| 发明名称 | Secure storage of full disk encryption keys | ||
| 摘要 | Data is securely stored on a storage device by encoding a data block into multiple encoded blocks, any number of which can be recombined to recover the data block. The encoded blocks are stored at known logical locations corresponding to physical locations on a storage device that change over time. When the data needs to be destroyed, at least one of the encoded blocks is overwritten with arbitrary data. In one aspect, the encoded blocks include at least one random block that is used to encode the data block. In another aspect, the known logical locations are stored in metadata. | ||
| 申请公布号 | US9235532(B2) | 申请公布日期 | 2016.01.12 |
| 申请号 | US201113153311 | 申请日期 | 2011.06.03 |
| 申请人 | Apple Inc. | 发明人 | Callas Jonathan D.;Reece Russell D. |
| 分类号 | G06F11/30;G06F12/14;G06F21/60;G06F21/78 | 主分类号 | G06F11/30 |
| 代理机构 | Blakely, Sokoloff, Taylor & Zafman LLP | 代理人 | Blakely, Sokoloff, Taylor & Zafman LLP |
| 主权项 | 1. A method comprising: generating, by a processor, a plurality of random blocks of a pre-determined size for each data block to be encoded, the pre-determined size based on an allocation unit of a storage device; encoding, by the processor, a first data block into a single encoded data block of the pre-determined size using the plurality of generated random blocks, the single encoded data block generated by performing a mathematical operation on the first data block and each generated random block, wherein the single encoded data block and at least a subset of the generated random blocks are recombined to recover the first data block; storing the single encoded data block and each generated random block separately at different known logical locations, wherein a physical location on the storage device that corresponds to a known logical location changes over time; and overwriting at least one of the stored generated random blocks with arbitrary data. | ||
| 地址 | Cupertino CA US | ||