Data security for digital data storage

US 7,540,018 B2
Filed: 06/14/2006
Issued: 05/26/2009
Est. Priority Date: 03/27/2001
Status: Expired due to Term

First Claim

Patent Images

1. A computer network having one or more servers storing data files provided by one or more clients comprising:

means for receiving a request for data at a network server from a first client computer system by a requestor;

means for verifying whether an encryption key associated with the requestor is good and if verification fails, requesting user input from the requestor and generating an encryption key based at least in part on the user input and based at least in part on an identification code associated with the first client computer system;

means for checking a file attribute of the requested data using the network server to determine whether the requested data is encrypted with an encryption key;

means for automatically obtaining from the client computer system the encryption key corresponding to the requestor when the requested data is not encrypted;

when the requested data is encrypted, means for checking the file attribute of the requested data using the network server to determine the encryption key used to encrypt the requested data;

means for comparing the encryption key used to encrypt the requested data with the encryption key associated with the requestor to determine whether the requestor is the owner of the encryption key used to encrypt the data;

means for sending the encrypted data to the first client computer system when the data is encrypted and the requestor is the owner of the encryption key; and

if the requested data was encrypted with the requestor'"'"'s encryption key, means for automatically decrypting the requested data without user intervention.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computing system includes data encryption in the data path between a data source and data storage devices. The data storage devices may be local or they may be network resident. The data encryption may utilize a key which is derived at least in part from an identification code stored in a non-volatile memory. The key may also be derived at least in part from user input to the computer. In a LAN embodiment, public encryption keys may be automatically transferred to a network server for file encryption prior to file transfer to a client system.

76 Citations

View as Search Results

10 Claims

1. A computer network having one or more servers storing data files provided by one or more clients comprising:
- means for receiving a request for data at a network server from a first client computer system by a requestor;
  
  means for verifying whether an encryption key associated with the requestor is good and if verification fails, requesting user input from the requestor and generating an encryption key based at least in part on the user input and based at least in part on an identification code associated with the first client computer system;
  
  means for checking a file attribute of the requested data using the network server to determine whether the requested data is encrypted with an encryption key;
  
  means for automatically obtaining from the client computer system the encryption key corresponding to the requestor when the requested data is not encrypted;
  
  when the requested data is encrypted, means for checking the file attribute of the requested data using the network server to determine the encryption key used to encrypt the requested data;
  
  means for comparing the encryption key used to encrypt the requested data with the encryption key associated with the requestor to determine whether the requestor is the owner of the encryption key used to encrypt the data;
  
  means for sending the encrypted data to the first client computer system when the data is encrypted and the requestor is the owner of the encryption key; and
  
  if the requested data was encrypted with the requestor'"'"'s encryption key, means for automatically decrypting the requested data without user intervention.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The network of claim 1, further comprising:
    - when the requested data is not encrypted, means for encrypting the unencrypted data with the requestor'"'"'s encryption key automatically and without requestor intervention.
  - 3. The network of claim 1, wherein the means for decrypting the requested data comprises a private key that is derived at least in part from an identification code uniquely associated with the first client computer system.
  - 4. The network of claim 3, wherein the private key is derived at least in part from requestor input.
  - 5. The network of claim 4, wherein the private key is generated during a boot operation of the first client computer.

6. A computer network having one or more servers storing data files obtained from one or more clients, the computer network comprising:
- one or more computer processors configured to receive a request for data at a network server from a first client computer system by a requestor, wherein the one or more processors are configured to verify whether an encryption key associated with a requestor is good and if verification fails, to request user input from the requestor and generate an encryption key based at least in part on the user input and based at least in part on an identification code associated with the first client computer system;
  
  one or more computer processors configured to check a file attribute of the requested data using the network server to determine whether the requested data is encrypted with an encryption key;
  
  one or more computer processors configured to automatically obtain from the first client computer system an encryption key corresponding to the requestor when the requested data is not encrypted;
  
  when the requested data is encrypted, one or more computer processors configured to check the file attribute of the requested data using the network server to determine the encryption key used to encrypt the requested data;
  
  one or more computer processors configured to compare the encryption key used to encrypt the requested data with the encryption key associated with the requestor to determine whether the data was encrypted with the requestor'"'"'s encryption key;
  
  one or more computer processors configured to send the encrypted data to the first client computer system when the data is encrypted and the requestor is the owner of the encryption key; and
  
  if the requested data was encrypted with the encryption key associated with the requestor, automatically decrypting the requested data without user intervention.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The network of claim 6, further comprising:
    - when the requested data is not encrypted, one or more computer processors configured to encrypt the unencrypted data with the requestor'"'"'s encryption key automatically and without requestor intervention.
  - 8. The network of claim 6, wherein the private key is derived at least in part from an identification code uniquely associated with the first client computer system.
  - 9. The network of claim 8, wherein the private key is derived at least in part from requestor input.
  - 10. The network of claim 9, wherein the private key is generated during a boot operation of the first client computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Micron Technology, Inc.
Original Assignee
Micron Technology, Inc.
Inventors
Rollins, Doug L.
Primary Examiner(s)
NGUYEN, MINH DIEU T

Application Number

US11/452,594
Publication Number

US 20070005959A1
Time in Patent Office

1,077 Days
Field of Search

380/277, 713/165, 713/168, 713/193, 726 2- 3
US Class Current

726/3
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/606   by securing the transmissio...

H04L 63/0442   wherein the sending and rec...

H04L 63/062   for key distribution, e.g. ...

H04L 63/104   Grouping of entities

H04L 67/06   specially adapted for file ...

Data security for digital data storage

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

76 Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Data security for digital data storage

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

76 Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links