| 发明名称 | Systems and methods for secure third-party data storage | ||
| 摘要 | A computer-implemented method for secure third-party data storage may include 1) identifying, at a server-side computing device, a request from a client system to access an encrypted file stored under a user account, 2) identifying, in response to the request, an asymmetric key pair designated for the user account that includes an encryption key and a decryption key that has been encrypted with a client-side key, 3) receiving, from the client system, the client-side key, 4) decrypting the decryption key with the client-side key, and 5) using the decryption key to access an unencrypted version of the encrypted file. Various other methods, systems, and computer-readable media are also disclosed. | ||
| 申请公布号 | US8966287(B2) | 申请公布日期 | 2015.02.24 |
| 申请号 | US201313800305 | 申请日期 | 2013.03.13 |
| 申请人 | Symantec Corporation | 发明人 | Bogorad Walter |
| 分类号 | H04L9/30;H04L9/14;G06F21/60;H04L9/08;H04L29/06 | 主分类号 | H04L9/30 |
| 代理机构 | ALG Intellectual Property, LLC | 代理人 | ALG Intellectual Property, LLC |
| 主权项 | 1. A computer-implemented method for secure third-party data storage, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising: identifying, at the server-side computing device, a request from a client system to share access to an encrypted file stored under a user account, wherein the access to the encrypted file comprises access to unencrypted contents of the encrypted file; identifying, in response to the request, an asymmetric key pair designated for the user account, the asymmetric key pair comprising an encryption key and a decryption key that has been encrypted with a client-side key; receiving, from the client system, the client-side key; decrypting the decryption key with the client-side key; identifying a file key used to encrypt the encrypted file, wherein the file key is encrypted with the encryption key; decrypting the file key with the decryption key to create an unencrypted version of the file key; generating a temporary encryption key; encrypting the unencrypted version of the file key with the temporary encryption key to create a temporary encrypted file key; transmitting a temporary decryption key corresponding to the temporary encryption key to share the access to the encrypted file. | ||
| 地址 | Mountain View CA US | ||