System and method for providing trusted links between applications
US-11972029-B2 · Apr 30, 2024 · US
Secure data parser method and system
US9047475B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9047475-B2 |
| Application number | US-201213468450-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 10, 2012 |
| Priority date | Oct 25, 2004 |
| Publication date | Jun 2, 2015 |
| Grant date | Jun 2, 2015 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data that may be communicated using multiple communications paths.
First claim
Opening claim text (preview).
What is claimed is: 1. A method of presenting data in a secure data storage network, the method comprising: defining a plurality of user groups capable of accessing data stored in a secure data storage network, each user group including a plurality of users desiring access to a common set of data, and each user group having a set of security rights; associating each of the plurality of user groups with a different workgroup key; and upon determining that a client device is associated with a user from a user group, presenting, using a hardware processor, a virtual disk to the client device in accordance with the set of security rights, wherein: the common set of data is secured using the workgroup key associated with the user group; the virtual disk comprises a directory mapped to a plurality of physical storage devices such that physical locations of a plurality of shares are hidden from the client device, and each of the plurality of shares comprises data units from the common set of data that have been shuffled. 2. The method of claim 1 , wherein each of the users within one of the plurality of user groups has a common set of security rights. 3. The method of claim 1 , wherein presenting the virtual disk to the client device is performed by a secure storage system connected to the client device. 4. The method of claim 1 , wherein the workgroup key is managed at a key server remote from the secure storage system. 5. The method of claim 1 , wherein the plurality of user groups are members of a plurality of security groups, each security group defining security rights common among the user groups that are members of the security group. 6. The method claim 1 , further comprising: generating the plurality of shares by performing a cryptographic operation on data stored on the virtual disk and distributing the data in the shares; and storing the plurality of shares on the plurality of physical storage devices. 7. The method of claim 1 , wherein each of the plurality of user groups has a different set of security rights. 8. A secure data storage network comprising: a plurality of storage systems arranged to manage a plurality of physical storage devices; and a secure storage system connected to the plurality of storage systems, the secure storage system configured to: determine that a user of a client device is associated with a user group from a plurality of user groups capable of accessing data stored in the secure data storage network, each user group including a plurality of users desiring access to a common set of data, and each user group having a set of security rights; and upon determining that the user is associated with the user group, presenting a virtual disk to the client device in accordance with the set of security rights, wherein: the common set of data is secured using a workgroup key associated with the user group; the virtual disk comprises a directory mapped to the plurality of physical storage devices such that physical locations of the plurality of shares are hidden from the client device, and each of the plurality of shares comprises data units from the common set of data that have been shuffled. 9. The secure data storage network of claim 8 , further comprising a key server communicatively connected to the secure storage system, the key server configured to associate each of the plurality of user groups with a different workgroup key. 10. The secure data storage network of claim 8 , wherein the secure storage system is further configured to associate each of the plurality of user groups with a different workgroup key. 11. The secure data storage network of claim 8 , wherein the secure storage system is further configured to: generate the plurality of shares by performing a cryptographic operation on data stored on the virtual disk and distributing the data in the shares; and store the plurality of shares on the plurality of physical storage devices. 12. The secure data storage network of claim 8 , wherein each of the plurality of user groups has a different set of security rights. 13. The secure data storage network of claim 12 , wherein each of the users within one of the plurality of user groups has a common set of security rights. 14. A secure storage system comprising a programmable circuit configured to: determine that a user of a client device is associated with a user group from a plurality of user groups capable of accessing data stored in the secure data storage network, each user group including a plurality of users desiring access to a common set of data, and each user group having a set of security rights; and upon determining that the user is associated with the user group, presenting a virtual disk to the client device in accordance with the set of security rights, wherein: the common set of data is secured using a workgroup key associated with the user group; the virtual disk comprises a directory mapped to a plurality of physical storage devices such that physical locations of a plurality of shares are hidden from the client device, and each of the plurality of shares comprises data units from the common set of data that have been shuffled. 15. The secure storage system of claim 14 , wherein the programmable circuit is further configured to: generate the plurality of shares by performing a cryptographic operation on data stored on the virtual disk and distributing the data in the shares; and store the plurality of shares on the plurality of physical storage devices. 16. The secure storage system of claim 14 , wherein each of the plurality of user groups has a different set of security rights. 17. The secure data storage system of claim 14 , wherein each of the users within one of the plurality of user groups has a common set of security rights. 18. The secure data storage system of claim 14 , further comprising a key server communicatively connected to the secure storage system, the key server configured to associate each of the plurality of user groups with a different workgroup key. 19. The secure data storage system of claim 14 , wherein the secure storage system is further configured to associate each of the plurality of user groups with a different workgroup key. 20. The method of claim 1 , wherein the plurality of shares contain a substantially random distribution of the common set of data. 21. The secure data storage network of claim 8 , wherein the plurality of shares contain a substantially random distribution of the common set of data. 22. The secure storage system of claim 14 , wherein the plurality of shares contain a substantially random distribution of the common set of data.
Assignees
Inventors
Classifications
- G06F21/606Primary
by securing the transmission between two devices or processes · CPC title
Wireless · CPC title
using a predetermined code, e.g. password, passphrase or PIN (network architectures or network communication protocols for supporting authentication of entities using passwords in a packet data network H04L63/083) · CPC title
based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint · CPC title
for providing a confidential data exchange among entities communicating through data packet networks · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9047475B2 cover?
- A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to pr…
- Who is the assignee on this patent?
- Orsini Rick L, O'Hare Mark S, Davenport Roger, and 2 more
- What technology area does this patent fall under?
- Primary CPC classification G06F21/606. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jun 02 2015 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).