Secure Data Storage System And Method

US 20100275005A1
Filed: 04/27/2009
Published: 10/28/2010
Est. Priority Date: 04/27/2009
Status: Active Grant

First Claim

Patent Images

1. A method for the secure storage of data in a network comprising:

encrypting the data stored on a primary server connected to the network;

sending the IP address of the primary server to a second server, via the network; and

receiving a communication from the second server indicating pending instructions;

if the instructions indicate that theft of the primary server has occurred, then re-encrypting the data stored on the primary server and sending the IP address of the primary server to the second server; and

if attempted unauthorized access of the primary server is determined, and a predetermined number of consecutive unauthorized attempts to access the primary server are made, then erasing the data stored on the primary server.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for the secure storage of data in a network. Data stored on a primary server connected to the network is initially encrypted. The IP address of the primary server is sent to a second server, via the network, and a communication is received from the second server indicating pending instructions. If the instructions indicate that theft of the primary server has occurred, then the data stored on the primary server is re-encrypted and the IP address of the primary server is sent to the second server. if attempted unauthorized access of the primary server is determined, and a predetermined number of consecutive unauthorized attempts to access the primary server are made, then the data stored on the primary server is erased.

14 Citations

View as Search Results

25 Claims

1. A method for the secure storage of data in a network comprising:
- encrypting the data stored on a primary server connected to the network;
  
  sending the IP address of the primary server to a second server, via the network; and
  
  receiving a communication from the second server indicating pending instructions;
  
  if the instructions indicate that theft of the primary server has occurred, then re-encrypting the data stored on the primary server and sending the IP address of the primary server to the second server; and
  
  if attempted unauthorized access of the primary server is determined, and a predetermined number of consecutive unauthorized attempts to access the primary server are made, then erasing the data stored on the primary server.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein unauthorized access of the primary server is determined by:
    - receiving a password entered via the primary server;
      
      repeating the step of receiving a password, if the password is not accepted; and
      
      receiving a predetermined number of passwords that are not accepted.
  - 3. The method of claim 2, wherein:
    - if the predetermined number of passwords are received but not accepted, then disabling access, via the primary server, to the data stored on the primary server and re-encrypting the data stored thereon;
      
      if a predetermined number of additional passwords are received but not accepted, then erasing the data stored on the primary server.
  - 4. The method of claim 1, wherein the IP address of the primary server sent to the second server is used to determine a physical location of the primary server.
  - 5. The method of claim 1, wherein the primary server includes an operating system, and wherein the operating system is erased if a predetermined additional number of passwords are received but not accepted after erasing the data stored on the primary server.

6. A method for the secure storage of data in a network including a server coupled to at least one data storage device, the method comprising:
- encrypting the data stored on each said data storage device;
  
  determining if connectivity is established between the server and a security key device;
  
  if no said connectivity is established, then disabling access to each said data storage device;
  
  if connectivity is established, then enabling each said data storage device;
  
  receiving a password entered into the server; and
  
  repeating the receiving step if the password is not accepted;
  
  if a predetermined number of passwords are received but not accepted, then disabling each said data storage device and re-encrypting the data stored thereon; and
  
  if a predetermined number of additional passwords are received but not accepted, then erasing the data stored on each said data storage device.
- View Dependent Claims (7, 8, 9)
- - 7. The method of claim 6, wherein the server includes an operating system, and wherein the operating system is erased if a predetermined additional number of passwords are received but not accepted after the erasing step.
  - 8. The method of claim 6, wherein disabling access to each said data storage device includes preventing access, via the server, to the data stored thereon.
  - 9. The method of claim 6, including:
    - sending the IP address of the server to a remote computer via the network; and
      
      using the IP address of the server sent to the remote computer to determine a physical location of the server.

10. A method for the secure storage of data in a network, the method comprising:
- storing data on a data storage device connected to a computer coupled to the network;
  
  encrypting the data stored on the storage device; and
  
  determining if connectivity is established between the computer and a security key device coupled to the network;
  
  if no connectivity is established, then disabling access to the storage device via the computer;
  
  if connectivity is established, then enabling access to the storage device via the computer; and
  
  if a predetermined number of consecutive unauthorized attempts to access the computer are made, thenre-encrypting the data stored on the storage device, andif a predetermined additional number of consecutive unauthorized attempts to access the computer are made, then erasing the data stored on the storage device.
- View Dependent Claims (11)
- - 11. The method of claim 10, further including sending the IP address of the computer to a server, wherein the IP address sent to the server is used to determine a physical location of the computer.

