Creating fingerprints of encryption devices for compromise mitigation
First Claim
1. A computer system comprising at least one processor operatively coupled to memory, the at least one processor configured for:
- receiving a first payload from a device, the first payload comprising data in a particular format, a device indicator comprising a unique identifier used for identifying the device, and an indication of a version of firmware running on the device;
creating a fingerprint for the device, the fingerprint comprising a section format for each of one or more distinct sections of the particular format in a particular order;
parsing the particular format of the first payload into the one or more distinct sections of the particular format;
determining the section format of each of the one or more distinct sections; and
creating a record of the section format of each of the one or more distinct sections; and
comparing a format of each subsequent payload received from the device to the fingerprint for the device to determine whether the device has been compromised.
5 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for creating fingerprints for encryption devices are described herein. In various embodiments, the system includes an encryption device operatively connected to a device management system. According to particular embodiments, the device management system: 1) receives a first payload from the encryption device, the first payload including data in a particular format; 2) creates a fingerprint for the encryption device, the fingerprint including a section format for each of one or more distinct sections of the particular format; 3) storing a record of the fingerprint for the encryption device and the unique identifier at the at least one database; and 4) comparing a format of each subsequent payload received from the encryption device to the fingerprint for the device to determine whether the device has been compromised.
75 Citations
18 Claims
-
1. A computer system comprising at least one processor operatively coupled to memory, the at least one processor configured for:
-
receiving a first payload from a device, the first payload comprising data in a particular format, a device indicator comprising a unique identifier used for identifying the device, and an indication of a version of firmware running on the device; creating a fingerprint for the device, the fingerprint comprising a section format for each of one or more distinct sections of the particular format in a particular order; parsing the particular format of the first payload into the one or more distinct sections of the particular format; determining the section format of each of the one or more distinct sections; and creating a record of the section format of each of the one or more distinct sections; and comparing a format of each subsequent payload received from the device to the fingerprint for the device to determine whether the device has been compromised. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer system for creating a fingerprint for a device, the computer system comprising at least one processor operatively coupled to memory, the at least one processor configured for:
-
receiving payloads from a particular device, each payload comprising encrypted and unencrypted data in a format, wherein a first payload received from the particular device comprises a device indicator comprising a unique identifier used for identifying the particular device and an indication of a version of firmware running on the particular device; creating a fingerprint associated with the particular device by; parsing a particular format of the first payload into one or more distinct sections of the particular format; determining a section format of each of the one or more distinct sections; and creating a record of the section format of each of the one or more distinct sections in a particular order; comparing the format of each subsequent payload from the particular device to the fingerprint associated with the particular device; and upon determining that the format of a particular subsequent payload of the subsequent payloads received from the particular device does not match the fingerprint associated with the particular device, declining to decrypt the encrypted data of the particular subsequent payload and transmitting a notification of declining to decrypt the encrypted data to a user computing system associated with a user. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer-implemented method for creating a fingerprint for a device, the method comprising:
-
receiving, via at least one processor operatively coupled to memory, a first payload from a device, the first payload comprising data in a particular format, a device indicator comprising a unique identifier used for identifying the device, and an indication of a version of firmware running on the device; creating, via the at least one processor, a fingerprint for the device by; parsing the particular format of the first payload into one or more distinct sections of the particular format; determining a section format of each of the one or more distinct sections; and creating a record of the section format of each of the one or more distinct sections; and comparing, via the at least one processor, a subsequent payload received from the device to the fingerprint for the device to determine whether the device has been compromised. - View Dependent Claims (15, 16, 17, 18)
-
Specification