×

System for providing session-based network privacy, private, persistent storage, and discretionary access control for sharing private data

  • US 8,826,021 B2
  • Filed: 09/26/2013
  • Issued: 09/02/2014
  • Est. Priority Date: 12/02/1999
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method for providing private storage of data on a server within a network, to a storing user operating a client computer connected to the network, wherein the storage is persistent, encrypted, and anonymous, and wherein access to the data may be granted by the storing user to an accessing user, the method comprising:

  • (a) providing to the storing user a client application, the client application being configured to;

    identify the data to be stored and the accessing user, who is to have access thereto;

    generate a first encryption key and a first decryption key;

    encrypt the data within said client using the first encryption key;

    generate a data object identifier;

    generate a challenge public-private key pair for the data;

    read an identifier for the accessing user;

    generate a coded user identifier from the user identifier by hashing;

    send the coded user identifier to the server together with a request for the accessing user'"'"'s message queue public key;

    receive the message queue public key from the server;

    create a message object comprising the data object identifier, the first decryption key, and the private challenge key;

    encrypt the message object with the message queue public key;

    send the encrypted message object to the message queue on the server associated with the coded user identifier;

    create a data object comprising the data object identifier, the encrypted data, and the public challenge key;

    send the data object to the server;

    (b) receiving the coded user identifier and request for the accessing user'"'"'s message queue public key from the client application, and responsive thereto identifying the message queue public key associated with the coded user identifier and returning the message queue public key to the client application; and

    (c) receiving the encrypted data, data object identifier, and public challenge key from the client application, and responsive thereto storing the encrypted data in a database under the control of the server, using the data object identifier as a locator and maintaining an association with the public challenge key.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×