Enterprise device recovery
First Claim
1. A method for an administrator of an enterprise to recover a user secure storage device in conjunction with a third-party service without the administrator knowing a user secure storage device password, the method comprising:
- communicatively coupling an administrator secure storage device with a host computer;
communicatively coupling the user secure storage device with the host computer;
authenticating the administrator secure storage device to the third-party service;
causing one or more decryptions on an encrypted portion of data stored in a recovery box on the user secure storage device, the one or more decryptions performed with an enterprise private key generated by the third-party service, with a shared administrator private key generated by the administrator secure storage device, and with a user key generated by the user secure storage device to produce information associated with the user secure storage device password; and
logging the administrator into the user secure storage device using the information associated with user secure storage device password without the administrator knowing the user secure storage device password.
9 Assignments
0 Petitions
Accused Products
Abstract
An administrator of an enterprise can recover a user secure storage device in conjunction with a third-party service without the administrator knowing a user secure storage device password. The administrator secure storage device is communicatively coupled with a host computer. A user secure storage device is communicatively coupled with a host computer. The administrator secure storage device is authenticated to the third-party service. One or more decryptions are performed on an encrypted portion of data with an enterprise private key and a shared administrator private key to produce information associated with the user secure storage device password. The administrator is logged into the user secure storage device using the information associated with the user secure storage device password without the administrator knowing the user secure storage device password.
122 Citations
28 Claims
-
1. A method for an administrator of an enterprise to recover a user secure storage device in conjunction with a third-party service without the administrator knowing a user secure storage device password, the method comprising:
-
communicatively coupling an administrator secure storage device with a host computer; communicatively coupling the user secure storage device with the host computer; authenticating the administrator secure storage device to the third-party service; causing one or more decryptions on an encrypted portion of data stored in a recovery box on the user secure storage device, the one or more decryptions performed with an enterprise private key generated by the third-party service, with a shared administrator private key generated by the administrator secure storage device, and with a user key generated by the user secure storage device to produce information associated with the user secure storage device password; and logging the administrator into the user secure storage device using the information associated with user secure storage device password without the administrator knowing the user secure storage device password. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for facilitating an administrator of an enterprise to recover a user secure storage device in conjunction with a third-party service without the administrator knowing a user secure storage device password, the system comprising:
-
an administrator secure storage device communicatively coupled with a host computer; the user secure storage device communicatively coupled with a host computer; and an administrator recovery module located on the administrator secure storage device, the administrator recovery module configured to recover a user secure storage device in conjunction with a third-party service without the administrator knowing a user secure storage device password, the administrator recovery module causing one or more decryptions on an encrypted portion of data with an enterprise private key generated by the third-party service, with a shared administrator private key generated by the administrator secure storage device, and with a user key generated by the user secure storage device. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A non-transitory computer readable storage medium having a program embodied thereon, the program executable by a processor to perform a method for an administrator of an enterprise to recover a user secure storage device in conjunction with a third-party service without the administrator knowing a user secure storage device password, the method comprising:
-
receiving a shared administrator keypair generated by an administrator secure storage device and comprising an administrator public key and an administrator private key; receiving an enterprise keypair generated by the third-party service and comprising an enterprise public key and an enterprise private key; receiving a user key generated by the user secure storage device; producing first encrypted data by encrypting data associated with the user secure storage device password using the generated user key; producing second encrypted data by encrypting the first encrypted data with the administrator public key and the enterprise public key; performing one or more decryptions on the second encrypted data with the enterprise private key, the administrator private key, and the user key to produce information associated with the user secure storage device password; and logging the administrator into the user secure storage device using the information associated with the user secure storage device password without the administrator knowing the user secure storage device password.
-
Specification