×

Decentralized information protection for confidentiality and tamper-proofing on distributed database

  • US 10,084,600 B1
  • Filed: 04/16/2018
  • Issued: 09/25/2018
  • Est. Priority Date: 04/16/2018
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented data security method, comprising:

  • at a first computing device, receiving security service data from a first digital data repository;

    using the first computing device, generating hidden security service data by generating a plurality of shares of the security service data;

    using the first computing device, encrypting each share of the plurality of shares using a separate public key from among a plurality of public keys corresponding to each of a plurality of second computing devices, to generate a plurality of encrypted shares;

    electronically storing the plurality of encrypted shares as data in a second digital data repository;

    using a requesting second computing device of the plurality of second computing devices, in response to receiving an authentication request from a third computing device to access one or more fourth computing devices, sending a request to reveal the hidden security service data to the plurality of second computing devices;

    in response to receiving the request, checking an availability of the plurality of second computing devices to determine an available subset of the plurality of second computing devices;

    decrypting a subset of the plurality of encrypted shares using a subset of separate private keys corresponding to each of the available subset of the plurality of second computing devices to generate a plurality of decrypted shares;

    using the available subset, encrypting the plurality of decrypted shares using a public key corresponding to the requesting second computing device to generate a plurality of re-encrypted shares, and sending the plurality of re-encrypted shares to the requesting second computing device;

    using the requesting second computing device, decrypting the re-encrypted shares using a private key corresponding to the requesting second computing device in order to form hidden security service data;

    forming and storing a readable copy of the hidden security service data;

    using the readable copy of the hidden security service data, performing authentication services for the third computing device to grant or deny access to the one or more fourth computing devices.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×