Method and system for initializing a key management system

US 20030120598A1
Filed: 12/21/2001
Published: 06/26/2003
Est. Priority Date: 12/21/2001
Status: Active Grant

First Claim

Patent Images

1. A network system for key management, comprising:

a server;

a key management system providing process logic for key management system initialization located on the server;

a key management system storage providing a secure data storage for the key management system; and

an interface providing a means for inputting data into the key management system.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network system for key management including a server, a key management system providing process logic for key management system initialization located on the server, a key management system storage providing a secure data storage for the key management system, and an interface providing a means for inputting data into the key management system.

Citations

35 Claims

1. A network system for key management, comprising:
- a server;
  
  a key management system providing process logic for key management system initialization located on the server;
  
  a key management system storage providing a secure data storage for the key management system; and
  
  an interface providing a means for inputting data into the key management system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The network system of claim 1, further comprising a client computer operatively connected to the server, wherein the client computer comprises a user interface to input data into the key management system.
  - 3. The network system of claim 1, wherein the key management storage is located on the server.
  - 4. The network system of claim 1, wherein the key management storage is located on a second server operatively connected to the server.
  - 5. The network system of claim 1, wherein the interface comprises a graphical user interface.
  - 6. The network system of claim 5, wherein the graphical user interface is integrated into a web browser.
  - 7. The network system of claim 2, wherein the user interface comprises a graphical user interface.
  - 8. The network system of claim 7, wherein the graphical user interface is integrated into a web browser.
  - 9. The network system of claim 2, wherein the client computer and the server are connected using an encrypted connection.
  - 10. The network system of claim 1, wherein the key management system further comprises:
    - a memory storing data within the key management system;
      
      a hashing module hashing a key encryption key;
      
      an encryption module encrypting data; and
      
      a serialization module serializing data obtained from the memory, the encryption module, and the serialization module.
  - 11. The key management system of claim 10, further comprising:
    - a randomizer randomizing data.
  - 12. The key management system of claim 10, further comprising:
    - an encoding module for encoding data.
  - 13. The key management system of claim 10, wherein the hashing module uses a MD5 hashing function.
  - 14. The key management system of claim 10, wherein the encryption module, further comprises a key generation tool.
  - 15. The key management system of claim 14, wherein the key generation tool comprises a symmetric algorithm.
  - 16. The key management system of claim 14, wherein the key generation tool comprises an asymmetric algorithm.

17. A network system for key management, comprising:
- a server;
  
  a key management system providing process logic for key management system initialization located on the server;
  
  a key management system storage providing a secure data storage for the key management system;
  
  an interface providing a means for inputting data into the key management system; and
  
  a client computer operatively connected to the server, wherein the client computer comprises a user interface to input data into the key management system.

18. method for initializing a key management system comprising:
- entering data into a key management system interface;
  
  entering a key encryption key into the key management system interface;
  
  combining data into a tuple;
  
  encrypting the tuple with the key encryption key to produce a secret token;
  
  storing the secret token in a vector;
  
  hashing the key encryption key;
  
  storing a hashed key encryption key in the vector;
  
  storing a list of keys in the vector;
  
  serializing the vector to produce a serialized file; and
  
  storing the serialized file in a key management system storage.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
- - 19. The method of claim 18, further comprising:
    - encoding a key field of the tuple.
  - 20. The method of claim 19, further comprising:
    - randomizing the order of the list of encoded keys.
  - 21. The method of claim 18, further comprising:
    - randomizing the order of the secret tokens in the vector.
  - 22. The method of claim 18, further comprising:
    - randomizing the order of the list of keys.
  - 23. The method of claim 18, further comprising:
    - generating data to encrypt;
  - 24. The method of claim 18, wherein the tuple comprises:
    - a key field;
      
      a value field; and
      
      a type field.
  - 25. The method of claim 18, wherein the tuple comprises:
    - an application name field;
      
      a key field;
      
      a value field; and
      
      a type field.
  - 26. The method of claim 18, wherein the vector comprises:
    - a secret token portion;
      
      a key encryption key hash portion; and
      
      a key list portion.
  - 27. The method of claim 26, further comprising;
    - tagging the secret token with an application name.
  - 28. The method of claim 26, further comprising:
    - tagging the key in the key list with an application name.
  - 29. The method of claim 18, wherein the key management storage is located on a second server.
  - 30. The method of claim 18, wherein the key management system interface comprises a graphical user interface.
  - 31. The method of claim 30, wherein the graphical user interface is integrated into a web browser.
  - 32. The method of claim 18, wherein the encrypting comprises using a symmetric algorithm.
  - 33. The method of claim 18, wherein the encrypting comprises using an asymmetric algorithm.

34. A method for initializing a key management system comprising:
- entering data into a key management system interface;
  
  entering a key encryption key into the key management system interface;
  
  combining data into a tuple;
  
  encrypting the tuple with the key encryption key to produce a secret token;
  
  storing the secret token in a vector;
  
  hashing the key encryption key;
  
  storing a hashed key encryption key in the vector;
  
  storing a list of keys in the vector;
  
  serializing the vector to produce a serialized file;
  
  storing the serialized file in a key management system storage;
  
  encoding a key field of the tuple;
  
  randomizing the order of the list of keys;
  
  randomizing the order of the secret tokens in the vector; and
  
  generating data to encrypt.

35. An apparatus for initializing a key management system comprising:
- means for entering data into a key management system interface;
  
  means for entering a key encryption key into the key management system interface;
  
  means for combining data into a tuple;
  
  means for encrypting the tuple with the key encryption key to produce a secret token;
  
  means for storing the secret token in a vector;
  
  means for hashing the key encryption key;
  
  means for storing a hashed key encryption key in the vector;
  
  means for storing a list of keys in the vector;
  
  means for serializing the vector to produce a serialized file;
  
  means for storing the serialized file in a key management system storage;
  
  means for encoding a key field of the tuple;
  
  means for randomizing the order of the list of keys;
  
  means for randomizing the order of the secret tokens in the vector; and
  
  means for generating data to encrypt.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
DEXA Systems Incorporated
Original Assignee
Schlumberger Technology Corporation (SLB)
Inventors
Syed, Jameel ur Rahman, Lam, Chui-Shan Teresa

Granted Patent

US 7,225,161 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/50
CPC Class Codes

G06Q 20/367   involving electronic purses...

G06Q 20/382   insuring higher security of...

H04L 2209/60   Digital content management,...

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 9/0822   using key encryption key

H04L 9/083   involving central third par...

H04L 9/0894   Escrow, recovery or storing...

Method and system for initializing a key management system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for initializing a key management system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links