US20010056543A1 - Storage apparatus - Google Patents
Storage apparatus Download PDFInfo
- Publication number
- US20010056543A1 US20010056543A1 US09/089,507 US8950798A US2001056543A1 US 20010056543 A1 US20010056543 A1 US 20010056543A1 US 8950798 A US8950798 A US 8950798A US 2001056543 A1 US2001056543 A1 US 2001056543A1
- Authority
- US
- United States
- Prior art keywords
- unit
- removal
- storage
- unjust
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/86—Secure or tamper-resistant housings
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/88—Detecting or preventing theft or loss
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2143—Clearing memory, e.g. to prevent the data from being stolen
Definitions
- the present invention relates generally to a storage apparatus for equipment, intended to be detachably assembled into information equipment such as a personal computer in use, and more particularly to a storage apparatus for equipment for protecting stored information against an unjust handling.
- a storage apparatus for equipment capable of securely preventing an unjust access in which the equipment is disassembled to fetch the stored information.
- a storage apparatus for equipment in accordance with the present invention is assembled into the equipment in use and comprises a storage unit for storing information; a connection detecting unit for detecting a removal from the equipment; an injustice judgment unit for judging when the connection detecting unit has detected a removal from the equipment whether it is an unjust removal or not; and a security processing unit for executing an action for protecting the information of the storage unit when the injustice judgment unit has judged that an unjust removal has taken place.
- a protecting action is effected which prevents the data of the storage unit from being fetched to the exterior using the internal battery as a power source, thereby making it possible to remarkably improve the data security performance of the storage apparatus.
- a battery is further provided which is incorporated for supplying an electric power upon the removal from the apparatus.
- the injustice judgment unit is provided with a switch which is required to be mechanically operated upon a removal from the equipment, the injustice judgment unit judging that an unjust removal has taken place when the switch has been removed without any operation or with an incorrect operation, to effect the protection of the information. For this reason, only one who knows a correct procedure to operate the switch is allowed to normally fetch the stored information to the exterior, prohibiting the information from being unjustly fetched from the storage apparatus through the disassembling of the equipment.
- the injustice judgment unit is provided with a register which is required to be operated by a software upon a removal from the equipment, the injustice judgment unit judging that an unjust removal has taken place when the register has been removed without any operation or with an incorrect operation.
- a storage control unit is further provided which controls read and write of information from and to the storage unit.
- the security processing unit is provided with a data destruction unit for writing meaningless data into the storage unit to destroy the original data when it is judged that an unjust removal has taken place.
- the security processing unit may be provided with an encipher unit for enciphering the data of the storage unit when it is judged that an unjust removal has taken place.
- a decoding unit may be provided if necessary for restoring data enciphered by the encipher unit into original data.
- the storage unit is provided with a first storage unit (first storage area) for use in an ordinary state and a second storage unit (second storage area) out of use in the ordinary state
- the security processing unit is provided with a data destruction unit which when it is judged that an unjust removal has taken place, copies data of the first storage area into the second storage area and writes meaningless data to the first storage area to thereby destroy the original data.
- a data recovery unit may further be provided for returning data stored in the second storage area into the first storage area.
- a buffer storage unit may be disposed between the storage unit and an equipment connection terminal unit, and the security processing unit is provided with a buffer data conversion unit which when data are fetched via the buffer storage unit from the storage unit after the judgment of an unjust removal, converts them into meaningless data in the buffer storage unit.
- a conversion inhibition unit may be provided for inhibiting the conversion by the buffer data conversion unit into meaningless data.
- the security processing unit may be provided with a circuit destruction unit which when it is judged that an unjust removal has taken plate, destroys physically a circuit function at a predetermined site of the apparatus to thereby disable the read control unit for a data read from the storage unit, the physical destruction including for instance electric short, mechanical breakage, thermal breakage by heating, etc.
- the present invention is also directed to a storage apparatus for equipment incorporating no batteries, which in this case comprises a storage unit for storing information; a connection detecting unit for detecting a removal from the equipment; an injustice judgment unit for judging when the connection detecting unit has detected a removal from the equipment whether it is an unjust removal from the equipment or not; and a security processing unit for executing an action for protecting the information of the storage unit upon the reconnection after the injustice judgment unit has judged that an unjust removal has taken place.
- the security processing unit is provided with a read inhibition unit for inhibiting the storage control unit from reading data from the storage unit upon the reception of a read demand from the exterior as a result of reconnection after the injustice judgment unit has judged that an unjust removal has taken place.
- the securing processing unit is further provided with an inhibition release unit for releasing a read inhibiting action against a read demand from the storage control unit by the read inhibition unit.
- a storage apparatus for equipment having no batteries and assembled into the equipment in use, comprises a storage unit for storing information; a connection detecting unit for detecting a removal from the equipment; an injustice judgment unit for judging when the connection detecting unit has detected a removal from the equipment whether it is an unjust removal or not; an unjust removal storage unit which when the injustice judgment unit has judged that an unjust removal has taken place, stores and holds the unjust removal; and a security processing unit which when it has been enabled for action by the supply of external power as a result of reconnection to the equipment after the removal, executes an action for protecting the information of the storage unit on the basis of memory of the unjust removal.
- a storage apparatus having no batteries and assembled into equipment in use comprises a storage unit for storing information; an unjust removal notice unit for judging an unjust removal from an initial motion upon the removal from the equipment to notify the user of it in advance; and a security processing unit for executing an action for protecting the information of the storage unit on the basis of the notice of an unjust removal before the actual removal from the equipment, in the pre-removal external power supply state connected to the equipment.
- the storage apparatus to which the present invention is directed can be for example in the form of a memory card or a hard disk drive which is freely attachable to and detachable from the equipment.
- FIG. 1 is an explanatory diagram of a personal computer to which the present invention is applied;
- FIG. 2 is an explanatory diagram of a storage apparatus incorporated into the body of the personal computer of Fig. 1;
- FIG. 3 is a circuit block diagram of the body of the personal computer of Fig. 2;
- FIG. 4 is a circuit block diagram of the present invention which is applied to a memory card of Fig. 2;
- FIG. 5 is a function block diagram of a security processing unit of Fig. 4 for converting data of a storage unit into meaningless data;
- FIG. 6 is a function block diagram of the security processing unit of Fig. 4 for enciphering data of the storage unit;
- FIG. 7 is a flowchart of a processing action performed when the storage apparatus has been removed from the equipment
- FIG. 8 is a block diagram of another embodiment of the present invention, in which the storage unit is divided into two areas;
- FIG. 9 is a function block diagram of the security processing unit of Fig. 8.
- FIG. 10 is a block diagram of a further embodiment of the present invention, using a buffer storage unit
- FIG. 11 is a function block diagram of the security processing unit of Fig. 10;
- FIG. 12 is a block diagram of a further embodiment of the present invention in which the circuit is destroyed for protection
- FIG. 13 is a circuit diagram of a circuit destruction unit of Fig. 12;
- FIG. 14 is a block diagram of an embodiment of the present invention, which incorporates no batteries;
- FIG. 15 is a function block diagram of the security processing unit of Fig. 14;
- FIG. 16 is a block diagram of a further embodiment of the present invention, in which an unjust removal is stored and held and no batteries for protecting the information upon the reconnection are incorporated;
- FIG. 17 is a flowchart of control processing upon the removal from the equipment of Fig. 16;
- FIG. 18 is a flowchart of a protecting action when reconnection to the equipment is performed after the removal
- FIG. 19 is a block diagram of another embodiment of the present invention, in which an unjust removal is stored and held with no batteries for protecting the information upon the reconnection being incorporated;
- FIG. 20 is a block diagram of a further embodiment of the present invention, in which an unjust removal is stored and held with no batteries for protecting the information upon the reconnection being incorporated;
- FIG. 21 is a block diagram of an embodiment of the present invention, in which an unjust removal is notified in advance with no batteries for protecting the information being incorporated;
- FIG. 22 is a flowchart of the control processing of Fig. 21;
- FIG. 23 is a block diagram of another embodiment of the present invention, in which an unjust removal is notified in advance with no batteries for protecting the information being incorporated;
- FIG. 24 is a block diagram of a further embodiment of the present invention, in which an unjust removal is notified in advance with no batteries for protecting the information being incorporated;
- FIG. 25 is a block diagram of the present invention which has been applied to a hard disk drive.
- FIG. 1 illustrates a personal computer to which is applied a storage apparatus in accordance with the present invention.
- the personal computer is generally designated at 10 and comprises a tower-type personal computer body 12, a display 14, a keyboard 16 and a mouse 18.
- the personal computer body 12 is mounted therein with a memory board 20 serving as the storage apparatus and a hard disk drive 22.
- the memory board 20 serving as the storage apparatus stored in the personal computer body 12 and the hard disk drive 22 are equipped with their respective stored information protection functions against unjust removal.
- FIG. 3 is a block diagram illustrating a hardware configuration of the personal computer body 12 of Fig. 1.
- the personal computer body 12 comprises a processor 24 having a bus 26 to which are connected a main storage 28, a display controller 30, the memory board 20 serving as the storage apparatus and the hard disk drive 22.
- a display 14 is connected via a connector terminal unit 32 to the display controller 30.
- a power circuit 34 is also provided which acts under a control of the processor 24 through the bus 26.
- the memory board 20 incorporates therein a storage apparatus 36 of the present invention, which is connected via a connector terminal unit 38 to the bus 26 of the processor 24.
- the memory board 20 includes a connection detecting unit 44, a register 45 and a switch 46.
- the connection detecting unit 44 detects a removal from and a loading to the bus 26, of the memory board 20, through the connector terminal unit 38. For instance, the connection detecting unit 44 supervises a pull-up line of a power supply voltage from the bus 26 to the connector terminal unit 38, and when the connector terminal unit 38 is removed from the bus 26, the pull-up voltage is interrupted allowing a removal of the memory board 20 to be detected.
- the switch 46 is operated when the memory board 20 is removed from the bus 26.
- its switch knob can basically be turned into on or off position. Instead of the on operation or off operation of the switch 46, predetermined operating procedures of the switch 46 could be defined.
- the operating procedures of the switch 46 upon the removal of the memory board 20 include.
- the storage apparatus 36 judges that a proper removal operation has been performed from a detection of the removal from the connector terminal unit 38 by the connection detecting unit 44, not allowing the stored information protecting action to be carried out. Contrary to this, in cases where the switch 46 has not been operated or where no operation has been performed in accordance with predetermined operating procedure, it is judged that an unjust removal has been effected, allowing the stored information protecting action to be carried out.
- the stored information protecting action in the storage apparatus 36 upon an unjust removal will be described later in greater detail.
- the memory board 20 is provided with the register 45 operated by a software in addition to the switch 46 for effecting the mechanical removal operation.
- the register 45 can be used to judge an unjust removal through the storage operation of a predetermined register value by a register control unit 48 executing a register operation program of the processor 24. That is, upon a detection by the connection detecting unit 44 of the removal from the connector terminal unit 38 of the memory board 20, the register 45 is referred to, and when a predetermined register value has not been stored or an erroneous register value has been stored, it is judged that an unjust removal has occurred, allowing the stored information protecting action to be carried out. Since the hard disk drive 22 also constitutes a part of the storage apparatus of the present invention, it is provided with the connection detecting unit 44, the register 45 and the switch 46 in the same manner as the memory board 20 is.
- the switch 46 or the register 45 is referred to, and when a predetermined switching operation has not been performed or an erroneous operation has been performed, or when no register value has been stored or an erroneous register value has been stored, it is judged that an unjust removal has occurred, allowing the stored information protecting action to be carried out.
- FIG. 4 illustrates a hardware configuration of the storage apparatus of the present invention including the connection detection unit 44 and the switch 46 in the case of the memory board 20 of Fig. 3 by way of example.
- a processor 50 serving as a control unit and having a bus 60 to which a storage unit 58 is connected.
