Systems and methods for securing data in motion
First Claim
1. A method for securing data, the method comprising:
- using a hardware processor for;
determining that at least one share of a first set of data shares is unavailable for restoring an encrypted data set, wherein the first set of data shares was generated from the encrypted data set by using a split key,in response to determining that the at least one share is unavailable, retrieving a subset of the first set of data shares that were generated from the encrypted data set, the subset of shares including at least a minimum number less than all of the data shares necessary for restoring the encrypted data set, wherein the first set of shares is associated with a first authentication key, andgenerating a second set of data shares from the subset of data shares without decrypting the encrypted data set, wherein the second set of shares is associated with a second authentication key and comprises the at least one data share of the first set of data shares; and
storing the at least one share.
3 Assignments
0 Petitions
Accused Products
Abstract
The systems and methods of the present invention provide a solution that makes data provably secure and accessible—addressing data security at the bit level—thereby eliminating the need for multiple perimeter hardware and software technologies. Data security is incorporated or weaved directly into the data at the bit level. The systems and methods of the present invention enable enterprise communities of interest to leverage a common enterprise infrastructure. Because security is already woven into the data, this common infrastructure can be used without compromising data security and access control. In some applications, data is authenticated, encrypted, and parsed or split into multiple shares prior to being sent to multiple locations, e.g., a private or public cloud. The data is hidden while in transit to the storage location, and is inaccessible to users who do not have the correct credentials for access.
363 Citations
28 Claims
-
1. A method for securing data, the method comprising:
-
using a hardware processor for; determining that at least one share of a first set of data shares is unavailable for restoring an encrypted data set, wherein the first set of data shares was generated from the encrypted data set by using a split key, in response to determining that the at least one share is unavailable, retrieving a subset of the first set of data shares that were generated from the encrypted data set, the subset of shares including at least a minimum number less than all of the data shares necessary for restoring the encrypted data set, wherein the first set of shares is associated with a first authentication key, and generating a second set of data shares from the subset of data shares without decrypting the encrypted data set, wherein the second set of shares is associated with a second authentication key and comprises the at least one data share of the first set of data shares; and storing the at least one share. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system for securing data, comprising:
a hardware processor configured to; determine that at least one share of a first set of data shares is unavailable for restoring an encrypted data set, wherein the first set of data shares was generated from the encrypted data set by using a split key; in response to determining that the at least one share is unavailable, retrieve a subset of the first set of data shares that were generated from the encrypted data set, the subset of shares including at least a minimum number less than all of the data shares necessary for restoring the encrypted data set, wherein the first set of shares is associated with a first authentication key; and generate a second set of data shares from the subset of data shares without decrypting the encrypted data set, wherein the second set of shares is associated with a second authentication key and comprises the at least one share of the first set of data shares. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
Specification