-
公开(公告)号:US08417969B2
公开(公告)日:2013-04-09
申请号:US12388811
申请日:2009-02-19
IPC分类号: G06F21/00
CPC分类号: G06F21/78
摘要: A storage volume is encrypted using a particular encryption technique, the storage volume including an access application and one or more cover files. The access application can be executed by a computing device having an operating system lacking support for the particular encryption technique, and allows the computing device to access data on the storage volume encrypted using the particular encryption technique.
摘要翻译: 使用特定的加密技术对存储卷进行加密,存储卷包括访问应用和一个或多个封面文件。 访问应用可以由具有对特定加密技术的支持不足的操作系统的计算设备来执行,并且允许计算设备访问使用特定加密技术加密的存储卷上的数据。
-
公开(公告)号:US20100211802A1
公开(公告)日:2010-08-19
申请号:US12388811
申请日:2009-02-19
CPC分类号: G06F21/78
摘要: A storage volume is encrypted using a particular encryption technique, the storage volume including an access application and one or more cover files. The access application can be executed by a computing device having an operating system lacking support for the particular encryption technique, and allows the computing device to access data on the storage volume encrypted using the particular encryption technique.
摘要翻译: 使用特定的加密技术对存储卷进行加密,存储卷包括访问应用和一个或多个封面文件。 访问应用可以由具有对特定加密技术的支持不足的操作系统的计算设备来执行,并且允许计算设备访问使用特定加密技术加密的存储卷上的数据。
-
公开(公告)号:US20140108814A1
公开(公告)日:2014-04-17
申请号:US12978266
申请日:2010-12-23
申请人: Vijay G. Bharadwaj , Niels T. Ferguson , Carl M. Ellison , Magnus Bo Gustaf Nyström , Dayi Zhou , Denis Issoupov , Octavian T. Ureche , Peter J. Novotney , Cristian M. Ilac
发明人: Vijay G. Bharadwaj , Niels T. Ferguson , Carl M. Ellison , Magnus Bo Gustaf Nyström , Dayi Zhou , Denis Issoupov , Octavian T. Ureche , Peter J. Novotney , Cristian M. Ilac
IPC分类号: G06F21/60
CPC分类号: G06F21/602 , G06F2221/2141 , H04L9/0836 , H04L9/0866
摘要: Cryptographic key management techniques are described. In one or more implementations, an access control rule is read that includes a Boolean expression having a plurality of atoms. The cryptographic keys that corresponds each of the plurality of atoms in the access control rule are requested. One or more cryptographic operations are then performed on data using one or more of the cryptographic keys.
摘要翻译: 描述密码密钥管理技术。 在一个或多个实现中,读取包括具有多个原子的布尔表达式的访问控制规则。 请求与访问控制规则中的多个原子对应的密码密钥。 然后使用一个或多个密码密钥对数据执行一个或多个加密操作。
-
公开(公告)号:US08462955B2
公开(公告)日:2013-06-11
申请号:US12793455
申请日:2010-06-03
申请人: Octavian T. Ureche , Nils Dussart , Michael A. Halcrow , Charles G. Jeffries , Nathan T. Lewis , Cristian M. Ilac , Innokentiy Basmov , Magnus Bo Gustaf Nyström , Niels T. Ferguson
发明人: Octavian T. Ureche , Nils Dussart , Michael A. Halcrow , Charles G. Jeffries , Nathan T. Lewis , Cristian M. Ilac , Innokentiy Basmov , Magnus Bo Gustaf Nyström , Niels T. Ferguson
CPC分类号: H04L9/0894 , H04L9/0822 , H04L63/061 , H04L2463/062
摘要: An online key stored by a remote service is generated or otherwise obtained, and a storage media (as it applies to the storage of data on a physical or virtual storage media) master key for encrypting and decrypting a physical or virtual storage media or encrypting and decrypting one or more storage media encryption keys that are used to encrypt a physical or virtual storage media is encrypted based at least in part on the online key. A key protector for the storage media is stored, the key protector including the encrypted master key. The key protector can be subsequently accessed, and the online key obtained from the remote service. The master key is decrypted based on the online key, allowing the one or more storage media encryption keys that are used to decrypt the storage media to be decrypted.