- the processor 50 is provided with a storage control unit 52 which accesses the storage unit 58 to perform read or write of data in response to an access request from an external bus 26 connected via the connector terminal unit 38.
- such a memory board 20 for the storage is provided with the connection detecting unit 44, the register 45, the switch 46 and a battery 62, and further comprises as processing features a security processing unit 54 and an injustice judgment unit 56.
- the connection detecting unit 44 detects a removal and loading of the memory board 20 from and into the connector terminal unit 38, and posts the processor 50 and the battery 62 of the detection results.
- the battery 62 may be posted of the detection of removal by way of the processor 50.
- the battery 62 Upon the receipt of the post of the removal detection, the battery 62 is switched into an internal battery power supply mode.
- the internal battery of the battery 62 can be a unitary battery such a lithium battery or a secondary battery such as a capacitor charged by a power supply from the bus 26 side.
- the battery 62 is connected via an internal power line 64 and via the connector terminal unit 38 to an external power line 66. For this reason, even though the memory board 20 has been removed from the bus 26 associated with the personal computer body, the mode is switched into the battery 62 power supply mode so that the internal circuit can be put into the operative condition.
- the removal detection post received by the processor 50 is imparted to the injustice judgment unit 56 serving as one of the control functions of the processor 50.
- the injustice judgment unit 56 judges whether an unjust removal has been performed or not. In order to judge this unjust removal, the memory board 20 is provided with the register 45 and the switch 46.
- the software operated register 45 and the mechanically operated switch 46 are provided, one of the both can practically be provided.
- the injustice judgment unit 56 refers to the operative condition of the switch 46.
- the personal computer user knows the procedure of the operation for the removal, so that the removal is performed through the operation defined for the switch 46.
- the injustice judgment unit 46 refers to the switch 46 to detect that the switch 46 has been operated or that a correct operation has been carried out, and since no unjust removal has been effected, instructs the battery 62 of the procedure of the power supply.
- the security processing unit 54 is activated to allow stored information protecting action of the storage unit 58. After the completion of the protecting action of the storage unit 58 by means of the security processing unit 54, the battery 62 is instructed of the cease of the power supply to terminate the processing.
- Fig. 5 illustrates an embodiment of the protecting action of the storage unit 58 effected by the security processing unit 54 of Fig. 4 upon the judgment of the unjust removal.
- the security processing unit 54 is provided with a data destruction unit 68.
- the data destruction unit 68 is activated to execute the data destruction processing for rendering the data stored in the storage unit 58 into meaningless data. More specifically, the data of the storage unit 58 are subjected to erasing processing for rendering all data into bit 0 or to random number data writing processing, to be thereby destroyed into compulsory arbitrary data.
- FIG. 6 illustrates another embodiment of the storage protecting action of the storage unit 58 effected by the security processing unit 54 of Fig. 4.
- This embodiment is characterized in that the security processing unit 54 is provided with an encipher unit 70.
- the encipher unit 70 is activated upon the reception of the post of the unjust removal judgment and enciphers the storage data of the storage unit 58 in conformity with a predetermined encipher algorithm to replace all the original data by encipher data.
- the redundancy of the data tends to be in general increased to add to the amount of data.
- the storage unit 58 is provided with a spare storage area in the form of a space area, so as to be able to allow for the increase of the mount of data which may be caused by the enciphering.
- the storage capacity of the encipher data may be reduced by subjecting the encipher data to compression processing in conformity with a predetermined compression algorithm.
- the security processing unit 54 of Fig. 6 may be provided with an encipher restoration unit 72 in addition to the encipher unit 70.
- the encipher restoration unit 72 is utilized when it is desired to again load the memory board 20 into the personal computer to restore the storage unit 58 into its original state in cases where the memory board 20 remains left as a result of failure of the unjust fetch of the stored data.
- This encipher restoration unit 72 can be activated through an encipher restoration command issued by the processor 50 of Fig. 4, under the state in which the data stored in the storage unit 58 have been replaced with the encipher data by means of the encipher unit 70. It is desirable in this case that a cipher key proper to the user is defined for use to activate the encipher restoration unit 72.
- a flowchart of Fig. 7 illustrates a processing action of the present invention implemented by the memory board 20 of Fig. 5.
- step S1 a check is made to see if the connector terminal unit 38 has been removed or not, that is, if a post of a removal detection has been issued from the connection detecting unit 4.
- step S2 a check is made to see if the connector terminal unit 38 has been removed or not, that is, if a post of a removal detection has been issued from the connection detecting unit 4.
- the procedure goes to step S2 to start a power supply of the battery 62.
- step S3 it is judged by the injustice judgment unit 56 whether an unjust removal has occurred or not. If the unjust removal has occurred, then the procedure goes to step S4 to execute the information protecting processing of the storage unit.
- the protecting actions are made which include the destruction of data of the storage unit 58 by the data destruction unit 68 of Fig. 5 or replacement of the data of the storage unit 58 with encipher data by the encipher unit 70 of Fig. 6.
- the power supply of the battery 62 is stopped in step S5. It is natural that it has not been judged in step S3 that an unjust removal has occurred, the information protecting processing of the storage unit 58 in step S4 is skipped, allowing the power supply from the battery 62 to be stopped in step S5.
- FIG. 8 is a block diagram of another embodiment of the storage apparatus in accordance with the present invention in the form of the memory board 20 of Fig. 3 by way of example.
- the storage unit of the memory board 20 comprises a first storage unit 74 connected to the bus 60 to allow a read and write of data at ordinary time, and a second storage unit 76 for saving data of the first storage unit 74 upon the detection of an unjust removal. While the first storage unit 74 is connected to the bus 60, the second storage unit 76 for saving data upon the unjust removal is separated from the bus 60 and is connected directly to another control bus provided by the processor 50.
- the storage control unit 52 of the processor 50 controls a read from or a write to the first storage unit 74.
- An access to the second storage unit 76 can not be effected through an ordinary external access demand.
- the processor 50 is provided with the security processing unit 54 and the injustice judgment unit 56.
- the bus 60 is associated with the connection detecting unit 44, the register 45, the switch 46 and the battery 62. Excepting the security processing unit 54, other functions for the stored information protection are the same as those of Fig. 5 embodiment.
- the security processing unit 54 has a processing function of Fig. 9. That is, the security processing unit 54 is provided with a data destruction unit 77. This data destruction unit 77 is activated when the injustice judgment unit 56 of Fig. 8 judges that the memory board 20 has unjustly been removed, and copies the stored data of the first storage unit 74 to the second storage unit 76, after which the stored data of the first storage unit 74 are rendered into meaningless data, for instance, all the data being rendered into bit 0 data or converted into random number data, to destroy the data. For this reason, even though the unjustly removed memory board 20 has been connected to another personal computer to access the first storage unit 74, only the destroyed meaningless data are obtained.
- the original data are saved in the second storage unit 76 so that as long as the security processing unit 54 recognizes that an unjust removal has been judged, the second storage unit 76 neglects an external access demand if any, preventing the second storage unit 76 from being referred to through an external access demand.
- the security processing unit 54 of Fig. 9 is further provided with a data recovery unit 78.
- the data recovery unit 78 executes data recovery processing in which data saved in the second storage unit as a result of an unjust removal are transferred to the original first storage unit 74 for restoration.
- the data recovery unit 78 is activated through the input of a predetermined encipher key via the processor 50 by the user, allowing the execution of the data recovery.
- FIG. 10 illustrates another embodiment of a storage apparatus of the present invention in the form of the memory board 20 of Fig. 3.
- a buffer storage unit is provided in the halfway of a path for reading from or writing to the storage unit in response to an external access, the buffer storage unit being used to perform the information protecting action.
- the processor 50 executes the read from or write to the storage unit 58 in response to an external access demand, with the data input or output in this case passing through the buffer storage unit 80, which buffer transfers to allow the intact output of the input data.
- the security processing unit 54 is activated so that upon the reception of an external demand to read the storage unit 58, the read data can be converted into meaningless data at the time of transfer of the read data by the buffer storage unit 80.
- FIG. 11 is a function block diagram of the security processing unit 54 of Fig. 10.
- the security processing unit 54 is provided with a buffer data conversion unit 82.
- the buffer data conversion unit 82 Upon the reception of a post of judgment of an unjust removal, the buffer data conversion unit 82 is activated and, in response to an external read demand, stores read data read from the storage unit 58 into the buffer storage unit 80, after which upon the read transfer it performs buffer data conversion processing in which input storage data are erased into all bits 0 or converted into random number data. For this reason, even though the unjustly removed memory board has been connected to another personal computer to read data from the storage unit 58, the read data are converted into meaningless data when they pass through the buffer storage unit 80, prohibiting the original data from being read.
- the security processing unit 54 is further provided with a conversion inhibiting unit 84.
- the conversion inhibiting unit 84 inhibits an action converting the transfer data of the buffer storage unit 80 into meaningless data by the buffer data conversion unit 82.
- the conversion inhibiting unit 84 is activated through a predetermined cipher key designated by the processor 50 to interrupt the function of the buffer data conversion unit 82, making it possible to restore the buffer storage unit 80 into its original data transfer state.
- Fig. 12 illustrates a further embodiment of the storage apparatus of the present invention in the form of the memory board 20 of Fig. 3. This embodiment is characterized in that upon the judgment of an unjust removal a part of the circuit within the memory board 20 is physically destroyed into the state in which data are not allowed to be read.
- a circuit destruction unit 86 is provided in the midway of the bus 60 serving as a data transmitting path for the storage unit 58.
- the circuit destruction unit 86 performs a circuit destroying action in response to an action signal for the stored information protection from the security processing unit 54 when the injustice judgment unit 56 of the processor 50 has judged from the operative condition of the register 45 or the switch 46 that an unjust removal has occurred, and destroys the transmission function of the bus 60, disabling an external access to the storage unit 58.
- FIG. 13 is a circuit diagram of the circuit destruction unit 86 of Fig. 12.
- This circuit destruction unit 86 makes it possible to switch the mutual connections between a plurality of bus lines 60-1 to 60-n constituting the bus 60 into short circuit conditions by means of short circuit switches 90-1, 90-2, 90-3, ...90 (n - 1).
- the short circuit switches 90-1 to 90-(n -1) can be analog switches such as transistors or FETs.
- the circuit destruction unit 86 is not limited to the circuit of Fig. 13 but can be any circuit destruction unit as long as it is able to short and destroy any appropriate circuit units by use of the short circuit switches.
- the short circuit switches may be replaced by a pressure boosting circuit which generates an overvoltage exceeding a prescribed voltage limit to destroy the circuits.
- a heater wire or the like may be arranged in the vicinity of the circuit unit or the like of the input/ output driver for the bus 60 to thereby heat destroy the driver or the like through the energization of the heater wire.
- FIG. 14 illustrates a still further embodiment in accordance with the present invention in the form of the memory board 20 of Fig. 3.
- This embodiment is characterized in that the stored information protecting action against the unjust removal is carried out without incorporating the battery.
- the processor 50 and the storage unit 58 as well as the connection detecting unit 44 for detecting an unjust removal, the removal register 45 and the switch 46, with the processor 50 being provided with the functions of the storage control unit 52, the security processing unit 54 and the injustice judgment unit 56, but without the battery 62 as in the embodiment of Fig. 4 for instance. For this reason, when the memory board is removed, there is interrupted a power supply to the connector terminal unit 38 through the external power line 66.
- the protecting actions by the injustice judgment unit 56 or the security processing unit 54 are not performed as in the case where the battery has been incorporated, allowing the switch 46 to be operated or put in a correct operative condition if an unjust removal has not occurred, but allowing the switch 46 to be inoperative or put in an incorrect operative condition if an unjust removal has occurred.
- the stored information protecting action against the unjust removal is performed after the removed memory board 20 has been again connected to the personal computer side to receive a power supply from the external power line 66.
