Scanner
US-2016134778-A1 · May 12, 2016 · US
In situ device authentication and diagnostic repair in a host environment
US9729534B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9729534-B2 |
| Application number | US-201514632243-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 26, 2015 |
| Priority date | Feb 26, 2015 |
| Publication date | Aug 8, 2017 |
| Grant date | Aug 8, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Apparatus and method for in situ authentication and diagnostic repair of a data storage device in a multi-device user environment. In accordance with some embodiments, the method includes detecting an error condition associated with a selected data storage device in the multi-device user environment. A first level of user authentication is established by providing a challenge value generated by the selected data storage device to a remote device over a network associated with the selected data storage device. A first diagnostic tool stored on the selected data storage device is executed responsive to receipt of the first level of user authentication. A second level of user authentication is established by providing a second challenge value generated by the selected data storage device to the remote device. An output from the first diagnostic tool is used to execute a second diagnostic tool stored on the selected data storage device.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer-implemented method comprising: detecting an error condition associated with a selected data storage device in a multi-device user environment comprising a plurality of data storage devices coupled to form a combined memory space; replicating, in a memory of an available replacement data storage device in the multi-device user environment, a data content stored in a memory of the selected data storage device; establishing a first level of user authentication by providing a first challenge value generated by the selected data storage device to a remote device over a network associated with the selected data storage device; executing a first diagnostic tool stored on the selected data storage device responsive to receipt of the first level of user authentication; establishing a second level of user authentication using an output from the first diagnostic tool and a second challenge value generated by the selected data storage device; and executing a second diagnostic tool stored on the selected data storage device responsive to the second level of user authentication, the establishment of the first and second levels of user authentication and the execution of the first and second diagnostic tools carried out while the selected data storage device remains operably and physically connected in the multi-device user environment. 2. The method of claim 1 , wherein the first level of user authentication is further established by requesting the first challenge value from the selected data storage device, forwarding the first challenge value to a remote device which encrypts the first challenge value to generate a first encrypted challenge value, transmitting the first encrypted challenge value to the selected data storage device, applying a cryptographic operation at the selected data storage device to generate a second encrypted challenge value, and comparing the transmitted first encrypted challenge value to the second encrypted challenge value. 3. The method of claim 1 , wherein the step of establishing a first level of user authentication further comprises: combining a plurality of identification (ID) values associated with the selected data storage device to form a combined ID value; encrypting the combined ID value using a secret symmetric encryption key and a selected encryption algorithm to generate a unique device credential for the selected data storage device; and using the unique device credential as an input to a selected cryptographic function to control access to the first diagnostic tool. 4. The method of claim 3 , wherein the plurality of unique ID values include at least a selected one of a model number, a serial number, a data capacity, a component serial number or a performance parameter of the selected data storage device. 5. The method of claim 1 , wherein at least a selected one of the first or second challenge value is a multi-bit random sequence generated by the selected data storage device. 6. The method of claim 5 , wherein at least a selected one of the first or second challenge value is encrypted by the selected data storage device. 7. The method of claim 1 , wherein first and second diagnostic tools each comprise at least a selected one of a diagnostic routine, specially configured data stored on the selected data storage device, device firmware, control information, or security information associated with the selected data storage device. 8. The method of claim 1 , wherein a host device connected to the selected data storage device obtains a plurality of ID values from the selected data storage device and communicates the same to a remote server over a network along with the first or second challenge value, in which the remote server returns a verification value to the host device and the host device forwards the verification value to the selected data storage device. 9. The method of claim 1 , wherein the selected data storage device is characterized as a hard disc drive (HDD) having a rotatable data recording medium and a moveable data read/write transducer. 10. The method of claim 1 , wherein the selected data storage device is characterized as a solid state drive (SSD) with a solid-state semiconductor memory array. 11. The method of claim 1 , further comprising collecting metric data from the multi-device user environment associated with the selected data storage device and transmitting the metric data to a remote server over a network. 12. An apparatus comprising: a multi-device data storage array comprising a plurality of data storage devices which cooperate to form a combined memory space; and a host device that directs data transfers with the multi-device data storage array, the host device comprising a controller circuit with associated programming in memory adapted to detect an error condition associated with a selected data storage device in the multi-device data storage array, establish a first level of user authentication by providing a first challenge value generated by the data storage device to a remote device over a network associated with the data storage device, execute a first diagnostic tool stored on the data storage device responsive to receipt of the first level of user authentication, and establish a second level of user authentication by providing a second challenge value generated by the storage device to the remote device and an output from the first diagnostic tool to execute a second diagnostic tool stored on the data storage device, the controller circuit further adapted to reconstruct and transfer a data content stored in a memory of the selected data storage device to a memory of an available replacement data storage device in the multi-device data storage array responsive to the detected error condition, the authentication and execution of the first and second diagnostic tools carried out while the selected data storage device remains operably and physically connected in the multi-device data storage array. 13. The apparatus of claim 12 , wherein at least a selected one of the first or second challenge value is a multi-bit random sequence generated by the selected data storage device. 14. The apparatus of claim 12 , wherein at least a selected one of the first or second challenge value is encrypted by the selected data storage device. 15. The apparatus of claim 12 , wherein first and second diagnostic tools each comprise at least a selected one of a diagnostic routine, specially configured data stored on the selected data storage device, device firmware, control information, or security information associated with the data storage device. 16. The apparatus of claim 12 , wherein a host device connected to the selected data storage device obtains a plurality of ID values from the data storage device and communicates the same to a remote server over a network along with the requested challenge value, in which the remote server returns a verification value to the host device and the host device forwards the verification value to the data storage device. 17. The apparatus of claim 12 , wherein the selected data storage device further operates to transmit metric data from the multi-device user environment associated with the selected data storage device to a remote server over a network. 18. A method comprising: transferring data between a host device and a multi-device data storage array comprising a plurality of data storage devices which cooperate to form a combined memory space so that at least one user data set from the host device is distributed across multiple ones of the
Assignees
Inventors
Classifications
for recovering from a failure of a protocol instance or entity, e.g. service redundancy protocols, protocol state redundancy or protocol service redirection (management of faults, events, alarms or notifications in data switching networks H04L41/06) · CPC title
Root cause analysis, i.e. error or fault diagnosis (in a hardware test environment G06F11/22; in a software test environment G06F11/36) · CPC title
based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint · CPC title
- H04L63/0428Primary
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
in a storage system, e.g. in a DASD or network based storage system (drivers for digital recording or reproducing units G06F3/06; circuits for error detection or correction within digital recording or reproducing units G11B20/18; for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS], H04L67/1097) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9729534B2 cover?
- Apparatus and method for in situ authentication and diagnostic repair of a data storage device in a multi-device user environment. In accordance with some embodiments, the method includes detecting an error condition associated with a selected data storage device in the multi-device user environment. A first level of user authentication is established by providing a challenge value generated by…
- Who is the assignee on this patent?
- Seagate Technology Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0428. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Aug 08 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).