Electronic information and cryptographic key management system

US 8,929,552 B2
Filed: 06/03/2002
Issued: 01/06/2015
Est. Priority Date: 06/01/2001
Status: Active Grant

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method of securing electronic information, comprising the steps of:

associating at least one cryptographic key with electronic information;

securing said at least one cryptographic key by a first functionality, wherein said step of securing at least one cryptographic key comprises encrypting said at least one cryptographic key in a secure socket layer during transmission of said at least one cryptographic key and saving said at least one cryptographic key to at least one cryptographic key management system;

separately affirmatively confirming that said step of securing at least one cryptographic key has been appropriately accomplished by a second functionality apart and independent from said first functionality and communicatively coupled to said first functionality in order to allow initial cryptographic functioning of said at least one cryptographic key;

enabling a function responsive to said step of confirming that said step of securing at least one cryptographic key has been appropriately accomplished; and

securing electronic information.

View all claims

3 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

Systems and methods of electronic information securement. The invention provides for the securement of electrical information and cryptographic keys through cryptographic key management systems providing for the confirmation that one or a plurality of cryptographic keys have been secured to the key management system. Confirmation provided by the key management system enables other systems to perform cryptographic and electronic information functions such as encryption, decryption, saving, and transferring of information. Further systems are provided having at least one client system, at least one cryptographic key management system, and at least one electronic information storage system, whereby the key management system enables functionality of the system after providing securement confirmation of keys and data.

21 Citations

View as Search Results

37 Claims

1. A method of securing electronic information, comprising the steps of:
- associating at least one cryptographic key with electronic information;
  
  securing said at least one cryptographic key by a first functionality, wherein said step of securing at least one cryptographic key comprises encrypting said at least one cryptographic key in a secure socket layer during transmission of said at least one cryptographic key and saving said at least one cryptographic key to at least one cryptographic key management system;
  
  separately affirmatively confirming that said step of securing at least one cryptographic key has been appropriately accomplished by a second functionality apart and independent from said first functionality and communicatively coupled to said first functionality in order to allow initial cryptographic functioning of said at least one cryptographic key;
  
  enabling a function responsive to said step of confirming that said step of securing at least one cryptographic key has been appropriately accomplished; and
  
  securing electronic information.
- View Dependent Claims (5, 6, 7, 8, 10, 11, 12, 14, 15)
- - 5. A method of securing electronic information as described in claims 1, 2, or 4, further comprising the steps of:
    - generating said at least one cryptographic key; and
      
      confirming generation of said at least one cryptographic key.
  - 6. A method of securing electronic information as described in claim 5, wherein said step of confirming generation comprises confirming generation of at least one valid key and further comprising the step of providing said at least one cryptographic key in a read-only format, wherein said step of confirming generation of at least one valid key comprises confirming generation of said cryptographic key in a read-only format.
  - 7. A method of securing electronic information as described in claims 1, 2, 3 or 4, wherein said step of securing at least one cryptographic key comprises encrypting said at least one cryptographic key by at least one client system and saving said at least one cryptographic key to at least one cryptographic key management system, wherein said at least one client system is selected from the group consisting of:
    - a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a rom, a chip, software, and firmware.
  - 8. A method of securing electronic information as described in claims 1, 2, 3, or 4, wherein said step of securing at least one cryptographic key comprises encrypting said at least one cryptographic key by at least one electronic information storage system and saving said at least one cryptographic key to at least one cryptographic key management system, wherein said at least one electronic information storage system is selected from the group consisting of:
    - a key management system, a key backup system, a key escrow, a key escrow agent, a cryptographic library, a key certification authority, a key distribution center, a key management center, a key arbitration center, a directory service, a database, a computer system, a terminal, a server, a network, random number generator, a memory, a domain, a smart card, a read-only memory, a chip, software, and firmware.
  - 10. A method of securing electronic information as described in claims 1, 2, 3, or 4, wherein said step of associating at least one cryptographic key with electronic information comprises associating at least one cryptographic key with at least one system identification selected from the group consisting of:
    - a ticket, a pointer, a certificate, an add-on module, user information, and a random number.
  - 11. A method of securing electronic information as described in claim 10, further comprising the step of generating said at least one user identification by at least one electronic information storage system selected from the group consisting of:
    - a key management system, a key backup system, a key escrow, a key escrow agent, a cryptographic library, a key certification authority, a key distribution center, a key management center, a key arbitration center, a directory service, a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a read-only memory, a chip, software, and firmware.
  - 12. A method of securing electronic information as described in claims 1, 2, 3, or 4, further comprising the step of providing acknowledgment to at least one electronic information storage system of said step of securing said at least one cryptographic key in response to said step of confirming, said at least one electronic information storage system selected from the group consisting of:
    - a key management system, a key backup system, a key escrow, a key escrow agent, a cryptographic library, a key certification authority, a key distribution center, a key management center, a key arbitration center, a directory service, a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a read-only memory, a chip, software, and firmware.
  - 14. A method of securing electronic information as described in claims 1, 2, 3, or 4, wherein said step of securing electronic information comprises saving electronic information to at least one electronic information storage system selected from the group consisting of:
    - a key management system, a key backup system, a key escrow, a key escrow agent, a cryptographic library, a key certification authority, a key distribution center, a key management center, a key arbitration center, a directory service, a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a read-only memory, a chip, software, and firmware.
  - 15. A method of securing electronic information as described in claims 1, 2 or 3, wherein said step of securing electronic information comprises restricting access to electronic information to situations where the system receives substantially simultaneous access requests from a plurality of administrators in order to allow access to secure electronic information under conditions of enhanced security.

