PROVIDING DATA SECURITY WITH A TOKEN DEVICE

US 20170223007A1
Filed: 04/21/2017
Published: 08/03/2017
Est. Priority Date: 01/28/2015
Status: Active Grant

First Claim

Patent Images

1. A token device for providing security to access and store data, comprising:

a private data conceal engine configured to transfer first information for display from the token device to a first computing device at a first time, the token device connected to the first computing device and the first information describing public data stored on the token device;

wherein the private data conceal engine is further configured to conceal second information stored to the token device, the second information describes a plurality of directories of private data, wherein the second information is not displayed by the first computing device at the first time; and

an authentication engine configured to verify that a user has generated one or more passwords to obtain one or more of the plurality of directories, and wherein in response to the user generating the one or more passwords, the one or more of the plurality of directories is displayed by the first computing device at a second time.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method for providing security to access and store data may include transferring first information for display from a token device having a memory to a first computing device at a first time, the token device connected to the first computing device and the first information describing public data stored on the token device. A request to retrieve a root directory of private data may be received, the request specifying a root directory name. In response to receiving the request to retrieve a root directory of private data, the root directory may be requested by establishing a wireless connection between the token device and a server computing device, transferring the root directory name to the server computing device, wherein the root directory name is used as a password to retrieve the root directory, and receiving the root directory from the server computing device by the token device.

Citations

19 Claims

1. A token device for providing security to access and store data, comprising:
- a private data conceal engine configured to transfer first information for display from the token device to a first computing device at a first time, the token device connected to the first computing device and the first information describing public data stored on the token device;
  
  wherein the private data conceal engine is further configured to conceal second information stored to the token device, the second information describes a plurality of directories of private data, wherein the second information is not displayed by the first computing device at the first time; and
  
  an authentication engine configured to verify that a user has generated one or more passwords to obtain one or more of the plurality of directories, and wherein in response to the user generating the one or more passwords, the one or more of the plurality of directories is displayed by the first computing device at a second time.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The token device of claim 1, further comprising:
    - a radio configured to establish a wireless connection between the token device and a server computing device, wherein the token device receives a request to retrieve a directory of private data, the request specifying a directory name and in response to the receiving of the request, the token device requests the directory from the server computing device and receives the directory from the server computing device; and
      
      a cryptosystem configured to transfer the directory name to the server computing device, wherein the directory name is used as a first password to retrieve the directory from the server computing device.
  - 3. The token device of claim 2, wherein the directory is a root directory, the token device further comprising:
    - wherein the radio is further configured to receive a request to retrieve a sub-directory of the root directory of private data, the request specifying a sub-directory name, and in response to the receiving of the request, the token device requests the sub-directory from the server computing device and receives the sub-directory from the server computing device; and
      
      wherein the cryptosystem is further configured to transfer the sub-directory name to the server computing device, wherein the sub-directory name is used as a second password to retrieve the sub-directory from the server computing device.
  - 4. The token device of claim 2, wherein the radio is further configured to synchronize the token device with the server computing device to store the directory from the server computing device to the token device.
  - 5. The token device of claim 1, further comprising a compressed URL generator configured to generate a unique compressed URL each time a link, which corresponds to the compressed URL, is selected to open the one or more plurality of directories in a browser.
  - 6. The token device of claim 1, further comprising a public storage engine configured to display a public storage, wherein the display of the public storage shows a total storage capacity that is less than an actual total storage capacity of the token device and the display of the public storage shows only the public data stored on the token device, wherein the token device is configurable to alter how much of the total storage capacity is displayed for the public storage.

