WO2010037409A1 - Système de mémorisation et procédé pour accéder de manière sécurisée à des données - Google Patents

Système de mémorisation et procédé pour accéder de manière sécurisée à des données Download PDF

Info

Publication number
WO2010037409A1
WO2010037409A1 PCT/EP2008/008380 EP2008008380W WO2010037409A1 WO 2010037409 A1 WO2010037409 A1 WO 2010037409A1 EP 2008008380 W EP2008008380 W EP 2008008380W WO 2010037409 A1 WO2010037409 A1 WO 2010037409A1
Authority
WO
WIPO (PCT)
Prior art keywords
storage area
data
protected
open
data stored
Prior art date
Application number
PCT/EP2008/008380
Other languages
English (en)
Inventor
Bernd Lamparter
Pierre Imai
Original Assignee
Nec Europe Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nec Europe Ltd. filed Critical Nec Europe Ltd.
Priority to PCT/EP2008/008380 priority Critical patent/WO2010037409A1/fr
Publication of WO2010037409A1 publication Critical patent/WO2010037409A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data

Definitions

  • the present invention relates to a storage system and a method for securely accessing data by an untrusted device.
  • One possibility is to set a write protection on the external storage media.
  • Each computer can read the data from the storage media, but writing to the storage media is prohibited. This prevents the data contained on the external storage media from being manipulated. But as soon as the user wants to store data on the external storage media, the write lock has to be removed and data can be manipulated again.
  • Another possibility which is known in the art includes the usage of security software which checks for malicious software, when external storage media are attached to a computer. These methods are problematic to that effect that they are not able to protect from unauthorized changes of data contained on the external storage media.
  • Yet another option includes encryption of the data stored on the storage media. For accessing the data, it has to be decrypted where a correct key has to be present. But this method also cannot prevent storing malicious data or changing existing data. As soon as the access to the storage media is permitted, each data might be stored, including malicious data.
  • a storage system comprising the features of claim 1.
  • the storage system comprises a protected storage area which can only be accessed by a trusted device, an open storage area which can be accessed by a trusted and an untrusted device, a data control unit arranged at a protected device, wherein said data control unit supports synchronization of the data stored in said protected storage area with the data stored in said open storage area, and supports checking for malicious data or undesirably changed data stored in said open storage area at said synchronization.
  • such a method is characterized by the step of storing data in a protected storage area by means of a trusted device, wherein the protected storage area can not be accessed by an untrusted device, the step of making data, that is stored in said protected storage area and that should be accessed by an untrusted device, available in an open storage area by means of a trusted device, the step of reading and/or modifying data stored in said open storage area or storing data in said open storage area by means of an untrusted device, the step of synchronizing the data stored in said open storage area with the data stored in said protected storage area by means of a trusted device, and the step of checking the data stored in said open storage area before writing the data to said protected storage area by means of a trusted device.
  • an untrusted device can be achieved using simple means. This is accomplished by using a protected storage area and an open storage area.
  • the protected storage area can only be accessed by trusted device, while the open storage area can be accessed by both, trusted and untrusted devices.
  • the protected storage area contains only data which for sure is written by a trusted device, as an untrusted device is not able to access the protected storage area.
  • the untrusted device can use the open storage area for storing data. In this manner, each untrusted device can read data from and write data to the open storage area without any restriction, wherein the protected storage area is not accessible for an untrusted device.
  • the storage system comprises a data control unit which support synchronization of the data stored in said protected storage area with the data stored in said open storage area.
  • the contents of the protected storage area and of the open storage area can be synchronized. If data is changed in the open storage area by an untrusted device, the data can be written to the protected storage area, where the data can be regarded as secure.
  • the data control unit further supports checking of the data contained in the open storage area during said synchronization. This checking includes the checking for malicious data or undesirably changed data stored in said open storage area.
  • the checking for malicious data might include the checking for viruses, Trojans, spyware or the like. Checking changes might be achieved by comparing the data stored in the protected storage area by the associated data contained in the open storage area.
  • the data control unit is arranged at a trusted device for further ensuring security of data contained in the protected storage area. In this manner, only trusted devices write to the protected storage area and each data originating from the open storage area is thoroughly checked before storing to the protected storage area. This leads to a high level of security of the data, even if a untrusted device is involved in a file transfer.