摘要翻译: 生成或以其他方式获得由远程服务存储的在线密钥,以及存储介质(适用于存储物理或虚拟存储介质上的数据)主密钥,用于加密和解密物理或虚拟存储介质或加密和 至少部分地基于在线密钥来加密用于加密物理或虚拟存储介质的一个或多个存储介质加密密钥的解密。 存储存储介质的密钥保护器,密钥保护器包括加密的主密钥。 随后可以访问密钥保护器,并从远程服务获取在线密钥。 主密钥基于在线密钥解密,允许用于解密存储介质的一个或多个存储介质加密密钥被解密。
-
公开(公告)号:US20110022856A1
公开(公告)日:2011-01-27
申请号:US12509255
申请日:2009-07-24
申请人: Octavian T. Ureche , Gaurav Sinha , Nils Dussart , Yi Liu , Vijay G. Bharadwaj , Niels T. Ferguson
发明人: Octavian T. Ureche , Gaurav Sinha , Nils Dussart , Yi Liu , Vijay G. Bharadwaj , Niels T. Ferguson
IPC分类号: G06F12/14
CPC分类号: H04L9/0822 , G06F21/602 , G06F21/62 , G06F21/78 , H04L9/0844 , H04L9/0894 , H04L9/14 , H04L2463/062
摘要: In accordance with one or more aspects, a key protector for a storage volume is created by generating an intermediate key and protecting, based at least in part on a public/private key pair, the intermediate key. A volume master key for encrypting and decrypting one or more volume encryption keys that are used to encrypt the storage volume can be encrypted in different manners, including being encrypted based at least in part on the intermediate key. A key protector for the storage volume is stored that includes both the encrypted volume master key and information indicating how to obtain the intermediate key. Subsequently, the key protector can be accessed and, based at least in part on a private key of the entity associated with the key protector, the intermediate key can be decrypted. The intermediate key can then be used to decrypt the volume master key.
摘要翻译: 根据一个或多个方面,通过生成中间密钥并至少部分地基于公共/私人密钥对来保护中间密钥来创建用于存储卷的密钥保护器。 用于加密和解密用于加密存储卷的一个或多个卷加密密钥的卷主密钥可以以不同的方式加密,包括至少部分地基于中间密钥进行加密。 存储存储卷的密钥保护器,其包括加密的卷主密钥和指示如何获得中间密钥的信息。 随后,可以访问密钥保护器,并且至少部分地基于与密钥保护器相关联的实体的私钥,中间密钥可以被解密。 然后可以使用中间密钥来解密卷主密钥。
-
公开(公告)号:US08509449B2
公开(公告)日:2013-08-13
申请号:US12509255
申请日:2009-07-24
申请人: Octavian T. Ureche , Gaurav Sinha , Nils Dussart , Yi Liu , Vijay G. Bharadwaj , Niels T. Ferguson
发明人: Octavian T. Ureche , Gaurav Sinha , Nils Dussart , Yi Liu , Vijay G. Bharadwaj , Niels T. Ferguson
CPC分类号: H04L9/0822 , G06F21/602 , G06F21/62 , G06F21/78 , H04L9/0844 , H04L9/0894 , H04L9/14 , H04L2463/062
摘要: A key protector for a storage volume is created by generating an intermediate key and protecting, based at least in part on a public/private key pair, the intermediate key. A volume master key for encrypting and decrypting one or more volume encryption keys that are used to encrypt the storage volume can be encrypted in different manners, including being encrypted based at least in part on the intermediate key. A key protector for the storage volume is stored that includes both the encrypted volume master key and information indicating how to obtain the intermediate key. Subsequently, the key protector can be accessed and, based at least in part on a private key of the entity associated with the key protector, the intermediate key can be decrypted. The intermediate key can then be used to decrypt the volume master key.
摘要翻译: 通过生成中间密钥并至少部分地基于公共/私人密钥对来保护中间密钥来创建用于存储卷的密钥保护器。 用于加密和解密用于加密存储卷的一个或多个卷加密密钥的卷主密钥可以以不同的方式加密,包括至少部分地基于中间密钥进行加密。 存储存储卷的密钥保护器,其包括加密的卷主密钥和指示如何获得中间密钥的信息。 随后,可以访问密钥保护器,并且至少部分地基于与密钥保护器相关联的实体的私钥,中间密钥可以被解密。 然后可以使用中间密钥来解密卷主密钥。
-
公开(公告)号:US20110302398A1
公开(公告)日:2011-12-08
申请号:US12793455
申请日:2010-06-03
申请人: Octavian T. Ureche , Nils Dussart , Michael A. Halcrow , Charles G. Jeffries , Nathan T. Lewis , Cristian M. Ilac , Innokentiy Basmov , Bo Gustaf Magnus Nystr+e,uml o+ee m , Niels T. Ferguson
发明人: Octavian T. Ureche , Nils Dussart , Michael A. Halcrow , Charles G. Jeffries , Nathan T. Lewis , Cristian M. Ilac , Innokentiy Basmov , Bo Gustaf Magnus Nystr+e,uml o+ee m , Niels T. Ferguson
CPC分类号: H04L9/0894 , H04L9/0822 , H04L63/061 , H04L2463/062
摘要: An online key stored by a remote service is generated or otherwise obtained, and a storage media (as it applies to the storage of data on a physical or virtual storage media) master key for encrypting and decrypting a physical or virtual storage media or encrypting and decrypting one or more storage media encryption keys that are used to encrypt a physical or virtual storage media is encrypted based at least in part on the online key. A key protector for the storage media is stored, the key protector including the encrypted master key. The key protector can be subsequently accessed, and the online key obtained from the remote service. The master key is decrypted based on the online key, allowing the one or more storage media encryption keys that are used to decrypt the storage media to be decrypted.
