SEPARATED STORAGE OF DATA AND KEY NECESSARY TO ACCESS THE DATA

US 20090240937A1
Filed: 03/19/2008
Published: 09/24/2009
Est. Priority Date: 03/19/2008
Status: Abandoned Application

First Claim

Patent Images

1. A system to support separate storage of data and access key to the data, comprising:

a host operable to;

store one or more files, wherein access to the one or more files requires a key;

initiate a request to an access device separate from the host for the key to access to the one or more files when a user initiates access to the files;

accept the key to access to the one or more files from the access device;

enable access to the one or more files via the key;

said access device operable to;

store the key required to access the one or more files on the host;

accept the request for the key from the host;

detect proximity of the host from the access device;

provide the key to the host or the user if the host is within close proximity of the access device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A novel approach introduces an extra layer of data security by storing files and the keys required to access the files separately. When the files are being accessed, the host of the files sends a request to an access device that stores the keys to access the files. The key will be provided to the host only if at least one of the following conditions is met: the host is within close proximity of the access device, the identity of the person attempting to access the files is authenticated, or the security status of the host is verified.

8 Citations

View as Search Results

27 Claims

1. A system to support separate storage of data and access key to the data, comprising:
- a host operable to;
  
  store one or more files, wherein access to the one or more files requires a key;
  
  initiate a request to an access device separate from the host for the key to access to the one or more files when a user initiates access to the files;
  
  accept the key to access to the one or more files from the access device;
  
  enable access to the one or more files via the key;
  
  said access device operable to;
  
  store the key required to access the one or more files on the host;
  
  accept the request for the key from the host;
  
  detect proximity of the host from the access device;
  
  provide the key to the host or the user if the host is within close proximity of the access device.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein:
    - the host is one of;
      
      a laptop PC, a desktop PC, a tablet PC, an iPod, a PDA, a server machine, a hard disk drive, a portable storage device, and a mobile phone.
  - 3. The system of claim 1, wherein:
    - each of the one or more files includes one or more of;
      
      text, graph, picture, image, drawing, mail, audio, and video clips.
  - 4. The system of claim 1, wherein:
    - the one or more files are encrypted or decrypted via the key.
  - 5. The system of claim 1, wherein:
    - the access device is a Bluetooth, WiFi or ZigBee device.
  - 6. The system of claim 1, wherein:
    - said access device revokes the key once the host is no longer within close proximity of the access device.

7. A system to support separate storage of data and access key to the data, comprising:
- a host operable to;
  
  store one or more files, wherein access to the one or more files requires a key;
  
  initiate a request to an access device separate from the host for the key to access to the one or more files when a user initiates access to the files;
  
  accept the key to access to the one or more files from the access device;
  
  enable access to the one or more files via the key;
  
  said access device operable to;
  
  store the key required to access the one or more files on the host;
  
  accept the request for the key from the host;
  
  verify identity of the user trying to access the one or more files;
  
  provide the key to the host or the user if the user is authorized to access the one or more files on the host.
- View Dependent Claims (8, 9, 10)
- - 8. The system of claim 7, wherein:
    - the access device further comprises a biometric scanner operable to collect biometrics of the person.
  - 9. The system of claim 8, wherein:
    - the biometrics of the person include one or more of;
      
      fingerprints, DNA, or retinal patterns of the person.
  - 10. The system of claim 7, wherein:
    - said access device revokes the key once the user finishes access to the one or more files on the host.

11. A system to support separate storage of data and access key to the data, comprising:
- a host operable to;
  
  store one or more files, wherein access to the one or more files requires a key;
  
  initiate a request to an access device separate from the host for the key to access to the one or more files when a user initiates access to the files;
  
  accept the key to access to the one or more files from the access device;
  
  enable access to the one or more files via the key;
  
  said access device operable to;
  
  store the key required to access the one or more files on the host;
  
  accept the request for the key from the host;
  
  check security status of the host;
  
  provide the key to the host or the user if the security status of the host is verified.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The system of claim 11, wherein:
    - the access device is a server machine.
  - 13. The system of claim 11, wherein:
    - the host and the access device communicate with each other over a network.
  - 14. The system of claim 13, wherein:
    - the network is one of;
      
      internet, intranet, wide area network (WAN), local area network (LAN), wireless network, Bluetooth, a mobile communication network, and any TCP/IP based network.
  - 15. The system of claim 11, wherein:
    - the security status of the host is one of;
      
      whether the host has been lost or stolen, whether secured access to the host itself has been compromised, or access to the host and/or the files stored on it is unavailable to the user requesting for such access.
  - 16. The system of claim 11, wherein:
    - said access device declines to provide the key to the host if the security status of the host is not verified.

17. A method to support separate storage of data and access key to the data, comprising:
- storing one or more files on a host and a key required to access the one or more files separately on an access device;
  
  accepting a request for the key required to access the one or more files;
  
  detecting proximity of the host from the access device;
  
  providing the key to the host if the host is within close proximity from the access device.
- View Dependent Claims (18, 19, 20)
- - 18. The method of claim 17, further comprising:
    - initiating the request for the key required to access the one or more files when a user initiates access to the files;
      
      accepting the key to access to the one or more files from the access device;
      
      enabling access to the one or more files by the user.
  - 19. The method of claim 17, further comprising:
    - encrypting or decrypting the one or more files via the key.
  - 20. The method of claim 17, further comprising:
    - revoking the key once the host is no longer within close proximity of the access device.

21. A method to support separate storage of data and access key to the data, comprising:
- storing one or more files on a host and a key required to access the one or more files separately on an access device;
  
  accepting a request for the key required to access the one or more files;
  
  checking security status of the host;
  
  providing the key to the host if the security status of the host is verified.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The method of claim 21, further comprising:
    - declining to provide the key to the host if the security status of the host is not confirmed.
  - 23. The method of claim 21, further comprising:
    - enabling the host and the access device to communicate with each other over a network.
  - 24. The method of claim 21, further comprising:
    - verifying identity of a person trying to access the one or more files;
      
      providing the key to the host if the person is authorized to access the one or more files on the host.
  - 25. The method of claim 24, further comprising:
    - taking biometrics of the person and verifying identity of the person.

26. A system to support separate storage of data and access key to the data, comprising:
- a host of a data storage place operable to;
  
  store data in the data storage place, wherein access to the data requires a key;
  
  initiate a request to an access device separate from the host for the key to access to the data when a user initiates access to the data;
  
  accept from the access device the key to access the data;
  
  enable access to the data in the data storage place via the key;
  
  said access device operable to;
  
  store the key to access the data stored in the data storage place on the host;
  
  accept the request for the key from the host;
  
  provide the key to the host if the host or the user is authorized to access the data in the data storage place.

27. A method to support separate storage of data and access key to the data, comprising:
- storing data in a data storage place on a host and a key required to access the data separately on an access device, respectively;
  
  accepting a request for the key to access the data;
  
  providing the key to the host if the host or the user is authorized to access the data in the data storage place.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SafeNet Incorporated (Thales SA)
Original Assignee
SafeNet Incorporated (Thales SA)
Inventors
Gopalakrishnan, Venkitachalam, Metzger, Brian

Application Number

US12/051,753
Publication Number

US 20090240937A1
Time in Patent Office

Days
Field of Search
US Class Current

713/167
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/35   communicating wirelessly

G06F 21/6218   to a system of files or obj...

G06F 2221/2153   Using hardware token as a s...

SEPARATED STORAGE OF DATA AND KEY NECESSARY TO ACCESS THE DATA

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

8 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

SEPARATED STORAGE OF DATA AND KEY NECESSARY TO ACCESS THE DATA

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

8 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links