Method of securing mobile applications using distributed keys

摘要

Aspects of the present disclosure are directed to methods and systems for securing mobile computing applications with distributed keys. In one aspect, a computer implemented method or computer readable media include steps electronically receiving, at a computer processor of a computing device, a first security key fragment based on a user input to the computing device; electronically receiving, at the computer processor, a second security key fragment from a network connected storage entity; and electronically concatenating, at the computer processor, the first security key fragment and the second security key fragment to generate a third security key.

主权项

1. A computer implemented method in a computing device, comprising:
electronically transmitting a request for access to a computer network associated with a computing device; electronically receiving, at a computer processor of the computing device, a first security key fragment based on both (i) a user input to the computing device and (ii) a unique identifier stored on the computing device; electronically receiving, at the computer processor, a second security key fragment from a network connected storage entity; electronically storing on the computing device the second security key fragment received from the network connected storage entity; disconnecting the computing device from the computer network; while the computing device is disconnected from the computer network; electronically concatenating, at the computer processor, the first security key fragment and the second security key fragment to generate a third security key; electronically encrypting, at the computer processor, a constant data encryption key using the third security key as a seed; electronically encrypting, at the computer processor, data stored in a computer readable memory of the computing device using the constant data encryption key; electronically receiving, at the computer processor, a different second security key fragment from the network connected storage entity; electronically concatenating, at the computer processor, the first security key fragment and the different second security key fragment to generate a new third security key; and in response to receiving the different second security key, (i) electronically decrypting, at the computer processor, the constant data encryption key using the third security key and (ii) electronically encrypting, at the computer processor, the constant data encryption key using the new third security key as the seed.