Systems and methods for securely sharing cloud-service credentials within a network of computing devices
First Claim
1. A computer-implemented method for securely sharing cloud-service credentials within a network of computing devices, at least a portion of the method being performed by a central computing device comprising at least one processor, the method comprising:
- identifying, by the central computing device, a set of networked devices;
encrypting, by the central computing device, at least one user credential for a cloud service;
dividing, by the central computing device, a decryption key for decrypting the user credential into a set of fragments such that a minimum number of fragments is required to decrypt the user credential, wherein the minimum number of fragments is defined by a security policy that includes a distribution policy for distributing the set of fragments to the set of networked devices by determining a distribution for each networked device depending on a physical portability of each networked device; and
securing the user credential by distributing the set of fragments of the decryption key from the central computing device to the set of networked devices in compliance with the security policy such that collecting at least the minimum number of fragments required to decrypt the user credential from physically present networked devices is required to access the cloud service.
6 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for securely sharing cloud-service credentials within a network of computing devices may include (i) identifying, by a central computing device, a set of networked devices, (ii) encrypting, by the central computing device, at least one user credential for a cloud service, (iii) dividing, by the central computing device, a decryption key for decrypting the user credential into a set of fragments such that a minimum number of fragments, as defined by a security policy, is required to decrypt the user credential, and (iv) securing the user credential by distributing the set of fragments of the decryption key from the central computing device to the set of networked devices in compliance with the security policy. Various other methods, systems, and computer-readable media are also disclosed.
-
Citations
20 Claims
-
1. A computer-implemented method for securely sharing cloud-service credentials within a network of computing devices, at least a portion of the method being performed by a central computing device comprising at least one processor, the method comprising:
-
identifying, by the central computing device, a set of networked devices; encrypting, by the central computing device, at least one user credential for a cloud service; dividing, by the central computing device, a decryption key for decrypting the user credential into a set of fragments such that a minimum number of fragments is required to decrypt the user credential, wherein the minimum number of fragments is defined by a security policy that includes a distribution policy for distributing the set of fragments to the set of networked devices by determining a distribution for each networked device depending on a physical portability of each networked device; and securing the user credential by distributing the set of fragments of the decryption key from the central computing device to the set of networked devices in compliance with the security policy such that collecting at least the minimum number of fragments required to decrypt the user credential from physically present networked devices is required to access the cloud service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for securely sharing cloud-service credentials within a network of computing devices, the system comprising:
-
an identification module, stored in memory, that identifies, by a central computing device, a set of networked devices; an encryption module, stored in memory, that encrypts, by the central computing device, at least one user credential for a cloud service; a division module, stored in memory, that divides, by the central computing device, a decryption key for decrypting the user credential into a set of fragments such that a minimum number of fragments is required to decrypt the user credential, wherein the minimum number of fragments is defined by a security policy that includes a distribution policy for distributing the set of fragments to the set of networked devices by determining a distribution for each networked device depending on a physical portability of each networked device; a security module, stored in memory, that secures the user credential by distributing the set of fragments of the decryption key from the central computing device to the set of networked devices in compliance with the security policy such that collecting at least the minimum number of fragments required to decrypt the user credential from physically present networked devices is required to access the cloud service; and at least one processor that executes the identification module, the encryption module, the division module, and the security module. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory computer-readable medium comprising one or more computer-executable instructions that, when executed by at least one processor of a central computing device, cause the central computing device to:
-
identify, by the central computing device, a set of networked devices; encrypt, by the central computing device, at least one user credential for a cloud service; divide, by the central computing device, a decryption key for decrypting the user credential into a set of fragments such that a minimum number of fragments is required to decrypt the user credential, wherein the minimum number of fragments is defined by a security policy that includes a distribution policy for distributing the set of fragments to the set of networked devices by determining a distribution for each networked device depending on a physical portability of each networked device; and secure the user credential by distributing the set of fragments of the decryption key from the central computing device to the set of networked devices in compliance with the security policy such that collecting at least the minimum number of fragments required to decrypt the user credential from physically present networked devices is required to access the cloud service.
-
Specification