Method and system for maintaining backup of portable storage devices

US 7,240,219 B2
Filed: 11/12/2003
Issued: 07/03/2007
Est. Priority Date: 05/25/2003
Status: Active Grant

First Claim

Patent Images

1. A method of securely storing original data, comprising the steps of:

(a) storing the original data in a first portable storage device;

(b) encrypting the original data using a processor of said first portable storage device and a backup key, thereby providing encrypted backup data that are different than the original data;

(c) storing said encrypted backup data in a backup medium that is separate from said first portable storage device;

(d) protecting said backup key, by steps including encrypting said backup key, thereby providing a protected backup key;

(e) retrieving said protected backup key, by steps including decrypting said protected backup key; and

(f) decrypting said encrypted backup data, using said retrieved backup key, thereby providing recovered data.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Data stored in a portable storage device are encrypted, for example by a processor of the portable storage device itself, using a backup key and stored in a backup medium. The backup key is protected by being stored in a backup key storage medium, such as an internet server, a pocketable medium or a trusted computer, preferably after being encrypted using a password. As needed, the backup key is retrieved and used to decrypt the data from the backup medium. The decrypted data are restored to the original portable storage device or to a different portable storage device.

Citations

51 Claims

1. A method of securely storing original data, comprising the steps of:
- (a) storing the original data in a first portable storage device;
  
  (b) encrypting the original data using a processor of said first portable storage device and a backup key, thereby providing encrypted backup data that are different than the original data;
  
  (c) storing said encrypted backup data in a backup medium that is separate from said first portable storage device;
  
  (d) protecting said backup key, by steps including encrypting said backup key, thereby providing a protected backup key;
  
  (e) retrieving said protected backup key, by steps including decrypting said protected backup key; and
  
  (f) decrypting said encrypted backup data, using said retrieved backup key, thereby providing recovered data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein said storing of the original data in said first portable storage device includes encrypting said data using a portable storage device key.
  - 3. The method of claim 2, wherein said portable storage device key is identical to said backup key.
  - 4. The method of claim 2, wherein said portable storage device key is different from said backup key.
  - 5. The method of claim 1, wherein said protecting of said backup key includes storing said backup key in an internet server.
  - 6. The method of claim 1, wherein said protecting of said backup key includes storing said backup key in a pocketable medium.
  - 7. The method of claim 1, wherein said protecting of said backup key includes storing said backup key in a trusted computer.
  - 8. The method of claim 1, wherein said encrypting of said backup key is effected using an encryption password, wherein said protecting of said backup key further includes storing said encrypted backup key in a backup key storage device, and wherein the method further comprises the step of:
    - (g) providing an alleged password to said backup key storage device, said retrieving of said protected backup key being permitted by said backup key storage device only if said alleged password is identical to said encryption password.
  - 9. The method of claim 8, wherein said backup key storage device allows only a predetermined number of attempts to provide said alleged password.
  - 10. The method of claim 8, further comprising the step of:
    - (h) changing said encryption password.
  - 11. The method of claim 1, further comprising the step of:
    - (g) storing said backup key in said first portable storage device.
  - 12. The method of claim 1, further comprising the step of:
    - (g) storing in said first portable storage device a description of said protecting of said backup key.
  - 13. The method of claim 1, further comprising the step of:
    - (g) storing in said backup medium a description of said protecting of said backup key.
  - 14. The method of claim 1, further comprising the step of:
    - (g) storing said recovered data in a target portable storage device selected from the group consisting of said first portable storage device and a second portable storage device.
  - 15. The method of claim 14, wherein said target portable storage device includes a processor, and wherein said decrypting of said encrypted backup data is effected by said processor.
  - 16. The method of claim 14, wherein said second portable storage device is separate from said first portable storage device and from said backup medium.
  - 17. The method of claim 1, wherein said storing of said encrypted backup data in said backup medium is effected via a data processing device that is separate from both said first portable storage device and said backup medium.

18. A system for securely storing original data, comprising:
- (a) a first portable storage device for storing the original data, said first portable storage device including a processor for encrypting the original data using a backup key, thereby providing encrypted backup data that are different than the original data;
  
  (b) a backup medium, separate from said first portable storage device, for storing said encrypted backup data; and
  
  (c) a backup key storage medium, separate from both said first portable storage device and said backup medium, and including an internet server that includes a memory area for storing both said backup key and a representation of an encryption password that is used to encrypt said backup key prior to said storing of said backup key in said memory area.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 19. The system of claim 18, wherein said first portable storage device includes a memory area for storing said backup key.
  - 20. The system of claim 19, wherein said memory area is a protected memory area.
  - 21. The system of claim 18, further comprising:
    - (d) at least one computer for writing said encrypted backup data to said backup medium and for reading said encrypted backup data from said backup medium.
  - 22. The system of claim 21, further comprising:
    - (e) a second portable storage device, wherein said encrypted backup data are stored by one of said at least one computer as recovered data after being read from said backup medium by said one computer and after being decrypted using said backup key.
  - 23. The system of claim 22, wherein said second portable storage device is identical to said first portable storage device.
  - 24. The system of claim 22, wherein said second portable storage device is different from said first portable storage device.
  - 25. The system of claim 22, wherein said second portable storage device is separate from said first portable storage device and from said backup medium.
  - 26. The system of claim 21, wherein said at least one computer is separate from said first portable storage device and from said backup medium.
  - 27. The system of claim 18, further comprising:
    - (d) a second portable storage device, wherein said encrypted backup data are stored as recovered data after being decrypted using said backup key.
  - 28. The system of claim 27, wherein said second portable storage device is identical to said first portable storage device.
  - 29. The system of claim 27, wherein said second portable storage device is different from said first portable storage device.
  - 30. The system of claim 27, wherein said second portable storage device includes a processor for decrypting said encrypted backup data.
  - 31. The system of claim 27, wherein said second portable storage device is separate from said first portable storage device and from said backup medium.
  - 32. The system of claim 18, wherein said representation of said encryption password is a hash of said encryption password.
  - 33. The system of claim 18, wherein said backup key storage medium includes a pocketable medium.
  - 34. The system of claim 18, wherein said backup key storage medium includes a trusted computer.

