Secure information storage and delivery system and method

US 8,117,648 B2
Filed: 02/08/2008
Issued: 02/14/2012
Est. Priority Date: 02/08/2008
Status: Active Grant

First Claim

Patent Images

1. A secure information storage and delivery method comprising:

creating a secure vault associated with a user in a vault repository, the secure vault being adapted to securely store data;

receiving a service level associated with the secure vault, the service level comprising at least one of a data type or a data size limit associated with the secure vault;

receiving at least one data entry;

storing the at least one data entry in the secure vault if the at least one of a size or a type of the at least one data entry is consistent with the service level;

creating a mobile vault on a mobile device based on the secure vault;

receiving user authentication information from the mobile device for authentication;

synchronizing the mobile vault with the secure vault, comprising, for each of the at least one data entry;

determining whether the at least one data entry on the secure vault is transferable to or storable on the mobile vault based on at least one of the size or the type of the at least one data entry; and

transferring the at least one data entry from the secure vault to a corresponding data entry on the mobile vault if the at least one data entry on the secure vault is determined to be transferable to or storable on the mobile vault;

uploading a soft token on the mobile device, the soft token being adapted to generate, a first one-time password;

receiving the first one-time password generated by the soft token from the mobile device;

generating a second one-time password; and

authenticating the mobile device to access the secure vault based on the first and the second one-time passwords.

View all claims

24 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for secure information storage and delivery includes a vault repository that includes a secure vault associated with a user, wherein the secure vault is associated with a service level including at least one of a data type or a data size limit associated with the secure vault, the secure vault being adapted to receive and at least one data entry and securely store the at least one data entry if the at least one of a size or a type of the at least one data entry is consistent with the service level. A mobile vault server coupled to the vault repository creates a mobile vault on a mobile device based on the secure vault and is capable of authenticating the mobile device based on user authentication information. The mobile vault server includes a mobile device handler that communicates with the mobile device. A synchronization utility determines whether the at least one data entry on the secure vault is transferable to or storable on the mobile vault based on at least one of the size or the type of the at least one data entry and transfers the at least one data entry from the secure vault to a corresponding data entry on the mobile vault if the at least one data entry on the secure vault is determined to be transferable to or storable on the mobile vault.

70 Citations

View as Search Results

19 Claims

1. A secure information storage and delivery method comprising:
- creating a secure vault associated with a user in a vault repository, the secure vault being adapted to securely store data;
  
  receiving a service level associated with the secure vault, the service level comprising at least one of a data type or a data size limit associated with the secure vault;
  
  receiving at least one data entry;
  
  storing the at least one data entry in the secure vault if the at least one of a size or a type of the at least one data entry is consistent with the service level;
  
  creating a mobile vault on a mobile device based on the secure vault;
  
  receiving user authentication information from the mobile device for authentication;
  
  synchronizing the mobile vault with the secure vault, comprising, for each of the at least one data entry;
  
  determining whether the at least one data entry on the secure vault is transferable to or storable on the mobile vault based on at least one of the size or the type of the at least one data entry; and
  
  transferring the at least one data entry from the secure vault to a corresponding data entry on the mobile vault if the at least one data entry on the secure vault is determined to be transferable to or storable on the mobile vault;
  
  uploading a soft token on the mobile device, the soft token being adapted to generate, a first one-time password;
  
  receiving the first one-time password generated by the soft token from the mobile device;
  
  generating a second one-time password; and
  
  authenticating the mobile device to access the secure vault based on the first and the second one-time passwords.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The secure information storage and delivery method of claim 1, further comprising:
    - receiving an access ID and a password associated with the user from the mobile device; and
      
      authenticating the user based on the access ID and password.
  - 3. The secure information storage and delivery method of claim 1, further comprising determining a direction of synchronization based on the time of last update to the mobile vault and the secure vault.
  - 4. The secure information storage and delivery method of claim 1, wherein the at least one data entry on the secure vault is not transferable to the mobile vault or is not storable on the mobile vault, further comprising:
    - preventing the at least one data entry from being transferred to the mobile vault.
  - 5. The secure information storage and delivery method of claim 4, further comprising:
    - creating a snapshot corresponding to the at least one data entry, the snapshot comprising at least one of a portion, a compression, or a truncated version of the at least one data entry; and
      
      transferring the snapshot to the mobile device.
  - 6. The secure information storage and delivery method of claim 1, wherein the at least one data entry on the secure vault is too large for at least one of transmission to or storage on the mobile vault, further comprising:
    - receiving a destination address for the at least one data entry to be sent from the user; and
      
      transferring the at least one data entry to the destination address.
  - 7. The secure information storage and delivery method of claim 1, further comprising:
    - creating a web vault on a user computing device, the web vault being capable of synchronization with the secure vault;
      
      uploading a soft token on the user computing device, the soft token being adapted to generate a first one-time password for access to the secure vault; and
      
      receiving the first one-time password generated by the soft token from the user computing device;
      
      generating a second one-time password; and
      
      authenticating the user computing device to access the secure vault based on the first and the second one-time passwords.
  - 8. The secure information storage and delivery method of claim 1, further comprising:
    - receiving a request for data, a delivery method, and a destination address from the mobile device;
      
      identifying data corresponding to the request in the secure vault;
      
