# Securing Data Storage Commands with Passcodes > This patent describes a system for securely executing commands on data storage systems by requiring a generated passcode, which is based on user authentication and specific storage entity attributes. - **Patent:** US 10102356 - **Original title:** Securing storage control path against unauthorized access - **Owner:** EMC IP Holding Co LLC - **Granted:** 2018 - **Status:** Active - **Times cited:** 89 - **Field:** consumer_electronics, software, telecommunications, semiconductors ## What it does This patent details a method for protecting data storage systems from unauthorized actions. When a user wants to issue a command, like modifying or deleting data, they first provide their user ID and authentication info. If that checks out (like a password and a code from an app), the system generates a special passcode. This passcode isn't random; it's created using specific details about the storage system or the data being targeted, like its serial number or a snapshot ID. The user then sends their command along with this passcode. The storage system checks if the passcode is valid for that specific command and data, and only if it matches does it execute the command. This ensures that even if someone intercepts a command, they can't run it without the correct, context-aware passcode. ## What it does NOT cover - Commands that do not require a passcode because they are not part of a predefined subset of sensitive operations. - Executing control commands without first successfully authenticating the user identifier. - Generating a passcode that is not based on at least one attribute of the specific data storage entity being targeted. - Using a passcode that has not been validated by the data storage system against the specific command and entity. - Control commands that are not part of an 'allowable' set of operations defined by policies. ## The clever bit The innovation lies in generating a dynamic passcode that is intrinsically linked to the specific data storage entity and the type of command being issued. Instead of a static password, it uses attributes of the target data, making the passcode context-aware and much harder to spoof or reuse incorrectly. ## Real-world examples 1. Enterprise storage management software 2. Cloud storage control planes 3. Data backup and recovery systems ## Why it matters In enterprise data centers, managing vast amounts of storage is critical. Unauthorized changes to storage configurations, like deleting critical data or logical devices, can have catastrophic consequences. This patent provides a robust mechanism to prevent such accidental or malicious actions by adding an extra layer of security specifically for sensitive storage operations. ## Frequently asked questions ### What does Securing Data Storage Commands with Passcodes cover? This patent describes a system for securely executing commands on data storage systems by requiring a generated passcode, which is based on user authentication and specific storage entity attributes. ### Who owns patent US 10102356? EMC IP Holding Co LLC owns this patent, granted in 2018. ### When does this patent expire? This patent is expected to expire on October 16, 2038, when the invention enters the public domain. ### What is patent US 10102356 cited by? This patent has been cited by 89 later patents that build on its ideas. ### What problem does this patent solve? In enterprise data centers, managing vast amounts of storage is critical. Unauthorized changes to storage configurations, like deleting critical data or logical devices, can have catastrophic consequences. This patent provides a robust mechanism to prevent such accidental or malicious actions by adding an extra layer of security specifically for sensitive storage operations. ### What does this patent NOT cover? Commands that do not require a passcode because they are not part of a predefined subset of sensitive operations. **Full plain-English explainer:** https://patentbrief.org/patent/us/10102356/macos-dark-mode **Original patent:** https://patents.google.com/patent/US10102356 --- _Source: PatentBrief — https://patentbrief.org. Patent facts are from public records; the plain-English explanation is PatentBrief's._