>GURKOWSKI MARK J</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>LEE LANE W</au><au>HINES RANDAL</au><au>GURKOWSKI MARK J</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Trusted storage</title><date>2012-11-06</date><risdate>2012</risdate><abstract>In one embodiment, a method for authenticating access to encrypted content on a storage medium, wherein the encrypted content is encrypted according to a full disk encryption (FDE) key, the storage medium including an encrypted version of the FDE key and an encrypted version of a protected storage area (PSA) key, and wherein the encrypted version of the FDE key is encrypted according to the PSA key, the method comprising: providing an authenticated communication channel between a host and a storage engine associated with the storage medium; at the storage engine, receiving a pass code from the host over the authenticated communication channel; hashing the pass code to form a derived key, wherein the encrypted version of the PSA key is encrypted according to the derived key; verifying an authenticity of the pass code; if the pass code is authentic, decrypting the encrypted version of the PSA key to recover the PSA key; decrypting the encrypted FDE key using the recovered PSA key to recover the FDE key; and decrypting the encrypted content using the FDE key.</abstract><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier
ispartof
issn
language eng
recordid cdi_epo_espacenet_US8307217B2
source esp@cenet
subjects CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
title Trusted storage
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-15T14%3A38%3A53IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=LEE%20LANE%20W&rft.date=2012-11-06&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS8307217B2%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true