-
公开(公告)号:US08745379B2
公开(公告)日:2014-06-03
申请号:US13589894
申请日:2012-08-20
CPC分类号: H04L63/062 , G06F21/602 , H04L9/00 , H04L9/0816 , H04L9/085 , H04L9/3263 , H04L12/4641 , H04L63/0272 , H04L63/029 , H04L63/0428 , H04L63/061 , H04L63/08 , H04L63/0823
摘要: Two approaches are provided for distributing trust among a set of certificate authorities. Each approach may be used to secure data in motion. One approach provides methods and systems in which the secure data parser is used to distribute trust in a set of certificate authorities during initial negotiation (e.g., the key establishment phase) of a connection between two devices. Another approach provides methods and systems in which the secure data parser is used to disperse packets of data into shares. A set of tunnels is established within a communication channel using a set of certificate authorities, keys developed during the establishment of the tunnels are used to encrypt shares of data for each of the tunnels, and the shares of data are transmitted through each of the tunnels. Accordingly, trust is distributed among a set of certificate authorities in the structure of the communication channel itself.
摘要翻译: 提供了两种方法来在一组证书颁发机构之间分配信任。 每种方法都可用于保护运动中的数据。 一种方法提供了方法和系统,其中安全数据解析器用于在两个设备之间的连接的初始协商(例如,密钥建立阶段)期间在一组证书颁发机构中分发信任。 另一种方法提供了使用安全数据解析器将数据包分散到共享中的方法和系统。 在通信信道内建立一组隧道,使用一套证书机构,在建立隧道期间开发的密钥用于加密每个隧道的数据共享,数据共享通过每个隧道传输 。 因此,在通信信道本身的结构中的一组认证机构中分配信任。
-
公开(公告)号:US20120198241A1
公开(公告)日:2012-08-02
申请号:US13360385
申请日:2012-01-27
IPC分类号: G06F12/14
CPC分类号: G06F21/602 , G06F21/32 , H04L63/0428 , H04L67/1097
摘要: Systems and methods are provided for securing data. A processing device receives a data set and identifies a first subset of data from a first dimension of a multi-dimensional representation of the data set. The processing device encrypts the first subset of data using a first encryption technique to yield a first encrypted subset of data and replaces the first subset of data in the multi-dimensional representation of the data set with the first subset of encrypted data. The processing device then identifies a second subset of data from a second dimension of the multi-dimensional representation of the data set, with the second subset of data including at least a portion of the first subset of encrypted data, and encrypts the second subset of data using a second encryption technique to yield a second encrypted subset of data.
摘要翻译: 提供了系统和方法来保护数据。 处理设备从数据集的多维表示的第一维度接收数据集并识别数据的第一子集。 处理设备使用第一加密技术来加密数据的第一子集,以产生数据的第一加密子集,并且用加密数据的第一子集替换数据集的多维表示中的第一数据子集。 处理设备然后从数据集的多维表示的第二维度识别数据的第二子集,其中第二数据子集包括加密数据的第一子集的至少一部分,并加密第二子集 使用第二加密技术的数据产生数据的第二加密子集。
-
公开(公告)号:US08677148B2
公开(公告)日:2014-03-18
申请号:US13360385
申请日:2012-01-27
IPC分类号: H04L29/06
CPC分类号: G06F21/602 , G06F21/32 , H04L63/0428 , H04L67/1097
摘要: Systems and methods are provided for securing data. A processing device receives a data set and identifies a first subset of data from a first dimension of a multi-dimensional representation of the data set. The processing device encrypts the first subset of data using a first encryption technique to yield a first encrypted subset of data and replaces the first subset of data in the multi-dimensional representation of the data set with the first subset of encrypted data. The processing device then identifies a second subset of data from a second dimension of the multi-dimensional representation of the data set, with the second subset of data including at least a portion of the first subset of encrypted data, and encrypts the second subset of data using a second encryption technique to yield a second encrypted subset of data.
