DATA SECURITY FOR DIGITAL DATA STORAGE

US 20100005287A1
Filed: 09/10/2009
Published: 01/07/2010
Est. Priority Date: 03/27/2001
Status: Active Grant

First Claim

Patent Images

1. A method of storing data comprising:

generating an encryption key on a client computer, wherein the encryption key is uniquely associated at least in part with a user of the client computer;

encrypting the data on the client computer to generate encrypted data;

copying the encrypted data to the remote network server;

storing a file attribute in association with the encrypted data that designates the data as encrypted,storing an indication of an owner of the encrypted data;

wherein when a request is received from a requestor for encrypted data and the requestor is the owner of the encrypted data, automatically forwarding the encrypted data to the requestor; and

wherein when a request is received from the requestor for non-encrypted data, automatically encrypting the non-encrypted data with the encryption key associated with the requestor and automatically forwarding the encrypted data to the requestor.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computing system includes data encryption in the data path between a data source and data storage devices. The data storage devices may be local or they may be network resident. The data encryption may utilize a key which is derived at least in part from an identification code stored in a non-volatile memory. The key may also be derived at least in part from user input to the computer. In a LAN embodiment, public encryption keys may be automatically transferred to a network server for file encryption prior to file transfer to a client system.

114 Citations

18 Claims

1. A method of storing data comprising:
- generating an encryption key on a client computer, wherein the encryption key is uniquely associated at least in part with a user of the client computer;
  
  encrypting the data on the client computer to generate encrypted data;
  
  copying the encrypted data to the remote network server;
  
  storing a file attribute in association with the encrypted data that designates the data as encrypted,storing an indication of an owner of the encrypted data;
  
  wherein when a request is received from a requestor for encrypted data and the requestor is the owner of the encrypted data, automatically forwarding the encrypted data to the requestor; and
  
  wherein when a request is received from the requestor for non-encrypted data, automatically encrypting the non-encrypted data with the encryption key associated with the requestor and automatically forwarding the encrypted data to the requestor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein when the requestor is not the owner of the encrypted data, the requestor is sent a message indicating the encrypted data is not associated with the requester.
  - 3. The method of claim 1, further comprising automatically obtaining the encryption key from the client computer to encrypt the non-encrypted data.
  - 4. The method of claim 1, further comprising retrieving data from the remote network server wherein retrieving the data comprises checking the file attribute prior to routing the data back to the client.
  - 5. The method of claim 1, further comprising checking the file attribute to determine whether data is in unencrypted form prior to encrypting.
  - 6. The method of claim 1, wherein the encryption key comprises at least one of a private encryption key and a public encryption key.
  - 7. The method of claim 6, wherein the network server obtains the public key from the client computer.
  - 8. The method of claim 6, wherein the public encryption key and the encrypted data are stored on the remote network server.
  - 9. The method of claim 1, wherein the file attribute indicates the owner of the encryption key used to encrypt the encrypted data.

10. A computer storage system comprising:
- at least one data storage device associated with a network server;
  
  encrypted data that has been encrypted by a first client computer with an encryption key wherein the encryption key is uniquely associated at least in part with a user of the first client computer, wherein the encrypted data and the encryption key are stored on the data storage device associated with the network server, and wherein the encrypted data as a file attribute associated therewith that identifies an owner of the encrypted data;
  
  wherein when a request is received from a requestor for the encrypted data and the requestor is the owner of the encrypted data, the network server is configured to automatically send the encrypted data to the requestor; and
  
  wherein when a request is received from the requestor for non-encrypted data, the network server is configured to automatically encrypt the non-encrypted data with an encryption key associated with the requester and automatically send the encrypted data to the requestor.
- View Dependent Claims (11, 12, 13, 14, 15, 18)
- - 11. The computer storage system of claim 10, wherein when the requestor is not the owner of the encrypted data, the requestor is sent a message indicating the encrypted data is not associated with the requestor.
  - 12. The computer storage system of claim 10 wherein the network server is configured to obtain the encryption key from the client computer to encrypt the non-encrypted data.
  - 13. The computer storage system of claim 10, wherein the network server is configured to check the file attribute prior to routing the data back to the client.
  - 14. The computer storage system of claim 10, wherein the network server is configured to check the file attribute to determine whether data is in unencrypted form prior to encrypting.
  - 15. The computer storage system of claim 10, wherein the encryption key comprises a private encryption key and a public encryption key.
  - 18. The computer storage system of claim 10, wherein the file attribute indicates the owner of the encryption key used to encrypt the encrypted data.

16. The computer storage system of claim 16, wherein the network server obtains the public key from the client computer.
- View Dependent Claims (17)
- - 17. The computer storage system of claim 16, wherein the public encryption key and the encrypted data are stored on the remote network server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Micron Technology, Inc.
Original Assignee
Micron Technology, Inc.
Inventors
Rollins, Doug L.

Granted Patent

US 8,191,159 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/150
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/606   by securing the transmissio...

H04L 63/0442   wherein the sending and rec...

H04L 63/062   for key distribution, e.g. ...

H04L 63/104   Grouping of entities

H04L 67/06   specially adapted for file ...

DATA SECURITY FOR DIGITAL DATA STORAGE

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

114 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

DATA SECURITY FOR DIGITAL DATA STORAGE

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

114 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links