7. A computer-implemented method for providing security to access and store data, the method comprising:
- transferring first information for display from a token device to a first computing device at a first time, the token device connected to the first computing device and the first information describing public data stored on the token device;
  
  concealing second information stored to the token device, the second information describes a plurality of directories of private data, wherein the second information is not displayed by the first computing device at the first time; and
  
  verifying that a user has generated one or more passwords to obtain one or more of the plurality of directories, and wherein in response to the user generating the one or more passwords, the one or more of the plurality of directories are displayed by the first computing device at a second time.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The method of claim 7, wherein the one or more of the plurality of directories includes a root directory of private data, the method further comprising:
    - receiving a request to retrieve a sub-directory of the root directory of private data, the request specifying a sub-directory name; and
      
      verifying that the sub-directory name has been generated in order to authenticate and authorize a user of the first computing device to retrieve contents of the sub-directory.
  - 9. The method of claim 8, further comprising synchronizing the token device with a server computing device to store the root directory from the server computing device to the token device.
  - 10. The method of claim 7, further comprising:
    - receiving a request to retrieve a directory of the one or more plurality of directories of private data stored on the token device, the request specifying a directory name that is used as a password to retrieve the directory stored on the token device;
      
      in response to receiving the request to retrieve the directory of private data stored on the token device, authenticating the request by verifying that the directory name matches the name of the directory; and
      
      transferring the directory of private data stored on the token device to a display screen of the first computing device.
  - 11. The method of claim 7, further comprising:
    - receiving offline data entries by the token device, wherein a wireless connection between the token device and a server computing device is disconnected;
      
      re-establishing the wireless connection between the token device and the server computing device; and
      
      synchronizing the token device with the server computing device to store the offline data entries from the token device to the server computing device.
  - 12. The method of claim 7, further comprising generating a unique compressed uniform resource locator (URL) each time a link, which corresponds to the compressed URL, is selected to open the one or more plurality of directories in a browser.
  - 13. The method of claim 7, further comprising displaying a public storage, wherein the display of the public storage shows a total storage capacity that is less than an actual total storage capacity of the token device.

14. A system comprising:
- a first computing device having a processor;
  
  a token device connected to the first computing device anda computer readable storage medium having program instructions embodied therewith, the program instructions readable/executable by the processor to cause the system to perform a method, the method comprising;
  
  transferring first information for display at the first computing device at a first time, the first information describing public data stored on the token device;
  
  concealing second information that describes a plurality of directories of private data, wherein the second information is not displayed by the first computing device at the first time; and
  
  verifying that a user has generated one or more passwords for of the plurality of directories of private data, and wherein in response to the user generating the one or more passwords, the one or more of the plurality of directories are displayed by the first computing device at a second time.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The system of claim 14, the method further comprising:
    - establishing a wireless connection between the token device and a server computing device, wherein the token device receives a request to retrieve a directory of private data, the request specifying a directory name and in response to the receiving of the request, the token device requests the directory from the server computing device and receives the directory from the server computing device; and
      
      transferring the directory name to the server computing device, wherein the directory name is used as a first password to retrieve the directory from the server computing device.
  - 16. The system of claim 15, wherein the directory is a root directory, the method further comprising:
    - receiving a request to retrieve a sub-directory of the root directory of private data, the request specifying a sub-directory name, and in response to the receiving of the request, the token device requests the sub-directory from the server computing device and receives the sub-directory from the server computing device; and
      
      transferring the sub-directory name to the server computing device, wherein the sub-directory name is used as a second password to retrieve the sub-directory from the server computing device.
  - 17. The system of claim 15, the method further comprising synchronizing the token device with the server computing device to store the directory from the server computing device to the token device.
  - 18. The system of claim 14, the method further comprising generating a unique compressed URL each time a link, which corresponds to a compressed URL, is selected to open the one or more plurality of directories in a browser.
  - 19. The system of claim 14, the method further comprising displaying a public storage, wherein the display of the public storage shows a total storage capacity that is less than an actual total storage capacity of the token device and the display of the public storage shows only the public data stored on the token device, wherein the token device is configurable to alter how much of the total storage capacity is displayed for the public storage.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Hintermeister, Gregory R.

Granted Patent

US 10,212,153 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/6218   to a system of files or obj...

H04L 2209/80   Wireless

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 9/0863   involving passwords or one-...

H04L 9/3226   using a predetermined code,...

H04W 12/084   using delegated authorisati...

PROVIDING DATA SECURITY WITH A TOKEN DEVICE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

PROVIDING DATA SECURITY WITH A TOKEN DEVICE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links