Secure access device with multiple authentication mechanisms

Description

TECHNICAL FIELD

The present invention relates generally to electronic devices, and more particularly to memory devices.

BACKGROUND

Security is a critical issue with almost all aspects of computer use. Storage media, such as hard disk drives attached to computers, contain valuable information, which is vulnerable to data theft. A great deal of money and effort is being applied to guarding personal, corporate, and government security information.

As portable memory storage devices have become smaller, easier to lose, more ubiquitous, cheaper, and larger in memory capacity, they have come to pose extraordinary security problems. It is now possible to download massive amounts of information surreptitiously into portable memory storage devices, such as universal serial bus flash and micro drives, cellphones, camcorders, digital cameras, iPODs, MP3/4 players, smart phones, palm and laptop computers, gaming equipment, authenticators, tokens (containing memory), etc.—in general, a mass storage device (MSD).

More specifically, there are millions of MSDs being used for backup, transfer, intermediate storage, and primary storage into which information can be easily downloaded from a computer and carried away. The primary purpose of any MSD is to store and retrieve “portable content,” which is data and information tied to a particular owner not a particular computer.

The most common means of providing storage security is to authenticate the user with a computer-entered password. A password is validated against a MSD stored value. If a match occurs, the drive will open. Or, the password itself is used as the encryption key to encrypt/decrypt data stored to the MSD.

For drives that support on-the-fly encryption, the encryption key is often stored on the media in an encrypted form. Since the encryption key is stored on the media, it becomes readily available to those willing to circumvent the standard interface and read the media directly. Thus, a password is used as the key to encrypt the encryption key.

For self-authenticating drives, their authentication sub-system is responsible for maintaining security. There is no dependency on a host computer to which it is connected. Thus, a password cannot (or need not) be sent from the host in order to unlock the MSD. In fact, the encryption key no longer needs to be stored on the media. The authentication subsystem becomes the means for managing encryption keys.

Thus, a need still remains for improved security. In view of the ever-increasing commercial competitive pressures, along with growing consumer expectations and the diminishing opportunities for meaningful product differentiation in the marketplace, it is critical that answers be found for these problems. Additionally, the need to reduce costs, improve efficiencies and performance, and meet competitive pressures, adds an even greater urgency to the critical necessity for finding answers to these problems.

Solutions to these problems have been long sought but prior developments have not taught or suggested any solutions and, thus, solutions to these problems have long eluded those skilled in the art.

DISCLOSURE OF THE INVENTION

The present invention provides a method of operation of a data security system including: providing a mobile device with a data security system application for connectivity with the data security system; starting the data security system application; and maintaining connectivity of the data security system with the mobile device.

The present invention provides a data security system including: a data security transceiver or receiver; an authentication subsystem operatively connected to the data security transceiver or receiver; and a storage subsystem connected to the authentication subsystem.

Certain embodiments of the invention have other aspects in addition to or in place of those mentioned above. The aspects will become apparent to those skilled in the art from a reading of the following detailed description when taken with reference to the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a schematic of a data security system in accordance with an embodiment of the present invention;

FIG. 2 is an illustration of an authentication key delivery method used with the data security system;

FIG. 3 is an illustration of different systems for the user to interact with the data security system;

FIG. 4 is an illustration of how the user can employ the host computer system to interact with a data security system; and

FIG. 5 is a data security method employing user verification for the data security system.

FIG. 6 is an exemplary data security communication system.

FIG. 7 is an administrator sequencing diagram showing the sequence of operations between a mobile device and the data security system.

FIG. 8 is a unlocking sequence diagram where the mobile device is an authentication factor.

FIG. 9 is an unlock sequencing diagram showing unlocking using a PIN entry from the mobile device.

FIG. 10 is an unlock sequencing diagram showing unlock using a PIN entry and User ID/location/time verification via the server/console.

FIG. 11 is a reset sequencing diagram showing resetting the data security system using a server/console.

FIG. 12 is an unlock sequencing diagram showing unlocking the data security system using the server/console.

FIG. 13 is a change user's password sequencing diagram using the server/console.

DETAILED DESCRIPTION

The following embodiments are described in sufficient detail to enable those skilled in the art to make and use the invention. It is to be understood that other embodiments would be evident based on the present disclosure, and that system, process, or mechanical changes may be made without departing from the scope of the present invention.

In the following description, numerous specific details are given to provide a thorough understanding of the invention. However, it will be apparent that the invention may be practiced without these specific details. In order to avoid obscuring the present invention, some well-known circuits, system configurations, and process steps are not disclosed in detail.

Likewise, the drawings showing embodiments of the system are semi-diagrammatic and not to scale and, particularly, some of the dimensions are for the clarity of presentation and are shown exaggerated in the drawing FIGS. Where multiple embodiments are disclosed and described having some features in common, for clarity and ease of illustration, description, and comprehension thereof, similar and like features one to another will ordinarily be described with similar or the same reference numerals. Similarly, although the views in the drawings for ease of description generally show similar orientations, this depiction in the FIGS. is arbitrary for the most part. Generally, the invention can be operated in any orientation.

The term “system” as used herein refers to and is defined as the method and as the apparatus of the present invention in accordance with the context in which the term is used. The term “method” as used herein refers to and is defined as the operational steps of an apparatus.

For reasons of convenience and not limitation, the term “data” is defined as information that is capable of being produced by or stored in a computer. The term “data security system” is defined as meaning any portable memory device incorporating a storage medium. The term “storage media” as used herein refers to and is defined as any solid state, NAND Flash, and/or magnetic data recording system. The term “locked” refers to the data security system when the storage media is not accessible and the term “unlocked” refers to the data security system when the storage media is accessible.

There are generally two methods to make a storage device tamper resistant: 1. Apply epoxy to components—an epoxy resin applied to the printed circuit board can make it difficult to disassemble the storage device without destroying storage media. 2. Encrypt memory data—data gets encrypted as it is written to the storage media and an encryption key is required to decipher the data.

Referring now to FIG. 1, therein is shown a schematic of a data security system 100 in accordance with an embodiment of the present invention. The data security system 100 consists of an external communication channel 102, an authentication subsystem 104, and a storage subsystem 106.

The storage subsystem 106 is electronic circuitry that includes an interface controller 108, an encryption engine 110, and a storage media 112. The storage media 112 can be an internal or external hard disk drive, USB flash drive, solid state drive, hybrid drive, memory card, tape cartridge, and optical media including optical disk (e.g., Blu-ray disk, digital versatile disk or DVD, and compact disk or CD). The storage media 112 can include a data protection appliance, archival storage system, and cloud-based data storage system. The cloud storage system may be accessed utilizing a plug-in (or “plugin”) application or extension software installed in a browser application, either on the host computer or on another system coupled to the host computer via a wired or wireless network, such as RF or optical, or over the world wide web.

The interface controller 108 includes electronic components such as a micro-controller with the encryption engine 110 of software or hardware, although the encryption engine 110 can be in a separate controller in the storage subsystem 106.

The authentication subsystem 104 is electronic circuitry that includes an authentication controller 114, such as a micro-controller, which may have its own non-volatile memory, such as an electrically erasable programmable read-only memory (EEPROM).

The external communication channel 102 provides a means of exchanging data with a host computer system 120. Universal Serial Bus (USB) is one of the most popular means to connect the data security system 100 to the host computer system 120. Other examples of the external communication channel 102 include Firewire, wireless USB, Serial ATA (SATA), High Definition Multimedia Interface (HDMI), Recommended Standard 232 (RS-232), and radio frequency wireless networks.

The interface controller 108 is capable of translating USB packet data to data that can be written to the storage media 112 in a USB Flash Drive.

The encryption engine 110 is implemented as part of the interface controller 108 and takes clear text and/or data (information) from the host computer system 120 and converts it to an encrypted form that is written to the MSD or the storage media 112. The encryption engine 110 also converts encrypted information from the storage media 112 and decrypts it to clear information for the host computer system 120. The encryption engine 110 can also be a two-controller subsystem with an encryption controller that has the encryption capability to encrypt/decrypt data on the fly along with managing the communication protocol, memory, and other operating conditions and a communication/security controller for handling the communication, encryption key management, and communications with the encryption controller.

An encryption key 116 is required by the encryption engine 110 to encrypt/decrypt the information. The encryption key 116 is used in an algorithm (e.g., a 256-bit Advanced Encryption Standard (AES) encryption) that respectively encrypts/decrypts the data by an encryption algorithm to render data unreadable or readable. The encryption key 116 can be stored either internally or externally to the authentication controller 114.

The encryption key 116 is transmitted to the encryption engine 110 by the authentication subsystem 104 once a user 122, having an identification number or key, has been verified against an authentication key 118.

It has been discovered that, by the employment of the authentication key 118 and the encryption key 116, portable memory storage devices of the various embodiments of the present invention can be provide an extremely high level of security previously not available in such devices.

When the data security system 100 is locked, the authentication key 118 remains inside the authentication subsystem 104 and cannot be read from outside. One method of hiding the authentication key 118 is to store it in the authentication controller 114 in the authentication subsystem 104. Setting the security fuse of the authentication controller 114 makes it impossible to access the authentication key 118 unless the authentication controller 114 allows retrieval once the user 122 has been verified. Many micro-controllers come equipped with a security fuse that prevents accessing any internal memory when blown. This is a well-known and widely used security feature. Such a micro-controller could be used for the authentication controller 114. The authentication controller 114 can be a micro-controller or microprocessor.

The authentication key 118 can be used as in several capacities: 1. As the encryption key 116 to encrypt/decrypt the information directly. 2. As a key to recover the encryption key 116 stored in the data security system 100 that can be accessed by the interface controller 108. 3. Used for direct comparison by the interface controller 108 to activate the external communication channel 102.

Referring now to FIG. 2, therein is shown an illustration of an authentication key delivery method used with the data security system 100. In this illustration, the authentication key 118 and the encryption key 116 are one and the same. The encryption engine 110 employs the authentication key 118 as the encryption key 116.

The user 122 must interact with the authentication subsystem 104 by providing user identification 202, a number or key, to the authentication subsystem 104. The authentication subsystem 104 validates the user 122 against the authentication key 118. The authentication subsystem 104 then transmits the authentication key 118 as the encryption key 116 to the interface controller 108.

The encryption engine 110 in the interface controller 108 employs the authentication key 118 to convert clear information to encrypted information and encrypted information to clear information along a channel 206. Any attempt to read encrypted information from the storage media 112 without the encryption key 116 will generally result in information that is unusable by any computer.

Referring now to FIG. 3, therein is shown an illustration of different systems for the user 122 to interact with a data security system 300. The interaction can be by a communication combination 301, which can be by a physical contact, wired connection, or wireless connection from a cell phone, smartphone, smart watch, wearable appliance, or other wireless device.

