Method and apparatus to provide secure mobile file system
First Claim
1. A method comprising:
- in response to a file creator creating a file, obtaining a seed value;
encrypting the seed value using a private cryptographic key associated with the file creator to form an encrypted seed value;
storing as part of the file a public cryptographic key associated with the file creator, the seed value and the encrypted seed value;
computing a file integrity value using the encrypted seed value and file data; and
storing as part of the file the computed file integrity value.
2 Assignments
0 Petitions
Accused Products
Abstract
In an exemplary embodiment of this invention there is disclosed a mobile wireless terminal (50) that includes a transceiver (52) for coupling the mobile wireless terminal to a wireless network operator (60), a controller (54) and a memory (56). The memory may be assumed to store a file system program (56A) executable by the controller, and to be operable to store a file having a file data portion (14) for containing file data and a data structure, such as a file header (10), having fields for containing values. A plurality of the fields contain a value of a public cryptographic key (24) associated with a file creator, a seed value (26), an encrypted seed value (28) obtained by encrypting the seed value with a private cryptographic key of the file creator, and a file integrity value (30) obtained using the encrypted seed value and the file data. By the use of the preferred embodiments a file can be traced-back though a plurality of file handlers to a creator of the file.
-
Citations
36 Claims
-
1. A method comprising:
-
in response to a file creator creating a file, obtaining a seed value; encrypting the seed value using a private cryptographic key associated with the file creator to form an encrypted seed value; storing as part of the file a public cryptographic key associated with the file creator, the seed value and the encrypted seed value; computing a file integrity value using the encrypted seed value and file data; and storing as part of the file the computed file integrity value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system comprising a file creator configured to create a file, the file creator comprising a unit to obtain a seed value and encrypt the seed value using a private cryptographic key associated with the file creator to form an encrypted seed value;
the file creator unit further configured; to store as part of the file a public cryptographic key associated with the file creator, the seed value and the encrypted seed value, to compute a file integrity value using the encrypted seed value and file data and to store as part of the file the computed file integrity value. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- 21. A file having a representation that is storable in a digital data storage medium, the file comprising a file data portion for storing file data and a data structure comprising fields for storing values, at least one of said fields storing a name of the file, and a plurality of others of said fields storing a value of a public cryptographic key associated with a file creator, a seed value, an encrypted seed value obtained by encrypting the seed value with a private cryptographic key of the file creator, and a file integrity value obtained using the encrypted seed value and the file data.
- 25. A digital data storage medium that stores a file comprised of a file data portion for containing file data and a data structure comprising fields for containing values, a plurality of said fields containing a value of a public cryptographic key associated with a file creator, a seed value, an encrypted seed value obtained by encrypting the seed value with a private cryptographic key of the file creator, and a file integrity value obtained using the encrypted seed value and the file data.
-
31. An apparatus comprising:
-
a controller; and a memory, said memory configured to store a file system program executable by said controller and to store a file comprising a file data portion for containing file data and a data structure comprising a plurality of fields for containing values, where the plurality of fields comprise; a value of a public cryptographic key associated with a creator of the file, a seed value, an encrypted seed value obtained by encrypting the seed value with a private cryptographic key of the creator of the file, and a file integrity value obtained using the encrypted seed value and the file data. - View Dependent Claims (32, 33, 34, 35, 36)
-
Specification