  • a trusted device can be each device which is capable of handling data. These devices include a personal computer, a mobile phone, a personal digital assistant (PDA), or similar devices. Generally, a trusted device can be each device which is on direct control of the user. This can be a home computer or an office computer of the user as well as his/her smart phone.
  • An untrusted device can be a device, similar to a trusted device. The difference lies in the fact that an untrusted device is accessible to other potentially untrusted users. This can for instance be a PC in an internet cafe or an internet terminal in a hotel.
  • Access control to the protected storage area can be fulfilled in different ways.
  • the access control might be achieved physically by incorporating the protected storage area into a trusted device.
  • the protected storage area can then be a part of the hard disc or a similar storage of the trusted device.
  • the open storage area is located in an external storage device which can be carried to different devices. This might include an USB memory stick, a Smartcard, a NFC (Near Field Communication) card, or the like.
  • a more flexible implementation includes a security controller which controls access to the protected storage area. Then access to the protected storage area needs not to be restricted locally.
  • the security controller keeps track of the devices which want to access the data stored in the protected storage area and permits or denies access to the protected storage area. This generally includes authentication where a trusted device proves its right to access the protected area.
  • the storage system comprises a storage device.
  • This storage device contains said protected storage area and said open storage area.
  • the usage of the protected storage area is not limited to a single trusted device but can be used at each trusted device.
  • a home computer can be used as well as an office computer to serve as trusted device.
  • the storage device is preferably configured as a USB memory stick or a NFC card, where "NFC card" is used as a generic term for any short range radio technology.
  • the security controller is preferably part of said storage device.
  • the security controller can then be configured in a technology which is known as Smartcards.
  • the protected storage area is not directly accessible. It can only be accessed through the security controller, wherein the security controller offers a protected communication channel to the device which wants to read data from or write data to the protected storage area.
  • the data control unit is implemented as a program running at a trusted device. This program can control communication within the storage system. Each time the open storage area is connected to a trusted device, the data control unit can perform synchronization and checking of data.
  • the method according to the invention first comprises the step of storing data in a protected storage area.
  • This storage area can only be accessed by a trusted device.
  • the step of storing data in the protected storage area is performed by a trusted device.
  • the data that is available in the protected storage area and which should be accessed by an untrusted device is made available in the open storage area.
  • this step is performed by means of a trusted device to ensure that the data contained in the protected storage area can be regarded as being secure.
  • the data contained in the open storage area can be accessed freely, including reading, modifying and storing data. Also new data can be stored in the open storage area.
  • This step can be performed by each device, trusted and untrusted.
  • the open storage area can be used which each device which is available.
  • the data stored in the open storage area is synchronized with data stored in the protected storage area.
  • the data contained in the open storage area is made available in the protected storage area.
  • the data stored in the open storage area is checked. In this matter, malicious data and changed data can be determined and eliminated.
  • the data contained in the protected storage area keeps trusted and secure.
  • the step of checking files stored in the open storage area might have a security flag.
  • This security flag is set to "secure", when the file is written to the open storage area by a trusted device.
  • the security flag can be set to "not secure”.
  • the step of making data available in the open storage area comprises the step of copying data from the protected storage area to the open storage area.
  • a reference can be set to the open storage area. This reference points to data stored in the protected storage area.
  • an untrusted device accesses the reference to the data stored in the protected storage area, reads the data from the protected storage area using the reference, and works on the data retrieved in this manner.
  • the untrusted device writes the data in the open storage area. In this manner, the changes can be stored and the data in the protected storage area is not influenced.
  • This usage of references saves memory, as only data which is changed has to be duplicated in the open storage area.
  • the trusted device Before permitting access to the protected storage area, the trusted device is authenticated. For authentication, many methods are known in the art. This can be performed automatically by exchanging of authentication credentials between the trusted device and the storage system. It can also include the step of typing a password into the trusted device. Another possibility is to have a button at a storage device which is pressed whenever the storage device is connected to a trusted device.
  • the data stored in the protected storage area can be encrypted.
  • each encryption method known in the art can be used with the method according to the invention.
  • This additionally offers a kind of access control to the protected storage area, as generally the key for decrypting the data is unknown to an untrusted device.
