MANAGEMENT OF AN ENCRYPTION KEY FOR A SECURE DATA STORAGE DEVICE ON A TRUSTED DEVICE PAIRED TO THE SECURE DEVICE OVER A PERSONAL AREA NETWORK

US 20160050066A1
Filed: 05/05/2015
Published: 02/18/2016
Est. Priority Date: 08/13/2014
Status: Abandoned Application

First Claim

Patent Images

1. A system comprising:

a trusted device comprising;

a memory storing an encryption key;

a processor;

a secured data storage device comprising;

a memory, wherein a portion of the memory is allocated for sensitive data;

a processor, configured to pair, through a network, with the trusted device;

wherein the memory of the trusted device comprises instructions that when executed bythe processor of the trusted device cause the trusted device to transfer, through thefirst network, the encryption key to the secured data storage device; and

wherein upon receiving the encryption key, the secured data storage device enablesaccess to the allocated portion of the memory of the secured data storage device.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one aspect, a system comprises a trusted device comprising a memory storing an encryption key and a processor. The system also comprises a secured data storage device comprising a memory, wherein a portion of the memory is allocated for sensitive data; and a processor, configured to pair, through a network, with the trusted device. The memory of the trusted device comprises instructions that when executed by the processor of the trusted device cause the trusted device to transfer, through the first network, the encryption key to the secured data storage device. Upon receiving the encryption key, the secured data storage device enables access to the allocated portion of the memory of the secured data storage device.

Citations

20 Claims

1. A system comprising:
- a trusted device comprising;
  
  a memory storing an encryption key;
  
  a processor;
  
  a secured data storage device comprising;
  
  a memory, wherein a portion of the memory is allocated for sensitive data;
  
  a processor, configured to pair, through a network, with the trusted device;
  
  wherein the memory of the trusted device comprises instructions that when executed bythe processor of the trusted device cause the trusted device to transfer, through thefirst network, the encryption key to the secured data storage device; and
  
  wherein upon receiving the encryption key, the secured data storage device enablesaccess to the allocated portion of the memory of the secured data storage device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The system of claim 1, wherein the trusted device executes one or more instructions stored in a memory of the trusted device, causing the trusted device to enable management of the encryption key.
  - 3. The system of claim 1, wherein transferring the encryption key is controlled by permissions provided by a user of the trusted device.
  - 4. The system of claim 1, wherein transferring the encryption key is controlled by an external server communicatively coupled to the trusted device through the network or another network.
  - 5. The system of claim 4, wherein the encryption key is stored in the external server and only provided upon request as necessary to improve security.
  - 6. The system of claim 1, wherein the encryption key is a combination of a network pairing key and a password chosen by an end user of the trusted device and the secured data storage device.
  - 7. The system of claim 1, wherein the encryption key is a network pairing key and salt.
  - 8. The system of claim 1, wherein transferring the encryption key is controlled by one or more environmental context attributes on the trusted device, such as the access to specific Wi-Fi networks or the GPS location of the device.
  - 9. The system of claim 1, wherein the transferred encryption key is half of a temporary asymmetric key and wherein the temporary asymmetric key is a public key or a private key.
  - 10. The system of claim 1, wherein a user of the trusted device must provide a password or a code to access the encryption key of the trusted device.
  - 11. The system of claim 1, wherein the encryption key is partially or fully derived from a password or code entered by a user of the trusted device.
  - 12. The system of claim 1, wherein a timer is used to periodically re-request a valid key from the trusted device if one is not provided.
  - 13. The system of claim 1, wherein a loss of the encryption key is ensured using a timeout.
  - 14. The system of claim 1, wherein a loss or a transfer of the encryption key is controlled by at least one context attribute of an environmental context attribute or a location context attribute such as a global positioning system (GPS) geo-fence or access to a specific Wi-Fi network.
  - 15. The system of claim 1, wherein the pairing of the trusted device to the secured data storage device is actively monitored by the secured data storage device and wherein unpairing the trusted device from the secured data storage device deletes the encryption key from the secured data storage device.
  - 16. The system of claim 1, wherein if a request for an encryption key is denied a pre-determined number of times, the trusted device will delete all data stored in the memory of the secured data storage device.
  - 17. The system of claim 1, wherein if a request for an encryption key is denied a pre-determined number of times, the trusted device will require an extra permission in order to provide an encryption key.
  - 18. The system of claim 1, wherein if a request for an encryption key is not requested after a pre-determined period of time, the trusted device will require an extra permission in order to provide an encryption key.
  - 19. The system of claim 1, wherein the encryption key is validated using a seed from another authentication mechanism employed by the trusted device.
  - 20. The system of claim 1, wherein the encryption key used for the secured data storage device is partially or fully generated by a seed from another authentication mechanism employed by the trusted device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Louis Nunzio Loizides
Original Assignee
Louis Nunzio Loizides
Inventors
Loizides, Louis Nunzio

Application Number

US14/704,927
Publication Number

US 20160050066A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/0819   Key transport or distributi...

H04L 9/0827   involving distinctive inter...

H04L 9/0863   involving passwords or one-...

H04L 9/0897   involving additional device...

MANAGEMENT OF AN ENCRYPTION KEY FOR A SECURE DATA STORAGE DEVICE ON A TRUSTED DEVICE PAIRED TO THE SECURE DEVICE OVER A PERSONAL AREA NETWORK

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

MANAGEMENT OF AN ENCRYPTION KEY FOR A SECURE DATA STORAGE DEVICE ON A TRUSTED DEVICE PAIRED TO THE SECURE DEVICE OVER A PERSONAL AREA NETWORK

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links