Apparatus and method for data security in a data storage environment. In some embodiments, input data from a host is received into a buffer memory. Data compression is applied to the input data to provide compressed data. Encryption is applied to the compressed data to generate encrypted data, and the encrypted data are stored in a main memory of a data storage device. A system parameter value associated with the storage of the encrypted data is generated and stored in a memory, such as the main memory of the storage device. The system parameter value may include information relating to the compression of the data. A trusted relationship is established to authenticate the host responsive to a request for the updated system parameter value. The system parameter value is transferred to the host responsive to the established trusted relationship.

An encryption system and method for a computing device having an encrypted operating system is disclosed. The encryption system includes a pre-operating system and an encrypted start-up module. The pre-operating system is executed on start-up of the computing device and is configured to receive user inputs for authenticating the user, the pre-operating system authenticating the user in dependence on the user inputs and, upon authentication, block-decrypting the encrypted start-up module into volatile memory for booting of the encrypted operating system on the computing device.

In a network system that a plurality of information processing devices are connected via a network, an information processing device includes an information dividing part configured to generate a plurality of divided information by dividing user information, a state information acquisition part configured to acquire state information of the network system, and a destination determination part configured to determine a plurality of destinations fir storing a plurality of divided information distributed thereto in response to variations of the state information. The destination determination part determines destinations based on network communication speed, physical distances between information processing devices, authentication methods applied to information processing devices, or free spaces of storage units of information processing devices. The information dividing part generates a plurality of divided information by dividing user information by predetermined data sizes or by categories.

A method for protecting data on a first storage device from unauthorized access is provided. The method includes copying a data map, such as a file allocation table, from the first storage device, on which the data to be protected resides, to a second storage device. A security key is established for the data map. The data map is then deleted from the first storage device, to render unusable the data thereon. The data map is restored to the first storage device upon successful input of the security key.

Examples are disclosed for use of vendor defined messages to execute a command to access a storage device maintained at a server. In some examples, a network input/output device coupled to the server may receive the command from a client remote to the server for the client to access the storage device. For these examples, elements or components of the network input/output device may be capable of forwarding the command either directly to a Non-Volatile Memory Express (NVMe) controller that controls the storage device or to a manageability module coupled between the network input/out device and the NVMe controller. Vendor specific information may be forwarded with the command and used by either the NVMe controller or the manageability module to facilitate execution of the command. Other examples are described and claimed.

An apparatus may include a chassis that can receive a sled and a locking mechanism. The locking mechanism can mechanically lock the sled to the chassis to prevent a sudden power loss that can be caused from an unexpected removal of the sled from the chassis. To avoid a sudden power loss, a voltage-sensing electrical switch lock can be implemented to the chassis to mechanically lock the sled to the chassis until the sled is ready to be removed. The sled may include one or more computing devices that need to be inactive before removing the sled. The apparatus includes a controller that may detect whether at least one of computing devices in the sled are in an active state or in an inactive state. Based on the determination of the state of the computing devices in the sled, the controller may activate the locking mechanism or de-active locking mechanism.

Systems and methods for providing awareness of a host file system on a storage device are described. In one embodiment, a storage device includes a host interface and a file awareness block. The host interface provides an interface between a host and the storage device. The file awareness block provides an awareness of the host file system to the storage device.

Systems and methods for providing awareness of a host file system on a storage device are described. In one embodiment, a storage device includes a host interface and a file awareness block. The host interface provides an interface between a host and the storage device. The file awareness block provides an awareness of the host file system to the storage device.

A computer-implemented method according to one embodiment includes receiving a request for data, where the data is stored in a first format in a first storage area of a system, retrieving the data stored in the first format from the first storage area of the system, converting the data from the first format to a second format, and returning the data in the second format

A laser eye surgery system produces a treatment beam that includes a plurality of laser pulses. An optical coherence tomography (OCT) subsystem produces a source beam used to locate one or more structures of an eye. The OCT subsystem is used to sense the distance between a camera objective on the underside of the laser eye surgery system and the patient's eye. Control electronics compare the sensed distance with a pre-determined target distance, and reposition a movable patient support toward or away the camera objective until the sensed distance is at the pre-determined target distance. A subsequent measurement dependent upon the spacing between the camera objective and the patient's eye is performed, such as determining the astigmatic axis by observing the reflection of a plurality of point source LEDs arranged in concentric rings off the eye.