In one authentication system, a mobile transceiver 302 is employed to transmit user identification 304 to a data security transceiver 306 in an authentication subsystem 310. For exemplary purposes, transceivers are employed for bi-directional communication flexibility but a transmitter-receiver combination for uni-directional communication could also be used. The authentication subsystem 310 includes the authentication controller 114, which is connected to the interface controller 108 in the storage subsystem 106. The user identification 304 is supplied to the data security transceiver 306 within the authentication subsystem 310 by the mobile transceiver 302 from outside the storage subsystem 106 of the data security system 300. The wireless communication may include Wireless Fidelity (WiFi), Bluetooth (BT), Bluetooth Smart, Near Field Communication (NFC), Global Positioning System (GPS), optical, cellular communication (for example, Long-Term Evolution (LTE), Long-Term Evolution Advanced (LTE-A)), Code Division Multiple Access (CDMA), Wideband Code Division Multiple Access (WCDMA), Universal Mobile Telecommunications System (UMTS), Wireless Broadband (WiBro), or Global System for Mobile Communications (GSM), and the like).

The authentication subsystem 310 validates the user 122 against the authentication key 118 by a code sent from the mobile transceiver 302 being validated against the authentication key 118. The authentication subsystem 310 then transmits the encryption key 116 to the interface controller 108 across the communication combination 301.

The encryption engine 110 then employs the encryption key 116 to convert clear information to encrypted information and encrypted information to clear information along the channel 206. Any attempt to read encrypted information from the storage media 112 without the encryption key 116 will result in information that is unusable by the host computer system 120.

In an optional second authentication mechanism, the authentication subsystem 310 validates the user 122 against the authentication key 118 by having the user 122 employ a biometric sensor 320 to supply a biometric input 322 to verify his/her identity as an authorized user. Types of biometric identification include a fingerprint, an iris scan, a voice imprint, etc.

In an optional third authentication mechanism, the authentication subsystem 310 validates the user 122 against the authentication key 118 by having the user 122 employ an electro-mechanical input mechanism 330 to supply a unique code 332 to verify his/her identity as an authorized user. The unique code 332 can include a numerical, alphanumeric, or alphabetic code, such as a PIN. The electro-mechanical input mechanism 330 is within the authentication subsystem 310. The electro-mechanical input mechanism 330 receives the unique code 332 from the user 122 from outside of the data security system 300. The unique code 332 is supplied to the electro-mechanical input mechanism 330 within the authentication subsystem 310 from outside the storage subsystem 106 of the data security system 300.

No matter which method is used to validate the user 122, the authentication key 118 and the encryption key 116 remain hidden until the user 122 is authenticated.

Referring now to FIG. 4, therein shows an illustration of how the user 122 can employ the host computer system 120 to interact with a data security system 400.

The host computer system 120 is provided with a host application 402. The host application 402 is software or firmware, which communicates over the external communication channel 102 of the data security system 400.

The host application 402 delivers host identifiers 406, such as internal component serial numbers (e.g. hard drive), media access control (MAC) address of a network card, login name of the user, network Internet Protocol (IP) address, an ID created by the data security system and saved to the host, an ID created by the data security system and saved to the network, etc., associated with its environment. The host identifiers 406 are employed by an authentication subsystem 408 in the data security system 400.

When the authentication subsystem 408 validates the user 122 against the authentication key 118 by verifying the host identifiers 406, the data security system 400 will unlock.

For example, the user 122 connects the data security system 400 that is locked to the host computer system 120. The host application 402 sends the MAC address of its network card to the data security system 400. The data security system 400 recognizes this MAC address as legitimate and unlocks without the user 122 of FIG. 1 having to enter user identification. This is implementation does not require any interaction with the user 122. In this case, it is the host computer system 120 and its associated environment that are being validated.

The data security system 400 includes: providing the authentication key 118 stored in the authentication subsystem 104; providing verification of the host computer system 120 by the authentication subsystem 104; presenting the encryption key 116 to the storage subsystem 106 by the authentication subsystem 104; and providing access to the storage media 112 by the storage subsystem 106 by way of decrypting the storage media content.

The data security system further includes the authentication subsystem 104 for interpretation of biometric input and verification of the user 122.

The data security system further includes using the authentication key 118 as the encryption key 116 directly.

The data security system further includes using the authentication key 118 to decrypt and retrieve the encryption key 116 used to decipher internal content.

The data security system further includes the authentication subsystem 104 for interpretation of signal inputs and verification of sending unit.

The data security system further includes the authentication subsystem 104 for interpretation of manually entered input and verification of the user 122.

The data security system further includes the authentication subsystem 104 for interpretation of input sent by a host resident software application for verification of the host computer system 120.

The data security system as further includes the encryption engine 110 outside the interface controller 108 but connected to the external communication channel 102 for the purpose of converting clear data to encrypted data for unlocking the data security system 100.

Referring now to FIG. 5, therein is shown a data security method 500 employing user verification for the data security system 100. The data security method 500 includes; verifying the user against an authentication key in a block 502; employing the authentication key for retrieving an encryption key in a block 504; and employing the encryption key for allowing unencrypted communication through a storage subsystem between a host computer system and a storage media in a block 506.

Referring now to FIG. 6, therein is shown an exemplary data security communication system 600. The exemplary data security communication system 600 includes a mobile device 610, a data security system 620, a host computer 630, and a server/console 640. The mobile device 610 and the server/console 640 are connected by wired or wireless connections through a cloud 650, which can be an Internet cloud. The mobile device 610 and the data security system 620 are connected by the communication combination 301.

The communication combination 301 in the exemplary data security communication system 600 includes a mobile transceiver 612 in the mobile device 610 with an antenna 614 wirelessly communicating with an antenna 622 of a data security transceiver 624 in the data security system 620.

The mobile device 610 in one embodiment can be a smartphone. In the mobile device 610, the mobile transceiver 612 can be connected to conventional mobile device components and to a data security system application 618, which provides information to be used with the data security system 620.

The data security transceiver 624 is connected to a security controller 626, which can contain identification, passwords, profiles, or information including that of different mobile devices that can access the data security system 620. The security controller 626 is connected to subsystems similar to the authentication subsystem 310, the storage subsystem 106 (which in some embodiments can have encryption to encrypt data), and the external communication channel 102.

The external communication channel 102 is connectable to the host computer 630 to allow, under specified circumstances, access to data in the storage subsystem 106.

One implementation of the data security system 620 can eliminate the biometric sensor 320 and the electro-mechanical input mechanism 330 of FIG. 3 with only a wireless link to the mobile device 610, such as a smartphone. It has been found that this implementation makes the data security system 620 more secure and useful.

The data security system application 618 allows the mobile device 610 to discover all data security systems in the vicinity of the mobile device 610 and show their status (locked/unlocked/blank, paired/unpaired etc.).

The data security system application 618 allows the mobile device 610 to connect/pair, lock, unlock, change the name and password, and reset all data on the data security system 620.

The data security system application 618 allows the mobile device 610 to set an inactivity auto-lock so the data security system 620 will automatically lock after a predetermined period of inactivity or to set a proximity auto-lock so the data security system 620 will be locked when the mobile device 610 is not within a predetermined proximity for a predetermined time period (to improve reliability and avoid signal de-bouncing).

The data security system application 618 allows the mobile device 610 to remember a password, use TouchID, and Apple Watch (both TouchID and Apple Watch mentioned here as examples only, there are many other mobile devices with biometric sensors and wearables that can be used in a similar mode) so data security system 620 could be unlocked without entering re-entering a password on the mobile device.

The data security system application 618 allows the mobile device 610 to be set to operate only with a specific mobile device, such as the mobile device 610, so the data security system 620 cannot be unlocked with other mobile devices (1Phone).

The data security system application 618 allows the mobile device 610 to set the data security system 620 to Read-Only.

The data security system application 618 allows the mobile device 610 to be operated in User Mode or Administrator Mode (administrator's mode overrides user's settings) and use the server/console 640. The server/console 640 is a combination of a computer with a console for entering information into the computer.

The server/console 640 contains a user management database 642, which contains additional information that can be transmitted over the cloud 650 to the mobile device 610 to provide additional functionality to the mobile device 610.

The user management database 642 allows the server/console 640 to create and identify users using UserID (username and password) and block/allow unlocking the data security system 620 and provide remote help.

The user management database 642 allows the server/console 640 to remotely reset or unlock the data security system 620.

The user management database 642 allows the server/console 640 to remotely change the data security system user's PIN.

The user management database 642 allows the server/console 640 to restrict/allow unlocking data security system 620 from specific locations (by using geo-fencing).

The user management database 642 allows the server/console 640 to restrict/allow unlocking data security system 620 in specified time periods and different time zones.

The user management database 642 allows the server/console 640 to restrict unlocking data security system 620 outside of specified team/organization/network etc.

Referring now to FIG. 7, therein is shown an administrator sequencing diagram showing the sequence of operations between the mobile device 610 and the data security system 620.

Connectivity 700, between the data security system 620 and the mobile device 610, is first established with mutual discovery of the other device or system, pairing the device and system, and connection of the device and system. The connectivity 700 is secured using a shared secret, which is then used to secure (encrypt) communications between the data security system 620 and the mobile device 610 for all future communication sessions. A standard encryption algorithm is selected to be both efficient to run on the data security system 620 and to be approved by world-wide security standards.

The connectivity 700 is maintained by the data security system application 618 or the security controller 626 or both operating together as long as the data security system 620 and the mobile device 610 are within a predetermined distance of each other. Further, if the predetermined distance is exceeded, the connectivity 700 is maintained for a predetermined period of time after which the data security system 620 is locked.

After connection of the mobile device 610 and the data security system 620, a data security system administrator application start operation 702 occurs in the mobile device 610. Then an administrator sets a password in an administrator password operation 722. Also after connection of the mobile device 610 and the data security system 620, the data security system 620 is connected to the host computer 630 of FIG. 6 to be powered up and discoverable by the host computer 630 in a data security system connected, powered and discoverable operation 706.

After the administrator password operation 722, the mobile device 610 sends a set administrator password and unlock signal 708 to the data security system 620. The set administrator password and unlock signal 708 causes an administrator password set and data security system unlocked operation 716 to occur in the data security system 620.

When the administrator password set and data security system unlocked operation 716 is completed, a confirmation: data security system unlocked signal 712 is sent to the mobile device 610 where a confirmation: data security system unlocked as administrator operation 714 operates. The confirmation: data security system unlocked as administrator operation 714 permits a set other restrictions operation 716 to be performed using the mobile device 610. The set other restrictions operation 716 causes a set administrator restrictions signal 718 to be sent to the data security system 620 where the administrator restrictions are set and a confirmation: restrictions set signal 720 is returned to the mobile device 610. Thereafter, the mobile device 610 and the data security system 620 are in full operative communication.

