[go: up one dir, main page]

WO2010112869A1 - A data protection system - Google Patents

A data protection system Download PDF

Info

Publication number
WO2010112869A1
WO2010112869A1 PCT/GB2010/000660 GB2010000660W WO2010112869A1 WO 2010112869 A1 WO2010112869 A1 WO 2010112869A1 GB 2010000660 W GB2010000660 W GB 2010000660W WO 2010112869 A1 WO2010112869 A1 WO 2010112869A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
data
encrypted
random
drive
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/GB2010/000660
Other languages
French (fr)
Inventor
Peter Norman Panayi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to EP10717197A priority Critical patent/EP2414984A1/en
Publication of WO2010112869A1 publication Critical patent/WO2010112869A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2153Using hardware token as a secondary aspect

Definitions

  • the present invention relates to a system for protecting data stored electronically, for example on a personal computer or laptop.
  • a means of encryption of said data is disclosed.
  • the invention aims to affordably and easily allow computer users absolute control over the security of their own data.
  • the present invention seeks to address the above problems through the provision of a key: an important condition being that the key, employed by the invention remains safe.
  • the solution provided by the invention to the problem does not require any action by the user to ensure that data written to the computer hard drive is encrypted. It happens automatically. Also so long as the key is kept safe, the data cannot be decrypted without the key. Such a decryption is theoretically impossible. Also by using two such random keys the system ensures that even if one key is stolen, data backed up to a remote and possibly insecure server is also safe.
  • the invention consists of such a device loaded with random data derived from a truly random source in conjunction with special driver software. Every key supplied is a very large one time key which will contain different random data to any other key and will have encoded within it a unique identification number identifying the key. Each key is also supplied with a second key which will reside only on the computer to be protected. The first key is referred to as the portable key and the second the fixed key.
  • Encryption and decryption is automatic. All the user has to do is ensure the key is present and to drag files or folders into a window representing the files to be encrypted.
  • a system for the protection of data on a laptop or other computer from unauthorised access comprising:
  • a portable random one time pad based encryption and decryption key comprising random data located on a flash drive or other removable storage medium; driver software which when the key is in place transparently allows read and write access to the encrypted data by the user and by all installed software without modification which allows decrypted access to the encrypted data and which ensures that if the portable key is not ⁇ onnected, the data can be accessed only in its encrypted and unintelligible form for the purpose of backup and copying.
  • the system requires no modification to the computer; requires no knowledge or intervention by the user except: to ensure that the portable key is present when required; to ensure that the portable key is not present when the computer is not in use;
  • the system includes a second, fixed, encryption and decryption key stored on the target computer or an additional storage device stored within the target computer.
  • the fixed key is also in the form of a truly random one time pad.
  • the fixed key is optionally not a one time pad
  • Optional ⁇ configuration of an encrypted data subset uses the simple device of dragging and dropping the data from the unencrypted drive or folder, to a designated drive or folder whereupon the original data is overwritten by an encrypted copy and is subsequently only accessible via when the key is present.
  • the portable key is kept on a flash drive or other device with a retractable connector. Further conveniently, the portable key is kept on a flash drive or other device with the facility to attach it to a key ring. Preferably the files encrypted with both keys may be stored on the flash drive containing the portable key.
  • the random data is organised into two or more files.
  • the organisation of the key into relatively small files which are named in accordance with their position in the key means that the encryption software need only load that small part of the key which is currently in use
  • One of the simplest methods of encrypting data is a simple substitution cipher.
  • An example that almost everyone knows is to substitute every letter in the alphabet by a different letter so that the message becomes unreadable. Again almost everyone knows how to break such a code.
  • the key can only be used once and so the key needs to be as big as the data being encrypted. Thus to encrypt the whole of a hard disk another storage facility of the same size is needed.
  • the one time key can only be used by one sender and any recipient also * needs a copy of the key. This poses obvious security problems. Ideally the sender should destroy the key after use, there should only be a single recipient who destroys the key after reading the message.
  • the key which is the subject of the present invention is in two parts both of which are, in the implementation being described here, one time pads.
  • the keys are initially loaded on to a flash drive, the size of which depends on the requirements of the specific user.
  • the product is not intended for encrypting large files such as photos or videos and so the requirement of the average user will be no larger than 1 gigabyte. However with current technology the size could be up to 32 gigabytes.
  • the key consists of random data organised into files. It is convenient to organise the key into relatively small files which are named in accordance with their position in the key. This means that the encryption software need only load that small part of the key which is currently in use. This obviates the possibility that parts of the key might be temporarily stored in virtual memory on the hard disc and thereby leave a trace which would be a security risk.
  • the data is produced by a random thermal electronic noise source of a very high frequency.
  • This noise source also has a very wide and flat frequency response.
  • the autocorrelation time between samples which is known to be the Fourier transform of the frequency spectrum is therefore inherently short.
  • the data is then sampled at a rate which is long compared to the autocorrelation time constant thus ensuring that even before entropy distillation the correlation between data bits and subsequent data bits is already very low.
  • In order to remove bias from the data hardware feedback is used from the output bit stream.
  • the key is then subjected to a form of entropy distillation which greatly reduces both bias and bit to bit correlation.
  • a form of entropy distillation which greatly reduces both bias and bit to bit correlation.
  • the key is then exclusive ORed with a very large fixed random key.
  • the entry point into this key for this step is not fixed but decided by a pseudo-random generator.
  • the user must decide where the fixed key is located. If the user intends to allow automated backup of the whole disk then the key must be located elsewhere, for example on another USB device, a memory card or other plug in card which the computer may accept such as an SD card. The user may decide that he is not worried however about the security of backed up data in the event of theft of the portable key and so these precautions will not be necessary. In this case the user will be given the option of not using a fixed key at all and therefore having access to a portable key of twice the size.
  • the user must install prior to first use driver software which implements the above and the following functionality.
  • the installation is automated and made as transparent to the user as possible.
  • Encrypted files are created in one of two ways: They are always double encrypted with the portable and fixed keys unless the user has chosen the option of no fixed key.
  • Files or folders can be created on the virtual drive in exactly the same way as any other files. The only difference is that they are not really there.
  • an item is created on the virtual drive the real data is created on the target drive in the corresponding part of the directory structure but in an encrypted form.
  • an encrypted file is modified it will be re-encrypted with a fresh part of both keys.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

