Accessing protected data on network storage from multiple devices

US 20050193199A1
Filed: 02/11/2005
Published: 09/01/2005
Est. Priority Date: 02/13/2004
Status: Active Grant

First Claim

Patent Images

1. A method of securely storing data on a network (100) for access by devices (101, 102, 103) that belong to an authorized domain, the method comprising the steps of:

establishing (S301) an authenticated channel (203) between a domain member device (201) and a candidate device (202) that is to be included in the domain, over which channel authentication data of the candidate device is sent;

encrypting (S303), at the domain member device, a confidential domain key with an encryption key of said candidate device and storing (S304) the encrypted domain key, thereby including the candidate device in the domain; and

storing (S502) encrypted data on the network, which data is encrypted (S501) at any storing domain member device (101, 102, 103) by means of the domain key.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to a method and a system of securely storing data on a network (100) for access by an authorized domain (101, 102, 103), which authorized domain includes at least two devices that share a confidential domain key (K), and an authorized domain management system for securely storing data on a network for access by an authorized domain. The present invention enables any member device to store protected data on the network such that any other member device can access the data in plaintext without having to communicate with the device that actually stored the data.

Citations

57 Claims

1. A method of securely storing data on a network (100) for access by devices (101, 102, 103) that belong to an authorized domain, the method comprising the steps of:
- establishing (S301) an authenticated channel (203) between a domain member device (201) and a candidate device (202) that is to be included in the domain, over which channel authentication data of the candidate device is sent;
  
  encrypting (S303), at the domain member device, a confidential domain key with an encryption key of said candidate device and storing (S304) the encrypted domain key, thereby including the candidate device in the domain; and
  
  storing (S502) encrypted data on the network, which data is encrypted (S501) at any storing domain member device (101, 102, 103) by means of the domain key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 45)
- - 2. The method according to claim 1, wherein the step of storing (S304) the encrypted domain key further comprises step of:
    - storing the encrypted domain key locally at the domain member device (201), or on the network (100).
  - 3. The method according to claim 1, wherein the step of storing (S304) the encrypted domain key further comprises the step of:
    - fetching the encrypted domain key, which is encrypted by the encryption key of said any storing domain member device (101, 102, 103), and decrypting the encrypted domain key with a corresponding decryption key of said any storing domain member device.
  - 4. The method according to claim 3, further comprising the step of:
    - accessing (S503) encrypted data stored on the network (100), which data is decrypted (S504) at any accessing domain member device (101, 102, 103) by means of the domain key, wherein the domain key is obtained by fetching the encrypted domain key, which is encrypted by the encryption key of said any accessing domain member device, and decrypting the encrypted domain key with the corresponding decryption key of said any accessing domain member device.
  - 5. The method according to claim 3, further comprising the step of:
    - sending (S401) said encryption key from the candidate device (202) to the domain member device (201) via the authenticated channel (203), wherein said encryption key is a public key and said decryption key is a private key of the candidate device, which private key corresponds to said public key.
  - 6. The method according to claim 1, further comprising the step of:
    - establishing (S302) a confidential channel (204) between the domain member device (201) and the candidate device (202) that is to be included in the domain, over which confidential channel the encryption key of the candidate device is sent.
  - 7. The method according to claim 3, wherein said encryption key is a public key and said decryption key is a private key of the candidate device (202), which private key corresponds to said public key.
  - 8. The method according to claim 3, wherein said encryption key is a confidential symmetric key of the candidate device and said decryption key is the same confidential symmetric key.
  - 9. The method according to claim 4, wherein the step of encrypting (S501) data before storing (S502) the encrypted data on the network (100) and the step of decrypting (S504) said encrypted data is performed by a file encryption key generated by executing a pseudo random function based on a function input comprising the domain key (K) and a domain identifier.
  - 10. The method according to claim 1, wherein said including the candidate device (202) in the domain is performed by a master device (201) included in the domain.
  - 11. The method according to claim 10, further comprising the step of:
    - storing, on the network (100), a domain list comprising a domain identifier, the encryption key of each domain member device, a message authentication code (MAC) including each encryption key and a domain authentication key (KA) derived from the domain key (K), and the encrypted domain key that corresponds to each domain member device.
  - 12. The method according to claim 11, further comprising the steps of:
    - deleting, at the master device (201), when a domain member device is removed (S601) from the domain, a corresponding encryption key from an existing domain list;
      
      creating (S602), at the master device, a confidential new domain key (K′
      
      );
      
      encrypting (S603), at the master device, the new domain key with each remaining encryption key obtained from the existing domain list and producing a new message authentication code based on the new domain key and the remaining encryption keys; and
      
