Cryptographic authentication to control access to storage devices
US-2024333511-A1 · Oct 3, 2024 · US
Removable storage device data protection
US9495562B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9495562-B2 |
| Application number | US-201113189837-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jul 25, 2011 |
| Priority date | Jul 25, 2011 |
| Publication date | Nov 15, 2016 |
| Grant date | Nov 15, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Devices, methods and products are described that provide removable storage device data protection. One aspect provides a method comprising: ascertaining a protected removable storage device connected to an information handling device, said protected removable storage device having a first partition for storing data according to a first file system type, and a second partition for storing user data according to a second file system type; and responsive to said information handling device recognizing said second file system type, querying for user credentials to decrypt a data encryption key used to encrypt said user data of said second partition. Other embodiments are described.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: ascertaining a protected removable storage device is connected to an information handling device, said protected removable storage device having a first partition for storing data according to a first file system type, and a second partition for storing user data according to a second, different, file system type; and responsive to said information handling device recognizing said second file system type, querying for user credentials to decrypt a data encryption key used to encrypt said user data of said second partition; wherein said information handling device recognizes said second file system type associated with said second partition but does not recognize said first file system type associated with said first partition; wherein said second partition contains a different, independent data set than said first partition; and wherein said first partition includes an unencrypted indication that provides notice to a second information handling device that recognizes the first file system type that the second partition contains data. 2. The method of claim 1 , wherein said indication comprises data formatted according to the first file system type which is displayed by a system using the first file system type to indicate that said protected removable storage device contains additional data in said second partition. 3. The method of claim 1 , further comprising generating a first encryption key from said user credentials. 4. The method of claim 3 , further comprising encrypting said data encryption key with said first encryption key. 5. The method of claim 1 , further comprising, responsive to decrypting said data encryption key, decrypting user data using said data encryption key. 6. The method of claim 5 , wherein said user data comprises one or more user files stored in an encrypted form on said second partition. 7. The method of claim 1 , wherein said user credentials include one or more of: device login credentials, remote login credentials, and biometric credentials. 8. The method of claim 1 , wherein said protected removable storage device is non-volatile memory connectable to one or more of: a tablet computer, a laptop computer, and a mobile phone. 9. The method of claim 1 , wherein said information handling device is selected from the group consisting of a tablet computer, a laptop computer, and a mobile phone. 10. An information handling device comprising: one or more processors; and a connection for a protected removable storage device; wherein, responsive to execution of computer program instructions accessible to the one or more processors, the one or more processors are configured to: ascertain a protected removable storage device is connected to said information handling device, said protected removable storage device having a first partition for storing data according to a first file system type, and a second partition for storing user data according to a second, different, file system type; and responsive to said information handling device recognizing said second file system type, query for user credentials to decrypt a data encryption key used to encrypt said user data of said second first partition; wherein said information handling device recognizes said second file system type associated with said second partition but does not recognize said first file system type associated with said first partition; wherein said second partition contains a different, independent data set than said first partition; and wherein said first partition includes an unencrypted indication that provides notice to a second information handling device that recognizes the first file system type that the second partition contains data. 11. The information handling device of claim 10 , wherein data of said first partition includes an indication that said protected removable storage device contains additional data. 12. The information handling device of claim 10 , wherein said one or more processors are further configured to generate a first encryption key from said user credentials. 13. The information handling device of claim 12 , wherein said one or more processors are further configured to encrypt said data encryption key with said first encryption key. 14. The information handling device of claim 10 , wherein said one or more processors are further configured to, responsive to decrypting said data encryption key, decrypt user data using said data encryption key. 15. The information handling device of claim 14 , wherein said user data comprises one or more user files stored in an encrypted form on said second partition. 16. The information handling device of claim 10 , wherein said user credentials include one or more of: device login credentials, remote login credentials, and biometric credentials. 17. The information handling device of claim 10 , wherein said protected removable storage device is non-volatile memory connectable to one or more of: a tablet computer, a laptop computer, and a mobile phone. 18. The information handling device of claim 10 , wherein said information handling device is selected from the group consisting of: a tablet computer, a laptop computer, and a mobile phone. 19. A program product comprising: a storage device having program code embodied therewith, the program code comprising: program code configured to ascertain a protected removable storage device is connected to said information handling device, said protected removable storage device having a first partition for storing data according to a first file system type, and a second partition for storing user data according to a second, different, file system type; and program code configured to, responsive to said information handling device recognizing said second file system type, query for user credentials to decrypt a data encryption key used to encrypt said user data of said second partition; wherein said information handling device recognizes said second file system type associated with said second partition but does not recognize said first file system type associated with said first partition; wherein said second partition contains a different, independent data set than said first partition; and wherein said first partition includes an unencrypted indication that provides notice to a second information handling device that recognizes the first file system type that the second partition contains data. 20. The program product according to claim 19 , further comprising program code configured to, responsive to decrypting said data encryption key, decrypt user data using said data encryption key.
Assignees
Inventors
Classifications
Dual mode as a secondary aspect · CPC title
Management of space entities, e.g. partitions, extents, pools · CPC title
Improving the reliability of storage systems · CPC title
- G06F21/78Primary
to assure secure storage of data (address-based protection against unauthorised use of memory G06F12/14; record carriers for use with machines and with at least a part designed to carry digital markings G06K19/00) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9495562B2 cover?
- Devices, methods and products are described that provide removable storage device data protection. One aspect provides a method comprising: ascertaining a protected removable storage device connected to an information handling device, said protected removable storage device having a first partition for storing data according to a first file system type, and a second partition for storing user d…
- Who is the assignee on this patent?
- Rivera David, Waltermann Rod D, Lenovo Singapore Pte Ltd
- What technology area does this patent fall under?
- Primary CPC classification G06F21/78. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Nov 15 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).