| 发明名称 |
Secure data synchronization |
| 摘要 |
Techniques for secure data synchronization are described. In one or more implementations, techniques may be employed to conserve high cost data storage by storing larger portions of encrypted data in low cost storage, while storing relatively smaller encryption keys in higher cost storage. A device that is granted access to the encryption keys can retrieve the encrypted data from the low cost storage and use the encryption keys to decrypt the encrypted data. |
| 申请公布号 |
US9424439(B2) |
申请公布日期 |
2016.08.23 |
| 申请号 |
US201113230121 |
申请日期 |
2011.09.12 |
| 申请人 |
Microsoft Technology Licensing, LLC |
发明人 |
Tamayo-Rios Matthew Z.;Sinha Saurav;Ovechkin Ruslan;Kannan Gopinathan;Bharadwaj Vijay G.;Macaulay Christopher R.;Fleischman Eric;Ide Nathan J.;Liu Kun |
| 分类号 |
H04L29/06;G06F21/62;G06F21/44;H04L29/08 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
Churna Timothy;Yee Judy;Minhas Micky |
| 主权项 |
1. One or more computer-readable hardware storage media storing computer-readable instructions which are executable to perform operations comprising:
receiving at a device and via a network encrypted data from a first external data storage in response to a user of the device logging on to a user account associated with the first external data storage; receiving a request from an application that resides on the device that the encrypted data be decrypted; requesting that sensitive data from the device be encrypted before the sensitive data is stored on the first external data storage; receiving via the network one or more security keys from a second external data storage that is separate from the first external data storage, the one or more security keys being received in response to a separate authentication procedure that enables access to the second external data storage; decrypting the encrypted data using a decryption key from the one or more security keys received from the second external data storage; encrypting the sensitive data using an encryption key from the one or more security keys received from the second external data storage to generate encrypted sensitive data; and marking the encrypted sensitive data with an application identifier associated with the application that resides on the device to grant access to the encrypted sensitive data to one or more applications having an associated application identifier that matches the application identifier used to mark the encrypted sensitive data, the application identifier associated with the application including a same identifier that is associable with multiple instances of the application across multiple devices. |
| 地址 |
Redmond WA US |
