Secure data parser method and system
US-10108807-B2 · Oct 23, 2018 · US
Secure data parser method and system
US10452854B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10452854-B2 |
| Application number | US-201816127077-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 10, 2018 |
| Priority date | Nov 18, 2005 |
| Publication date | Oct 22, 2019 |
| Grant date | Oct 22, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for securely storing a data set, the method comprising: receiving an external key from an external storage system, generating a plurality of data chunks based on the data set, such that the data set can be reconstructed using at least a minimum number of the plurality of data chunks, wherein generating the data chunks comprises: distributing the data set into a plurality of shares, wherein each of the shares comprises less than all of the data set, accessing a plurality of distinct encryption keys, encrypting each of the shares with a respective one of the plurality of distinct encryption keys, performing an encryption operation based on the external key to further secure the plurality of data chunks; and storing with the plurality of data chunks data indicative of at least one of the distinct encryption keys on a plurality of different storage devices. 2. The method of claim 1 , wherein storing with the plurality of data chunks data indicative of at least one of the distinct encryption keys comprises storing each of the plurality of data chunks with at least one of the distinct encryption keys. 3. The method of claim 1 , wherein storing each of the plurality of data chunks with at least one of the distinct encryption keys comprises including with a particular data chunk of the plurality of data chunks data indicative of an encryption key that was used to encrypt a different data chunk of the plurality of data chunks. 4. The method of claim 1 , wherein distributing the data set into a plurality of shares comprises using a random technique or pseudorandom technique. 5. The method of claim 1 , wherein distributing the data set into a plurality of shares comprises using a deterministic technique or pseudorandom technique. 6. The method of claim 1 , wherein each share of the plurality of shares comprises a substantially random distribution of a subset of the data set. 7. The method of claim 1 , wherein performing an encryption operation based on the external key to further secure the plurality of data chunks comprises encrypting primary data with the external key. 8. The method of claim 1 , wherein distributing the data set into a plurality of shares comprises: generating a split encryption key based on the external key; and distributing the data set based on the split encryption key. 9. The method of claim 8 , further comprising encrypting each of the shares with the external key. 10. The method of claim 9 , wherein the data set is recoverable using at least a minimum number of the plurality of data chunks and the external key. 11. A computer system for securing a data set, the system comprising: at least one hardware processor, configured to: receive an external key from an external storage system, generate a plurality of data chunks based on the data set, such that the data set can be reconstructed using at least a minimum number of the plurality of data chunks, wherein generating the data chunks comprises: distributing the data set into a plurality of shares, wherein each of the shares comprises less than all of the data set, accessing a plurality of distinct encryption keys, and encrypting each of the shares with a respective one of the plurality of distinct encryption keys, performing an encryption operation based on the external key to further secure the plurality of data chunks; and store with the plurality of data chunks data indicative of at least one of the distinct encryption keys on a plurality of different storage devices. 12. The computer system of claim 11 , wherein while storing with the plurality of data chunks data indicative of at least one of the distinct encryption keys, the at least one hardware processor is configured to store each of the plurality of data chunks with at least one of the distinct encryption keys. 13. The computer system of claim 11 , wherein while storing each of the plurality of data chunks with at least one of the distinct encryption keys, the at least one hardware processor is configured to include, with a particular data chunks of the plurality of data chunks, data indicative of an encryption key that was used to encrypt a different data chunk of the plurality of data chunks. 14. The computer system of claim 11 , wherein when distributing the data set into a plurality of shares, the at least one hardware processor is configured to use a random technique or pseudorandom technique. 15. The computer system of claim 11 , wherein when distributing the data set into a plurality of shares, the at least one hardware processor is configured to use a deterministic technique or pseudorandom technique. 16. The computer system of claim 11 , wherein each share of the plurality of shares comprises a substantially random distribution of a subset of the data set. 17. The computer system of claim 11 , wherein, when performing an encryption operation based on the external key to further secure the plurality of data chunks, the at least one hardware processor is configured to encrypt primary data with the external key. 18. The computer system of claim 11 , wherein when distributing the data set into a plurality of shares, the at least one hardware processor is configured to: generate a split encryption key based on the external key; and distribute the data set based on the split encryption key. 19. The computer system of claim 18 , wherein the data set is recoverable using at least a minimum number of the plurality of data chunks and the external key. 20. The computer system of claim 19 , wherein the data set can be reconstructed using at least two of the plurality of data chunks and the key received from the external storage system.
Assignees
Inventors
Classifications
- H04L63/0428Primary
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
Secret sharing or secret splitting, e.g. threshold schemes · CPC title
- G06F21/62Primary
Protecting access to data via a platform, e.g. using keys or access control rules · CPC title
Wireless · CPC title
- H04L9/3231Primary
Biological data, e.g. fingerprint, voice or retina (network architectures or network communication protocols for supporting authentication of entities using biometrical features in a packet data network H04L63/0861) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10452854B2 cover?
- A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to pr…
- Who is the assignee on this patent?
- Security First Corp
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0428. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Oct 22 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).