1. Field of the Invention
The present invention pertains generally to hard disk drives and, more specifically, to dividing the physical storage area of a hard disk drive into separate storage areas.
2. State of the Art
Music, video, text, and software are all examples of things that can be encoded digitally to form digital data. Such data is being generated, copied, and stored in mass quantities on a variety of data storage devices. One of the most common forms of these data storage devices is a hard disk drive, also simply known as a “hard drive.” As illustrated with reference to
Hard drives have become ubiquitous in the computing industry. Hard drive use is also growing rapidly in the consumer electronics industry. Hard drives can be attached to a variety of host devices to provide data storage services.
Hard drives may be physically incorporated within a host device or may be physically separate. Therefore, based on the physical configuration of the host system, the hard drive may be categorized as either an internal hard drive or an external hard drive. An internal hard drive is often installed into the same physical enclosure as the host device. Separating the internal hard drive from the host device often requires turning the power off and mechanically disassociating the internal hard drive. An external hard drive on the other hand can be separated from the host device on a recurring basis without powering down or appreciable mechanical intervention. Using simple plug-in connections such as Universal Serial Bus (USB) or Firewire (IEEE 1394), external hard drives are easily moved from one host device to another.
While it is possible to create a hard drive of almost any size or dimension, the industry has built almost all drives around a few standard sizes. For example, a 3.5-inch diameter hard drive size is the most common in desktop computers while a 2.5-inch diameter hard drive size is typically common in laptop computers with small handheld devices typically including either a 1.8-inch or a 1.0-inch diameter hard drive. The smaller the drive size, the less the hard drive weighs and the less power the hard drive consumes, however, a smaller diameter hard drive also results in a reduced data storage capacity.
Generally, hard drives, regardless of size, are built using a similar basic architecture.
To overcome this problem and as illustrated in
By virtualizing the sector layouts of the drive, the IDE board (160) could now also be used to improve the speed and reliability of the hard drive. Techniques such as reading extra sectors into a track buffer 170 and reordering sector numbers within the drive could now be implemented without requiring a new disk controller in every host device. Sectors that were bad due to imperfections on the platter surface could now be remapped to a “hot fix” area of the disk thus making the flaws invisible to the host device. Using these techniques, all the usable data sectors within the disk drive could be presented to the host device as a single contiguous user space 400 as illustrated with respect to
A host device communicates with the disk drive using a set of standard commands. Two separate command sets are known and a hard drive typically confirms to either an Advanced Technology Attachment (ATA) command set or a Small Computer System Interface (SCSI) command set. Each command set contains commands for reading and writing sectors of data. A hard drive and the hard drive's associated command set make no distinction between the various types of data stored in each sector. It is up to the host device to keep track of which sectors contain system or user data and in what order they belong. It typically does this by using one or more file systems.
By organizing data in this fashion, the host device is able to create, copy, read, and delete a large number of files within the logical boundaries presented by the hard drive. Since each file can be changed at any time as well as new files being added, the total set of data stored on a hard drive changes over time. These changes to the data set can be intentional such as when a user saves a new document or copies some pictures from a camera, or the changes can be unintentional such as when a user accidentally deletes a folder or has a computer virus attack the system.
The hard drive is also often used to boot the host device. This means the host device loads the host device's operating system software 450 from the hard drive. The operating system 450 consists of a set of files located within one of the file system volumes 430, therefore, it is possible to install more than one operating system to a single hard drive. The one or more operating systems may include completely different operating systems or may be different versions of the same operating system. Furthermore, each operating system may be installed in a separate file system volume as illustrated in
In another implementation, a single operating system may be used and accessed by several users. In order to help keep the data for each user private, the operating system allows an administrator to set up individual user accounts within the system. The system tries to separate private user files into special folders that become visible to the user once they log into the system.
It is important to note that the protections that exist for separating the files of multiple operating systems or the files of individual users within a single operating system are generally not very secure. Since the host device 200 has access to the entire user space 400 on the drive, software running on the host device can read or write any sector 330. Such relatively unrestricted access allows a virus or malicious user to read, alter, or destroy not only files for the current user and operating system, but also files for other operating systems or users that may have been set up on the hard drive.
