1. Technical Field
Various embodiments relate generally to computer security. More particularly, embodiments provide for a data storage device to locally implement one or more of its own local security management processes.
2. Background Art
Computers and computer networks must deal with the rapid growth in malware variants and a corresponding decrease in the number of computer platforms (clients, servers, etc) that are infected by the same malware variant. Moreover, malware creators are building security threats that are increasingly stealthy, e.g. including capabilities that turn off anti-malware software (AVS) and/or feed false disk-data to AVS applications. The increasing variety and capabilities of malware has reduced the level of trust in host system execution environments for maintaining up-to-date AVS solutions.
Under current techniques, security management processes to evaluate security state of a data storage device (DSD)—such as malware detection and/or malware recovery—are performed in a host platform to which the DSD is connected. Accordingly, compromising the security state of such a host platform results in a compromising of security management for the storage device coupled thereto.
Moreover, the scalability of mechanisms for updating such security management capabilities in chipsets of various host platforms may be limited. The volume of platforms that can implement a particular security improvement may depend on the install base of host chipsets which already have required and/or compatible hardware for that security solution. For example, the introduction of a virtualization instruction set for a particular type of central processing unit (CPU) may be limited by the need to first establish a root of trust, which may (for example) require that a chipset which includes that CPU also includes a Trusted Platform Module (TPM) like component. Security solutions which require the presence of such additional enabling ingredients in a host chipset may be limited in their scalability.
The limitations of implementing security management in a host chipset, and the limitations to updating such security management implementations, leaves existing computer platforms susceptible to attacks from increasingly dangerous malware.