2. A method of securing electronic information, comprising the steps of:
- associating at least one cryptographic key with electronic information;
  
  securing said at least one cryptographic key by a first functionality;
  
  separately affirmatively confirming that said step of securing at least one cryptographic key has been appropriately accomplished by a second functionality apart and independent from said first functionality and communicatively coupled to said first functionality in order to allow initial cryptographic functioning of said at least one cryptographic key;
  
  enabling a function responsive to said step of confirming that said step of securing at least one cryptographic key has been appropriately accomplished; and
  
  securing electronic information, wherein said step of securing electronic information comprises transferring electronic information, and further comprising the step of encrypting said electronic information in a secure socket layer during transferring.

3. A method of securing electronic information, comprising the steps of:
- generating at least one cryptographic key;
  
  confirming generation of said at least one cryptographic key, wherein said step of confirming generation comprises confirming generation of at least one valid key and further comprising the step of providing said at least one cryptographic key in a read-only format, wherein said step of confirming generation of at least one valid key comprises confirming generation of said cryptographic key in a read-only format;
  
  associating said at least one cryptographic key with electronic information;
  
  securing said at least one cryptographic key by a first functionality;
  
  separately affirmatively confirming that said step of securing at least one cryptographic key has been appropriately accomplished by a second functionality apart and independent from said first functionality and communicatively coupled to said first functionality in order to allow initial cryptographic functioning of said at least one cryptographic key;
  
  enabling a function responsive to said step of confirming that said step of securing at least one cryptographic key has been appropriately accomplished; and
  
  securing electronic information.
- View Dependent Claims (9, 13)
- - 9. A method of securing electronic information as described in claim 3, wherein said step of securing at least one cryptographic key comprises encrypting said at least one cryptographic key in a secure socket layer during transmission of said at least one cryptographic key and saving said at least one cryptographic key to at least one cryptographic key management system.
  - 13. A method of securing electronic information as described in claim 3, wherein said step of securing electronic information comprises transferring electronic information, and further comprising the step of encrypting said electronic information in a secure socket layer during transferring.

4. A method of securing electronic information, comprising the steps of:
- associating at least one cryptographic key with electronic information;
  
  securing said at least one cryptographic key by a first functionality;
  
  separately affirmatively confirming that said step of securing at least one cryptographic key has been appropriately accomplished by a second functionality apart and independent from said first functionality and communicatively coupled to said first functionality in order to allow initial cryptographic functioning of said at least one cryptographic key;
  
  enabling a function responsive to said step of confirming that said step of securing at least one cryptographic key has been appropriately accomplished; and
  
  securing electronic information, wherein said step of securing electronic information comprises restricting access to electronic information to situations where the system receives substantially simultaneous access requests from a plurality of administrators in order to allow access to secure electronic information under conditions of enhanced security.

16. An electronic information securement system, comprising:
- an electronic information securement system having a securement functionality;
  
  at least one cryptographic key management system having a separate affirmative confirmation functionality configured to confirm that securing of a cryptographic key has been appropriately accomplished by a functionality apart and independent from said securement functionality and communicatively coupled to said securement functionality in order to allow initial cryptographic functioning of said at least one cryptographic key wherein said electronic information securement system is enabled to perform a function in response to a confirmation from said at least one cryptographic key management system and is configured to secure electronic information; and
  