Because it is possible to communicate with the data security system 620 without having physical contact with the data security system 620, it is required that significant interactions with the data security system 620 be accompanied by a data security system unique identifier that is either printed on the data security system 620 itself, or that comes with the data security system 620 packaging and is readily available to the data security system 620 owner.

On making requests that could affect user data, such as unlocking or resetting the data security system 620, this unique identifier (unique ID) is required. Attempts to perform these operations without the correct identifier are ignored and made harmless. The unique identifier is used to identify the data security system 620 to the mobile device 610 in a way that requires the user to have physical control over the data security system 620 and to verify the connectivity 700 is established between the authorized, previously paired device and system, such as the mobile device 610 and the data security system 620. Once the devices are paired, the shared secret is used to make the communication confidential.

Pairing connotes that a mobile device and a data security system have a unique and defined relationship established at some time in the past and enduring.

The unique identifier makes for giving the user some control over the data security system when the user has physical control of the data security system.

To increase the security of the communication with the data security system 620 where the mobile device 610 is a smartphone, a user may choose to enable a feature, such as a feature called 1Phone here. This feature restricts significant user interactions with the data security system 620 to one and only one mobile device 610. This is done by replacing the data security system unique identifier described above with a random identifier shared securely between the data security system 620 and the mobile device 610. So, instead of presenting the data security system unique identifier when, for example, the user unlocks the data security system 620, the 1Phone identifier must be given instead. In effect, this makes the user's mobile device 610 a second authentication factor for using the data security system 620 in addition to a PIN or password. As an example, the paired user phone selected as “1Phone” can be used without a PIN, and as the user-authentication single factor and/or in a combination with any other user-authentication factors. If such feature (1Phone) is selected, the data security system 620 cannot be open with any other phones, except if an administrator's unlock was enabled before.

It will be understood that other embodiments can be made to require an administrator's password on the data security system 620 in order to use the 1Phone feature. Another embodiment may require that the server/console 640 is capable of recovering the data security system 620 in case the 1Phone data is lost on the mobile device 610.

The user may enable a proximity auto-lock feature for the data security system 620. During a communication session, the data security transceiver 624 of FIG. 6 reports to the data security system 620 a signal strength measurement for the mobile device 610. The data security system application 618 on the mobile device 610 sends the data security system 620 both the originating signal power level and the threshold for proximity.

Because the signal strength varies due to environmental conditions around the transceivers, the data security system 620 mathematically smooths the signal strength measurements to reduce the likelihood of a false positive. When the data security system 620 detects that the signal power received has dropped below a defined threshold for a predetermined period of time, it will immediately lock the data security system 620 and prevent access to the storage subsystem 106 of FIG. 6.

The data security system 620 could be used in three different modes: a User Mode where the functionalities of the data security system 620 are determined by the user; an Administrator Mode where an administrator can set an Administrator password and enforce some restrictions on the data security system 620 (e.g., automatic lock after a predetermined period of inactivity, Read-Only, 1Phone) and where restrictions cannot be removed by a User; and a Server Mode where an administrator role is set where the server/console 640 can remotely reset the data security system 620, change user passwords, or just unlock the data security system 620.

Referring now to FIG. 8, therein is shown a unlocking sequence diagram where the mobile device 610 is an authentication factor. This diagram shows auto-unlock process of the data security system 620 initiated by the data security system application 618 from specific mobile device, the mobile device 610. A user can use only one mobile device that was initially paired with the data security system 620. If the paired mobile device 610 is lost then the data security system 620 could not be unlocked (unless administrator password was set before as shown in FIG. 7).

While similar to FIG. 7, a data security system application started operation 800 occurs after the connectivity 700 is established. An unlock required with mobile device ID signal 802 is sent from the mobile device 610 to the data security system 620 after a data security system connected, powered and discoverable operation 706. A data security system unlocked operation 804 occurs and a confirmation: data security system unlocked signal 712 is sent from the data security system 620. After a confirmation: data security system unlocked operation 806, the mobile device 610 and the data security system 620 are in full operative communication.

If a PIN (Personal Identification Number) was not setup then the paired mobile device is used as 1-authentication factor.

Referring now to FIG. 9, therein is shown an unlock sequencing diagram showing unlocking using a PIN entry from the mobile device 610. This diagram shows process of unlocking the data security system 620 by entering a PIN in the data security system application 618 in the mobile device 610. The data security system 620 cannot be unlocked without entering the correct PIN.

While similar to FIGS. 7 and 8, an enter username/password operation 900 occurs after the data security system application started operation 800. After the enter username/password operation 900, the mobile device 610 sends a verify user ID signal 902 to the server/console 640. The server/console 640 then makes a username/password valid determination 904.

When the username/password valid determination 904 verifies the user, a valid user signal 906 is sent to the mobile device 610 for the user to enter the correct PIN in an enter PIN operation 908 in the mobile device 610. The mobile device 610 then sends a verify unlock signal 910 to determine if the correct PIN has been entered to the server/console 640.

The server/console 640 makes a user authorized determination 912 and determines if the user is authorized to use the specific data security system, such as the data security system 620, that the PIN is authorized for. If authorized, an unlock allowed signal 914 is sent to the mobile device 610, which passes on an unlock request signal 916 to the data security system 620.

The data security system unlocked operation 804 is performed and the confirmation: data security system unlocked signal 712 is sent to the mobile device 610 where the confirmation: data security system unlocked operation 806 is performed.

Referring now to FIG. 10, therein is shown an unlock sequencing diagram showing unlock using a PIN entry and User ID/location/time verification via the server/console 640. This diagram shows the most secure process of unlocking the data security system 620 by entering a PIN in the data security system application 618 from the mobile device 610, authentication in the server/console 640 server using a UserID (username/password) and by verifying geo-fencing permissions to unlock the data security system 620 at a specific location and at a certain time range. The data security system 620 could not be unlocked without entering the PIN, username and password, and having the mobile device 610 be present in specific (predefined) location and certain (predefined) time.

While similar to FIGS. 7-9, at the server/console 640, an unlock specified data security system operation 1000 is performed to allow setting of the desired conditions under which the specified data security system, such as the data security system 620, will operate. For example, the conditions could be within a specific geographical area and/or specific time frame.

At the mobile device 610, a current condition determination is made, such as in an acquire location and/or current time operation 1002. This operation is performed to determine where the mobile device 610 is located and or what the current time is where the mobile device 610 is located. Other current conditions around the mobile device 610 may also be determined and sent by a verify unlock signal 1004 to the server/console 640 where a conditions-met determination 1006 is made.

When the desired conditions are met, an unlock allowed signal 1008 is sent to the mobile device 610 for the enter PIN operation 908 to be performed. After the PIN is entered, a verify unlock signal 1010 is sent with the PIN and an identification of the data security system 620 that is in operational proximity to the mobile device 610. The verify unlock signal 1010 is received by the server/console 640 and a data security system allowed determination 1012 is made to determine that the specified data security system is allowed to unlock by the authorized user. The server/console 640 verifies that this “specific” user is authorized to use the specified data security system.

After determining the correct information has been provided, the server/console 640 will provide an unlock allowed signal 914 to the mobile device 610, which will provide a unlock request signal 916. The unlock request signal 916 causes the data security system 620 to operate.

Referring now to FIG. 11, therein is shown a reset sequencing diagram showing resetting the data security system 620 using the server/console 640. This diagram shows the ability to reset the data security system 620 remotely via the server/console 640. The data security system 620 can receive commands only from the mobile device 610 over the wireless connection. However, by setting a “Reset” flag on the server/console 640 for a specific data security system (using its S/N), the data security system application 618 running on the mobile device 610 will query the server/console 640 for any flags/pending requests in the user management database 642. When the user connects the data security system 620, the data security system application 618 on the mobile device 610 will execute a waiting “reset” command. After a successful reset (all user data and credentials are gone), the server/console 640 will remove the Reset flag so it will not be executed the next time when the mobile device 610 is connected to the specific data security system.

While similar to FIGS. 7-10, the mobile device 610 responds to the valid user signal 906 to send an any command waiting signal 1100 to the server/console 640 to make a reset command determination 1102. When the reset command is present, a perform reset signal 1104 will be sent to the mobile device 610.

The mobile device 610 will send a reset security system signal 1106 to the data security system 620 to start a data security system reset operation 1108. Upon completion of the data security system reset operation 1108, the data security system 620 will send a confirmation: data security system reset signal 1110 to the mobile device 610 to set a confirmation: data security system reset operation 1112 into operation. Thereafter, the mobile device 610 and the data security system 620 are in full operative communication with the data security system 620 reset.

Referring now to FIG. 12, therein is shown an unlock sequencing diagram showing unlocking the data security system 620 using the server/console 640. This diagram shows ability to unlock the data security system 620 remotely via the server/console 640. The data security system 620 can receive commands only from the mobile device 610 over the wireless connection. However, by setting an “Administrator Unlock” flag on the server/console 640 console for a specific data security system (using it's S/N), the data security system application 618 running on the mobile device 610 will query the server/console 640 for any flags/pending requests. When the user connects the data security system 620, the data security system application 618 on the mobile device 610 will execute a waiting “Administrator Unlock” command. After successful Administrator unlock, the user's data is untouched, but the user's password is removed (the data security system 620 cannot be unlocked by the user). The server/console 640 will remove Reset flag for the data security system 620 so it will be not executed next time when the mobile device 610 is connected to the data security system 620.

While similar to FIGS. 7-11, after receiving the any command waiting signal 1100, the server/console 640 performs an unlock 1200 when there is a command to unlock with an administrator's password. An unlock with an administrator's password signal 1202 is sent to the mobile device 610, which provides an unlock with administrator's password signal 1204 to the data security system 620 to start the data security system unlocked operation 804. Thereafter, the mobile device 610 and the data security system 620 are in full operative communication.

Referring now to FIG. 13, therein is shown a change user's password sequencing diagram using the server/console 640. This diagram shows ability to change User's password for data security system 620 remotely via the server/console 640. Even data security system 620 can receive commands only from the mobile device 610 over the wireless connection, by setting a “Change User's Password” flag on the server/console 640 console for a specific data security system (using its S/N), the data security system application 618 running on the mobile device 610 will query the server/console 640 for any flags/pending requests. When user will connect his data security system 620, the data security system application 618 on the mobile device 610 will execute waiting “Change User's Password” command. After successful unlock and changed password, the user's data is untouched and the data security system 620 can be unlocked with new user's password. The server/console 640 will remove “Change User's Password” flag for this data security system 620 so it will be not executed next time when the mobile device 610 is connected to the specific data security system.

