发明名称 |
Secure network storage |
摘要 |
This invention includes a synchronized storage server enabled to send the end-point device a notification including the root folder list. The end-point device compares the sent root folder list to a previously stored root folder list in the end-point devices' memory. If the end-point device detects either a new root folder on the synchronized storage server, a change in an existing folder, or deleted content in a folder the end-point device will determine that a change is required to the stored data. Next the end-point device will synchronize with the synchronized storage server and create a new storage list. Finally, the synchronized storage server will send the end-point device a new encrypted folder encryption key which includes the encrypted file contents along with identifying information such as the server name and revision information. |
申请公布号 |
US9088538(B2) |
申请公布日期 |
2015.07.21 |
申请号 |
US201313838024 |
申请日期 |
2013.03.15 |
申请人 |
SAIFE, Inc. |
发明人 |
Lindteigen Ty Brendan;Curtis John |
分类号 |
H04L29/06;G06F21/00;H04L9/00 |
主分类号 |
H04L29/06 |
代理机构 |
|
代理人 |
|
主权项 |
1. A method for securing data comprising:
a change made to a folder originating at a first device resulting in the first device uploading a latest encrypted folder to a server; the server receiving the encrypted folder and a first folder encryption key from a first device, wherein the encrypted folder is encrypted using the first folder encryption key; the server storing the encrypted folder; the server referring to an access control list to identify a second device that is authorized to access the encrypted folder; the server encrypting the first folder encryption key with a public key of the second device to produce an encrypted first folder encryption key; the server creating a root folder list; the server sending the root folder list, encrypted folder, and encrypted first folder encryption key to the second device; the second device decrypting the encrypted first folder encryption key to produce the first folder encryption key; the second device using the first folder encryption key to decrypt the encrypted folder and produce a folder; the second device making a change to the folder, producing a changed folder; the second device encrypting the changed folder with a second folder encryption key to produce an encrypted changed folder; the second device sending the encrypted changed folder and the second folder encryption key to the server; the server storing the encrypted changed folder; the server referencing the access control list to determine if the first device is authorized to access the encrypted changed folder; the server encrypting the second folder encryption key with a public key for the first device to produce an encrypted second folder encryption key; the server creating an updated root folder list; the server sending the updated root folder list to the first device; the first device comparing the updated root folder list to a previously stored root folder list to detect the change to the folder; the first device requesting and receiving the encrypted changed folder and the encrypted second folder encryption key from the server; the first device decrypting the encrypted second folder encryption key to produce the second folder encryption key; and the first device using the second folder encryption key to decrypt the encrypted changed folder to produce the changed folder. |
地址 |
AZ US |