Method and system for protecting data, related communication network and computer program product
First Claim
Patent Images
1. A method for securely storing at least one user'"'"'s private information item, the method comprising the steps of:
- allotting to said user a respective subscriber identity module, said subscriber identity module storing at least one security algorithm;
producing at least one cipher key via said at least one security algorithm by;
generating one or more random values,receiving from the subscriber identity module one or more session keys determined based on at least the one or more generated random values, andproducing the at least one cipher key based on at least the one or more session keys;
storing the user'"'"'s private information item in a file encrypted via said at least one cipher key;
inserting into the file a cryptographic header comprising the one or more random values and a cryptographic control checksum for detecting unauthorized modifications to the file;
storing the encrypted file at a remote storing location accessible by the user via a communication network;
receiving a user'"'"'s request for said user'"'"'s private information item via said communication network;
authenticating said requesting user with said remote storing location by at least one interworking function comprising;
interfacing said subscriber identity module with said interworking function,checking if said subscriber identity module is included in a list of subscriber identity modules enabled within the framework of said communication network, andif said subscriber identity module is enabled, causing said interworking function to generate at least one access key, said at least one access key being used to access said at least one private item stored as an encrypted file in said remote storing location;
sending via said communication network said requested user'"'"'s private information item to said requesting user as said encrypted file; and
enabling decryption of said encrypted file at said requesting user by means of said at least one cipher key to retrieve said requested user'"'"'s private information item.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for securely storing at least one user'"'"'s private information item, such as a private key for cipher processing, includes the steps of providing a communication network wherein the user is allotted a respective subscriber identity module and the subscriber identity module stores at least one security algorithm; producing a cipher key via the at least one security algorithm; and providing a remote storing location accessible by the user via the communication network wherein the user'"'"'s private information items are stored as files encrypted via the cipher key.
-
Citations
14 Claims
-
1. A method for securely storing at least one user'"'"'s private information item, the method comprising the steps of:
-
allotting to said user a respective subscriber identity module, said subscriber identity module storing at least one security algorithm; producing at least one cipher key via said at least one security algorithm by; generating one or more random values, receiving from the subscriber identity module one or more session keys determined based on at least the one or more generated random values, and producing the at least one cipher key based on at least the one or more session keys; storing the user'"'"'s private information item in a file encrypted via said at least one cipher key; inserting into the file a cryptographic header comprising the one or more random values and a cryptographic control checksum for detecting unauthorized modifications to the file; storing the encrypted file at a remote storing location accessible by the user via a communication network; receiving a user'"'"'s request for said user'"'"'s private information item via said communication network; authenticating said requesting user with said remote storing location by at least one interworking function comprising; interfacing said subscriber identity module with said interworking function, checking if said subscriber identity module is included in a list of subscriber identity modules enabled within the framework of said communication network, and if said subscriber identity module is enabled, causing said interworking function to generate at least one access key, said at least one access key being used to access said at least one private item stored as an encrypted file in said remote storing location; sending via said communication network said requested user'"'"'s private information item to said requesting user as said encrypted file; and enabling decryption of said encrypted file at said requesting user by means of said at least one cipher key to retrieve said requested user'"'"'s private information item. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for securely storing at least one user'"'"'s private information item, the system comprising:
-
a subscriber identity module, said subscriber identity module storing at least one security algorithm; a user terminal comprising a processing module, said processing module being able to be connected with said subscriber identity module for producing a cipher key via said at least one security algorithm by; generating one or more random values, receiving from the subscriber identity module one or more session keys determined based on at least the one or more generated random values, and producing the cipher key based on at least the one or more session keys; encrypting a file via the cipher key, wherein the file stores the user'"'"'s private information item; and inserting into the file a cryptographic header comprising the one or more random values and a cryptographic control checksum for detecting unauthorized modifications to the encrypted file; a remote storing location accessible by said user via a communication network, said remote storing location configured for storing the file; and an interworkinq server for authenticating said user with said remote storing location when said user requests said file by; interfacing said subscriber identity module with said interworking server, checking if said subscriber identity module is included in a list of subscriber identity modules enabled within the framework of said communication network, and if said subscriber identity module is enabled, causing said interworking server to generate at least one access key, said at least one access key being used to access said private information item stored as an encrypted file in said remote storing location. - View Dependent Claims (10, 11)
