View All Documents & Correspondence
Prevention Of Cable Swap Security Attack On Storage Devices
Abstract: Generally this disclosure provides systems devices methods and computer readable media for prevention of cable swap security attacks on storage devices. A host system may include a provisioning module configured to generate a challenge response verification key pair and further to provide the key pair to the storage device to enable the challenge response verification. The system may also include a link error detection module to detect a link error between the host system and the storage device. The system may further include a challenge response protocol module configured to initiate in response to the link error detection a verification challenge from the storage system and to provide a response to the verification challenge based on the key pair.
Notices, Deadlines & Correspondence
Patent Information
Applicants
INTEL CORPORATION
Inventors
1. TRIKA, Sanjeev N.
2. COX, Jason R.
3. RAMALINGAM, Anand S.
Specification
I/WE CLAIM:
1. A host system for securing a storage device, said host system comprising:
a provisioning module to generate a challenge-response verification key-
pair and further to provide said key-pair to said storage device to enable said
challenge-response verification;
a link error detection module to detect a link error between said host system and said storage device; and
a challenge-response protocol module to initiate, in response to said link-error detection, a verification challenge from said storage system and further to provide a response to said verification challenge based on said key-pair.
2. The host system of claim 1, wherein said detected link error is associated
with a communication reset of a data cable coupled between said host system and
said storage device.
3. The host system of claim 1, wherein said detected link error is associated
with a disconnect of a data cable coupled between said host system and said
storage device.
4. The host system of claim 1, wherein said detected link error occurs during
a standby-connected mode of said storage device.
5. The host system of claim 1, further comprising a power-up user
authentication module to provide an authentication password to said storage
device to unlock said storage device.
6. The host system of claim 1, wherein said storage device is a hard disk
drive (HDD) or a solid state drive (SSD).
7. A storage device comprising:
a data storage module to store data for access by a host system coupled to said storage device;
a link error detection module to detect a link error between said storage device and said host system and further, in response to said detection, to cause said storage device to enter a read/write failure mode; and
a challenge-response protocol module to, in response to a verification challenge initiation received from said host system, generate a verification challenge and transmit said verification challenge to said host system.
8. The storage device of claim 7, wherein said challenge-response protocol
module is further to verify a challenge-response received from said host system.
9. The storage device of claim 8, wherein, said challenge-response protocol
module is further to cause said storage device to exit said read/write failure mode
if said verification is successful.
10. The storage device of claim 8, wherein, said challenge-response protocol
module is further to wait for a second verification challenge initiation received
from said host system if said verification is unsuccessful.
11. The storage device of claim 7, wherein said read/write failure mode is
associated with a denial of access to said data storage module by said host system.
12. The storage device of claim 7, further comprising a power-up user
authentication module to verify an authentication password received from said
host system and further to unlock said data storage module in response to success
of said verification.
13. The storage device of claim 7, wherein said detected link error is
associated with a communication reset of a data cable coupled between said host
system and said storage device.
14. The storage device of claim 7, wherein said detected link error is
associated with a disconnect of a data cable coupled between said host system and
said storage device.
15. The storage device of claim 7, wherein said detected link error occurs
during a standby-connected mode of said storage device.
16. The storage device of claim 7, further comprising an encryption module to
lock and unlock said data storage module.
17. The storage device of claim 7, wherein said storage device is a hard disk
drive (HDD) or a solid state drive (SSD).
18. At least one computer-readable storage medium having instructions stored
thereon which when executed by a processor result in the following operations for
securing a storage device, said operations comprising:
generating a challenge-response verification key-pair;
providing said key-pair to said storage device to enable said challenge-response verification;
detecting a link error between a host system and said storage device;
initiating, by said host system, in response to said link-error detection, a verification challenge from said storage system; and
providing a response to said verification challenge based on said key-pair.
19. The computer-readable storage medium of claim 18, wherein said detected
link error is associated with a communication reset of a data cable coupled
between said host system and said storage device.