- connection detecting unit 44 detects the reconnection to the connector terminal unit 38
- the injustice judgment unit 56 of the processor 50 is activated to check the operative condition of the switch 46, and if the switch 46 is inoperative or is put in an incorrect condition, judges that an unjust removal has occurred to activate the security processing unit 54.
- the security processing unit 54 rejects all subsequent read demands to the storage unit 58 from the exterior.
- FIG. 15 illustrates a function of the security processing unit 54 of Fig. 14.
- the security processing unit 54 is provided with a read inhibition unit 92.
- the read inhibition unit 92 is activated upon the reception of a post of judgment that an unjust removal has occurred from the injustice judgment unit 56 in the power supply state after the reconnection of the memory board 20, and inhibits the execution of a read control of the storage unit 58 in response to the read demand to the storage control unit 52 from the exterior.
- the read inhibition unit 92 of the security processing unit 54 performs the read inhibiting action through the storage control unit 52, thereby prohibiting an unjust read out of the data of the storage unit 58.
- the security processing unit 54 is further provided with an inhibition release unit 94.
- the inhibition release unit 94 of the security processing unit 54 is activated through the input of an encipher key from the processor 50 side, to release the read inhibition function against the read demand from the exterior, thereby making it possible to recover the ordinary state.
- the power supply is interrupted due to the removal, so that a non-volatile register is used to prevent the contents from disappearing as a result of the interruption of the power supply.
- FIG. 16 illustrates a yet further embodiment of the storage apparatus in accordance with the present invention, which does not incorporate the battery.
- This embodiment is characterized in that upon the execution of the unjust removal of the memory board 20 the unjust removal is stored and held, allowing the information protection action to be performed on the basis of the memory of the unjust removal upon the reconnection.
- the memory board 20 is provided through the bus 60 with the processor 50 and the storage unit 58, the processor 50 being provided with the storage control unit 52, the security processing unit 54 and the injustice judgment unit 56.
- the connection detecting unit 44, the register 45 and the switch 46 are Associated with the bus 60.
- the unjust removal storage unit 96 stores and holds e.g., flag information indicative of an unjust removal which has been judged by the injustice judgment unit 56 at the time of removal of the memory board 20.
- the unjust removal storage unit 96 can be a non-volatile storage unit capable of holing the contents of the memory even though a power supply from the external power line 66 has been interrupted as a result of the removal of the memory board 20.
- the security processing unit 54 is actuated upon the reception of a power supply through the reconnection of the memory board 20, and executes the information protection processing of the storage unit 58 when it recognizes the judgment flag indicative of the unjust removal through the reference to the unjust removal storage unit 96.
- the information protection processing by the security processing unit 54 includes the execution of the function of the data destruction unit 68 of Fig. 5 and the function of the encipher unit 70 of Fig. 6.
- FIG. 17 illustrates processing executed at the time of removal of the memory board 20 in the embodiment of Fig. 16.
- step S1 a check is made to see if the connector terminal unit 38 has been removed or not, that is, a post of a removal detection has been issued or not from the connection detecting unit 44. If it is judged that the connector terminal unit 38 has been removed, then in step S2 a check is made by the injustice judgment unit 56 to see if an unjust removal has occurred or not. That is, reference is made to the switch 46 or the register 45, and it is judged that an unjust removal has occurred if it is inoperative or in an incorrect operation. When it is judged that an unjust removal has occurred, then in step S4 the injustice removal storage unit 98 stores and holds unjust removal flag information indicating that an unjust removal has taken place.
- FIG. 18 illustrates processing executed when the reconnection has been made after the removal of the memory board 20 in Fig. 16.
- step S1 the memory board 20 serving as the storage unit is attached to the equipment, and in step S2 the power supply to the equipment is turned on and in step S3 the security processing unit 54 refers to the unjust removal storage unit 96 to check the presence or absence of the memory of the unjust removal. If any unjust removal memory exists, then in step S4 there is executed the information protecting processing of the storage unit 58. If in step S3 there is no unjust removal memory, then in step S5 ordinary processing is carried out as a result of the successful connection. It is to be noted that in Fig.
- FIG. 19 illustrates an embodiment in which information indicative of an unjust removal is stored and held at the time of the unjust removal of Fig. 16, with the information protective action being effected upon the reconnection.
- the storage unit is divided into a first storage unit 74 and second storage unit 76 in the same manner as Figs. 8 and 9, with the security processing unit 54 performing the protective action by the data destruction unit 77 of Fig. 9, that is, the protective action in which the data of the first storage unit 74 are transferred to the second storage unit 76 to render the data of the first storage unit 74 into meaningless data for destruction.
- the injustice storage unit 98 is the same as the embodiment of Fig. 16, with its processing action being also the same as in the flowchart of Figs. 17 and 18.
- FIG. 20 illustrates another embodiment in which information indicative of an unjust removal is stored and held at the time of the unjust removal, with its information protective action being performed after the reconnection.
- This embodiment is provided with a buffer storage unit 80 in the same manner as Figs. 10 and 11.
- the security processing unit 54 of the processor 50 has a function of the buffer data conversion unit 82 of Fig. 11, and when the injustice judgment unit 56 recognizes a memory of the unjust removal from the injustice removal storage unit 98 as a result of the reconnection, performs the processing for converting the read data from the storage unit 58 passing through the buffer storage unit 80 into meaningless data to thereby protect the stored data.
- FIG. 21 illustrates a further embodiment of the storage apparatus in accordance with the present invention, which incorporates no battery.
- This embodiment is characterized in that an initial motion is detected upon the removal of the memory board 20 to previously judge an unjust removal, thereby allowing the stored information protective action to be carried out until the time when the power supply is interrupted as a result of the removal.
- the processor 50 and the storage unit 58 Associated with the bus 60 are the processor 50 and the storage unit 58, with the processing 50 being provided with an unjust removal notice unit 98 in addition to the storage control unit 52 and the security processing unit 54.
- the connector terminal unit 38 is associated with a connection previous detection unit 99.
- connection previous detection unit 99 detects an initial motion at the time of disconnection of the connector terminal unit 38, and posts the unjust removal notice unit 98 of the processing 50 of a removal previous detection.
- the detection of initial motion upon the disconnection of the connector terminal unit 38 by the connection previous detection unit 99 includes the detection of an operation loosening the lock screw of the connector or an operation to remove the lock clip of the connector.
- the unjust removal notice unit 98 refers to the switch 46 or the register 45 to judge the presence or absence of the unjust removal from its operative condition, allowing the security processing unit 54 to be activated if an unjust removal has taken place, causing the storage unit 58 to carry out the information protecting action.
- the information protecting action includes the destruction of the data of Fig. 5 and the encipher of Fig. 6. That is, the unjust removal notice unit 98 makes a judgment of an unjust removal upon the detection of an initial motion for the removal of the memory board 20 from the connector terminal unit 38, to thereby previously notify it, allowing the security processing unit 54 to perform the protective actions until the time when the power supply is interrupted as a result of the removal of the removal.
- the protective action for the storage unit 58 is provided as the power supply when the memory board is removed from the connector terminal unit 38, with not all of the data of the storage unit 58 but a part thereof being destroyed or enciphered, to make them imperfect, thereby providing a sufficient protection.
- FIG. 22 illustrates a processing action of Fig. 21.
- step S1 a check is made to see if the removal of the connector terminal unit 38 has been started or not, and if the removal has been started, then in step S2 it is judged by the unjust removal notice unit 98 whether it is an unjust removal or not. If an unjust removal has been taken place, then in step S3 the security processing unit 54 executes the information protective processing for the storage unit 58.
- the embodiment of Fig. 23 is characterized in that the information protection for the storage unit by the unjust removal notice of Fig. 21 is applied separately to the first storage unit 74 and the second storage unit 76 in the same manner as Fig. 8. Furthermore, the embodiment of Fig. 24 is characterized in that the protection of the stored information by the unjust removal notice of Fig. 23 is effected by use of the buffer storage unit 80 in the same manner as Fig. 10.
- FIG. 25 is a block diagram of a configuration of the hardware in which the present invention is applied to the hard disk drive 22 of Fig. 3.
- the hard disk drive 22 is provided with a processor 100, which is equipped with the storage control unit 52, the security processing unit 54 and the injustice judgment unit 56 in the same manner as the case of the memory board 20 of Fig. 4 for instance. It is natural that the control function effected by the storage control unit 52 be proper to the hard disk 22.
- a hard disk controller 104 Associated with a bus 102 of the processor 100 is a hard disk controller 104 to ensure that after the modulation of NRZ data by a write modulation circuit 106 any one of heads of a head assembly 112 is selected by way of a head IC circuit, to allow a disk medium not shown to be written.
- a read signal read from any one of the heads of the head assembly 112 is imparted through the head IC circuit 110 to a read demodulation circuit 108 to demodulate it as NRZ read data, which in turn are fed to the hard disk controller 104.
- the hard disk controller 104 is associated via the buffer storage unit 114 with an interface 116 with a host apparatus, the interface 116 being connected to the connector terminal unit 42.
- the connector terminal unit 42 is supplied with a power by way of an external power line 124.
- the connector terminal unit 42 is associated with the connection detecting unit 44 for detecting the removal and loading of the hard disk drive 22.
- the bus 102 of the processor 100 is associated with a servo controller 116, which performs a rotation control of a disk medium by a spindle motor 118 and a positioning control through a head actuator by a VCM 120.
- the bus 102 of the processor 100 is associated with a ROM 122 and a RAM 124, as well as the removal register 45, the switch 46 and the battery 62, which perform an information protecting action against an unjust removal.
- Such processing for protecting the stored data on a magnetic disk medium provided on the hard disk drive 22 is implemented by the connection detecting unit 44 associated with the connector terminal unit 42, the removal register 45 operated from the processor side through the host apparatus, the switch 46 for performing a predetermined operation upon the removal of the hard disk drive 22, the battery for supplying the power upon the removal of the hard disk drive 22, and the unjust removal judgment unit 56 and the security processing unit 54 which are provided in the processor 100. Since in this case the battery 62 is incorporated, the memory board 20 can employ in a selective manner the embodiments of Figs. 4, 8, 10 and 12. In the case where no battery 62 is provided, a selective application is allowed of the embodiments shown in Figs. 14, 16, 19, 20, 21, 23 and 24.
- the equipment has been disassembled to remove the storage apparatus such as an internal memory board or an internal hard disk drive to thereafter connect it to another system for unjustly accessing the data
- the storage apparatus such as an internal memory board or an internal hard disk drive to thereafter connect it to another system for unjustly accessing the data
- it is judged upon the removal of the storage apparatus that an unjust removal has taken place, allowing the execution of erasing of the data of the storage unit, enciphering, saving into another area, a erasing by the transfer buffer upon the reconnection to another system, and the inhibition of access against the read demand, so that it makes it impossible to read the data from the unjustly removed storage unit to the exterior, thereby achieving an improvement in the security performances of the equipment through the secure prevention of an unjust access to the stored data of the storage apparatus assembled into the equipment.
- auxiliary apparatus of the above embodiments were in the form of a memory board and a hard disk drive by way of example, any auxiliary apparatus would be available as long as it is freely attachable to the equipment such as a personal computer. It will be appreciated that although the above embodiments employ the personal computer as the equipment, they are applicable intactly to any equipment using the storage apparatus.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
Description
- 1. Field of the Invention
- The present invention relates generally to a storage apparatus for equipment, intended to be detachably assembled into information equipment such as a personal computer in use, and more particularly to a storage apparatus for equipment for protecting stored information against an unjust handling.
- 2. Description of the Related Art
- The security of information stored in information equipment such as a personal computer has been hitherto achieved under the control of a security system implemented by a software of the information equipment. For example, upon a power-on activation of the information equipment, the security system demands an input of a password to prevent a user having no access qualification from unjustly accessing.
