Abstract: According to embodiments, a storage device includes a storage unit, a receiving unit, an authenticating unit, and a control unit. Prior to executing erasure processing of data that has been stored in the storage unit, the receiving unit receives, from an external device that clocks time, third information including first information and second information, the first information regarding time counted by the external device and the second information being information for authenticating the external device. The authenticating unit performs authentication processing of the external device by using the second information included in the third information. When the authentication of the external device has succeeded, the control unit generates an erasure log that contains erasure time when the erasure processing has been executed on the basis of the first information included in the third information. When the authentication of the external device has failed, the execution of the erasure processing is prohibited.

Abstract: According to one embodiment, a storage device includes, when power is supplied to a storage unit, counting of an elapsed time is started. If a command is input from a host device, and the elapsed time from input of a previous command to input of a current command is calculated based on time information clocked by the host device and on a counter value counted until the corresponding command is input. Matching of the time information is determined based on a temporal relation between the adding result of adding the calculated elapsed time to the time information included in the previous command and the time information included in the current command. When the mismatching is determined, data in the storage unit is invalidated.

Abstract: According to one embodiment, a storage device that has a nonvolatile semiconductor memory includes an authentication information storage unit that previously stores first apparatus authentication information to authenticate an authorized host device and first user authentication information to authenticate an authorized user. The storage device executes apparatus authentication on the basis of second apparatus authentication information received from a newly connected host device and the first apparatus authentication information in the authentication information storage unit and executes an invalidation process of user data stored in the nonvolatile semiconductor memory, when the apparatus authentication is failed.

Abstract: According to one embodiment, a storage device includes, when power is supplied to a storage unit, counting of an elapsed time is started. If a command is input from a host device, and the elapsed time from input of a previous command to input of a current command is calculated based on time information clocked by the host device and on a counter value counted until the corresponding command is input. Matching of the time information is determined based on a temporal relation between the adding result of adding the calculated elapsed time to the time information included in the previous command and the time information included in the current command. When the mismatching is determined, data in the storage unit is invalidated.

Abstract: According to one embodiment, a storage device that has a nonvolatile semiconductor memory includes an authentication information storage unit that previously stores first apparatus authentication information to authenticate an authorized host device and first user authentication information to authenticate an authorized user. The storage device executes apparatus authentication on the basis of second apparatus authentication information received from a newly connected host device and the first apparatus authentication information in the authentication information storage unit and executes an invalidation process of user data stored in the nonvolatile semiconductor memory, when the apparatus authentication is failed.

Abstract: A data storage device includes a recording medium including a data region for recording data and a nonvolatile recording unit distinct from the data region. In response to a request for executing erase processing with respect to the recording medium, first time information corresponding to initiation of the erase processing in the nonvolatile recording unit is stored, the erase processing after storing the first time information is executed, and second time information corresponding to completion of the erase processing is stored in the nonvolatile recording unit.

Abstract: According to one embodiment, a storage device that has a nonvolatile semiconductor memory includes an authentication information storage unit that previously stores first apparatus authentication information to authenticate an authorized host device and first user authentication information to authenticate an authorized user. The storage device executes apparatus authentication on the basis of second apparatus authentication information received from a newly connected host device and the first apparatus authentication information in the authentication information storage unit and executes an invalidation process of user data stored in the nonvolatile semiconductor memory, when the apparatus authentication is failed.

Abstract: According to one embodiment, a storage device that has a nonvolatile semiconductor memory includes an authentication information storage unit that previously stores first apparatus authentication information to authenticate an authorized host device and first user authentication information to authenticate an authorized user. The storage device executes apparatus authentication on the basis of second apparatus authentication information received from a newly connected host device and the first apparatus authentication information in the authentication information storage unit and executes an invalidation process of user data stored in the nonvolatile semiconductor memory, when the apparatus authentication is failed.

Abstract: According to one embodiment, a memory device includes a third partial key write module, an encryption key write module, and a decryption module. The third partial key write module is configured to combine a second partial key received from the current host device with the first partial key in the partial key memory device and to write a generated third partial key into the volatile memory after the device authentication. The encryption key write module is configured to combine the third partial key with the second user authentication information and to write a generated encryption key into the volatile memory after the user authentication. The decryption module is configured to decrypt the encrypted data based on the encryption key in the volatile memory based on a read request received from the current host device and to output obtained data to the current host device when the user authentication has succeeded.

Abstract: According to one embodiment, a data storage device includes an encryption module, a write module, and a controller. The encryption module encrypts or decrypts data. The write module writes, on a storage medium, encrypted data of data received from a host, the encrypted data being encrypted by the encrypting module. The controller causes the encryption module to encrypt data received from a host and to transfer the encrypted data to the write module through a buffer memory, during normal encryption process, and to re-encrypt the data recorded on the storage medium, during re-encryption process. During the re-encryption process, the controller causes the encryption module to decrypt the encrypted data read from the storage medium, to store the decrypted data into the buffer memory, and to re-encrypt the decrypted data from the buffer memory by the encryption module and to transfer the re-encrypted data to the write module.

