Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

A System and Method of Enhanced Data Security Using a Removable Media Manager

IP.com Disclosure Number: IPCOM000012729D
Original Publication Date: 2003-May-22
Included in the Prior Art Database: 2003-May-22
Document File: 2 page(s) / 45K

Publishing Venue

IBM

Abstract

Disclosed is an application, Removable Media Manager (RMM), which requires user authentication before ejecting any removable media from a computing device.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 1 of 2

  A System and Method of Enhanced Data Security Using a Removable Media Manager

The present invention introduces a new system and mechanism for securing data stored on removable media, while allowing proper use of such devices. The text below provides details of this invention.

(1) Logic is added to device management software to safeguard removable media. NOTE: Device management may be provided at the operating system level, via a piece of application software, or the combination of each. Thus, this invention could be implemented either at the operating system or application layer. The preferred embodiment would add functionality to existing unplug/eject software which currently manages removable USB devices where such software exists, and would be added as new functional code where required. In order to accommodate secure transfer of removable media between computer devices, an existing standard such as USB could be updated, or a new protocol for RMM could be developed. Many embodiments and implementation possibilities exist for the present art, and the following broad areas, prefacing the remainder of the example flow, have been considered by the inventors: - Authentication could either be open to all users on a given system, or only to specific users. For instance, if a disk (or media in general) knows that it is attached to its home system, it optionally may not query anyone for additional passwords unless an eject function is attempted. On the other hand, if a disk detects that it has been attached to a new system, it requires a logical "unlocking" before it divulges contents. Optionally, after this unlocking via authentication, the user could either redefine the new system as a/the home system, or it could remain "guest media" on the new system. - A unique system identifier could be used as the/part of the media identification code, which might include keying a specific piece of removable media to a CPU ID, to an adapter serial number, to a system with a given TCP/IP or MAC address, or to another unique multibyte identifier. This unique system identifier would be written into metadata within the RMM database, and on the disk (media) data structure itself. - The inventors have also considered that a defined set of triggers would have to be established for password checking, whether or not the media is mounted on its home system. It would be inefficient to have the disk performing the required check upon every read/write operation due to performance concerns, rather the following set of trigger conditions could be consi...