- However, in the case of the protection of the stored information by means of such a conventional password based security system, it would be possible for the user having no access qualification to access by employing procedures in which the information equipment is disassembled to remove an internal storage apparatus such as a memory board or a hard disk drive, which in turn is connected to another system to access the data within the storage apparatus.
- According to the present invention, there is provided a storage apparatus for equipment capable of securely preventing an unjust access in which the equipment is disassembled to fetch the stored information.
- A storage apparatus for equipment in accordance with the present invention is assembled into the equipment in use and comprises a storage unit for storing information; a connection detecting unit for detecting a removal from the equipment; an injustice judgment unit for judging when the connection detecting unit has detected a removal from the equipment whether it is an unjust removal or not; and a security processing unit for executing an action for protecting the information of the storage unit when the injustice judgment unit has judged that an unjust removal has taken place. When the storage apparatus itself has judged that it has been unjustly removed, a protecting action is effected which prevents the data of the storage unit from being fetched to the exterior using the internal battery as a power source, thereby making it possible to remarkably improve the data security performance of the storage apparatus.
- A battery is further provided which is incorporated for supplying an electric power upon the removal from the apparatus.
- The injustice judgment unit is provided with a switch which is required to be mechanically operated upon a removal from the equipment, the injustice judgment unit judging that an unjust removal has taken place when the switch has been removed without any operation or with an incorrect operation, to effect the protection of the information. For this reason, only one who knows a correct procedure to operate the switch is allowed to normally fetch the stored information to the exterior, prohibiting the information from being unjustly fetched from the storage apparatus through the disassembling of the equipment. The injustice judgment unit is provided with a register which is required to be operated by a software upon a removal from the equipment, the injustice judgment unit judging that an unjust removal has taken place when the register has been removed without any operation or with an incorrect operation. In this case as well, only one who knows a correct procedure to operate the register is allowed to normally fetch the stored information to the exterior, thereby securely preventing the information from being unjustly fetched from the storage apparatus through the disassembling of the equipment. A storage control unit is further provided which controls read and write of information from and to the storage unit. The security processing unit is provided with a data destruction unit for writing meaningless data into the storage unit to destroy the original data when it is judged that an unjust removal has taken place. The security processing unit may be provided with an encipher unit for enciphering the data of the storage unit when it is judged that an unjust removal has taken place. In the case where the encipher unit has been provided, a decoding unit may be provided if necessary for restoring data enciphered by the encipher unit into original data.
- The storage unit is provided with a first storage unit (first storage area) for use in an ordinary state and a second storage unit (second storage area) out of use in the ordinary state, and the security processing unit is provided with a data destruction unit which when it is judged that an unjust removal has taken place, copies data of the first storage area into the second storage area and writes meaningless data to the first storage area to thereby destroy the original data. In this instance, a data recovery unit may further be provided for returning data stored in the second storage area into the first storage area. A buffer storage unit may be disposed between the storage unit and an equipment connection terminal unit, and the security processing unit is provided with a buffer data conversion unit which when data are fetched via the buffer storage unit from the storage unit after the judgment of an unjust removal, converts them into meaningless data in the buffer storage unit. In this case, a conversion inhibition unit may be provided for inhibiting the conversion by the buffer data conversion unit into meaningless data. The security processing unit may be provided with a circuit destruction unit which when it is judged that an unjust removal has taken plate, destroys physically a circuit function at a predetermined site of the apparatus to thereby disable the read control unit for a data read from the storage unit, the physical destruction including for instance electric short, mechanical breakage, thermal breakage by heating, etc.
- The present invention is also directed to a storage apparatus for equipment incorporating no batteries, which in this case comprises a storage unit for storing information; a connection detecting unit for detecting a removal from the equipment; an injustice judgment unit for judging when the connection detecting unit has detected a removal from the equipment whether it is an unjust removal from the equipment or not; and a security processing unit for executing an action for protecting the information of the storage unit upon the reconnection after the injustice judgment unit has judged that an unjust removal has taken place. In the case of no batteries incorporated, the security processing unit is provided with a read inhibition unit for inhibiting the storage control unit from reading data from the storage unit upon the reception of a read demand from the exterior as a result of reconnection after the injustice judgment unit has judged that an unjust removal has taken place. The securing processing unit is further provided with an inhibition release unit for releasing a read inhibiting action against a read demand from the storage control unit by the read inhibition unit.
- A storage apparatus for equipment, having no batteries and assembled into the equipment in use, comprises a storage unit for storing information; a connection detecting unit for detecting a removal from the equipment; an injustice judgment unit for judging when the connection detecting unit has detected a removal from the equipment whether it is an unjust removal or not; an unjust removal storage unit which when the injustice judgment unit has judged that an unjust removal has taken place, stores and holds the unjust removal; and a security processing unit which when it has been enabled for action by the supply of external power as a result of reconnection to the equipment after the removal, executes an action for protecting the information of the storage unit on the basis of memory of the unjust removal.
- A storage apparatus having no batteries and assembled into equipment in use comprises a storage unit for storing information; an unjust removal notice unit for judging an unjust removal from an initial motion upon the removal from the equipment to notify the user of it in advance; and a security processing unit for executing an action for protecting the information of the storage unit on the basis of the notice of an unjust removal before the actual removal from the equipment, in the pre-removal external power supply state connected to the equipment. The storage apparatus to which the present invention is directed can be for example in the form of a memory card or a hard disk drive which is freely attachable to and detachable from the equipment.
- The above and other objects, features and advantages of the present invention will become more apparent from the following detailed description with reference to the accompanying drawings.
- Fig. 1 is an explanatory diagram of a personal computer to which the present invention is applied;
- Fig. 2 is an explanatory diagram of a storage apparatus incorporated into the body of the personal computer of Fig. 1;
- Fig. 3 is a circuit block diagram of the body of the personal computer of Fig. 2;
- Fig. 4 is a circuit block diagram of the present invention which is applied to a memory card of Fig. 2;
- Fig. 5 is a function block diagram of a security processing unit of Fig. 4 for converting data of a storage unit into meaningless data;
- Fig. 6 is a function block diagram of the security processing unit of Fig. 4 for enciphering data of the storage unit;
- Fig. 7 is a flowchart of a processing action performed when the storage apparatus has been removed from the equipment;
- Fig. 8 is a block diagram of another embodiment of the present invention, in which the storage unit is divided into two areas;
- Fig. 9 is a function block diagram of the security processing unit of Fig. 8;
- Fig. 10 is a block diagram of a further embodiment of the present invention, using a buffer storage unit;
- Fig. 11 is a function block diagram of the security processing unit of Fig. 10;
- Fig. 12 is a block diagram of a further embodiment of the present invention in which the circuit is destroyed for protection;
- Fig. 13 is a circuit diagram of a circuit destruction unit of Fig. 12;
- Fig. 14 is a block diagram of an embodiment of the present invention, which incorporates no batteries;
- Fig. 15 is a function block diagram of the security processing unit of Fig. 14;
- Fig. 16 is a block diagram of a further embodiment of the present invention, in which an unjust removal is stored and held and no batteries for protecting the information upon the reconnection are incorporated;
- Fig. 17 is a flowchart of control processing upon the removal from the equipment of Fig. 16;
- Fig. 18 is a flowchart of a protecting action when reconnection to the equipment is performed after the removal;
- Fig. 19 is a block diagram of another embodiment of the present invention, in which an unjust removal is stored and held with no batteries for protecting the information upon the reconnection being incorporated;
- Fig. 20 is a block diagram of a further embodiment of the present invention, in which an unjust removal is stored and held with no batteries for protecting the information upon the reconnection being incorporated;
- Fig. 21 is a block diagram of an embodiment of the present invention, in which an unjust removal is notified in advance with no batteries for protecting the information being incorporated;
- Fig. 22 is a flowchart of the control processing of Fig. 21;
- Fig. 23 is a block diagram of another embodiment of the present invention, in which an unjust removal is notified in advance with no batteries for protecting the information being incorporated;
- Fig. 24 is a block diagram of a further embodiment of the present invention, in which an unjust removal is notified in advance with no batteries for protecting the information being incorporated; and
- Fig. 25 is a block diagram of the present invention which has been applied to a hard disk drive.
- Fig. 1 illustrates a personal computer to which is applied a storage apparatus in accordance with the present invention. The personal computer is generally designated at 10 and comprises a tower-type
personal computer body 12, adisplay 14, a keyboard 16 and amouse 18. As shown in Fig. 2, thepersonal computer body 12 is mounted therein with amemory board 20 serving as the storage apparatus and ahard disk drive 22. In the present invention, thememory board 20 serving as the storage apparatus stored in thepersonal computer body 12 and thehard disk drive 22 are equipped with their respective stored information protection functions against unjust removal. - Fig. 3 is a block diagram illustrating a hardware configuration of the
personal computer body 12 of Fig. 1. Thepersonal computer body 12 comprises a processor 24 having abus 26 to which are connected a main storage 28, adisplay controller 30, thememory board 20 serving as the storage apparatus and thehard disk drive 22. Adisplay 14 is connected via aconnector terminal unit 32 to thedisplay controller 30. A power circuit 34 is also provided which acts under a control of the processor 24 through thebus 26. Thememory board 20 incorporates therein a storage apparatus 36 of the present invention, which is connected via a connector terminal unit 38 to thebus 26 of the processor 24. Thememory board 20 includes aconnection detecting unit 44, a register 45 and a switch 46. Theconnection detecting unit 44 detects a removal from and a loading to thebus 26, of thememory board 20, through the connector terminal unit 38. For instance, theconnection detecting unit 44 supervises a pull-up line of a power supply voltage from thebus 26 to the connector terminal unit 38, and when the connector terminal unit 38 is removed from thebus 26, the pull-up voltage is interrupted allowing a removal of thememory board 20 to be detected. The switch 46 is operated when thememory board 20 is removed from thebus 26. For the operation of the switch 46, its switch knob can basically be turned into on or off position. Instead of the on operation or off operation of the switch 46, predetermined operating procedures of the switch 46 could be defined. The operating procedures of the switch 46 upon the removal of thememory board 20 include. - I. Acting on the switch 46 a predetermined number of times; and
- II. Continuing to act on the switch 46 for a predetermined period of time or more.