      creating (S604), at the master device, an updated domain list based on the new domain key and storing the updated domain list on the network (100).
  - 13. The method according to claim 12, wherein the step of storing the updated domain list on the network (100) further comprises:
    - appending the updated domain list to the existing domain list.
  - 14. The method according to claim 13, further comprising the steps of:
    - initializing a usage counter when a new domain key is created;
      
      incrementing the usage counter when a data file is encrypted by means of the new domain key; and
      
      decrementing the usage counter when a data file is decrypted by means of the new domain key, wherein an existing domain list can be deleted if its domain key is no longer in use, which is indicated by the usage counter reaching an associated initialization value and a domain list being appended to the domain list to be deleted.
  - 15. The method according to claim 12, further comprising the steps of:
    - decrypting (S701), at the master device (201), the encrypted data stored on the network (100) by means of the domain key (K);
      
      encrypting (S702), at the master device, the data by means of the new domain key (K′
      
      ) and storing the encrypted data on the network; and
      
      deleting (S703) the existing domain list.
  - 45. A computer program comprising computer-executable components for causing a device (101, 102, 103) to perform the steps recited in claim 1 when the computer-executable components are run on a microprocessor (205, 206) included in the device.

16. An authorized domain management system for securely storing data on a network (100) for access by devices (101, 102, 103) that belong to an authorized domain, the system comprising:
- means (205) for establishing an authenticated channel (203) between a domain member device (201) and a candidate device (202) that is to be included in the domain, over which channel authentication data of the candidate device is sent;
  
  means (205) for encrypting, at the domain member device, a confidential domain key with an encryption key of said candidate device and storing the encrypted domain key, thereby including the candidate device in the domain; and
  
  means (104) for storing encrypted data on the network, which data is encrypted at any storing domain member device (101, 102, 103) by means of the domain key.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 17. The system according to claim 16, wherein the encrypted domain key is stored locally at the domain member device (201), or on the network (100).
  - 18. The system according to claim 16, further comprising:
    - means (205, 206) for fetching the encrypted domain key, which is encrypted by the encryption key of said any storing domain member device (101, 102, 103), and for decrypting the encrypted domain key with a corresponding decryption key of said any storing domain member device.
  - 19. The system according to claim 18, further comprising:
    - means (205, 206) for accessing encrypted data stored on the network, which data is decrypted at any accessing domain member device (101, 102, 103) by means of the domain key, wherein the domain key is obtained by fetching the encrypted domain key, which is encrypted by the encryption key of said any accessing domain member device, and for decrypting the encrypted domain key with the corresponding decryption key of said any accessing domain member device.
  - 20. The system according to claim 18 comprising:
    - means (206) for sending said encryption key from the candidate device (202) to the domain member device (201) via the authenticated channel (203), wherein said encryption key is a public key and said decryption key is a private key of the candidate device, which private key corresponds to said public key.
  - 21. The system according to claim 16 comprising:
    - means (206) for establishing a confidential channel (204) between the domain member device (201) and the candidate device (202) that is to be included in the domain, over which confidential channel the encryption key of the candidate device is sent.
  - 22. The system according to claim 18, wherein said encryption key is a public key and said decryption key is a private key of the candidate device, which private key corresponds to said public key.
  - 23. The system according to claim 18, wherein said encryption key is a confidential symmetric key of the candidate device (202) and said decryption key is the same confidential symmetric key.
  - 24. The system according to claim 16, wherein a file encryption key generated by executing a pseudo random function based on a function input comprising the domain key (K) and a domain identifier is arranged to encrypt data before the encrypted data is stored on the network.
  - 25. The system according to claim 16, wherein a master device (201) included in the domain is arranged to include a candidate device (202).
  - 26. The system according to claim 23 comprising:
    - means (104) for storing, on the network (100), a domain list comprising a domain identifier, the encryption key of each domain member device, a message authentication code (MAC) including each encryption key and a domain authentication key (KA) derived from the domain key (K), and the encrypted domain key that corresponds to each domain member device.
  - 27. The system according to claim 26, further comprising:
    - means (205) for deleting, at the master device (201), when a domain member device is removed from the domain, a corresponding encryption key from an existing domain list;
      
      means (205) for creating, at the master device, a confidential new domain key (K′
      
      );
      
      means (205) for encrypting (S603), at the master device, the new domain key with each remaining encryption key obtained from the existing domain list and producing a new message authentication code (MAC) based on the new domain key and the remaining encryption keys; and
      
      means (205) for creating, at the master device, an updated domain list based on the new domain key and storing the updated domain list on the network (100).
  - 28. The system according to claim 27, comprising:
    - means (205) for appending the updated domain list to the existing domain list.
  - 29. The system according to claim 28, wherein each domain key has an associated usage counter that is part of the specific domain list to which the domain key belongs, which counter is initialized when a new domain key is created and which counter is incremented when a data file is encrypted by means of the new domain key and decremented when a data file is decrypted by means of the new domain key, wherein an existing domain list can be deleted if its domain key is no longer in use, which is indicated by the usage counter reaching an associated initialization value and a domain list being appended to the domain list to be deleted.
  - 30. The system according to claim 27 comprising:
    - means (205) for decrypting, at the master device (201), the encrypted data stored on the network (100) by means of the domain key (K);
      
      means (205) for encrypting, at the master device, the data by means of the new domain key (K′
      
      ) and storing the encrypted data on the network; and
      
      means (205) for deleting the existing domain list.