20. The computer-readable storage medium of claim 18, wherein said detected
link error is associated with a disconnect of a data cable coupled between said host
system and said storage device.
21. The computer-readable storage medium of claim 18, wherein said detected
link error occurs during a standby-connected mode of said storage device.
22. The computer-readable storage medium of claim 18, further comprising
the operation of providing an authentication password to said storage device to
unlock said storage device after a power-up of said storage device.
23. At least one computer-readable storage medium having instructions stored
thereon which when executed by a processor result in the following operations for
securing a storage device, said operations comprising:
detecting a link error between said storage device and a host system; entering a read/write failure mode in response to said detection; receiving a verification challenge initiation from said host system; generating a verification challenge in response to said receiving; and transmitting said verification challenge to said host system.
24. The computer-readable storage medium of claim 23, further comprising
the operation of verifying a challenge-response received from said host system.
25. The computer-readable storage medium of claim 24, further comprising
the operation of exiting said read/write failure mode if said verification is
successful.
26. The computer-readable storage medium of claim 24, further comprising
the operation of waiting for a second verification challenge initiation from said
host system if said verification is unsuccessful.
27. The computer-readable storage medium of claim 23, wherein said
read/write failure mode is associated with a denial of access of said host system to
data stored on said storage device.
28. The computer-readable storage medium of claim 24, further comprising
the operations of verifying an authentication password received from said host
system and unlocking data stored on said storage device in response to success of
said verification.
29. The computer-readable storage medium of claim 23, wherein said detected
link error is associated with a communication reset of a data cable coupled
between said host system and said storage device.
30. The computer-readable storage medium of claim 23, wherein said detected
link error is associated with a disconnect of a data cable coupled between said host
system and said storage device.
Documents
Application Documents
| # | Name | Date |
|---|---|---|
| 1 | 201747004089-IntimationOfGrant30-11-2023.pdf | 2023-11-30 |
| 1 | Priority Document [03-02-2017(online)].pdf | 2017-02-03 |
| 2 | 201747004089-PatentCertificate30-11-2023.pdf | 2023-11-30 |
| 2 | Form 5 [03-02-2017(online)].pdf | 2017-02-03 |
| 3 | Drawing [03-02-2017(online)].pdf | 2017-02-03 |
| 3 | 201747004089-FORM 3 [29-09-2023(online)].pdf | 2023-09-29 |
| 4 | Description(Complete) [03-02-2017(online)].pdf_250.pdf | 2017-02-03 |
| 4 | 201747004089-Written submissions and relevant documents [22-03-2023(online)].pdf | 2023-03-22 |
| 5 | Description(Complete) [03-02-2017(online)].pdf | 2017-02-03 |
| 5 | 201747004089-Correspondence to notify the Controller [17-02-2023(online)].pdf | 2023-02-17 |
| 6 | Form 18 [06-02-2017(online)].pdf | 2017-02-06 |