Since hard drives are mechanical devices, they are subject to failure. Although hard drives have become more reliable, there are still a number of failure modes. The motor that turns the spindle can burn out, the attached IDE circuit board can short out, a read/write head can accidentally scratch the surface of a disk platter, or the actuator arm can break. All these instances generally result in a catastrophic failure of the hard disk drive. For this reason it is important for the data stored on the hard drive to be periodically copied to another hard drive or other storage medium. This procedure is called “backing up your data” or a backup operation.
It is important to back up data regularly since it can become corrupted at any time. Mechanical failure can destroy data, but the most common form of corruption is the unintended changes to the file system caused by software or user error or by malicious software like a computer virus. If the volumes on a hard drive are backed up regularly and data corruption occurs, the data can be restored to its former state.
As illustrated in
Images are typically stored on another hard drive or on removable media such as disks (CD or DVD) or tape. If the data set on a hard drive becomes corrupted it is necessary to have access to the image media in order to restore the image. Computer manufacturers conventionally have included a factory image on a CD or DVD disk with new computers. Such a factory image allows the user to restore the machine to its original factory settings in the event of data corruption.
Computer manufacturers faced a problem where the CD or DVD disk containing the factory image became either lost or damaged. The user could not restore the hard drive to its factory settings and taxed the manufacture's customer support line for resolution. One solution to this problem was to store the factory image within the user space of the hard drive. This solved some of the problems but presented another. Since the factory image was stored on the hard drive, it was subject to corruption just like any other data stored on the drive. Unintentional actions by the user or malicious actions by a virus program could corrupt the image.
To solve this problem, the industry added a change to the ATA specification. In version 5 of the official ATA document a “SET MAX” command was added. As illustrated in
The Host Protected Area (HPA) generally is located at the end of the logical disk space and is typically a small portion of the total disk space. Because it is a logical area, it could be physically located anywhere on the disk platter surfaces. Because of its small size in relation to the total disk area, it is typically limited to an image of the data set created by the computer manufacturer. If the user wishes to preserve the data sets resulting from constant use of the host device, regular images should be made. Otherwise, all data created or changed by the user after the initial factory settings could be lost.
When an image of a hard drive is created without the use of other storage media, a data set is read from the hard drive by the host device and written to an image located on another area of the same hard drive. Likewise, if that same image is later restored, all the data from the image must be read by the host device and written back to the hard drive. Depending on the amount of data being backed up or restored, this can be a very time consuming operation and require significant processing resources from the host device.
The traditional hard drive device with spinning disk platters has seen competition in recent years from static data storage devices such as flash drives. These flash drives contain static memory chips that enable them to store digital data without moving parts. While the storage capacity of these drives has been much less than the capacity of most hard drives, their capacity has grown to a point where they can compete with the smallest form factor hard drives. Flash drives are configured to emulate traditional hard drives with respect to their connection to a host device. They use the same ATA interface and they present their storage space to the host device as a set of sectors just as hard drives do. In general, the host device is unable to tell if the attached data storage device uses spinning platters or solid state memory chips to store the data.
Two or more data storage devices or hard drives can be linked together in what is known as a RAID (Redundant Array of Independent Drives) configuration. All of the drives are under the direct control of a special device called a RAID controller. This RAID controller virtualizes the space on each hard drive and presents the space to the attached host device as a single logical unit. In this manner, four separate 500 GB drives can be combined by the RAID controller to appear to the attached host device to be a single 2000 GB drive. This RAID controller can also be used to configure the drives such that they provide data redundancy (called mirroring) or data protection from some hardware failures (called striping).
As various forms of media become prevalent and as multiple users may access shared hardware, there is a need to divide a single hard drive into separate access spaces that are not entirely visible to the host device at a single time. There is also a need to provide an efficient mechanism for generating backup images of data on a hard drive.
