Patent application number | Description | Published |
20080205635 | APPARATUS, SYSTEM, AND METHOD FOR SELF-DESCRIBING HETEROGENEOUS MAGNETIC TAPE FORMATTING - An apparatus, system, and method are disclosed for self-describing, heterogeneous magnetic tape formatting. A detection module determines if data is to be encrypted when written to a magnetic tape in response to a host command and if the data is already encrypted. An encryption module encrypts the data if the data is to be encrypted and if the data is not already encrypted. A write module writes a reserved codeword followed by the data to the magnetic tape wherein the reserved codeword is configured as an encryption reserved codeword if the data is encrypted. If the data is not encrypted, the reserved codeword is configured as a clear reserved codeword. The encrypted and unencrypted data segments are intermixed on the magnetic tape. | 08-28-2008 |
20080253012 | MAGNETIC TAPE READ CHANNEL SIGNAL VALUES DEVELOPED EMPLOYING INTERMEDIATE BITS OF THE PATH MEMORY OF A PRML VITERBI DETECTOR - Magnetic tape read channel signal values are developed employing intermediate bits of the path memory of a PRML Viterbi detector. Identification logic identifies a most likely path memory state of the PRML Viterbi detector from the path metrics of the PRML Viterbi detector. An intermediate bit sequence of the identified most likely path memory state is obtained, the intermediate bit sequence extending from an initiation point of the path memory which is intermediate the output and the input of the PRML Viterbi detector. A sample value is determined which corresponds to the obtained intermediate bit sequence. | 10-16-2008 |
20080253570 | SYSTEM AND METHOD FOR PROCESSING USER DATA IN AN ENCRYPTION PIPELINE - A method, system and program are disclosed for efficiently processing host data which comprises encrypted and non-encrypted data and is to be written to a storage medium. The encrypted data is written to the storage medium in encrypted form. The non-encrypted data is encrypted by a storage device using a well known encryption key and written to the storage medium. In this way, the data that is processed by the storage device to and from the storage medium can always be processed through a single encryption engine. | 10-16-2008 |
20080316634 | MAGNETIC TAPE WRITE ONCE OVERWRITE PROTECTION - A magnetic tape cartridge, a recording system, and a magnetic tape drive are configured to, for example, guard against tampering with a write once overwrite protection pointer which allows a rewritable magnetic tape to be treated as write once. In one embodiment, the magnetic tape cartridge comprises a magnetic tape and a cartridge memory. The magnetic tape is configured to provide at least one overwrite protection pointer, the overwrite protection pointer identifying data to be protected from being overwritten; and the cartridge memory is configured to provide the at least one overwrite protection pointer, the overwrite protection pointer identifying magnetic tape data to be protected from being overwritten. | 12-25-2008 |
20090028322 | System for an Encryption Key Path Diagnostic - A system is provided to perform a key path diagnostic that aids in isolating an error within the encryption storage system. The system includes at least one drive, a key proxy, a key server, a key manager, and a processor. The processor performs a first communication test on a path between the key proxy and the drive. The first communication test verifies that the path between the drive and the key proxy is operational. The processor performs a second communication test on a path between the key proxy and the key server. The second communication test verifies that the path between the key proxy and the key server is operational. In addition, processor sends a command to the key manager to attempt communication with the key manager. The communication attempt verifies the installation and configuration parameters related to the key manager. | 01-29-2009 |
20090028336 | Encryption Key Path Diagnostic - A method and a computer program product are provided to perform a key path diagnostic that aids in isolating an error within the encryption storage system. A first communication test is performed on a path between the key proxy and the drive. The first communication test verifies that the path between the drive and the key proxy is operational. A second communication test is performed on a path between the key proxy and the key server. The second communication test verifies that the path between the key proxy and the key server is operational. In addition, the drive or the key proxy sends a command to the key manager to attempt communication with the key manager. The communication attempt verifies the installation and configuration parameters related to the key manager. | 01-29-2009 |
20090028339 | Auto-Configuration of a Drive List for Encryption - A method, a system and a computer program product are provided to auto configure a drive list. When information is received for a drive, the key manager compares the information to drive information on a drive list. If the drive is not on the drive list the drive list is auto configured by adding the drive to the drive list. By adding the drive to the drive list the drive is able to obtain keys from the key manager to perform encryption and decryption. | 01-29-2009 |
20090052664 | Bulk Data Erase Utilizing An Encryption Technique - Disclosed is a method for eliminating access to data on removable storage media of a removable storage media cartridge. A key is stored on the removable storage media cartridge, such that data on the removable storage media is accessible with the key. Upon receiving a command to eliminate access to data on the removable storage media the key is shredded such that access to data on the removable storage media is eliminated. | 02-26-2009 |
20090052665 | Bulk Data Erase Utilizing An Encryption Technique - A system and a computer program product are disclosed for eliminating access to data on removable storage media of a removable storage media cartridge. The system comprises a data storage drive that stores a key on the removable storage media cartridge, such that data on the removable storage media is accessible with the key. Upon receiving a command to eliminate access to data on the removable storage media the data storage drive shreds the key such that access to data on the removable storage media is eliminated. | 02-26-2009 |
