Systems, methods and devices for secure computing
First Claim
Patent Images
1. A method for securing, using and transferrring sensitive information, comprising the steps of:
- calculating a digital signature for a file;
storing the digital signature within the file;
encrypting the file including the digital signature; and
performing a file input-output operation on a proper subset of the file, in a manner that permits such input-output operation without the need to decrypt the entire file.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods and devices for secure computing are provided. In particular novel methods for securing data on untrusted systems are provided. Further novel methods allowing for secure transactions on distributed computing systems, untrusted hosts, compromised hosts and systems with unscrupulous users are provided. Novel devices for conveying the methods are also provided.
-
Citations
20 Claims
-
1. A method for securing, using and transferrring sensitive information, comprising the steps of:
-
calculating a digital signature for a file;
storing the digital signature within the file;
encrypting the file including the digital signature; and
performing a file input-output operation on a proper subset of the file, in a manner that permits such input-output operation without the need to decrypt the entire file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 10, 11)
-
-
9. The method of claim 9, further comprising the steps of:
-
copying the digital signature in memory to the encrypted, temporary file; and
copying the encrypted, temporary file to the file; and
closing the file.
-
-
12. A machine readable medium comprising computer code, wherein the computer code further comprises:
-
a first function for reading an encrypted file with an encrypted digital signature; and
a second function for writing to an encrypted file with an encrypted digital signature; and
wherein the first and second functions do not require decryption of the entier file. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A method for managing sensitive data, comprising:
-
storing the sensitive data in an encrypted file with an encrypted digital signature and an encrypted user signature; and
storing a temporary, encrypted copy of the file;
decrypting a proper subset of the temporary, encrypted copy of the file in a function local to a trusted application when performing a read operation; and
decrypting a proper subset of the temporary, encrypted copy of the file in a function local to a trusted application when performing a write operation;
updating the digital signature of the encrypted, temporary file, using the proper subset and a data subset to be written to the encrypted, temporary file;
encrypting the data subset to be written to the temporary, encrypted file and writing said data subset to the temporary, encrypted file;
using the encrypted digital signature and encrypted user signature to authenticate the encrypted, temporary copy of the file; and
updating the file with the encrypted, temporary copy of the file when performing a file close operation.
-
Specification