SECURE DOCUMENT STORAGE SYSTEM

US 20170034169A1
Filed: 07/29/2016
Published: 02/02/2017
Est. Priority Date: 07/29/2015
Status: Active Grant

First Claim

Patent Images

1. A system for the storage of data, the system comprising:

An encrypted host platform disposed in a specific territory and upon which export controlled data is stored;

A controller configured to allow a primary user to set permission settings and identify authorized end users and degrees of access granted to each said authorized end user, said authorized end user being pre-cleared for compliance with export controls pertaining to said export controlled data;

said controller configured to permit access to said encrypted host platform only if said host platform is located within a specific territory and if said hosting platform is in compliance with predefined data security protocols said controller configured to allow said authorized end user access to said export controlled data, and said controller configured to exclude access to both a provider of the system for storage and a system host platform provider;

At least one individual computing device accessible by at least one said authorized end user, disposed within an authorized territory, said individual computing device configured to provide authorized end user identification data to said controller and receive permissions from said controller for access to said host platform; and

said host platform only communicates with individual user devices if said devices have received permission from said controller.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system is provided for the storage of data, the system having: an encrypted host platform disposed in a specific territory and upon which export controlled data is stored; a controller configured to allow a primary user to set permission settings and identify authorized end users and degrees of access granted to each the authorized end user, the authorized end user being pre-cleared for compliance with export controls pertaining to the export controlled data; the controller configured to permit access to the encrypted host platform only if the host platform is located within a specific territory and if the hosting platform is in compliance with predefined data security protocols the controller configured to allow the authorized end user access to the export controlled data, and the controller configured to exclude access to both a provider of the system for storage and a system host platform provider; at least one individual computing device accessible by at least one the authorized end user, disposed within an authorized territory, the individual computing device configured to provide authorized end user identification data to the controller and receive permissions from the controller for access to the host platform; and the host platform only communicates with individual user devices if the devices have received permission from the controller.

Citations

20 Claims

1. A system for the storage of data, the system comprising:
- An encrypted host platform disposed in a specific territory and upon which export controlled data is stored;
  
  A controller configured to allow a primary user to set permission settings and identify authorized end users and degrees of access granted to each said authorized end user, said authorized end user being pre-cleared for compliance with export controls pertaining to said export controlled data;
  
  said controller configured to permit access to said encrypted host platform only if said host platform is located within a specific territory and if said hosting platform is in compliance with predefined data security protocols said controller configured to allow said authorized end user access to said export controlled data, and said controller configured to exclude access to both a provider of the system for storage and a system host platform provider;
  
  At least one individual computing device accessible by at least one said authorized end user, disposed within an authorized territory, said individual computing device configured to provide authorized end user identification data to said controller and receive permissions from said controller for access to said host platform; and
  
  said host platform only communicates with individual user devices if said devices have received permission from said controller.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The system of claim 1 wherein said controller compiles logs of all actions on said system relating to controlled technical data disposed on said host platform.
  - 3. The system of claim 2 wherein said logs are tamperproof.
  - 4. The system of claim 1 wherein said controller is configured to provide real-time reports to an enterprise administrator of access points granted to controlled technical data disposed on said host platform.
  - 5. The system of claim 4 wherein said real-time reports provide automated alerts to said enterprise administrator.
  - 6. The system of claim 1 wherein said controller is configured to require two-factor authentication of individual computing devices.
  - 7. The system of claim 1 wherein said controller provided granular permissions to said individual computing devices.
  - 8. The system of claim 1 further comprising an encrypted email service disposed on said encrypted host platform.
  - 9. The system of claim 1 wherein hardware specifications of an authorized user are determined on initial authorization and further access by said authorized user is limited to the specific hardware configuration used for said initial authorization.
  - 10. The system of claim 9 wherein hardware specifications comprise information regarding the CPU, BIOS, motherboard, and operating system.
  - 11. The system of claim 9 wherein access by an authorized user from a different hardware configuration than that used for initial authorization would result in the user being prompted for additional information.
  - 12. The system of claim 10 wherein said additional information comprises information provided through two-factor authentication or two-channel authentication.
  - 13. The system of claim 1 further comprising a master key configured to allow secondary access to the system.
  - 14. The system of claim 13 wherein said master key is split into a plurality of files, all of which must be combined to allow access to the system.
  - 15. The system of claim 14 wherein said plurality of master keys are held by citizens of the territory in which the hosting platform is located.
  - 16. The system of claim 1 wherein said controller provides access to said system only to citizens and permanent residents of said specific territory.
  - 17. The system of claim 1 wherein said system is accessible via distributed computer network located entirely within said specific territory.
  - 18. The system of claim 1 wherein said specific territory is the United States of America.
  - 19. The system of claim 1 further comprising a reporting module, configured to electronically record and report transmittal of said controlled data outside of said specific territory.
  - 20. The system according to claim 1 wherein said specific territory and said authorized territory are the same.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nashua IP Licensing LLC
Original Assignee
RegDOX Solutions Inc.
Inventors
O'Brien, William Lawrence

Granted Patent

US 10,389,716 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 2212/1052   Security improvement

H04L 2463/082   applying multi-factor authe...

H04L 63/0272   Virtual private networks

H04L 63/08   for authentication of entit...

H04L 63/0892   by using authentication-aut...

H04L 63/101   Access control lists [ACL]

H04L 63/102   Entity profiles

SECURE DOCUMENT STORAGE SYSTEM

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE DOCUMENT STORAGE SYSTEM

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links