Systems and methods for securing data in motion
First Claim
1. A method for securing data in motion comprising original data packets, the method comprising:
- establishing a secure communication channel;
establishing a plurality of secure communication tunnels within the secure communication channel, wherein the plurality of secure communication tunnels is established using certificates issued by a plurality of unique certificate authorities;
dispersing each one of the original data packets into a plurality of shares based on multi-factored secret sharing;
encrypting each of the plurality of shares using a key associated with the establishment of a different one of the secure communication tunnels; and
transmitting the plurality of encrypted shares over one or more of the plurality of secure communication tunnels.
4 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided for distributing trust among a set of certificate authorities. One approach provides methods and systems in which the secure data parser is used to distribute trust in a set of certificate authorities during initial negotiation of a connection between two devices. Another approach provides methods and systems in which the secure data parser is used to disperse packets of data into shares. A set of tunnels is established within a communication channel using a set of certificate authorities, keys developed during the establishment of the tunnels are used to encrypt shares of data, and the shares of data are transmitted through each of the tunnels.
-
Citations
37 Claims
-
1. A method for securing data in motion comprising original data packets, the method comprising:
-
establishing a secure communication channel; establishing a plurality of secure communication tunnels within the secure communication channel, wherein the plurality of secure communication tunnels is established using certificates issued by a plurality of unique certificate authorities; dispersing each one of the original data packets into a plurality of shares based on multi-factored secret sharing; encrypting each of the plurality of shares using a key associated with the establishment of a different one of the secure communication tunnels; and transmitting the plurality of encrypted shares over one or more of the plurality of secure communication tunnels. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system for securing data in motion comprising original data packets, the system comprising a first device comprising processing circuitry configured to:
-
establish a secure communication channel; establish a plurality of secure communication tunnels within the secure communication channel, wherein the plurality of secure communication tunnels is established using certificates issued by a plurality of unique certificate authorities; disperse each one of the original data packets into a plurality of shares based on multi-factored secret sharing; encrypt each of the plurality of shares using a key associated with the establishment of a different one of the secure communication tunnels; and transmit the plurality of encrypted shares over one or more of the plurality of secure communication tunnels. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
-
Specification