- When the switch 46 is operated in accordance with one of the predetermined operating procedures, the storage apparatus 36 judges that a proper removal operation has been performed from a detection of the removal from the connector terminal unit 38 by the
connection detecting unit 44, not allowing the stored information protecting action to be carried out. Contrary to this, in cases where the switch 46 has not been operated or where no operation has been performed in accordance with predetermined operating procedure, it is judged that an unjust removal has been effected, allowing the stored information protecting action to be carried out. The stored information protecting action in the storage apparatus 36 upon an unjust removal will be described later in greater detail. Thememory board 20 is provided with the register 45 operated by a software in addition to the switch 46 for effecting the mechanical removal operation. The register 45 can be used to judge an unjust removal through the storage operation of a predetermined register value by a register control unit 48 executing a register operation program of the processor 24. That is, upon a detection by theconnection detecting unit 44 of the removal from the connector terminal unit 38 of thememory board 20, the register 45 is referred to, and when a predetermined register value has not been stored or an erroneous register value has been stored, it is judged that an unjust removal has occurred, allowing the stored information protecting action to be carried out. Since thehard disk drive 22 also constitutes a part of the storage apparatus of the present invention, it is provided with theconnection detecting unit 44, the register 45 and the switch 46 in the same manner as thememory board 20 is. In the case of thehard disk drive 22 as well, upon a detection by theconnection detecting unit 44 of the removal from the connector terminal unit 42, the switch 46 or the register 45 is referred to, and when a predetermined switching operation has not been performed or an erroneous operation has been performed, or when no register value has been stored or an erroneous register value has been stored, it is judged that an unjust removal has occurred, allowing the stored information protecting action to be carried out. - Fig. 4 illustrates a hardware configuration of the storage apparatus of the present invention including the
connection detection unit 44 and the switch 46 in the case of thememory board 20 of Fig. 3 by way of example. Within thememory board 20 serving as the storage apparatus there is provided aprocessor 50 serving as a control unit and having abus 60 to which astorage unit 58 is connected. Theprocessor 50 is provided with astorage control unit 52 which accesses thestorage unit 58 to perform read or write of data in response to an access request from anexternal bus 26 connected via the connector terminal unit 38. In the present invention, such amemory board 20 for the storage is provided with theconnection detecting unit 44, the register 45, the switch 46 and abattery 62, and further comprises as processing features asecurity processing unit 54 and aninjustice judgment unit 56. Theconnection detecting unit 44 detects a removal and loading of thememory board 20 from and into the connector terminal unit 38, and posts theprocessor 50 and thebattery 62 of the detection results. Thebattery 62 may be posted of the detection of removal by way of theprocessor 50. Upon the receipt of the post of the removal detection, thebattery 62 is switched into an internal battery power supply mode. The internal battery of thebattery 62 can be a unitary battery such a lithium battery or a secondary battery such as a capacitor charged by a power supply from thebus 26 side. To this end, thebattery 62 is connected via aninternal power line 64 and via the connector terminal unit 38 to anexternal power line 66. For this reason, even though thememory board 20 has been removed from thebus 26 associated with the personal computer body, the mode is switched into thebattery 62 power supply mode so that the internal circuit can be put into the operative condition. The removal detection post received by theprocessor 50 is imparted to theinjustice judgment unit 56 serving as one of the control functions of theprocessor 50. Upon the reception of the removal detection post from theconnection detecting unit 44, theinjustice judgment unit 56 judges whether an unjust removal has been performed or not. In order to judge this unjust removal, thememory board 20 is provided with the register 45 and the switch 46. Although in this embodiment the software operated register 45 and the mechanically operated switch 46 are provided, one of the both can practically be provided. In this embodiment, judgment is made from the operative condition of the switch 46 of whether any unjust removal has been performed or not by way of example. Upon the reception of the removal detection post from theconnection detecting unit 44, theinjustice judgment unit 56 refers to the operative condition of the switch 46. When removing thememory board 20, the personal computer user knows the procedure of the operation for the removal, so that the removal is performed through the operation defined for the switch 46. In this case, the injustice judgment unit 46 refers to the switch 46 to detect that the switch 46 has been operated or that a correct operation has been carried out, and since no unjust removal has been effected, instructs thebattery 62 of the procedure of the power supply. Contrary to this, in cases where when theinjustice judgment unit 56 has referred to the switch 46, any switching operation has been not performed, or any correct operation has not been carried out, it is judged that an unjust removal has occurred, and thesecurity processing unit 54 is activated to allow stored information protecting action of thestorage unit 58. After the completion of the protecting action of thestorage unit 58 by means of thesecurity processing unit 54, thebattery 62 is instructed of the cease of the power supply to terminate the processing. - Fig. 5 illustrates an embodiment of the protecting action of the
storage unit 58 effected by thesecurity processing unit 54 of Fig. 4 upon the judgment of the unjust removal. Thesecurity processing unit 54 is provided with a data destruction unit 68. Upon the reception of the post of the judgment of the unjust removal, the data destruction unit 68 is activated to execute the data destruction processing for rendering the data stored in thestorage unit 58 into meaningless data. More specifically, the data of thestorage unit 58 are subjected to erasing processing for rendering all data intobit 0 or to random number data writing processing, to be thereby destroyed into compulsory arbitrary data. By virtue of this, even though thememory board 20 has been unjustly removed to fetch the storage data of thestorage unit 58, there can be securely prevented an unjust utilization of the stored data since the data destruction of thestorage unit 58 is performed upon the unjust removal of thememory board 20. - Fig. 6 illustrates another embodiment of the storage protecting action of the
storage unit 58 effected by thesecurity processing unit 54 of Fig. 4. This embodiment is characterized in that thesecurity processing unit 54 is provided with anencipher unit 70. Theencipher unit 70 is activated upon the reception of the post of the unjust removal judgment and enciphers the storage data of thestorage unit 58 in conformity with a predetermined encipher algorithm to replace all the original data by encipher data. In the case of enciphering the data of thestorage unit 58 by means of theencipher unit 70, the redundancy of the data tends to be in general increased to add to the amount of data. For this reason, taking into consideration the increase of the amount of data upon the enciphering, thestorage unit 58 is provided with a spare storage area in the form of a space area, so as to be able to allow for the increase of the mount of data which may be caused by the enciphering. The storage capacity of the encipher data may be reduced by subjecting the encipher data to compression processing in conformity with a predetermined compression algorithm. In the case of the embodiment of Fig. 6 in this manner, when it is judged that an unjust removal has occurred, all the data of thestorage unit 58 are replaced by the encipher data, so that even though the data have been read from thestorage unit 58, the data result in meaningless data due to the enciphering, thereby making it possible to securely prevent the storage data from being utilized unjustly. Thesecurity processing unit 54 of Fig. 6 may be provided with anencipher restoration unit 72 in addition to theencipher unit 70. After the protection of the stored information through the replacement of the data stored in thestorage unit 58 with the encipher data against the unjust removal by means of theencipher unit 70, theencipher restoration unit 72 is utilized when it is desired to again load thememory board 20 into the personal computer to restore thestorage unit 58 into its original state in cases where thememory board 20 remains left as a result of failure of the unjust fetch of the stored data. Thisencipher restoration unit 72 can be activated through an encipher restoration command issued by theprocessor 50 of Fig. 4, under the state in which the data stored in thestorage unit 58 have been replaced with the encipher data by means of theencipher unit 70. It is desirable in this case that a cipher key proper to the user is defined for use to activate theencipher restoration unit 72. - A flowchart of Fig. 7 illustrates a processing action of the present invention implemented by the
memory board 20 of Fig. 5. In step S1, a check is made to see if the connector terminal unit 38 has been removed or not, that is, if a post of a removal detection has been issued from theconnection detecting unit 4. When it is judged that the connector terminal unit has been removed, the procedure goes to step S2 to start a power supply of thebattery 62. Then in step S3, it is judged by theinjustice judgment unit 56 whether an unjust removal has occurred or not. If the unjust removal has occurred, then the procedure goes to step S4 to execute the information protecting processing of the storage unit. That is, the protecting actions are made which include the destruction of data of thestorage unit 58 by the data destruction unit 68 of Fig. 5 or replacement of the data of thestorage unit 58 with encipher data by theencipher unit 70 of Fig. 6. After the completion of the protecting action, the power supply of thebattery 62 is stopped in step S5. It is natural that it has not been judged in step S3 that an unjust removal has occurred, the information protecting processing of thestorage unit 58 in step S4 is skipped, allowing the power supply from thebattery 62 to be stopped in step S5. - Fig. 8 is a block diagram of another embodiment of the storage apparatus in accordance with the present invention in the form of the
memory board 20 of Fig. 3 by way of example. This embodiment is characterized in that the storage unit of thememory board 20 comprises a first storage unit 74 connected to thebus 60 to allow a read and write of data at ordinary time, and asecond storage unit 76 for saving data of the first storage unit 74 upon the detection of an unjust removal. While the first storage unit 74 is connected to thebus 60, thesecond storage unit 76 for saving data upon the unjust removal is separated from thebus 60 and is connected directly to another control bus provided by theprocessor 50. On the basis of an external read or write access demand to thebus 60 by way of the connector terminal unit 38, thestorage control unit 52 of theprocessor 50 controls a read from or a write to the first storage unit 74. An access to thesecond storage unit 76 can not be effected through an ordinary external access demand. In order to judge an unjust removal of thememory board 20 and to protect the stored data, theprocessor 50 is provided with thesecurity processing unit 54 and theinjustice judgment unit 56. Thebus 60 is associated with theconnection detecting unit 44, the register 45, the switch 46 and thebattery 62. Excepting thesecurity processing unit 54, other functions for the stored information protection are the same as those of Fig. 5 embodiment. - The
security processing unit 54 has a processing function of Fig. 9. That is, thesecurity processing unit 54 is provided with adata destruction unit 77. Thisdata destruction unit 77 is activated when theinjustice judgment unit 56 of Fig. 8 judges that thememory board 20 has unjustly been removed, and copies the stored data of the first storage unit 74 to thesecond storage unit 76, after which the stored data of the first storage unit 74 are rendered into meaningless data, for instance, all the data being rendered intobit 0 data or converted into random number data, to destroy the data. For this reason, even though the unjustly removedmemory board 20 has been connected to another personal computer to access the first storage unit 74, only the destroyed meaningless data are obtained. The original data are saved in thesecond storage unit 76 so that as long as thesecurity processing unit 54 recognizes that an unjust removal has been judged, thesecond storage unit 76 neglects an external access demand if any, preventing thesecond storage unit 76 from being referred to through an external access demand. Thesecurity processing unit 54 of Fig. 9 is further provided with adata recovery unit 78. Thedata recovery unit 78 executes data recovery processing in which data saved in the second storage unit as a result of an unjust removal are transferred to the original first storage unit 74 for restoration. Thedata recovery unit 78 is activated through the input of a predetermined encipher key via theprocessor 50 by the user, allowing the execution of the data recovery. - Fig. 10 illustrates another embodiment of a storage apparatus of the present invention in the form of the
memory board 20 of Fig. 3. This is characterized in that a buffer storage unit is provided in the halfway of a path for reading from or writing to the storage unit in response to an external access, the buffer storage unit being used to perform the information protecting action. At the ordinary time where it is loaded into the personal computer, theprocessor 50 executes the read from or write to thestorage unit 58 in response to an external access demand, with the data input or output in this case passing through thebuffer storage unit 80, which buffer transfers to allow the intact output of the input data. Contrary to this, when theinjustice judgment unit 56 of theprocessor 50 has judged from the operative condition of the register 45 or the switch 46 that an unjust removal has occurred, thesecurity processing unit 54 is activated so that upon the reception of an external demand to read thestorage unit 58, the read data can be converted into meaningless data at the time of transfer of the read data by thebuffer storage unit 80. - Fig. 11 is a function block diagram of the
security processing unit 54 of Fig. 10. Thesecurity processing unit 54 is provided with a buffer data conversion unit 82. Upon the reception of a post of judgment of an unjust removal, the buffer data conversion unit 82 is activated and, in response to an external read demand, stores read data read from thestorage unit 58 into thebuffer storage unit 80, after which upon the read transfer it performs buffer data conversion processing in which input storage data are erased into allbits 0 or converted into random number data. For this reason, even though the unjustly removed memory board has been connected to another personal computer to read data from thestorage unit 58, the read data are converted into meaningless data when they pass through thebuffer storage unit 80, prohibiting the original data from being read. Thesecurity processing unit 54 is further provided with aconversion inhibiting unit 84. Theconversion inhibiting unit 84 inhibits an action converting the transfer data of thebuffer storage unit 80 into meaningless data by the buffer data conversion unit 82. In the case where user desires to restore thememory board 20 into its original state after the execution of the unjust removal, theconversion inhibiting unit 84 is activated through a predetermined cipher key designated by theprocessor 50 to interrupt the function of the buffer data conversion unit 82, making it possible to restore thebuffer storage unit 80 into its original data transfer state. - Fig. 12 illustrates a further embodiment of the storage apparatus of the present invention in the form of the
memory board 20 of Fig. 3. This embodiment is characterized in that upon the judgment of an unjust removal a part of the circuit within thememory board 20 is physically destroyed into the state in which data are not allowed to be read. A circuit destruction unit 86 is provided in the midway of thebus 60 serving as a data transmitting path for thestorage unit 58. The circuit destruction unit 86 performs a circuit destroying action in response to an action signal for the stored information protection from thesecurity processing unit 54 when theinjustice judgment unit 56 of theprocessor 50 has judged from the operative condition of the register 45 or the switch 46 that an unjust removal has occurred, and destroys the transmission function of thebus 60, disabling an external access to thestorage unit 58. - Fig. 13 is a circuit diagram of the circuit destruction unit 86 of Fig. 12. This circuit destruction unit 86 makes it possible to switch the mutual connections between a plurality of bus lines 60-1 to 60-n constituting the
