专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明申请

US20080065898A1 Use of Device Driver to Function as a Proxy Between an Encryption Capable Tape Drive and a Key Manager 有权
标题翻译：使用设备驱动程序作为可加密磁带驱动器和密钥管理器之间的代理
公开(公告)号：US20080065898A1
公开(公告)日：2008-03-13
申请号：US11470731
申请日：2006-09-07
申请人： Paul M. Greco , Glen A. Jaquette
发明人： Paul M. Greco , Glen A. Jaquette
IPC分类号： H04L9/00
CPC分类号： G06F3/0646 , G06F3/0623 , G06F3/0682 , G06F21/6281 , G06F21/80
摘要： A tape system is provided with an encryption capable tape drive and an encryption enabled tape drive device driver for the encryption capable tape drive. The encryption enabled tape drive device driver functions as a proxy which connects the encryption capable tape drive to a key manager which serves keys to the tape drive. When the encryption capable device driver causes a command to be sent to the drive, the tape drive is configured to respond with a message that is intended for a key manager such as an External Key Manager (EKM). The encryption capable device driver recognizes that this is a message intended for the EKM and forwards that message to the EKM (e.g., via an Internet Protocol (IP) connection). The EKM then responds to the key request by issuing a new key (for a new cartridge which is to be written from beginning of tape (BOT)) or an existing key (for a cartridge which needs to be read). The device driver connects all EKM responses to the encryption capable tape drive and the EKM from which the encryption capable tape drive obtains its keys.
摘要翻译：磁带系统提供有加密功能的磁带驱动器和用于加密功能的磁带驱动器的加密启用磁带驱动器设备驱动程序。启用加密的磁带驱动器设备驱动程序用作将加密功能的磁带驱动器连接到向磁带驱动器提供密钥的密钥管理器的代理。当具有加密能力的设备驱动程序导致将命令发送到驱动器时，磁带驱动器被配置为使用旨在用于诸如外部密钥管理器（EKM）的密钥管理器的消息。加密功能的设备驱动程序识别出这是用于EKM的消息，并将该消息转发到EKM（例如，经由因特网协议（IP）连接）。然后，EKM通过发出新的密钥（对于要从磁带开始写入的新墨盒（BOT））或现有密钥（对于需要读取的墨盒）来响应密钥请求。设备驱动程序将所有EKM响应连接到加密功能的磁带驱动器和可加密的磁带驱动器从其获得其密钥的EKM。

12. 发明申请

US20080063198A1 Storing EEDKS to tape outside of user data area 审中-公开
标题翻译：将EEDKS存储到用户数据区域外的磁带
公开(公告)号：US20080063198A1
公开(公告)日：2008-03-13
申请号：US11470804
申请日：2006-09-07
申请人： Glen A. Jaquette , Paul M. Greco
发明人： Glen A. Jaquette , Paul M. Greco
IPC分类号： H04N7/167
CPC分类号： G06F21/80
摘要： A method, system and program are provided for enabling access to encrypted data in a storage cartridge by wrapping the data key used to encrypt the data with one or more encryption keys (e.g., a public key from a public/private key pair) to form one or more encryption encapsulated data keys (EEDKs) and then storing the EEDK(s) on the storage cartridge along with the encrypted data in one or more location that are distinct from the encrypted data. The encrypted data may be decoded by retrieving the EEDK from the storage cartridge, decrypting the EEDK with a decryption key (e.g., the private key from the public/private key pair) to extract the underlying data key, and then using the extracted data key to decrypt the encrypted data. By storing the EEDKs separately from the encrypted data, the EEDKs may be updated independently of the corresponding encrypted data.
摘要翻译：提供了一种方法，系统和程序，用于通过用一个或多个加密密钥（例如，公共/私人密钥对的公共密钥）包裹用于加密数据的数据密钥来使得能够访问存储盒中的加密数据，以形成一个或多个加密封装数据密钥（EEDK），然后将EEDK与加密数据一起存储在与加密数据不同的一个或多个位置中。可以通过从存储盒检索EEDK来解密加密数据，使用解密密钥（例如，公/私钥对中的私钥）解密EEDK以提取底层数据密钥，然后使用提取的数据密钥解密加密数据。通过将EEDK与加密数据分开存储，EEDK可以独立于对应的加密数据进行更新。