A hard drive, system, and method for restricting access by a host device to only one portion of a data storage device or hard drive is disclosed. In one embodiment of the present invention, a data storage device or hard drive for coupling to a host device includes a user space including a plurality of sectors for storing data therein. The data storage device or hard drive further includes a plurality of host access spaces each including a corresponding plurality of portions of the plurality of sectors wherein only one of the plurality of host access spaces is accessible at any one time to the host device. Furthermore, the data storage device or hard drive includes a switch for selecting each one of the plurality of host access spaces.
In another embodiment of the present invention, a system including a host device and a data storage device or hard drive is provided. The data storage device or hard drive includes a user space for storing data therein and a plurality of host access spaces each including a corresponding plurality of portions of the plurality of sectors wherein only one of the plurality of host access spaces is accessible at any one time to the host device and a switch for selecting each one of the plurality of host access spaces.
In a further embodiment of the present invention, a method for restricting access by a host device to only a portion of a data storage device or hard drive is provided. The method includes dividing a user space including a plurality of sectors for storing data therein on the data storage device or hard drive into a plurality of host access spaces and selecting one of the plurality of host access spaces as an active host access space. The method further includes restricting access by the host device to only the active host access space.
In the drawings, which illustrate what is currently considered to be the best mode for carrying out the invention:
As used herein, the term “data storage device” includes hard drives, as well as other data storage means including semiconductor non-volatile storage such as “Flash” memory devices, magnetic storage means as well as optical storage means that function as a server of sectors.
In one or more embodiments of the present invention, a method for dividing a single data storage device into two or more separate Host Access Spaces (HAS), only one of which can be visible to an attached host device at any given time, is described. During a reset operation, a different Host Access Space (HAS) could be made active or visible thus giving the appearance to the host device that the data storage device or hard drive unit had been replaced with an entirely different data storage device or hard drive. The non-active Host Access Spaces (HASs) are completely protected from any data read or data write operations initiated by the host device. If the Host Access Spaces (HASs) are divided along physical disk platter boundaries, each non-active Host Access Space (HAS) can be used to store a complete backup of all data in the active Host Access Space (HAS). Backup operations can be performed completely within the data storage device or hard drive unit while the data storage device or hard drive unit continues to service data read and data write requests from the host device. A restore operation can be performed as quickly as the data storage device or hard drive can be reset.
The present invention may be embodied in a method wherein a single physical data storage device or hard drive can divide its total storage space into two or more distinct logical storage spaces for the purpose of separating those spaces from access by a host device. Each of these logical storage spaces is called a Host Access Space (HAS). A host device may only be given access to a single Host Access Space at one time. This will effectively “hide” the other Host Access Spaces from the host device's view. These hidden spaces are protected from any software running on the host device including low level division and formatting software.
Various reset options are contemplated. By way of example and not limitation, the reset operation may be accomplished by disconnecting and reconnecting the disk drive 700 from the host device 200′, turning the host device 200′ off and then back on, or by rebooting or otherwise resetting the host device 200′, and may further include other authorization options such as requiring a user to enter a passkey or biometric measurement to complete the selection of the next visible Host Access Space (HAS) 600 automatically. If the passkey or biometric measurement matches a Host Access Space (HAS) designation, the data storage device or hard drive 700 would automatically select that specific Host Access Space (HAS) 600 as being visible to the host device 200′. Likewise, a Host Access Space (HAS) 600 could be matched to an identifier sent by the host device 200′ when the data storage device or hard drive is attached or reset. Accordingly, to the host device 200′, the reset or reconfiguration process appears as if the data storage device or hard drive 700 had been physically replaced by a completely different data storage device or hard drive 700.
