Information processing system
US-2024248797-A1 · Jul 25, 2024 · US
Systems and methods for securing data in motion
US10068103B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10068103-B2 |
| Application number | US-201313866452-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 19, 2013 |
| Priority date | Mar 31, 2010 |
| Publication date | Sep 4, 2018 |
| Grant date | Sep 4, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The systems and methods of the present invention provide a solution that makes data provably secure and accessible—addressing data security at the bit level—thereby eliminating the need for multiple perimeter hardware and software technologies. Data security is incorporated or weaved directly into the data at the bit level. The systems and methods of the present invention enable enterprise communities of interest to leverage a common enterprise infrastructure. Because security is already woven into the data, this common infrastructure can be used without compromising data security and access control. In some applications, data is authenticated, encrypted, and parsed or split into multiple shares prior to being sent to multiple locations, e.g., a private or public cloud. The data is hidden while in transit to the storage location, and is inaccessible to users who do not have the correct credentials for access.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for securing the filename of a file to be split and stored on a storage network, the method comprising: encrypting, by processing circuitry communicatively coupled to the storage network, the filename of the file using an encryption algorithm; generating one or more data shares from the file using an information dispersal algorithm, at least one of the one or more data shares having a share name that is associated with the encrypted filename; storing the generated data shares on one or more data share locations in the storage network; and regenerating the filename of the file by decrypting the share name of one of the generated data shares. 2. The method of claim 1 , wherein the storage network includes one of a private cloud, a public cloud, a hybrid cloud, a removable storage device, and a mass storage device. 3. The method of claim 1 , wherein the encryption algorithm is an AES algorithm. 4. The method of claim 1 , further comprising appending additional information to the filename of the file prior to the encrypting. 5. The method of claim 4 , wherein the additional information includes a number associated with a data share location. 6. The method of claim 1 , wherein each of the one or more data shares has a share name which contains at least a portion of the filename of the file. 7. The method of claim 1 , further comprising processing the encrypted filename using an authentication algorithm to generate an authentication value. 8. The method of claim 7 , wherein the authentication algorithm is an HMAC-SHA256 algorithm. 9. The method of claim 7 , further comprising generating share names for the one or more data shares based on the authentication value. 10. The method of claim 9 , wherein the authentication value and the generated share names for the one or more data shares are substantially equal. 11. A system for securing the filename of a file to be split and stored on a storage network, the system comprising: at least one non-transitory computer readable medium storing computer executable instructions; and processing circuitry communicatively coupled to the at least one non-transitory computer readable medium and operable to execute the computer-readable instructions stored thereon, the processing circuitry configured to: encrypt the filename of the file using an encryption algorithm; generate one or more data shares from the file using an information dispersal algorithm, at least one of the one or more data shares having a share name that is associated with the encrypted filename; store the generated data shares on one or more data share locations in the storage network; and regenerate the filename of the file by decrypting the share name of one of the generated data shares. 12. The system of claim 11 , wherein the storage network includes one of a private cloud, a public cloud, a hybrid cloud, a removable storage device, and a mass storage device. 13. The system of claim 11 , wherein the encryption algorithm is an AES algorithm. 14. The system of claim 11 , wherein the processing circuitry is further configured to append additional information to the filename of the file prior to the encrypting. 15. The system of claim 14 , wherein the additional information includes a number associated with a data share location. 16. The system of claim 11 , wherein each of the one or more data shares has a share name which contains at least a portion of the filename of the file. 17. The system of claim 11 , wherein the processing circuitry is further configured to process the encrypted filename using an authentication algorithm to generate an authentication value. 18. The system of claim 17 , wherein the authentication algorithm is an HMAC-SHA256 algorithm. 19. The system of claim 17 , wherein the processing circuitry is further configured to generate share names for the one or more data shares based on the authentication value. 20. The system of claim 19 , wherein the authentication value and the generated share names for the one or more data shares are substantially equal.
Assignees
Inventors
Classifications
based on mutual exchange of the output between redundant processing components · CPC title
Redundant storage or storage space (G06F11/2056 takes precedence) · CPC title
Protecting data · CPC title
where protection concerns the structure of data, e.g. records, types, queries · CPC title
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10068103B2 cover?
- The systems and methods of the present invention provide a solution that makes data provably secure and accessible—addressing data security at the bit level—thereby eliminating the need for multiple perimeter hardware and software technologies. Data security is incorporated or weaved directly into the data at the bit level. The systems and methods of the present invention enable enterprise comm…
- Who is the assignee on this patent?
- Security First Corp
- What technology area does this patent fall under?
- Primary CPC classification G06F11/1076. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Sep 04 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).