Factor et al., 2007 - Google Patents
Capability based secure access control to networked storage devicesFactor et al., 2007
View PDF- Document ID
- 10110296440584085928
- Author
- Factor M
- Naor D
- Rom E
- Satran J
- Tal S
- Publication year
- Publication venue
- 24th IEEE Conference on Mass Storage Systems and Technologies (MSST 2007)
External Links
Snippet
Today, access control security for storage area networks (zoning and masking) is implemented by mechanisms that are inherently insecure, and are tied to the physical network components. However, what we want to secure is at a higher logical level …
- 230000000873 masking 0 abstract description 11
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/86—Secure or tamper-resistant housings
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/02—Addressing or allocation; Relocation
- G06F12/08—Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
- G06F12/0802—Addressing of a memory level in which the access to the desired data or data block requires associative addressing means, e.g. caches
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2143—Clearing memory, e.g. to prevent the data from being stolen
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101449275B (en) | Systems and methods for secure access control of storage devices | |
| CN104520869B (en) | Trusted Execution Environment Virtual Machine Cloning | |
| US20090276774A1 (en) | Access control for virtual machines in an information system | |
| US8417967B2 (en) | Storage device data encryption using a binary large object (BLOB) | |
| US10102356B1 (en) | Securing storage control path against unauthorized access | |
| Azagury et al. | Towards an object store | |
| US9047468B2 (en) | Migration of full-disk encrypted virtualized storage between blade servers | |
| US7620984B2 (en) | Method of managing computer system | |
| US9147081B2 (en) | Method of access control to stored information and system thereof | |
| US11507285B1 (en) | Systems and methods for providing high-performance access to shared computer memory via different interconnect fabrics | |
| CN104471584B (en) | Web-based management of protected data sets | |
| JP2023551462A (en) | Implementing resilient deterministic encryption | |
| Kappes et al. | Multitenant access control for cloud-aware distributed filesystems | |
| Yang et al. | Authenticated storage using small trusted hardware | |
| Factor et al. | Capability based secure access control to networked storage devices | |
| US11502853B2 (en) | Establishing trust on a data storage network | |
| US9087201B2 (en) | System and methods for host enabled management in a storage system | |
| US11200321B2 (en) | Maintaining trust on a data storage network | |
| Johnson et al. | Parma: Confidential Containers via Attested Execution Policies | |
| JP4948938B2 (en) | Method and apparatus for authorizing cross-partition commands | |
| Anciães | A Trusted and Privacy-Enhanced In-Memory Data Store | |
| Huawei Technologies Co., Ltd. | Cloud Computing System | |
| Kappes | Scalable Access Control for Secure Multi-Tenant Filesystems | |
| Jain et al. | A survey on design and implementation of out-of-band storage virtualization | |
| Butler et al. | Autonomously Secure Disks |