PASSWORD-LESS SECURITY AND PROTECTION OF ONLINE DIGITAL ASSETS

US 20130159732A1
Filed: 09/09/2012
Published: 06/20/2013
Est. Priority Date: 12/20/2011
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for protecting a digital asset, comprising:

substantially functionally handicapping the digital asset with digital data to prevent normal use;

sending a portion of the digital data to an enabling device, wherein the enabling device substantially functionally handicaps the digital data portion;

discarding the digital data portion from the asset server;

receiving the digital data portion from the enabling device responsive to a request to access the digital asset; and

reconstituting the digital asset using at least the digital data portion to functionally enable the digital asset for normal use.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Digital assets stored on an asset server by an asset owner are protected without a password. Instead, the digital assets are functionally handicapped by removing at least a portion of digital data (or a key) associated with the digital asset and discarding the key after being sent to an enabling device. The portion of digital data (or a key) is then handicapped by the enabling device by a cryptographic key which is formed from a human gesture and subsequently discarded. When access to the digital asset is requested, an asset owner is notified by the enabling device for approval. A human gesture from the asset owner first provides a key to reconstitute the digital data portion which is transmitted to the asset server to reconstitute the digital asset upon which the access is granted and logged.

76 Citations

View as Search Results

19 Claims

1. A computer-implemented method for protecting a digital asset, comprising:
- substantially functionally handicapping the digital asset with digital data to prevent normal use;
  
  sending a portion of the digital data to an enabling device, wherein the enabling device substantially functionally handicaps the digital data portion;
  
  discarding the digital data portion from the asset server;
  
  receiving the digital data portion from the enabling device responsive to a request to access the digital asset; and
  
  reconstituting the digital asset using at least the digital data portion to functionally enable the digital asset for normal use.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, wherein substantially functionally handicapping comprises:
    - substantially functionally handicapping the digital asset with a cryptographic key to prevent normal use.
  - 3. The method of claim 1, wherein substantially functionally handicapping comprises:
    - substantially functionally handicapping the digital asset by removing a portion of bits from the digital asset itself to prevent normal use of the digital asset.
  - 4. The method of claim 1, wherein sending the digital data portion to an enabling device, wherein the enabling device substantially functionally handicaps the digital data portion comprises:
    - the enabling device encrypting the digital data portion with at least data related to unique human input.
  - 5. The method of claim 4, wherein unique human input comprises a two-dimensional or a three-dimensional human gesture.
  - 6. The method of claim 4, wherein unique human input comprises at least one of:
    - a retina scan, a facial scan, a fingerprint scan, and a voice sample.
  - 7. The method of claim 4, wherein receiving digital data portion from the enabling device comprises:
    - receiving the digital data portion from the enabling device which has decrypted the digital data portion with data from a received unique human input.
  - 8. The method of claim 1, wherein sending the portion of the digital data to an enabling device, wherein the enabling device substantially functionally handicaps the digital data portion comprises:
    - the enabling device encrypting the digital data portion with a unique identifier associated with the enabling device.
  - 9. The method of claim 1, wherein sending the portion of the digital data to an enabling device, wherein the enabling device substantially functionally handicaps the digital data portion, comprises:
    - generating at least two derivative sub-portions of the digital data portion, the two derivative sub-portion corresponding to two keys; and
      
      sending one of the at least two keys to the enabling device.
  - 10. The method of claim 9, wherein generating the at least two derivative sub-portions corresponding to two keys comprises:
    - using a polynomial of a Shamir-type secret splitting algorithm to derive at least two data points which correspond to at least two keys.
  - 11. The method of claim 7, further comprising:
    - storing one of the at least two keys on the asset server apart from the digital asset.
  - 12. The method of claim 1, further comprising:
    - receiving a request to access the digital asset; and
      
      in response, sending a notification to the enabling device to send the digital data portion for reconstitution.
  - 13. The method of claim 1, further comprising:
    - logging each access to the digital asset, regardless of whether the digital asset is stored at the asset server.
  - 14. The method of claim 1, wherein the digital asset comprises at least one of:
    - data, multimedia, an executable application, a configuration file, machine code, and source code.
  - 15. The method of claim 1, wherein the enabling device comprises a wireless mobile device.
  - 16. The method of claim 1, wherein the digital asset comprises at least one of:
    - a digital asset, a group of digital assets, and a file system referring to the digital asset.

17. A computer-implemented method for protecting a digital asset, comprising:
- receiving at least a portion of digital data associated with the digital asset that has been substantially functionally handicapped by removal of the digital data portion, from an asset server;
  
  receiving a unique human input from an owner of the digital asset;
  
  substantially functionally handicapping the digital data portion with data from the unique human input;
  
  responsive to receiving a notification for a request for access to the digital asset, requesting the unique human input from the owner of the digital asset;
  
  reconstituting the digital data portion with the unique human input; and
  
  sending the digital data portion to the asset server to reconstitute the digital asset for normal use.

18. A non-transitory computer-readable medium storing source code that, when executed by a processor, performs a method for protecting a digital asset, comprising:
- substantially functionally handicapping the digital asset with digital data to prevent normal use;
  
  sending a portion of the digital data to an enabling device, wherein the enabling device substantially functionally handicaps the digital data portion;
  
  discarding the digital data portion from the server;
  
  receiving the digital data portion from the enabling device responsive to a request to access the digital asset; and
  
  reconstituting the digital asset using at least the digital data portion to functionally enable the digital asset for normal use.

19. A system to protect a digital asset, comprising:
- a processor; and
  
  a memory, comprising;
  
  a handicapping module to substantially functionally handicap the digital asset with digital data to prevent normal use, to send a portion of the digital data to an enabling device, wherein the enabling device substantially functionally handicaps the digital data portion, and discard the portion of digital data; and
  
  a reconstitution module to receive the portion of digital data from the enabling device, and reconstitute the digital asset using the digital data portion to functionally enable the digital asset for normal use.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nicolas Leoutsarakos
Original Assignee
Nicolas Leoutsarakos
Inventors
LEOUTSARAKOS, Nicolas

Granted Patent

US 8,954,758 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 21/31   User authentication

G06F 21/32   using biometric data, e.g. ...

G06F 21/6218   to a system of files or obj...

H04L 63/0435   wherein the sending and rec...

H04L 9/085   Secret sharing or secret sp...

H04W 12/68   Gesture-dependent or behavi...

PASSWORD-LESS SECURITY AND PROTECTION OF ONLINE DIGITAL ASSETS

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

76 Citations

19 Claims

Specification

Use Cases

Quick Links

Others

PASSWORD-LESS SECURITY AND PROTECTION OF ONLINE DIGITAL ASSETS

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

76 Citations

19 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others