Disc drives and other storage subsystems, including flash memory devices and removable storage devices, typically have a processor (sometimes called a microprocessor) in their built-in electronics. Computing devices offer more and more security features every day, from improved encryption technologies to personal firewalls and the like. Recently, storage devices (both internal and external to host computer systems and stand-alone storage systems) have been designed and/or configured to offer some level of additional security.
One security technique is described in co-pending application Ser. No. 09/912,931, filed on Jul. 25, 2001, entitled “METHODS AND SYSTEMS FOR PROMOTING SECURITY IN A COMPUTER SYSTEM EMPLOYING ATTACHED STORAGE DEVICES ”, which is incorporated herein by reference in its entirety. Another technique is described in co-pending application Ser. No. 10/984,368, filed Nov. 9, 2004, entitled “SYSTEM AND METHOD FOR DELIVERING VERSATILE SECURITY, DIGITAL RIGHTS MANAGEMENT, AND PRIVACY SERVICES FROM STORAGE CONTROLLERS”, which is incorporated herein by reference in its entirety.
One type of security technique uses security partitions of a storage device to host security provider applications and files. Security sessions can be initiated with the security provider applications and files on the storage device over an interface. As used herein, the term “session” refers to an interaction between system entities (such as a host computer and a storage device), sometimes involving a user, wherein a selected state is maintained for the duration of the interaction. Such an interaction may not be limited to a single connection between the system entities. Generally, a security session comprises a secure interaction with data and/or computer readable instructions stored, for example, in one or more security partitions implemented on the storage device.
Conventionally, sessions are terminated by the host system. However, there are instances where system security or system priorities dictate a need to terminate a session before the activity occurring within the session is complete or before the session terminates due to completion. Unfortunately, the host system is ill-equipped to detect such scenarios.
Therefore, there is an ongoing need for a means for detecting a termination condition and for terminating the security session. Embodiments of the present invention provide solutions to these and other problems, and offer other advantages over the prior art.