WO2008003174A1 - Method and device for scanning data for signatures prior to storage in a storage device - Google Patents

Method and device for scanning data for signatures prior to storage in a storage device Download PDF

Info

Publication number
WO2008003174A1
WO2008003174A1 PCT/CA2007/001192 CA2007001192W WO2008003174A1 WO 2008003174 A1 WO2008003174 A1 WO 2008003174A1 CA 2007001192 W CA2007001192 W CA 2007001192W WO 2008003174 A1 WO2008003174 A1 WO 2008003174A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
storage device
storing
storage
memory
Prior art date
Application number
PCT/CA2007/001192
Other languages
French (fr)
Inventor
Laurence Hamid
Original Assignee
Memory Experts International Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Memory Experts International Inc. filed Critical Memory Experts International Inc.
Priority to CA2656856A priority Critical patent/CA2656856C/en
Priority to EP07763855.9A priority patent/EP2038794B1/en
Publication of WO2008003174A1 publication Critical patent/WO2008003174A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/564Static detection by virus signature recognition
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices

Definitions

  • This invention relates to the field of computer safety and in particular to a method and device for scanning data for signatures prior to storage in a storage device.
  • a computer virus is generally a manmade destructive computer program or code that is loaded onto a computer system without the knowledge of the user.
  • the computer virus is often a self-replicating program that copies itself and infects other programs and data files by modifying them or their environment.
  • the computer virus spreads from one computer to another when an infected computer program or data file is taken to the uninfected computer, for example, by a user sending it over a network or carrying it on a portable storage medium.
  • While some computer viruses are intentionally destructive, for example, deleting data, many other viruses are fairly benign. However, even such viruses are dangerous as they are able to access systems, potentially utilizing a large portion of the available resources and possibly shutting down an infected computer system.
  • the signatures in the dictionary need to be updated on a regular basis.
  • the antivirus software typically examines files when a computer's operating system creates, opens, closes, downloads, or e-mails them. Furthermore, the antivirus software is usually scheduled to scan all files on the computer's hard-drive on a regular basis. However, this still leaves a loophole for spreading a computer virus before a dictionary is updated.
  • USB memory storage keys presents a significant security challenge for large organizations. Their small size and ease of use allows unsupervised visitors or unscrupulous employees to smuggle confidential data with little chance of detection. To prevent this, some organizations - particularly government departments and larger corporations - forbid the use of USB memory storage keys, and computers are configured to disable the mounting of USB memory storage keys. Some organizations use a lower-tech security solution, disconnecting USB ports inside the computer or filling the USB ports with glue.
  • a method for storing data in a storage device comprising: receiving, at the storage device, first data for being stored within the storage device; storing the first data in a temporary storage medium within the storage device, the temporary storage medium for storing other than guaranteed previously scanned data; using circuitry of the storage device comparing the first data with at least a predetermined signature and determining a comparison result in dependence thereupon; and, performing, in dependence upon the comparison result, one of providing the first data for storage within a scanned data memory of the storage device, the scanned data memory for storing guaranteed previously scanned data therein, when the comparison result is indicative of other than a match, and other than providing the first data for storage within the scanned data memory when the comparison result is indicative of a match.
  • a storage device comprising: a first port for receiving first data for being stored within the storage device; a temporary storage medium in communication with the first port for storing other than guaranteed previously scanned data; a scanned data memory for storing guaranteed previously scanned data therein; circuitry in communication with the first port, the temporary storage medium and the scanned data memory, the circuitry for: a) comparing the first data with at least a predetermined signature and determining a comparison result in dependence thereupon; and, b) performing, in dependence upon the comparison result, one of providing the first data for storage within the scanned data memory when the comparison result is indicative of other than a match, and other than providing the first data for storage within the scanned data memory when the comparison result is indicative of a match.
  • a coupler comprising: a first interface for coupling to a port of a host system for receiving first data for being stored in a scanned data memory of a portable storage device, the scanned data memory for storing guaranteed previously scanned data therein; a second interface for interfacing with the portable storage device; a temporary storage medium in communication with the first interface for storing other than guaranteed previously scanned data; circuitry in communication with the first interface, the temporary storage medium and the second interface, the circuitry for: a) comparing the first data with predetermined signatures and determining a comparison result in dependence thereupon; and, b) performing, in dependence upon the comparison result, one of providing via the second interface the first data for storage within the scanned data memory when the comparison result is indicative of other than a match, and other than providing the first data for storage within the scanned data memory when the comparison result is indicative of a match.
  • a storage medium having stored therein executable commands for execution on a processor of a host system, the processor when executing the commands performing: providing first data to a storage device for storage therein when data from the storage device have been received, the data being indicative of a presence of a circuitry for: comparing the first data with at least a predetermined signature and determining a comparison result in dependence thereupon; and, performing, in dependence upon the comparison result, one of providing the first data for storage within a scanned data memory when the comparison result is indicative of other than a match, and other than providing the first data for storage within the scanned data memory when the comparison result is indicative of a match; and, other than providing the first data to the storage device in the absence of data indicative of the presence of the circuitry.
  • Figures Ia to Id are simplified block diagrams illustrating a first embodiment of a storage device supporting scanning of data for signatures prior to storage according to the invention
  • Figure 2 is a simplified flow diagram illustrating a first embodiment of a method for supporting scanning of data for signatures prior to storage according to the invention
  • Figure 3 is a simplified block diagram illustrating a second embodiment of a storage device supporting scanning of data for signatures prior to storage according to the invention
  • Figure 4 is a simplified flow diagram illustrating a second embodiment of a method for supporting scanning of data for signatures prior to storage according to the invention
  • Figure 5 is a simplified block diagram illustrating a third embodiment of a storage device supporting scanning of data for signatures prior to storage according to the invention
  • Figure 6 is a simplified block diagram illustrating a fourth embodiment of a storage device supporting scanning of data for signatures prior to storage according to the invention.
  • Figure 7 is a simplified block diagram illustrating a fifth embodiment of a storage device supporting scanning of data for signatures prior to storage according to the invention.
  • Figure 8 is a simplified flow diagram illustrating a third embodiment of a method for supporting scanning of data for signatures prior to storage according to the invention.
  • Figure 9 is a simplified flow diagram illustrating a fourth embodiment of a method for supporting scanning of data for signatures prior to storage according to the invention.
  • Figure 10 is a simplified block diagram illustrating a sixth embodiment of a storage device supporting scanning of data for signatures prior to storage according to the invention.
  • Figure 11 is a simplified block diagram illustrating a seventh embodiment of a storage device supporting scanning of data for signatures prior to storage according to the invention.
  • FIG. Ia a first embodiment of a storage device 100 supporting scanning data for signatures prior to storage is shown.
  • the storage device 100 comprises a port 105 for being mated to a port 155 of a host system 150.
  • Processor 110 of the storage device 100 communicates via the mated ports 105 and 155 with a processor 160 of the host system 150 for receiving first data for being stored within the storage device 100.
  • the first data are stored in a temporary storage medium 115 in communication with the circuitry 110.
  • the storage device 100 comprises memory 120 in communication with the processor 110 having stored therein executable commands for execution on the processor 110 for communicating with the host system 150 and for processing the first data.
  • the temporary storage medium 115 is used for temporary storage of other than guaranteed previously scanned data and acts, for example, as a register of the processor 110 during: receipt of the first data; scanning of the first data; and provision/retrieval of the first data to/from a scanned data memory 125 in communication with the processor 110.
  • the processor 110 compares the first data with at least a predetermined signature stored in signature memory 130 in communication therewith.
  • the at least a predetermined signature are received prior to receipt of the first data and stored in the temporary storage medium 115, allowing omission of the signature memory 130.
  • the processor 110 comprises electronic circuitry designed for performing a portion of the communication and data processing in a hardware implemented fashion.
  • the peripheral device comprises electronic circuitry for performing the complete communication and data processing in a hardware implemented fashion, thus allowing omission of the memory 120.
  • the interface 105 is a serial USB interface, for example, a male USB connector, for interfacing with a female USB port 155 of the host system 150.
  • a serial USB interface for example, a male USB connector
  • other interfaces are used.
  • the USB interface is advantageous, since the USB standard is well established for connecting a computer to peripheral devices, i.e. most present day computers comprise at least one USB port.
  • the storage device 100 is, for example, implemented using readily available USB memory storage key technology such as a Reduced Instruction Set Computing (RISC) microprocessor, RAM 115, ROM 120, and a NAND flash memory 125.
  • RISC Reduced Instruction Set Computing
  • the various components are disposed on a Printed Circuit Board (PCB) encased in a substantially robust plastic or metal casing making the USB memory storage key sturdy enough to be carried in a pocket without the risk of damaging the components.