  • an untrusted device which manages to access the protected storage area cannot manipulate data contained in the protected storage area.
  • the step of checking the data contained in the open storage area comprises the step of comparing the data stored in said open storage area to the data stored in said protected storage area.
  • This can be dependent on the type of data. Some examples shall make this clear, where they should not delimit the invention to these methods of comparing: If the data is in text format (e.g. ASCII), the data stored in the protected storage area and the data stored in the open storage area might be compared line by line. If the data is in XML of HTML format, the changed tags are extracted. If the data is a bookmark file, then new, changed, or deleted bookmarks can be determined.
  • text format e.g. ASCII
  • Each difference found at the step of comparing data can be presented to the user.
  • the user can decide if the changes are desired or undesired, and can accept the changes or discard them. Thus a high level or security can be fulfilled.
  • the storage system comprises a storage device in the form of an USB (Universal Serial Bus) memory stick.
  • the USB stick includes a security controller which makes sure that only trusted devices can access the protected area.
  • the trusted device can be a home PC (Personal Computer) or an office PC.
  • the untrusted device can be any public PC, e.g. one in an Internet cafe.
  • the user copies the data he wants to use on an untrusted device from the trusted device to the open storage area of the USB stick. This data is also copied to the protected storage area in order to have a reference available.
  • the storage device is put into an untrusted device which can read/write the data in the open storage area but not to the protected storage area.
  • the user can e.g. copy his bookmarks to the untrusted device, use it there and write it back with newly found bookmarks.
  • Some applications might have support for usage of external data like the bookmarks file or other configuration files and uses this instead of the normal one.
  • a dedicated application checks for changed or new data. As the unchanged data is still also in the protected area of the storage device, this works also in cases where different trusted devices are used.
  • this application can perform in different ways: If the data is in text format (e.g. ASCII), the old and new data is compared line by line and the user gets a list of the differences. He then can choose whether to incorporate the change or to ignore it. If the data is in XML or HTML format, the changed tags can be presented to the user instead of the changed lines. If the data is a bookmark file, then new, changed, or deleted bookmarks are presented to the user. Additionally the application can provide hints to the user whether the new bookmark might point to a malicious website. The user decides on each change, if he wants it applied.
  • anti virus software can be used to check any new or changed data.
  • the controller has to authenticate the trusted device. After initialization this can be performed automatically, i.e. authentication credentials are exchanged between the trusted device and the storage device without involvement of the user.
  • the user plugs the storage device, starts software from the open area, and enters an initialization code which is delivered with the storage device.
  • a data control unit can just copy the data into the protected storage area and put a reference into the open storage area.
  • an untrusted device reads the data, the data from the protected storage area is delivered.
  • the reference is deleted and the data is written into the open storage area. This saves time when writing the data from the trusted device and less memory is needed because usually not all data will be changed.
  • Smartcards have built-in security controllers, so the implementation of the security is easier.
  • Smartcards use NFC (Near Field Communication) technology as physical interface to the device, where low frequency radio signals are used for communication and energizing the device.
  • NFC Near Field Communication
  • the invention could be used by Internet cafes.
  • the card could be combined with the membership card which also configures the shared computer.
  • the storage device could be an NFC based smartcard or a USB memory stick with security controller.
  • NFC smartcard might be more appropriate because it could be easily used also as membership card, whereas in corporate environments special USB memory sticks with security controller might be the better approach.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un système de mémorisation pour accéder de manière sécurisée à des données via un dispositif non sécurisé. Le système de mémorisation est caractérisé en ce qu'il comprend une zone de mémorisation protégée à laquelle seul un dispositif sécurisé peut accéder, une zone de mémorisation ouverte à laquelle un dispositif sécurisé et un dispositif non sécurisé peuvent accéder, une unité de commande de données disposée au niveau du dispositif protégé, ladite unité de commande de données comportant une fonction de synchronisation des données mémorisées de ladite zone de mémorisation protégée avec les données mémorisées de ladite zone de mémorisation ouverte, et comportant une fonction de détection des données malveillantes ou des données modifiées involontairement mémorisées dans ladite zone de mémorisation ouverte lors de ladite synchronisation. En outre, l'invention concerne un procédé pour accéder de manière sécurisée à des données.
PCT/EP2008/008380 2008-10-02 2008-10-02 Système de mémorisation et procédé pour accéder de manière sécurisée à des données WO2010037409A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2008/008380 WO2010037409A1 (fr) 2008-10-02 2008-10-02 Système de mémorisation et procédé pour accéder de manière sécurisée à des données

