| 摘要 |
Storage devices can provide for hardware encryption and decryption of data stored by them. The hardware cryptographic functions can be applied with reference to cryptographic information of a communicationally, and physically, separable key device. Disconnection of the separable key device can render encrypted data inaccessible. Destruction of the separable key device can result in virtual destruction of the encrypted data. The cryptographic information on the separable key device can be provided by a storage device manufacturer, or by a provisioning computing device. The separable key device can be directly communicationally coupled to a provisioning computing device or it can establish a secure communication tunnel with the provisioning device through a computing device to which the separable key device is communicationally coupled. Cryptographic information can be provided by, and deleted from, the provisioning computing device prior to completion of the booting of that device.
|