  • PCB Printed Circuit Board
  • the invention is not limited to the present embodiment - a portable storage device as shown in Fig. Ia - but is also beneficial when employed, as shown in Fig. Ib, in an external hard- drive 100b coupled to the host system 150 or a computer network and serving, for example, as a back-up, in an internal Hard-Drive 100c disposed inside the host system 150 - shown in Fig. Ic, and in an Optical Disk Drive lOOd such as a CD or DVD Drive - shown in Fig. Id.
  • the advantages of providing such storage devices with the capability for scanning of data for signatures prior to storage will readily become apparent to those of skill in the art when discussing various embodiments of a method for scanning data for signatures prior to storage according to the invention below.
  • Fig. 2 illustrates a simplified flow diagram of a first embodiment of a method for scanning data for signatures prior to storage.
  • first data for being stored within the storage device are received.
  • the first data are stored in the temporary storage medium 115 for storing other than guaranteed previously scanned data - at 20.
  • the processor 110 of the storage device uses the processor 110 of the storage device to compare with at least a predetermined signature and a comparison result is determined in dependence thereupon - at 30.
  • the first data are provided to the scanned data memory 125 when the comparison result is indicative of other than a match - at 50 - or the first data are other than provided to the scanned data memory 125 when the comparison result is indicative of a match - at 60.
  • There are several options at 60 for handling the first data such as deleting the first data, repairing the data if possible, for example, by removing the data portion resembling a signature of a computer virus, or storing the first data in a buffer memory 135 for storing other than guaranteed previously scanned data of a second embodiment 200 of a storage device according to the invention, as shown in Fig. 3.
  • the processor 110 generates message data indicating that the first data are computer virus free or a computer virus has been detected and provides the same to the processor 160 for displaying the message to the user.
  • the storage device comprises an indicator such as a LED, not shown, for notifying the user, for example, by displaying different colors such as Green when the data are computer virus free and Red when a computer virus has been detected.
  • the processor 110 stores the message data in memory such as the buffer memory 135. This is especially advantageous in the portable storage device 200 which comprises an internal power source 140, such as a battery - or a rechargeable battery - enabling storage of the first data in the buffer memory 135 and scanning of the first data after removal of the portable storage device 200 from the host system.
  • the first data are kept in the buffer memory 135 and the message data are stored, for example, together with the first data in the buffer memory 135.
  • the method illustrated in Fig. 2 is highly beneficial for scanning the first data for signatures indicative of computer viruses by ensuring that only guaranteed previously scanned data are stored in the scanned data memory 125.
  • this method for storing data in portable storage devices such as USB memory storage keys or optical disks substantially reduces the risk that an infected file is transferred from one computer to another, while employment of this method with Hard-Drives substantially increases the likelihood that a computer virus is detected.
  • the scanning for computer viruses is only effective when the predetermined signatures are up-to-date.
  • Fig. 4 a simplified flow diagram of a second embodiment of a method for scanning data for signatures prior to storage according to the invention is shown.
  • the processor 110 of the storage device sends a request for receiving at least an updated predetermined signature to the host system 150.
  • the request is received by the processor 160 of the host system 150 which then initiates establishing of a secure communication in accordance with a secure protocol between the processor 110 and a server for providing predetermined signatures 175 via a communication network 170 such as the Internet and port 165.
  • the processor 110 sends the request via the host system 150 directly to the server 175, omitting the processor 160.
  • the server 175 initiates establishing of a secure communication, for example, in predetermined intervals or when new signatures are available. This is advantageous when the storage device is a non-portable storage device, as shown in Figs.
  • the processor 110 sends the request, for example, after the portable storage device 100 is mated with the host system 150 or, alternatively, when a request from the processor 160 for storing data is received.
  • a secure communication between the processor 110 and the server 175 is established.
  • the communication is secured using, for example, encoding such as an encryption method. Encryption methods are divided into symmetric key methods - secret-key cryptography - and asymmetric key methods - Public-key cryptography.
  • a symmetric key method for example, DES and AES
  • the sender and receiver have a shared key set up in advance and kept secret from all other parties; the sender uses this key for encryption and the receiver uses the same key for decryption.
  • an asymmetric key method for example, RSA
  • there are two separate keys a public key is published and enables any sender to perform encryption, while a private key is kept secret by the receiver and enables only him to perform decryption.
  • the keys are provided by a "trusted source" 180 such as a key service provider via the communication network 170.
  • the received key is then, for example, stored in the temporary storage medium 115 and after decryption of the updated predetermined signatures - received at 3 - deleted.
  • the key is stored in memory for establishing future secure communication with the server 175.
  • the updated predetermined signatures are stored in the signature memory 130 - at 4.
  • the steps 1 to 4 are then followed by the steps 10 to 60 shown in Fig. 2.
  • the processor 110 includes in the request data indicative of a last update of the predetermined signatures. This is especially beneficial in portable storage devices reducing the number of signatures to be transmitted for an update.
  • the storage device 300 comprises an unscanned data memory 145 in communication with the port 105.
  • the provision of the unscanned data memory 145 enables a user to quickly store the first data without scanning or to store the first data if they contain portions similar to the signatures.
  • the unscanned data memory 145 is used for data storage and retrieval without involvement of the processor 110, thus reducing the risk of spreading a computer virus to data stored in the scanned data memory 125.
  • a fourth embodiment 400 of a storage device supporting scanning data for signatures prior to storage according to the invention is shown.
  • the storage device 400 is of similar structure as the storage device 100, however, the components are disposed in two housings 400A and 400B with: the housing 400A comprising the port 105, the processor 110, the temporary storage medium 115, the memory 120, and the signature memory 130; and the housing 400B comprising the scanned data memory 125.
  • the scanned data memory 125 is in communication with the processor 110 via mated ports 405 and 410 of the housing 400A and 400B, respectively, for receiving guaranteed previously scanned data.
  • the processor 110 comprises electronic circuitry designed for performing a portion of the communication and data processing in a hardware implemented fashion.
  • the peripheral device comprises electronic circuitry for performing the complete communication and data processing in a hardware implemented fashion, thus allowing omission of the memory 120.
  • the port 105 is a serial USB port, for example, a male USB connector with a USB extension cable 406, for interfacing with a female USB port 155 of the host system 150.
  • a USB cable allows flexibility in positioning the storage device 400A.
  • the ports 405 and 410 are a female and a male USB connector, respectively.
  • the peripheral device 400 is, for example, implemented using commonly available USB memory storage key technology. Furthermore, it allows implementation of the housing 400B and its components using off-the-shelf USB memory sticks.
  • Fig. 7 a fifth embodiment 500 of a storage device supporting scanning data for signatures prior to storage according to the invention is shown.
  • the storage device 500 is of similar structure as the storage device 400 with the components being disposed in two housings 500A and 500B.
  • the housing 500A comprises the port 105, the processor 110, the temporary storage medium 115, the memory 120, and the signature memory 130, and the housing 500B comprises the scanned data memory 125.
  • the housing 500A is disposed inside a housing of the host system 150 and connected to a bus system 185 such as a serial bus of the host system 150 via port 105.
  • the housing 500A further comprises an external port 505 for mating with port 510 of the housing 500B for providing communication between the processor 110 and the scanned data memory 125.
  • the external port 505 is omitted and communication between the scanned data memory 125 and the processor 110 is enabled via the port 105, the bus system 185 and the port 155 of the host system 150 having the port 510 of the housing 500B mated thereto.
  • the processor 110 comprises electronic circuitry designed for performing a portion of the communication and data processing in a hardware implemented fashion.
  • the peripheral device comprises electronic circuitry for performing the complete communication and data processing in a hardware implemented fashion, thus allowing omission of the memory 120.
  • the housing 500A comprises a PCB, which is inserted into an expansion slot of the host system 150 and has an interface for connection to a USB bus system, while the housing 500B and its components are implemented using off-the-shelf USB memory sticks.
  • USB memory storage keys Another significant security challenge, especially for large organizations such as government departments and larger corporations, has arisen due to the increasing storage capacity of USB memory storage keys. Their small size and ease of use allows unsupervised visitors or unscrupulous employees to smuggle confidential data with little chance of detection.
  • FIG. 8 a simplified flow diagram of a third embodiment of a method for scanning data for signatures prior to storage according to the invention is shown. It is noted that this embodiment is beneficially employed with the storage devices according to the invention as illustrated above.
  • the capability of the storage devices to scan received data for signatures is exploited by inserting pieces of a security code called "security signatures" into sensitive data.
  • security signatures a security code
  • a same security signature is implanted at one location in the data. The location is, determined, for example, by an authorized person such as a system administrator or on a substantially random basis. Alternatively, a plurality of, possibly different, signatures are inserted in the data, thus increasing security.
  • a storage device sends data indicative of a capability for scanning received data for signatures.
  • the data are received by the processor 160 of the host system 150 and processed.
