Patents by Inventor Danny O. Ybarra

Danny O. Ybarra has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9424400
    Abstract: The present invention relates to digital rights management (DRM) for content that may be downloaded and securely transferred from one storage to another storage. The storage may be a disk drive, or network attached storage. The storage performs cryptographic operations and provides a root of trust. The DRM system enables secure copying or transfer of content from one storage device to another storage device. In this embodiment, a trusted server that is authenticated and trusted by both storage devices brokers the transfer of content. The trusted server may be a separate entity of the DRM system or may be a component or function of an existing server of the DRM system. In another embodiment, the storage devices may transfer content in a peer-to-peer fashion. The transfer of content may be authorized and controlled based on a digital certificate associated with the content.
    Type: Grant
    Filed: December 15, 2014
    Date of Patent: August 23, 2016
    Assignee: Western Digital Technologies, Inc.
    Inventors: David L. Blankenbeckler, Danny O. Ybarra, Lambertus Hesselink
  • Patent number: 9342701
    Abstract: The present invention relates to digital rights management (DRM) for content that downloaded and saved to a storage device. The storage may be a disk drive, or network attached storage. In addition, the storage device performs cryptographic operations and provides a root of trust. The DRM employs a binding key, a content key, and an access key. The binding key binds the content to a specific storage and is based on a key that is concealed on the storage. The binding key is not stored on the storage device with the content. The content key is a key that has been assigned to the content. The access key is determined based on a cryptographic combination of the content key and the binding key. In one embodiment, the content is provisioned based on the access key and stored in encrypted form in the storage device.
    Type: Grant
    Filed: August 20, 2014
    Date of Patent: May 17, 2016
    Assignee: Western Digital Technologies, Inc.
    Inventors: David L. Blankenbeckler, Danny O. Ybarra, Lambertus Hesselink
  • Patent number: 9305142
    Abstract: Embodiments described herein include systems and methods for managing security of a storage subsystem. Certain of these embodiments involve the use of a buffer protection module configured to intelligently police requests for access to the subsystem buffer memory.
    Type: Grant
    Filed: December 19, 2011
    Date of Patent: April 5, 2016
    Assignee: Western Digital Technologies, Inc.
    Inventors: Danny O. Ybarra, Marvin R. Deforest, Alan T. Meyer
  • Patent number: 9164694
    Abstract: Disclosed herein is a data storage device comprising data storage media comprising a plurality of data sectors and control circuitry programmed to: receive a command from a host to cryptographically erase at least a portion of data stored on the data storage media; execute a cryptographic erase; receive a read command from the host to read a data sector in the data storage media; determine if the data sector has been cryptographically erased; and return configurable return data to the host in response to determining that the data sector has been cryptographically erased.
    Type: Grant
    Filed: June 19, 2013
    Date of Patent: October 20, 2015
    Assignee: Western Digital Technologies, Inc.
    Inventors: Danny O. Ybarra, Asif F. Gosla, Virgil V. Wilkins
  • Patent number: 8831218
    Abstract: The present invention relates to digital rights management (DRM) for content that downloaded and saved to a storage device. The storage may be a disk drive, or network attached storage. In addition, the storage device performs cryptographic operations and provides a root of trust. The DRM employs a binding key, a content key, and an access key. The binding key binds the content to a specific storage and is based on a key that is concealed on the storage. The binding key is not stored on the storage device with the content. The content key is a key that has been assigned to the content. The access key is determined based on a cryptographic combination of the content key and the binding key. In one embodiment, the content is provisioned based on the access key and stored in encrypted form in the storage device.
    Type: Grant
    Filed: April 30, 2012
    Date of Patent: September 9, 2014
    Assignee: Western Digital Technologies, Inc.
    Inventors: David L. Blankenbeckler, Danny O. Ybarra, Lambertus Hesselink
  • Publication number: 20130266137
    Abstract: The present invention relates to digital rights management (DRM) for content that may be downloaded and bound to a storage device. The storage device may be an intelligent storage device, such as a disk drive, or network attached storage. In addition, the storage device is capable of performing cryptographic operations and providing a root of trust. In one embodiment, the DRM employs a binding key, a content key, and an access key. The binding key binds the content to a specific storage and is based on a key that is concealed on the storage. However, the binding key is not stored on the storage with the content. The content key is a key that has been assigned to the content, for example, by a trusted third party. The access key is determined based on a cryptographic combination of the content key and the binding key. In one embodiment, the content is encrypted based on the access key and stored in encrypted form in the storage device.
    Type: Application
    Filed: April 30, 2012
    Publication date: October 10, 2013
    Applicant: Western Digital Technologies, Inc.
    Inventors: David L. BLANKENBECKLER, Danny O. Ybarra, Lambertus Hesselink
  • Patent number: 8375225
    Abstract: Data storage devices having one or more data security features are provided according to various embodiments of the present invention. In one embodiment, a data storage device comprises buffer and a buffer client. The buffer client comprises a scrambler configured to receive a configuration setting and a secret key on a certain event, to configure a scrambling function based on the received configuration setting, and to scramble data with the secret key using the scrambling function, wherein the buffer client is configured to write the scrambled data to the buffer.
    Type: Grant
    Filed: December 11, 2009
    Date of Patent: February 12, 2013
    Assignee: Western Digital Technologies, Inc.
    Inventor: Danny O. Ybarra
  • Patent number: 8281218
    Abstract: Data storage devices are provided according to various embodiments of the present invention. In one embodiment, a data storage device comprises a host interface, a buffer, a storage media interface, and a data manipulation engine. The data manipulation engine comprises a receive pipe configured to read first and second data blocks from first and second locations in the buffer and to check the validity of the first and second data blocks, an arithmetic logic unit configured to perform a logic operation on first and second user data of the first and second data blocks, respectively, to generate third user data, and a transmit pipe configured to receive the third user data from the arithmetic logic unit, to generate and append a third checksum to the third user data to produce a third data block, and to write the third data block to a third location in the buffer.
    Type: Grant
    Filed: November 2, 2009
    Date of Patent: October 2, 2012
    Assignee: Western Digital Technologies, Inc.
    Inventors: Danny O. Ybarra, Jeffrey O. Thomas
  • Publication number: 20120159042
    Abstract: A data storage device is disclosed comprising a non-volatile memory (NVM) including a plurality of sectors each having a sector size. An access command is received from a host, wherein the access command identifies a plurality of host blocks having a host block size less than the sector size. A plurality of the host blocks are mapped to a target sector. When the target sector spans an encryption zone boundary defined by the host blocks, a NVM command is generated identifying a first key corresponding to a first encryption zone and a second key corresponding to a second encryption zone. The NVM command is executed as a unitary operation to access a first part of the target sector using the first key and access a second part of the target sector using the second key.
    Type: Application
    Filed: December 21, 2010
    Publication date: June 21, 2012
    Applicant: WESTERN DIGITAL TECHNOLOGIES, INC.
    Inventors: GLENN A. LOTT, JEAN KODAMA, DANNY O. YBARRA