摘要翻译: 生成或以其他方式获得由远程服务存储的在线密钥,以及存储介质(适用于存储物理或虚拟存储介质上的数据)主密钥,用于加密和解密物理或虚拟存储介质或加密和 至少部分地基于在线密钥来加密用于加密物理或虚拟存储介质的一个或多个存储介质加密密钥的解密。 存储存储介质的密钥保护器,密钥保护器包括加密的主密钥。 随后可以访问密钥保护器,并从远程服务获取在线密钥。 主密钥基于在线密钥解密,允许用于解密存储介质的一个或多个存储介质加密密钥被解密。
-
公开(公告)号:US20080022132A1
公开(公告)日:2008-01-24
申请号:US11449553
申请日:2006-06-07
申请人: Carl M. Ellison , Jamie Hunter , Kenneth D. Ray , Niels T. Ferguson , Philip J. Lafornara , Russell Humphries
发明人: Carl M. Ellison , Jamie Hunter , Kenneth D. Ray , Niels T. Ferguson , Philip J. Lafornara , Russell Humphries
IPC分类号: G06F12/14
CPC分类号: G06F21/85 , G06F21/78 , G06F2221/2113 , H04L9/0836
摘要: Access to a storage device, such as a disk, is controlled by performing a disk operation using a single cryptographic engine. Keys associated with each layer of a layered structure associated with controlling access to the storage device are combined. The resultant of this combination is used as the key to the cryptographic engine. Data to be retrieved from and written to the storage device are operated on by the cryptographic engine utilizing the combined key. Keys are combined by combining functions associated with layers of the layered structure. A combining function can include an exclusive or function, a cryptographic hash function, or a combination thereof.
摘要翻译: 通过使用单个密码引擎执行磁盘操作来控制对诸如磁盘的存储设备的访问。 与控制对存储设备的访问相关联的分层结构的每个层相关联的密钥被组合。 这种组合的结果被用作密码引擎的关键。 要从存储装置检索和写入存储装置的数据利用组合密钥由加密引擎进行操作。 通过组合与分层结构的层相关联的功能来组合密钥。 组合功能可以包括排他或功能,加密散列函数或其组合。
-
公开(公告)号:US08046593B2
公开(公告)日:2011-10-25
申请号:US11449553
申请日:2006-06-07
申请人: Carl M. Ellison , Jamie Hunter , Kenneth D. Ray , Niels T. Ferguson , Philip J. Lafornara , Russell Humphries
发明人: Carl M. Ellison , Jamie Hunter , Kenneth D. Ray , Niels T. Ferguson , Philip J. Lafornara , Russell Humphries
IPC分类号: G06F12/14
CPC分类号: G06F21/85 , G06F21/78 , G06F2221/2113 , H04L9/0836
摘要: Access to a storage device, such as a disk, is controlled by performing a disk operation using a single cryptographic engine. Keys associated with each layer of a layered structure associated with controlling access to the storage device are combined. The resultant of this combination is used as the key to the cryptographic engine. Data to be retrieved from and written to the storage device are operated on by the cryptographic engine utilizing the combined key. Keys are combined by combining functions associated with layers of the layered structure. A combining function can include an exclusive or function, a cryptographic hash function, or a combination thereof.
摘要翻译: 通过使用单个密码引擎执行磁盘操作来控制对诸如磁盘的存储设备的访问。 与控制对存储设备的访问相关联的分层结构的每个层相关联的密钥被组合。 这种组合的结果被用作密码引擎的关键。 要从存储装置检索和写入存储装置的数据利用组合密钥由加密引擎进行操作。 通过组合与分层结构的层相关联的功能来组合密钥。 组合功能可以包括排他或功能,加密散列函数或其组合。
-
公开(公告)号:US08885833B2
公开(公告)日:2014-11-11
申请号:US13084207
申请日:2011-04-11
申请人: Benjamin E. Nick , Magnus Bo Gustaf Nyström , Cristian M. Ilac , Niels T. Ferguson , Nils Dussart
发明人: Benjamin E. Nick , Magnus Bo Gustaf Nyström , Cristian M. Ilac , Niels T. Ferguson , Nils Dussart
CPC分类号: H04L9/0894 , G06F21/6209 , H04L9/0822
摘要: A key recovery request for a device is received at a key recovery service and a particular one-time recovery credential in a sequence of multiple one-time recovery credentials is identified. In the sequence of multiple one-time recovery credentials, previous one-time recovery credentials in the sequence are indeterminable given subsequent one-time recovery credentials in the sequence. A recovery key associated with the device is also identified. The particular one-time recovery credential in the sequence is generated based on the recovery key, and is returned in response to the key recovery request. The particular one-time recovery credential can then be used by the device to decrypt encrypted data stored on a storage media of the device.
摘要翻译: 在密钥恢复服务处接收到对设备的关键恢复请求,并且识别出多个一次性恢复凭证的序列中的特定一次性恢复凭证。 在多次一次性恢复凭据的顺序中,序列中的以前的一次性恢复凭证在序列中的后续一次恢复凭证中是不可确定的。 还识别与该设备相关联的恢复密钥。 序列中特定的一次性恢复凭证基于恢复密钥生成,并响应于密钥恢复请求而返回。 然后,设备可以使用特定的一次性恢复凭证来解密存储在设备的存储介质上的加密数据。
-
-
-
-
-
-
-
-
-
搜索结果
17 条记录 (耗时 0.023 秒)
