Patents by Inventor Manuel A. Offenberg

Manuel A. Offenberg has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20210067509
    Abstract: The technology disclosed herein provides a system for allowing users to login into one or more devices without a password. Implementations of the system include one or more biometric data collection devices (shoe, glasses, watch) and a device configured to store one or more user identification data, receive a request for user verification, request user's biometric data from one or more of the biometric data collection devices, generate a personal unclonable function (PUF) value based on combination of at least one of the user identification data and the user's biometric data, and verify the user's identity by comparing the PUF value to the user's PUF benchmark.
    Type: Application
    Filed: September 3, 2019
    Publication date: March 4, 2021
    Inventors: Jiangnan LIN, Xiong LIU, Wendy Pui Lai WONG, Padmaja KANNAN, Manuel OFFENBERG
  • Patent number: 9716594
    Abstract: Systems and methods are disclosed for performing data sanitization at a data storage device (DSD). In an embodiment, an apparatus may comprise a controller configured to receive a data sanitization command from a host, perform a data sanitization operation to securely erase data from a memory, produce an attestation including information related to the data sanitization operation, and sign the attestation to produce a signed attestation. In another embodiment, a memory device may store instructions that cause a processor to perform a method comprising performing a data sanitization operation to securely erase data from a data storage medium, generating an attestation including information related to the data sanitization operation, and digitally signing the attestation using an authentication key.
    Type: Grant
    Filed: February 7, 2014
    Date of Patent: July 25, 2017
    Assignee: Seagate Technology LLC
    Inventors: Manuel A. Offenberg, Monty Forehand
  • Patent number: 9584498
    Abstract: The present disclosure relates to feature activation using near field communication. In an embodiment, a device may include a chip to receive and store wireless communications. An activation package may be stored to the chip, and identify a set of features to enable or disable on the device. The device may include a processor to detect the activation package and initiate device operations based on the identified set of features. In some embodiments, the chip may receive and store information while the device is in a powered-off state, and the processor may detect the activation package at a power on event.
    Type: Grant
    Filed: April 4, 2014
    Date of Patent: February 28, 2017
    Assignee: Seagate Technology LLC
    Inventors: Monty A. Forehand, Christopher J DeMattio, Manuel A Offenberg
  • Patent number: 9569176
    Abstract: Apparatus and method for generating random numbers. In accordance with some embodiments, a first multi-bit string of entropy values is derived from a first entropy source having a first trust level and a different, second multi-bit string of entropy values is derived from a second entropy source having a different, second trust level. The first and second multi-bit strings of entropy values are combined in relation to the associated first and second trust levels to generate a multi-bit random number. The multi-bit random number is used as an input to a cryptographic function.
    Type: Grant
    Filed: October 30, 2014
    Date of Patent: February 14, 2017
    Assignee: Seagate Technology LLC
    Inventors: Sumanth Jannyavula Venkata, Manuel A. Offenberg, William Erik Anderson
  • Patent number: 9535676
    Abstract: The present disclosure relates to remote feature activation. In an embodiment, a device may be manufactured having firmware configured to implement multiple unique features on the device. Features may be enabled and disabled on the device later or at a remote location. Enabled features may allow the device to perform corresponding functions, and disabled features may not allow the device to perform corresponding functions. Remote feature activation may include exchanging security information between an activation entity and the device.
    Type: Grant
    Filed: April 4, 2014
    Date of Patent: January 3, 2017
    Assignee: Seagate Technology LLC
    Inventors: Monty A Forehand, Manuel A. Offenberg, Anthony R Duran, Nino Wicaksono, David R Kaiser
  • Patent number: 9489542
    Abstract: Apparatus and method for data security in a multi-device data storage enclosure. In some embodiments, the storage enclosure has a housing with opposing first and second ends. A plurality of active elements are disposed within the housing including an array of data storage devices, a control board, and an interconnection arrangement which mechanically and electrically interconnects the plurality of storage devices with the control board. A control circuit encrypts user data stored on a selected data storage device using a cryptographic encryption function and an associated cryptographic key. The key is partitioned into a plurality of portions, with each portion stored in a different one of the active elements.
    Type: Grant
    Filed: November 12, 2014
    Date of Patent: November 8, 2016
    Assignee: Seagate Technology LLC
    Inventors: Mike Miller, Manuel A. Offenberg, Sumanth Jannyavula Venkata
  • Patent number: 9489508
    Abstract: Apparatus and method for controlling access to protected functionality of a data storage device. In some embodiments, a plurality of identification (ID) values associated with a data storage device are combined to form a combined ID value. The combined ID value is cryptographically processed using a secret symmetric encryption key in combination with a hash function or a key derivation function to generate a unique device credential for the data storage device. The unique device credential is used as an input to a selected cryptographic function to control access to a protected function of the data storage device.