摘要翻译: 提供了系统和方法来保护数据。 处理设备从数据集的多维表示的第一维度接收数据集并识别数据的第一子集。 处理设备使用第一加密技术来加密数据的第一子集,以产生数据的第一加密子集,并且用加密数据的第一子集替换数据集的多维表示中的第一数据子集。 处理设备然后从数据集的多维表示的第二维度识别数据的第二子集,其中第二数据子集包括加密数据的第一子集的至少一部分,并加密第二子集 使用第二加密技术的数据产生数据的第二加密子集。
-
公开(公告)号:US08745372B2
公开(公告)日:2014-06-03
申请号:US12953877
申请日:2010-11-24
CPC分类号: H04L63/062 , G06F21/602 , H04L9/00 , H04L9/0816 , H04L9/085 , H04L9/3263 , H04L12/4641 , H04L63/0272 , H04L63/029 , H04L63/0428 , H04L63/061 , H04L63/08 , H04L63/0823
摘要: Systems and methods are provided for distributing trust among a set of certificate authorities. One approach provides methods and systems in which the secure data parser is used to distribute trust in a set of certificate authorities during initial negotiation of a connection between two devices. Another approach provides methods and systems in which the secure data parser is used to disperse packets of data into shares. A set of tunnels is established within a communication channel using a set of certificate authorities, keys developed during the establishment of the tunnels are used to encrypt shares of data, and the shares of data are transmitted through each of the tunnels.
摘要翻译: 提供了系统和方法,用于在一组证书颁发机构之间分配信任。 一种方法提供了方法和系统,其中安全数据解析器用于在两个设备之间的连接的初始协商期间在一组证书颁发机构中分发信任。 另一种方法提供了使用安全数据解析器将数据包分散到共享中的方法和系统。 在一个通信信道中建立一组隧道,使用一组证书机构,在建立隧道期间开发的密钥用于加密数据共享,并通过每个隧道传输数据共享。
-
公开(公告)号:US20130042105A1
公开(公告)日:2013-02-14
申请号:US13589894
申请日:2012-08-20
IPC分类号: H04L9/30
CPC分类号: H04L63/062 , G06F21/602 , H04L9/00 , H04L9/0816 , H04L9/085 , H04L9/3263 , H04L12/4641 , H04L63/0272 , H04L63/029 , H04L63/0428 , H04L63/061 , H04L63/08 , H04L63/0823
摘要: Two approaches are provided for distributing trust among a set of certificate authorities. Each approach may be used to secure data in motion. One approach provides methods and systems in which the secure data parser is used to distribute trust in a set of certificate authorities during initial negotiation (e.g., the key establishment phase) of a connection between two devices. Another approach provides methods and systems in which the secure data parser is used to disperse packets of data into shares. A set of tunnels is established within a communication channel using a set of certificate authorities, keys developed during the establishment of the tunnels are used to encrypt shares of data for each of the tunnels, and the shares of data are transmitted through each of the tunnels. Accordingly, trust is distributed among a set of certificate authorities in the structure of the communication channel itself.
摘要翻译: 提供了两种方法来在一组证书颁发机构之间分配信任。 每种方法都可用于保护运动中的数据。 一种方法提供了方法和系统,其中安全数据解析器用于在两个设备之间的连接的初始协商(例如,密钥建立阶段)期间在一组证书颁发机构中分发信任。 另一种方法提供了使用安全数据解析器将数据包分散到共享中的方法和系统。 在通信信道内建立一组隧道,使用一套证书机构,在建立隧道期间开发的密钥用于加密每个隧道的数据共享,数据共享通过每个隧道传输 。 因此,在通信信道本身的结构中的一组认证机构中分配信任。
-
公开(公告)号:US08656167B2
公开(公告)日:2014-02-18
申请号:US12391025
申请日:2009-02-23
申请人: Stephen C. Bono , Matthew D. Green , Gabriel D. Landau , Rick L. Orsini , Mark S. O'Hare , Roger Davenport
发明人: Stephen C. Bono , Matthew D. Green , Gabriel D. Landau , Rick L. Orsini , Mark S. O'Hare , Roger Davenport
IPC分类号: H04L29/06
CPC分类号: H04L9/0822 , H04L63/0428 , H04L63/061 , H04L63/065 , H04L63/067 , H04L63/068 , H04L63/0846 , H04L2209/24
摘要: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser may split or share a data set into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting an original data set into portions of data that may be communicated using one or more communications paths. Secure workgroup communication is supported through the secure distribution and management of a workgroup key for use with the secure data parser.
