Method and Apparatus for Securing Data in a Memory Device
First Claim
Patent Images
1. A method for securing information in a local memory device, the method comprising the steps of:
- coupling the local memory device to a first terminal,applying, at the first terminal, the following steps;
applying a cipher to the original data to obtain enciphered data,generating a seed number,utilizing the seed number as a lookup key, retrieving a first bit string from a first lookup table,dividing the enciphered data to a first portion of data units and a second portion of data units, wherein the second portion is formed by removing from the enciphered data the units of data corresponding to selected bits of the first bit string, and the first portion is formed from the remaining data units of the enciphered data,storing the first portion in the local memory device;
sending the second portion and the seed number via a data link for storage in a remote memory device connected to a network server;
removing the local memory device from the first terminal;
coupling the local memory device to a second terminal,applying, at the second terminal, the following steps;
receiving a read request at the second terminal targeted to the original data;
sending to the server the read request for obtaining the second portion and the seed number;
upon a successful access rights authentication of the read request at the server resulting in an authorized read request, retrieving via a data link the second portion and the seed data stored in the remote memory device;
utilizing the seed number as a lookup key, retrieving a second bit string from a second lookup table, wherein the first bit string and second bit string are identical,combining the first portion stored in the local memory device and the retrieved second portion by placing the units of data of the second portion into their original positions among the units of data in the first portion in conformity with the selected bits of the second bit string, wherein the combination of the first and second data portions reconstructs the enciphered data; and
deciphering the enciphered data to obtain the original data.
1 Assignment
0 Petitions
Accused Products
Abstract
A Method and a terminal intended for securing information in a local memory device which is couplable to a terminal having a data link interface. At the terminal, the method divides original data resulting in a first portion and a second portion. The method stores the first portion in the local memory device and sends the second portion for storage in a remote memory device. Upon obtaining an authorized read request targeted to the original data the method retrieves the second portion and combines the two portions. The method provides high data security if the data, is encrypted prior to the step of dividing. Another aspect of the invention comprises a terminal capable of at least combing the first and second data portions to reconstruct the original data, and preferably to perform the step required for dividing the data. The data may or may not be encrypted.
56 Citations
12 Claims
-
1. A method for securing information in a local memory device, the method comprising the steps of:
-
coupling the local memory device to a first terminal, applying, at the first terminal, the following steps; applying a cipher to the original data to obtain enciphered data, generating a seed number, utilizing the seed number as a lookup key, retrieving a first bit string from a first lookup table, dividing the enciphered data to a first portion of data units and a second portion of data units, wherein the second portion is formed by removing from the enciphered data the units of data corresponding to selected bits of the first bit string, and the first portion is formed from the remaining data units of the enciphered data, storing the first portion in the local memory device; sending the second portion and the seed number via a data link for storage in a remote memory device connected to a network server; removing the local memory device from the first terminal; coupling the local memory device to a second terminal, applying, at the second terminal, the following steps; receiving a read request at the second terminal targeted to the original data; sending to the server the read request for obtaining the second portion and the seed number; upon a successful access rights authentication of the read request at the server resulting in an authorized read request, retrieving via a data link the second portion and the seed data stored in the remote memory device; utilizing the seed number as a lookup key, retrieving a second bit string from a second lookup table, wherein the first bit string and second bit string are identical, combining the first portion stored in the local memory device and the retrieved second portion by placing the units of data of the second portion into their original positions among the units of data in the first portion in conformity with the selected bits of the second bit string, wherein the combination of the first and second data portions reconstructs the enciphered data; and deciphering the enciphered data to obtain the original data. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A terminal for securing data in a local memory device, the terminal comprising:
-
a data link interface; a ciphering block for transforming original data to enciphered data, a look up table for storing bit strings, a seed number generator, wherein a first bit string is retrieved from the look up table in response to a seed number used as a look up key, a data divider for dividing the enciphered data to a first portion of data units and a second portion of data units, wherein the second portion is formed by removing from the enciphered data the units of data corresponding to selected bits of the bit string, and the first portion is formed from the remaining data units of the enciphered data,; storing the first portion in the local memory device; sending the second portion and the seed number via a data link interface for storage in a remote memory device ; a data combiner, responsive to a read operation request targeted to the original data, for retrieving, upon a successful access rights authentication of the read operation request at a server resulting in an authorized request, via the data link interface the second portion of data units and the seed number stored in the remote memory device combining the retrieved second portion of data units and the first portion of data units stored in the local memory device coupled to the terminal by placing the data units of the retrieved second portion of data units into their original positions among the data units in the first portion in conformity with the selected bits of a second bit string retrieved, in the second terminal, from the look up table in response to the seed number used as a look up key, wherein the first and the second bit strings are identical, wherein the combination of the first and second portions of data units reconstructs the enciphered data, a deciphering block for transforming the enciphered data to the original data. - View Dependent Claims (7, 8, 9, 10, 11, 12)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeEnvault Corp. Oy
-
Original AssigneeEnvault Corp. Oy
-
InventorsOLLIKAINEN, Ville, RAUTIO, Harri, PESOLA, Juuso, LATVAKOSKI, Juhani
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current380/262
-
CPC Class CodesG06F 21/6272 by registering files or doc...G06F 21/78 to assure secure storage of...G06F 2221/2107 File encryptionH04L 63/0428 wherein the data content is...H04L 63/08 for authentication of entit...H04L 63/10 for controlling access to d...H04L 67/06 specially adapted for file ...H04L 9/0656 Pseudorandom key sequence c...H04L 9/085 Secret sharing or secret sp...H04L 9/0894 Escrow, recovery or storing...