13. 发明申请

US20110219199A1 VOLUME COHERENCY VERIFICATION FOR SEQUENTIAL-ACCESS STORAGE MEDIA 有权
标题翻译：用于顺序访问存储介质的容量验证
公开(公告)号：US20110219199A1
公开(公告)日：2011-09-08
申请号：US12719441
申请日：2010-03-08
申请人： Kevin D. Butt , Paul M. Greco , Glen A. Jaquette , Paul J. Seger
发明人： Kevin D. Butt , Paul M. Greco , Glen A. Jaquette , Paul J. Seger
IPC分类号： G06F12/00
CPC分类号： G06F3/0644 , G06F3/0611 , G06F3/0619 , G06F3/068 , G06F3/0682
摘要： A method for determining volume coherency is disclosed herein. Upon completing a first write job to a volume partition, the method makes a copy of a volume change reference (VCR) value associated with the volume. The VCR value is configured to change in a non-repeating manner each time content on the volume is modified. Prior to initiating a second write job to the volume partition, the method retrieves the copy and compares the copy to the VCR value. If the copy matches the VCR value, the method determines that a logical object on the partition was not modified between the first and second write jobs. If the copy does not match the VCR value, the method determines that the logical object on the partition was modified between the first and second write jobs. A corresponding system and computer program product are also disclosed herein.
摘要翻译：本文公开了一种用于确定卷一致性的方法。完成对卷分区的第一次写入作业后，该方法将创建与卷相关联的卷更改引用（VCR）值的副本。每次修改卷上的内容时，将VCR值配置为以不重复的方式进行更改。在向卷分区启动第二次写入作业之前，该方法将检索副本并将该副本与VCR值进行比较。如果复制与VCR值匹配，则该方法确定在第一和第二写入作业之间没有修改分区上的逻辑对象。如果副本与VCR值不匹配，则该方法确定分区上的逻辑对象在第一个和第二个写入作业之间已被修改。本文还公开了相应的系统和计算机程序产品。

14. 发明授权

US07793041B2 Method for controlling access to data of a tape data storage medium 失效
标题翻译：用于控制对磁带数据存储介质的数据的访问的方法
公开(公告)号：US07793041B2
公开(公告)日：2010-09-07
申请号：US12112070
申请日：2008-04-30
申请人： Glen A. Jaquette , James M. Karp
发明人： Glen A. Jaquette , James M. Karp
IPC分类号： G06F12/14
CPC分类号： G06F21/6218 , G06F21/80
摘要： A method, system, and machine-readable medium for controlling access to data of a tape data storage medium are disclosed. In accordance with one embodiment, a method is provided which comprises conveying data access control metadata from a tape cartridge comprising a tape data storage medium to a host, receiving decrypted metadata from the host, comparing a checksum value determined utilizing the decrypted metadata with checksum data stored within the tape cartridge; and processing a request to access the tape data storage medium received from the host based upon a comparison of the checksum value and checksum data. In the described method embodiment, the data access control metadata comprises encrypted metadata corresponding to a data storage parameter, where data is stored within the tape data storage medium utilizing the data storage parameter and the decrypted metadata is generated by the host utilizing the encrypted metadata.
摘要翻译：公开了一种用于控制对磁带数据存储介质的数据的访问的方法，系统和机器可读介质。根据一个实施例，提供了一种方法，其包括将数据访问控制元数据从包括磁带数据存储介质的磁带盒传送到主机，从主机接收解密的元数据，将使用解密的元数据确定的校验和值与校验和数据进行比较存储在磁带盒内; 以及基于校验和值和校验和数据的比较来处理从主机接收的磁带数据存储介质的请求。在所描述的方法实施例中，数据访问控制元数据包括对应于数据存储参数的加密元数据，其中使用数据存储参数将数据存储在磁带数据存储介质中，并且由主机利用加密元数据生成解密的元数据。

