Portable storage devices are becoming smaller in size and greater in storage capacity, thereby enabling computer users to become increasingly mobile. Today, a user can easily carry multiple gigabytes of data between computing devices on a physically small, capacity dense portable storage device such as a Universal Serial Bus (“USB”) memory stick. Such a device conveniently fits in a shirt pocket or on a keychain, and thus can be used, for example, to move data between computing devices the user operates at different physical locations (e.g., a work computer, a home computer, a computer owned by a third party and temporarily accessed by the user, etc.). Some portable storage devices even have onboard processors as well as storage capability.
These developments in storage device technology create significant data protection challenges for organizations (e.g., companies, universities, governmental departments, etc.). Contemporary portable storage devices are commonly equipped with ubiquitous interfaces such as USB, allowing them to be plugged into virtually any computer. Their small size and vast storage capacity provide an invitation for users to take them wherever they go, and thus potentially to plug them into a variety of computers in order to access and work with organization data outside of the controlled workplace environment (e.g., at home, at an Internet cafe while on vacation, etc.). In the controlled computing environment within an organization, an IT administrator or the like can ensure the integrity of the computing devices, and by extension of the enterprise data being processed thereon. In contrast, there are limited or no guarantees about the integrity state of a computing device outside a controlled environment (e.g., the user's home computer). By taking organization data offsite and accessing it from computer systems not internally authenticated by the organization, the organization data is put at risk. Because an external computer system from which the data is being accessed could be infected with malware or otherwise compromised, the organization's data could be stolen, hacked or otherwise misused, without the knowledge of the user. Enforcing an organization's security policy on computers outside of the organizations physical control is a major problem for organizations.
Some existing systems allow the host (i.e., the computing device to which the portable storage device is being connected) to validate the portable storage device. For example, SanDisk Trusted Flash addresses the issue of a host validating a portable storage device, and leverages the Opal specification from the Trusted Computing Group, which provides a framework for hosts to validate portable devices. Similarly, Microsoft BitLocker to Go uses the host to perform validation of the portable storage device. However, these systems do not allow or otherwise consider the portable storage device to be independently capable of performing enforcement functionality concerning the host. In another arena, IronKey is a company that manufactures secure USB flash drives, which can have partitions that are initially inaccessible. To access the secure partitions of these devices, the user provides a credential to the device. However, no functionality for validation of the host is provided. Just authenticating the user without authenticating the host is insufficient, because the host could be compromised without the knowledge of the user.
A mechanism also exists for validating hosts using a mobile phone. However, since the validation is being performed from the mobile phone, a separate means of reliably identifying the specific host in question is required. This is so because the mobile device is not physically connected to the host, and thus one is unsure of which host is being validated without some other, independent mechanism. In addition, the mobile phone validation mechanism requires a virtual machine image to be downloaded from the cloud in order to access data once a host is validated. Thus, this mechanism does not enable identification of which host is being validated, nor does it provide local access to stored data once a given host is validated.
Although authenticating the portable storage device and/or the user can both be useful, neither of these methodologies protects against connecting a portable storage device to a compromised host, which is a risk even where the user and/or the portable storage device are authenticated. Furthermore, because these methods implement security at a host level, the host is always subject to attacks in order to compromise its in-memory security features, such as keys. On the other hand, attempting to validate a host from a mobile phone in order to access data from the cloud does not allow for identification of which host is being validated, nor for access of local data on a portable device.