31. A master device (201) to be included in an authorized domain management system for securely storing data on a network (100), the master device comprising:
- means (205) for establishing an authenticated channel (203) with a candidate device (202) that is to be included in the domain, over which channel authentication data of the candidate device is sent;
  
  means (205) for encrypting a confidential domain key with an encryption key of the candidate device;
  
  means (205) for encrypting data with the domain key;
  
  means (205) for outputting the encrypted domain key and the encrypted data; and
  
  means (205) for accessing encrypted data stored on the network and decrypting said data by means of the domain key.
- View Dependent Claims (32)
- - 32. The master device (201) according to claim 31, further comprising:
    - means (205) for establishing a confidential channel (204) with the candidate device (202) that is to be included in the domain, over which confidential channel the encryption key of the candidate device is sent.

33. A candidate device (202) to be included in an authorized domain management system for securely storing data on a network (100), the candidate device comprising:
- means (206) for sending authentication data over an authenticated channel (203) established with a master device (201) that is included in the domain;
  
  means (206) for encrypting a confidential domain key with an encryption key of the candidate device;
  
  means (206) for encrypting data with the domain key;
  
  means (206) for outputting the encrypted domain key and the encrypted data; and
  
  means (206) for accessing encrypted data stored on the network and decrypting said data by means of the domain key.
- View Dependent Claims (34)
- - 34. The candidate device (202) according to claim 33, further comprising:
    - means (206) for sending the encryption key of the candidate device (202) over a confidential channel established with the master device (201).

35. A method of removing devices (101, 102, 103), which devices belong to an authorized domain, from said authorized domain, the method comprising the steps of:
- deleting, at a domain master device (201), when a domain member device is removed (S601) from the domain, an encryption key that corresponds to said domain member device from an existing domain list;
  
  creating (S602), at the master device, a confidential new domain key (K′
  
  );
  
  encrypting (S603), at the master device, the new domain key with each remaining encryption key, said each remaining encryption key being associated with a respective domain member device obtained from the existing domain list and producing a new message authentication code based on the new domain key and the remaining encryption keys; and
  
  creating (S604), at the master device, an updated domain list based on the new domain key and storing the updated domain list on a storage device (104) to which domain member devices have access.
- View Dependent Claims (36, 37, 38, 39)
- - 36. The method according to claim 35, wherein the domain list comprises a domain identifier, the encryption key of each domain member device, a message authentication code (MAC) including the encryption keys and a domain authentication key (KA) derived from the domain key (K), and the encrypted domain key that corresponds to each domain member device, and which domain list is stored on the storage device (104).
  - 37. The method according to claim 35, wherein the step of storing the updated domain list on the storage device (104) further comprises:
    - appending the updated domain list to the existing domain list.
  - 38. The method according to claim 37, further comprising the steps of:
    - initializing a usage counter when a new domain key is created;
      
      incrementing the usage counter when a data file is encrypted by means of the new domain key; and
      
      decrementing the usage counter when a data file is decrypted by means of the new domain key, wherein an existing domain list can be deleted if its domain key is no longer in use, which is indicated by the usage counter reaching an initialization value and a domain list being appended to the domain list to be deleted.
  - 39. The method according to claim 35, further comprising the steps of:
    - decrypting (S701), at the master device (201), the encrypted data stored on the storage device (104) by means of the domain key (K);
      
      encrypting (S702), at the master device, the data by means of the new domain key (K′
      
      ) and storing the encrypted data on the storage device; and
      
      deleting (S703) the existing domain list.