12. A system for secure storage of data in a network comprising:
- a computer coupled to the network and to at least one data storage device;
  
  a security key device coupled to the network;
  
  wherein;
  
  data stored on the storage device is encrypted;
  
  if no connectivity is established between the computer and the security key device, then the storage device is disabled; and
  
  if a predetermined number of consecutive unauthorized attempts to access the computer are made, thenre-encrypting the data stored on the storage device, andif a predetermined additional number of consecutive unauthorized attempts to access the computer are made, then erasing the data stored on the storage device.
- View Dependent Claims (13)
- - 13. The system of claim 12, further including a server, wherein:
    - the IP address of the computer is sent to the server; and
      
      the IP address is used by the server to determine a physical location of the computer.

14. A system for secure storage of data in a network comprising:
- a first computer coupled to the network and to at least one data storage device;
  
  a second computer coupled to the network; and
  
  a security key device coupled to the network;
  
  wherein;
  
  data stored on the storage device is encrypted; and
  
  if no connectivity is established between the computer and the security key device, then access to the storage device via the first computer is disabled;
  
  if connectivity is established, then access to the storage device via the first computer is enabled; and
  
  the first computer checks for a communication from the second computer indicating pending special instructions;
  
  whereinif special instructions received in the communication indicate that theft of the first computer has occurred, then the data stored on the storage device is re-encrypted;
  
  if no special instructions are received in the communication, then if a predetermined number of consecutive unauthorized attempts to access the first computer are made, then the data stored on the storage device is erased.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The system of claim 14, wherein the IP address of the first computer is sent to the second computer and is used to determine a physical location of the first computer.
  - 16. The system of claim 14, wherein the second computer is located off of the premises on which the first computer is situated.
  - 17. The system of claim 14, wherein the computer is prevented from accessing the data stored on the storage device when the storage device is disabled.
  - 18. The system of claim 14, further including:
    - receiving a password entered via the first computer; and
      
      repeating the receiving step if the password is not accepted;
      
      if a predetermined number of passwords are received but not accepted, then disabling each said data storage device and re-encrypting the data stored thereon; and
      
      if a predetermined number of additional passwords are received but not accepted, then erasing the data stored on each said data storage device.
  - 19. The system of claim 14, wherein the password is entered from a PC connected to the server.
  - 20. The system of claim 14, wherein:
    - the IP address of the first computer is sent to the second computer; and
      
      the IP address is used by the second computer to determine a physical location of the first computer.

21. A system for secure storage of data in a network comprising:
- a computer coupled to the network and to at least one data storage device;
  
  a server, located off of the premises on which the computer is situated, and coupled to the network;
  
  a security key device coupled to the network; and
  
  at least one PC coupled to the computer via the network;
  
  wherein;
  
  data stored on the storage device is encrypted; and
  
  if no connectivity is established between the computer and the security key device, then the storage device is disabled;
  
  if connectivity is established, then access to the storage device is enabled; and
  
  the computer checks for a communication from the second computer indicating pending special instructions;
  
  whereinif special instructions received in the communication indicate that theft of the computer has occurred, then the data stored on the storage device is re-encrypted;
  
  if no special instructions are received in the communication, then if a predetermined number of consecutive unauthorized attempts to access the computer are made, then the data stored on the storage device is erased.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The method of claim 21, further including:
    - receiving a password from a PC connected to the server; and
      
      repeating the receiving step if the password is not accepted;
      
      if a predetermined number of passwords are received but not accepted, then disabling each said data storage device and re-encrypting the data stored thereon; and
      
      if a predetermined number of additional passwords are received but not accepted, then erasing the data stored on each said data storage device.
  - 23. The system of claim 21, wherein, the computer is prevented from accessing the data stored on the storage device when the storage device is disabled.
  - 24. The system of claim 21, wherein the password is entered via the computer.
  - 25. The system of claim 21, wherein:
    - the IP address of the computer is sent to the server; and
      
      the IP address is used by the server to determine a physical location of the computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Chase Barfield, Jason Cornell, Jeff Arbour
Original Assignee
Chase Barfield, Jason Cornell, Jeff Arbour
Inventors
Cornell, Jason, Arbour, Jeff, Barfield, Chase

Granted Patent

US 8,201,261 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/150
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06F 21/552   involving long-term monitor...

G06F 21/88   Detecting or preventing the...

G06F 2221/2143   Clearing memory, e.g. to pr...

G06F 2221/2147   Locking files

H04L 63/0464   using hop-by-hop encryption...

H04L 63/083   using passwords cryptograph...

H04L 63/1441   Countermeasures against mal...

Secure Data Storage System And Method

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

14 Citations

25 Claims

Specification

Use Cases

Quick Links

Others

Secure Data Storage System And Method

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

25 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others