| 摘要 |
A computing system may receive physical-storage-media identifiers stored on physical storage media approved for use by an organization. The computing system may generate, for each of the physical storage media, a log entry comprising a physical-storage-media identifier, of the physical-storage-media identifiers, stored on the physical storage medium. The computing system may receive, from a computing device, a request to write secure data to a physical storage medium. Responsive to determining that the request comprises a physical-storage-media identifier that is amongst the physical-storage-media identifiers: the computing system may either instruct the computing device to write the secure data to the physical storage medium or fail to instruct the computing device to write the secure data to the physical storage medium; and may update a log entry comprising the physical-storage-media identifier to reflect whether the computing system instructed the computing device to write the secure data to the physical storage medium. |
| 主权项 |
1. A method comprising:
receiving, via a communication interface of a computing system comprising at least one processor, a memory, and the communication interface, a plurality of physical-storage-media identifiers stored on a plurality of physical storage media approved for use by an organization associated with the computing system; generating, by the at least one processor, for each physical storage medium of the plurality of physical storage media approved for use by the organization, and in a log stored in the memory, an entry comprising a physical-storage-media identifier, of the plurality of physical-storage-media identifiers, stored on the physical storage medium; receiving, by the computing system, via the communication interface, and from a first computing device, a request to write a first portion of secure data stored in the memory to a first physical storage medium; receiving, by the computing system, via the communication interface, and from a second computing device, a request to write a second portion of the secure data stored in the memory to a second physical storage medium; responsive to a determination by the at least one processor that the request to write the first portion of the secure data stored in the memory to the first physical storage medium comprises a first physical-storage-media identifier that is amongst the plurality of physical-storage-media identifiers:
instructing, by the computing system and via the communication interface, the first computing device to write the first portion of the secure data stored in the memory to the first physical storage medium; andupdating, by the at least one processor, an entry, of the log stored in the memory, comprising the first physical-storage-media identifier that is amongst the plurality of physical-storage-media identifiers to reflect that the computing system instructed the first computing device to write the first portion of the secure data stored in the memory to the first physical storage medium; and responsive to a determination by the at least one processor that the request to write the second portion of the secure data stored in the memory to the second physical storage medium comprises a second physical-storage-media identifier that is amongst the plurality of physical-storage-media identifiers:
failing, by the computing system, to instruct the second computing device to write the second portion of the secure data stored in the memory to the second physical storage medium; andupdating, by the at least one processor, an entry, of the log stored in the memory, comprising the second physical-storage-media identifier that is amongst the plurality of physical-storage-media identifiers to reflect that the computing system failed to instruct the second computing device to write the second portion of the secure data stored in the memory to the second physical storage medium. |