40. A system for removing devices (101, 102, 103), which devices belong to an authorized domain, from said authorized domain, the system comprising:
- means (205) for deleting, at a domain master device (201), when a domain member device is removed from the domain, a corresponding encryption key that corresponds to said member device from an existing domain list;
  
  means (205) for creating, at the master device, a confidential new domain key (K′
  
  );
  
  means (205) for encrypting (S603), at the master device, the new domain key with each remaining encryption key, said each remaining encryption key being associated with a respective domain member device obtained from the existing domain list and producing a new message authentication code (MAC) based on the new domain key and the remaining encryption keys; and
  
  means (205) for creating, at the master device, an updated copy of the domain list based on the new domain key and storing the updated domain list on a storage device (104).
- View Dependent Claims (41, 42, 43, 44)
- - 41. The system according to claim 40 comprising:
    - means (104) for storing, on the storage device (104), a domain list comprising a domain identifier, the encryption key of each domain member device, a message authentication code (MAC) including each encryption key and a domain authentication key (KA) derived from the domain key (K), and the encrypted domain key that corresponds to each domain member device.
  - 42. The system according to claim 40, further comprising:
    - means (205) for appending the updated domain list to the existing domain list.
  - 43. The system according to claim 42, wherein each domain key has an associated usage counter that is part of a specific domain list to which the domain key belongs, which counter is initialized when a new domain key is created and which counter is incremented when a data file is encrypted by means of the new domain key and decremented when a data file is decrypted by means of the new domain key, wherein an existing domain list can be deleted if its domain key is no longer in use, which is indicated by the usage counter reaching an initialization value and a domain list being appended to the domain list to be deleted.
  - 44. The system according to claim 40, further comprising:
    - means (205) for decrypting, at the master device (201), the encrypted data stored on the storage device (104) by means of the domain key (K);
      
      means (205) for encrypting, at the master device, the data by means of the new domain key (K′
      
      ) and storing the encrypted data on the storage device; and
      
      means (205) for deleting the existing domain list.

46. A method of controlling access to data stored on a network (100), the method comprising the steps of:
- creating access authentication data that is known to a network server (104) and to devices (101, 102, 103) that are allowed to access the data stored on the network, checking, at the network server, whether a device is in possession of said access authentication data, and controlling, at the network server, access by the device to the data stored on the network.
- View Dependent Claims (47, 48, 49, 50, 51)
- - 47. The method according to claim 46, wherein the step of checking further comprises the steps of:
    - checking, at the network server (104), the identity of said device and authenticating the device by means of cryptographic operation involving the access authentication data.
  - 48. The method according to claim 47, wherein the device identity is the identity of a domain to which the device belongs, and the device authentication is performed by providing the network server (104) with a hash value of the access authentication data.
  - 49. The method according to claim 48, further comprising the step of:
    - storing, on the network (100), a domain list comprising copies of the access authentication data, each copy being encrypted by the public key of each device (101, 102, 103) having access to said data stored on the network.
  - 50. The method according to claim 49, further comprising the steps of:
    - creating, at the domain master device (201), new access authentication data when a member device (101, 102, 103) is removed from the domain;
      
      replacing the existing domain list with a new domain list that contains the new access authentication data; and
      
      communicating the new access authentication data to the network server (104).
  - 51. The method according to claim 46, wherein said access authentication data is an access key (A).

52. A system for controlling access to data stored on a network (100), the system comprising:
- means (205) for creating access authentication data that is known to a network server (104) and to devices (101, 102, 103) that are allowed to access said data stored on the network;
  
  means (205) for checking, at the network server, whether a device is in possession of said access authentication data; and
  
  means (205) for controlling, at the network server, access by the device to the data stored on the network.
- View Dependent Claims (53, 54, 55, 56, 57)
- - 53. The system according to claim 52, wherein the network server further comprises:
    - means (205) for checking identity of said device and for authenticating the device by means of cryptographic operation involving the access authentication data.
  - 54. The system according to claim 53, wherein the identity of said device is an associated identity of the domain to which the device belongs, and the device authentication is performed by providing the network server (104) with a hash value of the access authentication data.
  - 55. The system according to claim 54, wherein a master device (201) is further arranged to store, on the network (100), a domain list comprising copies of the access authentication data, each copy being encrypted by a public key of each device (101, 102, 103) having access to said data stored on the network.
  - 56. The system according to claim 55, wherein the master device (201) further comprises:
    - means (205) for creating new access authentication data when a member device (101, 102, 103) is removed from the domain;
      
      means (205) for replacing the domain list with a new domain list that contains the new access authentication data; and
      
      means (205) for communicating the new access authentication data to the network server (104).
  - 57. The system according to claim 52, wherein said access authentication data is an access key (A).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Moloney, Seamus, Asokan, Nadarajah, Suihko, Tapio, Ginsboorg, Philip

Granted Patent

US 8,059,818 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/062   for key distribution, e.g. ...

H04L 63/10   for controlling access to d...

H04L 9/0844   with user authentication or...

H04L 9/0891   Revocation or update of sec...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/30   Public key, i.e. encryption...

Accessing protected data on network storage from multiple devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

57 Claims

Specification

Solutions

Use Cases

Quick Links

Accessing protected data on network storage from multiple devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

57 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links