Password-less security and protection of online digital assets

US 8,954,758 B2
Filed: 09/09/2012
Issued: 02/10/2015
Est. Priority Date: 12/20/2011
Status: Expired due to Fees

First Claim

Patent Images

1. A computer-implemented method for protecting a digital asset on an asset server with a key and destroying the key, the method, comprising the steps of:

storing the digital asset on the asset server;

disabling the digital asset, comprising;

handicapping the digital asset on the asset server with security data to prevent normal use of the digital asset, by removing a portion of bits from the digital asset itself to prevent normal use of the digital asset;

sending the security data from the asset server to the remote device, wherein the remote device handicaps the security data with a second security data based on a user gesture to prevent normal use of the security data, wherein the second security data is completely discarded from the remote device; and

completely discarding the security data from the asset server, wherein the digital asset remains disabled on the asset server; and

enabling the digital asset, comprising;

receiving the security data from the remote device responsive to a request to access the digital asset, wherein the remote device reconstitutes the second security data from user gesture and uses the second security data to enable the security data that was handicapped by the remote device for normal use of the security data; and

reconstituting the digital asset using at least the security data in order to enable the digital asset that was handicapped by the asset server for normal use of the digital asset.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Digital assets stored on an asset server by an asset owner are protected without a password. Instead, the digital assets are functionally handicapped by removing at least a portion of digital data (or a key) associated with the digital asset and discarding the key after being sent to an enabling device. The portion of digital data (or a key) is then handicapped by the enabling device by a cryptographic key which is formed from a human gesture and subsequently discarded. When access to the digital asset is requested, an asset owner is notified by the enabling device for approval. A human gesture from the asset owner first provides a key to reconstitute the digital data portion which is transmitted to the asset server to reconstitute the digital asset upon which the access is granted and logged.

32 Citations

View as Search Results

17 Claims

1. A computer-implemented method for protecting a digital asset on an asset server with a key and destroying the key, the method, comprising the steps of:
- storing the digital asset on the asset server;
  
  disabling the digital asset, comprising;
  
  handicapping the digital asset on the asset server with security data to prevent normal use of the digital asset, by removing a portion of bits from the digital asset itself to prevent normal use of the digital asset;
  
  sending the security data from the asset server to the remote device, wherein the remote device handicaps the security data with a second security data based on a user gesture to prevent normal use of the security data, wherein the second security data is completely discarded from the remote device; and
  
  completely discarding the security data from the asset server, wherein the digital asset remains disabled on the asset server; and
  
  enabling the digital asset, comprising;
  
  receiving the security data from the remote device responsive to a request to access the digital asset, wherein the remote device reconstitutes the second security data from user gesture and uses the second security data to enable the security data that was handicapped by the remote device for normal use of the security data; and
  
  reconstituting the digital asset using at least the security data in order to enable the digital asset that was handicapped by the asset server for normal use of the digital asset.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein handicapping comprises:
    - handicapping the digital asset with a cryptographic key to prevent normal use.
  - 3. The method of claim 1, wherein unique human input comprises a two-dimensional or a three-dimensional human gesture.
  - 4. The method of claim 1, wherein unique human input comprises a bio-sample, a retina scan, a facial scan, a fingerprint scan, and a voice sample.
  - 5. The method of claim 1, wherein receiving security data from the remote device comprises:
    - receiving the security data from the remote device which has decrypted the security data with data from a received unique human input.
  - 6. The method of claim 5, further comprising:
    - storing one of the at least two keys on the asset server apart from the digital asset.
  - 7. The method of claim 1, wherein sending the security data to a remote device, wherein the remote device handicaps the security data comprises:
    - the remote device encrypting the security data with a unique identifier associated with the enabling device.
  - 8. The method of claim 1, wherein sending the security data to a remote device, wherein the remote device handicaps the security data, comprises:
    - generating at least two derivatives of the security data, the two derivatives corresponding to two keys; and
      