  • the processor 160 identifies a scanning capability of the storage device, first data are provided thereto - at 74 , otherwise the processor performs instructions other than providing the first data - at 76 - such as generating a message prompting the user to use a storage device having the scanning capability.
  • the process for performing the steps 70 to 76 is, for example, stored in a storage medium having stored therein executable commands for execution on the processor 160 of the host system 150.
  • the first data for being stored are received at the storage device.
  • the first data are stored in the temporary storage medium 115 for storing other than guaranteed previously scanned data - at 80.
  • the processor 110 of the storage device uses the processor 110 of the storage device to compare with at least a predetermined security signature indicative of a security level and a comparison result is determined in dependence thereupon - at 82.
  • the first data are provided to the scanned data memory 125 when the comparison result is indicative of other than a match - at 86 - or the first data are other than provided to the scanned data memory 125 when the comparison result is indicative of a match - at 88.
  • the received first data are deleted from the temporary storage medium 115.
  • the processor 110 generates - at 90 - message data indicating that the first data have been stored or prevented from storage and provides the same to the processor 160 for displaying the message to the user.
  • the storage device comprises an indicator such as a LED, not shown, for notifying the user, for example, by displaying different colors such as Green when the data have been stored and Red when the data have been prevented from storage.
  • the method illustrated in Fig. 8 is optionally highly beneficial for scanning the first data for security signatures by ensuring that sensitive data or data of a predetermined security level are prevented from storage in a storage device.
  • FIG. 9 a simplified flow diagram of a fourth embodiment of a method for scanning data for signatures prior to storage according to the invention is shown. Again, it is noted that this embodiment is beneficially employed with the storage devices according to the invention as illustrated above.
  • the capability of the storage devices to scan received data for signatures is exploited by inserting pieces of a security code called "security signatures" into sensitive data.
  • security signatures pieces of a security code called "security signatures" into sensitive data.
  • a plurality of different signatures each associated with a predetermined level of security, are inserted in the respective data. Inserting different signatures associated with different levels of security allows differentiating, for example, between users having different levels of security or between users belonging to different departments of an organization.
  • the fourth embodiment of the method starts with the same steps 70, 71, and 76 for identifying if the storage device has a scanning capability and prevents the data from storage if the scanning capability is missing.
  • the processor 110 of the storage device receives authorization data indicative of a security level of a user of a host system 150 in communication with the storage device.
  • the authorization data are received in an encoded fashion from the host system.
  • the authorization data are encoded using an encryption method, as discussed above.
  • the authorization data are hashed.
  • the processor 110 selects - at 73 - in dependence upon the authorization data predetermined security signatures corresponding to security levels above a security level of the user for the comparison process at 82.
  • this embodiment substantially increases flexibility by allowing storage of data according to a user specific security level. For example, board members of a large organization are enabled to store data of the highest security level while directors are prevented from storing such data but are enabled to store mid security level data and other staff is prevented from storing data of any of these security levels. Furthermore, it is possible to differentiate between data belonging to various departments of a large organization such as research, sales, human resources, etc. [0043]
  • the following steps 91 to 95 of the fourth embodiment are highly beneficial by preventing access to sensitive data stored in a portable storage device by an unauthorized person, for example, when the portable storage device has been lost, stolen, or misplaced.
  • the processor 110 of the storage device receives second authorization data indicative of a second security level of a user of a host system 150 in communication with the storage device.
  • the processor 110 compares - at 92 - the second authorization data with the security level of the first data stored in the scanned data memory 125. For example, after storage of the first data the processor 110 generated data indicative of the security level of the user and stored the same together with the first data or, alternatively, stored the selected predetermined signatures together with the first data. If the second security level is below the security level of the first data, the processor 110 prevents access to the first data - at 93.
  • the first data are provided from the scanned data memory 125 - at 94.
  • the data are provided only when the second security level matches the security level of the first data.
  • the processor 110 generates - at 95 - message data indicating that the first data are accessible or prevented from access and provides the same to the processor 160 for displaying the message to the user.
  • the storage device comprises an indicator such as a LED, not shown, for notifying the user, for example, by displaying different colors such as Green when the data are accessible and Red when the data are prevented from access.
  • a sixth embodiment of a storage device for supporting scanning of data for signatures prior to storage according to the invention is shown.
  • the storage device 600 is of similar structure as the device shown in Fig. Ia, but additionally comprises a biometric input device 605 in communication with the processor 110 for determining a user authorization according to the fourth embodiment of a method for scanning data for signatures prior to storage according to the invention is shown.
  • the biometric input device is implemented in other storage devices according to the invention in a similar fashion.
  • the processor 110 provides the biometric input data to a processor 160 of a host system 150 for determining a security level of the user in dependence thereupon and receives authorization data from the processor 160 of the host system 150.
  • the biometric input data are sent and the authorization data are received in an encoded fashion.
  • the biometric input data and the authorization data are encoded using an encryption method, as discussed above.
  • the biometric input data and the authorization data are hashed.
  • the biometric input data are compared with biometric data indicative of a user stored in memory of the storage device 600 and a security level of the user is determined in dependence thereupon. This enables processing of the provided biometric input data as well as the sensitive stored data indicative of a user within a single portable housing, thus the efficacy of tampering is substantially reduced.
  • the storage device 600 is, for example, implemented using readily available USB memory storage key technology. Furthermore, biometric input devices such as contact fingerprint imagers are also readily available in a compact fashion suitable for disposing in a USB memory storage key housing.
  • the peripheral device 600 provides a biometric input device 605 together with memory for storing sensitive data indicative of a user, a processor 110 for determining user authorization, and scanned data memory 125 for storing data in dependence upon user authorization in a single compact housing suitable for carrying in a pocket.
  • user authorization using biometric input data is used for determining a security level of a user prior retrieval of the data stored in the scanned data memory 125.
  • a seventh embodiment of a storage device for supporting scanning of data for signatures prior to storage according to the invention is shown.
  • the storage device 700 is of similar structure as the device shown in Fig. 6, but additionally comprises a biometric input device 705 implemented in a first housing 700A and in communication with the processor 110 for determining a user authorization according to the fourth embodiment of a method for scanning data for signatures prior to storage according to the invention is shown.
  • the processor 110 provides the biometric input data to a processor 160 of a host system 150 for determining a security level of the user in dependence thereupon and receives authorization data from the processor 160 of the host system 150.
  • the biometric input data are sent and the authorization data are received in an encoded fashion.
  • the biometric input data and the authorization data are encoded using an encryption method as discussed above.
  • the biometric input data and the authorization data are hashed.
  • the biometric input data are compared with biometric data indicative of a user stored in memory of the storage device and a security level of the user is determined in dependence thereupon.
  • the storage device 700 comprises a second processor 710 in the second housing 700B for receiving second authorization data indicative of a second security level of a user and for comparing the second security level of the user with data indicative of the security level of the first data stored in the scanned data memory 125 which are stored, for example, together with the first data in the scanned data memory 125.
  • Employment of the processor 710 is highly beneficial by preventing access to sensitive data stored in the scanned data memory 125 of the portable storage device 700B by an unauthorized person, for example, when the portable storage device 700B has been lost, stolen, or misplaced.
  • the storage device 700 is, for example, implemented using readily available USB memory storage key technology, allowing implementation of the housing 700B and its components using off-the-shelf USB memory sticks.
  • biometric input devices such as various types of fingerprint imagers, cameras for retinal scans or face recognition, or microphones for voice recognition are also readily available together with software for processing the biometric information and are implementable in the peripheral device 700A.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Virology (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to a method and device for scanning of data for signatures prior to storage. First data are received at a storage device for storage therein. Upon receipt the first data are stored in a temporary storage medium for storing other than guaranteed previously scanned data. Using a processor of the storage device, the first data are compared with at least a predetermined signature and a comparison result is determined in dependence thereupon. In dependence upon the comparison result the first data are provided to the scanned data memory when the comparison result is indicative of other than a match or the first data are other than provided to the scanned data memory when the comparison result is indicative of a match. The method and the device according to the invention substantially reduce the risk that a file infected with a computer virus is transferred from one computer to another via a portable storage medium. In another aspect of the invention, the method and the device according to the invention prevents storage of sensitive data by unauthorized persons.

