Data security for digital data storage

US 20070014412A1
Filed: 09/14/2006
Published: 01/18/2007
Est. Priority Date: 03/27/2001
Status: Active Grant

First Claim

Patent Images

1. A method of storing data over a computer network from a client computer system to a remote network server, comprising:

encrypting data with an encryption key;

storing the encrypted data on a local data storage medium in a client computer system;

copying the encrypted data to a remote network server; and

storing the data on a data storage medium in the remote network server in association with a file attribute that designates the data as encrypted, wherein the file attribute indicates an owner of the encryption key;

wherein when a request for the data is received from a requestor, the owner of the encryption key is compared to the requestor to determine whether the data was encrypted with the requestor'"'"'s encryption key.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computing system includes data encryption in the data path between a data source and data storage devices. The data storage devices may be local or they may be network resident. The data encryption may utilize a key which is derived at least in part from an identification code stored in a non-volatile memory. The key may also be derived at least in part from user input to the computer. In a LAN embodiment, public encryption keys may be automatically transferred to a network server for file encryption prior to file transfer to a client system.

86 Citations

View as Search Results

20 Claims

1. A method of storing data over a computer network from a client computer system to a remote network server, comprising:
- encrypting data with an encryption key;
  
  storing the encrypted data on a local data storage medium in a client computer system;
  
  copying the encrypted data to a remote network server; and
  
  storing the data on a data storage medium in the remote network server in association with a file attribute that designates the data as encrypted, wherein the file attribute indicates an owner of the encryption key;
  
  wherein when a request for the data is received from a requestor, the owner of the encryption key is compared to the requestor to determine whether the data was encrypted with the requestor'"'"'s encryption key.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising retrieving the data from the remote network server wherein retrieving the data comprises checking the file attribute prior to routing the data back to the local data storage medium.
  - 3. The method of claim 1, wherein when the requester is not the owner of the encryption key, the requestor is sent a message indicating the file is not encrypted with the requestor'"'"'s encryption key.
  - 4. The method of claim 1, further comprising checking the file attribute to determine whether the data is in unencrypted form prior to performing the encrypting.
  - 5. The method of claim 1, wherein the encryption key is derived at least in part from an identification code.
  - 6. The method of claim 5, wherein the encryption key is derived at least in part from user input.
  - 7. The method of claim 6, wherein the encryption key is generated during a boot operation.

8. A computer network having one or more servers storing data files created by one or more clients, said computer network comprising:
- at least one data storage device located on a network server;
  
  at least one data storage device located on a client computer system;
  
  data files encrypted with a public key associated with the client computer system stored on the network server and the client computer system, the data files including a file attribute designating the data files as encrypted and indicating an owner of the public key;
  
  wherein when a request for the data is received from a requestor, the owner of the public key is compared to the requestor to determine whether the data was encrypted with the requestor'"'"'s public key.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer network of claim 8, further comprising retrieving the data from the remote network server wherein retrieving the data comprises checking the file attribute prior to routing the data back to the local data storage medium.
  - 10. The computer network of claim 8, further comprising checking the file attribute to determine whether the data is in unencrypted form prior to encrypting.
  - 11. The computer network of claim 8, wherein the file attribute indicates whether the data is in unencrypted form prior to performing the encrypting.
  - 12. The computer network of claim 8, wherein the public key is derived at least in part from an identification code.
  - 13. The computer system of claim 12, wherein the public key is derived at least in part from user input.
  - 14. The computer system of claim 13, wherein the public key is generated during a boot operation.

15. A computer network having one or more servers storing data created by one or more clients, said computer network comprising:
- means for encrypting data with an encryption key;
  
  means for storing the encrypted data on a local data storage medium;
  
  means for copying the encrypted data to a remote network server; and
  
  means for storing the data on a data storage medium in the remote network server in association with a file attribute that designates the data as encrypted and indicates the owner of the encryption key;
  
  wherein when a request for the data is received from a requestor, the owner of the encryption key is compared to the requestor to determine whether the data was encrypted with the requestor'"'"'s encryption key.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer network of claim 15, further comprising a means for retrieving the data from the remote network server wherein retrieving the data comprises checking the file attribute prior to routing the data back to the local data storage medium.
  - 17. The computer network of claim 15, further comprising a means for checking the file attribute to determine whether the data is in unencrypted form prior to encrypting.
  - 18. The computer network of claim 15, wherein the file attribute indicates whether the data is in unencrypted form prior to performing the encrypting.
  - 19. The computer network of claim 15, wherein the encryption key is derived at least in part from an identification code.
  - 20. The computer system of claim 19, wherein the encryption key is derived at least in part from user input.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Micron Technology, Inc.
Original Assignee
Micron Technology, Inc.
Inventors
Rollins, Doug

Granted Patent

US 7,594,257 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/277
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/606   by securing the transmissio...

H04L 63/0442   wherein the sending and rec...

H04L 63/062   for key distribution, e.g. ...

H04L 63/104   Grouping of entities

H04L 67/06   specially adapted for file ...

Data security for digital data storage

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

86 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Data security for digital data storage

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

86 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links