TWI727717B - Data security system with encryption and method for its operation - Google Patents

Abstract

A data storage device, and a method thereof, comprises: a memory; an interface controller for communications through a data channel that is locked until a user is authenticated; a wireless transceiver for radiofrequency communications outside the data channel, the wireless transceiver being configured for receiving user authentication input; an authentication subsystem having authentication information and an encryption key, the authentication subsystem unlocking the data channel of the data storage device based on the received user authentication input and the authentication information; and an encryption engine for encrypting, with the encryption key, data received through the data channel before storing the encrypted data in the memory, and for decrypting, with the encryption key, data read from the memory before sending the decrypted data through the data channel.

Description

Encrypted data preservation system and operation method thereof Cross-reference of related applications

This case is a partial continuous case of the U.S. Patent Application No. 12/680,742 filed on March 29, 2010, which is pending at the same time. This case is the national phase of the International Application No. PCT/US2008/077766 filed on September 26, 2008. This case claims The U.S. Provisional Patent Application Serial No. 60/975,814 filed on September 27, 2007 has a discount, and the patent subject matter of the provisional patent application is incorporated herein by reference.

This patent application contains the relevant patent subject matter of the US patent application titled "Encrypted Data Security System" filed by Lev M. Bolotin and Simon B. Johnson at the same time. The related application is assigned to ClevX, LLC and identified with the file number 502-018P-PCT-US.C1. The patent subject matter of the U.S. patent application is incorporated herein by reference.

The present invention generally relates to electronic devices, and particularly relates to memory devices.

Security is a key issue in almost all aspects of computer use. The storage medium (such as a hard disk connected to a computer) contains valuable information that is vulnerable to data theft. A lot of money and efforts are used to protect personal, corporate and government information.

When portable memory storage devices have become smaller, easier to lose, more ubiquitous, cheaper, and have greater memory capacity, it will also cause great security problems. Now it is possible to secretly download a large amount of information to portable memory storage devices, such as Universal Serial Bus (USB, Universal Serial Bus) flash and micro flash drives, mobile phones, camcorders, digital cameras, iPOD, MP3/ 4 Players, smart phones, palm and laptop computers, gaming equipment, authenticators, tokens (including memory), etc.-usually, mass storage device (MSD, mass storage device).

Specifically, there are millions of MSDs used in backup, transfer, intermediate storage and main storage, so that information can be easily downloaded and taken away by the computer. The main purpose of any MSD is to store and retrieve "portable content". The "portable content" is data and information restricted to a specific owner rather than a specific computer.

The most common method of providing storage security is to use a password entered by a computer to authenticate the user. The password is valid against the value stored in the MSD. If a match occurs, the drive will turn on. Alternatively, the password itself is used as an encryption key to encrypt/decrypt the data stored in the MSD.

For disk drives that support dynamic encryption, the encryption key is usually stored on the medium in an encrypted form. Since the encryption key is stored on the medium, it will become easy for those who intend to circumvent the standard interface and read the medium directly. Therefore, the password is used as the key to encrypt the encryption key.

For self-certified drives, its own certification subsystem is responsible for maintaining security. There is no need to rely on the host computer to which the drive is connected. Therefore, the password cannot (or does not need to) be sent by the host to unlock the MSD. In fact, the encryption key no longer needs to be stored on the medium. The authentication subsystem becomes a tool for managing encryption keys.

Therefore, there is still a need for improved preservation. In view of the ever-increasing commercial competition pressure, combined with growing consumer expectations and the diminishing opportunities for meaningful product differentiation in the market, the key lies in finding answers to these questions. In addition, the need to reduce costs, improve efficiency and performance, and meet competitive pressures has even increased the urgency of the key necessity to find answers to these questions.

Those who are familiar with the field have been seeking solutions to these problems for a long time, but the previous developments have not taught or suggested any solutions. Therefore, those who are familiar with the art have long been at a loss for solutions to these problems.

The present invention provides a method including: detecting the connection of a data storage device with a locked data channel, the data storage device further comprising: an interface controller for communicating through the data channel; a memory; and an authentication time A system with authentication information and encryption keys; an encryption engine; and a wireless transceiver for radio frequency communication outside the data channel; through the wireless transceiver, the data channel through the interface controller is locked When the user authentication input is received; according to the received user authentication input and the authentication information of the authentication sub-system, the data storage is unlocked The data channel of the storage device; and when the data channel is unlocked: before storing the encrypted data in the memory, encrypt the data received through the data channel with the encryption key; and before sending the decrypted data through the data channel , Decrypt and read the data from the memory through the encryption key.

The present invention provides a data storage device, including: a memory; an interface controller for communicating through a data channel that is locked until the user is authorized; and a wireless transceiver for the data For radio frequency communication outside the channel, the wireless transceiver is configured to receive user authentication input; an authentication sub-system has authentication information and encryption key, and unlocks the user authentication input and authentication information based on the received user authentication input and authentication information. The data channel of the data storage device; and an encryption engine that encrypts the data received through the data channel with the encryption key before storing the encrypted data in the memory, and transmits the decrypted data through the data channel before sending the decrypted data through the data channel. The encryption key decrypts and reads the data from the memory.

The present invention provides a system including: one or more computer processors; a data channel connected to the one or more computer processors; and a self-encrypting device connected to the data channel, the self-encrypting device including : An authentication subsystem includes an authentication processor; an encryption engine; a storage medium for storing encrypted data, which is encrypted by an encryption key provided by the authentication subsystem; a radio frequency (RF, radio frequency) ) The transceiver communicates with the data channel externally; and a data interface of an interface controller is coupled to the data channel. The data interface is locked from sending and receiving data until the self-encrypting device passes the authentication sub-system The user authentication information received through the RF transceiver is unlocked.

The present invention provides a method including: providing a self-encrypting device in a host computer system, the host computer system further has one or more processors and a data channel, the data channel is connected to the one or more processors and Connect to the self-encrypting device; establish a communication channel between the data interface of the self-encrypting device and the data channel, the communication channel is locked until the self-encrypting device is authorized; through the self-encrypting device's radio frequency (RF, radio frequency) The transceiver is used for communication outside the data channel to receive user authentication information; the authentication subsystem of the self-encrypting device unlocks the communication channel according to the user authentication information; and the self-encrypting device receives via the data interface The authentication sub-system of the self-encrypting device provides encrypted data with an encryption key; and the encrypted data is stored in the storage sub-system of the self-encrypting device.

In addition to or instead of the above-mentioned purposes, the specific embodiments of the present invention have other purposes. When referring to the attached drawings, the purpose will become obvious to those who are familiar with the art after reading the following detailed description.