Description

METHOD AND DEVICE FOR SCANNING DATA FOR SIGNATURES PRIOR TO
STORAGE IN A STORAGE DEVICE
FIELD OF THE INVENTION
[001] This invention relates to the field of computer safety and in particular to a method and device for scanning data for signatures prior to storage in a storage device.
BACKGROUND
[002] With the proliferation of computers and computer networks into all aspects of business and daily life - financial, medical, education, government, and communications - the concern over computer security is growing. A major issue in computer security is the problem of computer viruses. A computer virus is generally a manmade destructive computer program or code that is loaded onto a computer system without the knowledge of the user. The computer virus is often a self-replicating program that copies itself and infects other programs and data files by modifying them or their environment. The computer virus spreads from one computer to another when an infected computer program or data file is taken to the uninfected computer, for example, by a user sending it over a network or carrying it on a portable storage medium. While some computer viruses are intentionally destructive, for example, deleting data, many other viruses are fairly benign. However, even such viruses are dangerous as they are able to access systems, potentially utilizing a large portion of the available resources and possibly shutting down an infected computer system.
[003] Many antivirus programs have become commercially available for protection against viruses. Most commercially available antivirus programs scan computer files to look for known viruses by comparing the data of the computer file with signatures in a dictionary of known viruses that the authors of the antivirus software have identified. If some data in the computer file match a signature of a virus identified in the dictionary, the antivirus software takes one of the following actions:
attempts to repair the infected file by removing the virus from the file; quarantines the infected file such that the file remains inaccessible to other programs and its virus can no longer spread; and,
deletes the infected file.
As is evident, the signatures in the dictionary need to be updated on a regular basis. The antivirus software typically examines files when a computer's operating system creates, opens, closes, downloads, or e-mails them. Furthermore, the antivirus software is usually scheduled to scan all files on the computer's hard-drive on a regular basis. However, this still leaves a loophole for spreading a computer virus before a dictionary is updated.
[004] With ever increasing storage capacity of portable storage devices such as CDs, DVDs, and USB memory storage keys, manual file transfer from one computer to another is substantially facilitated. Unfortunately, this also increases the risk of transferring an infected file from one computer to another.
[005] Furthermore, the increasing storage capacity of USB memory storage keys presents a significant security challenge for large organizations. Their small size and ease of use allows unsupervised visitors or unscrupulous employees to smuggle confidential data with little chance of detection. To prevent this, some organizations - particularly government departments and larger corporations - forbid the use of USB memory storage keys, and computers are configured to disable the mounting of USB memory storage keys. Some organizations use a lower-tech security solution, disconnecting USB ports inside the computer or filling the USB ports with glue.
[006] It would be highly desirable to overcome the drawbacks of the present technology and to increase computer security.
SUMMARY OF THE INVENTION
[007] It is, therefore, an object of embodiments of the invention to provide a method and device for supporting scanning of data for signatures prior to storage in a storage device. [008] It is an advantage of some embodiments of the invention to provide a method and device for supporting scanning of data for signatures prior to storage in a USB memory storage key.
[009] In accordance with the present invention there is provided a method for storing data in a storage device comprising: receiving, at the storage device, first data for being stored within the storage device; storing the first data in a temporary storage medium within the storage device, the temporary storage medium for storing other than guaranteed previously scanned data; using circuitry of the storage device comparing the first data with at least a predetermined signature and determining a comparison result in dependence thereupon; and, performing, in dependence upon the comparison result, one of providing the first data for storage within a scanned data memory of the storage device, the scanned data memory for storing guaranteed previously scanned data therein, when the comparison result is indicative of other than a match, and other than providing the first data for storage within the scanned data memory when the comparison result is indicative of a match.
[0010] In accordance with the present invention there is further provided a storage device comprising: a first port for receiving first data for being stored within the storage device; a temporary storage medium in communication with the first port for storing other than guaranteed previously scanned data; a scanned data memory for storing guaranteed previously scanned data therein; circuitry in communication with the first port, the temporary storage medium and the scanned data memory, the circuitry for: a) comparing the first data with at least a predetermined signature and determining a comparison result in dependence thereupon; and, b) performing, in dependence upon the comparison result, one of providing the first data for storage within the scanned data memory when the comparison result is indicative of other than a match, and other than providing the first data for storage within the scanned data memory when the comparison result is indicative of a match. [0011] In accordance with the present invention there is yet further provided a coupler comprising: a first interface for coupling to a port of a host system for receiving first data for being stored in a scanned data memory of a portable storage device, the scanned data memory for storing guaranteed previously scanned data therein; a second interface for interfacing with the portable storage device; a temporary storage medium in communication with the first interface for storing other than guaranteed previously scanned data; circuitry in communication with the first interface, the temporary storage medium and the second interface, the circuitry for: a) comparing the first data with predetermined signatures and determining a comparison result in dependence thereupon; and, b) performing, in dependence upon the comparison result, one of providing via the second interface the first data for storage within the scanned data memory when the comparison result is indicative of other than a match, and other than providing the first data for storage within the scanned data memory when the comparison result is indicative of a match.
[0012] In accordance with the present invention there is yet further provided a storage medium having stored therein executable commands for execution on a processor of a host system, the processor when executing the commands performing: providing first data to a storage device for storage therein when data from the storage device have been received, the data being indicative of a presence of a circuitry for: comparing the first data with at least a predetermined signature and determining a comparison result in dependence thereupon; and, performing, in dependence upon the comparison result, one of providing the first data for storage within a scanned data memory when the comparison result is indicative of other than a match, and other than providing the first data for storage within the scanned data memory when the comparison result is indicative of a match; and, other than providing the first data to the storage device in the absence of data indicative of the presence of the circuitry. BRIEF DESCRIPTION OF THE FIGURES
[0013] Exemplary embodiments of the invention will now be described in conjunction with the following drawings, in which:
[0014] Figures Ia to Id are simplified block diagrams illustrating a first embodiment of a storage device supporting scanning of data for signatures prior to storage according to the invention;
[0015] Figure 2 is a simplified flow diagram illustrating a first embodiment of a method for supporting scanning of data for signatures prior to storage according to the invention;
[0016] Figure 3 is a simplified block diagram illustrating a second embodiment of a storage device supporting scanning of data for signatures prior to storage according to the invention;
[0017] Figure 4 is a simplified flow diagram illustrating a second embodiment of a method for supporting scanning of data for signatures prior to storage according to the invention;
[0018] Figure 5 is a simplified block diagram illustrating a third embodiment of a storage device supporting scanning of data for signatures prior to storage according to the invention;
[0019] Figure 6 is a simplified block diagram illustrating a fourth embodiment of a storage device supporting scanning of data for signatures prior to storage according to the invention;
[0020] Figure 7 is a simplified block diagram illustrating a fifth embodiment of a storage device supporting scanning of data for signatures prior to storage according to the invention;
[0021] Figure 8 is a simplified flow diagram illustrating a third embodiment of a method for supporting scanning of data for signatures prior to storage according to the invention;
[0022] Figure 9 is a simplified flow diagram illustrating a fourth embodiment of a method for supporting scanning of data for signatures prior to storage according to the invention;
[0023] Figure 10 is a simplified block diagram illustrating a sixth embodiment of a storage device supporting scanning of data for signatures prior to storage according to the invention; and, [0024] Figure 11 is a simplified block diagram illustrating a seventh embodiment of a storage device supporting scanning of data for signatures prior to storage according to the invention.
DETAILED DESCRIPTION OF EMBODIMENTS OF THE INVENTION
[0025] The following description is presented to enable a person skilled in the art to make and use the invention, and is provided in the context of a particular application and its requirements. Various modifications to the disclosed embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be applied to other embodiments and applications without departing from the scope of the invention. Thus, the present invention is not intended to be limited to the embodiments disclosed, but is to be accorded the widest scope consistent with the principles and features disclosed herein.
[0026] In the following description of the various embodiments same reference numerals are used for same components. Referring to Fig. Ia, a first embodiment of a storage device 100 supporting scanning data for signatures prior to storage is shown. The storage device 100 comprises a port 105 for being mated to a port 155 of a host system 150. Processor 110 of the storage device 100 communicates via the mated ports 105 and 155 with a processor 160 of the host system 150 for receiving first data for being stored within the storage device 100. Upon receipt of and during scanning thereof, the first data are stored in a temporary storage medium 115 in communication with the circuitry 110. Further, the storage device 100 comprises memory 120 in communication with the processor 110 having stored therein executable commands for execution on the processor 110 for communicating with the host system 150 and for processing the first data. The temporary storage medium 115 is used for temporary storage of other than guaranteed previously scanned data and acts, for example, as a register of the processor 110 during: receipt of the first data; scanning of the first data; and provision/retrieval of the first data to/from a scanned data memory 125 in communication with the processor 110. During scanning of the first data, the processor 110 compares the first data with at least a predetermined signature stored in signature memory 130 in communication therewith. Optionally, the at least a predetermined signature are received prior to receipt of the first data and stored in the temporary storage medium 115, allowing omission of the signature memory 130. Alternatively, the processor 110 comprises electronic circuitry designed for performing a portion of the communication and data processing in a hardware implemented fashion. Further alternatively, the peripheral device comprises electronic circuitry for performing the complete communication and data processing in a hardware implemented fashion, thus allowing omission of the memory 120.