Abstract: According to one embodiment, a storage device encrypts/decrypts data with an encryption key to write/read the data to/from the storage area. In the storage device, an elapsed time counter starts counting triggered by turning on of the storage device. A receiver receives a command containing a password and time information from a host device. The time information indicates current date and time. A calculator calculates elapsed the from last command input to current command input based on the time information and a counter value. An adder adds the elapsed time to time information contained in a command received last time. A time information determination module determines the consistency of the time information. A disabling module disables the encryption key if the time information is not consistent. An authentication module authenticates the password if the time information is consistent and allows access to the storage area if the password is successfully authenticated.

Abstract: According to one embodiment, a storage device includes: a control circuit configured to perform a write retry when data writing fails, wherein the control circuit recognizes that read commands are issued at regular intervals for reproducing continuous pieces of data, and upon detecting an error requiring the write retry to be performed in the data writing by a write command received during the reproduction, the control circuit interrupts the data writing, perform data reading to store the data in the buffer memory after allocating a storage area for the data in the buffer memory, and then resumes the data writing.

Abstract: According to one embodiment, a storage device includes, when power is supplied to a storage unit, counting of an elapsed time is started. If a command is input from a host device, and the elapsed time from input of a previous command to input of a current command is calculated based on time information clocked by the host device and on a counter value counted until the corresponding command is input. Matching of the time information is determined based on a temporal relation between the adding result of adding the calculated elapsed time to the time information included in the previous command and the time information included in the current command. When the mismatching is determined, data in the storage unit is invalidated.

Abstract: According to one embodiment, a storage device that has a nonvolatile semiconductor memory includes an authentication information storage unit that previously stores first apparatus authentication information to authenticate an authorized host device and first user authentication information to authenticate an authorized user. The storage device executes apparatus authentication on the basis of second apparatus authentication information received from a newly connected host device and the first apparatus authentication information in the authentication information storage unit and executes an invalidation process of user data stored in the nonvolatile semiconductor memory, when the apparatus authentication is failed.

Abstract: According to one embodiment, a data storage device includes an encryption module, a write module, and a controller. The encryption module encrypts or decrypts data. The write module writes, on a storage medium, encrypted data of data received from a host, the encrypted data being encrypted by the encrypting module. The controller causes the encryption module to encrypt data received from a host and to transfer the encrypted data to the write module through a buffer memory, during normal encryption process, and to re-encrypt the data recorded on the storage medium, during re-encryption process. During the re-encryption process, the controller causes the encryption module to decrypt the encrypted data read from the storage medium, to store the decrypted data into the buffer memory, and to re-encrypt the decrypted data from the buffer memory by the encryption module and to transfer the re-encrypted data to the write module.

Abstract: According to one embodiment, a storage device electrically connected to a host includes a storage module, an access restriction module, a first restricted access open module, and a second restricted access open module. The storage module is configured to store therein data. The access restriction module is configured to restrict an access from the host to the storage module after power of the storage device is turned on. The first restricted access open module is configured to open the restricted access from the host to the storage module based on a first command for opening the restricted access from the host. The second restricted access open module is configured to open the restricted access from the host to the storage module based on a second command for carrying out an operation different from the opening of the restricted access from the host.

Abstract: According to one embodiment, a storage device encrypts/decrypts data with an encryption key to write/read the data to/from the storage area. In the storage device, an elapsed time counter starts counting triggered by turning on of the storage device. A receiver receives a command containing a password and time information from a host device. The time information indicates current date and time. A calculator calculates elapsed time from last command input to current command input based on the time information and a counter value. An adder adds the elapsed time to time information contained in a command received last time. A time information determination module determines the consistency of the time information. A disabling module disables the encryption key if the time information is not consistent. An authentication module authenticates the password if the time information is consistent and allows access to the storage area if the password is successfully authenticated.

Abstract: According to one embodiment, a memory device includes a third partial key write module, an encryption key write module, and a decryption module. The third partial key write module is configured to combine a second partial key received from the current host device with the first partial key in the partial key memory device and to write a generated third partial key into the volatile memory after the device authentication. The encryption key write module is configured to combine the third partial key with the second user authentication information and to write a generated encryption key into the volatile memory after the user authentication. The decryption module is configured to decrypt the encrypted data based on the encryption key in the volatile memory based on a read request received from the current host device and to output obtained data to the current host device when the user authentication has succeeded.

Abstract: According to some embodiments, there is provided a recording device. The recording device includes: a recording medium having a plurality of sectors; a first writing module configured to write, on a first sector of the plurality of sectors, a first data encrypted using a first encryption key and first encryption key information indicative of the first encryption key; and a re-encrypting module configured to: read the first data from the recording medium; decrypt the first data using the first encryption key to generate decrypted first data; encrypt the decrypted first data using a second encryption key to generate encrypted second data; and write, on the first sector, the encrypted second data and second encryption key information indicative of the second encryption key.

Abstract: A controller of a storage device having a user area storing an operating system, the storage device developing the operating system stored in the user area on a host device in accordance with an access from the host device. The controller includes a user authentication routine storage controlling unit that stores a user authentication routine for executing user authentication before startup of the operating system, in a predetermined area inside the user area, and an access controlling unit that permits access to the predetermined area from the host device when the user authentication routine is used, while prohibiting access to the predetermined area from the host device when the user authentication routine is not used.