20090174961 | Target Of Opportunity In An Automated Data Storage Library - A method is provided for utilizing target of opportunity to perform at least one special operation while a removable storage medium is mounted within a data storage drive for another purpose. A target of opportunity is recognized by determining if at least one special operation may be performed by the data storage drive. If it is determined that at least one special operation may be performed then a first notification that the data storage drive is to remain in a not ready state is sent in response. At least one special operation is performed, and in response to the at least one special operation being performed, a second notification is sent that the removable storage medium is in a ready state or an error state. | 07-09-2009 |
20090174965 | Data Storage Drive With Target Of Opportunity Recognition - A system and computer program product are provided for utilizing target of opportunity to perform at least one special operation while a removable storage medium is mounted within a data storage drive for another purpose. The system for recognizing a target of opportunity comprises a tape drive. The tape drive receives a command to mount a tape cartridge in the tape drive, and in response the tape drive mounts the tape cartridge in the tape drive. The tape drive determines if at least one special operation may be performed. If it is determined that at least one special operation may be performed, the tape drive recognizes that a target of opportunity exists. In response to determining that at least one special operation may be performed, the tape drive sends a first notification that the tape drive is to remain in a not ready state. The tape drive performs the at least one special operation, and in response to performing the at least one special operation, the tape drive sends a second notification that the tape drive is in a ready state or an error state. | 07-09-2009 |
20090175451 | Target Of Opportunity Recognition During An Encryption Related Process - A method, system, and computer program product are provided for utilizing target of opportunity to perform at least one special operation while a key session is opened with a key manager for another purpose. The method of recognizing a target of opportunity includes receiving a command to be performed on a removable storage medium and determining if the command requires interaction with the encryption key manager. If it is determined that the command requires interaction with the key manager the command is held off. A request is sent to the encryption key manager. A target of opportunity is recognized by determining if at least one special operation may be performed. If it is determined that at least one special operation may be performed then the at least one special operation and the request are performed. | 07-09-2009 |
20090177314 | Automated Data Storage Library with Target of Opportunity Recognition - A system and computer program product are provided for utilizing target of opportunity to perform at least one special operation while a removable storage medium is mounted within a data storage drive for another purpose. The system comprises a tape library and a tape drive coupled to the tape library. The tape library receives a command to mount a tape cartridge in the tape drive. If it is determined by the tape library that at least one special operation may be performed, then tape library has recognized that a target of opportunity exists. In response to determining that at least one special operation may be performed, the tape library sends a first notification that the tape drive is to remain in a not ready state. The tape library mounts the tape cartridge in the tape drive after determining that at least one special operation may be performed. In response to the tape drive performing the at least one special operation, the tape library sends a second notification that the tape drive is in a ready state or an error state. | 07-09-2009 |
20090208017 | VALIDATION OF ENCRYPTION KEY - A label corresponding to a cryptographic key is stored at a first computational device. A user provided label is received at a second computational device. The user provided label is sent from the second computational device to the first computational device. The user provided label is compared to the label stored at the first computational device. The cryptographic key is used to perform cryptographic operations on data, in response to determining that the user provided label matches the label stored at the first computational device. | 08-20-2009 |
20090219648 | APPARATUS, SYSTEM, AND METHOD FOR LIMITING FRAME SPACING ERROR DURING TIMING-BASED SERVO PATTERN FABRICATION - An apparatus, system and method to limit frame spacing error during timing-based servo pattern fabrication. An apparatus in accordance with the invention may include a first servo write head to simultaneously write servo stripes onto a first servo frame of a magnetic tape, and a second servo write head to simultaneously write servo stripes onto a successive servo frame of the magnetic tape. The first and second servo write heads may write the stripes substantially concurrently to minimize spacing error between the frames. | 09-03-2009 |
20090327625 | MANAGING METADATA FOR DATA BLOCKS USED IN A DEDUPLICATION SYSTEM - Provided are a method, system, and article of manufacture for managing metadata for data blocks used in a deduplication system. File metadata is maintained for files having data blocks in a computer readable device. Data block metadata is maintained for each data block in the computer readable device. The data block metadata for one data block includes a data block reference and content identifier identifying content of the data block. The file metadata for each file includes the data block reference to each data block in the file. A determination is made of an unreferenced data block in the computer readable device that has become unreferenced. Indication is made that the data block metadata for the determined unreferenced data block as unreferenced metadata. The data block reference of the unreferenced metadata is maintained in the computer readable device in response to determining that a includes the data block indicated in the unreferenced metadata. | 12-31-2009 |