While similar to FIGS. 7-12, the server/console 640 responds to the any command waiting signal 1100 by making a change password determination 1300. When there has been a password change at the server/console 640 a change user password signal 1302 is sent to the mobile device 610, which sends a change user password signal 1304 to the data security system 620. Thereafter, the mobile device 610 and the data security system 620 are in full operative communication with the new password.

A method of operation of a data security system comprising: providing a mobile device with a data security system application for connectivity with the data security system; starting the data security system application; and maintaining connectivity of the data security system with the mobile device.

The method as described above wherein maintaining the connectivity maintains the connectivity when the data security system is within a predetermined proximity to the mobile device.

The method as described above wherein maintaining the connectivity maintains the connectivity when the data security system is within a predetermined proximity to the mobile device for a predetermined period of time.

The method as described above wherein establishing the connectivity includes using bi-directional communication between the data security system and the mobile device.

The method as described above wherein establishing the connectivity includes using uni-directional communication between the data security system and the mobile device.

The method as described above further comprising communication between the mobile device with the data security system application and a server containing a user management database.

The method as described above further comprising providing security information in a security controller in the data security system.

The method as described above further comprising: providing a server with identification of a specified data security system; providing the data security system with a specific identification; and unlocking the data security system when the identification of the specified data security system is the same as the specific identification of the data security system.

The method as described above wherein providing a mobile device with the data security system application provides a data security system administrator's application and further includes: setting an administrator's password in the mobile device; transmitting the administrator's password from the mobile device to the data security system; and setting the administrator's password in the data security system and unlocking the data security system.

The method as described above further comprising: providing an unlock request along with a mobile device identification from the mobile device to the data security system; and receiving the unlock request in the data security system and unlocking the data security system.

The method as described above further comprising: entering a user name or password in the mobile device; determining when the user name or password is valid in a server after receiving the user name or password from the mobile device; communicating from the server to the mobile device when the user name or password is valid; and communicating from the mobile device to the data security system when the user name or password is valid to unlock the data security system.

The method as described above further comprising: entering a user name or password in the mobile device; determining when the user name or password is valid in a server after receiving the user name or password from the mobile device; communicating from the server to the mobile device when the user name or password is valid; determining when the identification number is valid in the server after receiving identification number from the mobile device; and unlocking the data security system through the mobile device when the server determines the identification number is valid.

The method as described above further comprising: providing a valid location of the mobile device to a server; determining in the server when the mobile device is in the valid location; and unlocking the data security system through the mobile device when the server determines the mobile device is in the valid location.

The method as described above further comprising: providing a current time of operation for the data security system at the mobile device to a server; determining in the server when the mobile device is within the current time; and unlocking the data security system through the mobile device when the server determines the mobile device has the current time.

The method as described above further comprising: providing a command in a server; providing the command to the mobile device from the server in response to a command waiting signal from the mobile device; and performing the command in the data security system through the mobile device when the command is provided from the server.

The method as described above further comprising: providing a change password command in a server; providing the change password command to the mobile device from the server in response to a change password signal from the mobile device; and unlocking the data security system with the changed password in the data security system.

The method as described above further comprising connecting the data security system to a host computer for power and to be discoverable by the host computer.

A data security system comprising: a data security transceiver or receiver; an authentication subsystem operatively connected to the data security transceiver or receiver; and a storage subsystem connected to the authentication subsystem.

The system as described above further comprising a security controller connected to the data security transceiver or the receiver and to the authentication subsystem.

The system as described above further comprising a mobile device having a data security system application operating with the security controller for maintaining connectivity when the data security system is within a predetermined proximity to the mobile device.

The system as described above further comprising a mobile device having a mobile transceiver or receiver for maintaining connectivity includes using bi-directional communication between the data security system and the mobile device.

The system as described above further comprising a mobile device having a mobile transceiver or receiver for maintaining connectivity includes using uni-directional communication between the data security system and the mobile device.

The system as described above further comprising a wired or wireless connection communication between a mobile device with a data security system application and a server containing a user management database.

The system as described above wherein the data security system includes an external communication channel for connection to a host computer.

While the invention has been described in conjunction with a specific best mode, it is to be understood that many alternatives, modifications, and variations will be apparent to those skilled in the art in light of the foregoing description. Accordingly, it is intended to embrace all such alternatives, modifications, and variations that fall within the scope of the included claims. All matters set forth herein or shown in the accompanying drawings are to be interpreted in an illustrative and non-limiting sense.

Claims

1. A secure access device comprising: a memory;an interface controller coupled to the memory and for coupling to an external data channel, the interface controller configured to disable access to the memory via the external data channel until a user is authenticated;an encryption engine in the interface controller for encrypting data to be stored in the memory;an electro mechanical input mechanism for entering authentication information;a wireless transceiver for radiofrequency communication outside the external data channel; andan authentication subsystem configured to receive the authentication information via the electro-mechanical input mechanism and configured to receive the authentication information via the wireless transceiver, the authentication subsystem further configured to send an unlock command to the interface controller to enable access to the memory via the external data channel after authenticating the authentication information.
2. The secure access device as recited in claim 1, further comprising: a biometric sensor for receiving the authentication information, wherein the authentication subsystem is configured to receive the authentication information via the biometric sensor.
3. The secure access device as recited in claim 1, wherein the authentication information entered via the electro-mechanical input mechanism is a unique code, the unique code being one of a numerical code, an alphanumeric code, or an alphabetic code.
4. The secure access device as recited in claim 1, wherein the electro-mechanical input mechanism receives the authentication information from outside the secure access device.
5. The secure access device as recited in claim 1, wherein an encryption key for encryption is transmitted to the encryption engine by the authentication subsystem after the authentication information is verified, wherein the encryption engine encrypts data received through the external data channel before storing the encrypted data in the memory and decrypts data read from the memory before sending the decrypted data through the external data channel.
6. The secure access device as recited in claim 1, wherein an application in a wireless device, in communication via the wireless transceiver, includes a user interface for entering the authentication information.
7. The secure access device as recited in claim 6, wherein the user interface of the application includes one or more options for configuring the secure access device.
8. The secure access device as recited in claim 6, wherein the application in the wireless device allows the wireless device to lock the external data channel, unlock the external data channel, change the authentication information, and reset the secure access device.
9. The secure access device as recited in claim 6, wherein a remote server enables the application in the wireless device to restrict use of the secure access device to a predetermined geographic zone, to a predetermined time period, or to a combination thereof.
10. The secure access device as recited in claim 6, wherein the application in the wireless device is configurable to set an inactivity auto-lock to lock the secure access device automatically after a predetermined period of inactivity.
11. The secure access device as recited in claim 1, wherein a wireless device is configured for interacting with a remote server to validate the authentication information for enabling access via the external data channel, wherein the authentication information is received from the wireless device via the wireless transceiver after the authentication information is validated by the remote server.
12. The secure access device as recited in claim 1, wherein the authentication subsystem is further configured for receiving the authentication information from a host device via the external data channel.
13. A method comprising: disabling, by an interface controller in a secure access device, access to a memory in the secure access device via an external data channel until a user is authenticated by the secure access device;receiving authentication information by the secure access device, wherein the secure access device is configured to receive the authentication information via a wireless transceiver for radiofrequency communications in the secure access device and configured to receive the authentication information via an electro-mechanical input mechanism;authenticating, by an authentication subsystem in the secure access device, the authentication information received via the electro-mechanical input mechanism or via the wireless transceiver;sending an unlock command, from the authentication subsystem to the interface controller, to enable access to the memory via the external data channel after authenticating the authentication information;enabling, by the interface controller, access to the memory via the external data channel after the authenticating; andencrypting, by an encryption engine in the interface controller, data before the data is stored in the memory.
14. The method as recited in claim 13, wherein the secure access device further comprises a biometric sensor for receiving the authentication information, wherein the authentication subsystem is configured to receive the authentication information via the biometric sensor.
15. The method as recited in claim 13, wherein the authentication information entered via the electro-mechanical input mechanism is a unique code, the unique code being one of a numerical code, an alphanumeric code, or an alphabetic code.
16. The method as recited in claim 13, further comprising: decrypting, by the encryption engine in the secure access device, data read from the memory before sending the decrypted data through the external data channel.
17. The method as recited in claim 13, further comprising: receiving, via the wireless transceiver, the authentication information from a user via an application in a wireless device having a user interface for entering the authentication information.
18. The method as recited in claim 17, wherein the user interface of the application includes one or more options for configuring the secure access device.
19. The method as recited in claim 17, wherein a remote server enables the application in the wireless device to restrict use of the secure access device to a predetermined geographic zone, to a predetermined time period, or to a combination thereof.
20. A non-transitory machine-readable storage medium including instructions that, when executed by a machine, cause the machine to perform operations comprising: disabling, by an interface controller in a secure access device, access to a memory in the secure access device via an external data channel until a user is authenticated by the secure access device;receiving authentication info nation by the secure access device, wherein the secure access device is configured to receive the authentication information via a wireless transceiver for radiofrequency communications in the secure access device, configured to receive the authentication information via an electro-mechanical input mechanism;authenticating, by an authentication subsystem in the secure access device, the authentication information received via the electro-mechanical input mechanism or via the wireless transceiver;sending an unlock command, from the authentication subsystem to the interface controller, to enable access to the memory via the external data channel after authenticating the authentication information;enabling, by the interface controller, access to the memory via the external data channel after the authenticating; andencrypting, by an encryption engine in the interface controller, data before the data is stored in the memory.

CLAIM OF PRIORITY

This application is a continuation application under 35 USC § 120 of U.S. patent application Ser. No. 16/915,641, entitled “Secure Access Device with Dual Authentication,” filed on Jun. 29, 2020, which is a continuation application of U.S. patent application Ser. No. 16/021,547, entitled “Self-Encrypting Drive,” filed on Jun. 28, 2018, which is a continuation application of U.S. patent application Ser. No. 14/987,749, entitled “Data Security System with Encryption,” filed on Jan. 4, 2016, which is a continuation-in-part of U.S. patent application Ser. No. 12/680,742 filed Mar. 29, 2010, which is the National Stage of International Application number PCT/US2008/077766, filed Sep. 26, 2008, which claims the benefit of U.S. Provisional Patent Application Ser. No. 60/975,814 filed Sep. 27, 2007, all of which are incorporated herein by reference in its entirety. The present application contains subject matter related to U.S. patent application Ser. No. 14/987,678, filed on Jan. 4, 2016, entitled “Data Security System with Encryption,” which is incorporated herein by reference.

