Method and apparatus for secure authentication and sensitive data management

US 20020178370A1
Filed: 12/29/2000
Published: 11/28/2002
Est. Priority Date: 12/30/1999
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

generating a first key component;

generating an encryption key using the first key component, a token key and a personal identification number (PIN);

encrypting data using the encryption key;

sending the data encrypted with the encryption key to a server along with the first key component.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for improved data management are described. In one embodiment, the method comprises generating a first key component, generating an encryption key using the first key component, a token key and a personal identification number (PIN), encrypting data using the encryption key, and sending the data encrypted with the encryption key to a server along with the first key component.

234 Citations

26 Claims

1. A method comprising:
- generating a first key component;
  
  generating an encryption key using the first key component, a token key and a personal identification number (PIN);
  
  encrypting data using the encryption key;
  
  sending the data encrypted with the encryption key to a server along with the first key component.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method defined in claim 1 further comprising receiving the token key from a service provider.
  - 3. The method defined in claim 1 further comprising the server storing the first key component and the data encrypted with the encryption key.
  - 4. The method defined in claim 1 wherein the token key is unique for each user.
  - 5. The method defined in claim 1 wherein the first key component is unique for each data entry stored by the server.

6. A method comprising:
- encrypting data using the encryption key generating using a first key component, a token key and a personal identification number (PIN);
  
  storing data encrypted using the encryption key; and
  
  regenerating the encryption key after accessing the encrypted data to decrypt the encrypted data therewith.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 7. The method defined in claim 6 further comprising disabling the token.
  - 8. The method defined in claim 7 wherein the token is disabled if lost.
  - 9. The method defined in claim 7 wherein the token is disabled if compromised.
  - 10. The method defined in claim 7 further comprising re-enabling the token.
  - 11. The method defined in claim 6 wherein the token ID comprises an alpha-numeric string.
  - 12. The method defined in claim 11 wherein the token key comprises a randomly generated number.
  - 13. The method defined in claim 11 wherein either or both of the token key and PIN comprises biometric data.
  - 14. The method defined in claim 11 wherein the token key is the same for all tokens used by the user.
  - 15. The method defined in claim 6 further comprising:
    - monitoring browsing activities;
      
      identifying web pages containing a form; and
      
      inserting content into the form.
  - 16. The method defined in claim 15 wherein inserting content into the form is performed automatically.
  - 17. The method defined in claim 15 wherein inserting content into the form is performed with user confirmation.
  - 18. The method defined in claim 15 further comprising allowing a user to select the form to fill in.
  - 19. The method defined in claim 15 further comprising allowing a user to select a variant of the form to fill in.

20. A method comprising:
- retrieving a key component and encrypted data from a server;
  
  recreating an encryption key using the key component, a token key and a personal identification number (PIN); and
  
  performing a decryption operation on the encrypted data using a decryption key based on the encryption key used to encrypt the encrypted data.

21. A method for authentication comprising:
- generating authentication data for a user based on a token key and a personal identification number (PIN), the token key being unique to the user; and
  
  receiving a confirmation indicating that the authentication data has been verified.

22. A method comprising:
- accessing encrypted data from a server;
  
  decrypting the encrypted data using a token and a user-specific PIN to be accessed.
- View Dependent Claims (23, 24, 25, 26)
- - 23. The method defined in claim 22 wherein the token comprises a token identifier (ID) and a token key.
  - 24. The method defined in claim 22 wherein the token comprises a utility to manage data depending on data type.
  - 25. The method defined in claim 24 wherein the utility operates on data in response to explicit user command or by automatically monitoring applications producing and/or consuming data of that type.
  - 26. The method defined in claim 25 wherein the utility handles password data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Uguard Corporation
Original Assignee
Uguard Corporation
Inventors
Kantor, Vit, Gurevich, Michael N.

Application Number

US09/751,596
Publication Number

US 20020178370A1
Time in Patent Office

Days
Field of Search
US Class Current

713/189
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/606   by securing the transmissio...

G06F 21/6245   Protecting personal data, e...

G06F 2221/2107   File encryption

Method and apparatus for secure authentication and sensitive data management

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

234 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for secure authentication and sensitive data management

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

234 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links