Information security architecture for remote access control using non-bidirectional protocols

US 20060041751A1
Filed: 08/17/2004
Published: 02/23/2006
Est. Priority Date: 08/17/2004
Status: Active Grant

First Claim

Patent Images

1. A method of controlling distribution of electronic information to a user device through a non-bidirectional communication protocol, comprising:

retrieving, at a user device, a segment of encrypted electronic information;

sending identification data from the user device using the non-bidirectional communication protocol, the identification information including at least one of information associated with a user, information associated with the user device, or information associated with the segment of encrypted electronic information;

retrieving an encryption key for the segment;

forwarding a voucher to the user device using said a non-bidirectional communication protocol, the voucher including at least the encryption key associated with the segment; and

decrypting, at the user device, the segment using the encryption key for the segment.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method of controlling distribution of electronic information to a device through a non-bidirectional protocol is disclosed. At a user device, a segment of encrypted electronic information is retrieved. Identification data is sent from the user device using the non-bidirectional communications protocol, where the identification information includes at least one of information associated with a user, information associated with the user device, or information associated with the segment of encrypted electronic information. A copy of an encryption key for the segment is retrieved. A voucher is forwarded to the user device using the non-bidirectional communications protocol, the voucher including at least the encryption key associated with the segment. At the user device, the segment is decrypted using the encryption key for the segment.

97 Citations

View as Search Results

24 Claims

1. A method of controlling distribution of electronic information to a user device through a non-bidirectional communication protocol, comprising:
- retrieving, at a user device, a segment of encrypted electronic information;
  
  sending identification data from the user device using the non-bidirectional communication protocol, the identification information including at least one of information associated with a user, information associated with the user device, or information associated with the segment of encrypted electronic information;
  
  retrieving an encryption key for the segment;
  
  forwarding a voucher to the user device using said a non-bidirectional communication protocol, the voucher including at least the encryption key associated with the segment; and
  
  decrypting, at the user device, the segment using the encryption key for the segment.
- View Dependent Claims (2, 3, 4, 5, 6, 23)
- - 2. The method of claim 1, further comprising:
    - encrypting, before said forwarding, the voucher using an encryption key that is unique to at least one of the user device or the user.
  - 3. The method of claim 2, further comprising:
    - decrypting, at the user device, the voucher using the encryption key that is unique to at least one of the user device or the user, to thereby access the encryption key for the segment.
  - 4. The method of claim 1, wherein the voucher includes at least one policy constraint.
  - 5. The method of claim 1, wherein the voucher includes at least a validity period.
  - 6. The method of claim 5, wherein the voucher expires after the validity period.
  - 23. The method of claim 1, further comprising defending said encryption key at said user device.

7. A method of controlling distribution of electronic information, comprising:
- receiving identification information using a non-bidirectional communication protocol, the identification information including at least information associated with a user, a user device, and a segment of encrypted electronic information;
  
  retrieving an encryption key for the segment;
  
  preparing a voucher, the voucher including at least an encryption key for decrypting the segment, and a validity period;
  
  encrypting the voucher using a key specific to at least the user device; and
  
  forwarding the voucher using the non-bidirectional communication protocol.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The method of claim 7, wherein said voucher is encrypted with an encryption key that is unique to at least one of a user device or a user.
  - 9. The method of claim 7, wherein the voucher includes at least one policy constraint.
  - 10. The method of claim 7, wherein the voucher includes at least a validity period.
  - 11. The method of claim 10, wherein the voucher expires after the validity period.

12. A system for controlling distribution of electronic information to a user device through a non-bidirectional communications protocol, comprising:
- said user device being configured to access a segment of encrypted electronic information and to send identification data to a remote site using the non-bidirectional communications protocol, the identification information including at least one of information associated with a user, information associated with the user device, or information associated with the segment of encrypted electronic information;
  
  a remote site including at least one server configured to retrieving a copy of an encryption key for the segment and forward a voucher to the user device using the non-bidirectional communications protocol, wherein the voucher includes at least the encryption key associated with the segment; and
  
  said user device being configured to receive said voucher and decrypt the segment using the encryption key for the segment.
- View Dependent Claims (13, 14, 15, 16, 17, 24)
- - 13. The system of claim 12, further comprising said at least one server being configured to encrypt the voucher using an encryption key that is unique to at least one of said user device or a specific user.
  - 14. The system of claim 13, further comprising said user device being configured to decrypt the voucher using the encryption key that is unique to at least one of the user device or the user, to thereby access the encryption key for the segment.
  - 15. The method of claim 12, wherein said voucher includes at least one policy constraint.
  - 16. The method of claim 12, wherein said voucher includes a validity period.
  - 17. The method of claim 16, wherein said voucher expires after the validity period.
  - 24. The system of claim 12, further comprising said user device being capable of defending said encryption key at said user device.

18. A system of controlling distribution of electronic information, comprising:
- at least one server configured to;
  
  receive identification information using a non-bidirectional communications protocol, the identification information including at least information associated with a user, a user device, and a segment of encrypted electronic information;
  
  retrieve a copy of an encryption key for the segment;
  
  prepare a voucher that includes at least an encryption key for decrypting the segment and a validity period;
  
  encrypt the voucher using a key specific to at least the user device; and
  
  forward the voucher using the non-bidirectional communications protocol.
- View Dependent Claims (19, 20, 21, 22)
- - 19. The method of claim 18, wherein said voucher is encrypted with an encryption key that is unique to at least one of a user device or a user.
  - 20. The method of claim 18, wherein said voucher includes at least one policy constraint.
  - 21. The method of claim 18, wherein said voucher includes a validity period.
  - 22. The method of claim 21, wherein said voucher expires after said validity period.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
EMC Corporation (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Rogers, Allen, Norman, Timothy Neil, Hadden, Allen Douglas

Granted Patent

US 7,458,102 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/171
CPC Class Codes

H04L 2463/062   applying encryption of the ...

H04L 63/068   using time-dependent keys, ...

H04L 9/40   Network security protocols

Information security architecture for remote access control using non-bidirectional protocols

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

97 Citations

24 Claims

Specification

Use Cases

Quick Links

Others

Information security architecture for remote access control using non-bidirectional protocols

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

97 Citations

24 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others