-
-
12. A communication network comprising a system for securely storing at least one user'"'"'s private information item, the system comprising:
-
a subscriber identity module, said subscriber identity module storing at least one security algorithm; a user terminal comprising a processing module, said processing module being able to be connected with said subscriber identity module for producing a cipher key via said at least one security algorithm by; generating one or more random values, receiving from the subscriber identity module one or more session keys determined based on at least the one or more generated random values, and producing the cipher key based on at least the one or more session keys; encrypting a file via the cipher key, wherein the file stores the user'"'"'s private information item; and inserting into the file a cryptographic header comprising the one or more random values and a cryptographic control checksum for detecting unauthorized modifications to the encrypted file; a remote storing location accessible by said user via the communication network, said remote storing location configured for storing the file; and an interworking server for authenticating said user with said remote storing location when said user requests said file by; interfacing said subscriber identity module with said interworking server, checking if said subscriber identity module is included in a list of subscriber identity modules enabled within the framework of said communication network, and if said subscriber identity module is enabled, causing said interworking server to generate at least one access key, said at least one access key being used to access said user'"'"'s private information item stored as an encrypted file in said remote storing location.
-
-
13. A non-transitory computer readable medium storing instructions for execution on at least one computer, the instructions including software code portions capable of performing a method for securely storing at least one user'"'"'s private information item, the method comprising:
-
producing at least one cipher key via at least one security algorithm by; generating one or more random values, receiving one or more session keys determined based on at least the one or more generated random values, and producing the at least one cipher key based on at least the one or more session keys; inserting into the file a cryptographic header comprising the one or more random values and a cryptographic control checksum for detecting unauthorized modifications to the file; storing the user'"'"'s private information item in a file encrypted using the at least one cipher key; receiving a user'"'"'s request for said user'"'"'s private information item via said communication network; authenticating said requesting user with said remote storing location by at least one interworking function comprising; interfacing said subscriber identity module with said interworkinq function, checking if said subscriber identity module is included in a list of subscriber identity modules enabled within the framework of said communication network, and if said subscriber identity module is enabled, causing said interworking function to generate at least one access key, said at least one access key being used to access said at least one private item stored as an encrypted file in said remote storing location; sending via said communication network said requested user'"'"'s private information item to said requesting user as said encrypted file; and enabling decryption of said encrypted file at said requesting user by means of said at least one cipher key to retrieve said requested user'"'"'s private information item.
-
-
14. A method for securely storing at least one user'"'"'s private information item, the method comprising:
-
producing at least one cipher key via at least one security algorithm; generating one or more random values, receiving from the subscriber identity module one or more session keys determined based on at least the one or more generated random values, and producing the at least one cipher key based on at least the one or more session keys; and storing the user'"'"'s private information item in a file encrypted using the at least one cipher key; inserting into the file a cryptographic header comprising the one or more random values and a cryptographic control checksum for detecting unauthorized modifications to the file; receiving a user'"'"'s request for said user'"'"'s private information item via said communication network; authenticating said requesting user with said remote storing location by at least one interworking function comprising; interfacing said subscriber identity module with said interworking function, checking if said subscriber identity module is included in a list of subscriber identity modules enabled within the framework of said communication network, and if said subscriber identity module is enabled, causing said interworking function to generate at least one access key, said at least one access key being used to access said at least one private item stored as an encrypted file in said remote storing location; sending via said communication network said requested user'"'"'s private information item to said requesting user as said encrypted file; and enabling decryption of said encrypted file at said requesting user by means of said at least one cipher key to retrieve said requested user'"'"'s private information item.
-
Specification