Method and system for secure data collection and distribution

US 8,526,620 B2
Filed: 11/30/2010
Issued: 09/03/2013
Est. Priority Date: 09/13/2006
Status: Active Grant

First Claim

Patent Images

1. A method for secure recording of screen data, the method comprising the steps of:

generating, at a logger, a data encryption key for each initialization of a screen agent on a terminal, wherein the logger is separate from the terminal and associated with the screen agent on the terminal and receives screen data captured by the screen agent, wherein the data encryption key is used to encrypt according to a predefined granularity the screen data captured as a result of the initialization of the screen agent on the terminal;

using the encryption key to encrypt the screen data to produce encrypted screen data;

associating an identifier with the encryption key and the encrypted screen data;

sending the identifier and the encrypted screen data to an archive; and

sending the identifier and the data encryption key to a crypto information server.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data provider generates a data encryption key and an identifier, uses the data encryption key to encrypt data, sends the encrypted data and the identifier to a data requestor, and sends the data encryption key and the identifier to a crypto information server. The data requestor sends the identifier to the crypto information server to request the encryption key. The crypto information server authenticates the data requestor and, contingent on that authentication, sends the data encryption key to the data requestor. If a plurality of data instances are captured, then for each instance, a respective data encryption key and identifier are generated.

10 Citations

23 Claims

1. A method for secure recording of screen data, the method comprising the steps of:
- generating, at a logger, a data encryption key for each initialization of a screen agent on a terminal, wherein the logger is separate from the terminal and associated with the screen agent on the terminal and receives screen data captured by the screen agent, wherein the data encryption key is used to encrypt according to a predefined granularity the screen data captured as a result of the initialization of the screen agent on the terminal;
  
  using the encryption key to encrypt the screen data to produce encrypted screen data;
  
  associating an identifier with the encryption key and the encrypted screen data;
  
  sending the identifier and the encrypted screen data to an archive; and
  
  sending the identifier and the data encryption key to a crypto information server.
- View Dependent Claims (2, 3, 4, 5, 20)
- - 2. The method of claim 1, comprising:
    - receiving from the archive the encrypted screen data and the identifier;
      
      sending the identifier to the crypto information server;
      
      receiving from the crypto information server the data encryption key; and
      
      decrypting and displaying the screen data.
  - 3. The method of claim 1, comprising, at the crypto information server, authenticating a terminal sending the identifier to the crypto information server.
  - 4. The method of claim 1, comprising receiving the data encryption key in encrypted form.
  - 5. The method of claim 1, comprising:
    - generating a message authentication code (MAC) key;
      
      using the MAC key to produce a MAC related to the screen data;
      
      attaching the MAC to the screen data prior to encrypting the screen data; and
      
      sending the MAC key to the crypto information server.
  - 20. The method of claim 1, wherein the granularity is predefined for generating a data encryption key for screen data captured periodically.

6. A method for secure recording of audio data, the method comprising the steps of:
- generating a data encryption key for each audio recording channel of a logger, wherein the data encryption key is used to encrypt audio data according to a predefined granularity for the audio recording channel of the logger;
  
  using the encryption key to encrypt the audio data to produce encrypted audio data;
  
  associating an identifier with the encryption key and the encrypted audio data;
  
  sending the identifier and the encrypted audio data to an archive; and
  
  sending the identifier and the data encryption key to a crypto information server.
- View Dependent Claims (7, 8, 9, 10, 21, 22)
- - 7. The method of claim 6, comprising:
    - receiving from the archive the encrypted audio data and the identifier;
      
      sending the identifier to the crypto information server;
      
      receiving from the crypto information server the data encryption key; and
      
      decrypting and audibly presenting the audio data.
  - 8. The method of claim 6, comprising, at the crypto information server, authenticating a terminal sending the identifier to the crypto information server.
  - 9. The method of claim 6, comprising receiving the data encryption key in encrypted form.
  - 10. The method of claim 6, comprising:
    - generating a message authentication code (MAC) key;
      
      using the MAC key to produce a MAC related to the audio data;
      
      attaching the MAC to the audio data prior to encrypting the audio data; and
      
      sending the MAC key to the crypto information server.
  - 21. The method of claim 6, wherein the granularity is predefined for generating a data encryption key for audio data recorded per telephone conversation.
  - 22. The method of claim 6, wherein the granularity is predefined for generating a data encryption key for audio data recorded periodically.

