Security Enhanced Data Platform

US 20100189251A1
Filed: 01/23/2009
Published: 07/29/2010
Est. Priority Date: 01/23/2009
Status: Active Grant

First Claim

Patent Images

1. A security enhanced data platform method recorded on computer-readable medium and capable of execution by a computer, said method comprising the steps of:

providing a main computer operating system;

customizing the computer operating system'"'"'s kernel;

replacing the computer operating system'"'"'s kernel and core utilities with a multi-level access control system;

providing an email and messaging server as the host for sending and receiving messages;

allowing automation of email retention in compliance with a document retention policy;

providing a primary subsystem;

said primary subsystem is a document management system;

providing a set of client side tools to specify classifications and compartments for selected areas of a document;

separating document data from document metadata;

allowing encrypted documents to be stored and the information about those documents to be stored in a database;

allowing for quick look up and access of secured documents;

providing a way to save the document in the format required by the system in order to allow the system to enforce the rules and privileges dictated to the system;

monitoring and recording all activity within the primary subsystem;

recording all changes to a document and making said document available for audit;

providing one or more supporting subsystems;

a first second subsystem is a security enhanced database management system;

integrating said security enhanced database management system with the multi-level access control system.securing data in the database as a whole, the tables in the database, the columns in the table, the rows in a table, or the individual cells of a database table;

a second subsystem is a user authentication and authorization system;

offering native enhanced security by enforcing privileges specified by the user authentication and authorization system;

a third subsystem is a workflow engine;

providing a runtime workflow engine used to route documents and data through a user defined approval process for actions on the documents or data;

a fourth subsystem is a secure two-factor authentication system;

providing a secure two-factor authentication sub-system adding an additional authentication mechanism;

a fifth subsystem is a cryptographic engine; and

providing data protection, data authentication, user authentication and vetting, and communications protection and authentication.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The security enhanced data platform is comprised of two primary subsystems and a host of supporting subsystems. The first primary subsystem is a document management system. A set of client side tools provides the user a way to specify classifications and compartments for selected areas of a document, and a way to save the document in the format required by the system in order to allow the system to enforce the rules and privileges dictated to the system. The second subsystem is a security enhanced database management system. In documents the system allows different user privilege requirements on the document as a whole as well as on pages, paragraphs, sentences, words, and/or letters of a word. A history of document changes is maintained to provide an audit trail after the fact of who did what changes, where those changes were made and when those changes were made.

61 Citations

View as Search Results

20 Claims

1. A security enhanced data platform method recorded on computer-readable medium and capable of execution by a computer, said method comprising the steps of:
- providing a main computer operating system;
  
  customizing the computer operating system'"'"'s kernel;
  
  replacing the computer operating system'"'"'s kernel and core utilities with a multi-level access control system;
  
  providing an email and messaging server as the host for sending and receiving messages;
  
  allowing automation of email retention in compliance with a document retention policy;
  
  providing a primary subsystem;
  
  said primary subsystem is a document management system;
  
  providing a set of client side tools to specify classifications and compartments for selected areas of a document;
  
  separating document data from document metadata;
  
  allowing encrypted documents to be stored and the information about those documents to be stored in a database;
  
  allowing for quick look up and access of secured documents;
  
  providing a way to save the document in the format required by the system in order to allow the system to enforce the rules and privileges dictated to the system;
  
  monitoring and recording all activity within the primary subsystem;
  
  recording all changes to a document and making said document available for audit;
  
  providing one or more supporting subsystems;
  
  a first second subsystem is a security enhanced database management system;
  
  integrating said security enhanced database management system with the multi-level access control system.securing data in the database as a whole, the tables in the database, the columns in the table, the rows in a table, or the individual cells of a database table;
  
  a second subsystem is a user authentication and authorization system;
  
  offering native enhanced security by enforcing privileges specified by the user authentication and authorization system;
  
  a third subsystem is a workflow engine;
  
  providing a runtime workflow engine used to route documents and data through a user defined approval process for actions on the documents or data;
  
  a fourth subsystem is a secure two-factor authentication system;
  
  providing a secure two-factor authentication sub-system adding an additional authentication mechanism;
  
  a fifth subsystem is a cryptographic engine; and
  
  providing data protection, data authentication, user authentication and vetting, and communications protection and authentication.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1, further comprising the steps of:
    - enabling authentication and authorization with a set of tools that can be configured by a system administrator;
      
      providing a configurable password requirement including minimum length, required usage of capital and/or lower case letters, numbers, and symbols; and
      
      requiring user rights authorization of any combination of requirements set out by system administrators via the authentication sub-system.
  - 3. The method of claim 1, further comprising the steps of:
    - encrypting internal data storage before writing to disk;
      
