System and method for securely storing and sharing information
First Claim
Patent Images
1. A method for securely storing and sharing information within and between organizations using a three-part distributed interlocking system, the method comprising:
- assigning, by a first registry-cloud interface, registration information to an information owner, the registration information comprising a unique public/private key pair;
populating, by the first registry-cloud interface, a registry with the registration information of the information owner, including the information owners public key;
transmitting, by the registry-cloud interface, access control permissions to a cloud storage system to authorize the registry-cloud interface to store and to retrieve files to the cloud storage system for the information owner;
receiving, by the first registry-cloud interface, information to be securely stored;
generating, by the first registry-cloud interface, encrypted information based on the information and the unique public/private key pair; and
storing, by the first registry-cloud interface, the encrypted information on the cloud storage system of a cloud storage provider;
whereby the private key is maintained by the first registry-cloud interface and is not shared with the registry or the cloud storage provider.
4 Assignments
0 Petitions
Accused Products
Abstract
A secure information storage system is disclosed. In an example embodiment, the secure information storage system comprises a first proxy system, a cloud storage system, an exchange registry, an access portal and a cloud-registry interface.
-
Citations
21 Claims
-
1. A method for securely storing and sharing information within and between organizations using a three-part distributed interlocking system, the method comprising:
-
assigning, by a first registry-cloud interface, registration information to an information owner, the registration information comprising a unique public/private key pair; populating, by the first registry-cloud interface, a registry with the registration information of the information owner, including the information owners public key; transmitting, by the registry-cloud interface, access control permissions to a cloud storage system to authorize the registry-cloud interface to store and to retrieve files to the cloud storage system for the information owner; receiving, by the first registry-cloud interface, information to be securely stored; generating, by the first registry-cloud interface, encrypted information based on the information and the unique public/private key pair; and storing, by the first registry-cloud interface, the encrypted information on the cloud storage system of a cloud storage provider; whereby the private key is maintained by the first registry-cloud interface and is not shared with the registry or the cloud storage provider. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for securely storing and sharing information within and between organizations using a three-part distributed interlocking system, the system comprising:
-
an information owner system of an information owner for providing information to be securely stored and retrieved; a cloud storage system of a cloud storage provider; a registry maintained and controlled a registry controller; a first proxy system registry-cloud interface, the first registry-cloud interface processing instructions to; assign to registration information to the information owner, the registration information comprising a unique public/private key pair; populate a registry with the registration information comprising the information owner'"'"'s unique public key; receive the information to be securely stored; generate encrypted information based on the information to be securely stored and the information owner'"'"'s unique public/private key pair; and store the encrypted information on a cloud storage system of a cloud storage provider as authorized by the registry; wherein the cloud storage system is configured to use access control permissions received from the registry to control access to an information owner'"'"'s information; wherein the registry is configured to verify and manage identities, catalog permissions, and transmit permission changes to the cloud storage system; and wherein the private key is retained by the first registry-cloud interface and not shared with the registry or the cloud storage provider. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
Specification