摘要翻译: 提供了可以集成到用于安全地存储和传送数据的任何合适的系统中的安全数据解析器。 安全数据解析器可以将数据集拆分或共享多个被明确存储或传送的部分。 原始数据的加密,数据的部分或两者可以用于额外的安全性。 安全数据解析器可以用于通过将原始数据集分成可以使用一个或多个通信路径传送的数据的部分来保护运动中的数据。 通过安全分发和管理与安全数据解析器一起使用的工作组密钥来支持安全工作组通信。
-
公开(公告)号:US20090254750A1
公开(公告)日:2009-10-08
申请号:US12391025
申请日:2009-02-23
申请人: Stephen C. Bono , Matthew D. Green , Gabriel D. Landau , Rick L. Orsini , Mark S. O'Hare , Roger Davenport
发明人: Stephen C. Bono , Matthew D. Green , Gabriel D. Landau , Rick L. Orsini , Mark S. O'Hare , Roger Davenport
CPC分类号: H04L9/0822 , H04L63/0428 , H04L63/061 , H04L63/065 , H04L63/067 , H04L63/068 , H04L63/0846 , H04L2209/24
摘要: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser may split or share a data set into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting an original data set into portions of data that may be communicated using one or more communications paths. Secure workgroup communication is supported through the secure distribution and management of a workgroup key for use with the secure data parser.
摘要翻译: 提供了可以集成到用于安全地存储和传送数据的任何合适的系统中的安全数据解析器。 安全数据解析器可以将数据集拆分或共享多个被明确存储或传送的部分。 原始数据的加密,数据的部分或两者可以用于额外的安全性。 安全数据解析器可以用于通过将原始数据集分成可以使用一个或多个通信路径传送的数据的部分来保护运动中的数据。 通过安全分发和管理与安全数据解析器一起使用的工作组密钥来支持安全工作组通信。
-
公开(公告)号:US08769270B2
公开(公告)日:2014-07-01
申请号:US13237781
申请日:2011-09-20
CPC分类号: G06F21/6209 , G06F21/6218 , G06F2221/2107 , H04L9/085 , H04L9/0861 , H04L9/3231 , H04L9/3268 , H04L63/10 , H04L63/102 , H04L2209/24 , H04L2209/42 , H04L2209/56 , H04L2209/80
摘要: Systems and methods are provided for creating and using a sharable file-level key to secure data files. The sharable file-level key is generated based on a workgroup key associated with the data file, as well as unique information associated with the data file. The sharable file-level key may be used to encrypt and split data using a Secure Parser. Systems and methods are also provided for sharing data without replicating the data on the machine of the end user. Data is encrypted and split across an external/consumer network and an enterprise/producer network. Access to the data is provided using a computing image generated by a server in the enterprise/producer network and then distributed to end users of the external/consumer network. This computing image may include preloaded files that provide pointers to the data that was encrypted and split. No access or replication of the data on the enterprise/producer network is needed in order for a user of the external/consumer network to access the data.
