Systems and methods for secure third-party data storage
First Claim
1. A computer-implemented method for secure third-party data storage,at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- receiving, at a server-side computing system, a long poll request from a client system;
identifying, at the server-side computing system, a data access request from the client system to access an encrypted file stored under a user account, wherein the requested access requires decryption of the encrypted file, wherein the data access request is subsequent to the long poll request;
identifying, in reaction to the data access request, an asymmetric key pair designated for the user account, the asymmetric key pair comprising an encryption key and a decryption key that has been encrypted with a client-side key;
responding to the long poll request, in reaction to the data access request, with a message notifying the client system to transmit the client-side key;
receiving, from the client system, the client-side key;
decrypting the decryption key with the client-side key; and
using the decryption key to access an unencrypted version of the encrypted file.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for secure third-party data storage may include (1) identifying, at a server-side computing system, a data access request from a client system to access an encrypted file stored under a user account, (2) receiving a long poll request from the client system, (3) identifying an asymmetric key pair designated for the user account, the asymmetric key pair including an encryption key and a decryption key that has been encrypted with a client-side key, (4) responding to the long poll request with a message notifying the client system to transmit the client-side key, (5) receiving, from the client system, the client-side key, (6) decrypting the decryption key with the client-side key, and (7) using the decryption key to access an unencrypted version of the encrypted file. Various other methods, systems, and computer-readable media are also disclosed.
-
Citations
20 Claims
-
1. A computer-implemented method for secure third-party data storage,
at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising: -
receiving, at a server-side computing system, a long poll request from a client system; identifying, at the server-side computing system, a data access request from the client system to access an encrypted file stored under a user account, wherein the requested access requires decryption of the encrypted file, wherein the data access request is subsequent to the long poll request; identifying, in reaction to the data access request, an asymmetric key pair designated for the user account, the asymmetric key pair comprising an encryption key and a decryption key that has been encrypted with a client-side key; responding to the long poll request, in reaction to the data access request, with a message notifying the client system to transmit the client-side key; receiving, from the client system, the client-side key; decrypting the decryption key with the client-side key; and using the decryption key to access an unencrypted version of the encrypted file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for secure third-party data storage, the system comprising:
-
a connection module that receives, at a server-side computing system, a long poll request from a client system; an identification module that identifies, at the server-side computing system, a data access request from the client system to access an encrypted file stored under a user account, wherein the requested access requires decryption of the encrypted file, wherein the data access request is subsequent to the long poll request; a key module that identifies, in reaction to the data access request, an asymmetric key pair designated for the user account, the asymmetric key pair comprising an encryption key and a decryption key that has been encrypted with a client-side key; a response module that responds to the long poll request, in reaction to the data access request, with a message notifying the client system to transmit the client-side key; a receiving module that receives, from the client system, the client-side key; a decryption module that decrypts the decryption key with the client-side key; an access module that uses the decryption key to access an unencrypted version of the encrypted file; at least one hardware processor configured to execute the identification module, the connection module, the key module, the response module, the receiving module, the decryption module, and the access module. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory computer-readable-storage medium comprising one or more computer-readable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
receive, at a server-side computing system, a long poll request from a client system; identify, at the server-side computing system, a data access request from the client system to access an encrypted file stored under a user account, wherein the requested access requires decryption of the encrypted file, wherein the data access request is subsequent to the long poll request; identify, in reaction to the data access request, an asymmetric key pair designated for the user account, the asymmetric key pair comprising an encryption key and a decryption key that has been encrypted with a client-side key; respond to the long poll request, in reaction to the data access request, with a message notifying the client system to transmit the client-side key; receive, from the client system, the client-side key; decrypt the decryption key with the client-side key; use the decryption key to access an unencrypted version of the encrypted file. - View Dependent Claims (20)
-
Specification