Security is a critical issue with almost all aspects of computer use. Mass storage systems, such as hard disk drives attached to computers, contain valuable information which is vulnerable to data theft. A great deal of money and effort is being applied to guarding personal, corporate, and government security information.
The most common means of providing mass storage security is to authenticate the owner with a computer entered password. A password is validated by a value previously written into a configuration file stored within the mass storage device. A utility program compares the password against this value, and if a match occurs, the mass storage device will open. Alternatively, the password itself is used as the encryption key to encrypt/decrypt data stored in the mass storage system.
More recently, biometric password systems have been incorporated into some mass storage systems. The user is authenticated by comparing a fingerprint against one stored on the host computer or the mass storage system itself. Since reliability is still an issue with biometric based authentication, it is common practice to provide a password in case a valid user is unable to complete the biometric authentication process.
Some storage systems are equipped with integrated authentication hardware and software, allowing a user to enter a PIN directly on the drive, thus bypassing the need for computer entered passwords.
Unfortunately, all these methods for protecting data do not solve the problem of unlocked and accessible mass storage systems that are left unattended. Once unlocked and connected to their host, mass storage systems remain open until the user performs an operation to re-lock the data. If the authorized user leaves the computer unattended, access to the data in the storage system remains open to unauthorized users.
Thus, a need still remains for securing data in mass storage systems when they are left unattended. In view of the increasing use of mass-storage systems as a means of storage of sensitive data, it is increasingly critical that answers be found to this problem. Additionally, the need to reduce costs, improve efficiencies and performance, and meet competitive pressures adds an even greater urgency to the critical necessity for finding answers to these problems.
Solutions to these problems have been long sought but prior developments have not taught or suggested any solutions and, thus, solutions to these problems have long eluded those skilled in the art.