主权项 |
1. A storage device connected to a host, the storage device comprising:
a storage unit configured to write encrypted data in and read the encrypted data from a storage medium that stores the encrypted data, the storage unit including: an encryption processing unit that encrypts data from a host and decrypts the encrypted data from the storage medium, an authentication processing unit configured to perform an authentication process using a first password set to a first band on the storage medium, a second password set to a second band on the storage medium, the first and second bands being virtual storage areas set to the storage medium, and a storage region managing unit configured to set the first band and the second band to the storage medium, the first band being remaining virtual storage areas other than the second band, a range of the first band being all of the virtual storage areas of the storage medium when a range of the second band is set to zero, a range of the first band being set to zero when a range of the second band is set to all of the virtual storage areas of the storage medium, the first band being enabled to be accessed and used to perform data reading and data writing between the host and the storage unit when the authentication processing unit successfully performs access authentication based on a first password, a range of the second band being set to zero to be released when the authentication processing unit successfully performs access authentication based on the second password, and a controller configured to control the storage unit in accordance with a request provided from the host, wherein the controller performs a disconnecting process of the storage unit, the disconnection process including:
instructing the storage region management unit to set the second band to same virtual storage areas as the first band to release the first band when the first band is set on all of the virtual storage areas set to the storage medium, andinstructing the storage region management unit to disconnect the storage unit from the controller, wherein,
the authentication processing unit configured to perform an authentication process using a third password and a fourth password set to the second band, andthe storage region managing unit configure to erase the second password to set the fourth password for the second band when the authentication processing unit successfully performs access authentication based on the third password, a size of the second band being set to zero to be release when the authentication processing unit successfully performs access authentication based on the fourth password, the first band being enabled to be accessed and used to perform data reading and data writing between the host and the storage unit when the authentication processing unit successfully performs access authentication based on the first password after the second band is released, wherein the controller performs a re-connection process of the storage unit after the disconnection process, the re-connection process including: instructing the storage unit to authenticate the third password, instructing the storage unit to erase the second password and set a new password for the second band when receiving a notification of an authentication success of the third password from the storage unit, requesting the storage unit to transmit the new password for the second band, instructing the storage unit to authenticate the fourth password when receiving the fourth password as the new password from the storage unit, instructing the storage unit to release the second band when receiving a notification of authentication success of the fourth password from the storage unit, requesting a first password for the first band to the host, instructing the storage unit to authenticate the first password from the host when receiving the first password from the host, and enabling the storage unit to be accessed by the host when receiving a notification of authentication success of the first password received from the host. |