[0027] In the present embodiment, the interface 105 is a serial USB interface, for example, a male USB connector, for interfacing with a female USB port 155 of the host system 150. Alternatively, other interfaces are used. The USB interface is advantageous, since the USB standard is well established for connecting a computer to peripheral devices, i.e. most present day computers comprise at least one USB port. The storage device 100 is, for example, implemented using readily available USB memory storage key technology such as a Reduced Instruction Set Computing (RISC) microprocessor, RAM 115, ROM 120, and a NAND flash memory 125. Typically, the various components are disposed on a Printed Circuit Board (PCB) encased in a substantially robust plastic or metal casing making the USB memory storage key sturdy enough to be carried in a pocket without the risk of damaging the components. Using this technology it is possible to provide in a portable storage device 100 a computing platform on which information is stored and computations are performed in a secured fashion.
[0028] The invention is not limited to the present embodiment - a portable storage device as shown in Fig. Ia - but is also beneficial when employed, as shown in Fig. Ib, in an external hard- drive 100b coupled to the host system 150 or a computer network and serving, for example, as a back-up, in an internal Hard-Drive 100c disposed inside the host system 150 - shown in Fig. Ic, and in an Optical Disk Drive lOOd such as a CD or DVD Drive - shown in Fig. Id. The advantages of providing such storage devices with the capability for scanning of data for signatures prior to storage will readily become apparent to those of skill in the art when discussing various embodiments of a method for scanning data for signatures prior to storage according to the invention below.
[0029] Fig. 2 illustrates a simplified flow diagram of a first embodiment of a method for scanning data for signatures prior to storage. At 10, first data for being stored within the storage device are received. Upon receipt the first data are stored in the temporary storage medium 115 for storing other than guaranteed previously scanned data - at 20. Using the processor 110 of the storage device, the first data are compared with at least a predetermined signature and a comparison result is determined in dependence thereupon - at 30. In dependence upon the comparison result - at 40 - the first data are provided to the scanned data memory 125 when the comparison result is indicative of other than a match - at 50 - or the first data are other than provided to the scanned data memory 125 when the comparison result is indicative of a match - at 60. There are several options at 60 for handling the first data such as deleting the first data, repairing the data if possible, for example, by removing the data portion resembling a signature of a computer virus, or storing the first data in a buffer memory 135 for storing other than guaranteed previously scanned data of a second embodiment 200 of a storage device according to the invention, as shown in Fig. 3. Optionally, the processor 110 generates message data indicating that the first data are computer virus free or a computer virus has been detected and provides the same to the processor 160 for displaying the message to the user. Alternatively, the storage device comprises an indicator such as a LED, not shown, for notifying the user, for example, by displaying different colors such as Green when the data are computer virus free and Red when a computer virus has been detected. Further optionally, the processor 110 stores the message data in memory such as the buffer memory 135. This is especially advantageous in the portable storage device 200 which comprises an internal power source 140, such as a battery - or a rechargeable battery - enabling storage of the first data in the buffer memory 135 and scanning of the first data after removal of the portable storage device 200 from the host system. Here, when a computer virus is detected, the first data are kept in the buffer memory 135 and the message data are stored, for example, together with the first data in the buffer memory 135. This enables notification of a user after mating the storage device 200 with a host system of the detected computer virus and, for example, allows the user to retrieve the file and attempt a repair using an antivirus program on the host system.
[0030] The method illustrated in Fig. 2 is highly beneficial for scanning the first data for signatures indicative of computer viruses by ensuring that only guaranteed previously scanned data are stored in the scanned data memory 125. For example, employment of this method for storing data in portable storage devices such as USB memory storage keys or optical disks substantially reduces the risk that an infected file is transferred from one computer to another, while employment of this method with Hard-Drives substantially increases the likelihood that a computer virus is detected. [0031] Of course, the scanning for computer viruses is only effective when the predetermined signatures are up-to-date. Referring to Fig. 4, a simplified flow diagram of a second embodiment of a method for scanning data for signatures prior to storage according to the invention is shown. At 1, the processor 110 of the storage device sends a request for receiving at least an updated predetermined signature to the host system 150. The request is received by the processor 160 of the host system 150 which then initiates establishing of a secure communication in accordance with a secure protocol between the processor 110 and a server for providing predetermined signatures 175 via a communication network 170 such as the Internet and port 165. Alternatively, the processor 110 sends the request via the host system 150 directly to the server 175, omitting the processor 160. Further alternatively, the server 175 initiates establishing of a secure communication, for example, in predetermined intervals or when new signatures are available. This is advantageous when the storage device is a non-portable storage device, as shown in Figs. Ib to Id, ensuring that the signatures are up-to-date. In portable storage devices, the processor 110 sends the request, for example, after the portable storage device 100 is mated with the host system 150 or, alternatively, when a request from the processor 160 for storing data is received. At 2, a secure communication between the processor 110 and the server 175 is established. The communication is secured using, for example, encoding such as an encryption method. Encryption methods are divided into symmetric key methods - secret-key cryptography - and asymmetric key methods - Public-key cryptography. In a symmetric key method, for example, DES and AES, the sender and receiver have a shared key set up in advance and kept secret from all other parties; the sender uses this key for encryption and the receiver uses the same key for decryption. In an asymmetric key method, for example, RSA, there are two separate keys, a public key is published and enables any sender to perform encryption, while a private key is kept secret by the receiver and enables only him to perform decryption. Optionally, to further enhance security the keys are provided by a "trusted source" 180 such as a key service provider via the communication network 170. The received key is then, for example, stored in the temporary storage medium 115 and after decryption of the updated predetermined signatures - received at 3 - deleted. Alternatively, the key is stored in memory for establishing future secure communication with the server 175. Upon receipt, the updated predetermined signatures are stored in the signature memory 130 - at 4. The steps 1 to 4 are then followed by the steps 10 to 60 shown in Fig. 2. Optionally, the processor 110 includes in the request data indicative of a last update of the predetermined signatures. This is especially beneficial in portable storage devices reducing the number of signatures to be transmitted for an update.
[0032] Referring to Fig. 5, a third embodiment 300 of a storage device according to the invention is shown. The storage device 300 comprises an unscanned data memory 145 in communication with the port 105. For example, the provision of the unscanned data memory 145 enables a user to quickly store the first data without scanning or to store the first data if they contain portions similar to the signatures. Optionally, the unscanned data memory 145 is used for data storage and retrieval without involvement of the processor 110, thus reducing the risk of spreading a computer virus to data stored in the scanned data memory 125.
[0033] Referring to Fig. 6, a fourth embodiment 400 of a storage device supporting scanning data for signatures prior to storage according to the invention is shown. The storage device 400 is of similar structure as the storage device 100, however, the components are disposed in two housings 400A and 400B with: the housing 400A comprising the port 105, the processor 110, the temporary storage medium 115, the memory 120, and the signature memory 130; and the housing 400B comprising the scanned data memory 125. The scanned data memory 125 is in communication with the processor 110 via mated ports 405 and 410 of the housing 400A and 400B, respectively, for receiving guaranteed previously scanned data. Alternatively, the processor 110 comprises electronic circuitry designed for performing a portion of the communication and data processing in a hardware implemented fashion. Further alternatively, the peripheral device comprises electronic circuitry for performing the complete communication and data processing in a hardware implemented fashion, thus allowing omission of the memory 120.
[0034] Optionally, the port 105 is a serial USB port, for example, a male USB connector with a USB extension cable 406, for interfacing with a female USB port 155 of the host system 150. Use of a USB cable allows flexibility in positioning the storage device 400A. Further optionally, the ports 405 and 410 are a female and a male USB connector, respectively. The peripheral device 400 is, for example, implemented using commonly available USB memory storage key technology. Furthermore, it allows implementation of the housing 400B and its components using off-the-shelf USB memory sticks. [0035] Referring to Fig. 7, a fifth embodiment 500 of a storage device supporting scanning data for signatures prior to storage according to the invention is shown. The storage device 500 is of similar structure as the storage device 400 with the components being disposed in two housings 500A and 500B. The housing 500A comprises the port 105, the processor 110, the temporary storage medium 115, the memory 120, and the signature memory 130, and the housing 500B comprises the scanned data memory 125. The housing 500A is disposed inside a housing of the host system 150 and connected to a bus system 185 such as a serial bus of the host system 150 via port 105. The housing 500A further comprises an external port 505 for mating with port 510 of the housing 500B for providing communication between the processor 110 and the scanned data memory 125. Optionally, the external port 505 is omitted and communication between the scanned data memory 125 and the processor 110 is enabled via the port 105, the bus system 185 and the port 155 of the host system 150 having the port 510 of the housing 500B mated thereto. Alternatively, the processor 110 comprises electronic circuitry designed for performing a portion of the communication and data processing in a hardware implemented fashion. Further alternatively, the peripheral device comprises electronic circuitry for performing the complete communication and data processing in a hardware implemented fashion, thus allowing omission of the memory 120.
[0036] For example, the housing 500A comprises a PCB, which is inserted into an expansion slot of the host system 150 and has an interface for connection to a USB bus system, while the housing 500B and its components are implemented using off-the-shelf USB memory sticks.
[0037] Another significant security challenge, especially for large organizations such as government departments and larger corporations, has arisen due to the increasing storage capacity of USB memory storage keys. Their small size and ease of use allows unsupervised visitors or unscrupulous employees to smuggle confidential data with little chance of detection.