  at least one client system communicatively coupled to said at least one cryptographic key management system and configured to secure electronic information, and wherein access to electronic information secured to said at least one client system is restricted to situations where the system receives substantially simultaneous access requests in order to allow access to said secure electronic information under conditions of enhanced security.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
- - 19. An electronic information securement system as described in claims 16, 17 or 18 wherein said at least one cryptographic key management system is configured to secure cryptographic keys and wherein access to cryptographic keys secured to said at least one cryptographic key management system is restricted to physical access.
  - 20. An electronic information securement system as described in claims 16, 17 or 18 further comprising at least one client system communicatively coupled to said at least one cryptographic key management system and configured to secure cryptographic keys, and wherein access to cryptographic keys secured to said at least one client system is restricted to physical access.
  - 21. An electronic information securement system as described in claims 16, 17, or 18 further comprising at least one electronic information storage system communicatively coupled to said at least one cryptographic key management system and wherein said at least one electronic information storage system is configured to secure cryptographic keys, and wherein access to cryptographic keys secured to said at least one electronic information storage system is restricted to physical access.
  - 22. An electronic information securement system as described in claim 19, wherein access to secured cryptographic keys is restricted to physical access by a client.
  - 23. An electronic information securement system as described in claim 19, wherein access to secured cryptographic keys is restricted to physical access by an administrator.
  - 24. An electronic information securement system as described in claims 16, 17, or 18, wherein said at least one cryptographic key management system is configured to secure electronic information, and wherein access to electronic information secured to said at least one cryptographic key management system is restricted to physical access.
  - 25. An electronic information securement system as described in claims 16, 17, or 18, further comprising at least one client system communicatively coupled to said at least one cryptographic key management system and configured to secure electronic information, and wherein access to electronic information secured to said at least one client system is restricted to physical access.
  - 26. An electronic information securement system as described in claims 16, 17, or 18, further comprising at least one electronic information storage system communicatively coupled to said at least one cryptographic key management system and configured to secure electronic information, and wherein access to electronic information secured to said at least one electronic information storage system is restricted to physical access.
  - 27. An electronic information securement system as described in claim 24, wherein access to secured electronic information is restricted to physical access by a client.
  - 28. An electronic information securement system as described in claim 24, wherein access to secured electronic information is restricted to physical access by an administrator.
  - 29. An electronic information securement system as described in claim 16, 17 or 18, wherein access to secured electronic information is restricted to situations where the system receives substantially simultaneous access requests from a plurality of administrators in order to allow access to said secure electronic information under conditions of enhanced security.
  - 30. An electronic information securement system as described in claim 20, wherein access to secured cryptographic keys is restricted to physical access by a client.
  - 31. An electronic information securement system as described in claim 21, wherein access to secured cryptographic keys is restricted to physical access by a client.
  - 32. An electronic information securement system as described in claim 20, wherein access to secured cryptographic keys is restricted to physical access by an administrator.
  - 33. An electronic information securement system as described in claim 21, wherein access to secured cryptographic keys is restricted to physical access by an administrator.
  - 34. An electronic information securement system as described in claim 25, wherein access to secured electronic information is restricted to physical access by a client.
  - 35. An electronic information securement system as described in claim 26, wherein access to secured electronic information is restricted to physical access by a client.
  - 36. An electronic information securement system as described in claim 25, wherein access to secured electronic information is restricted to physical access by an administrator.
  - 37. An electronic information securement system as described in claim 26, wherein access to secured electronic information is restricted to physical access by an administrator.

17. An electronic information securement system, comprising:
- an electronic information securement system having a securement functionality;
  
  at least one cryptographic key management system having a separate affirmative confirmation functionality configured to confirm that securing of a cryptographic key has been appropriately accomplished by a functionality apart and independent from said securement functionality and communicatively coupled to said securement functionality in order to allow initial cryptographic functioning of said at least one cryptographic key, wherein said electronic information securement system is enabled to perform a function in response to a confirmation from said at least one cryptographic key management system and is configured to secure electronic information; and
  
  at least one electronic information storage system communicatively coupled to said at least one cryptographic key management system and configured to secure electronic information, and wherein access to electronic information secured to said at least one electronic information storage system is restricted to situations where the system receives substantially simultaneous access requests in order to allow access to said secure electronic information under conditions of enhanced security.

18. An electronic information securement system, comprising:
- an electronic information securement system having a securement functionality;
  
  at least one cryptographic key management system having a separate affirmative confirmation functionality configured to confirm that securing of a cryptographic key has been appropriately accomplished by a functionality apart and independent from said securement functionality and communicatively coupled to said securement functionality in order to allow initial cryptographic functioning of said at least one cryptographic key, wherein said at least one cryptographic key management system is configured to secure electronic information, and wherein access to electronic information secured to said at least one cryptographic key management system is restricted to situations where the system receives substantially simultaneous access requests in order to allow access to said secure electronic information under conditions of enhanced security;
  
  wherein said electronic information securement system is enabled to perform a function in response to a confirmation from said at least one cryptographic key management system and is configured to secure electronic information.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
SaveItSafe, LLC
Original Assignee
No Magic Incorporated (Dassault Systemes SA)
Inventors
Duncanson, Paul T. Jr.
Primary Examiner(s)
Dinh, Minh
Assistant Examiner(s)
ALMEIDA, DEVIN E

Application Number

US10/479,646
Publication Number

US 20040151318A1
Time in Patent Office

4,600 Days
Field of Search

None
US Class Current

380/277
CPC Class Codes

G06F 21/6209   to a single file or object,...

H04L 63/0428   wherein the data content is...

H04L 63/062   for key distribution, e.g. ...

H04L 9/083   involving central third par...

H04L 9/0861   Generation of secret inform...

Electronic information and cryptographic key management system

First Claim

3 Assignments

Litigations

0 Petitions

Accused Products

Abstract

21 Citations

37 Claims

Specification

Solutions

Use Cases

Quick Links

Electronic information and cryptographic key management system

First Claim

3 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

37 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links