System and method for providing trusted links between applications
US-11972029-B2 · Apr 30, 2024 · US
Secure data parser method and system
US9871770B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9871770-B2 |
| Application number | US-201313915570-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 11, 2013 |
| Priority date | Oct 25, 2004 |
| Publication date | Jan 16, 2018 |
| Grant date | Jan 16, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for securing a data set in a distributed storage network, the method comprising: encrypting, using a hardware processor, the data set using an encryption key; generating at least two portions of data from the encrypted data set, wherein each of the at least two portions of data respectively contains a substantially random shuffling of a respective subset of the encrypted data set; generating encryption key information that is capable of being used to generate the encryption key, wherein the encryption key information is distributed among the at least two portions of data; and storing each of the at least two portions of data to separate storage locations of the distributed storage network. 2. The method of claim 1 further comprising: restoring the encryption key from the encryption key information from at least a subset of the at least two portions of data; and restoring the data set from the encrypted data set and the encryption key. 3. The method of claim 1 wherein the encryption key information is generated according to a Shamir secret sharing algorithm. 4. The method of claim 1 , wherein generating the encryption key information comprises generating two or more encryption key shares, wherein each encryption key share comprises some, but not all of the encryption key. 5. A method for securing a data set in a distributed storage network, the method comprising: generating, using a hardware processor, at least two portions of data from the data set, wherein each of the at least two portions of data respectively contains a substantially random shuffling of a respective subset of the data set; encrypting the at least two portions of data using an encryption key; generating encryption key information that is capable of being used to generate the encryption key, wherein the encryption key information is distributed among the at least two portions of data; and storing the at least two encrypted portions of data to separate storage locations of the distributed storage network. 6. The method of claim 5 further comprising restoring the encryption key from the encryption key information from at least a subset of the at least two portions of data. 7. The method of claim 5 wherein the encryption key information is generated according to a Shamir secret sharing algorithm. 8. The method of claim 5 , wherein generating the encryption key information comprises generating two or more encryption key shares, wherein each encryption key share comprises some, but not all of the encryption key. 9. A method for securing a data set in a distributed storage network, the method comprising: encrypting the data set, using a hardware processor, using an encryption key; transforming the encryption key using an All or Nothing Transform into a transformed encryption key; generating at least two portions of data from the encrypted data set, wherein each of the at least two portions of data respectively contains a substantially random shuffling of a respective subset of the encrypted data set; generating transformed encryption key information that is capable of being used to generate the transformed encryption key, wherein the transformed encryption key information is distribute among the at least two portions of data; and storing each of the at least two portions of data to separate storage locations of the distributed storage network. 10. The method of claim 9 further comprising: restoring the transformed encryption key from at least a subset of the at least two portions of data; restoring the encryption key from the transformed encryption key; and decrypting the encrypted data set. 11. The method of claim 9 , wherein generating the transformed encryption key information comprises generating two or more transformed encryption key shares, wherein each encryption key share comprises some, but not all of the transformed encryption key. 12. A method for securing a data set in a distributed storage network, the method comprising: generating, using a hardware processor, at least two portions of data from the data set, wherein each of the at least two portions of data respectively contains a substantially random shuffling of a respective subset of the data set; encrypting each of the at least two portions of data using an encryption key into at least two portions of encrypted data; transforming the encryption key using an All or Nothing Transform into a transformed encryption key; generating transformed encryption key information that is capable of being used to generate the transformed encryption key, wherein the transformed encryption key information is distributed among the at least two portions of data; and storing each of the at least two portions of encrypted data to separate storage locations of the distributed storage network. 13. The method of claim 12 wherein the restoring comprises: restoring the transformed encryption key from at least a subset of the at least two portions of data; restoring the encryption key from the transformed encryption key; and decrypting the at least a subset of the at least two portions of data. 14. The method of claim 12 , wherein generating the transformed encryption key information comprises generating two or more transformed encryption key shares, wherein each encryption key share comprises some, but not all of the transformed encryption key. 15. A method for securing a data set, the method comprising: generating, using a splitting key, at least two portions of data from the data set, wherein each of the at least two portions of data respectively contains a substantially random shuffling of a respective subset of the data set; transforming the splitting key using an All or Nothing Transform into a transformed splitting key; generating transformed splitting key information that is capable of being used to generate the transformed splitting key, wherein the transformed splitting key information is distributed among the at least two portions of data; storing each of the at least two portions of data separately; and restoring the data set from at least a subset of the at least two portions of data. 16. The method of claim 15 wherein the restoring comprises: restoring the transformed splitting key from at least a subset of the at least two portions of data; and restoring the splitting key from the transformed splitting key. 17. A method for securing a data set in a distributed storage network, the method comprising: encrypting, using a hardware processor, the data set using an encryption key into an encrypted data set; encrypting the encryption key; generating at least two portions of data from the encrypted data set, wherein each of the at least two portions of data respectively contains a substantially random shuffling of a respective subset of the encrypted data set; storing each of the at least two portions of the encrypted data set to separate storage locations of the distributed storage network; restoring the encrypted data set from at least a subset of the at least two portions of the encrypted data set; and decrypting the encryption key. 18. The method of claim 17 wherein the encryption key is encrypted using a workgroup key. 19. A method for securing a data set in a distributed storage network, the method comprising: generating, using a hardware processor, at least two portions of data from the data set, wherein each of the at least two portions of data respectively contains a substantially random shuffling of a respective subset of the
Assignees
Inventors
Classifications
- G06F21/606Primary
by securing the transmission between two devices or processes · CPC title
Wireless · CPC title
Rebuilding, e.g. when physically replacing a failing disk · CPC title
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
Physics · mapped topic
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9871770B2 cover?
- A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to pr…
- Who is the assignee on this patent?
- Security First Corp
- What technology area does this patent fall under?
- Primary CPC classification G06F21/606. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jan 16 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).