[0038] The following embodiments of a method for scanning data for signatures prior to storage according to the invention provide a solution to this significant security problem. Referring to Fig. 8, a simplified flow diagram of a third embodiment of a method for scanning data for signatures prior to storage according to the invention is shown. It is noted that this embodiment is beneficially employed with the storage devices according to the invention as illustrated above. Here, the capability of the storage devices to scan received data for signatures is exploited by inserting pieces of a security code called "security signatures" into sensitive data. In its simplest form, a same security signature is implanted at one location in the data. The location is, determined, for example, by an authorized person such as a system administrator or on a substantially random basis. Alternatively, a plurality of, possibly different, signatures are inserted in the data, thus increasing security.
[0039] At 70, a storage device according to the invention sends data indicative of a capability for scanning received data for signatures. The data are received by the processor 160 of the host system 150 and processed. At 71, when the processor 160 identifies a scanning capability of the storage device, first data are provided thereto - at 74 , otherwise the processor performs instructions other than providing the first data - at 76 - such as generating a message prompting the user to use a storage device having the scanning capability. The process for performing the steps 70 to 76 is, for example, stored in a storage medium having stored therein executable commands for execution on the processor 160 of the host system 150. At 78, the first data for being stored are received at the storage device. Upon receipt the first data are stored in the temporary storage medium 115 for storing other than guaranteed previously scanned data - at 80. Using the processor 110 of the storage device, the first data are compared with at least a predetermined security signature indicative of a security level and a comparison result is determined in dependence thereupon - at 82. In dependence upon the comparison result - at 84 - the first data are provided to the scanned data memory 125 when the comparison result is indicative of other than a match - at 86 - or the first data are other than provided to the scanned data memory 125 when the comparison result is indicative of a match - at 88. For example, at 88 the received first data are deleted from the temporary storage medium 115. Optionally, the processor 110 generates - at 90 - message data indicating that the first data have been stored or prevented from storage and provides the same to the processor 160 for displaying the message to the user. Alternatively, the storage device comprises an indicator such as a LED, not shown, for notifying the user, for example, by displaying different colors such as Green when the data have been stored and Red when the data have been prevented from storage. [0040] The method illustrated in Fig. 8 is optionally highly beneficial for scanning the first data for security signatures by ensuring that sensitive data or data of a predetermined security level are prevented from storage in a storage device.
[0041] Referring to Fig. 9, a simplified flow diagram of a fourth embodiment of a method for scanning data for signatures prior to storage according to the invention is shown. Again, it is noted that this embodiment is beneficially employed with the storage devices according to the invention as illustrated above. Here too, the capability of the storage devices to scan received data for signatures is exploited by inserting pieces of a security code called "security signatures" into sensitive data. To increase flexibility a plurality of different signatures, each associated with a predetermined level of security, are inserted in the respective data. Inserting different signatures associated with different levels of security allows differentiating, for example, between users having different levels of security or between users belonging to different departments of an organization.
[0042] The fourth embodiment of the method, as shown in Fig. 9, starts with the same steps 70, 71, and 76 for identifying if the storage device has a scanning capability and prevents the data from storage if the scanning capability is missing. At 72, the processor 110 of the storage device receives authorization data indicative of a security level of a user of a host system 150 in communication with the storage device. Optionally, the authorization data are received in an encoded fashion from the host system. For example, the authorization data are encoded using an encryption method, as discussed above. Alternatively, the authorization data are hashed. The processor 110 then selects - at 73 - in dependence upon the authorization data predetermined security signatures corresponding to security levels above a security level of the user for the comparison process at 82. The step 73 is then followed by the same steps 74 to 90 as shown in Fig. 8. As is evident, this embodiment substantially increases flexibility by allowing storage of data according to a user specific security level. For example, board members of a large organization are enabled to store data of the highest security level while directors are prevented from storing such data but are enabled to store mid security level data and other staff is prevented from storing data of any of these security levels. Furthermore, it is possible to differentiate between data belonging to various departments of a large organization such as research, sales, human resources, etc. [0043] The following steps 91 to 95 of the fourth embodiment are highly beneficial by preventing access to sensitive data stored in a portable storage device by an unauthorized person, for example, when the portable storage device has been lost, stolen, or misplaced. At 91, the processor 110 of the storage device receives second authorization data indicative of a second security level of a user of a host system 150 in communication with the storage device. The processor 110 then compares - at 92 - the second authorization data with the security level of the first data stored in the scanned data memory 125. For example, after storage of the first data the processor 110 generated data indicative of the security level of the user and stored the same together with the first data or, alternatively, stored the selected predetermined signatures together with the first data. If the second security level is below the security level of the first data, the processor 110 prevents access to the first data - at 93. If the second security level is one of equal to the security level of the first data and higher than the security level of the first data, the first data are provided from the scanned data memory 125 - at 94. Alternatively, the data are provided only when the second security level matches the security level of the first data. Optionally, the processor 110 generates - at 95 - message data indicating that the first data are accessible or prevented from access and provides the same to the processor 160 for displaying the message to the user. Alternatively, the storage device comprises an indicator such as a LED, not shown, for notifying the user, for example, by displaying different colors such as Green when the data are accessible and Red when the data are prevented from access.
[0044] Referring to Fig. 10, a sixth embodiment of a storage device for supporting scanning of data for signatures prior to storage according to the invention is shown. Here, the storage device 600 is of similar structure as the device shown in Fig. Ia, but additionally comprises a biometric input device 605 in communication with the processor 110 for determining a user authorization according to the fourth embodiment of a method for scanning data for signatures prior to storage according to the invention is shown. Alternatively, the biometric input device is implemented in other storage devices according to the invention in a similar fashion. In operation, the processor 110 provides the biometric input data to a processor 160 of a host system 150 for determining a security level of the user in dependence thereupon and receives authorization data from the processor 160 of the host system 150. Optionally, the biometric input data are sent and the authorization data are received in an encoded fashion. For example, the biometric input data and the authorization data are encoded using an encryption method, as discussed above. Alternatively, the biometric input data and the authorization data are hashed. Alternatively, using the processor 110 of the storage device 600, the biometric input data are compared with biometric data indicative of a user stored in memory of the storage device 600 and a security level of the user is determined in dependence thereupon. This enables processing of the provided biometric input data as well as the sensitive stored data indicative of a user within a single portable housing, thus the efficacy of tampering is substantially reduced.
[0045] As above, the storage device 600 is, for example, implemented using readily available USB memory storage key technology. Furthermore, biometric input devices such as contact fingerprint imagers are also readily available in a compact fashion suitable for disposing in a USB memory storage key housing. The peripheral device 600 provides a biometric input device 605 together with memory for storing sensitive data indicative of a user, a processor 110 for determining user authorization, and scanned data memory 125 for storing data in dependence upon user authorization in a single compact housing suitable for carrying in a pocket.
[0046] Optionally, user authorization using biometric input data is used for determining a security level of a user prior retrieval of the data stored in the scanned data memory 125.
[0047] Referring to Fig. 11 , a seventh embodiment of a storage device for supporting scanning of data for signatures prior to storage according to the invention is shown. Here, the storage device 700 is of similar structure as the device shown in Fig. 6, but additionally comprises a biometric input device 705 implemented in a first housing 700A and in communication with the processor 110 for determining a user authorization according to the fourth embodiment of a method for scanning data for signatures prior to storage according to the invention is shown. In operation, the processor 110 provides the biometric input data to a processor 160 of a host system 150 for determining a security level of the user in dependence thereupon and receives authorization data from the processor 160 of the host system 150. Optionally, the biometric input data are sent and the authorization data are received in an encoded fashion. For example, the biometric input data and the authorization data are encoded using an encryption method as discussed above. Alternatively, the biometric input data and the authorization data are hashed. Alternatively, using the processor 110 of the storage device 700 in housing 700A, the biometric input data are compared with biometric data indicative of a user stored in memory of the storage device and a security level of the user is determined in dependence thereupon. Optionally, the storage device 700 comprises a second processor 710 in the second housing 700B for receiving second authorization data indicative of a second security level of a user and for comparing the second security level of the user with data indicative of the security level of the first data stored in the scanned data memory 125 which are stored, for example, together with the first data in the scanned data memory 125. Employment of the processor 710 is highly beneficial by preventing access to sensitive data stored in the scanned data memory 125 of the portable storage device 700B by an unauthorized person, for example, when the portable storage device 700B has been lost, stolen, or misplaced.
[0048] The storage device 700 is, for example, implemented using readily available USB memory storage key technology, allowing implementation of the housing 700B and its components using off-the-shelf USB memory sticks. Furthermore, biometric input devices such as various types of fingerprint imagers, cameras for retinal scans or face recognition, or microphones for voice recognition are also readily available together with software for processing the biometric information and are implementable in the peripheral device 700A.
[0049] Obviously, one skilled in the art will readily arrive at numerous combinations of the various embodiments of the method and storage device for supporting scanning of data for signatures prior to storage according to the invention in order to satisfy specific needs in different applications.
[0050] Numerous other embodiments of the invention will be apparent to persons skilled in the art without departing from the spirit and scope of the invention as defined in the appended claims.

