Managing payload decryption via fingerprints
First Claim
1. A point to point encryption management computing system comprising at least one hardware processor operatively coupled to memory, the at least one hardware processor configured to:
- receive a first payload from a device, the first payload comprising data in a particular format and a device indicator comprising a unique identifier used for identifying the device;
parse the first payload to extract the unique identifier;
retrieve a unique identifier table from memory;
compare the unique identifier to the unique identifier table to determine whether the unique identifier is included in the unique identifier table;
upon determining that the unique identifier is included in the unique identifier table, create a fingerprint associated with the unique identifier, wherein the fingerprint is created by;
parsing the particular format of the first payload into one or more distinct sections of the particular format;
determining the section format of each of the one or more distinct sections; and
creating a record of the section format of each of the one or more distinct sections; and
compare a format of each subsequent payload received from the device to the fingerprint for the device to determine whether the device has been compromised.
5 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for creating fingerprints for encryption devices are described herein. In various embodiments, the system includes an encryption device operatively connected to a device management system. According to particular embodiments, the device management system: 1) receives a first payload from the encryption device, the first payload including data in a particular format; 2) creates a fingerprint for the encryption device, the fingerprint including a section format for each of one or more distinct sections of the particular format; 3) storing a record of the fingerprint for the encryption device and the unique identifier at the at least one database; and 4) comparing a format of each subsequent payload received from the encryption device to the fingerprint for the device to determine whether the device has been compromised.
-
Citations
20 Claims
-
1. A point to point encryption management computing system comprising at least one hardware processor operatively coupled to memory, the at least one hardware processor configured to:
-
receive a first payload from a device, the first payload comprising data in a particular format and a device indicator comprising a unique identifier used for identifying the device; parse the first payload to extract the unique identifier; retrieve a unique identifier table from memory; compare the unique identifier to the unique identifier table to determine whether the unique identifier is included in the unique identifier table; upon determining that the unique identifier is included in the unique identifier table, create a fingerprint associated with the unique identifier, wherein the fingerprint is created by; parsing the particular format of the first payload into one or more distinct sections of the particular format; determining the section format of each of the one or more distinct sections; and creating a record of the section format of each of the one or more distinct sections; and compare a format of each subsequent payload received from the device to the fingerprint for the device to determine whether the device has been compromised. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A point to point encryption management computing system comprising at least one hardware processor operatively coupled to memory, the at least one hardware processor configured to:
-
receive an initial payload from one or more devices, each initial payload comprising encrypted and unencrypted data in a format; parse each initial payload to extract a unique identifier; retrieve a unique identifier table from memory; compare each of the unique identifiers to the unique identifier table to determine whether each of the unique identifiers are included in the unique identifier table; upon determining that each of the unique identifiers are included in the unique identifier table, create a fingerprint associated with each unique identifier, wherein each fingerprint is created by; parsing the format of each initial payload into one or more distinct sections; determining a section format of each of the one or more distinct sections; and creating a record of the section format of each of the one or more distinct sections; and compare the format of each subsequent payload from the one or more devices to the fingerprint associated with the unique identifier for the one or more devices; and upon determining that the format of a particular payload of the subsequent payloads received from a particular device does not match the fingerprint associated with the unique identifier for the particular device, decline to decrypt any encrypted data of the particular payload and transmit a notification of declining to decrypt the encrypted data to a user computing system. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer-implemented method for managing payload decryption via a computing system operatively coupled to an encryption device, the method comprising:
-
receiving, by at least one processor, a first payload from the encryption device, the first payload comprising data in a particular format, a unique identifier used for identifying the encryption device, and encrypted data; extracting the unique identifier from the first payload; comparing the unique identifier to a unique identifier table retrieved from memory to determine whether the unique identifier is included in the unique identifier table; upon determining that the unique identifier is included in the unique identifier table, creating, by a fingerprint creation means, a fingerprint for the encryption device, by; parsing the particular format into one or more distinct sections of the particular format; determining the section format of each of the one or more distinct sections; and creating a record of the section format of each of the one or more distinct sections; storing a record of the fingerprint and the unique identifier in memory and changing a state of the encryption device to active by the at least one processor; comparing, by the at least one processor, a second particular format of a subsequent payload received from the encryption device to the fingerprint for the encryption device to determine whether the encryption device has been compromised; and upon determining that the encryption device has not been compromised, decrypting encrypted data of the subsequent payload. - View Dependent Claims (19, 20)
-
Specification