Secured electronic data storage on a hard drive is described. A computer system that incorporates the hard drive includes a shrink, shred, and data randomization algorithm built into the read/write function of the computer system for the purposes of securing any data that is stored on the hard drive. Data to be stored on the hard drive is processed using the algorithm which shrinks, shreds, and randomly distributes the data into multiple storage locations, for example multiple partitions of storage, different data storage drives of the hard drive, different folders of a storage device, and the like. An electronic log of where the data is distributed is kept in electronic data storage, on the computer system and/or separate from the computer system, that allows the data on the hard drive to be retrieved, reassembled, decompressed, and if necessary decrypted, upon receipt of a read/access request.

Secured electronic data storage on a hard drive is described. A computer system that incorporates the hard drive includes a shrink, shred, and data randomization algorithm built into the read/write function of the computer system for the purposes of securing any data that is stored on the hard drive. Data to be stored on the hard drive is processed using the algorithm which shrinks, shreds, and randomly distributes the data into multiple storage locations, for example multiple partitions of storage, different data storage drives of the hard drive, different folders of a storage device, and the like. An electronic log of where the data is distributed is kept in electronic data storage, on the computer system and/or separate from the computer system, that allows the data on the hard drive to be retrieved, reassembled, decompressed, and if necessary decrypted, upon receipt of a read/access request.

Data storage devices (“DSDs”) can be cryptographically locked, and may be unlocked with encryption keys. One or more encryption keys may be stored remotely in a key server, and may be retrieved by a removable circuit that can be coupled to a server, such as a data server, email server, file system server, other server, or other system. The removable circuit can determine which of the DSDs are locked, and may transmit a request to the key server for encryption keys corresponding to the locked DSDs. The removable circuit can unlock the locked DSDs with the encryption keys provided by the key server.

Data storage devices (“DSDs”) can be cryptographically locked, and may be unlocked with encryption keys. One or more encryption keys may be stored remotely in a key server, and may be retrieved by a removable circuit that can be coupled to a server, such as a data server, email server, file system server, other server, or other system. The removable circuit can determine which of the DSDs are locked, and may transmit a request to the key server for encryption keys corresponding to the locked DSDs. The removable circuit can unlock the locked DSDs with the encryption keys provided by the key server.

A topological spin memory effect, defined as the recovery of magnetic skyrmions or magnetic bubble skyrmions in magnetic thin films after a transition to a dramatically different spin texture, is used for encrypted non-volatile information storage. The storage strategy is based on magnetic skyrmions, that is, topologically protected spin textures comprising chiral domain walls surrounding small (e.g., nanometers to microns in diameter), typically circular, single-domain cores. Systems and methods are described for encrypted non-volatile information storage based on a spin memory effect in magnetic thin films that support skyrmions. Systems and methods encrypt and recover information stored in the form of magnetic skyrmions.

A method and system for binding and verifying between a storage device and hosts are provided. The method includes: sharing system parameters in advance with the hosts by the storage device, where the hosts are to be bound to the storage device; using a programmable read-only memory as the storage device, dividing the programmable read-only memory into m regions, completing the binding between each region and one corresponding host to be bound using the pre-shared system parameters, where m is a positive integer; verifying an identity of a bound host in accordance with the pre-shared system parameters through a zero-knowledge proof method by the storage device; if the verification is successful, starting the storage device and serving the bound host; if the verification is unsuccessful, terminating the starting of the storage device and refusing to serve the bound host.

A computing system can engage in intelligent data provenance with a data storage device connected to a host as part. The data storage device can have a provenance module that employs a trust circuit to maintain a chain of title ledger where the chain of title ledger logs a provenance of the data storage device since the data storage device was manufactured.

An encrypted device system is disclosed that includes an interface for providing the transmission of data between an encrypted data storage medium and a computer system such that a user-interactive application program may be accessed and used via the computer system.

A security program installed or in communication with a computer is provided. The security program is configured to intercept disk (I/O) operations that read/write from/to disk. This allows the security program to confirm and control access to data based on security rules. Further, the security program can categorize data based on security rules and then format and store data on disk in a format that prevents access by application(s) of the computer. The security program is further configured to re-format data to be accessible by the application in a format accessible by the application(s) when a request to access the data complies with security rules.

A security program installed or in communication with a computer is provided. The security program is configured to intercept disk (I/O) operations that read/write from/to disk. This allows the security program to confirm and control access to data based on security rules. Further, the security program can categorize data based on security rules and then format and store data on disk in a format that prevents access by application(s) of the computer. The security program is further configured to re-format data to be accessible by the application in a format accessible by the application(s) when a request to access the data complies with security rules.