Electronic device using homomorphic encryption and encrypted data processing method thereof
US-12170719-B2 · Dec 17, 2024 · US
Encrypted file storage
US10129024B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10129024-B2 |
| Application number | US-201715804861-A |
| Country | US |
| Kind code | B2 |
| Filing date | Nov 6, 2017 |
| Priority date | Dec 30, 2014 |
| Publication date | Nov 13, 2018 |
| Grant date | Nov 13, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Various systems facilitate encrypted file storage. A client device may generate an encrypted version of a file. The client device may obtain at least one reference to at least one storage location for the encrypted version of the file. The client device may cause the encrypted version of the file to be store at the at least one storage location using the at least one reference to the at least one storage location.
First claim
Opening claim text (preview).
Therefore, the following is claimed: 1. A method of storing files comprising: sending, to an index server from a file management application on a client device, a request to store a first file on behalf of a user of the client device associated with access credentials of a user account in a cloud data storage provider; receiving, by the file management application from the index server, a first storage location identified by the index server for the first file at the cloud data storage provider that is different from the index server; encrypting, by the file management application, the first file based on a first key associated with the first storage location, the first key being different than the access credentials for the cloud data storage provider; and sending by the file management application an encrypted version of the first file to the identified first storage location at the cloud data storage provider. 2. The method of claim 1 , further comprising: sending, to the index server, a request from the client device to access the encrypted file; receiving, from the index server, the first location for retrieving the encrypted file; and obtaining the encrypted file from the first location by transmitting access credentials to the cloud storage provider. 3. The method of claim 2 , further comprising: receiving multiple keys, including the first key, at the client device in response to the request to access the encrypted file; and decrypting the encrypted file using the multiple keys. 4. The method of claim 1 , further comprising: transmitting the first key to the index server from the client device; requesting by the client device, access to the file; and receiving a version of the first key for encrypting the encrypted first file. 5. The method of claim 1 , further comprising: deleting, by the file management application, the first key from the client device after the encrypting. 6. The method of claim 1 , further comprising: sending, from the client device to the index server, a request to store a second file; receiving a second storage location unassociated with the cloud data storage provider, wherein the second storage location is at the index server; encrypting the second file based on a second key associated with the second storage location; and sending, from the client device, the encrypted second file to second storage location using access credentials associated with the second storage location. 7. The method of claim 1 , wherein the encrypted version of the first file includes at least first and second partitions, the method further comprising: requesting access to the encrypted version of the first file; receiving, from the index server, first and second locations corresponding to the first and second partitions, wherein the first location is at the cloud storage provider; receiving, from the index server, the first key for decrypting the first partition and a second key for decrypting the second partition; and combining the first and second partitions, by the file management application, to provide access to the first file. 8. A system for storing files, comprising: a non-transitory, computer-readable medium containing instructions; and a hardware processor that executes the instructions for a file management service at a client device to perform stages comprising: sending, to an index server from the file management service, a request to store a first file on behalf of a user of the client device associated with access credentials of a user account in a cloud data storage provider; receiving, by the file management application from the index server, a first storage location identified by the index server for the first file at the cloud data storage provider that is different from the index server; encrypting, by the file management service, the first file based on a first key associated with the first storage location, the first key being different than the access credentials for the cloud data storage provider; and sending by the file management application an encrypted version of the first file to the identified first storage location at the cloud data storage provider. 9. The system of claim 8 , the stages further comprising: sending, to the index server, a request from the client device to access the encrypted file; receiving, from the index server, the first location for retrieving the encrypted file; and obtaining the encrypted file from the first location by transmitting access credentials to the cloud storage provider. 10. The system of claim 9 , the stages further comprising: receiving multiple keys, including the first key, at the client device in response to the request to access the encrypted file; and decrypting the encrypted file using the multiple keys. 11. The system of claim 8 , the stages further comprising: transmitting the first key to the index server from the client device; requesting, by the client device, access to the file; and receiving a version of the first key for decrypting the encrypted first file. 12. The system of claim 8 , the stages further comprising: deleting, by the file management service, the first key from the client device after the encrypting. 13. The system of claim 8 , the stages further comprising: sending, from the client device to the index server, a request to store a second file; receiving a second storage location unassociated with the cloud data storage provider, wherein the second storage location is at the index server; encrypting the second file based on a second key associated with the second storage location; and sending, from the client device, the encrypted second file to second storage location using access credentials associated with the second storage location. 14. The system of claim 8 , wherein the encrypted version of the first file includes at least first and second partitions, the stages further comprising: requesting access to the encrypted version of the first file; receiving, from the index server, first and second locations corresponding to the first and second partitions, wherein the first location is at the cloud storage provider; receiving, from the index server, the first key for decrypting the first partition and a second key for decrypting the second partition; and combining the first and second partitions, by the file management service, to provide access to the first file. 15. A non-transitory, computer-readable medium containing instructions for a file management service of a client device, the instructions being executed by a hardware processor to perform stages comprising: sending, to an index server from the file management service, a request to store a first file on behalf of a user of the client device associated with access credentials of a user account in a cloud data storage provider; receiving, by the file management application from the index server, a first storage location identified by the index server for the first file at the cloud data storage provider that is different from the index server; encrypting, by the file management service, the first file based on a first key associated with the first storage location, the first key being different than the access credentials for the cloud data storage provider; and sending by the file management application an encrypted version of the first file to the identified first storage location at the cloud data storage provider. 16. The non-transitory, computer-readable medium of claim 15 , the stages further comprising: sending, to the index server, a request
Assignees
Inventors
Classifications
to a system of files or objects, e.g. local or distributed file system or database · CPC title
Providing cryptographic facilities or services · CPC title
Hierarchical storage management [HSM] systems, e.g. file migration or policies thereof (details of archiving G06F16/11) · CPC title
- H04L9/0894Primary
Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage · CPC title
to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10129024B2 cover?
- Various systems facilitate encrypted file storage. A client device may generate an encrypted version of a file. The client device may obtain at least one reference to at least one storage location for the encrypted version of the file. The client device may cause the encrypted version of the file to be store at the at least one storage location using the at least one reference to the at least o…
- Who is the assignee on this patent?
- Vmware Inc, Airwatch Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/0894. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Nov 13 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).