      formatting the data according to the delivery method; and
      
      forwarding the data to the destination address.
  - 9. The secure information storage and delivery method of claim 8, wherein the delivery method comprises at least one fax, email, or SMS text.
  - 10. The secure information storage and delivery method of claim 1, wherein the soft token is configured to generate the first one-time password upon user request and the mobile device is configured to display the generated first one-time password, further comprising:
    - receiving the first one-time password generated by the soft token of the mobile device from a computing device, wherein the computing device does not include a web vault;
      
      generating a second one-time password; and
      
      authenticating the user on the computing device based on the first and the second one- time passwords.
  - 11. The secure information storage and delivery method of claim 1, wherein the soft token is configured to generate the first one-time password using at least one of a mathematical algorithm based on a previous one-time password, a time-synchronization between with a one-time password server and the soft token, or a mathematical algorithm based on a challenge and a counter.

12. A secure information storage and delivery system comprising:
- a vault repository including a storage in which a database is stored, the database having stored therein a secure vault associated with a user, wherein the secure vault is associated with a service level comprising at least one of a data type or a data size limit associated with the secure vault, the secure vault being adapted to receive and at least one data entry and securely store the at least one data entry if the at least one of a size or a type of the at least one data entry is consistent with the service level; and
  
  a mobile vault server including an internal memory storing application code that, when executed, manages and processes requests, the mobile vault server configured to be coupled to the vault repository, the mobile vault server configured to create a mobile vault on a mobile device based on the secure vault and configured to authenticate the mobile device based on user authentication information, the mobile vault server comprising;
  
  a mobile device handler configured to communicate with the mobile device; and
  
  a synchronization utility that determines whether the at least one data entry on the secure vault is transferable to or storable on the mobile vault based on at least one of the size or the type of the at least one data entry and transfers the at least one data entry from the secure vault to a corresponding data entry on the mobile vault if the at least one data entry on the secure vault is determined to be transferable to or storable on the mobile vault,wherein the mobile vault server is configured to upload a soft token on the mobile device, the soft token being adapted to generate a first one-time password, wherein the soft token generates a first one-time password, the vault repository generates a second one-time password, and the vault repository authenticates the user mobile device to access the secure vault based on the first and the second one-time passwords.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The secure information storage and delivery system of claim 12, wherein the mobile vault server is configured to create a web vault on a user computing device, the web vault being capable of synchronization with the secure vault, wherein the mobile vault server uploads the soft token on the user computing device, the soft token being adapted to generate the first one-time password for access to the secure vault, wherein the soft token generates the first one-time password, and the vault repository authenticates the user computing device to access the secure vault based on the first and the second one-time passwords.
  - 14. The secure information storage and delivery system of claim 13, wherein the soft token is configured to generate the first one-time password for display on the mobile device upon a user request for the third one-time password, wherein the mobile vault server is configured to receive the first one-time password from the user on a computing device not including a web vault and authenticate and the vault repository is configured to generate a second one-time password and authenticate the user using the first and the second one-time passwords.
  - 15. The secure information storage and delivery system of claim 12, wherein the mobile vault server is configured to:
    - receive a request for data, a delivery method, and a destination address from the mobile device;
      
      identify data corresponding to the request in the secure vault;
      
      format the data according to the delivery method; and
      
      forward the data to the destination address.
  - 16. The secure information storage and delivery system of claim 12, further comprising a service management server coupled to the vault server, the service management server being adapted to provide a service to the mobile device.
  - 17. The secure information storage and delivery system of claim 16, wherein the service management server is coupled to at least one of a banking services provider, a legal advice provider, a financial advice provider, a traveling advisory provider, an identity theft solutions provider, or a credit monitoring provider.
  - 18. The secure information storage and delivery system of claim 12, further comprising a virtual private network adapted to connect the mobile vault server to the vault repository via a private application programming interface.
  - 19. The secure information storage and delivery system of claim 12, wherein said at least one data entry comprises at least one of a password, access point, card, loyalty, text file, photograph, or large document.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Aura Sub, LLC
Original Assignee
Intersections Incorporated (Aura Sub, LLC)
Inventors
Slaton, Jonathan, Johnson, Ryan B., Tran, Toan, Reed, David, Ravindran, Abhilash, Tsantes, George K.
Primary Examiner(s)
Moazzami, Nasser
Assistant Examiner(s)
ABEDIN, SHANTO

Application Number

US12/068,636
Publication Number

US 20090205036A1
Time in Patent Office

1,467 Days
Field of Search

726/5, 726/6, 726/9, 726/28, 726/29, 707/607, 707/609, 707/610, 707/781, 713/182, 713/184, 713/185, 709/208, 709/219, 709/248
US Class Current

726/6
CPC Class Codes

G06Q 20/36   using electronic wallets or...

G06Q 40/03   Credit; Loans; Processing t...

H04L 2463/082   applying multi-factor authe...

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

H04L 63/083   using passwords cryptograph...

H04L 63/0838   using one-time-passwords

H04W 12/06   Authentication

H04W 12/068   using credential vaults, e....

H04W 12/08   Access security

Secure information storage and delivery system and method

First Claim

24 Assignments

0 Petitions

Accused Products

Abstract

70 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Secure information storage and delivery system and method

First Claim

24 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

70 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links