Single command functionality for providing data security and preventing data access within a decommissioned information handling system

Single command functionality for providing data security and preventing data access within a decommissioned information handling system

A computer-implemented method comprises a service processor: establishing a kill switch encryption key (KSEK) to provide data security for data within storage devices of configurable components within a system; automatically encrypting, with the KSEK, data that is written to one of the storage devic...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: WEBB THEODORE, JABER MUHAMMED, HASS JON
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A computer-implemented method comprises a service processor: establishing a kill switch encryption key (KSEK) to provide data security for data within storage devices of configurable components within a system; automatically encrypting, with the KSEK, data that is written to one of the storage devices; configuring the configurable components to prevent access to the stored data unless a valid copy of the KSEK is received from the service processor along with the request for the data; automatically decrypting, with the KSEK, the KSEK-encrypted data that is read from storage device; and in response to receiving a verified request to decommission the system, performing the decommissioning by deleting/erasing the KSEK from a secure storage at which the only instance of the KSEK is maintained. Deletion of the KSEK results in a permanent loss of access to the stored encrypted data within the system because the stored encrypted data cannot be decrypted without the KSEK.