Data security method and system
First Claim
Patent Images
1. A method of verifying integrity of a digital file comprising:
- labeling, in a first network, the digital file prior to exposure to a foreign environment, the first network having a first security classification level, wherein labeling comprises;
creating a header label comprising an identification of the first security classification level;
appending the header label to the digital file;
hashing the digital file, together with the appended header label, to obtain a first hash value;
signing the first hash value to create a digital signature;
creating a signature label comprising one or both of the first hash value and the digital signature; and
appending the signature label to the digital file; and
validating, in a second network, the digital file subsequent to exposure to the foreign environment, the second network having a second security classification level that is different from the first security classification level, wherein validating comprises;
hashing the digital file to obtain a second hash value;
retrieving the first hash value from the signature label;
comparing the first hash value and second hash value; and
removing the signature label from the digital file.
11 Assignments
0 Petitions
Accused Products
Abstract
A method of verifying integrity of a digital file includes receiving the digital file subsequent to exposure to a foreign environment and validating the digital file. The received digital file has an appended signature label that includes one or both of a first hash value and a digital signature. Validating the digital file includes hashing the digital file to obtain a second hash value, retrieving the first hash value from the signature label, and comparing the first hash value and second hash value.
-
Citations
18 Claims
-
1. A method of verifying integrity of a digital file comprising:
-
labeling, in a first network, the digital file prior to exposure to a foreign environment, the first network having a first security classification level, wherein labeling comprises; creating a header label comprising an identification of the first security classification level; appending the header label to the digital file; hashing the digital file, together with the appended header label, to obtain a first hash value; signing the first hash value to create a digital signature; creating a signature label comprising one or both of the first hash value and the digital signature; and appending the signature label to the digital file; and validating, in a second network, the digital file subsequent to exposure to the foreign environment, the second network having a second security classification level that is different from the first security classification level, wherein validating comprises; hashing the digital file to obtain a second hash value; retrieving the first hash value from the signature label; comparing the first hash value and second hash value; and removing the signature label from the digital file. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method of verifying integrity of a digital file comprising:
labeling the digital file prior to exposure to a foreign environment, wherein labeling comprises; creating a header label comprising an identification of a security classification level of a network; appending the header label to the digital file; hashing the digital file, together with the appended header label, to obtain a first hash value; signing the first hash value to create a digital signature; creating a signature label comprising one or both of the first hash value and the digital signature; and appending the signature label to the digital file. - View Dependent Claims (7, 8, 9, 10)
-
11. A method of verifying integrity of a digital file comprising:
-
receiving, in a first network, the digital file subsequent to exposure to a foreign environment, the first network having a first security classification level, the digital file comprising; an appended header label comprising an identification of a second security classification level of a second network, the second security classification level being different from the first security classification level; and an appended signature label comprising one or both of a first hash value and a digital signature; and validating the digital file, wherein validating comprises; hashing the digital file, together with the appended header label, to obtain a second hash value; retrieving the first hash value from the signature label; and comparing the first hash value and second hash value. - View Dependent Claims (12, 13, 14)
-
-
15. Logic encoded in non-transitory computer-readable media operable, when executed on a processor, to:
-
label, in a first network, a digital file prior to exposure to a foreign environment, the first network having a first security classification level, wherein label comprises; creating a header label comprising an identification of the first security classification level; appending the header label to the digital file; hashing the digital file, together with the appended header label, to obtain a first hash value; signing the first hash value to create a digital signature; creating a signature label comprising one or both of the first hash value and the digital signature; and appending the signature label to the digital file; and validate, in a second network, the digital file subsequent to exposure to the foreign environment, the second network having a second security classification level that is different from the first security classification level, wherein validate comprises; hashing the digital file, together with the appended header label, to obtain a second hash value; retrieving the first hash value from the signature label; and comparing the first hash value and second hash value. - View Dependent Claims (16, 17, 18)
-
Specification