bus 60 into short circuit conditions by means of short circuit switches 90-1, 90-2, 90-3, ...90 (n - 1). The short circuit switches 90-1 to 90-(n -1) can be analog switches such as transistors or FETs. The circuit destruction unit 86 is not limited to the circuit of Fig. 13 but can be any circuit destruction unit as long as it is able to short and destroy any appropriate circuit units by use of the short circuit switches. The short circuit switches may be replaced by a pressure boosting circuit which generates an overvoltage exceeding a prescribed voltage limit to destroy the circuits. A heater wire or the like may be arranged in the vicinity of the circuit unit or the like of the input/ output driver for thebus 60 to thereby heat destroy the driver or the like through the energization of the heater wire. - Fig. 14 illustrates a still further embodiment in accordance with the present invention in the form of the
memory board 20 of Fig. 3. This embodiment is characterized in that the stored information protecting action against the unjust removal is carried out without incorporating the battery. Within thememory board 20 there are provided theprocessor 50 and thestorage unit 58 as well as theconnection detecting unit 44 for detecting an unjust removal, the removal register 45 and the switch 46, with theprocessor 50 being provided with the functions of thestorage control unit 52, thesecurity processing unit 54 and theinjustice judgment unit 56, but without thebattery 62 as in the embodiment of Fig. 4 for instance. For this reason, when the memory board is removed, there is interrupted a power supply to the connector terminal unit 38 through theexternal power line 66. As a result of this, in the state where the power supply has been interrupted due to the removal, the protecting actions by theinjustice judgment unit 56 or thesecurity processing unit 54 are not performed as in the case where the battery has been incorporated, allowing the switch 46 to be operated or put in a correct operative condition if an unjust removal has not occurred, but allowing the switch 46 to be inoperative or put in an incorrect operative condition if an unjust removal has occurred. The stored information protecting action against the unjust removal is performed after the removedmemory board 20 has been again connected to the personal computer side to receive a power supply from theexternal power line 66. That is, when theconnection detecting unit 44 detects the reconnection to the connector terminal unit 38, theinjustice judgment unit 56 of theprocessor 50 is activated to check the operative condition of the switch 46, and if the switch 46 is inoperative or is put in an incorrect condition, judges that an unjust removal has occurred to activate thesecurity processing unit 54. - Upon the reception of a post of detection of an unjust removal judgment, the
security processing unit 54 rejects all subsequent read demands to thestorage unit 58 from the exterior. - Fig. 15 illustrates a function of the
security processing unit 54 of Fig. 14. Thesecurity processing unit 54 is provided with a read inhibition unit 92. The read inhibition unit 92 is activated upon the reception of a post of judgment that an unjust removal has occurred from theinjustice judgment unit 56 in the power supply state after the reconnection of thememory board 20, and inhibits the execution of a read control of thestorage unit 58 in response to the read demand to thestorage control unit 52 from the exterior. For this reason, even though thememory board 20 has unjustly been removed and connected to the other apparatus to read out thestorage unit 58, the read inhibition unit 92 of thesecurity processing unit 54 performs the read inhibiting action through thestorage control unit 52, thereby prohibiting an unjust read out of the data of thestorage unit 58. Thesecurity processing unit 54 is further provided with aninhibition release unit 94. In the case where the user has retrieved thememory board 20 for reconnection after the execution of the read prohibition against the external read demand as a result of judgment of an unjust removal of thememory board 20, theinhibition release unit 94 of thesecurity processing unit 54 is activated through the input of an encipher key from theprocessor 50 side, to release the read inhibition function against the read demand from the exterior, thereby making it possible to recover the ordinary state. It is to be noted that in the case of using the register 45 for the judgment of an unjust removal in Fig. 14, the power supply is interrupted due to the removal, so that a non-volatile register is used to prevent the contents from disappearing as a result of the interruption of the power supply. - Fig. 16 illustrates a yet further embodiment of the storage apparatus in accordance with the present invention, which does not incorporate the battery. This embodiment is characterized in that upon the execution of the unjust removal of the
memory board 20 the unjust removal is stored and held, allowing the information protection action to be performed on the basis of the memory of the unjust removal upon the reconnection. Thememory board 20 is provided through thebus 60 with theprocessor 50 and thestorage unit 58, theprocessor 50 being provided with thestorage control unit 52, thesecurity processing unit 54 and theinjustice judgment unit 56. Associated with thebus 60 are theconnection detecting unit 44, the register 45 and the switch 46, as well as an unjust removal storage unit 96. The unjust removal storage unit 96 stores and holds e.g., flag information indicative of an unjust removal which has been judged by theinjustice judgment unit 56 at the time of removal of thememory board 20. The unjust removal storage unit 96 can be a non-volatile storage unit capable of holing the contents of the memory even though a power supply from theexternal power line 66 has been interrupted as a result of the removal of thememory board 20. Thesecurity processing unit 54 is actuated upon the reception of a power supply through the reconnection of thememory board 20, and executes the information protection processing of thestorage unit 58 when it recognizes the judgment flag indicative of the unjust removal through the reference to the unjust removal storage unit 96. The information protection processing by thesecurity processing unit 54 includes the execution of the function of the data destruction unit 68 of Fig. 5 and the function of theencipher unit 70 of Fig. 6. - Fig. 17 illustrates processing executed at the time of removal of the
memory board 20 in the embodiment of Fig. 16. First in step S1, a check is made to see if the connector terminal unit 38 has been removed or not, that is, a post of a removal detection has been issued or not from theconnection detecting unit 44. If it is judged that the connector terminal unit 38 has been removed, then in step S2 a check is made by theinjustice judgment unit 56 to see if an unjust removal has occurred or not. That is, reference is made to the switch 46 or the register 45, and it is judged that an unjust removal has occurred if it is inoperative or in an incorrect operation. When it is judged that an unjust removal has occurred, then in step S4 the injusticeremoval storage unit 98 stores and holds unjust removal flag information indicating that an unjust removal has taken place. - Fig. 18 illustrates processing executed when the reconnection has been made after the removal of the
memory board 20 in Fig. 16. First in step S1, thememory board 20 serving as the storage unit is attached to the equipment, and in step S2 the power supply to the equipment is turned on and in step S3 thesecurity processing unit 54 refers to the unjust removal storage unit 96 to check the presence or absence of the memory of the unjust removal. If any unjust removal memory exists, then in step S4 there is executed the information protecting processing of thestorage unit 58. If in step S3 there is no unjust removal memory, then in step S5 ordinary processing is carried out as a result of the successful connection. It is to be noted that in Fig. 16 there are required the actions of detecting a removal of the connector terminal unit 38 to judge the unjust removal by theinjustice judgment unit 56, to thereafter store it into the unjust removal storage unit 96, with the result that acapacitor 94 for backup is connected to theinternal power line 64 to secure the power supply for this duration, thereby making it possible to be operated. - Fig. 19 illustrates an embodiment in which information indicative of an unjust removal is stored and held at the time of the unjust removal of Fig. 16, with the information protective action being effected upon the reconnection. In this embodiment, the storage unit is divided into a first storage unit 74 and
second storage unit 76 in the same manner as Figs. 8 and 9, with thesecurity processing unit 54 performing the protective action by thedata destruction unit 77 of Fig. 9, that is, the protective action in which the data of the first storage unit 74 are transferred to thesecond storage unit 76 to render the data of the first storage unit 74 into meaningless data for destruction. Furthermore, theinjustice storage unit 98 is the same as the embodiment of Fig. 16, with its processing action being also the same as in the flowchart of Figs. 17 and 18. - Fig. 20 illustrates another embodiment in which information indicative of an unjust removal is stored and held at the time of the unjust removal, with its information protective action being performed after the reconnection. This embodiment is provided with a
buffer storage unit 80 in the same manner as Figs. 10 and 11. In this case, thesecurity processing unit 54 of theprocessor 50 has a function of the buffer data conversion unit 82 of Fig. 11, and when theinjustice judgment unit 56 recognizes a memory of the unjust removal from the injusticeremoval storage unit 98 as a result of the reconnection, performs the processing for converting the read data from thestorage unit 58 passing through thebuffer storage unit 80 into meaningless data to thereby protect the stored data. - Fig. 21 illustrates a further embodiment of the storage apparatus in accordance with the present invention, which incorporates no battery. This embodiment is characterized in that an initial motion is detected upon the removal of the
memory board 20 to previously judge an unjust removal, thereby allowing the stored information protective action to be carried out until the time when the power supply is interrupted as a result of the removal. Associated with thebus 60 are theprocessor 50 and thestorage unit 58, with theprocessing 50 being provided with an unjustremoval notice unit 98 in addition to thestorage control unit 52 and thesecurity processing unit 54. The connector terminal unit 38 is associated with a connection previous detection unit 99. The connection previous detection unit 99 detects an initial motion at the time of disconnection of the connector terminal unit 38, and posts the unjustremoval notice unit 98 of theprocessing 50 of a removal previous detection. The detection of initial motion upon the disconnection of the connector terminal unit 38 by the connection previous detection unit 99 includes the detection of an operation loosening the lock screw of the connector or an operation to remove the lock clip of the connector. Upon the reception of a removal notice from the connection previous detection unit 99, the unjustremoval notice unit 98 refers to the switch 46 or the register 45 to judge the presence or absence of the unjust removal from its operative condition, allowing thesecurity processing unit 54 to be activated if an unjust removal has taken place, causing thestorage unit 58 to carry out the information protecting action. The information protecting action includes the destruction of the data of Fig. 5 and the encipher of Fig. 6. That is, the unjustremoval notice unit 98 makes a judgment of an unjust removal upon the detection of an initial motion for the removal of thememory board 20 from the connector terminal unit 38, to thereby previously notify it, allowing thesecurity processing unit 54 to perform the protective actions until the time when the power supply is interrupted as a result of the removal of the removal. The protective action for thestorage unit 58 is provided as the power supply when the memory board is removed from the connector terminal unit 38, with not all of the data of thestorage unit 58 but a part thereof being destroyed or enciphered, to make them imperfect, thereby providing a sufficient protection. - Fig. 22 illustrates a processing action of Fig. 21. In step S1, a check is made to see if the removal of the connector terminal unit 38 has been started or not, and if the removal has been started, then in step S2 it is judged by the unjust
removal notice unit 98 whether it is an unjust removal or not. If an unjust removal has been taken place, then in step S3 thesecurity processing unit 54 executes the information protective processing for thestorage unit 58. - The embodiment of Fig. 23 is characterized in that the information protection for the storage unit by the unjust removal notice of Fig. 21 is applied separately to the first storage unit 74 and the
second storage unit 76 in the same manner as Fig. 8. Furthermore, the embodiment of Fig. 24 is characterized in that the protection of the stored information by the unjust removal notice of Fig. 23 is effected by use of thebuffer storage unit 80 in the same manner as Fig. 10. - Fig. 25 is a block diagram of a configuration of the hardware in which the present invention is applied to the
hard disk drive 22 of Fig. 3. Thehard disk drive 22 is provided with a processor 100, which is equipped with thestorage control unit 52, thesecurity processing unit 54 and theinjustice judgment unit 56 in the same manner as the case of thememory board 20 of Fig. 4 for instance. It is natural that the control function effected by thestorage control unit 52 be proper to thehard disk 22. Associated with abus 102 of the processor 100 is a hard disk controller 104 to ensure that after the modulation of NRZ data by a write modulation circuit 106 any one of heads of a head assembly 112 is selected by way of a head IC circuit, to allow a disk medium not shown to be written. A read signal read from any one of the heads of the head assembly 112 is imparted through the head IC circuit 110 to a read demodulation circuit 108 to demodulate it as NRZ read data, which in turn are fed to the hard disk controller 104. The hard disk controller 104 is associated via the buffer storage unit 114 with aninterface 116 with a host apparatus, theinterface 116 being connected to the connector terminal unit 42. The connector terminal unit 42 is supplied with a power by way of anexternal power line 124. The connector terminal unit 42 is associated with theconnection detecting unit 44 for detecting the removal and loading of thehard disk drive 22. Thebus 102 of the processor 100 is associated with aservo controller 116, which performs a rotation control of a disk medium by aspindle motor 118 and a positioning control through a head actuator by aVCM 120. Thebus 102 of the processor 100 is associated with aROM 122 and aRAM 124, as well as the removal register 45, the switch 46 and thebattery 62, which perform an information protecting action against an unjust removal. Such processing for protecting the stored data on a magnetic disk medium provided on thehard disk drive 22 is implemented by theconnection detecting unit 44 associated with the connector terminal unit 42, the removal register 45 operated from the processor side through the host apparatus, the switch 46 for performing a predetermined operation upon the removal of thehard disk drive 22, the battery for supplying the power upon the removal of thehard disk drive 22, and the unjustremoval judgment unit 56 and thesecurity processing unit 54 which are provided in the processor 100. Since in this case thebattery 62 is incorporated, thememory board 20 can employ in a selective manner the embodiments of Figs. 4, 8, 10 and 12. In the case where nobattery 62 is provided, a selective application is allowed of the embodiments shown in Figs. 14, 16, 19, 20, 21, 23 and 24. - According to the present invention, even though the equipment has been disassembled to remove the storage apparatus such as an internal memory board or an internal hard disk drive to thereafter connect it to another system for unjustly accessing the data, it is judged upon the removal of the storage apparatus that an unjust removal has taken place, allowing the execution of erasing of the data of the storage unit, enciphering, saving into another area, a erasing by the transfer buffer upon the reconnection to another system, and the inhibition of access against the read demand, so that it makes it impossible to read the data from the unjustly removed storage unit to the exterior, thereby achieving an improvement in the security performances of the equipment through the secure prevention of an unjust access to the stored data of the storage apparatus assembled into the equipment.
