Multi-dimensional cryptographically secured datastores for managing medical records
US-2020160947-A1 · May 21, 2020 · US
Root of trust assisted access control of secure encrypted drives
US2020310662A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2020310662-A1 |
| Application number | US-202016832216-A |
| Country | US |
| Kind code | A1 |
| Filing date | Mar 27, 2020 |
| Priority date | Apr 1, 2019 |
| Publication date | Oct 1, 2020 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A system for data protection includes a computing device comprising a processor, a Hardware Root of Trust (HRoT) module and a storage device. The HRoT device is configured to: validate integrity of the computing device; authenticate the computing device to communicate with the storage device; and take over control of storage device access and behaviour whenever suspicious or unauthorized data access from local or remote computing devices is detected. The HRoT device is further configured to, in response to detecting a security risk to at least one of the computing device and the storage device, block communication of the storage device.
First claim
Opening claim text (preview).
What is claimed is: 1 . A system for data protection, the system comprising: a computing device comprising a processor, a Hardware Root of Trust (HRoT) device and a storage device, wherein the HRoT device is configured to: validate integrity of the computing device; authenticate the computing device to communicate with the storage device; and take over control of the storage device in response to detecting a security risk to at least one of the computing device and the storage device. 2 . The system of claim 1 , wherein the HRoT device validates integrity of the computing device by validating one or more of a firmware of the computing device, a firmware of operating system running on the computing device, and a kernel space of the operating system. 3 . The system of claim 1 , wherein the computing device further comprises Software Root of Trust (RoT) instance running on the processor. 4 . The system of claim 1 , wherein the HRoT device provides a Trusted Execution Environment (TEE). 5 . The system of claim 4 , wherein the HRoT device loads and executes a security monitoring application in the TEE. 6 . The system of claim 1 , wherein the HRoT device, in response to detecting a security risk to at least one of the computing device and the storage device, blocks communication of the storage device. 7 . The system of claim 3 , wherein the RoT sends an alert signal to the HRoT device in response to detecting a security attack to at least one of the computing device and the storage device. 8 . The system of claim 1 , wherein the storage device comprises a Secure Encrypted Drive (SED). 9 . The system of claim 1 , wherein the HRoT device controls data hosted on a cloud-based storage service, NAS, and/or SAN storage. 10 . The system of claim 1 , wherein the security risk comprises a suspicious or unauthorized data access from a remote device or from inside of the computing device. 11 . A method of protecting data, comprising: employing a computing device comprising a processor, a Hardware Root of Trust (HRoT) device and a storage device, wherein the HRoT device performs the steps of: validating integrity of the computing device; authenticating the computing device to communicate with the storage device; and taking over control of the storage device in response to detecting a security risk to at least one of the computing device and the storage device. 12 . The method of claim 11 , wherein the HRoT device validates integrity of the computing device by validating one or more of a firmware of the computing device, a firmware of operating system running on the computing device, and a kernel space of the operating system. 13 . The method of claim 11 , wherein the computing device further comprises Software Root of Trust (RoT) instance running on the processor. 14 . The method of claim 11 , wherein the HRoT device provides a Trusted Execution Environment (TEE). 15 . The method of claim 14 , wherein the HRoT device loads and executes a security monitoring application in the TEE. 16 . The method of claim 11 , wherein the HRoT device, in response to detecting a security risk to at least one of the computing device and the storage device, blocks communication of the storage device. 17 . The method of claim 13 , wherein the RoT sends an alert signal to the HRoT device in response to detecting a security attack to at least one of the computing device and the storage device. 18 . The method of claim 11 , wherein the HRoT device controls data hosted on a cloud-based storage service, NAS, and/or SAN storage. 19 . The method of claim 11 , wherein the security risk comprises a suspicious or unauthorized data access from a remote device or from inside of the computing device. 20 . A system for data protection, the system comprising: a computing means for validating integrity of a computing device, authenticating the computing device to communicate with the storage device; and taking over control of the storage device in response to detecting a security risk to at least one of the computing device and the storage device.
Assignees
Inventors
Classifications
- G06F3/0622Primary
in relation to access · CPC title
Permissions · CPC title
Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities · CPC title
Program or device authentication · CPC title
to assure secure storage of data (address-based protection against unauthorised use of memory G06F12/14; record carriers for use with machines and with at least a part designed to carry digital markings G06K19/00) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2020310662A1 cover?
- A system for data protection includes a computing device comprising a processor, a Hardware Root of Trust (HRoT) module and a storage device. The HRoT device is configured to: validate integrity of the computing device; authenticate the computing device to communicate with the storage device; and take over control of storage device access and behaviour whenever suspicious or unauthorized data a…
- Who is the assignee on this patent?
- Raytheon Co
- What technology area does this patent fall under?
- Primary CPC classification G06F3/0622. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Oct 01 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).