US Referenced Citations (471)

Number	Name	Date	Kind
5942985	Chin	Aug 1999	A
6085090	Yee et al.	Jul 2000	A
6112078	Sormunen	Aug 2000	A
6175922	Wang	Jan 2001	B1
6298441	Bar-on et al.	Oct 2001	B1
6480096	Gutman et al.	Nov 2002	B1
6490443	Freeny, Jr.	Dec 2002	B1
6529949	Getsin	Mar 2003	B1
6542071	Ohtsubo et al.	Apr 2003	B1
6760688	Suzuki et al.	Jul 2004	B2
6763252	Itazawa	Jul 2004	B2
6795421	Heinonen	Sep 2004	B1
6845398	Galensky	Jan 2005	B1
6954753	Jeran	Oct 2005	B1
6975202	Rodriguez	Dec 2005	B1
6985719	Leppinen et al.	Jan 2006	B2
7043643	Doe	May 2006	B1
7069447	Corder	Jun 2006	B1
7089424	Subbiah	Aug 2006	B1
7120696	Au et al.	Oct 2006	B1
7181629	Hatanaka	Feb 2007	B1
7269634	Getsin et al.	Sep 2007	B2
7377422	Fujinaga	May 2008	B2
7391319	Walker	Jun 2008	B1
7421735	Kerstens et al.	Sep 2008	B2
7437145	Hamada	Oct 2008	B2
7498985	Woo et al.	Mar 2009	B1
7526934	Conforti	May 2009	B2
7600000	Yao et al.	Oct 2009	B2
7600130	Ooi et al.	Oct 2009	B2
7606558	Despain	Oct 2009	B2
7624265	Slyva	Nov 2009	B1
7624280	Oskari	Nov 2009	B2
7685629	White et al.	Mar 2010	B1
7697920	McClain	Apr 2010	B1
7734293	Zilliacus	Jun 2010	B2
7801561	Parikh et al.	Sep 2010	B2
7925895	Kanazawa et al.	Apr 2011	B2
7941579	Uno	May 2011	B2
7979054	Baysinger	Jul 2011	B2
8051302	Hatanaka et al.	Nov 2011	B1
8058971	Harkins	Nov 2011	B2
8108904	Chickering	Jan 2012	B1
8151116	van der Horst	Apr 2012	B2
8160567	Opaluch	Apr 2012	B2
8171303	Bronstein	May 2012	B2
8229852	Carlson	Jul 2012	B2
8311517	Brass	Nov 2012	B2
8316226	Kshirsagar	Nov 2012	B1
8332650	Banes et al.	Dec 2012	B2
8434133	Kulkarni	Apr 2013	B2
8438652	Weinstein	May 2013	B2
8474028	Kulkarni	Jun 2013	B2
8528096	Fruhauf	Sep 2013	B2
8560457	Obrea	Oct 2013	B2
8639873	Jevans	Jan 2014	B1
8683550	Hung	Mar 2014	B2
8832440	Johnson et al.	Sep 2014	B2
8988187	Wong et al.	Mar 2015	B2
9002800	Yueh	Apr 2015	B1
9049010	Jueneman et al.	Jun 2015	B2
9059984	Brown	Jun 2015	B2
9075571	Bolotin et al.	Jul 2015	B2
9087246	Chin et al.	Jul 2015	B1
9208242	Kindberg	Dec 2015	B2
9262611	Johnson et al.	Feb 2016	B2
9591693	Stroud	Mar 2017	B2
9604651	Amireddy et al.	Mar 2017	B1
9811958	Hall et al.	Nov 2017	B1
9813416	Bolotin et al.	Nov 2017	B2
9893892	Priebatsch	Feb 2018	B2
9900305	Levergood et al.	Feb 2018	B2
9960916	Corndorf	May 2018	B2
10037525	Neafsey	Jul 2018	B2
10146706	Bolotin et al.	Dec 2018	B2
10181055	Bolotin et al.	Jan 2019	B2
10498399	Kamkar et al.	Dec 2019	B1
10754992	Bolotin et al.	Aug 2020	B2
10778417	Bolotin et al.	Sep 2020	B2
10783232	Bolotin et al.	Sep 2020	B2
10985909	Bolotin et al.	Apr 2021	B2
11151231	Bolotin et al.	Oct 2021	B2
11190936	Bolotin	Nov 2021	B2
11233630	Bolotin et al.	Jan 2022	B2
20010034714	Terao et al.	Oct 2001	A1
20010051996	Cooper et al.	Dec 2001	A1
20020023198	Kokubun	Feb 2002	A1
20020023215	Wang et al.	Feb 2002	A1
20020025803	Park	Feb 2002	A1
20020032039	Kimata	Mar 2002	A1
20020052193	Chetty	May 2002	A1
20020081995	Leppinen	Jun 2002	A1
20020082917	Takano	Jun 2002	A1
20020094777	Cannon	Jul 2002	A1
20020099661	Kii	Jul 2002	A1
20020136407	Denning et al.	Sep 2002	A1
20020147525	Cayne	Oct 2002	A1
20020156921	Dutta	Oct 2002	A1
20020169988	Vandergeest	Nov 2002	A1
20020176385	Huh	Nov 2002	A1
20020178370	Gurevich	Nov 2002	A1
20020178385	Dent et al.	Nov 2002	A1
20020179622	Mase	Dec 2002	A1
20020184652	Cezeaux	Dec 2002	A1
20020194470	Grupe	Dec 2002	A1
20020194476	Lewis et al.	Dec 2002	A1
20020194500	Bajikar	Dec 2002	A1
20030006879	Kang et al.	Jan 2003	A1
20030025589	Koike	Feb 2003	A1
20030046593	Xie	Mar 2003	A1
20030048174	Stevens et al.	Mar 2003	A1
20030093693	Blight	May 2003	A1
20030106935	Burchette, Jr.	Jun 2003	A1
20030108205	Joyner et al.	Jun 2003	A1
20030109218	Pourkeramati et al.	Jun 2003	A1
20030112977	Ray et al.	Jun 2003	A1
20030128822	Leivo et al.	Jul 2003	A1
20030158891	Lei et al.	Aug 2003	A1
20030172269	Newcombe	Sep 2003	A1
20030176218	Lemay et al.	Sep 2003	A1
20030188207	Schelling	Oct 2003	A1
20030191955	Wagner et al.	Oct 2003	A1
20030212607	Chu et al.	Nov 2003	A1
20030226011	Kuwano et al.	Dec 2003	A1
20030226025	Lin et al.	Dec 2003	A1
20040009815	Zotto et al.	Jan 2004	A1
20040023642	Tezuka	Feb 2004	A1
20040044897	Lim	Mar 2004	A1
20040046017	Sueyoshi et al.	Mar 2004	A1
20040073792	Noble	Apr 2004	A1
20040073796	Kang et al.	Apr 2004	A1
20040078568	Pham	Apr 2004	A1
20040081110	Koskimies	Apr 2004	A1
20040097217	McClain	May 2004	A1
20040103288	Ziv	May 2004	A1
20040103345	Dunstan	May 2004	A1
20040106433	Ooki	Jun 2004	A1
20040122907	Chou	Jun 2004	A1
20040139207	De	Jul 2004	A1
20040142709	Coskun et al.	Jul 2004	A1
20040143730	Wen et al.	Jul 2004	A1
20040162076	Chowdry et al.	Aug 2004	A1
20040172538	Satoh et al.	Sep 2004	A1
20040198430	Moriyama et al.	Oct 2004	A1
20040203602	Karaoguz et al.	Oct 2004	A1
20040235514	Bloch	Nov 2004	A1
20040236918	Okaue	Nov 2004	A1
20040236919	Okaue	Nov 2004	A1
20040236939	Watanabe et al.	Nov 2004	A1
20040240411	Suzuki	Dec 2004	A1
20040259545	Morita	Dec 2004	A1
20050021959	Tsushima et al.	Jan 2005	A1
20050036509	Acharya et al.	Feb 2005	A1
20050044404	Bhansali	Feb 2005	A1
20050060555	Raghunath et al.	Mar 2005	A1
20050080903	Valenci	Apr 2005	A1
20050086471	Spencer	Apr 2005	A1
20050097320	Golan et al.	May 2005	A1
20050114689	Strom et al.	May 2005	A1
20050138377	First et al.	Jun 2005	A1
20050152305	Ji et al.	Jul 2005	A1
20050184145	Law et al.	Aug 2005	A1
20050206353	Sengoku	Sep 2005	A1
20050210271	Chou	Sep 2005	A1
20050210283	Kato	Sep 2005	A1
20050210380	Kramer et al.	Sep 2005	A1
20050219036	Ueda et al.	Oct 2005	A1
20050226423	Li et al.	Oct 2005	A1
20050270139	Park et al.	Dec 2005	A1
20050273817	Rodriguez	Dec 2005	A1
20050283614	Hardt	Dec 2005	A1
20050288060	Kojima	Dec 2005	A1
20060005023	Homer	Jan 2006	A1
20060007897	Ishii	Jan 2006	A1
20060026689	Barker et al.	Feb 2006	A1
20060041750	Carter et al.	Feb 2006	A1
20060047961	Hashimoto et al.	Mar 2006	A1
20060048236	Multerer	Mar 2006	A1
20060053308	Zimmerman	Mar 2006	A1
20060063590	Abassi	Mar 2006	A1
20060064757	Poslinski	Mar 2006	A1
20060069711	Tsunekawa	Mar 2006	A1
20060085644	Isozaki et al.	Apr 2006	A1
20060085847	Ikeuchi	Apr 2006	A1
20060105740	Puranik	May 2006	A1
20060105749	Han et al.	May 2006	A1
20060112428	Etelapera	May 2006	A1
20060123056	Darbha	Jun 2006	A1
20060128305	Delalat	Jun 2006	A1
20060129829	Aaron	Jun 2006	A1
20060133606	Eberwein et al.	Jun 2006	A1
20060135065	Lee et al.	Jun 2006	A1
20060141986	Shinozaki	Jun 2006	A1
20060152374	Singer et al.	Jul 2006	A1
20060161749	Chen et al.	Jul 2006	A1
20060170533	Chioiu	Aug 2006	A1
20060176146	Krishan	Aug 2006	A1
20060179304	Han	Aug 2006	A1
20060190724	Adams	Aug 2006	A1
20060052085	Gregrio et al.	Sep 2006	A1
20060200305	Sheha et al.	Sep 2006	A1
20060200681	Kato	Sep 2006	A1
20060206709	Labrou	Sep 2006	A1
20060206720	Harada	Sep 2006	A1
20060218412	Hars	Sep 2006	A1
20060218647	Hars	Sep 2006	A1
20060233374	Adams et al.	Oct 2006	A1
20060236105	Brok	Oct 2006	A1
20060236363	Heard	Oct 2006	A1
20060240806	Demirbasa	Oct 2006	A1
20060248599	Sack et al.	Nov 2006	A1
20060265605	Ramezani	Nov 2006	A1
20060267936	Hoerl et al.	Nov 2006	A1
20060271789	Satomura	Nov 2006	A1
20060281441	Okochi	Dec 2006	A1
20060288235	Goto	Dec 2006	A1
20070011724	Gonzalez et al.	Jan 2007	A1
20070015589	Shimizu	Jan 2007	A1
20070016743	Jevans	Jan 2007	A1
20070050622	Rager	Mar 2007	A1
20070050643	Negishi	Mar 2007	A1
20070053308	DuMas	Mar 2007	A1
20070061879	Dailey	Mar 2007	A1
20070066280	Arai	Mar 2007	A1
20070073937	Feinberg	Mar 2007	A1
20070088521	Shmueli et al.	Apr 2007	A1
20070092082	Rush	Apr 2007	A1
20070098176	Song	May 2007	A1
20070100771	Eckleder et al.	May 2007	A1
20070113081	Camp	May 2007	A1
20070115091	Bandaru	May 2007	A1
20070143013	Breen et al.	Jun 2007	A1
20070149170	Bloebaum	Jun 2007	A1
20070162963	Penet	Jul 2007	A1
20070164847	Crawford	Jul 2007	A1
20070169200	Wang	Jul 2007	A1
20070172063	Biggs	Jul 2007	A1
20070180515	Danilak	Aug 2007	A1
20070191057	Kamada	Aug 2007	A1
20070192488	Dacosta	Aug 2007	A1
20070192601	Spain et al.	Aug 2007	A1