100: Data Protection System

102: External communication channel

104: certification sub-system

106: storage system

108: Interface Controller

110: encryption engine

112: storage medium

114: Certified Controller

116: Encryption key

118: authentication key

120: host computer system

122: User

202: user identification

206: Channel

300: Data Security System

301: Communication combination

302: mobile transceiver

304: user identification

306: Data Security Transceiver

310: Certification sub-system

320: biometric sensor

322: Biometric input

330: Motor input mechanism

332: unique code

400: Data Protection System

402: host application

406: Host ID

408: authentication system

500: Data preservation method

502: Step Block

504: Step Block

506: Step Block

600: Data Security Communication System

610: mobile device

612: mobile transceiver

614: Antenna

618: Data Protection System Application

620: Data Security System

622: Antenna

624: Data Security Transceiver

626: Security Controller

630: host computer

640: Server/Control Panel

642: User Management Database

650: Cloud

700: Connect

706: Data preservation system connection, activation and discovery operations

712: Confirmation: Data security system unlock signal

714: Manager Operation

716: Set other restricted operations

800: Data security system application start operation

802: Mobile device ID unlock signal

804: Data Security System Unlocking Operation

806: Confirmation: Data preservation system unlock operation

900: Input user name/password operation

902: Confirm user ID signal

904: User name/password valid judgment

906: valid user signal

908: Input PIN operation

910: Confirm unlock signal

912: User authorization determination

914: Unlock allow signal

916: Unlock request signal

1000: Unlock specific data security system operations

1002: Obtained position and/or current time operation

1004: Confirm unlock signal

1006: The condition meets the judgment

1008: Unlock allow signal

1010: Confirm unlock signal

1012: Data preservation system allows judgment

1100: Any command is waiting for a signal

1102: Reset command judgment

1104: Perform reset signal

1106: Reset the security system signal

1108: Data security system reset operation

1110: Confirmation: Data security system reset signal

1112: Confirmation: Data preservation system reset operation

1200: Unlock

1202: Administrator's password unlock signal

1204: Administrator's password unlock signal

1300: Change password judgment

1302: Change user password signal

1304: Change user password signal

Figure 1 is a schematic diagram of a data security system according to an embodiment of the present invention;

Figure 2 is an illustration of the authentication key delivery method using the data security system;

Figure 3 is an illustration of different systems for the user to interact with the data protection system;

Figure 4 shows how the user can use the host computer Instructions for the system to interact with the data security system; and

Figure 5 shows the data preservation method used for the user confirmation of the data preservation system.

Figure 6 is an exemplary data security communication system.

Figure 7 is an administrator sequence diagram showing the sequence of operations between the mobile device and the data preservation system.

Figure 8 is an unlock sequence diagram of the mobile device being an authentication factor.

Figure 9 is an unlock sequence diagram showing the unlocking sequence of the mobile device using PIN input.

Figure 10 is an unlock sequence diagram of unlocking through the server/controller using PIN input and user ID/location/time confirmation.

Figure 11 shows the reset sequence diagram of using the server/controller to reset the data security system.

Figure 12 is a diagram showing the unlock sequence of using the server/controller to unlock the data security system.

Figure 13 is a sequence diagram of changing the user's password using the server/controller.

The following embodiments will be described in sufficient detail to enable those skilled in the art to make and use the present invention. It should be understood that other embodiments will be obvious according to the disclosure of the present invention, and changes can be made to the system, manufacturing process, or mechanism without violating the scope of the present invention.

In the following description, various specific details are given to provide a complete understanding of the present invention. However, it will be apparent that the present invention can be implemented without these specific details. In order to avoid obscuring the present invention, some known circuits, system configurations and process steps have not been disclosed in detail.

Similarly, the drawings of the display embodiments of the system are semi-diagrammatic and not to scale, and in particular, certain sizes are shown in the drawings for clarity and exaggeration. Many of the embodiments have certain common features for disclosure and description. For clarity and ease of description, description and understanding of the embodiments, similar and similar features will generally be described with similar or identical element symbols. Similarly, although the views in this drawing usually show similar directions for ease of explanation, the description in this drawing is in any direction for most parts. Generally, the present invention can be carried out in any direction.

The term "system" used herein refers to and defines the method and device of the present invention based on the context in which the term is used. The term "method" used here means and defines the operating steps of the device.

For convenience and without limitation, the term "data" is defined as information that can be generated by a computer or stored in a computer. The term "data security system" is defined as any portable memory device that means a combined storage medium. The term "storage medium" as used herein means and defines any solid-state, NAND flash and/or magnetic data recording system. The noun "locked" means a data security system when the storage medium is inaccessible and the noun "unlocked" means a data security system when the storage medium is accessible.

There are generally two ways to prevent tampering with storage devices:

1. Coating epoxy resin on components-The epoxy resin applied to the printed circuit board can make it difficult to disassemble the storage device without damaging the storage medium.

2. Encrypted memory data-when the data is written into the storage medium, the data is encrypted and the data needs an encryption key to be decrypted.

Referring now to Figure 1, which shows a schematic diagram of a data security system 100 according to an embodiment of the present invention. The data preservation system 100 is composed of an external communication channel 102, an authentication subsystem 104, and a storage subsystem 106.

The storage subsystem 106 is an electronic circuit including an interface controller 108, an encryption engine 110, and a storage medium 112. The storage medium 112 can be an internal or external hard disk, a USB flash drive, a solid state drive, a hybrid drive, a memory card, a cassette tape, and includes an optical disc (for example, a Blu-ray disc, a digital versatile audio-visual disc or a DVD and Optical media of compact discs or CDs. The storage medium 112 may include data protection applications, file storage systems, and cloud data storage systems. The cloud data storage system can be accessed using plug-in (plug-in or "plugin") applications or expansion software installed in the browser, whether on the host computer or via a wired or wireless network (such as radio frequency or Optical), or connected to another system of the host computer through the World Wide Web.

The interface controller 108 includes electronic components, such as a microcontroller with a software or hardware encryption engine 110, but the encryption engine 110 may also be in a different controller in the storage subsystem 106.

The authentication subsystem 104 is an electronic circuit including an authentication controller 114 (such as a microcontroller), and the authentication controller 114 may have attributes In its own non-volatile memory, such as Electronically Erasable Programmable Read-Only Memory (EEPROM, Electrically Erasable Programmable Read-Only Memory).

The external communication channel 102 provides tools for exchanging data with the host computer system 120. A universal serial bus (USB) is one of the most common tools for connecting the data security system 100 to the host computer system 120. Other examples of the external communication channel 102 include Firewire, Wireless USB, Serial ATA (SATA), High Definition Multimedia Interface (HDMI), Recommended Standard 232 (RS-232), and Radio frequency wireless network.

The interface controller 108 is capable of translating USB packet data into data that can be written into the storage medium 112 in the USB flash drive.

The encryption engine 110 implements a part of the interface controller 108 and obtains clear text and/or data (information) from the host computer system 120 and then converts the text and/or data into the MSD or the storage medium 112 The encrypted form. The encryption engine 110 also converts and decrypts the encrypted information from the storage medium 112 into clear information to the host computer system 120. The encryption engine 110 can also be a dual-controller sub-system, which has: an encryption controller, which has the ability to dynamically encrypt/decrypt data and manage communication protocols, memory, and other operating conditions; and a communication/security controller that uses It handles the communication, encryption key management and communication with the encryption controller.

