发明名称 |
Systems and methods for secure third-party data storage |
摘要 |
A computer-implemented method for secure third-party data storage may include 1) identifying, at a server-side computing device, a request from a client system to access an encrypted file stored under a user account, 2) identifying, in response to the request, an asymmetric key pair designated for the user account that includes an encryption key and a decryption key that has been encrypted with a client-side key, 3) receiving, from the client system, the client-side key, 4) decrypting the decryption key with the client-side key, and 5) using the decryption key to access an unencrypted version of the encrypted file. Various other methods, systems, and computer-readable media are also disclosed. |
申请公布号 |
US8966287(B2) |
申请公布日期 |
2015.02.24 |
申请号 |
US201313800305 |
申请日期 |
2013.03.13 |
申请人 |
Symantec Corporation |
发明人 |
Bogorad Walter |
分类号 |
H04L9/30;H04L9/14;G06F21/60;H04L9/08;H04L29/06 |
主分类号 |
H04L9/30 |
代理机构 |
ALG Intellectual Property, LLC |
代理人 |
ALG Intellectual Property, LLC |
主权项 |
1. A computer-implemented method for secure third-party data storage, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
identifying, at the server-side computing device, a request from a client system to share access to an encrypted file stored under a user account, wherein the access to the encrypted file comprises access to unencrypted contents of the encrypted file; identifying, in response to the request, an asymmetric key pair designated for the user account, the asymmetric key pair comprising an encryption key and a decryption key that has been encrypted with a client-side key; receiving, from the client system, the client-side key; decrypting the decryption key with the client-side key; identifying a file key used to encrypt the encrypted file, wherein the file key is encrypted with the encryption key; decrypting the file key with the decryption key to create an unencrypted version of the file key; generating a temporary encryption key; encrypting the unencrypted version of the file key with the temporary encryption key to create a temporary encrypted file key; transmitting a temporary decryption key corresponding to the temporary encryption key to share the access to the encrypted file. |
地址 |
Mountain View CA US |