20070198856	Lee	Aug 2007	A1
20070200671	Kelley et al.	Aug 2007	A1
20070203618	McBride	Aug 2007	A1
20070208718	Javid	Sep 2007	A1
20070220255	Igarashi	Sep 2007	A1
20070229221	Saotome	Oct 2007	A1
20070239994	Kulkarni et al.	Oct 2007	A1
20070244822	Hogan	Oct 2007	A1
20070248232	Driscoll et al.	Oct 2007	A1
20070255962	Lu et al.	Nov 2007	A1
20070257100	Chase-Salerno	Nov 2007	A1
20070264965	Taniguchi	Nov 2007	A1
20070287418	Reddy	Dec 2007	A1
20070288386	Adachi et al.	Dec 2007	A1
20070290797	Harkins et al.	Dec 2007	A1
20070290798	Larson et al.	Dec 2007	A1
20070290799	Harkins et al.	Dec 2007	A1
20070294746	Sasakura	Dec 2007	A1
20070300052	Jevans	Dec 2007	A1
20070300063	Adams et al.	Dec 2007	A1
20080005577	Rager	Jan 2008	A1
20080005590	Kasahara	Jan 2008	A1
20080006685	Rackley, III	Jan 2008	A1
20080010190	Rackley, III	Jan 2008	A1
20080010191	Rackley, III	Jan 2008	A1
20080010192	Rackley, III	Jan 2008	A1
20080010193	Rackley, III	Jan 2008	A1
20080010196	Rackley, III	Jan 2008	A1
20080010204	Rackley, III	Jan 2008	A1
20080010215	Rackley, III	Jan 2008	A1
20080010465	Shen	Jan 2008	A1
20080011827	Little	Jan 2008	A1
20080014869	Demirbasa	Jan 2008	A1
20080017711	Adams	Jan 2008	A1
20080022043	Adams	Jan 2008	A1
20080022090	Kishimoto	Jan 2008	A1
20080028120	Mcleod	Jan 2008	A1
20080030304	Doan et al.	Feb 2008	A1
20080034019	Cisler et al.	Feb 2008	A1
20080034223	Funahashi	Feb 2008	A1
20080039134	Hattori	Feb 2008	A1
20080040265	Rackley, III	Feb 2008	A1
20080041936	Vawter	Feb 2008	A1
20080041943	Radicella et al.	Feb 2008	A1
20080041951	Adams	Feb 2008	A1
20080045177	Wise	Feb 2008	A1
20080048846	Nagai et al.	Feb 2008	A1
20080052439	Young et al.	Feb 2008	A1
20080052765	Shinomiya	Feb 2008	A1
20080055041	Takene	Mar 2008	A1
20080070495	Stricklen et al.	Mar 2008	A1
20080070501	Wyld	Mar 2008	A1
20080072073	Yang	Mar 2008	A1
20080086320	Ballew et al.	Apr 2008	A1
20080086323	Petrie et al.	Apr 2008	A1
20080086509	Wallace	Apr 2008	A1
20080086764	Kulkarni	Apr 2008	A1
20080086767	Kulkarni	Apr 2008	A1
20080086770	Kulkarni	Apr 2008	A1
20080090612	Glinka	Apr 2008	A1
20080098134	Van Acht	Apr 2008	A1
20080098225	Baysinger	Apr 2008	A1
20080114855	Welingkar	May 2008	A1
20080115141	Welingkar	May 2008	A1
20080115152	Welingkar	May 2008	A1
20080115226	Welingkar	May 2008	A1
20080120726	Tsunehiro	May 2008	A1
20080120729	Eren	May 2008	A1
20080126145	Rackley, III	May 2008	A1
20080130575	Jun et al.	Jun 2008	A1
20080137838	Lo	Jun 2008	A1
20080141041	Molaro et al.	Jun 2008	A1
20080141378	Mclean	Jun 2008	A1
20080144829	Mitsuoka et al.	Jun 2008	A1
20080148369	Aaron	Jun 2008	A1
20080151847	Abujbara	Jun 2008	A1
20080167002	Kim et al.	Jul 2008	A1
20080168247	Goodwill	Jul 2008	A1
20080177860	Khedouri	Jul 2008	A1
20080178009	Funahashi	Jul 2008	A1
20080184218	Largman	Jul 2008	A1
20080195863	Kennedy	Aug 2008	A1
20080195872	Chow	Aug 2008	A1
20080209203	Haneda	Aug 2008	A1
20080209553	Lu et al.	Aug 2008	A1
20080212771	Hauser	Sep 2008	A1
20080212783	Oba	Sep 2008	A1
20080214215	Aaltonen	Sep 2008	A1
20080215841	Bolotin	Sep 2008	A1
20080216153	Aaltonen	Sep 2008	A1
20080222734	Redlich	Sep 2008	A1
20080238669	Linford	Oct 2008	A1
20080252415	Larson et al.	Oct 2008	A1
20080261560	Ruckart	Oct 2008	A1
20080263363	Jueneman et al.	Oct 2008	A1
20080263621	Austerlitz	Oct 2008	A1
20080267404	Budde et al.	Oct 2008	A1
20080274718	Roper	Nov 2008	A1
20080287067	Kawamura et al.	Nov 2008	A1
20080303631	Beekley et al.	Dec 2008	A1
20080313082	Van Bosch	Dec 2008	A1
20080313692	Yun	Dec 2008	A1
20080320528	Kim	Dec 2008	A1
20080320600	Pandiscia	Dec 2008	A1
20090025435	Popowski	Jan 2009	A1
20090034731	Oshima	Feb 2009	A1
20090036164	Rowley	Feb 2009	A1
20090037748	Kim et al.	Feb 2009	A1
20090040028	Price	Feb 2009	A1
20090052393	Sood et al.	Feb 2009	A1
20090054104	Borean	Feb 2009	A1
20090063802	Johnson	Mar 2009	A1
20090063851	Nijdam	Mar 2009	A1
20090070857	Azuma	Mar 2009	A1
20090083449	Mashinsky	Mar 2009	A1
20090097719	Lim	Apr 2009	A1
20090119754	Schubert	May 2009	A1
20090178144	Redlich	Jul 2009	A1
20090182931	Gill	Jul 2009	A1
20090187720	Hong	Jul 2009	A1
20090193517	Machiyama	Jul 2009	A1
20090232312	Inoue	Sep 2009	A1
20090300710	Chai et al.	Dec 2009	A1
20090307489	Endoh	Dec 2009	A1
20100015942	Huang	Jan 2010	A1
20100031336	Dumont	Feb 2010	A1
20100058064	Kirovski	Mar 2010	A1
20100135491	Bhuyan	Jun 2010	A1
20100138908	Vennelakanti et al.	Jun 2010	A1
20100159852	Kakaire	Jun 2010	A1
20100174913	Johnson et al.	Jul 2010	A1
20100250937	Blomquist	Sep 2010	A1
20100251358	Kobayashi	Sep 2010	A1
20100253508	Koen et al.	Oct 2010	A1
20100274859	Bucuk	Oct 2010	A1
20100275097	Choi	Oct 2010	A1
20100287373	Johnson et al.	Nov 2010	A1
20100293374	Bushby	Nov 2010	A1
20110035788	White et al.	Feb 2011	A1
20110060921	Michael	Mar 2011	A1
20110231911	White et al.	Sep 2011	A1
20110313922	Ben Ayed	Dec 2011	A1
20120226912	King	Sep 2012	A1
20120233681	Adams	Sep 2012	A1
20120234058	Neil et al.	Sep 2012	A1
20120254602	Bhansali	Oct 2012	A1
20130010962	Buer et al.	Jan 2013	A1
20130061315	Jevans	Mar 2013	A1
20130067242	Lyakhovitskiy	Mar 2013	A1
20130073406	Gazdzinski	Mar 2013	A1
20130214935	Kim et al.	Aug 2013	A1
20130237193	Dumas et al.	Sep 2013	A1
20130269026	Deluca	Oct 2013	A1
20130283049	Brown	Oct 2013	A1
20140108799	Wang et al.	Apr 2014	A1
20140109203	Pemmaraju	Apr 2014	A1
20140120905	Kim	May 2014	A1
20140149742	Yau	May 2014	A1
20140265359	Cheng et al.	Sep 2014	A1
20140282877	Mahaffey	Sep 2014	A1
20140372743	Rogers	Dec 2014	A1
20150058624	Borisov et al.	Feb 2015	A1
20150102899	Kim et al.	Apr 2015	A1
20150199863	Scoggins et al.	Jul 2015	A1
20150278125	Bolotin et al.	Oct 2015	A1
20150312233	Graham, III et al.	Oct 2015	A1
20160035163	Conrad	Feb 2016	A1
20160036594	Conrad	Feb 2016	A1
20160036788	Conrad	Feb 2016	A1
20160036814	Conrad	Feb 2016	A1
20160042581	Ku	Feb 2016	A1
20160098874	Handville et al.	Apr 2016	A1
20160104334	Handville et al.	Apr 2016	A1
20160119339	Bolotin et al.	Apr 2016	A1
20160180618	Ho et al.	Jun 2016	A1
20160239001	Chin et al.	Aug 2016	A1
20160259736	Bolotin et al.	Sep 2016	A1
20160277439	Rotter	Sep 2016	A1
20160285638	Pearson	Sep 2016	A1
20160337863	Robinson	Nov 2016	A1
20160343181	Cheng et al.	Nov 2016	A1
20160343185	Dumas	Nov 2016	A1
20170017810	Bolotin et al.	Jan 2017	A1
20170032602	Cheng et al.	Feb 2017	A1
20170053467	Meganck et al.	Feb 2017	A1
20170070345	Lee et al.	Mar 2017	A9
20170075636	Chang	Mar 2017	A1
20170109952	Johnson	Apr 2017	A1
20170136990	Tercero	May 2017	A1
20170169679	Johnson et al.	Jun 2017	A1
20170191287	Mittleman et al.	Jul 2017	A1
20170214528	Priebatsch	Jul 2017	A1
20170243420	Lien	Aug 2017	A1
20170243425	Meganck et al.	Aug 2017	A1
20170352215	Maiwand et al.	Dec 2017	A1
20170372550	Lin	Dec 2017	A1
20180009416	Maiwand et al.	Jan 2018	A1
20180013815	Gold	Jan 2018	A1
20180096546	Bartels	Apr 2018	A1
20180114387	Klink et al.	Apr 2018	A1
20180114389	Geiszler	Apr 2018	A1
20180248704	Coode et al.	Aug 2018	A1
20180262336	Fujiwara et al.	Sep 2018	A1
20180268633	Kwon et al.	Sep 2018	A1
20180307869	Bolotin et al.	Oct 2018	A1
20180357406	Bolotin et al.	Dec 2018	A1
20190001925	Arakawa et al.	Jan 2019	A1
20190007203	Bolotin et al.	Jan 2019	A1
20190012860	Lee et al.	Jan 2019	A1
20190035189	Miyamoto et al.	Jan 2019	A1
20190066415	Pang et al.	Feb 2019	A1
20190073842	Lee et al.	Mar 2019	A1
20190130673	Beck	May 2019	A1
20190147676	Madzhunkov et al.	May 2019	A1
20190205818	Sakurada et al.	Jul 2019	A1
20190289553	Kincaid et al.	Sep 2019	A1
20190297134	Gold	Sep 2019	A1
20190304227	Chen	Oct 2019	A1
20190325677	Lingala et al.	Oct 2019	A1
20190385392	Cho et al.	Dec 2019	A1
20200013238	Shimano	Jan 2020	A1
20200043271	Anderson et al.	Feb 2020	A1
20200051351	Shin	Feb 2020	A1
20200052905	Mathias et al.	Feb 2020	A1
20200156591	Arakawa et al.	May 2020	A1
20200296585	Bolotin et al.	Sep 2020	A1
20200327211	Bolotin et al.	Oct 2020	A1
20200328880	Bolotin et al.	Oct 2020	A1
20200366470	Bolotin et al.	Nov 2020	A1
20210382968	Bolotin	Dec 2021	A1

