FIELD OF INVENTION
[0002] The invention disclosed herein relates, in general, to a portable storage device. More specifically, the present invention relates to a portable storage device having antivirus capabilities.
BACKGROUND
[0003] The use of computer in our daily life has been increasing continuously. Computers provide users with options to analyze and process data at a very fast speed. This data is stored on the computers by using data storage units such as hard disk drives, optical drives etc. Recently there has been an increased need for transfer of the data from one computer system to another, and to facilitate this transfer, the use of portable storage device has increased rapidly.
[0004] However, this data is under constant threat from computer viruses, worms, Trojans, and spyware which plague the computer systems throughout the world. These viruses and the like corrupt the data stored on the data storage devices, often rendering them unusable. The threat posed by these viruses is well known and various defense mechanisms have been developed to prevent against such malicious activities.
[0005] However, some users still operate their computers with inadequate protection against such malicious activities. So, if a portable storage device has been connected to even one computer that does not have adequate protection, the portable storage device could get infected itself and then potentially spread the infection to other computers to which it is subsequently connected. Further, even if adequate protection is available on the computers, the portable storage devices do not have any sort of protection, thereby still leaving scope for the viruses to attack and cause harm to the data stored on it.
[0006] In the development of portable storage devices, it has therefore been an aim to provide protection against such malicious activities. Accordingly, in some existing solutions, the portable storage devices also include a defense mechanism, which on association of the portable storage device with a computer or any other such external medium, is loaded onto the main memory of the external medium and is executed to scan the portable storage device to prevent against any threat of malicious activity.
[0007] However, the existing solutions have some limitations. Firstly, the defense mechanisms are bulky, because in addition to providing protection to the portable storage device
they also provide the option for scanning the external medium as well, thereby, consuming more space on portable storage device and the main memory. Secondly, the defense mechanisms are executed as an application, which require inputs from the user like, selecting a type of scan, a partition to be scanned etc. This requires active involvement of the user and cause distractions for the user. Further, the defense mechanisms on being executed keep providing periodic updates in the form of pop-ups etc., which causes further distractions for the user.
[0008] According to the foregoing discussion, it can be observed that there is scope for improvement of the current portable storage devices owing to their one or more limitations. There is, therefore, a need for a portable storage device which overcomes some or all of the limitations identified above.
BRIEF DESCRIPTION OF FIGURES
[0009] The features of the present invention, which are believed to be novel, are set forth with particularity in the appended claims. The invention may best be understood by reference to the following description, taken in conjunction with the accompanying drawings. These drawings and the associated description are provided to illustrate some embodiments of the invention, and not to limit the scope of the invention.
[0010] FIG. 1 is an illustration of various components of an exemplary external medium in accordance with an embodiment of the present invention;
[0011] FIGs. 2a and 2b are an illustration of various components of a portable storage device, in accordance with two exemplary embodiments of the present invention;
[0012] FIG. 3 is a flow chart describing an exemplary operation of a defense mechanism present in the portable storage device, in accordance with an embodiment of the present invention.
[0013] Those with ordinary skill in the art will appreciate that the elements in the figures are illustrated for simplicity and clarity and are not necessarily drawn to scale. For example, the dimensions of some of the elements in the figures may be exaggerated, relative to other elements, in order to improve the understanding of the present invention.
[0014] There may be additional structures described in the foregoing application that are not depicted on one of the described drawings. In the event such a structure is described, but not
depicted in a drawing, the absence of such a drawing should not be considered as an omission of such design from the specification.
SUMMARY
[0015] The instant exemplary embodiments provide a portable storage device having a defense mechanism to prevent against malicious activities.
[0016] Some embodiments provide a stand-alone portable storage device with antivirus capabilities.
[0017] Some embodiments provide a portable storage device with antivirus capabilities which requires minimum involvement of the user.
[0018] In some embodiments, a portable storage device is provided. The portable storage device includes a device interface that is configured to facilitate an association between the portable storage device and an external medium. The external medium is provided with a main memory and an operating system and automatically detects the association. The portable storage device includes a launch platform which is capable of facilitating loading of one or more mechanisms onto a main memory of the external medium. The device further includes a defense mechanism which is loaded on to the main memory of the external medium by the launch platform and is thereafter executed as a service of the operating system of the external medium. The defense mechanism is configured to prevent one or more malicious activities against the portable storage device from, wherein the prevention is done based using pattern recognition techniques.