- Although the auxiliary apparatus of the above embodiments were in the form of a memory board and a hard disk drive by way of example, any auxiliary apparatus would be available as long as it is freely attachable to the equipment such as a personal computer. It will be appreciated that although the above embodiments employ the personal computer as the equipment, they are applicable intactly to any equipment using the storage apparatus.
Claims (23)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP34601997A JP4033310B2 (en) | 1997-12-16 | 1997-12-16 | Auxiliary storage device for information equipment and information equipment |
JP09-346,019 | 1997-12-16 | ||
JP9-346019 | 1997-12-16 |
Publications (2)
Publication Number | Publication Date |
---|---|
US20010056543A1 true US20010056543A1 (en) | 2001-12-27 |
US6374310B2 US6374310B2 (en) | 2002-04-16 |
Family
ID=18380590
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US09/089,507 Expired - Lifetime US6374310B2 (en) | 1997-12-16 | 1998-06-03 | System for protecting information stored in a storage apparatus assembled into an equipment when the storage apparatus is removed from the equipment unauthorized |
Country Status (2)
Country | Link |
---|---|
US (1) | US6374310B2 (en) |
JP (1) | JP4033310B2 (en) |
Cited By (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020078026A1 (en) * | 2000-12-14 | 2002-06-20 | Fergus Joseph E. | Method and apparatus for bulk data remover |
US20030103288A1 (en) * | 2001-11-30 | 2003-06-05 | Kabushiki Kaisha Toshiba | Recording and regeneration apparatus and data erasure method for use in the recording and regeneration apparatus |
US20030145218A1 (en) * | 2002-01-31 | 2003-07-31 | Xerox Corporation | Encryption of image data in a digital copier |
EP1370919A2 (en) * | 2001-03-22 | 2003-12-17 | Eracom Technologies Australia Pty Ltd | Encryption module with physical security or protection |
US20060152173A1 (en) * | 2004-12-27 | 2006-07-13 | M-Systems Flash Disk Pioneers Ltd. | Method and apparatus for intentionally damaging a solid-state disk |
US20080244737A1 (en) * | 2007-03-26 | 2008-10-02 | Teac Corporation | Storage device |
WO2009029425A1 (en) * | 2007-08-28 | 2009-03-05 | Dresser, Inc. | Detecting component removal |
US20110078379A1 (en) * | 2007-02-07 | 2011-03-31 | Junichi Iida | Storage control unit and data management method |
WO2012171761A1 (en) * | 2011-06-14 | 2012-12-20 | Siemens Aktiengesellschaft | Apparatus and method for erasing stored data |
US20140115714A1 (en) * | 2008-09-11 | 2014-04-24 | Andrew N. Mostovych | Method and apparatus for prevention of tampering and unauthorized extraction of information from microdevices |
US20140195717A1 (en) * | 2013-01-08 | 2014-07-10 | Greentec-Usa, Inc. | Write Once Read Many Media Methods |
US20140304841A1 (en) * | 2013-04-08 | 2014-10-09 | Hon Hai Precision Industry Co., Ltd. | Electronic device using data theft protection |
US20150293986A1 (en) * | 2012-11-02 | 2015-10-15 | Vod2 Inc. | Data distribution methods and systems |
US20160070491A1 (en) * | 2014-09-10 | 2016-03-10 | Fujitsu Limited | Information processor, computer-readable recording medium in which input/output control program is recorded, and method for controlling input/output |
JP2017537379A (en) * | 2014-10-20 | 2017-12-14 | ベドロック・オートメーション・プラットフォームズ・インコーポレーテッド | Industrial control system tamper-proof module |
JPWO2016186109A1 (en) * | 2015-05-18 | 2018-03-29 | Necフィールディング株式会社 | Storage device, access prohibition method, and program |
US10911328B2 (en) | 2011-12-27 | 2021-02-02 | Netapp, Inc. | Quality of service policy based load adaption |
US10929022B2 (en) | 2016-04-25 | 2021-02-23 | Netapp. Inc. | Space savings reporting for storage system supporting snapshot and clones |
US10951488B2 (en) | 2011-12-27 | 2021-03-16 | Netapp, Inc. | Rule-based performance class access management for storage cluster performance guarantees |
US10997098B2 (en) | 2016-09-20 | 2021-05-04 | Netapp, Inc. | Quality of service policy sets |
EP3844658A4 (en) * | 2018-08-29 | 2022-05-04 | Varex Imaging Corporation | Anti-tamper circuitry |
US11379119B2 (en) | 2010-03-05 | 2022-07-05 | Netapp, Inc. | Writing data in a distributed data storage system |
US11386120B2 (en) | 2014-02-21 | 2022-07-12 | Netapp, Inc. | Data syncing in a distributed system |
Families Citing this family (34)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001184567A (en) * | 1999-12-24 | 2001-07-06 | Toshiba Tec Corp | Transaction processing device |
JP3866892B2 (en) * | 2000-02-15 | 2007-01-10 | 株式会社日立グローバルストレージテクノロジーズ | Information processing device and its maintenance service system |
JP2001297205A (en) * | 2000-04-12 | 2001-10-26 | Sony Corp | System and device for digital video distribution management, information processor, and method for, digital video distribution management |
JP2001297163A (en) * | 2000-04-12 | 2001-10-26 | Sony Corp | System, device and method for managing rental of information, information processor and recording medium |
JP2002042414A (en) * | 2000-07-19 | 2002-02-08 | Toshiba Corp | Disk storage device and security method to be applied to the same |
JP2002108717A (en) | 2000-07-27 | 2002-04-12 | Nec Corp | Disk system with contents reproduction limiting mechanism, and medium |
US6992701B2 (en) * | 2000-08-01 | 2006-01-31 | Sharp Kabushiki Kaisha | Reusable digital camera that prevents unauthorized use |
JP2002229856A (en) * | 2001-02-01 | 2002-08-16 | Dainippon Printing Co Ltd | High security ic chip |
JP4589549B2 (en) * | 2001-03-02 | 2010-12-01 | 株式会社リコー | Storage device, information processing device and data theft prevention system |
US20030131255A1 (en) * | 2002-01-10 | 2003-07-10 | Youngtack Shim | Secure data storage systems |
CN100418032C (en) * | 2003-06-30 | 2008-09-10 | Nxp股份有限公司 | Digital self-erasure of key copy-protected storage |
KR100560665B1 (en) * | 2003-07-02 | 2006-03-16 | 삼성전자주식회사 | Semiconductor memory device with read protection function |
JP4494031B2 (en) * | 2004-02-06 | 2010-06-30 | 株式会社日立製作所 | Storage control device and storage control device control method |
JP4568562B2 (en) * | 2004-09-03 | 2010-10-27 | 株式会社リコー | Image forming apparatus |
EP1659474A1 (en) * | 2004-11-15 | 2006-05-24 | Thomson Licensing | Method and USB flash drive for protecting private content stored in the USB flash drive |
US20060124046A1 (en) * | 2004-12-09 | 2006-06-15 | Honeywell International, Inc. | Using thin film, thermal batteries to provide security protection for electronic systems |
JP4653497B2 (en) * | 2005-01-12 | 2011-03-16 | 株式会社アイ・オー・データ機器 | Portable storage device |
JP4725111B2 (en) * | 2005-01-13 | 2011-07-13 | 日本電気株式会社 | Nonvolatile memory device, nonvolatile memory system, data erasing method, program, and recording medium |
JP2006209232A (en) * | 2005-01-25 | 2006-08-10 | Fuji Xerox Co Ltd | Data leakage prevention apparatus, data leakage prevention method, image processing apparatus |
JP4734986B2 (en) | 2005-03-23 | 2011-07-27 | 日本電気株式会社 | EXTERNAL STORAGE MEDIUM MANAGEMENT SYSTEM AND EXTERNAL STORAGE MEDIUM MANAGEMENT METHOD |
US7500115B2 (en) * | 2005-06-03 | 2009-03-03 | Dell Products L.P. | Information handling system including a memory device capable of being powered by a battery |
JP4857638B2 (en) * | 2005-07-27 | 2012-01-18 | 富士ゼロックス株式会社 | Electronic paper control system |
JP4832862B2 (en) * | 2005-11-18 | 2011-12-07 | 株式会社日立製作所 | Disk array system and security method |
JP4799239B2 (en) * | 2006-03-29 | 2011-10-26 | 株式会社日立ソリューションズ | Information leakage prevention method and removable media |
JP4787055B2 (en) * | 2006-04-12 | 2011-10-05 | 富士通株式会社 | Information processing apparatus with information division recording function |
JP2008047067A (en) * | 2006-08-21 | 2008-02-28 | Ricoh Co Ltd | Encapsulated document managing device, encapsulated document managing method and encapsulated document management program |
JP2008152693A (en) * | 2006-12-20 | 2008-07-03 | Nec Access Technica Ltd | Information processor |
JP4674591B2 (en) * | 2007-02-22 | 2011-04-20 | 日本電気株式会社 | Auxiliary storage device and security ensuring method and program thereof |
US20090132762A1 (en) * | 2007-11-16 | 2009-05-21 | Sony Corporation | Removable nonvolatile memory system with functional inhibition |
JP2009129328A (en) * | 2007-11-27 | 2009-06-11 | Nec Infrontia Corp | Terminal having unauthorized use prevention function, and method for preventing unauthorized use of terminal |
JP4946834B2 (en) * | 2007-11-30 | 2012-06-06 | 富士通株式会社 | Data management apparatus, data management method, computer program, and removable storage device |
CN103902926A (en) * | 2012-12-27 | 2014-07-02 | 鸿富锦精密工业(深圳)有限公司 | Hard disc module and electronic device |
JP5767657B2 (en) * | 2013-01-30 | 2015-08-19 | レノボ・シンガポール・プライベート・リミテッド | Method and computer for protecting data stored in non-volatile memory |
JP2020038426A (en) * | 2018-09-03 | 2020-03-12 | 株式会社日立情報通信エンジニアリング | Storage device and control method of storage device |
Family Cites Families (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE3509562A1 (en) * | 1985-03-16 | 1986-09-18 | Blaupunkt-Werke Gmbh, 3200 Hildesheim | SYSTEM FOR SECURING ELECTRONIC DEVICES, ESPECIALLY CAR RADIOS AGAINST THEFT |
US5259540A (en) * | 1989-04-25 | 1993-11-09 | Skidata Computer Gesellschaft M.B.H. | Data carrier |
US5826009A (en) * | 1990-07-12 | 1998-10-20 | Feng; Genquan | Protection of software from physical and electronic interrogation by sealing and checking password |
JP3095473B2 (en) * | 1991-09-25 | 2000-10-03 | 株式会社トキメック | Detected device and moving object identification system |
JP3305737B2 (en) * | 1991-11-27 | 2002-07-24 | 富士通株式会社 | Confidential information management method for information processing equipment |