Foreign Referenced Citations (44)

Number	Date	Country
1378667	Nov 2002	CN
101140605	Mar 2008	CN
105210073	Dec 2015	CN
108604982	Sep 2018	CN
108604982	Sep 2020	CN
112054892	Dec 2020	CN
1183817	Mar 2002	EP
2562923	Feb 2020	GB
2580549	Dec 2020	GB
H10340231	Dec 1998	JP
2004326763	Nov 2004	JP
2006139757	Jun 2006	JP
2006251857	Sep 2006	JP
2006268831	Oct 2006	JP
2009524880	Jul 2009	JP
2010102617	May 2010	JP
2013515296	May 2013	JP
2014530562	Nov 2014	JP
2019511791	Apr 2019	JP
6633228	Dec 2019	JP
2020057412	Apr 2020	JP
6938602	Sep 2021	JP
2021192265	Dec 2021	JP
1020010106325	Nov 2001	KR
1020050023050	Mar 2005	KR
102054711	Dec 2019	KR
102201093	Jan 2021	KR
583568	Apr 2004	TW
I252701	Apr 2006	TW
200715801	Apr 2007	TW
200915074	Apr 2009	TW
201530338	Aug 2015	TW
201546729	Dec 2015	TW
537732	Jun 2016	TW
201737151	Oct 2017	TW
202016779	May 2020	TW
I692704	May 2020	TW
202029042	Aug 2020	TW
I727717	May 2021	TW
WO-2006041569	Apr 2006	WO
WO-2009042820	Apr 2009	WO
2013073260	May 2013	WO
WO-2017123433	Jul 2017	WO
WO-2020037053	Feb 2020	WO

Non-Patent Literature Citations (116)

