UPLOAD AND DOWNLOAD STREAMING ENCRYPTION TO/FROM A CLOUD-BASED PLATFORM
First Claim
Patent Images
1. A computer-implemented method of a cloud-based collaboration platform, the method, comprising:
- receiving a data file, the data file being encrypted with a first key;
receiving the first key encrypted with a second key;
decrypting the first key with the second key;
determining an index into an encryption key pool based on the value of the second key, the key encryption pool comprising a plurality of indexed keys;
selecting a third key corresponding to the determined index from the key encryption pool;
encrypting the first key with the third key to generate an encrypted key file;
storing the encrypted key file and the encrypted data file in a storage location;
creating a record associating the data file with the encrypted data file and the encrypted key file; and
storing a record of the correspondence between the third key and the encrypted data file.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present disclosure include systems and methods for upload and/or download streaming encryption to/from an online service, or cloud-based platform or environment. The encryption process includes the following parts: Upload encryption, download decryption, and a central piece of infrastructure called the Interval Key Server (IKS). During both upload and download, the encryption and decryption processes are performed while the files are being uploaded/downloaded, (e.g., the files are being encrypted/decrypted as they are being streamed).
-
Citations
23 Claims
-
1. A computer-implemented method of a cloud-based collaboration platform, the method, comprising:
-
receiving a data file, the data file being encrypted with a first key; receiving the first key encrypted with a second key; decrypting the first key with the second key; determining an index into an encryption key pool based on the value of the second key, the key encryption pool comprising a plurality of indexed keys; selecting a third key corresponding to the determined index from the key encryption pool; encrypting the first key with the third key to generate an encrypted key file; storing the encrypted key file and the encrypted data file in a storage location; creating a record associating the data file with the encrypted data file and the encrypted key file; and storing a record of the correspondence between the third key and the encrypted data file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system comprising:
-
a key server having at least one processor; a memory, the memory comprising instructions executable by the at least one processor, to; receive an encrypted data file, the data file encrypted with a first key; receive the first key encrypted with a second key; decrypt the first key with the second key; determine an index into an encryption key pool based on the value of the second key, the key encryption pool comprising a plurality of indexed keys; select a third key corresponding to the determined index from the key encryption pool; encrypt the first key with the third key to generate an encrypted key file; store the encrypted key file and the encrypted data file to a storage location; create a record associating the data file with the encrypted data file and the encrypted key file; and store a record of the correspondence between the third key and the encrypted data file. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A computer-implemented encryption method for recovering from a compromised key from an encryption key pool in a cloud-based collaborative platform comprising:
-
identifying a plurality of data files, the data files encrypted with a first plurality of encryption keys; determining a plurality of encryption key files, wherein the plurality of encryption key files comprise the first plurality of encryption keys encrypted with the compromised key; determining a first plurality of corrective action criteria for an encryption key pool; determining a second plurality of corrective action criteria for the plurality of encrypted data files; determining a third plurality of corrective action criteria for the plurality of encryption key files; adjusting the encryption key pool based on the first plurality of corrective action criteria; adjusting the plurality of encrypted data files based on the second plurality of corrective action criteria; and adjusting the plurality of encryption key files based on the third plurality of corrective action criteria; wherein, the data files are accessed by and/or collaborated upon among multiple users or collaborators in the cloud-based encryption platform. - View Dependent Claims (20, 21, 22, 23)
-
Specification