| 发明名称 | Systems and methods for securely accessing encrypted data stores | ||
| 摘要 | The disclosed computer-implemented method for securely accessing encrypted data stores may include (1) receiving, from a data storage service, a request to permit authenticated access to an encrypted data store administered by the data storage service, the request including a cryptographic element associated with the encrypted data store that has been encrypted using a public key associated with the authentication device, (2) decrypting the cryptographic element associated with the encrypted data store using a private key associated with the authentication device, (3) encrypting the cryptographic element associated with the encrypted data store using a public key associated with a cryptographic client, and (4) transmitting the encrypted cryptographic element to the cryptographic client to enable the cryptographic client to perform cryptographic operations on the encrypted data store. Various other methods, systems, and computer-readable media are also disclosed. | ||
| 申请公布号 | US9529733(B1) | 申请公布日期 | 2016.12.27 |
| 申请号 | US201414490026 | 申请日期 | 2014.09.18 |
| 申请人 | Symantec Corporation | 发明人 | Sokolov Ilya;Powell Brian |
| 分类号 | G06F21/31;G06F12/14;H04L9/08 | 主分类号 | G06F21/31 |
| 代理机构 | FisherBroyles, LLC | 代理人 | FisherBroyles, LLC |
| 主权项 | 1. A computer-implemented method for securely accessing encrypted data stores, at least a portion of the method being performed by an authentication device comprising at least one processor, the method comprising: receiving, from a data storage service, a service request to permit authenticated access to an encrypted data store administered by the data storage service, wherein: the service request is transmitted in response to receiving a client request to permit authenticated access to the encrypted data store from a cryptographic client;the data storage service has not had access to data in the encrypted data store in unencrypted form; andthe service request includes a cryptographic element associated with the encrypted data store that has been encrypted using a public key associated with the authentication device, wherein the data storage service has not had access to the cryptographic element in unencrypted form; decrypting the cryptographic element associated with the encrypted data store using a private key associated with the authentication device; encrypting the cryptographic element associated with the encrypted data store using a public key associated with the cryptographic client; and transmitting the encrypted cryptographic element to the cryptographic client to enable the cryptographic client to perform cryptographic operations on the encrypted data store. | ||
| 地址 | Mountain View CA US | ||