Claims

CLAIMSWhat is claimed is:
1. A method for storing data in a storage device comprising: receiving, at the storage device, first data for being stored within the storage device; storing the first data in a temporary storage medium within the storage device, the temporary storage medium for storing other than guaranteed previously scanned data; using circuitry of the storage device comparing the first data with at least a predetermined signature and determining a comparison result in dependence thereupon; and, performing, in dependence upon the comparison result, one of providing the first data for storage within a scanned data memory of the storage device, the scanned data memory for storing guaranteed previously scanned data therein, when the comparison result is indicative of other than a match, and other than providing the first data for storage within the scanned data memory when the comparison result is indicative of a match.
2. A method for storing data in a storage device as defined in claim 1 wherein the at least a predetermined signature is indicative of at least a computer virus, the method comprising receiving at least an updated predetermined signature.
3. A method for storing data in a storage device as defined in claim 2 comprising establishing secure communication in accordance with a secure protocol for receiving the at least an updated predetermined signature.
4. A method for storing data in a storage device as defined in claim 3 wherein the secure communication is established with a server for providing predetermined signatures.
5. A method for storing data in a storage device as defined in any one of claims 3 and 4 wherein the secure communication comprises symmetric key encryption.
6. A method for storing data in a storage device as defined in claim 5 wherein a symmetric key is provided by a trusted source.
7. A method for storing data in a storage device as defined in claim 6 comprising storing the key in a memory of the storage device.
8. A method for storing data in a storage device as defined in claim 4 wherein the secure communication comprises asymmetric key encryption.
9. A method for storing data in a storage device as defined in claim 8 wherein keys are provided by a trusted source.
10. A method for storing data in a storage device as defined in any one of claims 3 to 9 comprising: sending a request for receiving the at least an updated predetermined signature, the request including data indicative of a last update of the at least a predetermined signature; and, storing the received the at least an updated predetermined signature.
11. A method for storing data in a storage device as defined in claim 10 wherein the request is sent in predetermined time intervals.
12. A method for storing data in a storage device as defined in any one of claims 1 to 11 comprising deleting the first data when the comparison result is indicative of a match.
13. A method for storing data in a storage device as defined in any one of claims 1 to 12 comprising repairing the first data when the comparison result is indicative of a match.
14. A method for storing data in a storage device as defined in any one of claims 1 to 13 comprising storing the first data in a buffer memory, the buffer memory for storing other than guaranteed previously scanned data.
15. A method for storing data in a storage device as defined in any one of claims 1 to 14 comprising: generating message data indicating that a computer virus has been detected; and, storing the message data.
16. A method for storing data in a storage device as defined in any one of claims 1 to 15 comprising providing data indicative of a presence of the circuitry prior to receipt of the first data.
17. A method for storing data in a storage device as defined in any one of claims 1 to 16 wherein the storage device comprises a first and a second housing, the first housing containing the temporary storage medium and the circuitry and the second housing containing the scanned data memory, and wherein the first data are provided to the scanned data memory via a first interface of the first housing in electrical communication with a second interface of the second housing.
18. A method for storing data in a storage device as defined in any one of claims 1 to 17 wherein the at least a predetermined signature is indicative of at least a security level of the first data, the method comprising deleting the first data when the comparison result is indicative of a match.
19. A method for storing data in a storage device as defined in claim 18 comprising generating message data indicating that the first data have been prevented from storage.
20. A method for storing data in a storage device as defined in claim 18 comprising receiving authorization data indicative of a security level of a user of a host system in communication with the storage device; and, selecting, in dependence upon the authorization data, predetermined signatures corresponding to security levels above the security level of the user.
21. A method for storing data in a storage device as defined in claim 20 comprising: receiving second authorization data indicative of a second security level of a user of a host system in communication with the storage device; comparing the second authorization data with the security level of the first data based on the selected at least a predetermined signature; and, providing the first data from the scanned data memory when the second security level is one of equal to the security level of the first data and higher than the security level of the first data.
22. A method for storing data in a storage device as defined in any one of claims 20 and 21 wherein receiving authorization data comprises receiving biometric information from the user and determining the security level of the user in dependence thereupon.
23. A method for storing data in a storage device as defined in any one of claims 21 and 22 wherein receiving second authorization data comprises receiving biometric information from the user and determining the second security level of the user in dependence thereupon.
24. A storage device comprising: a first port for receiving first data for being stored within the storage device; a temporary storage medium in communication with the first port for storing other than guaranteed previously scanned data; a scanned data memory for storing guaranteed previously scanned data therein; circuitry in communication with the first port, the temporary storage medium and the scanned data memory, the circuitry for: a) comparing the first data with at least a predetermined signature and determining a comparison result in dependence thereupon; and, b) performing, in dependence upon the comparison result, one of providing the first data for storage within the scanned data memory when the comparison result is indicative of other than a match, and other than providing the first data for storage within the scanned data memory when the comparison result is indicative of a match.
25. A storage device as defined in claim 24 comprising a signature memory in communication with the circuitry for storing the at least a predetermined signature.
26. A storage device as defined in any one of claims 24 and 25 comprising second memory in communication with the circuitry, the second memory having stored therein executable commands for execution on the circuitry, the circuitry when executing the commands performing a) and b).
27. A storage device as defined in any one of claims 24 to 26 comprising a buffer memory in communication with the circuitry for storing other than guaranteed previously scanned data prior scanning by the circuitry.
28. A storage device as defined in any one of claims 24 to 27 comprising an unscanned data memory in communication with the first port for storing other than guaranteed previously scanned data.
29. A storage device as defined in any one of claims 24 to 28 comprising an internal power source.
30. A storage device as defined in any one of claims 24 to 28 wherein the storage device is an internal storage device for being disposed in a host system.
31. A storage device as defined in claim 30 wherein the internal storage device is a hard-drive.
32. A storage device as defined in any one of claims 24 to 29 wherein the storage device is an external storage device for being coupled to an external port of a host system.
33. A storage device as defined in claim 32 wherein the first port is a serial port for coupling to a serial port of the host system.
34. A storage device as defined in claim 33 wherein the serial port is a USB port.
35. A storage device as defined in any one of claims 32 to 34 wherein the external storage device is at least one of an external hard-drive, an internal CD device, an external CD device, and internal DVD device or an external DVD device.
36. A storage device as defined in claim 32 wherein the external storage device is a portable storage device.
37. A storage device as defined in claim 36 wherein the first port is a serial port for coupling to a serial port of the host system.
38. A storage device as defined in claim 37 wherein the serial port is a USB port.
39. A storage device as defined in claim 36 wherein the portable storage device is at least a USB memory storage key or a flash memory card.
40. A storage device as defined in any one of claims 36 to 39 comprising a biometric input device in communication with the circuitry, the circuitry for receiving biometric input data and for performing one of: providing the biometric input data to a processor of the host system; and, comparing the biometric input data with biometric data indicative of a user and determining a security level of the user in dependence thereupon.
41. A storage device as defined in claim 40 wherein the biometric input device is at least one of a fingerprint imager, a voice recognition device, a retinal imager, a facial recognition device and a hand writing recognition device.
42. A coupler comprising: a first interface for coupling to a port of a host system for receiving first data for being stored in a scanned data memory of a portable storage device, the scanned data memory for storing guaranteed previously scanned data therein; a second interface for interfacing with the portable storage device; a temporary storage medium in communication with the first interface for storing other than guaranteed previously scanned data; circuitry in communication with the first interface, the temporary storage medium and the second interface, the circuitry for: a) comparing the first data with predetermined signatures and determining a comparison result in dependence thereupon; and, b) performing, in dependence upon the comparison result, one of providing via the second interface the first data for storage within the scanned data memory when the comparison result is indicative of other than a match, and other than providing the first data for storage within the scanned data memory when the comparison result is indicative of a match.
43. A coupler as defined in claim 42 wherein the first interface is at least one of a serial interface and a parallel interface for coupling to a communications port of the host system.
44. A coupler as defined in claim 43 wherein the serial interface is a USB interface.
45. A coupler as defined in any one of claims 42 to 44 wherein the second interface is a USB interface for coupling to a USB memory storage key.
46. A coupler as defined in any one of claims 42 to 45 comprising second memory in communication with the circuitry, the second memory having stored therein executable commands for execution on the circuitry, the circuitry when executing the commands performing a) and b).
47. A coupler as defined in any one of claims 42 to 46 comprising a biometric input device in communication with the circuitry, the circuitry for receiving biometric input data and for performing one of: providing the biometric input data to a processor of the host system; and, comparing the biometric input data with biometric data indicative of a user and determining a security level of the user in dependence thereupon.
48. A coupler as defined in any one of claims 42 to 47 wherein the first interface is designed for coupling to an expansion slot disposed in the host system.
49. A coupler as defined in claim 48 wherein the first interface is at least one of a serial interface and a parallel interface for coupling to a communications port of the host system.
50. A coupler as defined in claim 49 wherein the serial interface is a USB interface.
51. A coupler as defined in claim 50 wherein the second interface is a USB interface for coupling to a USB memory storage key.
52. A coupler as defined in any one of claims 42 to 51 wherein the second interface comprises a mechanism for writing data into an optical storage medium.
53. A storage medium having stored therein executable commands for execution on a processor of a host system, the processor when executing the commands performing: providing first data to a storage device for storage therein when data from the storage device have been received, the data being indicative of a presence of a circuitry for: comparing the first data with at least a predetermined signature and determining a comparison result in dependence thereupon; and, performing, in dependence upon the comparison result, one of providing the first data for storage within a scanned data memory when the comparison result is indicative of other than a match, and other than providing the first data for storage within the scanned data memory when the comparison result is indicative of a match; and, other than providing the first data to the storage device in the absence of data indicative of the presence of the circuitry.
PCT/CA2007/001192 2006-07-06 2007-07-06 Method and device for scanning data for signatures prior to storage in a storage device WO2008003174A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CA2656856A CA2656856C (en) 2006-07-06 2007-07-06 Method and device for scanning data for signatures prior to storage in a storage device
EP07763855.9A EP2038794B1 (en) 2006-07-06 2007-07-06 Method and device for scanning data for signatures prior to storage in a storage device

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/480,968 2006-07-06
US11/480,968 US8631494B2 (en) 2006-07-06 2006-07-06 Method and device for scanning data for signatures prior to storage in a storage device

Publications (1)

Publication Number Publication Date
WO2008003174A1 true WO2008003174A1 (en) 2008-01-10

Family

ID=38894161

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CA2007/001192 WO2008003174A1 (en) 2006-07-06 2007-07-06 Method and device for scanning data for signatures prior to storage in a storage device

Country Status (4)

Country Link
US (2) US8631494B2 (en)
EP (1) EP2038794B1 (en)
CA (1) CA2656856C (en)
WO (1) WO2008003174A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2263174A2 (en) * 2008-03-12 2010-12-22 Safend Ltd System and method for enforcing data encryption on removable media devices
WO2011095484A1 (en) * 2010-02-02 2011-08-11 Gemalto Sa Method of countermeasure against the installation-by-tearing of viruses onto a secure portable mass storage device
EP2531925A1 (en) * 2010-02-01 2012-12-12 Israel Hershler Usb memory device
EP2602738A3 (en) * 2011-12-08 2014-07-16 Wincor Nixdorf International GmbH Device for protecting security tokens against malware

Families Citing this family (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080162915A1 (en) * 2006-12-29 2008-07-03 Price Mark H Self-healing computing system
US8396959B2 (en) * 2007-03-21 2013-03-12 Inetco Systems Limited Method and system for monitoring messages passed over a network
WO2008127668A1 (en) * 2007-04-12 2008-10-23 Trustwave Corporation System and method for detecting and mitigating the writing of sensitive data to memory
EP2243239A4 (en) * 2007-12-27 2012-12-19 Safend Ltd System and method for securely storing information
CN101470778B (en) * 2007-12-28 2016-08-17 Ge医疗系统环球技术有限公司 The method and system of protection patient data
JP4852642B2 (en) * 2009-11-18 2012-01-11 インターナショナル・ビジネス・マシーンズ・コーポレーション System, method, IO controller, memory unit, optical link formed by an optical interconnect, and manufacturing method thereof (redundant storage in which a loop is formed between two X-type couplers)
US8335951B2 (en) 2010-05-06 2012-12-18 Utc Fire & Security Americas Corporation, Inc. Methods and system for verifying memory device integrity
US8370689B2 (en) * 2010-05-06 2013-02-05 Utc Fire & Security Americas Corporation, Inc. Methods and system for verifying memory device integrity
KR101201622B1 (en) * 2010-08-19 2012-11-14 삼성에스디에스 주식회사 Soc with security function and device and scan method using the same
US8782793B2 (en) * 2012-05-22 2014-07-15 Kaspersky Lab Zao System and method for detection and treatment of malware on data storage devices
US9256765B2 (en) 2012-06-29 2016-02-09 Kip Sign P1 Lp System and method for identifying software changes
CN104536961A (en) * 2014-11-04 2015-04-22 深圳创维数字技术有限公司 Scanning method and scanning system for local media files
US20160180092A1 (en) * 2014-12-23 2016-06-23 Mcafee, Inc. Portable secure storage
US10489590B2 (en) 2016-03-07 2019-11-26 Chengdu Haicun Ip Technology Llc Processor for enhancing computer security
US10560475B2 (en) 2016-03-07 2020-02-11 Chengdu Haicun Ip Technology Llc Processor for enhancing network security
EP3585658B1 (en) * 2017-02-24 2024-10-23 Gentex Corporation Two factor biometric authentication for auto
US10714172B2 (en) 2017-09-21 2020-07-14 HangZhou HaiCun Information Technology Co., Ltd. Bi-sided pattern processor
US11444928B2 (en) * 2018-12-04 2022-09-13 Journey.ai Controlling transmission of information through a zero-knowledge data management network
US11036887B2 (en) * 2018-12-11 2021-06-15 Micron Technology, Inc. Memory data security
WO2021035429A1 (en) * 2019-08-23 2021-03-04 Siemens Aktiengesellschaft Method and system for security management on a mobile storage device
CN113672928B (en) * 2021-09-06 2022-05-03 盐城一方信息技术有限公司 Computer storage hard disk virus monitoring devices

