Data security for digital data storage
First Claim
Patent Images
1. A method of transferring files over a computer network comprising:
- storing a public encryption key and a private encryption key in a client computer system;
sending a request for a data file from said client to a network server; and
in response to said request, (1) checking a file attribute to determine that said file is to be encrypted with said public encryption key, (2) automatically retrieving said public encryption key from said client computer system, (3) encrypting said data file with said public encryption key in said server automatically and without user intervention; and
sending said encrypted data file to said client computer system.
9 Assignments
0 Petitions
Accused Products
Abstract
A computing system includes data encryption in the data path between a data source and data storage devices. The data storage devices may be local or they may be network resident. The data encryption may utilize a key which is derived at least in part from an identification code stored in a non-volatile memory. The key may also be derived at least in part from user input to the computer. In a LAN embodiment, public encryption keys may be automatically transferred to a network server for file encryption prior to file transfer to a client system.
117 Citations
9 Claims
-
1. A method of transferring files over a computer network comprising:
-
storing a public encryption key and a private encryption key in a client computer system;
sending a request for a data file from said client to a network server; and
in response to said request, (1) checking a file attribute to determine that said file is to be encrypted with said public encryption key, (2) automatically retrieving said public encryption key from said client computer system, (3) encrypting said data file with said public encryption key in said server automatically and without user intervention; and
sending said encrypted data file to said client computer system.
-
-
2. A method of storing a data file comprising:
-
encrypting said data with an encryption key;
storing said encrypted data on a local data storage medium;
copying said encrypted data to a remote network server;
storing said data file on a data storage medium in said remote network server in association with a file attribute that designates said data as encrypted. - View Dependent Claims (3)
-
-
4. A computer network having one or more servers storing data created by one or more clients, said computer network comprising:
-
at least one data storage device located on a network server;
at least one data storage device located on a client computer system;
data files encrypted with a public key associated with said client computer system stored on both said network server and said client computer system, said data files including a file attribute indicating said data files are encrypted.
-
-
5. A method of data storage and retrieval comprising:
-
automatically generating a public key and a corresponding private key in a client computer system;
storing said public key and said private key in said client computer system;
requesting an unenerypted data file from a network server using said client computer system;
requesting said public key from said client computer system automatically and without user intervention;
encrypting, in said network server, said unencrypted data file with said public key to create an encrypted data file;
routing said encrypted data file to said client computer system; and
storing said encrypted data file on a storage medium in said client computer system. - View Dependent Claims (6, 7)
-
-
8. A computer readable data storage medium having stored thereon commands that are operative to cause a general purpose computer configured as a network server to perform a method of data retrieval comprising the steps of:
-
receiving a request for a data file from a client computer system;
in response thereto, automatically requesting a public key from said client computer system;
automatically encrypting said data file using said public key; and
routing said encrypted data to said client computer system. - View Dependent Claims (9)
-
Specification