      sending one of the at least two keys to the remote device.
  - 9. The method of claim 8, wherein generating the at least two derivatives corresponding to two keys comprises:
    - using a polynomial of a Shamir-type secret splitting algorithm to derive at least two data points which correspond to at least two keys.
  - 10. The method of claim 1, further comprising:
    - receiving a request to access the digital asset; and
      
      in response, sending a notification to the remote device to send the security data for reconstitution.
  - 11. The method of claim 1, further comprising:
    - logging each access to the digital asset, regardless of whether the digital asset is stored at the asset server.
  - 12. The method of claim 1, wherein the digital asset comprises at least one of:
    - data, multimedia, an executable application, a configuration file, machine code, and source code.
  - 13. The method of claim 1, wherein the remote device comprises a wireless mobile device.
  - 14. The method of claim 1, wherein the digital asset comprises at least one of:
    - a digital asset, a group of digital assets, and a file system referring to the digital asset.

15. A computer-implemented method for protecting a digital asset on an asset server from a remote device with a key and destroying the key, the method comprising the steps of:
- receiving at least security data associated with the digital asset that has been handicapped to prevent normal use of the digital asset, from the asset server, and wherein the digital asset remains intact on the asset server and the security data has been completely discarded from the asset server;
  
  disabling the security data;
  
  receiving a unique human input from an owner of the digital asset;
  
  handicapping the security data with data from the unique human input; and
  
  completely discarding the second security data from the remote device enabling the security data;
  
  responsive to receiving a notification for a request for access to the digital asset, requesting the unique human input from the owner of the digital asset;
  
  reconstituting the security data with the unique human input; and
  
  sending the security data to the asset server to reconstitute the digital asset for normal use.

16. A non-transitory computer-readable medium storing source code that, when executed by a processor, performs a method for protecting a digital asset on an asset server with a key and destroying the key, the method comprising the steps of:
- storing the digital asset on the asset server;
  
  disabling the digital asset, comprising;
  
  handicapping the digital asset on the asset server with security data to prevent normal use of the digital asset, by removing a portion of bits from the digital asset itself to prevent normal use of the digital asset;
  
  sending security data from the asset server to the remote device, wherein the remote device handicaps the security data with a second security data based on a user gesture to prevent normal use of the security data, wherein the user gesture is not stored on the remote device; and
  
  completely discarding the security data from the asset server, wherein the digital asset remains disabled on the asset server; and
  
  enabling the digital asset, comprising;
  
  receiving the security data from the remote device responsive to a request to access the digital asset, wherein the remote device reconstitutes the second security data from user gesture and uses the second security data to enable the security data that was handicapped by the remote device for normal use of the security data; and
  
  reconstituting the digital asset using at least the security data in order to enable the digital asset that was handicapped by the asset server for normal use of the digital asset.

17. A system to protect a digital asset on an asset server, comprising:
- a processor; and
  
  a memory to store the digital asset, the memory comprising;
  
  a handicapping module to handicap the digital asset with security data to prevent normal use, by removing a portion of bits from the digital asset itself to prevent normal use of the digital asset, to send the security data to a remote device, wherein the remote device handicaps the security data, the security data being independent from the digital asset, and discard the security data, wherein the digital asset remains disabled on the asset server; and
  
  a reconstitution module to receive the security data from a remote device, and reconstitute the digital asset using the security data to enable the digital asset for normal use.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nicolas Leoutsarakos
Original Assignee
Nicolas Leoutsarakos
Inventors
Leoutsarakos, Nicolas
Primary Examiner(s)
Desrosiers, Evans

Application Number

US13/607,769
Publication Number

US 20130159732A1
Time in Patent Office

884 Days
Field of Search

713/193, 713168-174, 713182-186, 713/202, 709/206, 709/225, 709/229, 709/249, 709/389, 726 2- 8
US Class Current

713/193
CPC Class Codes

G06F 21/31   User authentication

G06F 21/32   using biometric data, e.g. ...

G06F 21/6218   to a system of files or obj...

H04L 63/0435   wherein the sending and rec...

H04L 9/085   Secret sharing or secret sp...

H04W 12/68   Gesture-dependent or behavi...

Password-less security and protection of online digital assets

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

32 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Password-less security and protection of online digital assets

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

32 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links