Systems and methods for encryption and provision of information security using platform services
First Claim
1. A method, comprising the steps of:
- receiving, at a server, a request for encryption of data from an electronic computing device being operated by a user;
determining, at the server, a particular key space corresponding to the user and/or the electronic computing device based on the request for encryption, wherein the particular key space comprises a partitioned storage location that contains at least one encryption key;
transmitting the request for encryption from the server to a particular key service corresponding to the determined particular key space for generation of unique cryptographic information relating particularly to the request for encryption, wherein the particular key service provides functionalities of at least encryption key generation and/or encryption key storage;
receiving, at the server, the unique cryptographic information from the particular key service, wherein the unique cryptographic information comprises an encryption key uniquely corresponding to the request for encryption; and
transmitting the unique cryptographic information from the server to the electronic computing device for unique encryption of the data.
3 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for securing or encrypting data or other information arising from a user'"'"'s interaction with software and/or hardware, resulting in transformation of original data into ciphertext. Generally, the ciphertext is generated using context-based keys that depend on the environment in which the original data originated and/or was accessed. The ciphertext can be stored in a user'"'"'s storage device or in an enterprise database (e.g., at-rest encryption) or shared with other users (e.g., cryptographic communication). The system generally allows for secure federation across organizations, including mechanisms to ensure that the system itself and any other actor with pervasive access to the network cannot compromise the confidentially of the protected data.
-
Citations
30 Claims
-
1. A method, comprising the steps of:
-
receiving, at a server, a request for encryption of data from an electronic computing device being operated by a user; determining, at the server, a particular key space corresponding to the user and/or the electronic computing device based on the request for encryption, wherein the particular key space comprises a partitioned storage location that contains at least one encryption key; transmitting the request for encryption from the server to a particular key service corresponding to the determined particular key space for generation of unique cryptographic information relating particularly to the request for encryption, wherein the particular key service provides functionalities of at least encryption key generation and/or encryption key storage; receiving, at the server, the unique cryptographic information from the particular key service, wherein the unique cryptographic information comprises an encryption key uniquely corresponding to the request for encryption; and transmitting the unique cryptographic information from the server to the electronic computing device for unique encryption of the data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A system, comprising:
-
an electronic computing device that generates or receives data and is associated with a user, wherein the electronic computing device generates a request for encryption of the data and transmits the request for encryption to a server; the server that receives the request for encryption from the electronic computing device, wherein the sever determines a particular key space corresponding to the user and/or the electronic computing device based on the request for encryption, wherein the particular key space comprises a partitioned storage location that contains at least one encryption key, and transmits the request for encryption to a particular key service corresponding to the determined particular key space, wherein the particular key service provides functionalities of at least encryption key generation and/or encryption key storage; the particular key service that receives the request for encryption from the server, wherein the particular key service generates unique cryptographic information relating particularly to the request for encryption and transmits the unique cryptographic information to the server, wherein the unique cryptographic information comprises an encryption key uniquely corresponding to the request for encryption; the server that receives the unique cryptographic information from the particular key service, wherein the server transmits the unique cryptographic information to the electronic computing device; and the electronic computing device that receives the unique cryptographic information from the server, wherein the electronic computing device uniquely encrypts the data using the unique cryptographic information. - View Dependent Claims (28, 29, 30)
-
Specification