SYSTEMS AND METHODS FOR MANAGING CRYPTOGRAPHIC KEYS

US 20120170750A1
Filed: 02/23/2012
Published: 07/05/2012
Est. Priority Date: 09/14/2007
Status: Active Grant

First Claim

Patent Images

1. A method for managing cryptographic keys, the method comprising:

receiving, at a common interface;

a first request from a first interface in a first interface format to manage at least one cryptographic key stored remote from the first interface; and

a second request from a second interface in a second interface format to manage at least one cryptographic key stored remote from the second interface;

translating each of the first request from the first interface format and the second request from the second interface format to a common interface format;

authenticating the first and second requests by at least verifying that the requests originated from an authorized source; and

executing the first and second translated requests in the common interface format.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A common interface for managing cryptographic keys is provided. A request to manage a cryptographic key may be received in a first interface format, translated to a common interface format, and then executed remotely from the first interface. Return arguments may then be translated from the common interface format to a format compatible with the first interface and communicated securely to the first interface. The cryptographic keys may be used in connection with a secure data parser that secures data by randomly distributing data within a data set into two or more shares.

Citations

15 Claims

1. A method for managing cryptographic keys, the method comprising:
- receiving, at a common interface;
  
  a first request from a first interface in a first interface format to manage at least one cryptographic key stored remote from the first interface; and
  
  a second request from a second interface in a second interface format to manage at least one cryptographic key stored remote from the second interface;
  
  translating each of the first request from the first interface format and the second request from the second interface format to a common interface format;
  
  authenticating the first and second requests by at least verifying that the requests originated from an authorized source; and
  
  executing the first and second translated requests in the common interface format.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1 wherein executing the translated requests comprises retrieving the at least one cryptographic key.
  - 3. The method of claim 1 wherein executing the translated requests comprises generating the at least one cryptographic key.
  - 4. The method of claim 1 wherein executing the translated requests comprises deleting the at least one cryptographic key.
  - 5. The method of claim 1 wherein executing the translated requests comprises storing the at least one cryptographic key in a key store.
  - 6. The method of claim 1 wherein executing the translated requests comprises storing the at least one cryptographic key on removable media.
  - 7. The method of claim 1 further comprising securing a data set using the at least one cryptographic key, wherein securing the data set comprises:
    - encrypting the data set using the at least one cryptographic key;
      
      generating a random or pseudo-random value;
      
      distributing, based, at least in part,on the random or pseudorandom value, encrypted data in the data set into two or more shares; and
      
      storing the two or more shares separately on at least one data depository.
  - 8. The method of claim 7 wherein storing the two or more shares separately on at least one data depository comprises storing the two or more shares on at least two geographically separated data depositories.
  - 9. The method of claim 1 further comprising translating at least one return argument of the executed requests from a common interface format to a first or second interface format.
  - 10. The method of claim 9 wherein the at least one return argument of the executed requests comprises at least one cryptographic key.
  - 11. The method of claim 9 further comprising transmitting the at least one return argument to the first or second interface over a secure communications path.
  - 12. The method of claim 1 wherein authenticating the requests comprises implementing an authentication protocol or cryptographic handshake.
  - 13. The method of claim 1 wherein authenticating the requests comprises verifying a cryptographic signature associated with the request.
  - 14. The method of claim 1 wherein authenticating the requests comprises validating an authentication token.
  - 15. The method of claim 14 wherein validating an authentication token comprises enforcing an expiration date or expiration time associated with the authentication token.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Security First Innovations, LLC
Original Assignee
Security First Corp
Inventors
Orsini, Rick L., O'Hare, Mark S., Davenport, Roger

Granted Patent

US 9,397,827 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/277
CPC Class Codes

G06F 21/44   Program or device authentic...

G06F 21/45   Structures or tools for the...

G06F 21/606   by securing the transmissio...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0815   providing single-sign-on or...

H04L 63/18   using different networks or...

H04L 9/083   involving central third par...

H04L 9/0844   with user authentication or...

H04L 9/085   Secret sharing or secret sp...

H04L 9/32   including means for verifyi...

H04L 9/3213   using tickets or tokens, e....

SYSTEMS AND METHODS FOR MANAGING CRYPTOGRAPHIC KEYS

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEMS AND METHODS FOR MANAGING CRYPTOGRAPHIC KEYS

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links