[0019] In some embodiments, the portable storage device includes a database of one or more patterns to prevent the one or more malicious activities.
[0020] In some embodiments, the one or more patterns used for pattern recognition by the defense mechanism are updated periodically.
[0021] In some embodiments, the database of the one or more patterns used for pattern recognition is configured to be updated automatically, during the association between the portable storage device and the external medium.
[0022] In some embodiments, the portable storage device includes a first partition and a second partition.
[0023] In some embodiments, a flash memory corresponds to the first partition and the launch platform and the defense mechanism corresponds to the second partition.
[0024] In some embodiment, the flash memory includes both the first partition and the second partition, such that the launch platform and the defense mechanism correspond to the second partition.
[0025] In some embodiments, the second partition of the portable storage device appears as a CD-ROM partition to the operating system of the external medium.
[0026] In some embodiments, at least one of the first partition and the second partition of the portable storage device includes the database of the one or more patterns used to prevent the one or more malicious activities.
[0027] In some embodiments, the defense mechanism is configured to protect only the flash memory of the portable storage device.
[0028] In some embodiments, the execution of the defense mechanism can be one of an automatic execution and a manual execution.
[0029] In some embodiments, the execution of the defense mechanism is stopped when the association between the portable storage device and the external medium is terminated.
DESCRIPTION OF THE EXEMPLARY EMBODIMENTS
[0030] Before describing the present invention in detail, it should be observed that the present invention utilizes a combination of apparatus components related to a portable storage device. Accordingly the apparatus components have been represented where appropriate by conventional symbols in the drawings, showing only specific details that are pertinent for an understanding of the present invention so as not to obscure the disclosure with details that will be readily apparent to those with ordinary skill in the art having the benefit of the description herein.
[0031] While the specification concludes with the claims defining the features of the invention that are regarded as novel, it is believed that the invention will be better understood from a consideration of the following description in conjunction with the drawings, in which like reference numerals are carried forward.
[0032] As required, detailed embodiments of the present invention are disclosed herein; however, it is to be understood that the disclosed embodiments are merely exemplary of the invention, which can be embodied in various forms. Therefore, specific structural and functional details disclosed herein are not to be interpreted as limiting, but merely as a basis for the claims and as a representative basis for teaching one skilled in the art to variously employ the present invention in virtually any appropriately detailed structure. Further, the terms and phrases used herein are not intended to be limiting but rather to provide an understandable description of the invention.
[0033] The terms "a" or "an", as used herein, are defined as one or more than one. The term "another", as used herein, is defined as at least a second or more. The terms "including" and/or "having" as used herein, are defined as comprising (i.e. open transition). The term "coupled" or "operatively coupled" as used herein, is defined as connected, although not necessarily directly, and not necessarily mechanically.
[0034] Referring now to the drawings, there is shown in FIG. 1, an illustration of various components of an external medium 100 that may be associated with a portable storage device of the present invention. In some exemplary embodiments, the portable storage device may be plugged into the external medium 100 such as a network or a device. The external medium 100 may provide a necessary hardware environment for the implementation of present invention. Those skilled in the art will appreciate that the external medium 100 may include all or a few components shown in FIG. 1. Further, those skilled in the art will understand that the external medium 100 may include additional components that are not shown here and are not germane to the operation of the external medium 100, in relation to the invention arrangements.
[0035] The external medium 100 in accordance with this invention can be one of a network such as the Internet and a device such as a personal computer. However, for facilitating easy description of the invention, the external medium 100 will be described as the device. In an embodiment when the external medium 100 is a device, the external medium 100 is shown to include a processor 102, an interface port 104, a main memory 106, an operating system 108, a local data storage 110, one or more network interfaces 112, and one or more buses 114. The one or more buses 114 are used to operatively couple the processor 102, the interface port 104, the main memory 106, the operating system 108, the local data storage 110 and the one or more
network interfaces 112 of the external medium 100. Examples of the interface port 104 include, but are not limited to, a USB port for associating with a portable storage device, and the like.