    Type: Grant
    Filed: November 13, 2014
    Date of Patent: November 8, 2016
    Assignee: Seagate Technology LLC
    Inventors: Monty A. Forehand, Manuel A. Offenberg, Christopher J. DeMattio
  • Patent number: 9443111
    Abstract: Apparatus and method for data security through the use of an encrypted keystore data structure. In accordance with some embodiments, first and second sets of input data are respectively encrypted using first and second encryption keys to form corresponding first and second encrypted data sets. The first and second encryption keys are combined to form a string. A hidden key stored within a system on chip (SOC) is used to encrypt the string to form an encrypted keystore data structure, and the first and second encrypted data sets and the encrypted keystore data structure are stored in a memory.
    Type: Grant
    Filed: February 28, 2014
    Date of Patent: September 13, 2016
    Assignee: Seagate Technology LLC
    Inventors: Manuel A. Offenberg, Monty A. Forehand, Christopher J. DeMattio, KianBeng Lim
  • Patent number: 9363085
    Abstract: Systems and methods are disclosed for performing data sanitization at a data storage device (DSD). In an embodiment, a controller may direct a memory device to sanitize data by securely erasing the data, generate an attestation confirming that the data was successfully sanitized, and sign the attestation using an authentication key to create a signed attestation. In another embodiment, a circuit may direct a memory device to sanitize data based on the data sanitization instruction, generate a sanitization confirmation indicating that the data was successfully sanitized, and provide the sanitization confirmation including a first thumbprint and a second thumbprint to another device. Generating the sanitization confirmation may include processing a first storage encryption key to produce the first thumbprint, directing the memory device to obliterate the first storage encryption key, and processing a second storage encryption key to produce the second thumbprint.
    Type: Grant
    Filed: November 25, 2013
    Date of Patent: June 7, 2016
    Assignee: SEAGATE TECHNOLOGY LLC
    Inventors: Manuel A Offenberg, Monty Forehand
  • Publication number: 20160140334
    Abstract: Apparatus and method for controlling access to protected functionality of a data storage device. In some embodiments, a plurality of identification (ID) values associated with a data storage device are combined to form a combined ID value. The combined ID value is cryptographically processed using a secret symmetric encryption key in combination with a hash function or a key derivation function to generate a unique device credential for the data storage device. The unique device credential is used as an input to a selected cryptographic function to control access to a protected function of the data storage device.
    Type: Application
    Filed: November 13, 2014
    Publication date: May 19, 2016
    Inventors: Monty A. Forehand, Manuel A. Offenberg, Christopher J. DeMattio
  • Publication number: 20160132699
    Abstract: Apparatus and method for data security in a multi-device data storage enclosure. In some embodiments, the storage enclosure has a housing with opposing first and second ends. A plurality of active elements are disposed within the housing including an array of data storage devices, a control board, and an interconnection arrangement which mechanically and electrically interconnects the plurality of storage devices with the control board. A control circuit encrypts user data stored on a selected data storage device using a cryptographic encryption function and an associated cryptographic key. The key is partitioned into a plurality of portions, with each portion stored in a different one of the active elements.
    Type: Application
    Filed: November 12, 2014
    Publication date: May 12, 2016
    Inventors: Mike Miller, Manuel A. Offenberg, Sumanth Jannyavula Venkata
  • Publication number: 20160124716
    Abstract: Apparatus and method for generating random numbers. In accordance with some embodiments, a first multi-bit string of entropy values is derived from a first entropy source having a first trust level and a different, second multi-bit string of entropy values is derived from a second entropy source having a different, second trust level. The first and second multi-bit strings of entropy values are combined in relation to the associated first and second trust levels to generate a multi-bit random number. The multi-bit random number is used as an input to a cryptographic function.