20090327746 | KEY ENCRYPTION AND DECRYPTION - Provided is a data storage drive for encrypting data, comprising a microprocessor and circuitry coupled to the microprocessor and adapted to receive a session encrypted data key and to decrypt the session encrypted data key using a session key, wherein a result is a data key that is capable of being used to encrypt clear text and to decrypt cipher text written to a storage medium. Also provided is a system, comprising a microprocessor and circuitry coupled to the microprocessor and adapted to receive a session encrypted data key and to decrypt the session encrypted data key using a private key, wherein a result is a secret key that is capable of being used to encrypt clear text and to decrypt cipher text written to a storage medium. | 12-31-2009 |
20100208380 | ENCRYPT-ONLY DATA STORAGE CARTRIDGE - Control of the encryption of data for storage with respect to removable data storage cartridges having a recording media and having cartridge memory with at least a portion lockable to read-only, employs the steps of inspecting the read-only portion of the cartridge memory of the removable data storage cartridge for an “Encrypt-Only” flag. If the “Encrypt-Only” flag is present, writes to the recording media of the removable data storage cartridge are limited to data in an encrypted format, if any; and, else, writes to the recording media of the removable data storage cartridge are allowed for data in any of encrypted and unencrypted formats. | 08-19-2010 |
20110040986 | METHOD, SYSTEM, AND PROGRAM FOR SECURELY PROVIDING KEYS TO ENCODE AND DECODE DATA IN A STORAGE CARTRIDGE - Provided is a method, system, and program for enabling access to data in a storage medium within one of a plurality of storage cartridges capable of being mounted into a interface device. An association is provided of at least one coding key to a plurality of storage cartridges. A determination is made of one coding key associated with one target storage cartridge, wherein the coding key is capable of being used to access data in the storage medium within the target storage cartridge. The determined coding key is encrypted. The coding key is subsequently decrypted to use to decode and code data stored in the storage medium. | 02-17-2011 |
20110261964 | REDUNDANT KEY SERVER ENCRYPTION ENVIRONMENT - Provided are a computer program product, system and method for a redundant key server encryption environment. A key server transmits public keys associated with the key server and at least one device to at least one remote key server. The key server receives from the at least one remote key server public keys associated with the at least one remote key server. The key server receives a request for an encryption key from a requesting device comprising one of the at least one device and generates the encryption key for use by the requesting device to unlock a storage. The key server generates a first wrapped encryption key by encrypting the encryption key with a requesting device public key associated with the requesting device. The key server generates a second wrapped encryption key by encrypting the encryption key with a public key associated with the key server. At least one additional wrapped encryption key is generated for each of the at least one remote key server by encrypting the encryption key with the at least one public key provided by the at least one remote key server. The key server transmits the first, second and the at least one additional wrapped encryption key to the requesting device. | 10-27-2011 |
20120102335 | REKEYING ENCRYPTION KEYS FOR REMOVABLE STORAGE MEDIA - Provided are a method, system, and article of manufacture for rekeying encryption keys for removable storage media. A rekey request is received for a coupled removable storage media, wherein encryption on the coupled removable storage media uses a first key and wherein the rekey request indicates a second key. The first key and the second key are accessed in response to the rekey request. The first key is used to perform decryption for the coupled removable storage media and the second key is used to perform encryption for the coupled removable storage media. | 04-26-2012 |
20120233455 | REDUNDANT KEY SERVER ENCRYPTION ENVIONMENT - Provided are a computer program product, system and method for a redundant key server encryption environment. A key server receives from at least one remote key server public keys associated with the at least one remote key server. The key server receives a request for an encryption key from a requesting device and generates the encryption key for use by the requesting device to unlock a storage. The key server generates a first wrapped encryption key by encrypting the encryption key with a requesting device public key, a second wrapped encryption key by encrypting the encryption key with a public key associated with the key server, and at least one additional wrapped encryption key by encrypting the encryption key with the at least one public key provided by the at least one remote key server. The key server transmits the generated keys to the requesting device. | 09-13-2012 |
20130305057 | CRYPTOGRAPHIC ERASURE OF SELECTED ENCRYPTED DATA - Exemplary method, system, and computer program product embodiments for cryptographic erasure of selected encrypted data are provided. In one embodiment, by way of example only, data files are configured with a derived key. The derived keys adapted to be individually shredded in a subsequent erasure operation. The derived key allows for cryptographic erasure of the selected encrypted data in the data files without necessitating at least one of removal and rewrite of retained data. Additional system and computer program product embodiments are disclosed and provide related advantages. | 11-14-2013 |