Methods, systems, and apparatuses for managing a hard drive security system
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-021/00
G06F-021/60
G06F-021/57
G06F-009/4401
G06F-021/31
출원번호
US-0926939
(2015-10-29)
등록번호
US-10181042
(2019-01-15)
발명자
/ 주소
Bhansali, Apurva M.
Patel, Mehul R.
Dhanani, Kamal M.
Chauhan, Rajnish S.
Cheung, David
출원인 / 주소
Softex, Incorporated
대리인 / 주소
JL Salazar Law Firm
인용정보
피인용 횟수 :
0인용 특허 :
60
초록▼
A system for use with a computer is provided, the computer including a self-encrypting drive (SED), the SED including a nominal space and a pre-boot region, wherein the nominal space can be locked to prevent access to the nominal space. The system includes SED management software configured to be lo
A system for use with a computer is provided, the computer including a self-encrypting drive (SED), the SED including a nominal space and a pre-boot region, wherein the nominal space can be locked to prevent access to the nominal space. The system includes SED management software configured to be loaded in the pre-boot region of the SED. The SED management software includes a pre-boot operating system (OS) and an unlocking program. The unlocking program is configured (a) to execute within the pre-boot OS, and (b) upon successful authentication of a user, to unlock the nominal space of the SED. Other embodiments are described and claimed.
대표청구항▼
1. A system for use with an electronic device, the electronic device including a self-encrypting drive (SED), the SED including a nominal space and a pre-boot region, wherein the nominal space can be locked to prevent access to the nominal space, the system comprising: SED management software config
1. A system for use with an electronic device, the electronic device including a self-encrypting drive (SED), the SED including a nominal space and a pre-boot region, wherein the nominal space can be locked to prevent access to the nominal space, the system comprising: SED management software configured to be loaded in the pre-boot region of the SED, the SED management software comprising:a pre-boot operating system (OS); andat least one pre-boot functionality capable of operating when the nominal space is locked,wherein the SED management software further comprises an unlocking program configured (a) to execute within the pre-boot OS, and (b) upon successful authentication of the user, to unlock the nominal space, andwherein the SED management software is configured to temporarily grant write access to the pre-boot region, store the unlocking program in the pre-boot region, and revert the pre-boot region to read-only. 2. The system of claim 1, wherein the at least one pre-boot functionality comprises a pre-boot erase utility, operable to permit an administrator to erase a password or encryption key from the pre-boot region. 3. The system of claim 1, wherein the at least one pre-boot functionality comprises a pre-boot back-up utility, operable to back up the nominal space of the electronic device. 4. The system of claim 1, wherein the at least one pre-boot functionality comprises a pre-boot work utility, operable to permit a user to transfer files between the nominal space and the pre-boot region, wherein files transferred from the nominal space to the pre-boot region are accessible to the user when the nominal space is locked. 5. The system of claim 4, wherein the files are presentations, word processing documents and/or spreadsheets. 6. The system of claim 1, wherein the pre-boot functionality comprises a pre-boot graphical user interface (GUI) operable to permit interaction with a user during a pre-boot authentication process of the electronic device while the nominal space is locked. 7. The system of claim 6, wherein the pre-boot functionality comprises a pre-boot keyboard functionality operable to provide a virtual keyboard on the pre-boot GUI. 8. The system of claim 1, wherein the pre-boot functionality comprises a pre-boot browsing functionality, the pre-boot browsing functionality permitting a user to browse the Internet using a browser accessible from the pre-boot region. 9. The system of claim 1, wherein the pre-boot region further comprises at least one pre-boot entertainment library and the pre-boot functionality comprises a pre-boot entertainment functionality, the pre-boot entertainment functionality permitting a user to use entertainment programs and files. 10. The system of claim 1, wherein the at least one pre-boot functionality comprises a pre-boot communication utility, operable to permit a user to communicate with another via a communication network. 11. The system of claim 10, wherein the pre-boot communication functionality comprises e-mail or instant messaging. 12. The system of claim 11, wherein a PST file is copied from the nominal space to the pre-boot region. 13. The system of claim 10, wherein the pre-boot communication functionality comprises voice communications. 