The present invention relates to storage devices, and more particularly, to techniques for providing security for the contents of storage devices, such as hard disk drives.
The enactment of strong privacy legislation at the state and federal level in recent years has put pressure on businesses to secure their data. Because of this legislation, it has become increasingly important for companies to prove that data is secure.
AT Attachment (ATA) is a standard interface for connecting storage devices such as hard disks and CD-ROM drives inside personal computers. The ATA specifications contain a security locking mechanism that protects data stored on a storage device, such as a hard disk drive. The security locking mechanism provides two passwords, a user password and a master password. The passwords are used to provide access control to the data on the storage device.
Access control is enabled by setting the user password with the Security Set Password command. Once access control has been enabled, a hard disk drive (HDD) automatically comes up into a locked state whenever it is powered on. In this locked state, the hard disk drive does not allow access to its data and accepts only a limited number of commands, such as Identify Device. The Security Unlock command with the user password unlocks the HDD temporarily until its next power cycle. When the computer is cold booted, the hard disk drive locks the data again. The access control feature can be permanently disabled by entering the user password and a Security Disable command, which can only be issued when the HDD is in an unlocked state. Once the access control feature has been disabled, a user can access the data on the HDD after reboot without entering a password.
The function of the master password is determined by a security level setting (“high” or “maximum”), which is specified when either of the passwords (master or user) is set. When the security level is set to “high”, the master password can unlock the data in the event that the user password is lost. When the “maximum” security level is selected, only the user password provides access to the data. The maximum security level disables the use of the master password for accessing the data or turning off the security locking mechanism.
In the maximum security level, the administrator can only unlock the data with the master password after performing a Secure Erase of the disk. The Secure Erase command erases all of the data on the disk and disables the access control mechanism. The Secure Erase command can be issued either when the HDD is in an unlocked state, or after authentication with the master password when the HDD is in a “high” level of security.
The ATA security locking mechanism ensures that data is inaccessible as long as the security locking mechanism has not been turned off. However, because the Security Disable command can be activated with the User password, a business runs the risk that an employee may turn off the security locking mechanism before the data is lost or stolen.
Therefore, it would be desirable to provide more secure techniques for controlling access to data on storage devices.