      enveloping and making part of part of the logical file system, new disks or other storage media added to the systems storage capacity via an external storage expansion interface.
  - 4. The method of claim 1, further comprising the steps of:
    - allowing a user to have different user privilege requirements on a document as a whole as well as on a granular level on pages, paragraphs, sentences, words, and/or letters of a word; and
      
      automatically redacting the data for which the user does not have privileges as well as enforcing granular control of what users may edit, delete, create, or alter.
  - 5. The method of claim 1, further comprising the step of:
    - maintaining a history of document changes to provide an audit trail after the fact of who did what changes, where those changes were made, and when those changes were made; and
      
      authenticating audit trail users by account username and password login.
  - 6. The method of claim 1, further comprising the step of:
    - providing a two-factor authentication system with which to allow users to login
  - 7. The method of claim 1 wherein, the secure two factor authentication sub-system uses an existing cell phone or PDA to securely produce a one time password.
  - 8. The method of claim 1, further comprising the steps of encrypting a key repeatedly for a predetermined number of cycles:
    - logging in and setting up a user account on the server;
      
      placing the account in a device set up mode;
      
      said server generating a number and presenting it to the user interface;
      
      said server generating and storing a device unlock code;
      
      said server generating and storing a key;
      
      placing a device into a mobile electronic device into a setup mode;
      
      said device receiving a numeric password from the server;
      
      encrypting the password using the device id as the password;
      
      storing an SHA-512 hash component of the encrypted password on the device;
      
      entering the encrypted password into the device;
      
      connecting the device to the server 207 via WAP or desktop synchronization software;
      
      sending the server a generated five-digit number and the device ID;
      
      looking up the five-digit number and accepting the device ID buy the server;
      
      upon acceptance of the number, storing the device id for the account by the server;
      
      encrypting the key using the device id as the key and sending it to the device by the server;
      
      storing the encrypted key as the active key and as an archive of the original key by the device;
      
      encrypting the unlock code using the device'"'"'s id as the key and then computing the SHA-512 hash value and sending the hash value to the device by the server;
      
      storing the encrypting a hashed unlock code value by the device;
      
      generating a device specific self-destruct code, encrypting it using the device'"'"'s id as the key and sending the SHA-512 hash code to the device by the server;
      
      storing the self-destruct code hash value by the device; and
      
      .retrieving the permanent lock count from the server'"'"'s configuration database by the device, encrypting it using the device'"'"'s id as the key and sending the SHA-512 hash code to the server; and
      
      storing the permanent lock count hash value on the device.
  - 9. The method of claim 1, further comprising the steps of the runtime operations flow:
    - running a computer application on the device;
      
      presenting the device'"'"'s login screen prompting a user to enter a numeric password;
      
      taking the SHA-512 hash of the numeric number password and validating it against the stored hash of the device by the server.
  - 10. The method of claim 1, further comprising the steps of the runtime operations flow wherein if the password is wrong;
    - checking to determine how many times it has been attempted;
      
      if the attempt is less than the number allowed, trying again;
      
      if the attempt is more than the allowed number of failures, providing a notification that the application has been locked and prompted for an unlock code;
      
      entering a correct code unlock code;
      
      confirming the code and prompting the user to re-enter the password if the number of unlock attempts has not been exceeded;
      
      if the number of unlock attempts is exceeded the device self destructs by receiving a self destruct password for the device from the stored hash of the device;
      
      if the correct password is entered, two random numbers are generated;
      
      the first random number (R1) is between 100 and 999;
      
      the second random number (R2) is between 0 and 500;
      
      the first random number generated (R1) is used to tell the device how many times to encrypt the key;
      
      the device then encrypts the key (R1) times using the device id key as the encryption;
      
      a SHA-512 has value is calculated for the encrypted key and stored in the memory as “
      
      H1”
      
      ;
      
      the hash value (H1) is moved to position R2 in the H1 string and the value reads (H1)[(R2)] to (H1)[R2-6] and constructs a sub-string using those six character values then referred to as S11a construct key is then presented to the user.
  - 11. The method of claim 10, wherein the construct key value is determined by;
    - converting R1 to a hex string using leading zeros so that length (R1)=3;
      
      converting R2 to a hex string using leasing zeros so that Length (R2)=3; and
      
      constructing the key value (K1) as K1=H1[4]+R1[1]+H1[1]+R1[3]+H1[3]+R2[2]+H1[6]+R1[2]+H1[5]+R2[3]+H1[2]+R2[1].K1=H1[4]+R1[1]+H1[1]+R1[3]+H1[3]+R2[2]+H1[6]+R1[2]+H1[5]+R2[3]+H1[2]+R2[1].
  - 12. The method of claim 1, further comprising the steps of device resynchronization;
    - setting the device to a resynchronization mode;
      
