REVOCATION OF A SYSTEM ADMINISTRATOR IN AN ENCRYPTED FILE SYSTEM

US 20090116649A1
Filed: 11/01/2007
Published: 05/07/2009
Est. Priority Date: 11/01/2007
Status: Active Grant

First Claim

Patent Images

1. A method of storing electronic information, the method comprising:

a) encrypting target electronically stored information (“

ESI”

) with a first encryption key to form a first encrypted ESI;

b) partitioning the first encrypted ESI into a first set of encrypted ESI partitions, the encrypted ESI partitions being such that a predetermined number of the encrypted ESI partitions are able to reconstruct the first encrypted ESI;

c) encrypting the first set of encrypted ESI partitions with a first set of user encryption keys to form a first set of user-associated encrypted ESI partitions, each encrypted ESI partition of the first set of user-associated encrypted ESI partitions having an associated user encryption key;

d) making available the first set of user-associated encrypted ESI partitions to a first set of users, wherein each user knows a decryption key for an encrypted ESI partition of the first set of user-associated encrypted ESI partitions;

e) accessing the target electronically stored information;

f) encrypting the target ESI with a second encryption key to form a second encrypted ESI;

g) partitioning the second encrypted ESI into a second set of encrypted ESI partitions, the second set of encrypted ESI partitions being such that a predetermined number of encrypted ESI partitions from the second set are able to reconstruct the second encrypted ESI;

h) encrypting the second set of encrypted ESI partitions with a second set of user encryption keys to form a second set of user-associated encrypted ESI partitions, each encrypted ESI partition of the second set of user-associated encrypted ESI partitions having an associated user encryption key, wherein the second set of user encryption keys is the same or different than the first set of encryption keys; and

i) making the second set of user-associated encrypted ESI partitions available to a second set of users, wherein each user of the second set of users knows a decryption key for an encrypted ESI partition of the second set of user-associated encrypted ESI partitions.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of securely storing electronic information includes a step in which target electronically stored information is encrypted with a first encryption key and then partitioned into a first set of encrypted ESI partitions a subset of which is able to reconstruct the unpartitioned encrypted ESI. This first set of encrypted ESI partitions is then encrypted with a first set of user encryption keys to form a first set of user-associated encrypted ESI partitions that are made available to a first set of users. When access to the target electronically stored information is changed, the target electronically stored information is accessed and then re-encrypted with a second encryption key to form a second encrypted ESI. This second encrypted ESI is then partitioned and distributed to a second set of users.

66 Citations

View as Search Results

19 Claims

1. A method of storing electronic information, the method comprising:
- a) encrypting target electronically stored information (“
  
  ESI”
  
  ) with a first encryption key to form a first encrypted ESI;
  
  b) partitioning the first encrypted ESI into a first set of encrypted ESI partitions, the encrypted ESI partitions being such that a predetermined number of the encrypted ESI partitions are able to reconstruct the first encrypted ESI;
  
  c) encrypting the first set of encrypted ESI partitions with a first set of user encryption keys to form a first set of user-associated encrypted ESI partitions, each encrypted ESI partition of the first set of user-associated encrypted ESI partitions having an associated user encryption key;
  
  d) making available the first set of user-associated encrypted ESI partitions to a first set of users, wherein each user knows a decryption key for an encrypted ESI partition of the first set of user-associated encrypted ESI partitions;
  
  e) accessing the target electronically stored information;
  
  f) encrypting the target ESI with a second encryption key to form a second encrypted ESI;
  
  g) partitioning the second encrypted ESI into a second set of encrypted ESI partitions, the second set of encrypted ESI partitions being such that a predetermined number of encrypted ESI partitions from the second set are able to reconstruct the second encrypted ESI;
  
  h) encrypting the second set of encrypted ESI partitions with a second set of user encryption keys to form a second set of user-associated encrypted ESI partitions, each encrypted ESI partition of the second set of user-associated encrypted ESI partitions having an associated user encryption key, wherein the second set of user encryption keys is the same or different than the first set of encryption keys; and
  
  i) making the second set of user-associated encrypted ESI partitions available to a second set of users, wherein each user of the second set of users knows a decryption key for an encrypted ESI partition of the second set of user-associated encrypted ESI partitions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1 wherein the first encryption key is managed by an ephemerizer.
  - 3. The method of claim 1 wherein the first encryption and/or encryption key is broken into shares each of which is encrypted with an encryption key, the encryption key being associated with a corresponding decryption key known by each of a set of ephemerizers.
  - 4. The method of claim 1 wherein there is a quorum of ephemerizers that can assist in the retrieval of the first and/or second encryption key without directly maintaining the first and/or second encryption key.
  - 5. The method of claim 2 wherein one or more of the first encryption key, the second encryption key, the first set of user encryption keys;
    - the decryption key for an encrypted ESI partition of the first set of user-associated encrypted ESI partitions;
      