[0036] The main memory 106 of the external medium 100 is a volatile memory that is accessible to the processor 102. Example of the main memory 106 can be a Random Access Memory (RAM). The main memory 106 is also configured to interact with the operating system 108 such as Microsoft Windows ™ operating system, MAC ™ operating system, Linux ™ operating system, and the like. The operating system 108 can provide various services such as antivirus services, input/output device management services etc., which are stored in the main memory 106 and are executed by the processor 102. Examples of the processor 102 include, but are not limited to, a core to duo processor, a dual core processor, an i3 processor, an i5 processor, an i7 processor, and the like.
[0037] The one or more network interfaces 112 such as, modems, routers and/or network adapters allow the external medium 100 to connect to one or more networks, such as, Local Area Network (LAN), Wide Area Network (WAN), internet, intranet and the like, to selectively interchange packets of data using the one or more network interfaces 112. The network interfaces 112 and the one or more networks provide the required hardware and software infrastructure that is needed to connect and communicate with other external mediums. For example, a user using a personal computer uses a modem to connect to the internet and exchange e-mails with another user using another personal computer which is also connected to the internet using another modem.
[0038] FIG. 2a shows various components of a portable storage device 200 according to an embodiment of the invention. Those skilled in the art will appreciate that the portable storage device 200 may include all or a few components shown in FIG. 2a. Further, those skilled in the art will understand that the portable storage device 200 may include additional components that are not shown here and are not germane to the operation of the portable storage device 200, in accordance with the invention arrangements. To describe the portable storage device 200, reference will be made to FIGs. 1, 2a and 2b, although it is understood that the portable storage device 200 can be used in any other suitable environment or arrangement.
[0039] In the embodiment represented by FIG. 2a, the portable storage device 200 comprises a device interface 202, a flash memory 204, a launch platform 206, a defense mechanism 208 and a database of one or more patterns 210.
[0040] The device interface 202 facilitates the association of the portable storage device 200 with the external medium 100. For example, a male USB connector of a flash drive is plugged into a female USB receiving port of a personal computer, thereby connecting a USB flash drive to a personal computer.
[0041] The flash memory 204 is a solid state non-volatile memory that allows a user to store data such as music, video, computer programs, files and the like. The user can access the flash memory 204 to store a new data on to the flash memory 204 and/or retrieve a previously stored data from the flash memory 204, when the association between the portable storage device 200 and the external medium 100 has been established. For example, when a USB flash drive is connected to a personal computer, the user can transfer data such as music files from the personal computer to the USB flash drive and vice versa.
[0042] Once the association of the portable storage device 200 with the external medium 100 has been established, i.e., when the portable storage device 200 is connected to the external medium 100, then the operating system 108 detects and loads the launch platform 206 on to the main memory 106 of the external medium 100. The launch platform 206, in turn, automatically loads the defense mechanism 208 such as an anti-virus, anti spyware on to the main memory 106 of the external medium 108. The defense mechanism 208 is loaded on to the main memory 106 by the launch platform 206 and then executed as a service of the operating system 108. In an embodiment inputs from the user are not required to execute the defense mechanism 208. The launch platform 206 can facilitate loading of one or more mechanisms i.e., applications such as a backup mechanism, a device formatting mechanism, a calculator mechanism, a music player mechanism, an address book mechanism, a file shredder mechanism, a private browsing mechanism, a lost and found service mechanism, a mechanism for outlook synchronization, an anti-virus application, an email mechanism, a mechanism to initiate a virtual desktop, and the like, on to the main memory 106 of the external medium 100. It should be appreciated that more mechanisms can be added to the one or more mechanisms in the portable storage device 200. In an embodiment, the one or more mechanisms can be automatically loaded upon association
between the portable storage device 200 and the external medium 100. For example, when a USB flash drive is connected to a personal computer, the operating system, Microsoft Windows XP automatically detects the launch platform 206 in the USB flash drive and loads it on to a RAM of the personal computer. Thereafter, the launch platform 206 which has been loaded on to the RAM loads an anti-virus on to the RAM of the personal computer. Subsequently, the antivirus is executed by the processor connected to the RAM as a service of Microsoft Windows XP.