35. A method of securely storing original data, comprising the steps of:
- (a) storing the original data in a first portable storage device;
  
  (b) encrypting the original data using a backup key, thereby providing encrypted backup data that are different than the original data, said encrypting being effected by a processor of said first portable storage device; and
  
  (c) storing said encrypted backup data in a backup medium that is separate from said first portable storage device;
  
  (d) encrypting said backup key, thereby providing an encrypted backup key; and
  
  (e) storing said encrypted backup key in said backup medium.
- View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43)
- - 36. The method of claim 35, further comprising the steps of:
    - (d) generating said backup key; and
      
      (e) storing said backup key in said first portable storage device.
  - 37. The method of claim 36, wherein said backup key is generated by said first portable storage device.
  - 38. The method of claim 36, wherein said backup key is stored in a protected area of said first portable storage device.
  - 39. The method of claim 35, wherein said backup key is encrypted using said backup key.
  - 40. The method of claim 35, further comprising the steps of:
    - (d) retrieving said encrypted backup data from said backup medium;
      
      (e) decrypting said retrieved encrypted backup data, using said backup key, thereby providing recovered data; and
      
      (f) storing the recovered data in a target portable storage device selected from the group consisting of said first portable storage device and a second portable storage device.
  - 41. The method of claim 40, wherein said decrypting is effected by a processor of said target portable storage device.
  - 42. The method of claim 40, wherein said second portable storage device is separate from said first portable storage device and from said backup medium.
  - 43. The method of claim 35, wherein said storing of said encrypted backup data in said backup medium is effected via a data processing device that is separate from both said first portable storage device and said backup medium.

44. A method of secure backup and retrieval of original data stored in a first portable storage device, comprising the steps of:
- (a) encrypting the original data using a processor of the first portable storage device and a backup key, thereby providing encrypted backup data that are different than the original data;
  
  (b) storing said encrypted backup data in a backup medium separate from the first portable storage device;
  
  (c) protecting said backup key, by steps including;
  
  (i) encrypting said backup key, and(ii) storing said encrypted backup key in a backup key storage device that is independent of said backup medium,thereby providing a protected backup key;
  
  (d) retrieving said protected backup key;
  
  (e) retrieving said encrypted backup data from said backup medium;
  
  (f) decrypting said encrypted backup data, using said retrieved backup key, thereby providing recovered data; and
  
  (g) storing said recovered data in a target portable storage device selected from the group consisting of the first portable storage device and a second portable storage device.
- View Dependent Claims (45, 46, 47, 48, 49, 50)
- - 45. The method of claim 44, wherein said target portable storage device includes a processor, and wherein said decrypting is effected by said processor.
  - 46. The method of claim 44, further comprising the step of:
    - (h) storing in said backup medium a description of said protecting of said backup key.
  - 47. The method of claim 44, wherein said target portable storage device is the first portable storage device.
  - 48. The method of claim 44, wherein said target portable storage device is said second portable storage device.
  - 49. The method of claim 44, wherein said second portable storage device is separate from said first portable storage device and from said backup medium.
  - 50. The method of claim 44, wherein said storing of said encrypted backup data in said backup medium is effected via a data processing device that is separate from both said first portable storage device and said backup medium.

51. A method of securely storing original data, comprising the steps of:
- (a) storing the original data in a first portable storage device;
  
  (b) encrypting the original data using a processor of said first portable storage device and a backup key, thereby providing encrypted backup data that are different than the original data;
  
  (c) storing said encrypted backup data in a backup medium that is separate from said first portable storage device;
  
  (d) protecting said backup key, by steps including;
  
  (i) encrypting said backup key, and(ii) storing said encrypted backup key in a backup key storage device that is independent of said backup medium,thereby providing a protected backup key;
  
  (e) retrieving said protected backup key; and
  
  (f) decrypting said encrypted backup data, using said retrieved backup key, thereby providing recovered data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Jpmorgan Chase Bank NA As The Agent
Original Assignee
SanDisk IL Ltd. (Western Digital Corporation)
Inventors
Teicher, Mordechai, Segalov, Tal
Primary Examiner(s)
Moazzami; Nasser
Assistant Examiner(s)
Parthasarathy; Pramila

Application Number

US10/704,611
Publication Number

US 20040236958A1
Time in Patent Office

1,329 Days
Field of Search

713/193, 713/186, 713/183, 713/182, 365/49
US Class Current

713/193
CPC Class Codes

G06F 11/1456   Hardware arrangements for b...

G06F 11/1458   Management of the backup or...

G06F 11/1469   Backup restoration techniques

G06F 21/6218   to a system of files or obj...

G06F 2221/2153   Using hardware token as a s...

Method and system for maintaining backup of portable storage devices

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

51 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for maintaining backup of portable storage devices

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

51 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links