Secure data parser method and system

US 9,338,140 B2
Filed: 05/10/2012
Issued: 05/10/2016
Est. Priority Date: 10/25/2004
Status: Active Grant

- Alert
- Pin

First Claim

Patent Images

1. A secure storage network comprising:

a plurality of physical storage devices storing thereon a plurality of shares, the plurality of shares being associated with at least one session key used to secure a dataset; and

a secure storage system configured to;

present to a client device a virtual disk, the virtual disk comprising a directory mapped to the plurality of physical storage devices such that physical locations of the shares are hidden from the client device;

generate the plurality of shares for storage on the plurality of physical storage devices by performing a securing operation on the dataset received from the client device and distributing the dataset in the shares;

include with each of the plurality of shares data indicative of the at least one session key used to secure the dataset; and

reconstitute the dataset from at least a portion of the plurality of shares stored on the physical storage devices in response to a request from the client device for information in the dataset.

View all claims

4 Assignments

Timeline View

Assignment View

Litigations

1 Petition

Accused Products

Abstract

A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data that may be communicated using multiple communications paths.

375 Citations

17 Claims

1. A secure storage network comprising:
- a plurality of physical storage devices storing thereon a plurality of shares, the plurality of shares being associated with at least one session key used to secure a dataset; and
  
  a secure storage system configured to;
  
  present to a client device a virtual disk, the virtual disk comprising a directory mapped to the plurality of physical storage devices such that physical locations of the shares are hidden from the client device;
  
  generate the plurality of shares for storage on the plurality of physical storage devices by performing a securing operation on the dataset received from the client device and distributing the dataset in the shares;
  
  include with each of the plurality of shares data indicative of the at least one session key used to secure the dataset; and
  
  reconstitute the dataset from at least a portion of the plurality of shares stored on the physical storage devices in response to a request from the client device for information in the dataset.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The secure storage network of claim 1, wherein the secure storage system is further configured to generate the plurality of shares by performing a cryptographic operation on the dataset.
  - 3. The secure storage network of claim 1, further comprising a key management server configured to store workgroup keys.
  - 4. The secure storage network of claim 1, wherein the secure storage system is further configured to provide access to the reconstituted dataset.
  - 5. The secure storage network of claim 1, wherein the secure storage system is further configured to establish a secure connection between the client device and the secure storage system.
  - 6. The secure storage network of claim 1, wherein the shares contain a substantially random distribution of the received dataset.
  - 7. The secure storage network of claim 1, wherein the secure storage system is configured to reconstitute the received dataset from fewer than all of the shares.
  - 8. The secure storage network of claim 1, wherein the secure storage system is configured to secure the dataset by encrypting the dataset using the at least one session key.
  - 9. The secure storage network of claim 1, wherein the secure storage system is configured to secure the dataset by splitting the dataset using the at least one session key.
  - 10. The secure storage network of claim 1, wherein the data indicative of the at least one session key comprises:
    - a portion of the at least one session key or data indicative of a portion of the at least one session key.

11. A secure storage system comprising:
- a programmed hardware processor configured to;
  
  present to a client device a virtual disk, the virtual disk comprising a directory mapped to a plurality of physical storage devices such that physical locations of a plurality of shares are hidden from the client device;
  
  generate the plurality of shares for storage on the plurality of physical storage devices by performing a securing operation on a dataset received from the client device and distributing the dataset in the shares;
  
  include with each of the plurality of shares data indicative of at least one session key used to secure the dataset; and
  
  reconstitute the dataset from at least a portion of the plurality of shares stored on the physical storage devices in response to a request from the client device for information in the dataset.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The secure storage system of claim 11, wherein the programmed hardware processor is further configured to generate the plurality of shares by performing a cryptographic operation on the dataset.
  - 13. The secure storage system of claim 11, wherein the programmed hardware processor is further configured to provide access to the reconstituted dataset.
  - 14. The secure storage system of claim 11, wherein the programmed hardware processor is further configured to establish a secure connection between the client device and the secure storage system.
  - 15. The secure storage system of claim 11, wherein the shares contain a substantially random distribution of the received dataset.
  - 16. The secure storage system of claim 11, wherein the programmed hardware processor is configured to reconstitute the received dataset from fewer than all of the shares.
  - 17. The secure storage system of claim 11, wherein the data indicative of the at least one session key comprises:
    - a portion of the at least one session key or data indicative of a portion of the at least one session key.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Security First Innovations, LLC
Original Assignee
Security First Corp
Inventors
O'Hare, Mark S., Orsini, Rick L., Davenport, Roger S., Winick, Steven
Primary Examiner(s)
LEMMA, SAMSON B

Application Number

US13/468,383
Publication Number

US 20120226904A1
Time in Patent Office

1,461 Days
Field of Search

713/167, 713/193, 713/153, 713/168, 726 5- 7, 726/28, 380/28, 380277-278, 72 5- 7
US Class Current

1/1
CPC Class Codes

G06F 11/1092   Rebuilding, e.g. when physi...

G06F 16/22   Indexing; Data structures t...

G06F 21/602   Providing cryptographic fac...

G06F 21/606   by securing the transmissio...

G06F 21/62   Protecting access to data v...

G06F 21/6218   to a system of files or obj...

H04L 2209/80   Wireless network architectu...

H04L 63/04   for providing a confidentia...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/0823   using certificates cryptogr...

H04L 63/0876   based on the identity of th...

H04L 67/108   characterised by resources ...

H04L 69/14   Multichannel or multilink p...

H04L 9/085   Secret sharing or secret sp...

H04L 9/3226   using a predetermined code,...

H04L 9/3263   involving certificates, e.g...

Secure data parser method and system

First Claim

4 Assignments

Litigations

1 Petition

Accused Products

Abstract

375 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Secure data parser method and system

First Claim

4 Assignments

Subscription Required

Subscription Required

Litigations

1 Petition

Subscription Required

Accused Products

Subscription Required

Abstract

375 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links