[0043] In some embodiments, the launch platform 206 may launch a user interface providing the user an option to select and execute the one or more mechanisms and/or to allow configure settings of the mechanisms. In an exemplary embodiment of the present invention, the user can have an option to configure settings to enable or disable the automatic loading feature for each of the one or more mechanisms. In some exemplary embodiments, during real life applications, when a USB flash drive is connected to a personal computer, the launch platform 206 in the USB flash drive loads a user interface which provides the user an option to select from the one or more mechanisms. The user can use the user interface to choose to execute any of the one or more mechanisms he wants. Further, the user can also select to configure the settings of the one or more mechanisms such that, they are automatically executed when the USB flash drive is subsequently connected to the same personal computer.
[0044] It should be appreciated that in an exemplary scenario when the portable storage device 200 is associated for the first time with the external medium 100, the user will have to manually select and execute the one or more mechanisms. The user can then choose to configure the settings to enable the automatic loading feature for the one or more mechanisms, for subsequent usage. In another embodiment, when the portable storage device 200 is associated for the first time with the external medium 100, the user will need to install a stub application on the external medium 100 to ensure that the one or more mechanisms are automatically loaded even when the auto-play feature of the operating system 108 is disabled, for subsequent usage. At the same, the user can also choose to keep the automatic loading feature disabled for a few of the one or more mechanisms and enabled for the rest of the one or more mechanisms.
[0045] The defense mechanism 208 is configured to scan the flash memory 202 and/or transfer of data to the flash memory 202, to prevent one or more malicious activities on the portable storage device 200. Examples of the one or more malicious activities include, but are
not limited to, computer viruses, worms, Trojans, spyware and the like. For example, in a real life application, the antivirus monitors and restricts undesirable / unauthorized activities in the flash memory upon its connection to a personal computer. During the process of scanning, the defense mechanism 208 compares types of activities / content of data being transferred onto the flash memory 202 with the database of the one or more patterns 210. Examples of the database of the one or more patterns 210 include, but are not limited to, signatures of various viruses and the like. The signatures of various viruses include characteristic byte-patterns that are a part of the corresponding virus or family of viruses. The database of the one or more patterns 210 also include tracking information that can be used to determine if the data content being scanned is malicious or harmful to the portable storage device 200. It should be appreciated that the mechanics of prevention from the one or more malicious activities like computer virus is well known and hence has not been explained in detail.
[0046] The database of the one or more patterns 210 are configured to be updated periodically so that database of the one or more patterns 210 being used for comparison while scanning are most up to date for preventing the one or more malicious activities. In an embodiment, the database of the one or more patterns 210 obtain the most up to date database of the one or more patterns 210 from a support server over the Internet. In an embodiment, once the association between the portable storage device 200 and the external medium 100 has been established, the database of the one or more patterns 210 are updated through connection to a support server that stores the most up to date database of the one or more patterns 210. For example, in real life application, when a USB flash drive is connected to a personal computer, and when internet connection is available, virus signature files present in the USB flash drive automatically connect to its host servers through the Internet and updates the virus signature files to its most updated versions.
[0047] In another embodiment, the database of the one or more patterns 210 are updated only when it finds the internet connection to be idle and not being used by the user. In another embodiment, the database of the one or more patterns 210 are updated using a signature / pattern file on the external medium 100 to which the portable storage device 200 is connected. In cases where no updates can be found, the database of the one or more patterns 210 which are available are used.
[0048] In another embodiment of the invention, the portable storage device 200 is provided with a first partition 212 and a second partition 214, as shown in FIG. 2b. For the purpose of this description, the portable storage device 200 is shown to have the first partition 212 and the second partition 214. However, it will be readily apparent to those with ordinary skilled in the art that the portable storage device 200, without deviating from the scope of the invention, can have several partitions.
[0049] In the embodiment represented by FIG. 2b, the first partition 212 is a regular storage partition 212 or a FAT32 partition 212, which is accessible by the user, and the second partition 214 is a read-only partition in the form of a CD-ROM partition 214. The flash memory 204 and the database of the one or more patterns 210 correspond to the first partition 212 of the portable storage device 200. Optionally, the database of the one or more patterns 210 can be in the form of hidden files to prevent manipulation and modification by the user. The launch platform 206 and the defense mechanism 208 correspond to the second partition 214 of the portable storage device 200. It should be appreciated that in another embodiment of the invention, the database of the one or more patterns 210 can be present in the second partition 214 of the portable storage device 200. In another embodiment, the flash memory 204 can correspond to both the first partition 212 and the second partition 214, wherein the launch platform 206 and the defense mechanism 208 correspond to the second partition 214 of the portable storage device 200.
