Systems and Methods for Preventing Access to Stored Electronic Data

US 20130247222A1
Filed: 09/12/2012
Published: 09/19/2013
Est. Priority Date: 09/16/2011
Status: Abandoned Application

First Claim

Patent Images

1. A method of securing data stored on removable electronic storage media comprising:

authenticating a user of an agent computing device when the removable media is connected to the agent computing device, wherein the agent computing device is configured to store predefined access control information;

unlocking an encrypted portion of the removable media using an encryption key provided to the user when the user is authenticated;

identifying when the agent computing device has been compromised through detection of loss, theft, or unauthorized access to the agent computing device; and

communicating an access elimination command to the agent computing device upon receipt of an access elimination trigger, the access elimination command adapted to prevent further access to encrypted portions of the removable media.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The techniques described herein include data security systems and methods adapted to protect stored data from unauthorized access. Encryption keys can be maintained on a removable media that allow an authorized user of an agent computing device to access encrypted portions of the removable media. The agent computing device controls access using predefined access control information. An access elimination command communicated to the agent computing device can prevent further access to encrypted data on the removable media.

32 Citations

View as Search Results

30 Claims

1. A method of securing data stored on removable electronic storage media comprising:
- authenticating a user of an agent computing device when the removable media is connected to the agent computing device, wherein the agent computing device is configured to store predefined access control information;
  
  unlocking an encrypted portion of the removable media using an encryption key provided to the user when the user is authenticated;
  
  identifying when the agent computing device has been compromised through detection of loss, theft, or unauthorized access to the agent computing device; and
  
  communicating an access elimination command to the agent computing device upon receipt of an access elimination trigger, the access elimination command adapted to prevent further access to encrypted portions of the removable media.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein the access elimination trigger is initiated upon receiving status information from a server connected to the agent computing device indicating the agent computing device has been compromised.
  - 3. The method of claim 1, wherein the agent computing device is adapted to encrypt data on the agent computing device upon receiving the access elimination command.
  - 4. The method of claim 1, wherein the agent computing device is adapted to destroy the encryption key upon receiving the access elimination command.
  - 5. The method of claim 1, wherein the agent computing device is adapted perform hardware disablement of one or more components of the agent computing device upon receiving the access elimination command.
  - 6. The method of claim 1, wherein the agent computing device is adapted to perform targeted destruction of data on the agent computing device upon receiving the access elimination command.
  - 7. The method of claim 6, wherein the targeted destruction of data on the agent computing device includes performing a multiple overwrite operation on the data to thwart later reconstruction of the data.
  - 8. The method of claim 6, wherein the agent computing device is adapted to perform targeted destruction of data on the agent computing device after a delay measured by a timer.
  - 9. The method of claim 1, wherein the agent computing device is adapted to destroy a partition table of the removable media upon receiving the access elimination command.
  - 10. The method of claim 1, wherein the access elimination trigger is initiated by an administrator or a user of the agent computing device.
  - 11. The method of claim 1, wherein the access elimination trigger is initiated upon detecting invalid attempts to access the agent computing device.
  - 12. The method of claim 1, wherein the access elimination trigger is initiated upon determination that a predefined activation interval has elapsed.
  - 13. The method of claim 1, further comprising initiating a mode wherein an unauthorized user is permitted to operate the agent computing device while the agent is actively destroying data on the agent computing device.
  - 14. The method of claim 1, wherein real-time encryption is performed as data is written to memory of the agent computing device.
  - 15. The method of claim 1, further comprising performing double encryption of data on the agent communication device including both disk-level and file-level encryption.

16. A system configured to secure data stored on removable electronic storage media, the system comprising:
- an authentication module configured to authenticate a user of an agent computing device when the agent computing device is connected to the removable electronic storage media;
  
  a memory to store predefined access control information on the agent computing device; and
  
  an encryption key associated with the user when the user is authenticated to unlock an encrypted portion of the removable media;
  
  a detection module configured to identify when the agent computing device has been compromised through loss, theft, or unauthorized access of the agent computing device; and
  
  a communication module configured to send an access elimination command to the agent computing device upon receipt of an access elimination trigger, the access elimination command adapted to prevent further access to encrypted portions of the removable media.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 17. The system of claim 16, wherein the access elimination trigger is initiated upon receiving status information from a server connected to the agent computing device indicating the agent computing device has been compromised.
  - 18. The system of claim 16, wherein the agent computing device is adapted to encrypt data on the agent computing device upon receiving the access elimination command.
  - 19. The system of claim 16, wherein the agent computing device is adapted to destroy the encryption key upon receiving the access elimination command.
  - 20. The system of claim 16, wherein the agent computing device is adapted perform hardware disablement of one or more components of the agent computing device upon receiving the access elimination command.
  - 21. The system of claim 16, wherein the agent computing device is adapted to perform targeted destruction of data on the agent computing device upon receiving the access elimination command.
  - 22. The system of claim 21, wherein the targeted destruction of data on the agent computing device includes performing a multiple overwrite operation on the data to thwart later reconstruction of the data.
  - 23. The system of claim 21, wherein the agent computing device is adapted to perform targeted destruction of data on the agent computing device after a delay measured by a timer.
  - 24. The system of claim 16, wherein the agent computing device is adapted to destroy a partition table of the removable media upon receiving the access elimination command.
  - 25. The system of claim 16, wherein the access elimination trigger is initiated by an administrator or a user of the agent computing device.
  - 26. The system of claim 16, wherein the access elimination trigger is initiated upon detecting invalid attempts to access the agent computing device.
  - 27. The system of claim 16, wherein the access elimination trigger is initiated upon determination that a predefined activation interval has elapsed.
  - 28. The system of claim 16, further comprising initiating a mode wherein an unauthorized user is permitted to operate the agent computing device while the agent is actively destroying data on the agent computing device.
  - 29. The system of claim 16, wherein real-time encryption is performed as data is written to memory of the agent computing device.
  - 30. The system of claim 16, further comprising performing double encryption of data on the agent communication device including both disk-level and file-level encryption.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Beachhead Solutions, Inc.
Original Assignee
Beachhead Solutions, Inc.
Inventors
Lee, Michael, Maksim, Justin, Chung, Edward, Hora, David, Maksim, Daniel, Rubin, Jeff, Weber, Robin

Application Number

US13/612,786
Publication Number

US 20130247222A1
Time in Patent Office

Days
Field of Search
US Class Current

726/28
CPC Class Codes

G06F 21/31 User authentication

G06F 21/6218 to a system of files or obj...

Systems and Methods for Preventing Access to Stored Electronic Data

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

32 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and Methods for Preventing Access to Stored Electronic Data

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

32 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links