SECURE CLOUD DATA SHARING

US 20140281520A1
Filed: 03/11/2014
Published: 09/18/2014
Est. Priority Date: 03/15/2013
Status: Active Grant

First Claim

Patent Images

1. A method for sharing an encrypted file stored in a cloud server, the method comprising:

generating a file key associated with the encrypted file stored in the cloud server;

encrypting the file key using a symmetric key to generate a share key;

storing the share key in the cloud server;

retrieving the encrypted file and the share key from the cloud server;

decrypting the share key using the symmetric key to reconstruct the file key; and

using the reconstructed file key to decrypt the encrypted file.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for sharing an encrypted file stored on a cloud server is disclosed. In certain embodiments, the method includes generating a file key associated with the encrypted file stored in the cloud server; generating a share message, the share message including the generated file key and identifying a recipient user and the encrypted file stored in the cloud server; encrypting the file key using an identification key of the recipient user to generate a share key; storing the share key in the cloud server; notifying the recipient user of the encrypted file and share key stored on the cloud server; retrieving the encrypted file and the share key from the cloud server; decrypting the share key using the identification key of the recipient user to reconstruct the file key; and using the reconstructed file key to decrypt the encrypted file.

Citations

18 Claims

1. A method for sharing an encrypted file stored in a cloud server, the method comprising:
- generating a file key associated with the encrypted file stored in the cloud server;
  
  encrypting the file key using a symmetric key to generate a share key;
  
  storing the share key in the cloud server;
  
  retrieving the encrypted file and the share key from the cloud server;
  
  decrypting the share key using the symmetric key to reconstruct the file key; and
  
  using the reconstructed file key to decrypt the encrypted file.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising:
    - generating a share message, the share message including the generated file key and identifying at least a recipient user and the encrypted file stored in the cloud server;
      
      storing the share message in a network server; and
      
      notifying the recipient user of at least one of the encrypted file and share key stored in the cloud server.
  - 3. The method of claim 1, wherein the symmetric key comprises an identification key of a recipient user.
  - 4. The method of claim 1, wherein the share key is assigned a dynamically generated storage name.
  - 5. The method of claim 1, further comprising notifying the recipient user of the share key stored on the cloud server.
  - 6. The method of claim 1, wherein the file key is a symmetric key.
  - 7. The method of claim 1, wherein the file key is an asymmetric key.
  - 8. The method of claim 1, wherein the file key is generated using a private identification key of a first user.
  - 9. The method of claim 1, wherein generating the share message includes a first user identifying a second user to receive a decrypted version of the encrypted file.
  - 10. The method of claim 1, further comprising encrypting a document using the file key to generate the encrypted file, and storing the encrypted file on the cloud server.

11. A method for sharing an encrypted file stored in a cloud server, the method comprising:
- receiving a share message, the share message including a file key associated with the encrypted file stored in the cloud server, and the share message identifying at least a recipient user and the encrypted file stored in the cloud server;
  
  encrypting the file key using an identification key of the recipient user to generate a share key;
  
  storing the share key in the cloud server;
  
  retrieving the encrypted file and the share key from the cloud server;
  
  decrypting the share key using the identification key of the recipient user to reconstruct the file key; and
  
  using the reconstructed file key to decrypt the encrypted file.
- View Dependent Claims (12, 13, 14)
- - 12. The method of claim 11, wherein the identification key of the recipient user is one key of a symmetric key pair.
  - 13. The method of claim 11, wherein the identification key of the recipient user used to encrypt the file key is a public key of an asymmetric key pair.
  - 14. The method of claim 11, wherein the identification key of the recipient user used to decrypt the share key is a private key of an asymmetric key pair.

15. One or more computer-readable media embodied with computer-executable instructions that, when executed by one or more processors, perform a computer-implemented method for sharing an encrypted file stored in a cloud server, the method comprising:
- generating a file key associated with the encrypted file stored in the cloud server;
  
  generating a share message, the share message including the generated file key and identifying at least a recipient user and the encrypted file stored in the cloud server;
  
  encrypting the file key using an identification key of the recipient user to generate a share key;
  
  storing the share key in the cloud server;
  
  retrieving the encrypted file and the share key from the cloud server;
  
  decrypting the share key using the identification key of the recipient user to reconstruct the file key; and
  
  using the reconstructed file key to decrypt the encrypted file.
- View Dependent Claims (16, 17, 18)
- - 16. The one or more computer-readable media of claim 15, wherein the identification key of the recipient user is one key of a symmetric key pair.
  - 17. The one or more computer-readable media of claim 15, wherein the identification key of the recipient user used to encrypt the file key is a public key of an asymmetric key pair.
  - 18. The one or more computer-readable media of claim 15, wherein the identification key of the recipient user used to decrypt the share key is a private key of an asymmetric key pair.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Baimmt, LLC
Original Assignee
MyMail Technology, LLC
Inventors
Heintz, John D., Selgas, Thomas Drennan

Granted Patent

US 9,767,299 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/165
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6209   to a single file or object,...

G06F 21/6218   to a system of files or obj...

G06F 21/6272   by registering files or doc...

G06F 2221/2107   File encryption

G06Q 10/101   Collaborative creation, e.g...

H04L 63/0428   wherein the data content is...

H04L 63/0442   wherein the sending and rec...

H04L 63/105   Multiple levels of security

H04L 9/0825   using asymmetric-key encryp...

SECURE CLOUD DATA SHARING

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE CLOUD DATA SHARING

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links