[0050] Referring now to FIG. 3, there is shown a flow chart describing an exemplary operation 300 of the defense mechanism 208 present on the portable storage device 200. This operation is provided for easy understanding of the present invention. To describe the operation 300, reference will be made to FIGs. 1,2a, 2b and 3, although it is understood that the operation 300 can be implemented in any other suitable environment or external association. Moreover, the invention is not limited to the order in which the steps are listed in the operation 300.
[0051] The operation is initiated at step 302. At step 304, the device interface 202 and the interface port 104 facilitate the association between the portable storage device 200 and the external medium 100.
[0052] Thereafter, once the association has been established, at step 306 the operating system 108 of the external medium 100 detects the CD-ROM partition 214 of the portable storage device 200. The CD-ROM partition 214 emulates a CD-ROM and thus appears as a CD-
ROM drive to the operating system 108 of the external medium 100. So in real life application, when a USB flash drive is connected to a personal computer, the CD-ROM partition of the USB flash drive appears as a separate logical drive and function as if it was a CD-ROM drive.
[0053] Thereafter, at step 308, the CD-ROM partition 214 allows the operating system 108 with an auto-run feature to automatically launch the launch platform 206 present in the CD-ROM partition 214. In an embodiment, the auto-run feature may be disabled and the user is allowed to manually invoke the launch platform 206.
[0054] Thereafter, at step 310, the launch platform 206 automatically loads the defense mechanism 208 in to the main memory 106. Thereafter, at step 312, the defense mechanism 208 is executed as a service of the operating system 108. This allows simple and easy execution of the defense mechanism, without causing any distraction for the user. Also, since it is executed as a service of the operating system, it runs in the background and does not require any involvement of the user. In an embodiment, the launch platform 206 on being launched by the operating system 108 creates a user interface providing options to the user to select from various mechanisms other than the defense mechanism 208. In an embodiment, the automatic loading feature may be disabled and the user is allowed to manually invoke the defense mechanism 208. In an exemplary scenario when the portable storage device 200 is associated for the first time with the external medium 100, the user will have to manually select and execute the one or more mechanisms. In another embodiment of the present invention, the user can have an option to configure settings to enable or disable the automatic loading feature.
[0055] Thereafter, at step 314, the defense mechanism 208 searches and finds the flash memory 204 and starts scanning the data in the flash memory 204 to prevent against the one or more malicious activities. According to an exemplary embodiment, the defense mechanism 208 is a minimal protection mechanism suitable for protecting only the flash memory 204. This minimal protection mechanism does not cause excessive load on the main memory 104 of the external medium 200, thereby allowing easier and faster processing to the user.
[0056] At step 316, the defense mechanism 208 scans the data in the flash memory 204 and compares it against the database of the one or more patterns 210. Thereafter, at step 318, the defense mechanism 208 ensures that the database of the one or more patterns 210 are updated to the most up to date database of the one or more patterns 210 from a support server over the
Internet. Further, the defense mechanism 208 also tracks if any modifications have been made to the data in the flash memory 204 by the user. If such a modification is detected then the operation starting from the step 314 to step 316 is repeated. This prevents a malicious activity affected data from being transferred from the external medium 100 to the portable storage device 200, even if the external medium 100 does not have adequate protection against the one or more malicious activities. In turn, this also prevents the portable storage device 200 from spreading the malicious activity affected data from one external medium to another, which is a likely scenario because the portable storage device 200 is typically employed in more than one external medium 100. Although the invention is explained with reference to some of the malicious activities, it will be readily apparent to those ordinarily skilled in the art that the invention can be performed for numerous other malicious activities that exist in the art or are discovered after this invention. Additionally, it will also be readily apparent to those ordinarily skilled in the art that any activity or file that is detrimental to the performance, security, efficiency and/or efficacy of the portable storage device 200 may be considered as a malicious activity in accordance with the present invention. Furthermore, it will also be readily apparent to those ordinarily skilled in the art that an activity being performed by the portable storage device 200 or a file stored on the portable storage device 200, that is detrimental to the performance, security, efficiency and/or efficacy of the external medium 100 may be considered as a malicious activity in accordance with the present invention.