When the configured data storage device or hard drive 700 (
In order for host device 200′ to access another Host Access Space (HAS) 600, the other Host Access Space (HAS) 600 would need to be set as the next active Host Access Space (HAS) 600 and then the data storage device or hard drive 700 would need to be reset. Such a reconfiguration appears to the host device 200′ as if, for example, the user had unplugged the current data storage device or hard drive and replaced it with a completely different data storage device or hard drive. To set another Host Access Space (HAS) as active, the user could select the next Host Access Space (HAS) from, for example, a menu in special software program 704 running on the host device 200′, or physically select it by means of switch 702, such as a mechanical device, knob or keypad configured as part of data storage device or hard drive 700. Additionally, the reset operation could be accomplished by power-cycling the host device 200′ or by disconnecting and then reconnecting the data storage device or hard drive 700 with host device 200′.
In another embodiment, a specific Host Access Space (HAS) may also be automatically set as the active Host Access Space (HAS) during initialization of the data storage device or hard drive 700 by the host device 200′. For example, such a setting of a specific Host Access Space (HAS) may be accomplished if the host device 200′ sent an identifier 716 to the data storage device or hard drive 700 that matched one of the pre-configured Host Access Spaces (HASs) 600. In yet another embodiment, a passkey or biometric measurement 718 could also be passed to the data storage device or hard drive 700 during initialization that matched a particular Host Access Space (HAS) 600.
By way of example and not limitation, a data storage device or hard drive 700 could be attached to a host device 200′, such as a computer, shared by several different users. An administrator could configure the data storage device or hard drive 700 to have a corresponding number of different Host Access Spaces (HASs) 600 corresponding to each user. When a specific user turned on the host device 200′ (e.g., computer), the user could enter a passkey or a biometric measurement (e.g., fingerprint) causing the host device 200′ to initialize to a corresponding Host Access Space 600 and allow access to the data in the user's specific Host Access Space (HAS) and prevent access to Host Access Spaces (HASs) that belong to others. In fact, the various embodiments of the present invention preclude the host device 200′ from recognizing the existence of other Host Access Spaces (HASs) 600.
The plurality of Host Access Spaces (HASs) 600 may be divided within storage space 710 according to various boundaries.
In an embodiment of the present invention as further illustrated with respect to
A synchronize or backup process 726 running on the host device would be used to send commands to the transfer process 722 on data storage device or hard drive 700 to synchronize the data between two or more Host Access Spaces (HASs). Transferring data from one Host Access Space (HAS) to another without requiring host device intervention allows the data storage device or hard drive to perform instant “snapshot” backup operations and near instantaneous restore operations. Furthermore, the data storage device or hard drive 700 may also continue handling read and write requests from the host device while performing backup and restore operations in the background.
In another embodiment of the present invention as illustrated with respect of
In another embodiment of the present invention, a Host Access Space (HAS) 600 can be created such that it contains only a portion of a platter surface 730 with a corresponding backup HAS 600 containing a corresponding portion of another platter surface 730. The remaining portion of the platter surface 730 would then be used to create a separate HAS 600. In this manner, a single data storage device or hard drive could be configured such that it has a combination of HASs 600, some of which contain backup data and others that do not have a corresponding backup HAS 600. For example, as illustrated in
In another embodiment of the present invention, the data storage device or hard drive has a special administrative mode that allows two separate HASs 600 to be visible to the attached host device 200 (
In another embodiment of the present invention, the data storage device or hard drive has a special install mode that allows write commands to be duplicated internally by the data storage device or hard drive to two or more identically sized HASs 600. In this mode, the user could partition, format, and install an operating system on two or more HASs 600 simultaneously. Every write command to the active HAS 600 would be duplicated on all the HASs 600 selected by the user when the device was placed in the special install mode.
It is important to note that the present invention could be used such that it would not interfere with RAID configurations. If each drive in the RAID array was configured with an identical set of Host Access Spaces 600, the entire array could take advantage of the instant backup and restore features that the invention specifies for a single drive. To accomplish this task, the RAID controller would need to trigger the synchronize or backup process 726 for each drive under its control simultaneously. In this manner, the active HAS 600 on each drive would be backed up or restored at the same time, thus preserving the integrity of the data found in the virtual space made visible to the attached host device by the RAID controller.