The encryption engine 110 needs an encryption key 116 to encrypt/decrypt information. The encryption key 116 is used in an algorithm (for example, 256-bit Advanced Encryption Standard (AES, Advanced Encryption Standard) encryption). The algorithm separately encrypts/decrypts data by means of an encryption algorithm to make the data unavailable. Read or readable. The encryption key 116 can be stored inside or outside the authentication controller 114.

Once the user 122 with the identification number or key has verified against the authentication key 118, the encryption key 116 will be transmitted to the encryption engine 110 through the authentication subsystem 104.

It has been found that by using the authentication key 118 and the encryption key 116, the portable memory storage device of various embodiments of the present invention can provide an extremely high degree of security previously unavailable in such devices.

When the data security system 100 is locked, the authentication key 118 is still inside the authentication subsystem 104 and cannot be read by the outside. One method of hiding the authentication key 118 is to store the authentication key 118 in the authentication controller 114 in the authentication subsystem 104. The authentication controller 114 sets a security fuse so that the authentication key 118 cannot be accessed unless the authentication controller 114 allows extraction when the user 122 has been confirmed. Many microcontrollers are equipped with a safety fuse that prevents access to any internal memory when blown. This is a well-known and widely used security feature. Such a microcontroller can be used in the authentication controller 114. The authentication controller 114 may be a microcontroller or a microprocessor.

The authentication key 118 can be used in several functional forms:

1. As the encryption key 116, it is used to directly encrypt/decrypt the information.

2. As a key, it is used to recover the encryption key 116 stored in the data security system 100 that can be accessed by the interface controller 108.

3. Used for direct comparison by the interface controller 108 to activate the external communication channel 102.

Referring now to Figure 2, which shows the description of the authentication key delivery method used in conjunction with the data security system 100. In this description, the authentication key 118 and the encryption key 116 are combined and the same. The encryption engine 110 uses the authentication key 118 as the encryption key 116.

The user 122 must interact with the authentication subsystem 104 by providing the user identification 202, number or key to the authentication subsystem 104. The authentication subsystem 104 authenticates the user 122 against the authentication key 118. The authentication subsystem 104 then transmits the authentication key 118 as the encryption key 116 to the interface controller 108.

The encryption engine 110 in the interface controller 108 uses the authentication key 118 to convert the clear information into encrypted information and the encrypted information into clear information along the channel 206. Without the encryption key 116, any attempt to read the encrypted information from the storage medium 112 usually results in any information that cannot be used by the computer.

Referring now to FIG. 3, a different system for the user 122 to interact with the data security system 300 is shown. The interaction can be through a communication combination 301, which can be a physical contact, a wired connection, or a wireless connection with a mobile phone, a smart phone, a smart watch, a wearable application, or other wireless devices.

In one of the authentication systems, the mobile transceiver 302 is used to transmit the user identification 304 to the data security transceiver 306 in the authentication subsystem 310. For illustrative purposes, the transceiver is used for the flexibility of two-way communication, but a transmitter-receiver combination for one-way transmission can also be used. The authentication subsystem 310 includes the authentication controller 114, and the authentication controller 114 is connected to the interface controller 108 in the storage subsystem 106. The user identification 304 is provided from the mobile transceiver 302 outside the storage subsystem 106 of the data security system 300 to the data security transceiver 306 in the authentication subsystem 310. The wireless communication can include wireless fidelity (WiFi, Wireless Fidelity), Bluetooth (BT, Bluetooth), Bluetooth Smart, Near Field Communication (NFC, Near Field Communication), Global Positioning System (GPS, Global Positioning System), optical , Mobile communications (for example, Long-Term Evolution (LTE, Long-Term Evolution), Long-Term Evolution Advanced (LTE-A, Long-Term Evolution Advanced)), Code Division Multiple Access (CDMA, Code Division Multiple Access), broadband Code Division Multiple Access (WCDMA, Wideband Code Division Multiple Access), Universal Mobile Telecommunications System (UMTS), Wireless Broadband (WiBro, Wireless Broadband) or Global System for Mobile Communications (GSM) And similar technologies.

The authentication subsystem 310 verifies the user 122 against the authentication key 118 by the code sent from the mobile transceiver 302 that is verified against the authentication key 118. The certification sub-system 310 then The encryption key 116 is transmitted to the interface controller 108 across the communication combination 301.

The encryption engine 110 then uses the encryption key 116 along the channel 206 to convert the clear information into encrypted information and the encrypted information into clear information. Without the encryption key 116, any attempt to read the encrypted information from the storage medium 112 will result in information that the host computer system 120 cannot use.

In the optional second authentication mechanism, by allowing the user 122 to use the biometric sensor 320 to provide the biometric input 322 to confirm that his/her identity is an authorized user, the authentication subsystem 310 can The user 122 is verified against the authentication key 118. The types of biometrics include fingerprints, iris scans, voiceprints, and so on.

In the optional third authentication mechanism, by allowing the user 122 to use the motor input mechanism 330 to provide a unique code 332 to confirm that his/her identity is an authorized user, the authentication subsystem 310 can compare the authentication The key 118 authenticates the user 122. The unique code 332 may include a numeric code, a code composed of letters and numbers, or an alphabetic code, such as a PIN. The motor input mechanism 330 is located inside the authentication subsystem 310. The motor input mechanism 330 receives the unique code 332 from the user 122 from outside the data security system 300. The unique code 332 is provided to the motor input mechanism 330 in the authentication subsystem 310 outside the storage subsystem 106 of the data security system 300.

No matter which method is used to authenticate the user 122, the authentication key 118 and the encryption key 116 remain hidden until the user Authorized.

Referring now to FIG. 4, it shows an explanation of how the user 122 can use the host computer system 120 to interact with the data security system 400.

The host computer system 120 is provided with a host application 402. The host application 402 is software or firmware, and communicates through the external communication channel 102 of the data security system 400.

The host application 402 delivers the host identification code 406 associated with its environment, such as internal component serial number (for example, hard disk), the media access control (MAC, Media Access Control) address of the network card, and the user's login name , Internet Protocol (IP, Internet Protocol) address, ID created by the data security system and stored on the host, ID created by the data security system and stored on the network, etc. The host identification code 406 is used by the authentication subsystem 408 in the data security system 400.

When the authentication subsystem 408 verifies the user 122 against the authentication key 118 by confirming the host identification code 406, the data security system 400 will be unlocked.

For example, the user 122 connects the locked data security system 400 to the host computer system 120. The host application 402 sends the MAC address of its own network card to the data security system 400. The data security system 400 recognizes that the MAC address is legal and unlocks it without the need for the user 122 in FIG. 1 to input user identification. This implementation does not require any interaction with the user 122. In this example, the tested The proof is the host computer system 120 and the environment associated with it.