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5319776A (en) * 1990-04-19 1994-06-07 Hilgraeve Corporation In transit detection of computer virus with safeguard
US5623600A (en) * 1995-09-26 1997-04-22 Trend Micro, Incorporated Virus detection and removal apparatus for computer networks
US20020073340A1 (en) * 2000-12-12 2002-06-13 Sreenath Mambakkam Secure mass storage device with embedded biometri record that blocks access by disabling plug-and-play configuration
US20020194499A1 (en) * 2001-06-15 2002-12-19 Audebert Yves Louis Gabriel Method, system and apparatus for a portable transaction device
US20030005337A1 (en) * 2001-06-28 2003-01-02 Poo Teng Pin Portable device having biometrics-based authentication capabilities
US20050109841A1 (en) * 2003-11-17 2005-05-26 Ryan Dennis J. Multi-interface compact personal token apparatus and methods of use
US20050216759A1 (en) * 2004-03-29 2005-09-29 Rothman Michael A Virus scanning of input/output traffic of a computer system
US20060064755A1 (en) * 2004-09-21 2006-03-23 Agere Systems Inc. Methods and apparatus for interface adapter integrated virus protection
US20060065743A1 (en) * 2004-09-30 2006-03-30 Stmicroelectronics, Inc. USB device with secondary USB on-the-go function
US20060230203A1 (en) * 2000-02-21 2006-10-12 Trek Technology (Singapore) Pte, Ltd. A portable data storage device having a secure mode of operation
US20060242686A1 (en) * 2003-02-21 2006-10-26 Kenji Toda Virus check device and system
US20070083939A1 (en) * 2005-10-07 2007-04-12 Fruhauf Serge F Secure universal serial bus (USB) storage device and method
WO2007069245A2 (en) * 2005-12-13 2007-06-21 Yoggie Security Systems Ltd. System and method for providing network security to mobile devices

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB9824420D0 (en) * 1998-11-07 1998-12-30 Ncr Int Inc Smart card and method of operating the smart card
US6842861B1 (en) * 2000-03-24 2005-01-11 Networks Associates Technology, Inc. Method and system for detecting viruses on handheld computers
US7346928B1 (en) * 2000-12-01 2008-03-18 Network Appliance, Inc. Decentralized appliance virus scanning
FR2818062B1 (en) * 2000-12-07 2003-04-11 Thomson Multimedia Sa METHOD FOR SECURE TRANSMISSION OF DIGITAL DATA FROM A SOURCE TO A RECEIVER
US6981280B2 (en) * 2001-06-29 2005-12-27 Mcafee, Inc. Intelligent network scanning system and method
US8393001B1 (en) * 2002-07-26 2013-03-05 Mcafee, Inc. Secure signature server system and associated method
WO2005109302A2 (en) * 2004-05-03 2005-11-17 Siemens Aktiengesellschaft Portable data storage device
GB0418066D0 (en) * 2004-08-13 2004-09-15 Ibm A prioritization system
US7546471B2 (en) * 2005-01-14 2009-06-09 Microsoft Corporation Method and system for virus detection using pattern matching techniques
US20060168653A1 (en) * 2005-01-27 2006-07-27 Contrera Suzanne H Personal network security token
US7239166B2 (en) * 2005-06-15 2007-07-03 Microsoft Corporation Portable multi-purpose toolkit for testing computing device hardware and software
US7975304B2 (en) * 2006-04-28 2011-07-05 Trend Micro Incorporated Portable storage device with stand-alone antivirus capability

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5319776A (en) * 1990-04-19 1994-06-07 Hilgraeve Corporation In transit detection of computer virus with safeguard
US5623600A (en) * 1995-09-26 1997-04-22 Trend Micro, Incorporated Virus detection and removal apparatus for computer networks
US20060230203A1 (en) * 2000-02-21 2006-10-12 Trek Technology (Singapore) Pte, Ltd. A portable data storage device having a secure mode of operation
US20020073340A1 (en) * 2000-12-12 2002-06-13 Sreenath Mambakkam Secure mass storage device with embedded biometri record that blocks access by disabling plug-and-play configuration
US20020194499A1 (en) * 2001-06-15 2002-12-19 Audebert Yves Louis Gabriel Method, system and apparatus for a portable transaction device
US20030005337A1 (en) * 2001-06-28 2003-01-02 Poo Teng Pin Portable device having biometrics-based authentication capabilities
US20060242686A1 (en) * 2003-02-21 2006-10-26 Kenji Toda Virus check device and system
US20050109841A1 (en) * 2003-11-17 2005-05-26 Ryan Dennis J. Multi-interface compact personal token apparatus and methods of use
US20050216759A1 (en) * 2004-03-29 2005-09-29 Rothman Michael A Virus scanning of input/output traffic of a computer system
US20060064755A1 (en) * 2004-09-21 2006-03-23 Agere Systems Inc. Methods and apparatus for interface adapter integrated virus protection
US20060065743A1 (en) * 2004-09-30 2006-03-30 Stmicroelectronics, Inc. USB device with secondary USB on-the-go function
US20070083939A1 (en) * 2005-10-07 2007-04-12 Fruhauf Serge F Secure universal serial bus (USB) storage device and method
WO2007069245A2 (en) * 2005-12-13 2007-06-21 Yoggie Security Systems Ltd. System and method for providing network security to mobile devices

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2263174A2 (en) * 2008-03-12 2010-12-22 Safend Ltd System and method for enforcing data encryption on removable media devices
EP2263174A4 (en) * 2008-03-12 2012-07-04 Safend Ltd System and method for enforcing data encryption on removable media devices
EP2531925A1 (en) * 2010-02-01 2012-12-12 Israel Hershler Usb memory device
JP2013527509A (en) * 2010-02-01 2013-06-27 ハーシュラー,イスラエル USB memory device
EP2531925A4 (en) * 2010-02-01 2014-01-15 Israel Hershler Usb memory device
US9619421B2 (en) 2010-02-01 2017-04-11 Israel Hershler USB memory device
WO2011095484A1 (en) * 2010-02-02 2011-08-11 Gemalto Sa Method of countermeasure against the installation-by-tearing of viruses onto a secure portable mass storage device
EP2602738A3 (en) * 2011-12-08 2014-07-16 Wincor Nixdorf International GmbH Device for protecting security tokens against malware
US9117096B2 (en) 2011-12-08 2015-08-25 Wincor Nixdorf International Gmbh Protection of safety token against malware

Also Published As

Publication number Publication date
EP2038794A4 (en) 2011-02-02
US8631494B2 (en) 2014-01-14
US20140230063A1 (en) 2014-08-14
US9064114B2 (en) 2015-06-23
CA2656856A1 (en) 2008-01-10
CA2656856C (en) 2019-09-03
EP2038794B1 (en) 2017-09-06
EP2038794A1 (en) 2009-03-25
US20080010682A1 (en) 2008-01-10

Similar Documents

Publication Publication Date Title
US9064114B2 (en) Method and device for scanning data for signatures prior to storage in a storage device
CN1229705C (en) Biometric-based authentication in nonvolatile memory device
US9100425B2 (en) Method and apparatus for detecting malicious software using generic signatures
US8887295B2 (en) Method and system for enabling enterprises to use detachable memory devices that contain data and executable files in controlled and secure way
US20110265156A1 (en) Portable security device protection against keystroke loggers
JP6374631B1 (en) Use multiple levels of policy management to manage risk
CN109063476A (en) A kind of computer system to ensure information security
CN104081408A (en) System and method for bidirectional trust between downloaded applications and mobile devices including a secure charger and malware scanner
Popoola et al. Ransomware: Current trend, challenges, and research directions
CA2748521A1 (en) Hardware encrypting storage device with physically separable key storage device
Lee et al. Ransomware prevention technique using key backup
WO2012100079A2 (en) Apparatus and method for enhancing security of data on a host computing device and a peripheral device
US20200218809A1 (en) Logical and Physical Security Device
US8954624B2 (en) Method and system for securing input from an external device to a host
Ali et al. Data loss prevention by using MRSH-v2 algorithm
WO2022239004A1 (en) A computerized charging/interface device with malware detection and backup capabilities
US8433895B1 (en) Methods and systems for securely managing multimedia data captured by mobile computing devices
US20150213255A1 (en) Authentication system
Ko et al. Trends in Mobile Ransomware and Incident Response from a Digital Forensics Perspective
WO2023058027A1 (en) A computerized charging/interface device with application marketplace and ecosystem capabilities
KR100998660B1 (en) Message transmitting method and system thereof using portable storage device
Jenkins Mobile Devices and Law Enforcement Challenges
US9053331B2 (en) Securisation of a remote executable code using a footprint of the computer recipient
KR20150044625A (en) System and method for disinfection pocessing the inputing files
WO2014147633A1 (en) Standalone portable device for detecting and removing virus or malware or spyware

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07763855

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2656856

Country of ref document: CA

REEP Request for entry into the european phase

Ref document number: 2007763855

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2007763855

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: RU