Enhanced data privacy for portable computers

US 5,870,468 A
Filed: 03/01/1996
Issued: 02/09/1999
Est. Priority Date: 03/01/1996
Status: Expired due to Fees

First Claim

Patent Images

1. A method of protecting a selected set of files stored on a hard disk of a computer, said method comprising:

a. encrypting each file of a selected set of files with an encryption key;

b. scrambling said encryption key with a secret key entered by an authorized user of said computer;

c. scrambling said encryption key with an algorithmic transform of said secret key; and

d. storing both said scrambled versions of said encryption key on said hard disk, wherein none of said selected files will be decrypted until said secret key is entered and used to obtain said encryption key in clear text from said stored scrambled versions of said encryption key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and an apparatus for protecting selected files in a portable computer system. With this invention a user selects a set of riles on a hard disk of the system for protection. This invention uses an encryption key, a secret key and an algorithmic transform to protect the selected files. With this invention the selected files are encrypted with the encryption key, and two copies of the encryption key are scrambled, one with the secret key and one with the transform of the secret key. Then, both scrambled versions of the encryption key are stored on the hard disk. When the user enters the secret key, the two scrambled versions of the encryption key are unscrambled using the key entered by the user and by using the transform of the key entered by the user. These unscrambled versions are then compared. If these unscrambled versions match, the original encryption key has been correctly restored and selected files will be decrypted either immediately or when referenced by an application program. This invention also calls for re-encrypting the selected files upon expiration of a timer indicating that the computer is idle or upon the repeated failure of a user to enter the secret key when requested.

156 Citations

12 Claims

1. A method of protecting a selected set of files stored on a hard disk of a computer, said method comprising:
- a. encrypting each file of a selected set of files with an encryption key;
  
  b. scrambling said encryption key with a secret key entered by an authorized user of said computer;
  
  c. scrambling said encryption key with an algorithmic transform of said secret key; and
  
  d. storing both said scrambled versions of said encryption key on said hard disk, wherein none of said selected files will be decrypted until said secret key is entered and used to obtain said encryption key in clear text from said stored scrambled versions of said encryption key.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1 further comprising:
    - e. unscrambling both said scrambled versions of said encryption key with an entered key with said entered key transformed by said algorithmic transform, wherein said entered key is entered by a user wanting to access a file from said set of files;
      
      f. comparing said unscrambled versions of said encryption key unscrambled in step e to check if the latter two unscrambled versions of said encryption key match, where said versions will match if said enter key corresponds to said secret key; and
      
      g. decrypting any file of said set of files that an application program attempts to open if said latter two unscrambled versions of said encryption key match.
  - 3. The method of claim 1 further comprising:
    - e. requesting said user to enter a secret keyf. unscrambling both said scrambled versions of said encryption key and said entered key transformed by said algorithmic transform;
      
      g. comparing said unscrambled versions of said encryption key unscrambled in step f to check if the latter two unscrambled versions of said encryption key match, where said versions will match if said enter key corresponds to said secret key; and
      
      h. decrypting any file of said set of files that an application program attempts to open if said latter two unscrambled versions of said encryption key match.
  - 4. The method of claim 3, wherein said requesting comprises requesting said user to enter said secret key when said selected files have been encrypted after a user-defined period has been reached.
  - 5. The method of claim 3, wherein said requesting comprises requesting said user to enter said secret key each time said computer is started.

6. A method of protecting a selected set of files stored on a hard disk of a computer, said method comprising:
- a. encrypting each file of said set of files with an encryption key when said computer has been idle for a user-defined period;
  
  b. scrambling said encryption key with a secret key entered by an authorized user of said computer;
  
  c. scrambling said encryption key with an algorithmic transform of said secret key; and
  
  d. storing both said scrambled versions of said encryption key on said hard disk.
- View Dependent Claims (7, 8, 9, 10, 11, 12)
- - 7. A method as recited in claim 6 further comprising:
    - a. blocking access to a user interface of said computer when said computer has been idled for a user-defined time period.
  - 8. The method of claim 6 further comprising:
    - e. requesting said user to enter an enter key;
      
      f. unscrambling both said scrambled versions of said encryption key with said enter key and said enter key transformed by an algorithmic transform;
      
      g. comparing said unscrambled versions of said encryption key unscrambled in step f to check if the latter two unscrambled versions of said encryption key match, where said versions will match if said enter key corresponds to said secret key; and
      
      h. decrypting any file of said set of files that an application program attempts to open if said latter two unscrambled versions of said encryption key match.
  - 9. The method of claim 8 further comprising:
    - counting the number of times a user attempts to enter said secret key; and
      
      comparing said number to a threshold value.
  - 10. The method of claim 9 further comprising automatically removing a component in said computer when said number of time said user has failed to enter said secret key exceeds said threshold.
  - 11. The method of claim 10 wherein said removing comprises removing the encryption key from system memory.
  - 12. The method of claim 10 wherein said removing comprises erasing said algorithmic transform from said hard disk.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Harrison, Colin George
Primary Examiner(s)
Dombroske, George
Assistant Examiner(s)
AMROZOWICZ, PAUL DOUGLAS

Application Number

US08/609,402
Time in Patent Office

1,075 Days
Field of Search

380/4, 380/25, 380/49, 380/30, 380/23, 380/3
US Class Current

713/165
CPC Class Codes

G06F 21/6209 to a single file or object,...

Enhanced data privacy for portable computers

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

156 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Enhanced data privacy for portable computers

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

156 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links