System and method to securely store information in a recoverable manner on an untrusted system
First Claim
Patent Images
1. A method for storing information in a recoverable manner on an untrusted system, comprising:
- sending, by a client, a request to a recovery server for recovery of a failed database;
determining whether said request is legitimate;
based on said determining, sending an old local key to the client;
decrypting by said client the failed database with the old local key, to recover the failed database; and
re-encrypting the recovered database with a new local key, wherein at least one of said old local key and said new local key is based upon at least one unique characteristic of a hardware component associated with said database.
1 Assignment
0 Petitions
Accused Products
Abstract
A method (and system) for storing information in a recoverable manner on an untrusted system, includes sending, by a client, a request to a recovery server for recovery of a failed database, determining whether the request is legitimate, based on the determining, sending a local key to the client, decrypting by the client the failed database with the local key, to recover the failed database, and re-encrypting the recovered database with a new key.
25 Citations
36 Claims
-
1. A method for storing information in a recoverable manner on an untrusted system, comprising:
-
sending, by a client, a request to a recovery server for recovery of a failed database;
determining whether said request is legitimate;
based on said determining, sending an old local key to the client;
decrypting by said client the failed database with the old local key, to recover the failed database; and
re-encrypting the recovered database with a new local key, wherein at least one of said old local key and said new local key is based upon at least one unique characteristic of a hardware component associated with said database. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A method of allowing recovery of a proprietary database, comprising:
-
receiving, from a client at a recovery server, a request to restore a database;
determining, by the recovery server, whether the request is legitimate by verifying a key database identification included in the request of the user;
if the key database identification matches a predetermined identification, then applying a recovery decision logic, and granting the restore request to the client by the recovery server;
forwarding an old local key to a user; and
calculating a new local key by decrypting the database with said old local key by said client, wherein at least one of said old local key and said new local key is based upon at least one unique characteristic of a hardware component associated with said database. - View Dependent Claims (30)
-
-
31. A system for storing information in a recoverable manner on an untrusted system, comprising:
-
means for sending, by a client, a request to a recovery server for recovery of a failed database;
means for determining whether said request is legitimate;
based on an output from said means for determining, means for sending an old local key to the client;
means for decrypting, by said client, the failed database with the old local key; and
means for re-encrypting the recovered database with a new local key, wherein at least one of said old local key and said new local key is based upon at least one unique characteristic of a hardware component associated with said database. - View Dependent Claims (32)
-
-
33. A system of allowing recovery of a proprietary database, comprising:
-
means for receiving, by a recovery server, a request from a client to restore a database;
means for determining whether the request is legitimate by verifying a key database identification included in the request of the client;
means for applying a recovery decision logic based on the key database identification matching a predetermined identification, and for granting the restore request to the client by the recovery server;
means for forwarding an old local key to said client;
means for decrypting the database with the old local key, and calculating a new local key, wherein at least one of said old local key and said new local key is based upon at least one unique characteristic of a hardware component associated with said database. - View Dependent Claims (34)
-
-
35. A signal-bearing medium tangibly embodying a program of machine-readable instructions executable by a digital processing apparatus to perform a method of storing information in a recoverable manner on an untrusted system, comprising:
-
sending, by a client, a request to a recovery server for recovery of a failed database;
determining whether said request is legitimate;
based on said determining, sending a local key to the client;
decrypting by said client the failed database with the local key; and
re-encrypting the decrypted database with a new key, wherein at least one of said local key and said new key is based upon at least one unique characteristic of a hardware component associated with said database.
-
-
36. A signal-bearing medium tangibly embodying a program of machine-readable instructions executable by a digital processing apparatus to perform a method of allowing recovery of a proprietary database, comprising:
-
receiving a restore request from a client, by a recovery server;
determining, by the recovery server, whether the request is legitimate by verifying a key database identification included in the request of the client;
based on the key database identification matching a predetermined identification, applying a recovery decision logic, and granting the restore request by the recovery server;
forwarding an old local key from said recovery server to said client;
decrypting the database using the old local key; and
calculating a new local key, wherein at least one of said old local key and said new local key is based upon at least one unique characteristic of a hardware component associated with said database.
-
Specification