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2008/008380 WO2010037409A1 (fr) 2008-10-02 2008-10-02 Système de mémorisation et procédé pour accéder de manière sécurisée à des données

Publications (1)

Publication Number Publication Date
WO2010037409A1 true WO2010037409A1 (fr) 2010-04-08

Family

ID=40383802

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2008/008380 WO2010037409A1 (fr) 2008-10-02 2008-10-02 Système de mémorisation et procédé pour accéder de manière sécurisée à des données

Country Status (1)

Country Link
WO (1) WO2010037409A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102253902A (zh) * 2011-06-10 2011-11-23 国核信息科技有限公司 移动存储设备数据的保护方法
CN103207976A (zh) * 2013-01-25 2013-07-17 贵州信安达科技有限公司 移动存储文件防泄密方法及基于该方法的保密u盘

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998025372A2 (fr) * 1996-11-22 1998-06-11 Voltaire Advanced Data Security Ltd. Procede et dispositif assurant la securite d'informations
EP1056010A1 (fr) * 1999-05-28 2000-11-29 Hewlett-Packard Company Surveillance de l'intégrité de données dans une unité de calcul securisée
WO2007039453A1 (fr) * 2005-10-05 2007-04-12 International Business Machines Corporation Systeme et procede pour effectuer en toute confiance une migration d'objets de donnees depuis une source jusqu'a une cible
WO2007090719A2 (fr) * 2006-02-07 2007-08-16 International Business Machines Corporation Procédé de prévention d'installation de logiciel malintentionné sur un ordinateur relié à l'internet

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998025372A2 (fr) * 1996-11-22 1998-06-11 Voltaire Advanced Data Security Ltd. Procede et dispositif assurant la securite d'informations
EP1056010A1 (fr) * 1999-05-28 2000-11-29 Hewlett-Packard Company Surveillance de l'intégrité de données dans une unité de calcul securisée
WO2007039453A1 (fr) * 2005-10-05 2007-04-12 International Business Machines Corporation Systeme et procede pour effectuer en toute confiance une migration d'objets de donnees depuis une source jusqu'a une cible
WO2007090719A2 (fr) * 2006-02-07 2007-08-16 International Business Machines Corporation Procédé de prévention d'installation de logiciel malintentionné sur un ordinateur relié à l'internet

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102253902A (zh) * 2011-06-10 2011-11-23 国核信息科技有限公司 移动存储设备数据的保护方法
CN103207976A (zh) * 2013-01-25 2013-07-17 贵州信安达科技有限公司 移动存储文件防泄密方法及基于该方法的保密u盘
CN103207976B (zh) * 2013-01-25 2016-04-27 贵州信安达科技有限公司 移动存储文件防泄密方法及基于该方法的保密u盘

Similar Documents

Publication Publication Date Title
US8695087B2 (en) Access control for a memory device
CN107679370B (zh) 一种设备标识生成方法及装置
US20110016330A1 (en) Information leak prevention device, and method and program thereof
JP6785967B2 (ja) フィッシング又はランサムウェア攻撃を遮断する方法及びシステム
WO2007008807A2 (fr) Stockage local securise de fichiers
JP2003345654A (ja) データ保護システム
US20070271472A1 (en) Secure Portable File Storage Device
US20070143529A1 (en) Apparatus and method for PC security and access control
WO2016144258A2 (fr) Procédés et systèmes pour faciliter un accès sécurisé à des dispositifs de stockage
US20110055589A1 (en) Information certification system
JP2007310822A (ja) 情報処理システムおよび情報管理プログラム
JP4993114B2 (ja) 携帯型ストレージデバイスの共有管理方法、および、携帯型ストレージデバイス
US9697372B2 (en) Methods and apparatuses for securing tethered data
CN110807186B (zh) 一种存储设备安全存储的方法、装置、设备和存储介质
WO2010037409A1 (fr) Système de mémorisation et procédé pour accéder de manière sécurisée à des données
US9262619B2 (en) Computer system and method for protecting data from external threats
CN114270346A (zh) 具有可变计算机文件系统的数据存储装置
KR101349807B1 (ko) 이동식 저장매체 보안시스템 및 그 방법
US20140366148A1 (en) Storage Medium Securing Method and Media Access Device thereof
JP4974246B2 (ja) ファイルの持ち出し監視システム
KR101936194B1 (ko) 인증에 기반을 둔 다중 파티션 선택적 활성 기능을 갖는 sd 메모리 제어 방법
KR100981301B1 (ko) 개인용 컴퓨터에서 보호정보의 외부유출을 실용적으로방지하는 방법 및 그 장치
Dolgunov Enabling optimal security for removable storage devices
KR20100101769A (ko) 컴퓨터용 데이터 보안시스템 및 데이터 보안방법
KR101264305B1 (ko) 파일 보호 장치, 파일 보호 방법, 및 컴퓨터 판독가능 기록 매체

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08802768

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08802768

Country of ref document: EP

Kind code of ref document: A1