| 发明名称 |
SYSTEMS AND METHODS FOR IMPLEMENTING MODULAR DIGITAL ENCRYPTION KEY MANAGEMENT SOLUTIONS |
| 摘要 |
An encryption key management apparatus receives from an authorized compute device, a raw dataset that is encrypted with at least one asymmetric encryption key. The apparatus can determine, based on the raw dataset, an identifier of a first entity associated with the raw dataset and an identifier of a second entity associated with the raw dataset. The apparatus can retrieve based on the identifier of the first entity, an asymmetric decryption key associated with the first entity. Likewise, the apparatus can retrieve, based on the identifier of the second entity, an asymmetric decryption key associated with the second entity. The apparatus can generate a decrypted raw dataset using the asymmetric decryption keys associated with the first and second entities. The apparatus can additionally use a symmetric master key to generate a symmetrically encrypted raw dataset and send the symmetrically encrypted raw dataset to the authorized compute device. |
| 申请公布号 |
US2017078255(A1) |
申请公布日期 |
2017.03.16 |
| 申请号 |
US201615244753 |
申请日期 |
2016.08.23 |
| 申请人 |
iAspire, LLC |
发明人 |
NEJADIAN Arash;WHITTLETON Eric |
| 分类号 |
H04L29/06;H04L9/08 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. An encryption key management apparatus, comprising:
one or more processors; and a memory operatively coupled to the one or more processors and storing instructions that when executed by the one or more processors cause the one or more processors to:
receive, from an authorized compute device, a raw dataset that is encrypted with at least one asymmetric encryption key;determine, based on the raw dataset, an identifier of a first entity associated with the raw dataset and an identifier of a second entity associated with the raw dataset;retrieve, based on the identifier of the first entity, an instance of an asymmetric decryption key associated with the first entity;retrieve, based on the identifier of the second entity, an instance of an asymmetric decryption key associated with the second entity;decrypt at least a portion of the raw dataset using the instance of the asymmetric decryption key associated with the first entity and the instance of the decryption encryption key associated with the second entity to generate define a decrypted raw dataset;reencrypt the decrypted raw dataset using a symmetric master key to generate a symmetrically encrypted raw dataset; andsend the symmetrically encrypted raw dataset to the authorized compute device. 2. The encryption key management apparatus of claim 1, wherein the one or more processors are configured to use a computer security standard to maintain confidentiality and integrity of the raw dataset, the decrypted raw dataset and the symmetrically encrypted raw dataset. |
| 地址 |
Fairfax VA US |