    Type: Application
    Filed: October 30, 2014
    Publication date: May 5, 2016
    Inventors: Sumanth Jannyavula Venkata, Manuel A. Offenberg, Williaim Erik Anderson
  • Publication number: 20160013944
    Abstract: Systems and methods are disclosed for performing data sanitization at a data storage device (DSD). In an embodiment, a controller may direct a memory device to sanitize data by securely erasing the data, generate an attestation confirming that the data was successfully sanitized, and sign the attestation using an authentication key to create a signed attestation. In another embodiment, a circuit may direct a memory device to sanitize data based on the data sanitization instruction, generate a sanitization confirmation indicating that the data was successfully sanitized, and provide the sanitization confirmation including a first thumbprint and a second thumbprint to another device. Generating the sanitization confirmation may include processing a first storage encryption key to produce the first thumbprint, directing the memory device to obliterate the first storage encryption key, and processing a second storage encryption key to produce the second thumbprint.
    Type: Application
    Filed: November 25, 2013
    Publication date: January 14, 2016
    Inventors: Manuel A. Offenberg, Monty Forehand
  • Publication number: 20160013945
    Abstract: Systems and methods are disclosed for performing data sanitization at a data storage device (DSD). In an embodiment, an apparatus may comprise a controller configured to receive a data sanitization command from a host, perform a data sanitization operation to securely erase data from a memory, produce an attestation including information related to the data sanitization operation, and sign the attestation to produce a signed attestation. In another embodiment, a memory device may store instructions that cause a processor to perform a method comprising performing a data sanitization operation to securely erase data from a data storage medium, generating an attestation including information related to the data sanitization operation, and digitally signing the attestation using an authentication key.
    Type: Application
    Filed: February 7, 2014
    Publication date: January 14, 2016
    Inventors: Manuel A Offenberg, Monty Forehand
  • Publication number: 20150248568
    Abstract: Apparatus and method for data security through the use of an encrypted keystore data structure. In accordance with some embodiments, first and second sets of input data are respectively encrypted using first and second encryption keys to form corresponding first and second encrypted data sets. The first and second encryption keys are combined to form a string. A hidden key stored within a system on chip (SOC) is used to encrypt the string to form an encrypted keystore data structure, and the first and second encrypted data sets and the encrypted keystore data structure are stored in a memory.
    Type: Application
    Filed: February 28, 2014
    Publication date: September 3, 2015
    Applicant: Seagate Technology LLC
    Inventors: Manuel A. Offenberg, Monty A. Forehand, Christopher J. DeMattio, KianBeng Lim
  • Publication number: 20150127930
    Abstract: Apparatus and method for performing authentication processing during device initialization. In accordance with some embodiments, a data storage device has a main memory which stores user data from a host, and a controller with initialization programming stored in a boot memory. The initialization programming is executed by the controller to transition the data storage device from an inactive state to a normal operational mode. During a bootstrap mode, the controller generates a first authentication token, receives a second authentication token responsive to the first authentication token, and authorizes use of new system programming responsive to the second authentication token. The new system programming is stored in a local memory of the data storage device and executed by the controller during the normal operational mode.
    Type: Application
    Filed: November 6, 2013
    Publication date: May 7, 2015
    Applicant: Seagate Technology LLC
    Inventors: Manuel A. Offenberg, Anthony R. Duran, Graham D. Ferris, Monty A. Forehand
  • Patent number: 8566603
    Abstract: A storage device that supports Trusted Computer Group (TCG) security allows management of TCG security features by a Basic Input/Output System (BIOS) using non-TCG security commands supported by the BIOS. In one implementation, a BIOS that does not support TCG security but does support ATA security can use ATA drive unlock to invoke TCG drive unlock on the storage device. Further, the storage device can be transitioned among multiple security operating modes (e.g., Undeclared, ATA security or TCG security).
    Type: Grant
    Filed: June 14, 2010
    Date of Patent: October 22, 2013
    Assignee: Seagate Technology LLC
    Inventors: Jason R. Cox, Christopher J. Demattio, Monty A. Forehand, Michael B. Danielson, James C. Hatfield, Manuel A. Offenberg
  • Publication number: 20110307709
    Abstract: A storage device that supports Trusted Computer Group (TCG) security allows management of TCG security features by a Basic Input/Output System (BIOS) using non-TCG security commands supported by the BIOS. In one implementation, a BIOS that does not support TCG security but does support ATA security can use ATA drive unlock to invoke TCG drive unlock on the storage device. Further, the storage device can be transitioned among multiple security operating modes (e.g., Undeclared, ATA security or TCG security).
    Type: Application
    Filed: June 14, 2010
    Publication date: December 15, 2011
    Applicant: SEAGATE TECHNOLOGY LLC
    Inventors: Jason R. Cox, Christopher J. Demattio, Monty A. Forehand, Michael B. Danielson, James C. Hatfield, Manuel A. Offenberg