The data security system 400 includes: providing the authentication key 118 stored in the authentication subsystem 104; using the authentication subsystem 104 to provide confirmation of the host computer system 120; and submitting the security encryption through the authentication subsystem 104 The key 116 is given to the storage sub-system 106; and the storage sub-system 106 decrypts the storage medium content to provide access to the storage medium 112.

The data preservation system further includes the authentication sub-system 104 for interpreting the biometric input and confirming the user 122.

The data preservation system further includes directly using the authentication key 118 as the encryption key 116.

The data preservation system further includes using the authentication key 118 to decrypt and extract the encryption key 116 for decoding internal content.

The data preservation system further includes the authentication sub-system 104 for interpreting signal input and confirming the sending unit.

The data preservation system further includes the authentication sub-system 104 for interpreting the manually typed input and confirming the user 122.

The data preservation system further includes the authentication subsystem 104 for interpreting the input sent by the host resident software application to confirm the host computer system 120.

The data security system further includes the encryption engine 110 external to the interface controller 108 but connected to the external communication channel 102 for converting explicit data into encrypted data for unlocking the data security system 100.

Referring now to Fig. 5, it shows a data preservation method 500 confirmed by the user of the data preservation system 100. The data preservation method 500 includes: verifying the user against the authentication key in step 502; using the authentication key for extracting the encryption key in step 504; and using the encryption key for extracting the encryption key in step 506 It allows unencrypted communication through the storage subsystem between the host computer system and the storage medium.

Referring now to Figure 6, an exemplary data security communication system 600 is shown. An exemplary data security communication system 600 includes a mobile device 610, a data security system 620, a host computer 630, and a server/controller 640. The mobile device 610 and the server/controller 640 are connected in a wired or wireless manner through a cloud 650, which may be an Internet cloud. The mobile device 610 and the data security system 620 are connected by the communication combination 301.

In the exemplary data security communication system 600, the communication combination 301 includes a mobile transceiver 612 located in the mobile device 610, which has an antenna 614 and a data security transceiver 624 located in the data security system 620. The antenna 622 communicates wirelessly.

In one of the embodiments, the mobile device 610 may be a smart phone. In the mobile device 610, the mobile transceiver 612 can be connected to conventional mobile device components and to the data security system application 618, and the mobile transceiver 612 provides information for the data security system 620 to use.

The data security transceiver 624 is connected to the security controller 626. The security controller 626 may contain identification, password, personal data, or information containing different mobile devices that can access the data security system 620. The security controller 626 is connected to a secondary system similar to the authentication subsystem 310, the storage subsystem 106 (in some embodiments, the storage subsystem 106 may have encryption to encrypt data), and the external communication channel 102.

The external communication channel 102 can be connected to the host computer 630 to allow access to the data in the storage subsystem 106 under a specific environment.

An embodiment of the data preservation system 620 can only use wireless connection to the mobile device 610, such as a smart phone, thereby eliminating the biometric sensor 320 and the motor input mechanism 330 in FIG. 3. It has been found that this implementation makes the data protection system 620 more secure and useful.

The data security system application 618 allows the mobile device 610 to find all data security systems located near the mobile device 610 and display their status (locked/unlocked/blank, paired/unpaired, etc.).

The data security system application 618 allows the mobile device 610 to connect/pair, lock, unlock, change the name and password, and reset all data on the data security system 620.

The data security system application 618 allows the mobile device 610 to set inactivity auto-lock, so as to automatically lock the data security system 620 after a predetermined period of inactivity. Or set the proximity auto-lock so that when the mobile device 610 is not within the predetermined sensing distance for a predetermined period of time, the data security system 620 will be locked (to improve reliability and avoid signal bounce) ).

The data security system application 618 allows the mobile device 610 to remember passwords, use TouchID and Apple watches (both TouchID and Apple watches mentioned here are only examples, there are many biometrics that can be used in similar modes) Other mobile devices such as sensors and wearable devices) so that the data security system 620 can be unlocked without the need to enter a re-entry password on the mobile device.

The data security system application 618 allows the mobile device 610 to be configured to only operate with a specific mobile device, such as the mobile device 610, so that the data security system 620 cannot be unlocked by other mobile devices (1Phone).

The data security system application 618 allows the mobile device 610 to set the data security system 620 as read-only.

The data security system application 618 allows the mobile device 610 to operate in a user mode or an administrator mode (the administrator's mode overrides the user's settings) and use the server/controller 640. The server/controller 640 is a combination of a computer and a control panel, and the control panel is used to input information into the computer.

The server/controller 640 contains a user management database 642, which contains additional information that can be transmitted to the mobile device 610 via the cloud 650 to provide additional functionality To the mobile device 610.

The user management database 642 allows the server/controller 640 to create and confirm users using UserID (user name and password) and block/allow unlocking the data security system 620 and provide remote assistance.

The user management database 642 allows the server/controller 640 to reset or unlock the data security system 620 remotely.

The user management database 642 allows the server/controller 640 to remotely change the PIN of the user of the data security system.

The user management database 642 allows the server/controller 640 to restrict/allow the unlocking of the data security system 620 from a specific location (by using geofencing).

The user management database 642 allows the server/controller 640 to restrict/allow the unlocking of the data security system 620 in a specific time period and different time zones.

The user management database 642 allows the server/controller 640 to restrict the unlocking of the data security system 620 outside the specific team/organization/network, etc.

Referring now to FIG. 7, which shows an administrator sequence diagram showing the operation sequence between the mobile device 610 and the data preservation system 620.

The connection 700 between the data security system 620 and the mobile device 610 first establishes mutual discovery with other devices or systems, pairing the device and the system, and connecting the device and the system. The connection 700 is using The shared secret is secured, and then the shared secret is used to secure (encrypt) the communication between the data security system 620 and the mobile device 610 for all future communication conversations. The standard encryption algorithm is selected so that it can be effectively executed on the data security system 620 and can be recognized by global security standards.

As long as the data security system 620 and the mobile device 610 are within a predetermined distance from each other, the connection 700 is maintained by the data security system application 618 or the security controller 628 or both. Furthermore, if the predetermined distance is exceeded, the connection 700 will be maintained for a predetermined period of time, and the data security system 620 will be locked after the period of time.

After the mobile device 610 and the data security system 620 are connected, the data security system manager application startup operation 702 is generated in the mobile device 610. Then the administrator sets a password in the administrator password operation 704. And after the mobile device 610 is connected to the data security system 620, the data security system 620 is connected to the host computer 630 in FIG. 6 and activated by the host computer 630 in the data security system connection, activation, and discovery operation 706 And discover.

After the administrator password operation 704, the mobile device 610 sends a set administrator password and an unlock signal 708 to the data security system 620. The setting of the administrator password and the unlock signal 708 causes the administrator password setting and data security system unlock operation 716 to be generated in the data security system 620.

