Method and system for securely archiving core data secrets
First Claim
1. A method of securely storing and recovering data protection keys, comprising the following steps:
- deriving a client key from a user secret that is supplied by a user during network logon procedures;
securing user data on a client computer with the client key;
sending the client key to a network supervisory computer that authenticates network users during user logon procedures;
encrypting a data combination at the network supervisory computer, the data combination including the client key and a user identification corresponding to a currently authenticated current user of the client computer;
returning the encrypted data combination to the client computer;
storing the encrypted data combination at the client computer;
sending the encrypted data combination to the network supervisory computer in order to recover the client key;
decrypting the data combination at the network supervisory computer to obtain the client key and the user identification in response to receiving the encrypted data combination from the client computer;
returning the client key to the client computer only if the obtained user identification corresponds to the currently authenticated user of the client computer.
2 Assignments
0 Petitions
Accused Products
Abstract
The invention provides central storage for core data secrets, referred to as data items. The data items are encrypted by a client computer using a client key that is derived from a logon secret, such as a password, supplied by a user during a network logon procedure. The client key is escrowed with the participation of a network supervisory computer such as a domain controller. The client sends the client key to the domain controller. The domain controller appends a user identification corresponding to the currently authenticated user of the client computer, and encrypts the resulting combination. The encrypted combination is sent back to and stored locally by the client. To recover the client key, the encrypted combination is sent to the domain controller, which decrypts the combination to obtain the data item. However, the data item is returned to the client computer only if the decrypted user identification corresponds to the currently authenticated user of the client computer.
353 Citations
61 Claims
-
1. A method of securely storing and recovering data protection keys, comprising the following steps:
-
deriving a client key from a user secret that is supplied by a user during network logon procedures; securing user data on a client computer with the client key; sending the client key to a network supervisory computer that authenticates network users during user logon procedures; encrypting a data combination at the network supervisory computer, the data combination including the client key and a user identification corresponding to a currently authenticated current user of the client computer; returning the encrypted data combination to the client computer; storing the encrypted data combination at the client computer; sending the encrypted data combination to the network supervisory computer in order to recover the client key; decrypting the data combination at the network supervisory computer to obtain the client key and the user identification in response to receiving the encrypted data combination from the client computer; returning the client key to the client computer only if the obtained user identification corresponds to the currently authenticated user of the client computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A network supervisory computer that is programmed to perform steps comprising:
-
authenticating a current user of a network client through a network logon procedure; receiving a data item from the network client; encrypting a data combination that includes the data item and a user identification corresponding to the currently authenticated user of the network client; returning the encrypted data combination to the client computer. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A method of securely storing a data item for an authenticated user of a client computer, comprising the following steps:
-
sending the data item to a network supervisory computer; encrypting a data combination at the network supervisory computer, the data combination including the data item and a user identification corresponding to an authenticated current user of the client computer; returning the encrypted data combination to the client computer; storing the encrypted data combination at the client computer. - View Dependent Claims (24, 25, 26, 27, 28, 29)
-
-
30. A method of securely storing a data item for an authenticated user of a client computer, the method comprising the following steps:
-
deriving the data item from a user logon secret; encrypting the data item; sending the encrypted data item to a network supervisory computer that authenticates users of the client computer; creating a message authentication code based at least in part on the data item and a user identification corresponding to the authenticated user of the client computer, wherein the message authentication code is created using an authentication key that is derived from a master key and a first random key; encrypting a data combination at the network supervisory computer using an encryption key that is derived from a master key and a second random key, the data combination including the encrypted data item, the user identification, and the message authentication code; returning the encrypted data combination, the first random key, and the second random key to the client computer; storing the encrypted data combination, the first random key, and the second random key at the client computer. - View Dependent Claims (31)
-
-
32. A method of restoring a data item for an authenticated user of a client computer, comprising the following steps:
-
sending an encrypted data combination to a network supervisory computer from the client computer, the data combination including the data item and a user identification; decrypting the encrypted data combination at the network supervisory computer to obtain the data item and the user identification; returning the data item to the client computer only if the user identification corresponds to the authenticated user of the client computer. - View Dependent Claims (33, 34, 35, 36, 37)
-
-
38. A method of restoring a data item for an authenticated user of a client computer, comprising the following steps:
-
sending an encrypted data combination to a network supervisory computer from the client computer, the data combination including the data item, a user identification, and a message authentication code, the data item being encrypted within the data combination; decrypting the encrypted data combination at the network supervisory computer to obtain the encrypted data item and the user identification; returning the encrypted data item to the client computer only if (a) the user identification corresponds to an authenticated current user of the client computer and (b) the encrypted data item and the user identification are successfully authenticated using the message authentication code; decrypting the data item at the client computer. - View Dependent Claims (39, 40, 41, 42)
-
-
43. A system for storing and recovering data items and for protecting them from unauthorized access, comprising:
-
a network supervisory computer that authenticates users of client computers; a client computer that communicates with the network supervisory computer, the client computer being programmed to send a data item to the network supervisory computer; the network supervisory computer being programmed to encrypt a data combination comprising the data item and a user identification corresponding to an authenticated current user of the client computer, and to return the encrypted data combination to the client computer; the client computer being programmed to store the encrypted data combination and to send the encrypted data combination to the network supervisory computer to recover the data item; the network supervisory computer being programmed to decrypt the data combination to obtain the data item and the user identification in response to receiving the encrypted data combination from the client computer, and to return the data item to the client computer only if the user identification corresponds to the currently authenticated user of the client computer. - View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51, 52)
-
-
53. A computer-readable storage medium containing instructions that are executable by a network supervisory computer to perform steps comprising:
-
authenticating a current user of a network client through a network logon procedure; receiving a data item from the network client; encrypting a data combination that includes the data item and a user identification corresponding to the currently authenticated user of the network client; returning the encrypted data combination to the client computer. - View Dependent Claims (54, 55, 56, 57, 58)
-
-
59. A computer-readable storage medium containing instructions that are executable by a network client to perform steps comprising:
-
deriving a client key from a user secret that is supplied by a user during network logon procedures; securing user data with the client key; sending the client key to a network supervisory computer that authenticates network users during user logon procedures; in response to sending the client key, receiving an encrypted data combination from the network supervisory computer, the encrypted data combination being decryptable by the network supervisory computer to obtain the client key, wherein the encrypted data combination is not decryptable by the network computer; storing the encrypted data combination for use in recovering the client key when the user secret changes. - View Dependent Claims (60, 61)
-
Specification