Secure information storage and retrieval apparatus and method

US 20110072264A1
Filed: 09/21/2009
Published: 03/24/2011
Est. Priority Date: 09/21/2009
Status: Active Grant

First Claim

Patent Images

1. A method for securely storing and retrieving confidential information, the method comprising:

a. encrypting an electronic file using a private key to create an encrypted file;

b. saving said encrypted file in an encrypted file computer memory;

c. transmitting said private key for storage in a private key computer memory, said private key computer memory being at a different physical location from said encrypted file computer memory.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A user using a client computer registers with a server computer over a computer network by submitting a biometric scan of a body part of the user. The user commands the client computer to encrypt an electronic file. The client computer generates a private key, encrypts the electronic file and transmits the key to the server computer. The client computer saves the encrypted file. The encrypted file and the key are saved at different physical locations. The owner of the file is able to grant permission to other registered users to unlock the encrypted file.

Citations

20 Claims

1. A method for securely storing and retrieving confidential information, the method comprising:
- a. encrypting an electronic file using a private key to create an encrypted file;
  
  b. saving said encrypted file in an encrypted file computer memory;
  
  c. transmitting said private key for storage in a private key computer memory, said private key computer memory being at a different physical location from said encrypted file computer memory.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1 wherein said step of encrypting said electronic file using said private key is performed by a client computer pursuant to a command by a user and wherein said step of transmitting said private key comprises:
    - said client computer transmitting said private key to a server computer over a computer network for storage of said private key in said private key computer memory.
  - 3. The method of claim 2, the method further comprising:
    - a. receiving a biometric identifier by said client computer from said user prior to said step of encrypting said electronic file;
      
      b. transmitting by said client computer of said biometric identifier to said server computer over said computer network;
      
      c. receiving by said client computer of a verification from said server computer that said user is authorized to encrypt said electronic file.
  - 4. The method of claim 2 wherein said biometric identifier comprises a biometric scan of a body part of said user, said biometric scan being performed by a biometric scanner operably connected to said client computer, said biometric scan being performed during a logon of said client computer to said server computer.
  - 5. The method of claim 4 wherein said biometric scan is a fingerprint scan.
  - 6. The method of claim 4, the method further comprising:
    - a. receiving by said client computer from said user of a command to open said encrypted file;
      
      b. transmitting by said client computer to said server computer over said computer network of a request for said private key;
      
      c. receiving of said private key by said client computer from said server computer;
      
      d. decrypting said encrypted file by said client computer.
  - 7. The method of claim 6, the method further comprising:
    - a. receiving said biometric identifier by said client computer from said user prior to said step of transmitting by said client computer to said server computer over said computer network of said request for said private key;
      
      b. transmitting by said client computer of said biometric identifier to said server computer over said computer network;
      
      c. receiving by said client computer of said verification from said server computer that said user is authorized to access said private key and decrypt said encrypted file.
  - 8. The method of claim 7 wherein said client computer is a one of a plurality of said client computers, each of said plurality of client computers being in communication with said server computer over said computer network, said biometric scanner being a one of a plurality of said biometric scanners, each said biometric scanner being operably connected to a one of said plurality of said client computers.
  - 9. The method of claim 8 wherein said user is a one of a plurality of said users and wherein said one of said plurality of users is an owner of said file, the method further comprising:
    - a. granting by said owner of a permission for another of said plurality of said users to retrieve said private key and to decrypt said encrypted file;
      
      b. receiving by a cone of said client computers from said another of said users of a one of said biometric identifiers and a user name, said one of said biometric identifiers and said user name corresponding to said another of said users;
      
      c. receiving by said one of said client computers from said server said verification that said another of said users is authorized to open said encrypted file;
      
      d. receiving by said client computer from said another of said users of said command to open said encrypted file;
      
      e. transmitting by said client computer to said server computer over said computer network of said request for said private key from said another of said users;
      
      f. receiving of said private key by said client computer from said server computer;
      
      g. decrypting said encrypted file by said client computer.
  - 10. The method of claim 8 wherein said encrypted file is a one of a plurality of said encrypted files, the method further comprising:
    - a. receiving by said client computer from said server computer of a log of said encrypted file;
      
      b. displaying said log to said owner and to said another user.
  - 11. The method of claim 8 wherein said permission authorizes said another of said users to retrieve said private key and to decrypt said file one time only.

