Upload and download streaming encryption to/from a cloud-based platform
First Claim
Patent Images
1. A computer-implemented method of a cloud-based collaboration platform, the method, comprising:
- receiving a data file encrypted with a first key;
receiving the first key encrypted with a second key;
decrypting the first key with the second key;
determining an index into key encryption pool based on the value of the second key, the key encryption pool including multiple indexed keys;
selecting a third key corresponding to the index into the key encryption pool;
encrypting the first key with the third key to generate an encrypted key file;
storing, by the cloud-based collaboration platform, the encrypted key file and the data file encrypted with the first key in a storage location;
creating a record associating the data file with the encrypted key file;
storing a record of the correspondence between the third key and the data file;
receiving a request for the data file; and
sending a response to the request indicating a location of the encryption key file and a location of the encrypted data file.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present disclosure include systems and methods for upload and/or download streaming encryption to/from an online service, or cloud-based platform or environment. The encryption process includes the following parts: Upload encryption, download decryption, and a central piece of infrastructure called the Interval Key Server (IKS). During both upload and download, the encryption and decryption processes are performed while the files are being uploaded/downloaded, (e.g., the files are being encrypted/decrypted as they are being streamed).
501 Citations
23 Claims
-
1. A computer-implemented method of a cloud-based collaboration platform, the method, comprising:
-
receiving a data file encrypted with a first key; receiving the first key encrypted with a second key; decrypting the first key with the second key; determining an index into key encryption pool based on the value of the second key, the key encryption pool including multiple indexed keys; selecting a third key corresponding to the index into the key encryption pool; encrypting the first key with the third key to generate an encrypted key file; storing, by the cloud-based collaboration platform, the encrypted key file and the data file encrypted with the first key in a storage location; creating a record associating the data file with the encrypted key file; storing a record of the correspondence between the third key and the data file; receiving a request for the data file; and sending a response to the request indicating a location of the encryption key file and a location of the encrypted data file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system of a cloud-based collaboration platform, the system comprising:
-
a key server having at least one processor; a memory, the memory comprising instructions executable by the at least one processor, to; receive a data file encrypted with a first key; receive the first key encrypted with a second key; decrypt the first key with the second key; determine an index into key encryption pool based on the value of the second key, the key encryption pool including multiple indexed keys; select a third key corresponding to the index into the key encryption pool; encrypt the first key with the third key to generate an encrypted key file; store by the cloud-based collaboration platform the encrypted key file and the data file in a storage location; create a record associating the data file with the encrypted key file; and store a record of the correspondence between the third key and the data file receive a request for the data file; and send a response to the request indicating a location of the encryption key file and a location of the encrypted data file. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A non-transitory computer readable storage medium having instructions stored thereon, which when executed by one or more processors of a system, cause the system to:
-
receive a data file encrypted with a first key; receive the first key encrypted with a second key; decrypting the first key with the second key; determine an index into key encryption pool based on the value of the second key, the key encryption pool including multiple indexed keys; selecting a third key corresponding to the index into the key encryption pool; encrypting the first key with the third key to generate an encrypted key file; storing, by the cloud-based collaboration platform, the encrypted key file and the data file encrypted with the first key in a storage location; creating a record associating the data file with the encrypted key file; storing a record of the correspondence between the third key and the data file; receiving a request for the data file; and sending a response to the request indicating a location of the encryption key file and a location of the encrypted data file. - View Dependent Claims (20, 21, 22, 23)
-
Specification