When the administrator’s password is set and the data security system is unlocked When the operation 716 is completed, it is confirmed that the data security system unlock signal 712 is sent to the mobile device 610, and in the mobile device 610, it is confirmed that the data security system unlocking is operated as the administrator operation 714. The confirmation: Unlocking the data security system as an administrator operation 714 allows setting other restriction operations 716 to be executed using the mobile device 610. The setting other restriction operation 716 causes the setting manager restriction signal 718 to be sent to the data security system 620, wherein the manager restriction is set and it is confirmed that the restriction setting signal 720 is returned to the mobile device 610. After that, the mobile device 610 and the data security system 620 are in fully operational communication.

Because it can communicate with the data security system 620 without physically contacting the data security system 620, a large number of interactions with the data security system 620 require a unique identification code of the data security system to complete, and the data security system The unique identification code is printed on the data security system 620 or attached to the data security system 620 packet, and is easily obtainable by the owner of the data security system 620.

This unique ID is required when making a request that may affect user data (such as unlocking or resetting the data security system 620). Attempts to perform this operation without the correct identification code will be ignored and cause no harm. The unique identification code is used to identify the data security system 620 to the mobile device 610 in a way that requires the user to have physical control of the data security system 620, and to confirm that the connection 700 is established in an authorized, previously Between the paired devices and systems, such as the mobile device 610 and the data security system 620. Once these devices are paired, the shared secret can be used to encrypt the communication.

Pairing means that the mobile device and the data security system have a unique and defined relationship that was established and continued at a certain time in the past.

When the user has physical control of the data security system, the unique identification code can give the user some control over the data security system.

In the case that the mobile device 610 is a smart phone, in order to increase the security of the communication with the data security system 620, the user can choose to enable a function, for example, a function called 1Phone here. This function limits the interaction with a large number of users of the data security system 620 to one and only one mobile device 610. This is accomplished by replacing the unique identification code of the data security system described above with a random identification code that is securely shared between the data security system 620 and the mobile device 610. Therefore, for example, when the user unlocks the data security system 620, the 1Phone identification code must be given instead of presenting the unique identification code of the data security system. In effect, in addition to the PIN or password, this approach makes the user's mobile device 610 the second authentication factor for using the data security system 620. For example, a paired user phone selected as "1Phone" can be used without a PIN, as a single factor for user authentication and/or in combination with any other user authentication factors. If this type of function (1Phone) is selected, the data protection system 620 cannot be opened with any other mobile phones except that the unlocking of the administrator has been enabled before.

It will be understood that other embodiments may require the administrator's password on the data security system 620 to facilitate the use of the 1Phone function. Another embodiment may require that on the mobile device 610 In the case that the 1Phone data is lost, the server/controller 640 can restore the data security system 620.

The user can enable the induction automatic lock function for the data security system 620. During the communication session, the data security transceiver 624 in FIG. 6 reports back to the data security system 620 to measure the signal strength of the mobile device 610. The data security system application 618 on the mobile device 610 sends to the data security system 620 both the initial signal power level and the threshold for sensing.

Because the signal strength will vary due to the environmental conditions around the transceiver, the data security system 620 will mathematically smooth the signal strength measurement to reduce the possibility of false positives. When the data security system 620 detects that the received signal power has fallen below a predetermined threshold for a predetermined period of time, it will immediately lock the data security system 620 and avoid access to the storage sub-system in Figure 6 106.

The data security system 620 can be used in three different modes: user mode, in which the functionality of the data security system 620 is determined by the user; manager mode, in which the manager can set the manager password and force certain Restricted to the data security system 620 (for example, automatically locked after a predetermined period of inactivity, read-only, 1Phone) and the restriction cannot be removed by the user; and the server mode, in which the role of the administrator is set, the server The device/controller 640 can remotely reset the data security system 620, change the user password, or just unlock the data security system 620.

Now refer to Figure 8, which shows that the mobile device 610 is The unlock sequence diagram of authentication factors. The figure shows the automatic unlocking procedure of the data security system 620 initialized by the data security system application 618 from a specific mobile device (the mobile device 610). The user can use only one of the mobile devices initially paired with the data security system 620. If the paired mobile device 610 is lost, the data security system 620 may not be able to unlock (unless the administrator password as shown in Figure 7 is previously set).

Similar to FIG. 7, after the connection 700 is established, the data security system application start operation 800 is generated. After the data security system connects, starts, and discovers operations 706, the mobile device ID unlock signal 802 is sent from the mobile device 610 to the data security system 620. The data security system unlock operation 804 is generated, and then a confirmation is sent from the data security system 620: a data security system unlock signal 712. After confirming: the data security system unlocking operation 806, the mobile device 610 and the data security system 620 are in fully operational communication.

If the Personal Identification Number (PIN) is not set, the paired mobile device is used as a single authentication factor (1-authentication factor).

Referring now to FIG. 9, it shows an unlock sequence diagram showing the unlocking of the mobile device 610 using PIN input. The figure shows the process of unlocking the data security system 620 by entering a PIN into the data security system application 618 in the mobile device 610.

Although similar to Figures 7 and 8, the input user name/password operation 900 is in the data security system application startup operation 800 Later produced. After the input user name/password operation 900, the mobile device 610 sends a confirmation user ID signal 902 to the server/controller 640. The server/controller 640 then makes a determination 904 that the username/password is valid.

When the user name/password validity determination 904 confirms the user, the valid user signal 906 is sent to the mobile device 610 for the user to input the correct PIN by the PIN input operation 908 in the mobile device 610. The mobile device 610 then sends a confirmation unlock signal 910 to determine whether the correct PIN has been entered into the server/controller 640.

The server/controller 640 makes a user authorization decision 912 to determine whether the user is authorized to use the specific data security system authorized by the PIN, such as the data security system 620. If authorized, the unlock permission signal 914 is sent to the mobile device 610, and the mobile device 610 transmits the unlock request signal 916 to the data security system 620.

The data security system unlocking operation 804 will be performed and confirm: the data security system unlock signal 712 will be sent to the mobile device 610 that will perform the confirmation: the data security system unlocking operation 806.

Referring now to FIG. 10, an unlocking sequence diagram of unlocking through the server/controller 640 using PIN input and user ID/location/time confirmation is displayed. The figure is obtained by entering a PIN from the mobile device 610 in the data security system application 618, using the UserID (user name/password) to authenticate in the server/controller 640 server, and by confirming that the geofence is allowed. Unlock the data security system 620 at a specific location and within a specific time range, showing the safest way to unlock the data security system 620 The whole process. Without entering the PIN, user name and password, and leaving the mobile device 610 at a specific (predetermined) location and specific (predetermined) time, the data security system 620 cannot be unlocked.