      the second set of user encryption keys;
      
      the decryption key for an encrypted ESI partition of the second set of user-associated encrypted ESI partitions; and
      
      the multiple encryption keys managed by a different ephemerizer are encoded in a computer readable medium.
  - 6. The method of claim 5 wherein the computer readable medium is a smart card or a dongle.
  - 7. The method of claim 1 wherein the targeted electronically stored information comprises system administrator information.
  - 8. The method of claim 7 wherein the targeted electronically stored information comprises an access key to an encrypted file system.
  - 9. The method of claim 1 wherein the first set of users is a first set of system administrators and the second set of users is a second set of system administrators.
  - 10. The method of claim 1 wherein one or more system administrators from the first set of system administrators are not members of the second set of system administrators.
  - 11. The method of claim 1 wherein the first set of user encryption keys and the second set of user encryption keys are each independently the private portion of a public key pair.
  - 12. The method of claim 11 wherein the target electronically stored information is retrievable from the first encrypted ESI with a decryption key which is the public portion of a public key pair.
  - 13. The method of claim 11 wherein the private portion of a public key pair is provided by an ephemerizer.
  - 14. The method of claim 1 further comprising forgetting the first encryption key.
  - 15. The method of claim 1 wherein the predetermined number of encrypted ESI partitions is less than or equal to the total number of partitions encrypted ESI partitions.

16. A method of storing electronic information, the method comprising:
- a) partitioning electronically stored information (“
  
  ESI”
  
  ) into a plurality of ESI partitions;
  
  b) encrypting each of the ESI partitions with a first set of public key pairs to form a plurality encrypted partitions;
  
  c) partitioning each of the encrypted partitions into a plurality of user shares wherein encrypted partitions are retrievable by a quorum of user utilizing their respective decryption keys and user shares;
  
  d) retrieving the electronically stored information; and
  
  e) repeating steps a) though c) with a second set of public key pairs.
- View Dependent Claims (17, 18)
- - 17. The method of claim 16 wherein the first and second set of public key pairs are managed by one or more ephemerizers.
  - 18. The method of claim 17 further comprising:
    - forgetting a private portion of the first second set of public keys first encryption key and the first ephemeral decryption key.

19. A computer processor operable to execute one or more of the following steps:
- a) encrypting target electronically stored information (“
  
  ESI”
  
  ) with a first encryption key to form a first encrypted ESI;
  
  b) partitioning the first encrypted ESI into a first set of encrypted ESI partitions, the encrypted ESI partitions being such that a predetermined number of the encrypted ESI partitions are able to reconstruct the first encrypted ESI;
  
  c) encrypting the first set of encrypted ESI partitions with a first set of user encryption keys to form a first set of user-associated encrypted ESI partitions, each encrypted ESI partition of the first set of user-associated encrypted ESI partitions having an associated user encryption key;
  
  d) making available the first set of user-associated encryptedESI partitions to a first set of users, wherein each user knows a decryption key for an encrypted ESI partition of the first set of user-associated encrypted ESI partitions;
  
  e) accessing the target electronically stored information;
  
  f) encrypting the target ESI with a second encryption key to form a second encrypted ESI;
  
  g) partitioning the second encrypted ESI into a second set of encrypted ESI partitions, the second set of encrypted ESI partitions being such that a predetermined number of encrypted ESI partitions from the second set are able to reconstruct the second encrypted ESI;
  
  h) encrypting the second set of encrypted ESI partitions with a second set of user encryption keys to form a second set of user-associated encrypted ESI partitions, each encrypted ESI partition of the second set of user-associated encrypted ESI partitions having an associated user encryption key, wherein the second set of user encryption keys is the same or different than the first set of encryption keys; and
  
  i) making the second set of user-associated encrypted ESI partitions available to a second set of users, wherein each user of the second set of users knows a decryption key for an encrypted ESI partition of the second set of user-associated encrypted ESI partitions.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle America, Inc. (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Perlman, Radia

Granted Patent

US 8,150,038 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/277
CPC Class Codes

H04L 9/085 Secret sharing or secret sp...

H04L 9/088 Usage controlling of secret...

REVOCATION OF A SYSTEM ADMINISTRATOR IN AN ENCRYPTED FILE SYSTEM

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

66 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

REVOCATION OF A SYSTEM ADMINISTRATOR IN AN ENCRYPTED FILE SYSTEM

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

66 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links