[0057] As has been described above, the defense mechanism 208 prevents only the portable storage device 200 from the one or more malicious activities and the execution of the defense mechanism 208 is stopped when the association between the portable storage device 200 and the external medium 100 is terminated. The operation 300 is terminated at step 320.
[0058] Various embodiments, as described above, provide a portable storage device, which has several advantages. One of the several advantages of some embodiments of this portable storage device is that the defense mechanism is executed as a service of the operating system; hence it runs in the background and does not cause any interruption to the work of the user. Further, since the defense mechanism is executed as a service of the operating system it will prevent a user from unintentionally stopping the execution of the defense mechanism. Furthermore, the defense mechanism is only a minimal protection mechanism which prevents only the portable storage device from the one or more malicious activities. This ensures that the
defense mechanism is not bulky, leading to a reduction in the load on the main memory of the external medium, which in currently available solutions is higher. Another advantage of the present invention is that it prevents the portable storage device from spreading the malicious activity affected data from one external medium to another, which is a likely scenario because the portable storage device is typically employed in more than one external medium.
[0059] While the invention has been disclosed in connection with the preferred embodiments shown and described in detail, various modifications and improvements thereon will become readily apparent to those skilled in the art. Accordingly, the spirit and scope of the present invention is not to be limited by the foregoing examples, but is to be understood in the broadest sense allowable by law.
[0060] All documents referenced herein are hereby incorporated by reference.

WE CLAIMS
1. A portable storage device capable of storing data, the portable storage device comprising:
a device interface configured to facilitate an association between the portable storage device and an external medium, wherein association between the portable storage and the external medium is automatically detected, further wherein the external medium has a main memory and an operating system to enable operation of the external medium;
a launch platform capable of facilitating loading of one or more mechanisms on to the memory of the external medium upon the association of the portable storage device with the external medium; and
a defense mechanism configured to be loaded on the memory of the external device by the launch platform, upon the association of the portable storage device with the external medium, wherein the defense mechanism is capable of preventing one or more malicious activities against the portable storage device, wherein the prevention is done by using pattern recognition, further wherein the defense mechanism is executed as a service of the operating system of the external medium.
2. The portable storage device as recited in claim 1 further comprising a database of one or more patterns for pattern recognition by the defense mechanism.
3. The portable storage device as recited in claim 2, wherein the database of the one or more patterns is updated upon association of the portable storage device and the external medium.
4. The portable storage device as recited in claim 1, wherein the portable storage device comprises a first partition and a second partition, further wherein a flash memory corresponds to the first partition of the portable storage device, and wherein the launch platform and the defense mechanism correspond to a second partition of the portable storage device, and wherein at least one of the first partition and the second partition comprises the database of the one or more patterns used to prevent the one or more malicious activities.
5. The portable storage device as recited in claim 4, wherein the second partition appears as a CD-ROM partition to the operating system of the external device.
6. The portable storage device as recited in claim 1, wherein the defense mechanism is a minimal protection mechanism suitable for protecting the flash memory for data storage only.
7. The portable storage device as recited in claim 1, wherein the execution of the defense mechanism can be one of an automatic execution and a manual execution, and wherein the execution of the defense mechanism is stopped when the association between the portable storage device and the external medium is terminated.
8. The portable storage device as recited in claim 1, wherein the device interface comprises a Universal Serial Bus (USB) interface.
9. The portable storage device as recited in claim 1, wherein the one or more mechanisms comprise at least one of a backup mechanism, a device formatting mechanism, a calculator mechanism, a music player mechanism, an address book mechanism, a file shredder mechanism, a private browsing mechanism, a lost and found service mechanism, a mechanism for synchronization an email mechanism and a mechanism to initiate a virtual device.
10. The portable storage device as recited in claim 1, wherein the external medium is a computer, a laptop and a portable computing device.