Although similar to Figures 7-9, at the server/controller 640, the unlocking of the specific data security system operation 1000 will be executed to allow the setting of the required conditions, under which the specific data security system will be operated, For example, the data preservation system 620,. For example, the condition may be within a specific geographic area and/or within a specific time range.

At the mobile device 610, a determination of the current conditions, such as the obtained position and/or the current time operation 1002, will be made. This operation will be performed to determine where the mobile device 610 is located or the current time when the mobile device 610 is located. It is also possible to determine other current conditions of the mobile device 610 and send the confirmation unlock signal 1004 to the server/controller 640 that makes the condition meet the determination 1006.

When the required conditions are met, the unlock permission signal 1008 is sent to the mobile device 610 for the PIN input operation 908 to be performed. After inputting the PIN, it is confirmed that the unlocking signal 1010 is sent together with the PIN and the identification of the data security system 620 that senses the mobile device 610 in operation. The confirmation unlock signal 1010 is received by the server/controller 640 and a data security system permission determination 1012 is made to determine that the specific data security system is allowed to be unlocked by an authorized user. The server/controller 640 confirms that the "specified" user is authorized to use the specified data security system.

After determining that the correct information has been provided, the server The console 640 will provide an unlock permission signal 914 to the mobile device 610, and the mobile device 610 will provide an unlock request signal 916. The unlock request signal 916 causes the data security system 620 to operate.

Referring now to FIG. 11, it shows a reset sequence diagram of using the server/controller 640 to reset the data security system 620. This figure shows the ability to remotely reset the data security system 620 via the server/controller 640. The data preservation system 620 can only receive commands from the mobile device 610 via a wireless connection. However, by setting the "reset" flag on the server/controller 640 for a specific data security system (using its own serial number (S/N)), the data security running on the mobile device 610 The system application 618 will query the server/controller 640 for any flags/pending requests in the user management database 642. When the user connects to the data security system 620, the data security system application 618 on the mobile device 610 will execute a waiting "reset" command. After a successful reset (all user data and certificates disappear), the server/controller 640 will remove the reset flag so that when the mobile device 610 is connected to the specific data security system, the reset is as follows It will not be executed once.

Although similar to FIGS. 7-11, the mobile device 610 responds to the valid user signal 906 to send any command waiting signal 1100 to the server/console 640 to make a reset command decision 1102. When the reset command appears, the reset execution signal 1104 will be sent to the mobile device 610.

The mobile device 610 will send a reset security system signal 1106 to the data security system 620 to start the data security system reset operation 1108. Once the data security system reset operation 1108 is completed, the data security system 620 will send a confirmation: a data security system reset signal 1110 to the mobile device 610 to confirm the setting: the data security system reset operation 1112 enters the operation. After that, the mobile device 610 and the data security system 620 are reset to the data security system 620 in a fully operable communication state.

Referring now to FIG. 12, an unlock sequence diagram of using the server/controller 640 to unlock the data security system 620 is shown. This figure shows the ability of remotely unlocking the data security system 620 via the server/controller 640. The data preservation system 620 can only receive commands from the mobile device 610 via a wireless connection. However, by setting the "Administrator Unlock" flag on the server/controller 640 control panel for a specific data security system (using its own serial number (S/N)), the mobile device 610 running on the The data security system application 618 will query the server/controller 640 for any flags/pending requests. When the user connects to the data security system 620, the data security system application 618 on the mobile device 610 will execute the wait for the "manager to unlock" command. After the successful administrator unlocks, the user's data remains unchanged, but the user's password will be removed (the data security system 620 cannot be unlocked by the user). The server/controller 640 will remove the reset flag for the data protection system 620, so when the mobile device 610 is connected to the data protection system 620, the reset will not be performed next time.

Although similar to Figures 7-11, after receiving any command to wait for the signal 1100, when there is a command to unlock with the administrator’s password, The server/controller 640 performs unlocking 1200. The administrator's password unlock signal 1202 is sent to the mobile device 610, and the mobile device 610 provides the administrator's password unlock signal 1204 to the data security system 620 to start the data security system unlock operation 804. After that, the mobile device 610 and the data security system 620 are in a fully operable communication state.

Referring now to Figure 13, which shows a sequence diagram of changing user passwords using the server/controller 640. This figure shows the ability to remotely change the user password for the data security system 620 via the server/controller 640. Even though the data security system 620 can only receive commands from the mobile device 610 via a wireless connection, by setting the "change user password" flag on the server/controller 640 console for a specific data security system (using With its own serial number (S/N)), the data security system application 618 running on the mobile device 610 will query the server/controller 640 for any flags/pending requests. When the user connects to his data security system 620, the data security system application 618 on the mobile device 610 will execute the waiting "change user password" command. After successfully unlocking and changing the password, the user's data remains unchanged and the data security system 620 can be unlocked with the new user password. The server/controller 640 will remove the "change user password" flag for the data security system 620, so when the mobile device 610 is connected to the specific data security system, the change user password flag The mark will not be executed next time.

Although similar to Figures 7-12, the server/controller 640 responds to any command waiting signal by making a password change decision 1300 1100. When the password has been changed at the server/controller 640, the user password change signal 1302 is sent to the mobile device 610, and the mobile device 610 sends the user password change signal 1304 to the data security system 620. After that, the mobile device 610 and the data security system 620 are in a fully operable communication state with the new password.

The operation method of the data security system includes: providing a mobile device with a data security system application for connecting with the data security system; starting the data security system application; and maintaining the connection between the data security system and the mobile device.

As in the method described above, the maintaining the connection is maintaining the connection when the data security system is within the predetermined sensing distance of the mobile device.

As in the method described above, in which the connection is maintained when the data security system is maintained within the predetermined sensing distance of the mobile device for a predetermined period of time.

As in the method described above, wherein establishing the connection includes using two-way communication between the data security system and the mobile device.

As with the method described above, wherein establishing the connection includes using one-way communication between the data security system and the mobile device.

Like the method described above, it further includes the communication between the mobile device with the data security system application and the server containing the user management database.

Like the method described above, it further includes providing the security information in the security controller in the data security system.

As the method described above, it further includes: providing a server with the identity of a specific data security system; providing the data security system with a specific identity; and when the identity of the specific data security system is the same as the When the specific identity of the data security system is identified, the data security system is unlocked.

As the method described above, wherein providing a mobile device with the data security system application provides an application for a data security system administrator and further includes: setting the administrator’s password in the mobile device; transmitting from the mobile device The password of the manager is to the data security system; and the password of the manager is set in the data security system and unlocks the data security system.

As the method described above, it further includes: providing an unlocking request combined with the mobile device identification from the mobile device to the data security system; and receiving the unlocking request in the data security system and unlocking the data security system.

Like the method described above, it further includes: inputting a user name or password in the mobile device; after receiving the user name or password by the mobile device, determining when the user name or password is in the server Valid; when the user name or password is valid, communication is generated from the server to the mobile device; and when the user name or password is valid to unlock the data security system, from the mobile device to the data security system Generate communications.