US5610981A (en) * | 1992-06-04 | 1997-03-11 | Integrated Technologies Of America, Inc. | Preboot protection for a data security system with anti-intrusion capability |
US5418761A (en) * | 1992-07-29 | 1995-05-23 | Asano; Michihiro | Operation prohibition device for a car loading audio instrument |
US5369299A (en) * | 1993-07-22 | 1994-11-29 | National Semiconductor Corporation | Tamper resistant integrated circuit structure |
JPH07334272A (en) | 1994-06-08 | 1995-12-22 | Hitachi Ltd | Information processor |
US5809123A (en) * | 1996-03-15 | 1998-09-15 | Mci Communications Corporation | Motion detection for preventing removal of a fixed wireless terminal |
US5974473A (en) * | 1996-06-14 | 1999-10-26 | Texas Instruments Incorporated | System for controlling insertion, locking, and removal of modules by removing plurality of device drivers for module to be removed from BIOS and informing BIOS of module removal |
-
1997
- 1997-12-16 JP JP34601997A patent/JP4033310B2/en not_active Expired - Fee Related
-
1998
- 1998-06-03 US US09/089,507 patent/US6374310B2/en not_active Expired - Lifetime
Cited By (43)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020078026A1 (en) * | 2000-12-14 | 2002-06-20 | Fergus Joseph E. | Method and apparatus for bulk data remover |
EP1370919A2 (en) * | 2001-03-22 | 2003-12-17 | Eracom Technologies Australia Pty Ltd | Encryption module with physical security or protection |
US20030103288A1 (en) * | 2001-11-30 | 2003-06-05 | Kabushiki Kaisha Toshiba | Recording and regeneration apparatus and data erasure method for use in the recording and regeneration apparatus |
EP1316954A3 (en) * | 2001-11-30 | 2004-05-26 | Kabushiki Kaisha Toshiba | Recording and regeneration apparatus and data erasure method for use in the recording and regeneration apparatus |
US20070192635A1 (en) * | 2002-01-31 | 2007-08-16 | Xerox Corporation | Encryption of image data in a digital copier |
EP1341367A3 (en) * | 2002-01-31 | 2003-11-19 | Xerox Corporation | Encryption of image data stored in a digital copier |
EP1341367A2 (en) * | 2002-01-31 | 2003-09-03 | Xerox Corporation | Encryption of image data stored in a digital copier |
US20030145218A1 (en) * | 2002-01-31 | 2003-07-31 | Xerox Corporation | Encryption of image data in a digital copier |
US20060152173A1 (en) * | 2004-12-27 | 2006-07-13 | M-Systems Flash Disk Pioneers Ltd. | Method and apparatus for intentionally damaging a solid-state disk |
US20110078379A1 (en) * | 2007-02-07 | 2011-03-31 | Junichi Iida | Storage control unit and data management method |
US8190822B2 (en) | 2007-02-07 | 2012-05-29 | Hitachi, Ltd. | Storage control unit and data management method |
US20080244737A1 (en) * | 2007-03-26 | 2008-10-02 | Teac Corporation | Storage device |
US8332957B2 (en) | 2007-03-26 | 2012-12-11 | Teac Corporation | Storage device |
WO2013122557A1 (en) * | 2007-08-28 | 2013-08-22 | Dresser, Inc. | Detecting component removal |
WO2009029425A1 (en) * | 2007-08-28 | 2009-03-05 | Dresser, Inc. | Detecting component removal |
US7902993B2 (en) | 2007-08-28 | 2011-03-08 | Dresser, Inc. | Detecting component removal |
US9043925B2 (en) * | 2008-09-11 | 2015-05-26 | Enterprise Sciences, Inc. | Method and apparatus for prevention of tampering and unauthorized extraction of information from microdevices |
US20140115714A1 (en) * | 2008-09-11 | 2014-04-24 | Andrew N. Mostovych | Method and apparatus for prevention of tampering and unauthorized extraction of information from microdevices |
US11379119B2 (en) | 2010-03-05 | 2022-07-05 | Netapp, Inc. | Writing data in a distributed data storage system |
WO2012171761A1 (en) * | 2011-06-14 | 2012-12-20 | Siemens Aktiengesellschaft | Apparatus and method for erasing stored data |
US11212196B2 (en) | 2011-12-27 | 2021-12-28 | Netapp, Inc. | Proportional quality of service based on client impact on an overload condition |
US10911328B2 (en) | 2011-12-27 | 2021-02-02 | Netapp, Inc. | Quality of service policy based load adaption |
US10951488B2 (en) | 2011-12-27 | 2021-03-16 | Netapp, Inc. | Rule-based performance class access management for storage cluster performance guarantees |
US20150293986A1 (en) * | 2012-11-02 | 2015-10-15 | Vod2 Inc. | Data distribution methods and systems |
US10216822B2 (en) * | 2012-11-02 | 2019-02-26 | Vod2, Inc. | Data distribution methods and systems |
US9317426B2 (en) * | 2013-01-08 | 2016-04-19 | GreenTec-USA. Inc. | Write once read many media methods |
US9632717B2 (en) | 2013-01-08 | 2017-04-25 | Greentec-Usa, Inc. | Write once read many media methods and systems |
US20140195717A1 (en) * | 2013-01-08 | 2014-07-10 | Greentec-Usa, Inc. | Write Once Read Many Media Methods |
US9117097B2 (en) * | 2013-04-08 | 2015-08-25 | Hon Hai Precision Industry Co., Ltd. | Electronic device using data theft protection |
US20140304841A1 (en) * | 2013-04-08 | 2014-10-09 | Hon Hai Precision Industry Co., Ltd. | Electronic device using data theft protection |
US11386120B2 (en) | 2014-02-21 | 2022-07-12 | Netapp, Inc. | Data syncing in a distributed system |
US20160070491A1 (en) * | 2014-09-10 | 2016-03-10 | Fujitsu Limited | Information processor, computer-readable recording medium in which input/output control program is recorded, and method for controlling input/output |
US10534937B2 (en) | 2014-10-20 | 2020-01-14 | Bedrock Automation Platforms Inc. | Tamper resistant module for industrial control system |
US11263355B2 (en) | 2014-10-20 | 2022-03-01 | Bedrock Automation Platforms Inc. | Tamper resistant module for industrial control system |
JP2017537379A (en) * | 2014-10-20 | 2017-12-14 | ベドロック・オートメーション・プラットフォームズ・インコーポレーテッド | Industrial control system tamper-proof module |
US11704445B2 (en) | 2014-10-20 | 2023-07-18 | Bedrock Automation Platforms Inc. | Tamper resistant module for industrial control system |
US12001597B2 (en) | 2014-10-20 | 2024-06-04 | Analog Devices, Inc. | Tamper resistant module for industrial control system |
JPWO2016186109A1 (en) * | 2015-05-18 | 2018-03-29 | Necフィールディング株式会社 | Storage device, access prohibition method, and program |
US10929022B2 (en) | 2016-04-25 | 2021-02-23 | Netapp. Inc. | Space savings reporting for storage system supporting snapshot and clones |
US10997098B2 (en) | 2016-09-20 | 2021-05-04 | Netapp, Inc. | Quality of service policy sets |
US11327910B2 (en) | 2016-09-20 | 2022-05-10 | Netapp, Inc. | Quality of service policy sets |
US11886363B2 (en) | 2016-09-20 | 2024-01-30 | Netapp, Inc. | Quality of service policy sets |
EP3844658A4 (en) * | 2018-08-29 | 2022-05-04 | Varex Imaging Corporation | Anti-tamper circuitry |
Also Published As
Publication number | Publication date |
---|---|
JPH11175406A (en) | 1999-07-02 |
JP4033310B2 (en) | 2008-01-16 |
US6374310B2 (en) | 2002-04-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6374310B2 (en) | System for protecting information stored in a storage apparatus assembled into an equipment when the storage apparatus is removed from the equipment unauthorized | |
KR100906175B1 (en) | Data-protected memory device for a processor | |
JPH113284A (en) | Information storage medium and its security method | |
JP3613687B2 (en) | PC card for microcomputer | |
GB2222899A (en) | Computer mass storage data protection | |
US6016536A (en) | Method for backing up the system files in a hard disk drive | |
JPS60138645A (en) | Safety device and method for disabling microprocessor control type electronic equipment after occurrence of use forbidding event | |
JP4888935B2 (en) | Storage system | |
US7395434B2 (en) | Method for secure storage and verification of the administrator, power-on password and configuration information | |
JP2000207048A (en) | Preboot security controller | |
US5758121A (en) | Data storage security apparatus and method which erases memory and utilizes a power switch to cut-off electric power during unsuccessful access | |
JP5319830B2 (en) | Data protection method and computer apparatus | |
JP2002529853A (en) | Write protected disk cache apparatus and method for subsystem hard disk with large capacity memory | |
CA2285848C (en) | Method and apparatus for an integrated security device for providing for automatic disablement | |
JP2001202167A (en) | Computer and its control method | |
JPH11249966A (en) | Information storage device | |
US7882353B2 (en) | Method for protecting data in a hard disk | |
JPH07175725A (en) | Semiconductor memory device | |
US7739468B2 (en) | Data protection system for controlling data entry point employing RFID tag | |
JPH0535462A (en) | Computer system | |
JP2001306266A (en) | Method for protecting data in hard disk and computer system | |
JP3479390B2 (en) | Decryption prevention method and information processing device for confidentiality data | |
JP7413300B2 (en) | Storage device | |
JPH11212730A (en) | Method and device for preventing information leak of secondary storage device | |
JPH10133951A (en) | Input/output controller for disk storing device and write protecting method applied to disk storage device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: FUJITSU LIMITED, JAPAN Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:ISOMURA, HIROSHI;REEL/FRAME:009234/0391 Effective date: 19980525 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
FEPP | Fee payment procedure |
Free format text: PAYER NUMBER DE-ASSIGNED (ORIGINAL EVENT CODE: RMPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
FPAY | Fee payment |
Year of fee payment: 4 |
|
FPAY | Fee payment |
Year of fee payment: 8 |
|
AS | Assignment |
Owner name: APPLE INC.,CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:FUJITSU LIMITED;REEL/FRAME:024515/0384 Effective date: 20100308 |
|
AS | Assignment |
Owner name: RPX CORPORATION, CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:APPLE, INC.;REEL/FRAME:024741/0465 Effective date: 20100520 |
|
FPAY | Fee payment |
Year of fee payment: 12 |