Secure file verification station for ensuring data integrity
First Claim
1. A secure file verification station for verifying data integrity of a data file comprising:
- a secure memory unit for receiving the data file from a trusted source and for securely storing the data file;
a processor coupled to the secure memory unit configured to generate a unique encryption key for the data file, to apply hashing functions to the data file and to apply encryption and decryption functions that use the unique encryption key derived from the data file; and
a network interface for transmitting the data file and encrypted data derived from the data file over a network to at least one client and for receiving the data file from the at least one client subsequently, wherein the processor verifies data integrity of the data file subsequently received from the at least one client.
1 Assignment
0 Petitions
Accused Products
Abstract
A secure file verification station receives and stores a data file received from a trusted source. The verification station applies a hashing function to the data file, and then encrypts the hash using a unique symmetric encryption key derived from a seed value that is maintained securely within the verification station. The encrypted hash is then appended to the data file. The station is networked to client workstations to which it delivers data files. To verify the integrity of a data file it has received from the verification station, a client workstation sends back the data file to the station, where the encrypted hash is decrypted using the unique symmetric key that is again generated from the seed value. A recomputed hash of the data is compared to the decrypted hash value. If the two hash values are equal, the integrity of the data is verified; otherwise the file has been modified in some way. The verification station sends a message to the client workstation indicating whether or not the integrity of the data file has been verified.
-
Citations
28 Claims
-
1. A secure file verification station for verifying data integrity of a data file comprising:
-
a secure memory unit for receiving the data file from a trusted source and for securely storing the data file;
a processor coupled to the secure memory unit configured to generate a unique encryption key for the data file, to apply hashing functions to the data file and to apply encryption and decryption functions that use the unique encryption key derived from the data file; and
a network interface for transmitting the data file and encrypted data derived from the data file over a network to at least one client and for receiving the data file from the at least one client subsequently, wherein the processor verifies data integrity of the data file subsequently received from the at least one client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A mass spectrometry instrumental system coupled to at least one client workstation over a network comprising:
-
an analyte ion source;
a mass spectrometer for receiving analyte ions from the analyte ion source and selecting specific ions among the analyte ions for transmission;
an ion detector for detecting the selected ions and transmitting an electrical signal in response to detection;
a data acquisition and analysis unit for receiving signals transmitted by the ion detector, analyzing the received signals, and producing data files containing results of analysis and identification information; and
a secure file verification station coupled to the data acquisition and analysis unit and to the at least one client over the network for transmitting data files to the at least one client and for verifying integrity of data files received from the at least one client. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A method of verifying data integrity of a data file having a content portion and a header portion at a secure file verification station at which a seed value is securely stored, the method comprising:
-
encrypting data from the data file using a unique symmetric key derived in part from the seed value;
transmitting the data file with the encrypted data to at least one client workstation;
upon a verification request, receiving the data file back from the at least one client workstation;
decrypting the encrypted data from the data file; and
verifying data integrity of the data file based on the decrypted data and the content portion of the received data file. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
Specification