11. A system for secure recording of screen data, the system comprising:
- an archive;
  
  a crypto information server;
  
  a data terminal; and
  
  a logger to;
  
  generate a data encryption key for encrypting the screen data captured as a result of each initialization of a screen agent on a terminal, wherein the logger is separate from the terminal and associated with the screen agent on the terminal and receives screen data captured by the screen agent and wherein the data encryption key is used to encrypt according to a predefined granularity the screen data captured as a result of the initialization of the screen agent on the terminal;
  
  use the encryption key to encrypt the screen data to produce encrypted screen data;
  
  associate an identifier with the encryption key and the encrypted screen data;
  
  send the identifier and the encrypted screen data to the archive; and
  
  send the identifier and the data encryption key to the crypto information server.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The system of claim 11, wherein the data terminal is to:
    - receive from the archive the encrypted screen data and the identifier;
      
      send the identifier to the crypto information server;
      
      receive from the crypto information server the data encryption key; and
      
      decrypt and display the screen data.
  - 13. The system of claim 11, wherein the crypto information server is to authenticate the terminal after the terminal sends the data encryption key to the crypto information server.
  - 14. The system of claim 11, wherein the terminal is to receive the data encryption key in encrypted form.
  - 15. The system of claim 11, wherein the logger is to:
    - generate a message authentication code key;
      
      generate a message authentication code, using the respective message authentication code key; and
      
      attach the message authentication code to the screen data prior to encrypting the screen data;
      
      and wherein the system comprises;
      
      a crypto information server, operative;
      
      to authenticate the terminal; and
      
      contingent on the authentication, to send the respective data encryption key and the respective message authentication code key to the terminal.

16. A system for secure recording audio data, the system comprising:
- an archive;
  
  a crypto information server;
  
  a data terminal; and
  
  a logger to;
  
  generate a data encryption key for each audio recording channel of a logger, wherein the data encryption key is used to encrypt audio data according to a predefined granularity for the audio recording channel of the logger;
  
  use the encryption key to encrypt the audio data to produce encrypted audio data;
  
  associate an identifier with the encryption key and the encrypted audio data;
  
  send the identifier and the encrypted audio data to the archive; and
  
  send the identifier and the data encryption key to the crypto information server.
- View Dependent Claims (17, 18, 19)
- - 17. The system of claim 16, wherein the data terminal is to:
    - receive from the archive the encrypted audio data and the identifier;
      
      send the identifier to the crypto information server;
      
      receive from the crypto information server the data encryption key; and
      
      decrypt and audibly present the audio data.
  - 18. The system of claim 16, wherein the crypto information server is to authenticate the terminal after the terminal sends the identifier to the crypto information server.
  - 19. The system of claim 16, wherein the terminal is to receive the data encryption key in encrypted form.

23. A method for secure recording of screen data, the method comprising the steps of:
- generating a separate data encryption key for each initialization of a screen agent on each of a plurality of terminals, wherein the data encryption key is used to encrypt according to a predefined granularity the screen data captured as a result of the initialization of the screen agent on the terminal;
  
  using the encryption key to encrypt the screen data to produce encrypted screen data;
  
  associating an identifier with the encryption key and the encrypted screen data;
  
  sending the identifier and the encrypted screen data to an archive; and
  
  sending the identifier and the data encryption key to a crypto information server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nice Ltd
Original Assignee
Nice Systems Limited (Nice Ltd)
Inventors
Ben-Ami, Hadas, Portman, Leon, Hoffman, Dvir, Fisher, Oren
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
Durham, Imhotep

Application Number

US12/956,065
Publication Number

US 20110126012A1
Time in Patent Office

1,008 Days
Field of Search

None
US Class Current

380/277
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 63/0428   wherein the data content is...

H04L 63/062   for key distribution, e.g. ...

H04L 63/123   received data contents, e.g...

H04L 9/0822   using key encryption key

H04L 9/0894   Escrow, recovery or storing...

H04L 9/3242   involving keyed hash functi...

Method and system for secure data collection and distribution

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

10 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for secure data collection and distribution

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links