15. 发明申请

US20080273696A1 Use of Indirect Data Keys for Encrypted Tape Cartridges 有权
标题翻译：对加密磁带盒使用间接数据密钥
公开(公告)号：US20080273696A1
公开(公告)日：2008-11-06
申请号：US11742819
申请日：2007-05-01
申请人： Paul M. Greco , Shai Halevi , Glen A. Jaquette
发明人： Paul M. Greco , Shai Halevi , Glen A. Jaquette
IPC分类号： H04L9/00 , H04K1/00
CPC分类号： G11B20/00086 , G06F21/80 , G11B20/0021 , G11B20/00224 , G11B20/00333 , G11B2220/90
摘要： A method, system and program are provided for enabling selective access to multiple users' encrypted data in a single storage cartridge. A unique, derived key is generated for each user's data by performing cryptographic operations on a combination of a common base key and metadata related to the data to be encrypted (e.g. its total block count). The base data key is wrapped with one or more encryption keys to form one or more encryption encapsulated data keys (EEDKs). The base key and the derived key are wrapped to create a session encrypted data key (SEDK), which along with the EEDKs, are conveyed to the tape drive, where the SEDK is decrypted. The EEDKs are then stored in one or more places on the storage cartridge. The base key and the derived key are used to encrypt a predetermined user's data, with the derived key stored on the cartridge with the encrypted data. The encrypted data may be subsequently decrypted by retrieving the EEDK and decrypting it with a decryption key to extract the base data key. The extracted base data key can then be used with other information to calculate the derived key. Once calculated, the derived key is used to decrypt its associated encrypted data.
摘要翻译：提供了一种方法，系统和程序，用于使得能够选择性地访问单个存储盒中的多个用户的加密数据。通过对与要加密的数据相关的公共基本密钥和元数据的组合（例如，其总块计数）执行加密操作，为每个用户的数据生成唯一的派生密钥。基本数据密钥用一个或多个加密密钥包裹以形成一个或多个加密封装数据密钥（EEDK）。基础密钥和派生密钥被包装以创建会话加密数据密钥（SEDK），其与EEDK一起被传送到SEDK被解密的磁带驱动器。然后将EEDK存储在存储盒上的一个或多个位置。基本密钥和派生密钥用于加密预定用户的数据，其中导出的密钥存储在盒上，其中加密的数据。可以随后通过检索EEDK并用解密密钥对加密数据进行解密，以提取基本数据密钥。然后，提取的基本数据密钥可以与其他信息一起使用以计算导出密钥。一旦计算，派生密钥用于解密其相关联的加密数据。

16. 发明申请

US20080063209A1 Distributed key store 审中-公开
标题翻译：分布式密钥存储
公开(公告)号：US20080063209A1
公开(公告)日：2008-03-13
申请号：US11470795
申请日：2006-09-07
申请人： Glen A. Jaquette , Paul M. Greco , Shai Halevi , Wayne E. Rhoten
发明人： Glen A. Jaquette , Paul M. Greco , Shai Halevi , Wayne E. Rhoten
IPC分类号： H04L9/00
CPC分类号： G06F21/80 , G06F2221/2121
摘要： A method, system and program are provided for enabling access to encrypted data in a storage cartridge by wrapping the data key used to encrypt the data with one or more encryption keys (e.g., a public key from a public/private key pair) to form one or more encryption encapsulated data keys (EEDKs) and then storing the EEDK(s) on the storage cartridge along with the encrypted data. The encrypted data may be decoded by retrieving the EEDK from the storage cartridge, decrypting the EEDK with a decryption key (e.g., the private key from the public/private key pair) to extract the underlying data key, and then using the extracted data key to decrypt the encrypted data.
摘要翻译：提供了一种方法，系统和程序，用于通过用一个或多个加密密钥（例如，公共/私人密钥对的公共密钥）包裹用于加密数据的数据密钥来使得能够访问存储盒中的加密数据，以形成一个或多个加密封装数据密钥（EEDK），然后将EEDK与加密数据一起存储在存储盒上。可以通过从存储盒检索EEDK来解密加密数据，使用解密密钥（例如，公/私钥对中的私钥）解密EEDK以提取底层数据密钥，然后使用提取的数据密钥解密加密数据。