As the method described above, it further includes: inputting the user name or password in the mobile device; after receiving the user name or password by the mobile device, determining when the user name or password is valid in the server When the user name or password is valid, the server communicates with the mobile device; after receiving the identification number from the mobile device, determine when the identification number is valid in the server; And when the server determines that the identification number is valid, it unlocks the data security system through the mobile device.

As the method described above, it further includes: providing the valid location of the mobile device to the server; determining when the mobile device is in the valid location in the server; and when the server determines that the mobile device is in the valid location When in the valid location, unlock the data security system through the mobile device.

Like the method described above, it further includes: providing the current time for the operation of the data security system at the mobile device to the server; determining when the mobile device is in the current time in the server; and When the server determines that the mobile device has the current time, the data security system is unlocked through the mobile device.

As the method described above, it further includes: providing a command in a server; providing the command to the mobile device by the server in response to a command waiting signal from the mobile device; and when the command is issued by the server When provided, execute the command in the data security system through the mobile device.

Like the method described above, it also includes: The change password command in the server; the server provides the change password command to the mobile device in response to the change password signal from the mobile device; and uses the change password in the data security system to unlock the data security system .

Like the method described above, it further includes connecting the data security system to the host computer for activation and discovery by the host computer.

The data security system includes: a data security transceiver or receiver; an authentication sub-system operably connected to the data security transceiver or receiver; and a storage sub-system connected to the authentication sub-system.

As described above, the system further includes a security controller connected to the data security transceiver or the receiver and to the authentication sub-system.

The system as described above further includes a mobile device with a data security system application. When the data security system is within a predetermined sensing distance of the mobile device, it operates together with the security controller to maintain the connection.

As described above, the system further includes a mobile device with a data security system application. When the data security system is within the predetermined sensing distance of the mobile device for a predetermined period of time, it is used to operate together with the security controller To maintain the connection.

As described above, the system further includes a mobile device with a mobile transceiver or receiver for maintaining the connection, including the use of two-way communication between the data security system and the mobile device.

As described above, the system further includes A mobile device with a connected mobile transceiver or receiver includes the use of one-way communication between the data security system and the mobile device.

As described above, the system further includes wired or wireless communication between a mobile device with a data security system application and a server containing a user management database.

Like the system described above, the data security system includes an external communication channel for connecting to the host computer.

The present invention provides a method including: detecting the connection of a data storage device with a locked data channel, the data storage device further comprising: an interface controller for communicating through the data channel; a memory; and an authentication time A system with authentication information and encryption keys; an encryption engine; and a wireless transceiver for radio frequency communication outside the data channel; through the wireless transceiver, the data channel through the interface controller is locked When the user authentication input is received; unlock the data channel of the data storage device based on the received user authentication input and the authentication information of the authentication subsystem; and when the data channel is unlocked: store encrypted data Before in the memory, encrypt the data received through the data channel with an encryption key; and decrypt the data from the memory with the encryption key before sending the decrypted data through the data channel.

The present invention provides a data storage device, including: a memory; an interface controller for communicating through a data channel that is locked until the user is authorized; and a wireless transceiver for the data RF communication outside the channel, the wireless transceiver is configured to receive user authentication input; an authentication sub-system, which has authentication information and The encryption key unlocks the data channel of the data storage device based on the received user authentication input and the authentication information; and an encryption engine that encrypts the data through the encryption key before storing the encrypted data in the memory The data received by the data channel and the data from the memory are decrypted by the encryption key before sending the decrypted data through the data channel.

The present invention provides a system including: one or more computer processors; a data channel connected to the one or more computer processors; and a self-encrypting device connected to the data channel, the self-encrypting device including : An authentication subsystem includes an authentication processor; an encryption engine; a storage medium for storing encrypted data, which is encrypted by an encryption key provided by the authentication subsystem; a radio frequency (RF, radio frequency) ) The transceiver communicates with the data channel externally; and a data interface of an interface controller is coupled to the data channel. The data interface is locked from sending and receiving data until the self-encrypting device passes the authentication sub-system The user authentication information received through the RF transceiver is unlocked.

The present invention provides a method including: providing a self-encrypting device in a host computer system, the host computer system further has one or more processors and a data channel, the data channel is connected to the one or more processors and Connect to the self-encrypting device; establish a communication channel between the data interface of the self-encrypting device and the data channel, the communication channel is locked until the self-encrypting device is authorized; through the self-encrypting device's radio frequency (RF, radio frequency) The transceiver is used for communication outside the data channel to receive user authentication information; the authentication subsystem of the self-encrypting device unlocks the communication channel according to the user authentication information; The my encryption device receives the encrypted data with the encryption key provided by the authentication sub-system of the self-encrypting device through the data interface; and stores the encrypted data in the storage sub-system of the self-encrypting device.

Although the present invention has been described in conjunction with the specific best mode, it should be understood that many alternatives, modifications and changes will be obvious to those familiar with the art based on the previous description. Therefore, the present invention is intended to include all such substitutions, modifications and changes within the scope of the included patent application. All items proposed or shown in the attached drawings should be interpreted as explanations and limitations.

100: Data Protection System

102: External communication channel

104: certification sub-system

106: storage system

108: Interface Controller

110: encryption engine

112: storage medium

114: Certified Controller

116: Encryption key

118: authentication key

120: host computer system

122: User

Claims (27)

