Secure data backup and recovery
First Claim
1. A method for secure data backup and recovery of an electronic device having a device identification that is unique and unalterable, comprising:
- identifying backup data;
encoding a backup data set that comprises the backup data and the device identification for integrity and authentication using a cryptographic key and an integrity function;
generating decoded backup data and a decoded device identification and verifying integrity by decoding a retrieved backup data set using the cryptographic key and the integrity function;
verifying authenticity by matching the decoded device identification to the device identification; and
restoring the backup data with the decoded backup data only when the integrity and authenticity have been verified.
1 Assignment
0 Petitions
Accused Products
Abstract
A technology provides secure data backup and recovery for an electronic device (100) having a device identification (115) that is unique and unalterable. A method of the technology includes identifying (205) backup data (405, 805, 1205) to be backed up, encoding (210) a backup data set by coding the device identification (115) and the backup data (405, 805, 1205) for integrity and authentication using a cryptographic key (110) and an integrity function, generating (220) decoded backup data (635, 1015, 1435) and decoded device identification (640, 1020, 1440) by decoding a retrieved backup data set (605, 1005, 1405) using the the cryptographic key (115) and the integrity function, and restoring (225) the backup data with the decoded backup data only when the integrity has been verified and the decoded device identification and the device identification match. Three methods of encoding and decoding are described.
-
Citations
19 Claims
-
1. A method for secure data backup and recovery of an electronic device having a device identification that is unique and unalterable, comprising:
-
identifying backup data;
encoding a backup data set that comprises the backup data and the device identification for integrity and authentication using a cryptographic key and an integrity function;
generating decoded backup data and a decoded device identification and verifying integrity by decoding a retrieved backup data set using the cryptographic key and the integrity function;
verifying authenticity by matching the decoded device identification to the device identification; and
restoring the backup data with the decoded backup data only when the integrity and authenticity have been verified. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. An apparatus for secure data backup and recovery, comprising:
-
a memory for at least one of application and user data;
a trusted backup and recovery function that identifies backup data in the memory for secure backup that is a member of a defined set of authorized backup data;
a cryptographic key function that provides a cryptographic key; and
a unique and unalterable device identification, wherein the trusted backup and recovery function encodes a backup data set that comprises the device identification and the backup data for integrity and authentication using the cryptographic key and an integrity function;
generates decoded backup data and a decoded device identification and verifying integrity by decoding a retrieved backup data set using the cryptographic key and the integrity function;
verifies authenticity by matching the decoded device identification to the device identification; and
restores the backup data with the decoded backup data only when the integrity and authenticity have been verified.
-
-
19. An electronic device, comprising:
-
a memory for at least one of application and user data;
a trusted backup and recovery function that identifies backup data in the memory for secure backup that is a member of a defined set of authorized backup data;
a cryptographic key function that provides a cryptographic key; and
a unique and unalterable device identification, wherein the trusted backup and recovery function encodes a backup data set that comprises the device identification and the backup data for integrity and authentication using the cryptographic key and an integrity function;
generates decoded backup data and a decoded device identification and verifying integrity by decoding a retrieved backup data set using the cryptographic key and the integrity function;
verifies authenticity by matching the decoded device identification to the device identification; and
restores the backup data with the decoded backup data only when the integrity and authenticity have been verified.
-
Specification