Secret File Access Authorization System With Fingerprint Limitation
First Claim
1. A secret file access authorization system with fingerprint limitation comprising the components as follows:
- An authorization server provided with an authorization module, which provides a fingerprint template and an authorization secret key. An encryption server provided with an encryption module, which generates a decryption secret key by accepting the authorization secret key provided by the authorization module, and produces the encrypted secret files by encrypting the secret files to be encrypted. A certification server provided with an authorization module, which accepts the fingerprint template provided by the authorization module, accepts the decryption secret key provided by the encryption module and the authorization secret key claiming certification that is sent by the client, and judges and confirms providing the certified decryption secret key. At least one client machine, each is provided with a user module, which embeds the kernel encryption/decryption unit into the corresponding operation system kernel of the client, accepts the authorization secret key provided by the authorization module and the decryption secret key provided by the encryption module, sends the claiming certification respectively to certification module, opens the encryption/decryption unit with the certified authorization secret key and the certified decryption secret key which is returned after the certification module makes the certification, and reads/writes the encrypted secret files.
1 Assignment
0 Petitions
Accused Products
Abstract
A Secret file access authorization system with fingerprint limitation includes an authorization module, encryption module and certification module in a server linked by programs. A user module of least one client machine contains a kernel encryption/decryption unit embedded in the client operation system kernel, so access authorization to secure files scan be limited by environment or time fingerprint. Therein the authorization module provides an authorization secret key (ASK) and fingerprint template. The encryption module accepts the ASK and secret files to be encrypted, and provides decryption secret key (DSK). The user module accepts the ASK and encrypted secret files, and presents a claim for the ASK certification to the certification module. The certification module accepts the DSK and claim and the template, and provides the certified DSK for the user module, to start the kernel encryption/decryption unit in the user module, and achieve reading and writing of encrypted files.
40 Citations
60 Claims
-
1. A secret file access authorization system with fingerprint limitation comprising the components as follows:
-
An authorization server provided with an authorization module, which provides a fingerprint template and an authorization secret key. An encryption server provided with an encryption module, which generates a decryption secret key by accepting the authorization secret key provided by the authorization module, and produces the encrypted secret files by encrypting the secret files to be encrypted. A certification server provided with an authorization module, which accepts the fingerprint template provided by the authorization module, accepts the decryption secret key provided by the encryption module and the authorization secret key claiming certification that is sent by the client, and judges and confirms providing the certified decryption secret key. At least one client machine, each is provided with a user module, which embeds the kernel encryption/decryption unit into the corresponding operation system kernel of the client, accepts the authorization secret key provided by the authorization module and the decryption secret key provided by the encryption module, sends the claiming certification respectively to certification module, opens the encryption/decryption unit with the certified authorization secret key and the certified decryption secret key which is returned after the certification module makes the certification, and reads/writes the encrypted secret files. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60)
-
Specification