17. 发明申请

US20080244154A1 Method for Controlling Access to Data of a Tape Data Storage Medium 失效
标题翻译：控制磁带数据存储介质数据访问的方法
公开(公告)号：US20080244154A1
公开(公告)日：2008-10-02
申请号：US12112070
申请日：2008-04-30
申请人： Glen A. Jaquette , James M. Karp
发明人： Glen A. Jaquette , James M. Karp
IPC分类号： G06F12/00
CPC分类号： G06F21/6218 , G06F21/80
摘要： A method, system, and machine-readable medium for controlling access to data of a tape data storage medium are disclosed. In accordance with one embodiment, a method is provided which comprises conveying data access control metadata from a tape cartridge comprising a tape data storage medium to a host, receiving decrypted metadata from the host, comparing a checksum value determined utilizing the decrypted metadata with checksum data stored within the tape cartridge; and processing a request to access the tape data storage medium received from the host based upon a comparison of the checksum value and checksum data. In the described method embodiment, the data access control metadata comprises encrypted metadata corresponding to a data storage parameter, where data is stored within the tape data storage medium utilizing the data storage parameter and the decrypted metadata is generated by the host utilizing the encrypted metadata.
摘要翻译：公开了一种用于控制对磁带数据存储介质的数据的访问的方法，系统和机器可读介质。根据一个实施例，提供了一种方法，其包括将数据访问控制元数据从包括磁带数据存储介质的磁带盒传送到主机，从主机接收解密的元数据，将使用解密的元数据确定的校验和值与校验和数据进行比较存储在磁带盒内; 以及基于校验和值和校验和数据的比较来处理从主机接收的磁带数据存储介质的请求。在所描述的方法实施例中，数据访问控制元数据包括对应于数据存储参数的加密元数据，其中使用数据存储参数将数据存储在磁带数据存储介质中，并且由主机利用加密元数据生成解密的元数据。

18. 发明授权

US07398351B2 Method and system for controlling access to data of a tape data storage medium using encryption/decryption of metadata 有权
标题翻译：用于使用元数据的加密/解密来控制对磁带数据存储介质的数据的访问的方法和系统
公开(公告)号：US07398351B2
公开(公告)日：2008-07-08
申请号：US11438830
申请日：2006-05-23
申请人： Glen A. Jaquette , James M. Karp
发明人： Glen A. Jaquette , James M. Karp
IPC分类号： G06F12/14
CPC分类号： G06F21/6218 , G06F21/80
摘要： A method, system, and machine-readable medium for controlling access to data of a tape data storage medium are disclosed. In accordance with one embodiment, a method is provided which comprises conveying data access control metadata from a tape cartridge comprising a tape data storage medium to a host, receiving decrypted metadata from the host, comparing a checksum value determined utilizing the decrypted metadata with checksum data stored within the tape cartridge; and processing a request to access the tape data storage medium received from the host based upon a comparison of the checksum value and checksum data. In the described method embodiment, the data access control metadata comprises encrypted metadata corresponding to a data storage parameter, where data is stored within the tape data storage medium utilizing the data storage parameter and the decrypted metadata is generated by the host utilizing the encrypted metadata.
摘要翻译：公开了一种用于控制对磁带数据存储介质的数据的访问的方法，系统和机器可读介质。根据一个实施例，提供了一种方法，其包括将数据访问控制元数据从包括磁带数据存储介质的磁带盒传送到主机，从主机接收解密的元数据，将使用解密的元数据确定的校验和值与校验和数据进行比较存储在磁带盒内; 以及基于校验和值和校验和数据的比较来处理从主机接收的磁带数据存储介质的请求。在所描述的方法实施例中，数据访问控制元数据包括对应于数据存储参数的加密元数据，其中使用数据存储参数将数据存储在磁带数据存储介质中，并且由主机利用加密元数据生成解密的元数据。