Entry
“U.S. Appl. No. 16/915,664, Notice of Allowance dated Sep. 16, 2021”, 20 pgs.
“U.S. Appl. No. 16/915,664, Corrected Notice of Allowability dated Dec. 10, 2021”, 2 pgs.
“U.S. Appl. No. 12/680,742, Advisory Action dated Jan. 27, 2015”, 3 pgs.
“U.S. Appl. No. 12/680,742, Advisory Action dated Dec. 19, 2013”, 3 pgs.
“U.S. Appl. No. 12/680,742, Final Office Action dated Sep. 27, 2013”, 13 pgs.
“U.S. Appl. No. 12/680,742, Final Office Action dated Oct. 28, 2014”, 16 pgs.
“U.S. Appl. No. 12/680,742, Non Final Office Action dated Mar. 12, 2013”, 12 pgs.
“U.S. Appl. No. 12/680,742, Non Final Office Action dated Mar. 27, 2015”, 15 pgs.
“U.S. Appl. No. 12/680,742, Non Final Office Action dated Apr. 7, 2014”, 14 pgs.
“U.S. Appl. No. 12/680,742, Notice of Allowance dated Oct. 1, 2015”, 8 pgs.
“U.S. Appl. No. 12/680,742, Preliminary Amendment filed Jun. 5, 2012”, 2 pgs.
“U.S. Appl. No. 12/680,742, Response filed Jun. 12, 2013 to Non Final Office Action dated Mar. 12, 2013”, 16 pgs.
“U.S. Appl. No. 12/680,742, Response filed Jun. 29, 2015 to Non Final Office Action dated Mar. 27, 2015”, 14 pgs.
“U.S. Appl. No. 12/680,742, Response filed Jul. 7, 2014 to Non Final Office Action dated Apr. 7, 2014”, 20 pgs.
“U.S. Appl. No. 12/680,742, Response filed Nov. 27, 2013 to Final Office Action dated Sep. 27, 2013”, 15 pgs.
“U.S. Appl. No. 12/680,742, Response filed Dec. 29, 2014 to Final Office Action dated Oct. 28, 2014”, 16 pgs.
“U.S. Appl. No. 14/987,678, 312 Amendment filed Sep. 5, 2017”, 3 pgs.
“U.S. Appl. No. 14/987,678, Non Final Office Action dated Feb. 10, 2017”, 11 pgs.
“U.S. Appl. No. 14/987,678, Notice of Allowance dated Aug. 10, 2017”, 9 pgs.
“U.S. Appl. No. 14/987,678, PTO Response to Rule 312 Communication dated Sep. 11, 2017”, 2 pgs.
“U.S. Appl. No. 14/987,678, Response filed Jun. 21, 2017 to Non Final Office Action dated Feb. 10, 2017”, 9 pgs.
“U.S. Appl. No. 14/987,749, Examiner Interview Summary dated Sep. 10, 2018”, 2 pgs.
“U.S. Appl. No. 14/987,749, Final Office Action dated Feb. 22, 2018”, 15 pgs.
“U.S. Appl. No. 14/987,749, Non Final Office Action dated Jun. 7, 2018”, 11 pgs.
“U.S. Appl. No. 14/987,749, Non Final Office Action dated Aug. 10, 2017”, 12 pgs.
“U.S. Appl. No. 14/987,749, Notice of Allowance dated Sep. 27, 2018”, 14 pgs.
“U.S. Appl. No. 14/987,749, Response filed May 4, 2018 to Final Office Action dated Feb. 22, 2018”, 21 pgs.
“U.S. Appl. No. 14/987,749, Response filed Sep. 11, 2018 to Non Final Office Action dated Jun. 7, 2018”, 12 pgs.
“U.S. Appl. No. 14/987,749, Response filed Nov. 10, 2017 to Non Final Office Action dated Aug. 10, 2017”, 14 pgs.
“U.S. Appl. No. 16/021,547, Final Office Action dated Feb. 3, 2020”, 17 pgs.
“U.S. Appl. No. 16/021,547, Non Final Office Action dated Aug. 7, 2019”, 16 pgs.
“U.S. Appl. No. 16/021,547, Notice of Allowance dated Apr. 22, 2020”, 17 pgs.
“U.S. Appl. No. 16/021,547, Response filed Mar. 31, 2020 to Final Office Action dated Feb. 3, 2020”, 17 pgs.
“U.S. Appl. No. 16/021,547, Response filed Nov. 7, 2019 to Non Final Office Action dated Aug. 7, 2019”, 16 pgs.
“U.S. Appl. No. 16/103,979, Final Office Action dated Feb. 28, 2020”, 12 pgs.
“U.S. Appl. No. 16/103,979, Non Final Office Action dated Oct. 2, 2019”, 14 pgs.
“U.S. Appl. No. 16/103,979, Notice of Allowance dated May 7, 2020”, 16 pgs.
“U.S. Appl. No. 16/103,979, Response filed Apr. 28, 2020 to Final Office Action dated Feb. 28, 2020”, 8 pgs.
“U.S. Appl. No. 16/103,979, Response filed Dec. 5, 2019 to Non Final Office Action dated Oct. 2, 2019”, 15 pgs.
“U.S. Appl. No. 16/103,983, Final Office Action dated Mar. 10, 2020”, 11 pgs.
“U.S. Appl. No. 16/103,983, Non Final Office Action dated Sep. 5, 2019”, 16 pgs.
“U.S. Appl. No. 16/103,983, Notice of Allowance dated Jun. 2, 2020”, 15 pgs.
“U.S. Appl. No. 16/103,983, Response filed Apr. 27, 2020 to Final Office Action dated Mar. 10, 2020”, 8 pgs.
“U.S. Appl. No. 16/103,983, Response filed Dec. 3, 2019 to Non Final Office Action mailed”, 19 pgs.
“U.S. Appl. No. 16/888,230, Non Final Office Action dated Mar. 9, 2021”, 21 pgs.
“U.S. Appl. No. 16/888,230, Notice of Allowance dated Aug. 4, 2021”, 21 pgs.
“U.S. Appl. No. 16/888,230, Response filed Jun. 7, 2021 to Non Final Office Action dated Mar. 9, 2021”, 13 pgs.
“U.S. Appl. No. 16/915,641, Final Office Action dated May 24, 2021”, 18 pgs.
“U.S. Appl. No. 16/915,641, Non Final Office Action dated Mar. 4, 2021”, 16 pgs.
“U.S. Appl. No. 16/915,641, Notice of Allowance dated Jun. 18, 2021”, 7 pgs.
“U.S. Appl. No. 16/915,641, Response filed May 13, 2021 to Non Final Office Action dated Mar. 4, 2021”, 7 pgs.
“U.S. Appl. No. 16/915,641, Response filed May 28, 2021 to Final Office Action dated May 24, 2021”, 3 pgs.
“U.S. Appl. No. 16/915,664, Non Final Office Action dated Apr. 1, 2021”, 19 pgs.
“U.S. Appl. No. 16/915,664, Response filed Jun. 24, 2021 to Non Final Office Action dated Apr. 1, 2021”, 15 pgs.
“U.S. Appl. No. 16/987,834, Final Office Action dated Nov. 5, 2020”, 18 pgs.
“U.S. Appl. No. 16/987,834, Non Final Office Action dated Sep. 1, 2020”, 14 pgs.
“U.S. Appl. No. 16/987,834, Notice of Allowance dated Dec. 24, 2020”, 16 pgs.
“U.S. Appl. No. 16/987,834, Response filed Oct. 16, 2020 to Non Final Office Action dated Sep. 1, 2020”, 12 pgs.
“U.S. Appl. No. 16/987,834, Response filed Dec. 3, 2020 to Final Office Action dated Nov. 5, 2020”, 15 pgs.
“Chinese Application Serial No. 201780005638.6, Office Action dated Feb. 3, 2020”, w/ English Translation, 8 pgs.
“Chinese Application Serial No. 201780005638.6, Office Action dated Jul. 2, 2019”, w/ English Translation, 15 pgs.
“Chinese Application Serial No. 201780005638.6, Response filed Apr. 2, 2020 to Office Action dated Feb. 3, 2020”, w/ English Claims, 31 pgs.
“Chinese Application Serial No. 201780005638.6, Response filed Apr. 21, 2020 to Examiner Interview”, w/ English Claims, 12 pgs.
“Chinese Application Serial No. 201780005638.6, Response filed Nov. 6, 2019 to Office Action dated Jul. 2, 2019”, w/ English Claims, 18 pgs.
“Chinese Application Serial No. 201780005638.6, Voluntary Amendment filed Apr. 1, 2019”, w/ English Claims, 19 pgs.
“European Application Serial No. 19766380.0, Response filed Jun. 21, 2021 to Communication pursuant to Rules 161(1) and 162 EPC”, 26 pgs.
“International Application Serial No. PCT/US2008/077766, International Preliminary Report on Patentability dated Mar. 30, 2010”, 8 pgs.
“International Application Serial No. PCT/US2008/077766, International Search Report dated Mar. 31, 2009”, 3 pgs.
“International Application Serial No. PCT/US2008/077766, Written Opinion dated Mar. 31, 2009”, 7 pgs.
“International Application Serial No. PCT/US2017/012060, International Preliminary Report on Patentability dated Jul. 19, 2018”, 8 pgs.
“International Application Serial No. PCT/US2017/012060, International Search Report dated Mar. 27, 2017”, 2 pgs.
“International Application Serial No. PCT/US2017/012060, Written Opinion dated Mar. 27, 2017”, 6 pgs.
“International Application Serial No. PCT/US2019/046522, International Preliminary Report on Patentability dated Feb. 25, 2021”, 9 pgs.
“International Application Serial No. PCT/US2019/046522, International Search Report dated Oct. 17, 2019”, 5 pgs.
“International Application Serial No. PCT/US2019/046522, Written Opinion dated Oct. 17, 2019”, 7 pgs.
“Japanese Application Serial No. 2018-553854, Notification of Reasons for Refusal dated Aug. 6, 2019”, w/ English Translation, 6 pgs.
“Japanese Application Serial No. 2018-553854, Response filed Oct. 28, 2019 to Notification of Reasons for Refusal dated Aug. 6, 2019”, w/ English Claims, 12 pgs.
“Japanese Application Serial No. 2019-223413, Notification of Reasons for Refusal dated Mar. 2, 2021”, w/ English Translation, 8 pgs.
“Japanese Application Serial No. 2019-223413, Response filed Jul. 9, 2021 to Notification of Reasons for Refusal dated Mar. 2, 2021”, w/ English Claims, 18 pgs.
“Korean Application Serial No. 10-2019-7035893, Notice of Preliminary Rejection dated Jun. 24, 2020”, w/ English Translation, 8 pgs.
“Korean Application Serial No. 10-2019-7035893, Response filed Aug. 24, 2020 to Notice of Preliminary Rejection dated Jun. 24, 2020”, w/ English Claims, 29 pgs.
“Taiwanese Application Serial No. 106100149, First Office Action dated Sep. 20, 2019”, w/ English Translation, 7 pgs.
“Taiwanese Application Serial No. 106100149, Response filed Dec. 18, 2019 to First Office Action dated Sep. 20, 2019”, w/ Amendment in English, 15 pgs.
“Taiwanese Application Serial No. 106100149, Voluntary Amendment filed Aug. 6, 2019”, w/ English Claims, 26 pgs.
“Taiwanese Application Serial No. 108129258, Office Action dated Feb. 3, 2021”, w/ English Translation, 15 pgs.
“Taiwanese Application Serial No. 108129258, Voluntary Amendment filed Mar. 19, 2020”, w/ English Claims, 63 pgs.
“Taiwanese Application Serial No. 109109809, Office Action dated Oct. 8, 2020”, w/ English Translation, 36 pgs.
“United Kingdom Application Serial No. 1811137.7, Examination Report under Section 18(3) dated Aug. 12, 2019”, 2 pgs.
“United Kingdom Application Serial No. 1811137.7, Intent to Grant Under Section 18(4) dated Nov. 29, 2019”.
“United Kingdom Application Serial No. 1811137.7, Response filed Oct. 14, 2019 to Examination Report under Section 18(3) dated Aug. 12, 2019”, 36 pgs.
“United Kingdom Application Serial No. 1811137.7, Voluntary Amendment Filed May 15, 2019”, 14 pgs.
“United Kingdom Application Serial No. 1811137.7, Voluntary Amendment Filed Jun. 25, 2019”, 13 pgs.
“United Kingdom Application Serial No. 1919421.6, Intent to Grant Under Section 18(4) dated Oct. 9, 2020”, 2 pgs.
“United Kingdom Application Serial No. 1919421.6, Response filed May 29, 2020 to Combined Search and Examination Report under Sections 17 and 18(3) dated May 11, 2020”, 23 pgs.
“United Kingdom Application Serial No. 1919421.6, Response filed Jun. 17, 2020 to Subsequent Examination Report under Section 18(3) dated Jun. 2, 2020”, 10 pgs.
“United Kingdom Application Serial No. 1919421.6, Subsequent Examination Report under Section 18(3) dated Jun. 2, 2020”, 3 pgs.
“Japanese Application Serial No. 2021-142248, Notification of Reasons for Refusal dated Oct. 18, 2022”, w/ English translation, 10 pgs.
U.S. Appl. No. 12/680,742 U.S. Pat. No. 9,262,611, filed Mar. 29, 2010, Data Security System with Encryption.
U.S. Appl. No. 14/987,678 U.S. Pat. No. 9,813,416, filed Jan. 4, 2016, Data Security System with Encryption.
U.S. Appl. No. 14/987,749 U.S. Pat. No. 10,181,055, filed Jan. 4, 2016, Data Security System with Encryption.
U.S. Appl. No. 16/021,547 U.S. Pat. No. 10,754,992, filed Jun. 28, 2018, Self-Encrypting Drive.
U.S. Appl. No. 16/915,641, filed Jun. 29, 2020, Secure Access Device with Dual Authentication.
U.S. Appl. No. 16/103,979 U.S. Pat. No. 10,778,417, filed Aug. 16, 2018, Self-Encrypting Module with Embedded Wireless User Authentication.
U.S. Appl. No. 16/915,664, filed Jun. 29, 2020, Module with Embedded Wireless User Authentication.
U.S. Appl. No. 16/987,834 U.S. Pat. No. 10,985,909, filed Aug. 7, 2020, Door Lock Control with Wireless User Authentication.
U.S. Appl. No. 16/888,230, filed May 29, 2020, Wireless Authentication System.
U.S. Appl. No. 16/103,983 U.S. Pat. No. 10,783,232, filed Aug. 16, 2018, Management System for Self-Encrypting Managed Devices with Embedded Wireless User Authentication.
“Chinese Application Serial No. 202010783513.X, Office Action dated Sep. 19, 2023”, w/ English Translation, 17 pgs.
“European Application Serial No. 19766380.0, Communication Pursuant to Article 94(3) EPC dated Feb. 21, 2023”, 8 pgs.
“European Application Serial No. 19766380.0, Response filed Jun. 6, 2023 to Communication Pursuant to Article 94(3) EPC dated Feb. 21, 2023”, 23 pgs.
“European Application Serial No. 23177368.0, Extended European Search Report dated Aug. 21, 2023”, 11 pgs.
“Japanese Application Serial No. 2021-142248, Response filed Jan. 13, 2023 to Notification of Reasons for Refusal dated Oct. 18, 2022”, w/ English claims, 14 pgs.
“Chinese Application Serial No. 202010783513.X, Response Filed Jan. 15, 2024 to Office Action mailed Sep. 19, 2023”, w/ English Claims, 37 pgs.
“Chinese Application Serial No. 202010783513.X, Office Action mailed Feb. 23, 2024”, w/ English Translation, 17 pgs.
Ranjit, Kaur, “Enhanced cloud computing security and integrity verification via novel encryption techniques”, International Conference on Advances in Computing, Communications and Informatics (ICACCI), (Dec. 1, 2014), 6 pgs.
Wu, Baolun, “Research and Implementation of Authentication Sub-system in Secure Storage”, Application Research of Computers, (Dec. 10, 2005), 37 pgs.

Related Publications (1)

	Number	Date	Country
	20210382968 A1	Dec 2021	US

Provisional Applications (1)

	Number	Date	Country
	60975814	Sep 2007	US

Continuations (3)

	Number	Date	Country
Parent	16915641	Jun 2020	US
Child	17445540		US
Parent	16021547	Jun 2018	US
Child	16915641		US
Parent	14987749	Jan 2016	US
Child	16021547		US

Continuation in Parts (1)

	Number	Date	Country
Parent	12680742		US
Child	14987749		US

Secure access device with multiple authentication mechanisms

Information

Patent Number

Date Filed

Date Issued

Inventors

Original Assignees

Examiners

Agents

CPC

Field of Search

CPC

International Classifications

Disclaimer

Abstract