BLUESALT SECURITY

摘要

Embodiments of the present invention disclose a method, system, and computer program product for bluesalt security. A computer receives a confidential data configuration wherein specific sensor are assigned to specific confidential information. The assigned sensors are measured for values as a system administrator enters a password corresponding to the confidential information. The measured values are converted into a salt and concatenated with the password to generate a primary key. The primary key is used to encrypt the confidential information, then the primary key is encrypted using a secondary key comprised of a second password with a second set of sensor information as the salt. The encrypted key is saved securely while the secondary key is destroyed. In order to decrypt the confidential information, a user must replicate the password and sensor values to generate the primary or secondary key.

主权项

1. A computer program product for a bluesalt security program, the computer program product comprising:
one or more computer-readable storage media and program instructions stored on the one or more computer-readable storage media, the program instructions comprising: program instructions to encrypt data symmetrically with a primary configuration hash key, wherein the primary configuration hash key is based, at least in part, on a primary configuration password and one or more primary configuration sensor values measured by one or more primary sensors; program instructions to encrypt the primary configuration hash key symmetrically with a secondary configuration hash key, wherein the secondary configuration hash key is based, at least in part, on a secondary configuration password and one or more secondary configuration sensor values measured by one or more secondary sensors; program instructions to receive an access request to access the encrypted data from a user, wherein the access request includes a primary user password; program instructions to reference the one or more primary sensors to obtain one or more primary user sensor values; program instructions to convert the one or more primary user sensor values into a primary user salt value; program instructions to concatenate the primary user password and the primary user salt value into a primary user hash key; program instructions to determine whether the primary user hash key decrypts the encrypted data; based on determining that the primary user hash key does not decrypt the encrypted data, program instructions to prompt the user for a secondary user password; program instructions to reference the one or more secondary sensors to obtain one or more secondary user sensor values; program instructions to convert the one or more secondary user sensor values into a secondary user salt value; program instructions to concatenate the secondary user password and the secondary user salt value into a secondary user hash key; program instructions to determine whether the secondary user hash key decrypts the encrypted primary configuration hash key; and based on the determining that the secondary user hash key decrypts the encrypted primary configuration hash key, program instructions to decrypt the encrypted data with the decrypted, encrypted primary configuration hash key.