Method and device for credential and data protection

US 10,623,400 B2
Filed: 10/14/2013
Issued: 04/14/2020
Est. Priority Date: 10/14/2013
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented security method for securing data and logins comprising:

capturing user biometric data;

transforming the captured user biometric data;

generating a random primary code through algorithmic manipulation of the transformed user biometric data;

generating a protected secure code through algorithmic manipulation of the transformed user biometric data and the random primary code;

generating secure credentials using the random primary code, site or application identifying data, and captured user data;

dynamically generating data protection encryption keys using said random protected secure code, file identifying data, and user data;

dynamically generating without storing all keys, credentials, and random primary codes; and

using the data protection encryption keys to encrypt, when writing, or to decrypt, when reading, at-rest data files or in-motion data streams.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security method and system for capturing user specific binary information used to identify the user; using the user specific binary information to generate a secured primary code, generating strong user credentials for accessing web based or applications logins, intercepting credential requests from local applications or remote web sites, regenerating strong user credentials dynamically, using the secure primary code to generate encryption keys for protection of data inside or outside the machine of creation, and using secure primary code protection in conjunction with subsidiary key exchanges to allow data sharing while retaining data security.

20 Citations

9 Claims

1. A computer-implemented security method for securing data and logins comprising:
- capturing user biometric data;
  
  transforming the captured user biometric data;
  
  generating a random primary code through algorithmic manipulation of the transformed user biometric data;
  
  generating a protected secure code through algorithmic manipulation of the transformed user biometric data and the random primary code;
  
  generating secure credentials using the random primary code, site or application identifying data, and captured user data;
  
  dynamically generating data protection encryption keys using said random protected secure code, file identifying data, and user data;
  
  dynamically generating without storing all keys, credentials, and random primary codes; and
  
  using the data protection encryption keys to encrypt, when writing, or to decrypt, when reading, at-rest data files or in-motion data streams.

2. A computer-implemented security method for managing and providing user credentials comprising:
- using application software initiated during system startup for intercepting password requests from browsers or local applications and collecting site, application and user specific data;
  
  generating credentials for a web site or local application by generating a primary code through algorithmic manipulation of transformed user binary data without storage of said input user binary data;
  
  generating a protected secure code through algorithmic manipulation of the transformed user binary data and the random primary code;
  
  generating secure credentials using said primary code, site or application identifying data, and user data;
  
  dynamically generating data protection encryption keys using said secure primary code, file identifying data, and user data;
  
  dynamically generating without storing all keys, credentials, and primary codes;
  
  transparently encrypting data on write, and transparently decrypting data on reads using raw data, file-specific information and user-specific information; and
  
  using the data protection encryption keys to encrypt, when writing, or to decrypt when reading, at-rest data files or in-motion data streams.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9)
- - 3. The computer-implemented security method as in claim 2 wherein said primary code, said generated credentials, and other keys and cryptographic data are not stored, either locally or in a cloud repository.
  - 4. The computer-implemented security method as in claim 2 wherein intercepting password requests is done by a browser plugin.
  - 5. The computer-implemented security method as in claim 2 wherein intercepting password requests is done by a system agent.
  - 6. The computer-implemented security method as in claim 2 wherein intercepting password requests is done by a device driver.
  - 7. The computer-implemented security method as in claim 2 wherein intercepting password requests is done by a stand-alone application.
  - 8. The computer-implemented security method as in claim 2 wherein the method steps are implemented in software.
  - 9. The computer-implemented security method as in claim 2 wherein the method steps are implemented in hardware and firmware.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Greg Hauw
Original Assignee
Greg Hauw
Inventors
Hauw, Greg
Primary Examiner(s)
Huang, Cheng-Feng

Application Number

US14/052,774
Publication Number

US 20150106892A1
Time in Patent Office

2,374 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/067   using one-time keys cryptog...

H04L 63/0838   using one-time-passwords

H04L 63/0861   using biometrical features,...

Method and device for credential and data protection

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Method and device for credential and data protection

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links