ADMINISTRATION OF DATA ENCRYPTION IN ENTERPRISE COMPUTER SYSTEMS
First Claim
1. A method of remotely administering data encryption in a computing system having an authentication server and at least one client computer having a data storage device suitably arranged for storing encrypted data, comprising:
- determining if the client computer on which the encrypted data is stored is an authorized client computer;
passing an encrypted data storage key from the client computer to the authentication server if the client computer is authorized;
decrypting the encrypted data storage key by the authentication server;
passing the decrypted data storage key to the client computer; and
using the decryption key to access the encrypted data on the data storage device.
5 Assignments
0 Petitions
Accused Products
Abstract
Encrypting data on an originating computer and prevent access to this data if the computer is stolen or otherwise unauthorized for use. Access to the encrypted data is granted based on the originating computer'"'"'s ability to successful send the data encryption keys, via an electronic connection, to a remote computer and have the remote computer decrypt the encryption keys and transmit them back to the he originating computer. When originating computer receives the decrypt encryption keys it can then successfully decrypt the encrypted hard drive using the encryption key provided by the remote computer. In particular a number of embodiments are described.
-
Citations
30 Claims
-
1. A method of remotely administering data encryption in a computing system having an authentication server and at least one client computer having a data storage device suitably arranged for storing encrypted data, comprising:
-
determining if the client computer on which the encrypted data is stored is an authorized client computer;
passing an encrypted data storage key from the client computer to the authentication server if the client computer is authorized;
decrypting the encrypted data storage key by the authentication server;
passing the decrypted data storage key to the client computer; and
using the decryption key to access the encrypted data on the data storage device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An apparatus for remotely administering data encryption in a computing system having an authentication server and at least one client computer having a data storage device suitably arranged for storing encrypted data, comprising:
-
means for determining if the client computer on which the encrypted data is stored is an authorized client computer;
means for passing an encrypted data storage key from the client computer to the authentication server if the client computer is authorized;
means for decrypting the encrypted data storage key by the authentication server;
means for passing the decrypted data storage key to the client computer; and
means for using the decryption key to access the encrypted data on the data storage device. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. Computer program product executable by a processor for remotely administering data encryption in a computing system having an authentication server and at least one client computer having a data storage device suitably arranged for storing encrypted data, comprising:
-
computer code for determining if the client computer on which the encrypted data is stored is an authorized client computer;
computer code for passing an encrypted data storage key from the client computer to the authentication server if the client computer is authorized;
computer code for decrypting the encrypted data storage key by the authentication server;
computer code for passing the decrypted data storage key to the client computer;
computer code for using the decryption key to access the encrypted data on the data storage device; and
computer readable medium for storing the computer code. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
-
Specification