An operation method of an encrypted data security system includes: detecting the connection of a data storage device with a locked data channel, the data storage device further comprising: an interface controller for communicating through the data channel; A memory; an authentication sub-system with authentication information and encryption keys; an encryption engine; and a wireless transceiver for radio frequency communication outside the data channel; through the wireless transceiver, the interface controller When the data channel of is locked, the user authentication input is received; the wireless transceiver communicates with the application in the mobile device, wherein the remote server verifies the user by confirming the existence of the mobile device in the predetermined location Authentication input and authentication location allow to restrict the use of the data storage device in a specific location; after the user is authenticated by the remote server, the data storage device receives the user from the mobile device through the wireless transceiver Authentication input; unlock the data channel of the data storage device based on the received user authentication input and the authentication information of the authentication subsystem; and when the data channel is unlocked: store encrypted data in the memory Previously, through the addition The secret key encrypts the data received through the data channel; and before sending the decrypted data through the data channel, decrypt the data from the memory through the encryption key. For example, the method described in claim 1 further includes: transmitting the encryption key from the authentication sub-system to the encryption engine according to the unlocking, wherein the encryption key is not stored in the memory of the data storage device In the body, the encryption key is not accessed from outside the data storage device. According to the method described in claim 1, wherein receiving the user authentication input further includes: the application in the mobile device communicates via the wireless transceiver; and receiving the user authentication input from the mobile device. The method described in item 1 of the scope of patent application further includes: after the application in the mobile device receives a command to change the authentication information from the remote server, receiving the command to change the authentication information from the mobile device The certification information of the application. Such as the method described in item 1 of the scope of patent application, wherein the application in the mobile device allows the mobile device to lock the data channel of the data storage device, unlock and change the data channel of the data storage device User name, change the authentication information, and reset the data storage device. The method described in item 1 of the scope of patent application, wherein the application in the mobile device causes the remote server to reset the data storage device And unlock the data storage device. The method described in item 1 of the scope of patent application, wherein the application in the mobile device enables the remote server to restrict the use of the data storage device in a specific location by confirming the existence of the mobile device in the geofence . The method described in item 1 of the scope of patent application, wherein the application in the mobile device causes the remote server to restrict the use of the data storage device in a specific time zone and time period. Such as the method described in item 1 of the scope of patent application, wherein the data channel is a computer bus interface. For example, the method described in item 1 of the scope of patent application, wherein the radio frequency communication is wireless fidelity (WiFi, Wireless Fidelity), Bluetooth (BT, Bluetooth), Bluetooth Smart (BLE, Bluetooth Smart), near field communication ( NFC, Near Field Communication, or cellular communication. A data storage device includes: a memory; an interface controller for communicating through a data channel, the data channel is locked until the user obtains authorization; a wireless transceiver is used for the outside of the data channel Radio frequency communication, the wireless transceiver is configured to receive user authentication input, the wireless transceiver is configured to: communicate with the application in the mobile device, wherein the remote server confirms the mobile in a predetermined location Device presence verification The user authentication input and the authentication location allow to restrict the use of the data storage device in a specific location; and after the user is authenticated by the remote server, the user authentication input is received from the mobile device; one authentication time The system has authentication information and an encryption key, unlocks the data channel of the data storage device based on the received user authentication input and the authentication information; and an encryption engine, before storing encrypted data in the memory, The data received through the data channel is encrypted by the encryption key, and the data from the memory is decrypted by the encryption key before the decrypted data is sent through the data channel. For example, the data storage device described in item 11 of the scope of patent application, wherein the authentication sub-system transmits the encryption key to the encryption engine according to the unlocking, wherein the encryption key is not stored in the memory of the data storage device In the body, the encryption key is not accessed from outside the data storage device. For the data storage device described in claim 11, wherein receiving the user authentication input further includes: communicating with the application in the mobile device via the wireless transceiver; and from the mobile device via the wireless transceiver The device receives the user authentication input. For example, the data storage device described in item 11 of the scope of patent application, wherein the authentication subsystem is configured to interface with the application in the mobile device After receiving an instruction to change the authentication information from the remote server, receive the instruction to change the authentication information from the application in the mobile device. An encrypted data security system, the data security system comprising: one or more computer processors; a data channel connected to the one or more computer processors; and a self-encrypting device connected to the data channel , The self-encrypting device includes: an authentication sub-system including an authentication processor; an encryption engine; a storage medium storing encrypted data, the encrypted data being encrypted by an encryption key provided by the authentication sub-system; A radio frequency (RF) transceiver communicates externally with the data channel. The radio frequency transceiver is configured to communicate with an application in a mobile device. The remote server confirms the The existence of the mobile device verifies the user authentication input, and the verification location allows to restrict the use of the self-encrypting device in a specific location; and after the user is authenticated by the remote server, the user authentication input is received from the mobile device ; And a data interface of an interface controller, which is coupled with the data channel, the data interface is locked from sending and receiving data until the self-adding The secret device is unlocked by the user authentication information received by the authentication subsystem through the RF transceiver. For example, the system described in claim 15, wherein the RF transceiver is configured to receive the user authentication information from the mobile device, and the mobile device is separated from the one or more computer processors, wherein the The self-encrypting device is configured to unlock the data interface in response to the user authentication information received from the mobile device. The system described in the 16th patent application, wherein the RF transceiver is configured to use independent encryption in the RF communication of the mobile device, and the independent encryption is provided by the communication protocol used for the RF communication The encryption is separated. For example, the system described in item 16 of the scope of patent application, wherein the application in the mobile device authenticates the user through the management server to authorize the user, wherein the mobile device sends an unlock command to the self-encrypting device in response The management server authenticates the user. For example, the system described in item 15 of the scope of patent application further includes: an encryption engine, wherein the authentication sub-system stores an encryption key, and when the user is successfully authorized, the authentication sub-system transmits the encryption key to The encryption engine. For example, the system described in item 15 of the scope of patent application, wherein when detecting that the system is shut down, the self-encrypting device initializes a timer, wherein if the system is restarted before the timer expires, the self-encrypting device The encryption device is initialized in an unlocked state, where if the system is restarted after the timer expires, the self-encrypting device is locked State initialization. Such as the system described in item 15 of the scope of patent application, wherein the data is transmitted in a clear form between the data interface and the data channel. Such as the system described in item 15 of the scope of patent application, wherein the system is a laptop computer, a personal computer, a kitchen appliance, a printer, a scanner, a server, a tablet computer device, a medical device, a door unlocking system, and a security One of access systems, access control devices, home automation devices, household appliances, mobile phones, vehicles, or smart TV sets. An operation method of an encrypted data security system includes: providing a self-encrypting device to a host computer system, the host computer system further has one or more processors and a data channel, the data channel is connected to the one or More processors and connected to the self-encrypting device; establishing a communication channel between the data interface of the self-encrypting device and the data channel, and the communication channel is locked until the self-encrypting device is authorized; through the self-encrypting device The radio frequency (RF) transceiver receives user authentication information for communication outside the data channel; communicates with the application in the mobile device through the radio frequency transceiver, where the remote server confirms the predetermined location The existence of the mobile device within the verification user authentication input, and the verification location allows to restrict the use of the self-encrypting device in a specific location; and after the user is verified by the remote server, from the line The mobile device receives the user authentication input; the authentication subsystem of the self-encrypting device unlocks the communication channel according to the user authentication information; the self-encrypting device receives the authentication subsystem through the self-encrypting device through the data interface Provide encrypted data with an encryption key; and store the encrypted data in the storage subsystem of the self-encrypting device. Such as the method described in claim 23, wherein the self-encrypting device does not need to use the one or more processors of the host computer system to authorize the user. The method described in claim 23, further comprising: receiving the user authentication information from a mobile device via the RF transceiver; and unlocking the self-encrypting device in response to the user authentication received via the RF transceiver News. For example, the method of claim 25, wherein the application in the mobile device authenticates the user by the management server to authorize the user, and the method further includes: receiving an unlock command from the mobile device to respond The management server authenticates the user. For example, the method described in item 23 of the scope of patent application, wherein when detecting that the host computer system is shut down, the self-encrypting device initializes a timer, wherein if the host computer system is blocked before the timer expires When restarting, the self-encrypting device is initialized in an unlocked state, wherein if the host computer system is restarted after the timer expires, the self-encrypting device is initialized in a locked state.

Images