| 6 | 201747004089-US(14)-HearingNotice-(HearingDate-07-03-2023).pdf | 2023-02-17 |
| 7 | 201747004089.pdf | 2017-02-06 |
| 7 | 201747004089-FORM 3 [08-04-2022(online)].pdf | 2022-04-08 |
| 8 | Form5_Amended_13-02-2017.pdf | 2017-02-13 |
| 8 | 201747004089-CLAIMS [30-10-2020(online)].pdf | 2020-10-30 |
| 9 | 201747004089-FER_SER_REPLY [30-10-2020(online)].pdf | 2020-10-30 |
| 9 | Form 3 [24-02-2017(online)].pdf | 2017-02-24 |
| 10 | 201747004089-OTHERS [30-10-2020(online)].pdf | 2020-10-30 |
| 10 | Form 26 [17-04-2017(online)].pdf | 2017-04-17 |
| 11 | 201747004089-FORM 3 [28-10-2020(online)].pdf | 2020-10-28 |
| 11 | Correspondence by Agent_POA_20-04-2017.pdf | 2017-04-20 |
| 12 | 201747004089-Information under section 8(2) [28-10-2020(online)].pdf | 2020-10-28 |
| 12 | Other Patent Document [21-04-2017(online)].pdf | 2017-04-21 |
| 13 | 201747004089-FER.pdf | 2020-05-18 |
| 13 | Other Document [21-04-2017(online)].pdf | 2017-04-21 |
| 14 | 201747004089-FORM 3 [25-10-2018(online)].pdf | 2018-10-25 |
| 14 | Marked Copy [21-04-2017(online)].pdf | 2017-04-21 |
| 15 | 201747004089-FORM 3 [06-03-2018(online)].pdf | 2018-03-06 |
| 15 | Form 13 [21-04-2017(online)].pdf | 2017-04-21 |
| 16 | 201747004089-FORM 3 [03-08-2017(online)].pdf | 2017-08-03 |
| 16 | Other Patent Document [12-05-2017(online)].pdf | 2017-05-12 |
| 17 | Correspondence by Agent_Proof Of Right_17-05-2017.pdf | 2017-05-17 |
| 17 | abstract 201747004089.jpg | 2017-05-24 |
| 18 | abstract 201747004089.jpg | 2017-05-24 |
| 18 | Correspondence by Agent_Proof Of Right_17-05-2017.pdf | 2017-05-17 |
| 19 | 201747004089-FORM 3 [03-08-2017(online)].pdf | 2017-08-03 |
| 19 | Other Patent Document [12-05-2017(online)].pdf | 2017-05-12 |
| 20 | 201747004089-FORM 3 [06-03-2018(online)].pdf | 2018-03-06 |
| 20 | Form 13 [21-04-2017(online)].pdf | 2017-04-21 |
| 21 | 201747004089-FORM 3 [25-10-2018(online)].pdf | 2018-10-25 |
| 21 | Marked Copy [21-04-2017(online)].pdf | 2017-04-21 |
| 22 | 201747004089-FER.pdf | 2020-05-18 |
| 22 | Other Document [21-04-2017(online)].pdf | 2017-04-21 |
| 23 | 201747004089-Information under section 8(2) [28-10-2020(online)].pdf | 2020-10-28 |
| 23 | Other Patent Document [21-04-2017(online)].pdf | 2017-04-21 |
| 24 | Correspondence by Agent_POA_20-04-2017.pdf | 2017-04-20 |
| 24 | 201747004089-FORM 3 [28-10-2020(online)].pdf | 2020-10-28 |
| 25 | Form 26 [17-04-2017(online)].pdf | 2017-04-17 |
| 25 | 201747004089-OTHERS [30-10-2020(online)].pdf | 2020-10-30 |
| 26 | Form 3 [24-02-2017(online)].pdf | 2017-02-24 |
| 26 | 201747004089-FER_SER_REPLY [30-10-2020(online)].pdf | 2020-10-30 |
| 27 | 201747004089-CLAIMS [30-10-2020(online)].pdf | 2020-10-30 |
| 28 | 201747004089-FORM 3 [08-04-2022(online)].pdf | 2022-04-08 |
| 29 | 201747004089-US(14)-HearingNotice-(HearingDate-07-03-2023).pdf | 2023-02-17 |
| 30 | 201747004089-Correspondence to notify the Controller [17-02-2023(online)].pdf | 2023-02-17 |
| 31 | 201747004089-Written submissions and relevant documents [22-03-2023(online)].pdf | 2023-03-22 |
| 32 | 201747004089-FORM 3 [29-09-2023(online)].pdf | 2023-09-29 |
| 33 | 201747004089-PatentCertificate30-11-2023.pdf | 2023-11-30 |
| 34 | 201747004089-IntimationOfGrant30-11-2023.pdf | 2023-11-30 |
Search Strategy
| 1 | Search_Strategy_201747004089E_08-05-2020.pdf |