Hack-deterring system for storing sensitive data records
First Claim
Patent Images
1. A mobile communication system comprising:
- a multiplicity of mobile devices; and
a server communicating with the mobile devices via a communication network; and
a central database which is in data communication with the server and which is operative for storing sensitive data encrypted using at least one device key, at least a portion of which is provided, only on certain occasions, by an individual one of the mobile devices and is not retained between said occasions by the central database,wherein each device encrypts both the device key and sensitive computer data associated with the device and sends them to the server,the server decrypts the received information thereby to yield the sensitive computer data associated with the device and the device key,the server encrypts the sensitive computer data associated with the device with the device key, andthe server stores the encrypted data in the database and discards the device key.
3 Assignments
0 Petitions
Accused Products
Abstract
A mobile communication system comprising a multiplicity of mobile devices, and a server communicating with the mobile devices via a communication network, and a central database which is in data communication with the server and which is operative for storing sensitive data encrypted using at least one key, at least a portion of which is provided, only on certain occasions, by an individual one of the mobile devices and is not retained between the occasions by the central database.
-
Citations
30 Claims
-
1. A mobile communication system comprising:
-
a multiplicity of mobile devices; and a server communicating with the mobile devices via a communication network; and a central database which is in data communication with the server and which is operative for storing sensitive data encrypted using at least one device key, at least a portion of which is provided, only on certain occasions, by an individual one of the mobile devices and is not retained between said occasions by the central database, wherein each device encrypts both the device key and sensitive computer data associated with the device and sends them to the server, the server decrypts the received information thereby to yield the sensitive computer data associated with the device and the device key, the server encrypts the sensitive computer data associated with the device with the device key, and the server stores the encrypted data in the database and discards the device key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 26, 27)
-
-
16. A computerized method for retaining sensitive computer data regarding each of a multiplicity of mobile devices communicating with a computer server via a communication network, the method comprising:
-
storing sensitive computer data encrypted using at least one cryptographic key (“
device key”
), in a central computer database which is in data communication with the server; andaccepting at least a portion of the key, only on certain occasions, from an individual one of the mobile devices rather than retaining said portion in the central database between said occasions, wherein said storing comprises; at each device, encrypting both sensitive personal data associated with the device, and the device key using the first network key set, thereby to generate encrypted information, and sending said encrypted information to the server together with devices'"'"' ID; at server, decrypting said encrypted information thereby to yield sensitive personal data and device key; at server, double-encrypting the sensitive personal data with the device key and with a server key comprising a private key that is known to the server, thereby to yield double-encrypted data; and storing the double-encrypted data in the data base, under device'"'"'s ID, and discarding the device key. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 28, 29)
-
-
30. A computer program product, comprising a non-transitory computer usable medium having a computer readable program code embodied therein, said computer readable program code adapted to be executed to implement a method for retaining sensitive computer data regarding each of a multiplicity of mobile devices communicating with a computer server via a communication network, the method comprising:
-
storing sensitive computer data encrypted using at least one cryptographic key (“
device key”
), in a central computer database which is in data communication with the server; andaccepting at least a portion of the key, only on certain occasions, from an individual one of the mobile devices rather than retaining said portion in the central database between said occasions, wherein each device encrypts both the device key and sensitive computer data associated with the device and sends them to the server, the server decrypts the received information thereby to yield the sensitive computer data associated with the device and the device key, the server encrypts the sensitive computer data associated with the device with the device key, and the server stores the encrypted data in the database and discards the device key.
-
Specification