Data security for digital data storage
First Claim
Patent Images
1. A computer network having one or more servers storing data files provided by one or more clients comprising:
- means for receiving a request for data at a network server from a first client computer system by a requestor;
means for verifying whether an encryption key associated with the requestor is good and if verification fails, requesting user input from the requestor and generating an encryption key based at least in part on the user input and based at least in part on an identification code associated with the first client computer system;
means for checking a file attribute of the requested data using the network server to determine whether the requested data is encrypted with an encryption key;
means for automatically obtaining from the client computer system the encryption key corresponding to the requestor when the requested data is not encrypted;
when the requested data is encrypted, means for checking the file attribute of the requested data using the network server to determine the encryption key used to encrypt the requested data;
means for comparing the encryption key used to encrypt the requested data with the encryption key associated with the requestor to determine whether the requestor is the owner of the encryption key used to encrypt the data;
means for sending the encrypted data to the first client computer system when the data is encrypted and the requestor is the owner of the encryption key; and
if the requested data was encrypted with the requestor'"'"'s encryption key, means for automatically decrypting the requested data without user intervention.
11 Assignments
0 Petitions
Accused Products
Abstract
A computing system includes data encryption in the data path between a data source and data storage devices. The data storage devices may be local or they may be network resident. The data encryption may utilize a key which is derived at least in part from an identification code stored in a non-volatile memory. The key may also be derived at least in part from user input to the computer. In a LAN embodiment, public encryption keys may be automatically transferred to a network server for file encryption prior to file transfer to a client system.
76 Citations
10 Claims
-
1. A computer network having one or more servers storing data files provided by one or more clients comprising:
-
means for receiving a request for data at a network server from a first client computer system by a requestor; means for verifying whether an encryption key associated with the requestor is good and if verification fails, requesting user input from the requestor and generating an encryption key based at least in part on the user input and based at least in part on an identification code associated with the first client computer system; means for checking a file attribute of the requested data using the network server to determine whether the requested data is encrypted with an encryption key; means for automatically obtaining from the client computer system the encryption key corresponding to the requestor when the requested data is not encrypted; when the requested data is encrypted, means for checking the file attribute of the requested data using the network server to determine the encryption key used to encrypt the requested data; means for comparing the encryption key used to encrypt the requested data with the encryption key associated with the requestor to determine whether the requestor is the owner of the encryption key used to encrypt the data; means for sending the encrypted data to the first client computer system when the data is encrypted and the requestor is the owner of the encryption key; and if the requested data was encrypted with the requestor'"'"'s encryption key, means for automatically decrypting the requested data without user intervention. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer network having one or more servers storing data files obtained from one or more clients, the computer network comprising:
-
one or more computer processors configured to receive a request for data at a network server from a first client computer system by a requestor, wherein the one or more processors are configured to verify whether an encryption key associated with a requestor is good and if verification fails, to request user input from the requestor and generate an encryption key based at least in part on the user input and based at least in part on an identification code associated with the first client computer system; one or more computer processors configured to check a file attribute of the requested data using the network server to determine whether the requested data is encrypted with an encryption key; one or more computer processors configured to automatically obtain from the first client computer system an encryption key corresponding to the requestor when the requested data is not encrypted; when the requested data is encrypted, one or more computer processors configured to check the file attribute of the requested data using the network server to determine the encryption key used to encrypt the requested data; one or more computer processors configured to compare the encryption key used to encrypt the requested data with the encryption key associated with the requestor to determine whether the data was encrypted with the requestor'"'"'s encryption key; one or more computer processors configured to send the encrypted data to the first client computer system when the data is encrypted and the requestor is the owner of the encryption key; and if the requested data was encrypted with the encryption key associated with the requestor, automatically decrypting the requested data without user intervention. - View Dependent Claims (7, 8, 9, 10)
-
Specification