14. The system of claim 10, wherein the pre-boot communication functionality comprises video communications. 15. The system of claim 1, wherein the pre-boot OS may be programmed to power on only such hardware as is required by one or more particular pre-boot functionalities being used by a user. 16. The system of claim 1, wherein the at least one pre-boot functionality is capable of operating prior to successful authentication by a user. 17. The system of claim 1, further comprising: the electronic device including the SED, the SED including the nominal space and the pre-boot region, wherein the nominal space can be locked to prevent access to the nominal space, and wherein the SED management software is loaded in the pre-boot region. 18. The system of claim 17, further comprising a server operable to communicate with the electronic device, wherein the electronic device serves as a client. 19. The system of claim 17, wherein the nominal space is configured to store applications, files and data. 20. The system of claim 17, wherein the nominal space comprises a nominal OS, the nominal OS comprising a Windows® OS, an Android™ OS, or another OS. 21. The system of claim 17, wherein the SED comprises a processor configured to encrypt and decrypt the nominal space. 22. The system of claim 17, wherein the SED comprises a password key for encryption/decryption. 23. The system of claim 17, wherein the nominal space and the pre-boot region are non-overlapping portions of the SED. 24. The system of claim 17, wherein the SED management software further comprises an unlocking program configured (a) to execute within the pre-boot OS, and (b) upon successful authentication of the user, to unlock the nominal space, andwherein the unlocking program is stored in the pre-boot region. 25. The system of claim 17, wherein the SED management software further comprises an unlocking program configured (a) to execute within the pre-boot OS, and (b) upon successful authentication of the user, to unlock the nominal space, andwherein the pre-boot region comprises one or more sectors, and the unlocking program is stored in a first sector of the pre-boot region. 26. The system of claim 17, wherein the SED management software further comprises an unlocking program configured (a) to execute within the pre-boot OS, and (b) upon successful authentication of the user, to unlock the nominal space, andwherein the unlocking program is stored in an area that is rendered read-only after the unlocking program is written to the area. 27. The system of claim 17, wherein, after activation of encryption on the SED, the pre-boot region is read-only. 28. The system of claim 17, wherein the pre-boot region is hidden from users when the nominal space is unlocked. 29. The system of claim 17, wherein the nominal space is hidden from users when the pre-boot region is unlocked. 30. The system of claim 17, wherein the pre-boot region is hidden from users after the successful authentication of the user. 31. The system of claim 17, wherein the nominal space is hidden from users prior to the successful authentication of the user. 32. The system of claim 17, wherein, if the electronic device is powered on with encryption on, the nominal space is encrypted and locked. 33. The system of claim 17, wherein, if the electronic device is powered on with encryption on, the pre-boot region is accessible to a user. 34. The system of claim 17, wherein, if the electronic device is powered on with encryption on and a first sector of the nominal space is requested, a first sector of the pre-boot region is returned. 35. The system of claim 1, wherein the SED management software further comprises an unlocking program configured (a) to execute within the pre-boot OS, and (b) upon successful authentication of the user, to unlock the nominal space, andwherein the nominal space includes a nominal OS, and wherein, if the electronic device is powered on with encryption on, control is transferred to the unlocking program prior to control being transferred to the nominal OS. 36. The system of claim 1, wherein the SED management software further comprises an unlocking program configured (a) to execute within the pre-boot OS, and (b) upon successful authentication of the user, to unlock the nominal space,wherein the electronic device further comprises a memory,wherein the nominal space includes a nominal OS and a plurality of sectors including sector 0,wherein sector 0 of the nominal space contains the nominal OS and,wherein, upon the successful authentication of the user, the unlocking program reads, puts into the memory, and transfers control to sector 0 of the nominal space. 