12. An apparatus for securely storing and retrieving confidential information, the apparatus comprising:
- a. a client computer, said client computer being configured to communicate with a server computer over a computer network;
  
  b. a biometric scanner, said biometric scanner being operably connected to said client computer, said biometric scanner being configured to scan a body part of a user to generate a biometric identifier, said client computer being configured to transmit said biometric identifier to said server computer over said computer network, said client computer being configured to receive a verification from said server computer that said user is a registered user based on said biometric identifier;
  
  c. a client computer memory operably connected to said client computer;
  
  d. an electronic file accessible to said client computer, said client computer being configured to generate a private key and to encrypt said electronic file using said private key to create an encrypted file upon receiving an encryption command from said registered user, said client computer being configured to transmit said private key to said server computer over said computer network for storage of said private key in a private key memory, said client computer being configured not to save said private key to said client computer memory;
  
  e. an encrypted file computer memory, said client computer being configured to save said encrypted file to said encrypted file computer memory, said encrypted file computer memory being located in a different physical location from said private key computer memory.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The apparatus of claim 12 wherein said biometric scanner is a fingerprint scanner.
  - 14. The apparatus of claim 12 wherein said registered user is an owner of said encrypted file, said client computer being configured to receive a verification from said server computer that said registered user is said owner based on said biometric identifier, said client computer being configured to receive a request by said owner to decrypt said encrypted file, said client computer being configured to transmit said request to said server computer, said client computer being configured to receive said private key from said server computer, said client computer being configured to decrypt said encrypted file using said private key.
  - 15. The apparatus of claim 14 wherein said client computer is configured to receive a designation from said owner of said encrypted file that another said registered user has a permission to decrypt said encrypted file, said client computer being configured to decrypt said encrypted file only if said client computer receives said request to decrypt said encrypted file from said owner or from said another registered user who has been granted said permission by said owner and only after said client computer receives said verification that said owner or said another registered user requesting said decryption is said owner or is said another registered user with said permission, said verification being based on said biometric identifier.
  - 16. The apparatus of claim 14 wherein said owner is a one of a plurality of said owners, said registered user is a one of a plurality of said registered users, said client computer being configured to receive said verification that said owner is said one of said owners and that said registered user with said permission is said one of said plurality of said registered users.
  - 17. The apparatus of claim 16 wherein said client computer is a one of a plurality of said client computers, said biometric scanner is one of a plurality of said biometric scanners, each said biometric scanner being operably associated with a one of said plurality of client computers, each said biometric scanner and said associated client computer being configured to scan said body part of said one of said plurality of users to generate said biometric identifier and to transmit said biometric identifier to said server computer over said computer network, each said client computer being configured to receive said verification from said server computer that said one of said plurality of users is said one of said plurality of owners or said one of said plurality of said registered users.
  - 18. The apparatus of claim 17 wherein each of said plurality of said client computers is configured to receive from said server computer a log of said encrypted file, each said client computer being configured to display said log to said owner and to said another of said registered users who has been granted said permission, said log disclosing one or more of said encryption of said encrypted file, said granting by said owner of said permission, a receipt of said request to decrypt said encrypted file, a transmission of said private key by said server computer, and an expiration of said permission.

19. An apparatus for securely storing and retrieving confidential information, the apparatus comprising:
- a. a client computer, said client computer being configured to communicate with a server computer over a computer network;
  
  b. a biometric scanner, said biometric scanner being operably connected to said client computer, said biometric scanner being configured to scan a body part of a user to generate a biometric identifier, said client computer being configured to transmit a registration request from said user to said server computer over said computer network, said registration request comprising said biometric identifier, said client computer being configured to receive a notification from said server computer that said user is registered as a registered user;
  
  c. a client computer memory operably connected to said client computer, said client computer memory storing an electronic file, said client computer being configured to receive a request by said registered user to encrypt said electronic file, said client computer being configured to generate a private key and to encrypt said electronic file using said private key to create an encrypted file, said registered user being an owner of said encrypted file, said client computer being configured to receive a permission from said owner that another said registered user may decrypt said encrypted file, said client computer being configured to transmit said private key and said permission to said server computer over said computer network, said client computer being configured to save said encrypted file to an encrypted file memory, said client computer being configured not to save said private key to said encrypted file memory.
- View Dependent Claims (20)
- - 20. The apparatus of claim 19 wherein said client computer is configured to receive said biometric identifier from said biometric scanner coupled with a request to decrypt said encrypted file from said owner or from said another registered user with said permission, said client computer being configured to transmit to said server computer over said computer network said biometric identifier from said owner or said another said registered user with said permission upon said request to decrypt said encrypted file, said client computer being configured to receive said private key from said server computer, said client computer being configured to decrypt said encrypted file using said private key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
James Mcnulty
Original Assignee
James Mcnulty
Inventors
McNulty, James

Granted Patent

US 9,311,465 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/6209   to a single file or object,...

G06F 21/6245   Protecting personal data, e...

G06F 21/6272   by registering files or doc...

G06F 2221/2117   User registration

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0861   using biometrical features,...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/3242   involving keyed hash functi...

Secure information storage and retrieval apparatus and method

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure information storage and retrieval apparatus and method

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links