      accessing the administrator account on the server and running the server resynchronization process;
      
      retrieving and decrypting the device'"'"'s key archived from the database by the server;
      
      generating a number between 1000 and 9999 by the server referred to as SRN1;
      
      displayed SRN1 to a user or administrator in the server'"'"'s user interface;
      
      encrypting an archived key SRN1 number of times where the resulting number is stored as the active key in the database;
      
      entering SRN1 into the device'"'"'s user interface;
      
      retrieving the archived initial key and decrypts it by the device;
      
      encrypting the archived key SRN1 number of times and storing it as the active key; and
      
      returning the device to runtime mode.
  - 13. The method of claim 1, further comprising the steps of:
    - presenting a user with a graphical user interface that allows them to assemble the classifications, categories and privilege requirements of an object as well as the clearances, memberships and rights granted to a subject;
      
      combining, at runtime, the subject'"'"'s privileges with the object'"'"'s requirements to determine if the subject is allowed access to the object and what actions the subject may perform on the object.
  - 14. The method of claim 13, further comprising the steps of:
    - creating a master map which defines all the possible classifications, categories and privileges that exist between the subject and object;
      
      defining, by the master map, any default relationships that exist between classifications, categories and/or privileges;
      
      creating a subject map define the privileges enjoyed by a subject; and
      
      creating an object map defining what an object requires in terms of privileges from a subject wishing to make use of the object.
  - 15. The method of claim 14, whereinthe master map container contains a plurality of zones defining a group of related classifications, categories or privileges;
    - andsome groups also have a compartment assigned to hem where a subject must not only have authorization to the classification of the information but also have been granted access to the compartment in which the information resides.
  - 16. The method of claim 14, wherein a zone also defines entrance and exit conditions in order to transit into or out of that zone.
  - 17. The method of claim 14, further comprising the steps of;
    - once a map is completed, compiling into a series of data structures that will allow for rapid runtime determination of access rights;
      
      compiling the map into a hash table where the key is defined as the zone identifier and the value is defined as an array of long unsigned integers;
      
      calculating a set of two-dimensional array of bits where one array represents the subject'"'"'s permissions and the other array represents the object'"'"'s requirements;
      
      within the subject array a one represents permission to a specific requirement and a zero represents denial of a specific requirement; and
      
      within the subject array a one represents a requirement that the subject must fulfill in order to gain access to the object and a zero represents a requirement which the object does not care one way or the other about.
  - 18. The method of claim 17, further comprising the steps of;
    - logging a user into the system;
      
      retrieving a user map from persistent storage and placing the map into the hash table in memory, and unloading said map when the user logs out;
      
      requesting access by a subject to an objectlooking up the subject'"'"'s compiled map along with the object map;
      
      comparing each of the groups in the two compiled maps with one another using a “
      
      binary and”
      
      method;
      
      if the object map value equals the result of the binary and method for all groups then the subject has permissions to the object; and
      
      if the object map value does not equal the result of the “
      
      binary and”
      
      method for all groups then the subject does not have access to the object.
  - 19. The method of claim 1, further comprising the steps of;
    - providing a user authentication module that accepts the standard username and password as an incoming request and a piece of cryptographic data that is signed with a private user key;
      
      providing an access control module that interfaces with access control graph detailed to enable the database to only show that data to which the user has access;
      
      providing control down to the cell level;
      
      providing a data encryption and validation module responsible for taking unencrypted data from the table a storage management module and writing it to a disk in a strongly encrypted fashion, as well as reading encrypted data from the disk, ensuring that the data has not been altered, and decrypting the data for use.
  - 20. The method of claim 19, further comprising the steps of;
    - starting a database request when an SQL statement arrives at the database;
      
      parsing and converting the SQLO statement to the database'"'"'s native code for execution by an SQL parser;
      
      including in the network connection that passes the SQL statement to the server is the user'"'"'s credentials;
      
      said credentials are passed to the authorization subsystem along with the type of operation request the user is attemptingvalidating user permissions;
      
      integrating this user authorization with the overall system'"'"'s user authentication subsystem allowing for fine grained control of what a specific user may see or do down to an individual database table cell level;
      
      if the user has permissions, passing the SQL statement to the database engine for execution and encrypting data stored in the database files on the disk; and
      
      providing that the lowest level interaction process that the database uses to read and write data to and from the disk acts as an encryption and decryption agent so that the database engine deals with normal data in memory.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Edward Curren
Original Assignee
Edward Curren
Inventors
Curren, Edward

Granted Patent

US 8,161,527 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/28
CPC Class Codes

G06F 21/6227   where protection concerns t...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2113   Multi-level security, e.g. ...

Security Enhanced Data Platform

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

61 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Security Enhanced Data Platform

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

61 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links