In either case, the data transfers happen within the data storage device or hard drive 700. The data does not need to be sent to or through the host device 200′. Furthermore, the active Host Access Space (HAS) 600 may continue to service data requests from the host device 200′ while the backup or restore data transfers are being done in the background. Additionally, the data storage device or hard drive may also monitor which tracks have been modified and keep a record of which tracks are different between any two Host Access Spaces (HASs) 600. Using this technique, only different tracks need to be transferred during either a backup or restore operation.
In one application, one or more embodiments of the present invention may be attached to a host device 200′ such as a family computer shared by various members of a family. A parent could set up the data storage device or hard drive 700 to include separate Host Access Spaces (HASs) for the parent and children. A child's Host Access Space (HAS) 600 may have a lesser suite of applications, an example of which would not include Internet access software or have printer drivers enabled. In such a representative application, a child could turn on the host device (e.g., computer) and play their computer games or do homework but not have access to Internet access software. Accordingly, the parent, for example, would not need to worry about the children surfing the Internet, printing out 1000 pages on the laser printer, or accidentally deleting the family bookkeeping files. Alternatively, if the parent had enabled Internet access for the children, the family documents stored in other Host Access Spaces (HASs) would be safe from any spyware the children might accidentally download.
In another application, one or more embodiments of the present invention may be attached to a host device 200′ such as a software development workstation. A data storage device or hard drive 700 could be attached to a host device 200′ (e.g., workstation) used by a single individual who, for example, tests software on a variety of operating systems. The user could configure the data storage device or hard drive to have five different Host Access Spaces (HASs) 600. The user could install a different operating system on each of the Host Access Spaces (HASs) 600 and using, for example, a switch 702 on the data storage device or hard drive 700, or by a special software program 704 running on the host device 200′, the user could boot the host device 200′ (e.g., workstation) with a different operating system each time a different Host Access Space (HAS) 600 was selected. In each case, the currently running operating system could not interfere in any way with the files stored in the Host Access Spaces (HASs) 600 of the other operating systems.
When a specific data type of host device 750-756 is coupled to data storage device or hard drive 700′, a host device type detection process 740 recognizes the specific data type device and selects the corresponding one of the Host Access Spaces (HASs) 600′-600″″ that corresponds to the detected specific type of data device. For example, when a user connects the data storage device or hard drive 700′ into an audio host device 752, the audio host device 752 sends the data storage device or hard drive 700′ an identifier (or the data storage device or hard drive otherwise identifies the host device) that matches the Host Access Space (HAS) 600′ containing music data.
Likewise, when a user connects the data storage device or hard drive 700′ to a data (e.g., computer) host device 756, the data host device 756 sends the data storage device or hard drive 700′ an identifier that matches the Host Access Space (HAS) 600″″ containing software or other computer data. Similarly, when a user connects the data storage device or hard drive 700′ to a video or television host device 750, the television host device 750 sends the data storage device or hard drive 700′ an identifier that matches the Host Access Space (HAS) 600″ containing video data. Also, when a user connects the data storage device or hard drive 700′ to an image host device 752, the image host device 752 sends the data storage device or hard drive 700′ an identifier that matches the Host Access Space (HAS) 600′″ containing photos or other image data. Alternatively, a unique identifier may be stored in each of the host devices and the data storage device or hard drive may recognize and match the unique identifier and select a specific corresponding Host Access Space (HAS). A default Host Access Space (HAS) may also be selected if a specific data type of host device is not identified. The present embodiment finds application in protecting types of data from corruption by malware or other viruses that could destroy or corrupt data if certain types of host devices are connected.
Having thus described certain preferred embodiments of the present invention, it is to be understood that the invention defined by the appended claims is not to be limited by particular details set forth in the above description, as many apparent variations thereof are possible without departing from the spirit or scope thereof as hereinafter claimed.
This application is a continuation-in-part of copending U.S. patent application Ser. No. 11/445,642, filed Jun. 1, 2006, the disclosure of which is hereby incorporated herein by this reference in its entirety.
Number | Date | Country | |
---|---|---|---|
Parent | 11445642 | Jun 2006 | US |
Child | 11961598 | US |