19. 发明授权

US09026501B2 Contactless IC memory on removable media 有权
标题翻译：可移动介质上的非接触式IC存储器
公开(公告)号：US09026501B2
公开(公告)日：2015-05-05
申请号：US13476129
申请日：2012-05-21
申请人： Shinobu Fujihara , Diana J. Hellman , Glen A. Jaquette
发明人： Shinobu Fujihara , Diana J. Hellman , Glen A. Jaquette
IPC分类号： G06F17/30 , G11B27/10 , G11B27/11
CPC分类号： G06F3/0604 , G06F3/0643 , G06F3/0688 , G06F17/30174 , G06F17/30218 , G11B27/107 , G11B27/11 , G11B2220/655 , G11B2220/956
摘要： Method, system, and computer program product embodiments for recording data on a contactless integrated circuit (IC) memory associated with a data storage cartridge are provided. In one exemplary embodiment, an index of a plurality of files to be recorded on a storage media of the data storage cartridge is parsed with a table of contents (TOC) profile file to build a table of contents (TOC) specific to an owning application of the plurality of files. The TOC is written to the contactless IC memory.
摘要翻译：提供了用于在与数据存储盒相关联的非接触集成电路（IC）存储器上记录数据的方法，系统和计算机程序产品实施例。在一个示例性实施例中，将要记录在数据存储盒的存储介质上的多个文件的索引用内容表（TOC）简档文件解析，以构建特定于所有者应用的内容表（TOC）的多个文件。 TOC被写入非接触式IC存储器。

20. 发明授权

US08692696B2 Generating a code alphabet of symbols to generate codewords for words used with a program 有权
标题翻译：生成符号的代码字母表以生成与程序一起使用的字的码字
公开(公告)号：US08692696B2
公开(公告)日：2014-04-08
申请号：US13342899
申请日：2012-01-03
申请人： Roy D. Cideciyan , Glen A. Jaquette , Thomas Mittelholzer
发明人： Roy D. Cideciyan , Glen A. Jaquette , Thomas Mittelholzer
IPC分类号： H03M7/30
CPC分类号： H03M7/40
摘要： Provided are a computer program product, system, and method for generating a code alphabet for use by a deployed program to determine codewords for words. A first code alphabet is generated having a first number of symbols that provide variable length codings of the words. The symbols in the first code alphabet are merged into a second number of groups of the symbols in the first code alphabet, where the second number is less than the first number. A second code alphabet is generated having the second number of symbols, wherein a second average codeword length of the codewords produced using the symbols in the second code alphabet is smaller than the codeword length (b) of the words, and wherein the second code alphabet comprises the code alphabet used by the deployed program.
摘要翻译：提供了一种用于生成代码字母表的计算机程序产品，系统和方法，用于部署程序用于确定字的码字。产生具有提供字的可变长度编码的符号的第一数量的第一代码字母表。第一代码字母表中的符号被合并到第一代码字母表中的第二数量的符号组中，其中第二个数字小于第一个数字。产生具有第二数量符号的第二码字母，其中使用第二码字母表中的符号产生的码字的第二平均码字长度小于字的码字长度（b），并且其中第二码字母包括部署程序使用的代码字母表。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式