摘要翻译: 提供了系统和方法来创建和使用可共享的文件级密钥来保护数据文件。 可共享的文件级密钥是基于与数据文件相关联的工作组密钥以及与数据文件相关联的唯一信息生成的。 可共享文件级密钥可用于使用安全解析器加密和分割数据。 还提供了系统和方法用于共享数据,而不复制最终用户机器上的数据。 数据在外部/消费者网络和企业/生产者网络上进行加密和拆分。 使用由企业/生产者网络中的服务器生成的计算图像来提供对数据的访问,然后分发给外部/消费者网络的最终用户。 该计算图像可以包括提供指向被加密和分割的数据的指针的预加载文件。 为了外部/消费者网络的用户访问数据,不需要对企业/生产者网络上的数据进行访问或复制。
-
公开(公告)号:US20120072723A1
公开(公告)日:2012-03-22
申请号:US13237781
申请日:2011-09-20
CPC分类号: G06F21/6209 , G06F21/6218 , G06F2221/2107 , H04L9/085 , H04L9/0861 , H04L9/3231 , H04L9/3268 , H04L63/10 , H04L63/102 , H04L2209/24 , H04L2209/42 , H04L2209/56 , H04L2209/80
摘要: Systems and methods are provided for creating and using a sharable file-level key to secure data files. The sharable file-level key is generated based on a workgroup key associated with the data file, as well as unique information associated with the data file. The sharable file-level key may be used to encrypt and split data using a Secure Parser. Systems and methods are also provided for sharing data without replicating the data on the machine of the end user. Data is encrypted and split across an external/consumer network and an enterprise/producer network. Access to the data is provided using a computing image generated by a server in the enterprise/producer network and then distributed to end users of the external/consumer network. This computing image may include preloaded files that provide pointers to the data that was encrypted and split. No access or replication of the data on the enterprise/producer network is needed in order for a user of the external/consumer network to access the data.
摘要翻译: 提供了系统和方法来创建和使用可共享的文件级密钥来保护数据文件。 可共享的文件级密钥是基于与数据文件相关联的工作组密钥以及与数据文件相关联的唯一信息生成的。 可共享文件级密钥可用于使用安全解析器加密和分割数据。 还提供了系统和方法用于共享数据,而不复制最终用户机器上的数据。 数据在外部/消费者网络和企业/生产者网络上进行加密和拆分。 使用由企业/生产者网络中的服务器生成的计算图像来提供对数据的访问,然后分发给外部/消费者网络的最终用户。 该计算图像可以包括提供指向被加密和分割的数据的指针的预加载文件。 为了外部/消费者网络的用户访问数据,不需要对企业/生产者网络上的数据进行访问或复制。
-
公开(公告)号:US09613220B2
公开(公告)日:2017-04-04
申请号:US13024804
申请日:2011-02-10
IPC分类号: H04L29/00 , G06F21/62 , G06F21/31 , G06F21/32 , G06F21/33 , G06F21/40 , G06F21/41 , G06F21/60 , G06Q20/02 , G06Q20/04 , G06Q20/12 , G06Q20/38 , G07F7/10 , H04L29/06 , H04L9/08 , H04L9/32
CPC分类号: G06F21/62 , G06F21/31 , G06F21/32 , G06F21/33 , G06F21/40 , G06F21/41 , G06F21/60 , G06F21/602 , G06F2221/2113 , G06F2221/2115 , G06F2221/2117 , G06Q20/02 , G06Q20/04 , G06Q20/12 , G06Q20/38215 , G06Q20/3823 , G06Q20/3829 , G07F7/1016 , H04L9/0816 , H04L9/085 , H04L9/0894 , H04L9/3231 , H04L9/3247 , H04L9/3263 , H04L63/0428 , H04L63/0853 , H04L63/10 , H04L63/105 , H04L2209/24 , H04L2209/56 , H04L2209/68 , H04L2209/805
摘要: The present invention provides a method and system for securing sensitive data from unauthorized access or use. The method and system of the present invention is useful in a wide variety of settings, including commercial settings generally available to the public which may be extremely large or small with respect to the number of users. The method and system of the present invention is also useful in a more private setting, such as with a corporation or governmental agency, as well as between corporation, governmental agencies or any other entity.
-
-
-
-
-
-
-
-
-
搜索结果
66 条记录 (耗时 0.046 秒)