37. The system of claim 1, wherein the SED management software further comprises an unlocking program configured (a) to execute within the pre-boot OS, and (b) upon successful authentication of the user, to unlock the nominal space, andwherein the unlocking program is configured to send a credential to unlock the SED, upon entry of an item of authentication by the user. 38. The system of claim 1, wherein the nominal space includes a nominal OS, and the SED management software is configured to cause the nominal OS to boot the electronic device upon the successful authentication of the user. 39. The system of claim 1, wherein the SED management software further comprises: an unlocking program configured (a) to execute within the pre-boot OS, and (b) upon successful authentication of the user, to unlock the nominal space. 40. The system of claim 1, wherein the nominal space contains a nominal OS, and wherein the SED management software further comprises: an unlocking program configured (a) to execute within the pre-boot OS, and (b) upon successful authentication of a user, to transfer control to the nominal OS. 41. The system of claim 9, wherein the entertainment files include videos, music, and/or games. 42. The system of claim 9, wherein the pre-boot entertainment functionality comprises a media player, operable to permit a user to play media. 43. The system of claim 17, wherein the pre-boot OS comprises a Linux®-based OS, an Android™ OS, or another OS. 44. The system of claim 20, wherein the pre-boot OS comprises a Linux®-based OS, an Android™ OS, or another OS. 45. The system of claim 20, wherein the SED management software is configured to switch from a first state in which the nominal space is accessible and the nominal OS is running to a second state in which the nominal space is hidden, the nominal OS is not running, the pre-boot region is accessible, and the pre-boot OS is running. 46. The system of claim 45, wherein the switch from the first state to the second state is effected by a user action. 47. The system of claim 46, wherein the user action comprises pressing a button on a keyboard. 48. The system of claim 46, wherein the user action comprises inputting a command. 49. The system of claim 46, wherein the user action comprises: (1) (a) powering off the electronic device, or (b) causing the electronic device to enter Hibernate mode; and(2) subsequently booting the electronic device into the pre-boot region to run the pre-boot OS. 50. The system of claim 45, wherein the switch from the first state to the second state is effected by an action initiated via the keyboard.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (60)
Dayan Richard A. (Boca Raton FL) Sachsenmaier Robert (Boca Raton FL) Yen Simon Y. (Boca Raton FL), Apparatus and method for loading BIOS into a computer system from a remote storage location.
Arnold Lisa R. (Boynton Beach FL) Bealkowski Richard (Delray Beach FL) Blackledge ; Jr. John W. (Boca Raton FL) Cronk Doyle S. (Boca Raton FL) Dayan Richard A. (Boca Raton FL) Geisler Douglas R. (Boc, Apparatus and method for loading a system reference diskette image from a system partition in a personal computer system.
Mark F. Vallis ; Vu V. Luu, COMPUTER SYSTEM HAVING A HOST COMPUTER COUPLED TO A DISK DRIVE WITH A DRIVE-SELECTED-APPLICATION PARTITION FOR STORING DATA FOR EXECUTION BY THE HOST COMPUTER IN RESPONSE TO DRIVE-DETERMINED CONDITIO.
Cohen Joshua L. ; Dean Cecil A. ; du Breuil Thomas L. ; Heer Daniel Nelson ; Maher David P. ; Poteat Vance Eugene ; Rance Robert John, Electronic identifiers for network terminal devices.
Cotichini Christian,CAX ; Cain Fraser,CAX ; Ashworth David G.,CAX ; Livingston Peter Michael Bruce,CAX ; Solymar Gabor,CAX ; Gardner Philip B.,CAX ; Woinoski Timothy S.,CAX, Method and apparatus to monitor and locate an electronic device using a secured intelligent agent.
Cotichini Christian,CAX ; Cain Fraser,CAX ; Ashworth David G.,CAX ; Livingston Peter Michael Bruce,CAX ; Solymar Gabor,CAX, Method and apparatus to monitor and locate an electronic device using a secured intelligent agent via a global network.
Dayan, Richard Alan; Goodman, Steven Dale; Pennisi, Joseph Michael; Springfield, Randall Scott; Ward, James Peter; Freeman, Joseph Wayne, Method and system for booting up a computer system in a secure fashion.
Bhansali, Apurva M.; Jain, Manoj K.; Dube, Shradha; Rangarajan, Gayathri; Patel, Mehul R.; Raikar, Rayesh K.; Dhanani, Kamal M.; Kapila, Ranjit; Varghese, Elza A.; Tucker, Thomas D., Secure booting system and method.
Priddy,Dennis G., System and architecture that supports a multi-function semiconductor device between networks and portable wireless communications products.
Bhansali, Apurva M.; Jain, Manoj K.; Dube, Shradha; Iyer, Gayathri Krishnamurthy; Patel, Mehul R.; Raikar, Rayesh K.; Dhanani, Kamal M.; Kapila, Ranjit; Varghese, Elza A.; Tucker, Thomas D., System and method for protecting files stored on an electronic device.
Broadhurst Christopher John Creighton,GBX ; Byrne Barry Anthony,GBX ; White Clive John,GBX ; Press James,GBX ; McMahon Piers,GBX, System and method for web server user authentication.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.