SECURE DATA CACHE

US 20110138191A1
Filed: 04/29/2009
Published: 06/09/2011
Est. Priority Date: 04/29/2008
Status: Abandoned Application

First Claim

Patent Images

1. A method of securely caching data stored in an electronic document, the method comprising:

reading data from said electronic document,using all or part of said data to calculate a unique cryptographic key for said data;

encrypting all or part of said data with said unique cryptographic key;

discarding said unique cryptographic key after encryption; and

caching said encrypted data in a data cache, with decryption of encrypted data requiring the presence of said electronic document to recalculate said unique cryptographic key from said electronic document.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This invention is generally concerned with methods, apparatus and computer program code for securely caching\data, in particular for caching data stored on smart card systems such as those used in ICAO-compliant EU electronic passports. A caching system for providing a secure data cache for data stored in an electronic document, the comprising: an input to receive data to be cached; a processor configured to use all or part of said received data to calculate a unique cryptographic key for said data; encrypt all or part of said data with said unique cryptographic key; and discard said unique cryptographic key after encryption and an output to send said encrypted data to a data cache, with decryption of encrypted data requiring said unique cryptographic key to be recalculated from said electronic document whereby said data cache is secure. Use of such a cache dramatically speeds up the inspection process, by bypassing the need to read data entirely, except for during the first inspection.

Citations

20 Claims

1. A method of securely caching data stored in an electronic document, the method comprising:
- reading data from said electronic document,using all or part of said data to calculate a unique cryptographic key for said data;
  
  encrypting all or part of said data with said unique cryptographic key;
  
  discarding said unique cryptographic key after encryption; and
  
  caching said encrypted data in a data cache, with decryption of encrypted data requiring the presence of said electronic document to recalculate said unique cryptographic key from said electronic document.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. A method according to claim 1, wherein said electronic document is an electronic identity document comprising biometric data and the method comprises reading, encrypting and caching all or part of said biometric data.
  - 3. A method according to claim 2, wherein said electronic document comprises summary data and the method comprises using all or part of said summary data to calculate a unique cryptographic key for said biometric data.
  - 4. A method according to claim 3, wherein said biometric data comprises facial information and the method comprises using all or part of said summary data to calculate a unique cryptographic key for said facial information.
  - 5. A method according to claim 2, wherein said electronic document comprises digitally signed data and biometric data in the form of an image and the method comprises calculating a unique cryptographic key for said image using part of said image and said digitally signed data.
  - 6. A method according to claim 2, wherein said biometric data comprises an image and the method comprises using part of said image to calculate a unique cryptographic key for said image.
  - 7. A method according to claim 5 or claim 6, wherein said image is a fingerprint data.
  - 8. A method according to claim 1, comprising storing said encrypted data in the cache under an anonymous identifier whereby said data is not personally identifiable in the cache.
  - 9. A method of retrieving data on an electronic document which has been stored as encrypted data in a secure data cache created using the method of claim 1, the method of retrieving data comprising:
    - reading some data from said electronic document;
      
      using all or part of said read data to recalculate said unique cryptographic key for said encrypted data; and
      
      retrieving data on said electronic document by decrypting encrypted data for said electronic document in said secure data cache using said recalculated unique cryptographic key.
  - 10. A method according to claim 9, wherein said electronic document is an electronic identity document comprising biometric data and the method comprises retrieving said biometric data.
  - 11. A method of verifying an electronic document, the method comprising:
    - creating a secure data cache as described in claim 1;
      
      reading part of the data from said electronic document, using all or part of said read data to recalculate said unique cryptographic key for said encrypted data;
      
      decrypting encrypted data for said electronic document in said secure data cache using said recalculated unique cryptographic key and verifying said electronic document using said decrypted data.
  - 12. A carrier carrying processor control code to, when running, implement the method of claim 1.

13. A caching system for providing a secure data cache for data stored in an electronic document, the caching system comprising:
- an input to receive data to be cached;
  
  a processor configured touse all or part of said received data to calculate a unique cryptographic key for said data;
  
  encrypt all or part of said data with said unique cryptographic key; and
  
  discard said unique cryptographic key after encryption andan output to send said encrypted data to a data cache, with decryption of encrypted data requiring the presence of said electronic document to recalculate said unique cryptographic key from said electronic document whereby said data cache is secure.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. A caching system according to claim 13, wherein said electronic document is an electronic identity document comprising biometric data and said system provides a secure data cache for said biometric data.
  - 15. A caching system according to claim 14, wherein said biometric data comprises facial information and said system provides a secure data cache for said facial information.
  - 16. A caching system according to claim 14 or claim 15, wherein said biometric data comprises fingerprint data and said system provides a secure data cache for said facial information.
  - 17. A data retrieval system for retrieving information on an electronic document from a secure data cache created by the caching system of claim 13, the data retrieval system comprising:
    - an inspection system for reading some data from said electronic document; and
      
      a processor configured to;
      
      use all or part of said read data to recalculate said unique cryptographic key for said data; and
      
      decrypt encrypted data in said secure data cache using said recalculated unique cryptographic key, whereby data on said electronic document is retrieved from said secure data cache.
  - 18. A verification system for verifying an electronic document, the verification system comprising:
    - a secure data cache created by the caching system described in claim 13;
      
      an input to receive data from said electronic document; and
      
      a processor configured to;
      
      use all or part of said received data to recalculate said unique cryptographic key for said data;
      
      decrypt encrypted data in said secure data cache using said recalculated unique cryptographic key, andverify said electronic document using said decrypted data.
  - 19. A verification system according to claim 18 in the form of a handheld device.
  - 20. A verification system according to claim 18 or claim 19 wherein said secure data cache is remote from said processor and said verification system comprises a wireless connection between said processor and said secure data cache.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cryptomathic Ltd (Cryptomathic A/S)
Original Assignee
Cryptomathic Ltd (Cryptomathic A/S)
Inventors
Bond, Michael

Application Number

US12/937,980
Publication Number

US 20110138191A1
Time in Patent Office

Days
Field of Search
US Class Current

713/189
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/6209   to a single file or object,...

G06F 21/6245   Protecting personal data, e...

SECURE DATA CACHE

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE DATA CACHE

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links