A system for protecting data held on the hard drive of a laptop or other personal computer from unauthorised access. Data which has been backed up to a server, a memory card, CD or other backup medium is also protected. The data is protected by an unbreakable key which resides on a USB flash drive or similar removable device. Optionally a second key known as the fixed key may also be used. In this case both keys must be present to read the data and so if either the computer or the removable key is lost, the data is safe. To compromise the data requires the theft of both removable key and computer together. The system is designed to encrypt and decrypt data automatically without any action or knowledge on behalf of the user.

Description

A DATA PROTECTION SYSTEM
Field of The Invention
The present invention relates to a system for protecting data stored electronically, for example on a personal computer or laptop. In particular, a means of encryption of said data is disclosed.
Background to The Invention
The nature of one aspect of the problem being addressed by this invention is partly illustrated by a type of occurrence frequently reported in the press. That is the loss or theft of a laptop, CD or memory stick containing sensitive information. Closely related is the unease of ordinary computer users in the lack of security of personal or company data kept on the home or office computer or laptop. If a laptop is lost or stolen the thief has access to all of the data. In addition to loss or theft there is unease at the currently emerging technology whereby personal data is backed up to a virtual storage repository somewhere in cyberspace rather than a local hard copy.
Whilst most of such data would be of no interest to the average thief, some types of data are of very great interest. These include bank details, bank statements increasingly transacted in paperless form - login details and passwords to all kinds of online services now too numerous to be easily remembered correctly and personal details which could be used to support identity theft.
There is currently no suitable system available to the ordinary computer user which can protect this type of data in a foolproof way that is transparent to and requires no action or knowledge on behalf of the user. The invention being described aims to affordably and easily allow computer users absolute control over the security of their own data. The present invention seeks to address the above problems through the provision of a key: an important condition being that the key, employed by the invention remains safe. The solution provided by the invention to the problem does not require any action by the user to ensure that data written to the computer hard drive is encrypted. It happens automatically. Also so long as the key is kept safe, the data cannot be decrypted without the key. Such a decryption is theoretically impossible. Also by using two such random keys the system ensures that even if one key is stolen, data backed up to a remote and possibly insecure server is also safe.
Cheap mass storage flash drives, many of which have retractable plugs and are designed to be attached to a key ring, are now available with a capacity of up to 64 gigabytes.
In its broadest aspect, the invention consists of such a device loaded with random data derived from a truly random source in conjunction with special driver software. Every key supplied is a very large one time key which will contain different random data to any other key and will have encoded within it a unique identification number identifying the key. Each key is also supplied with a second key which will reside only on the computer to be protected. The first key is referred to as the portable key and the second the fixed key.
Encryption and decryption is automatic. All the user has to do is ensure the key is present and to drag files or folders into a window representing the files to be encrypted.
Summary of The Invention
A system for the protection of data on a laptop or other computer from unauthorised access comprising:
a portable random one time pad based encryption and decryption key comprising random data located on a flash drive or other removable storage medium; driver software which when the key is in place transparently allows read and write access to the encrypted data by the user and by all installed software without modification which allows decrypted access to the encrypted data and which ensures that if the portable key is not όonnected, the data can be accessed only in its encrypted and unintelligible form for the purpose of backup and copying.
The system requires no modification to the computer; requires no knowledge or intervention by the user except: to ensure that the portable key is present when required; to ensure that the portable key is not present when the computer is not in use;
and also provides the user the ability, without special knowledge or training to determine a subset of the data to be kept encrypted, remove data from that subset and add further data if required.
Optionally, the system includes a second, fixed, encryption and decryption key stored on the target computer or an additional storage device stored within the target computer.
Conveniently the fixed key is also in the form of a truly random one time pad.
The fixed key is optionally not a one time pad
The use of the fixed key advantageously requires entry of a password.
Optional^ configuration of an encrypted data subset uses the simple device of dragging and dropping the data from the unencrypted drive or folder, to a designated drive or folder whereupon the original data is overwritten by an encrypted copy and is subsequently only accessible via when the key is present.
Conveniently, the portable key is kept on a flash drive or other device with a retractable connector. Further conveniently, the portable key is kept on a flash drive or other device with the facility to attach it to a key ring. Preferably the files encrypted with both keys may be stored on the flash drive containing the portable key.
Optionally, the random data is organised into two or more files. The organisation of the key into relatively small files which are named in accordance with their position in the key means that the encryption software need only load that small part of the key which is currently in use
Brief Description of The Drawing
The invention is now described with reference to the accompanying Figure 1 which shows by way of example only a flow chart illustrating the process of encryption.
Detailed Description of The Invention
Cryptography
It is helpful in order to understand this invention to briefly review some of the basic concepts of cryptography.
One of the simplest methods of encrypting data is a simple substitution cipher. An example that almost everyone knows is to substitute every letter in the alphabet by a different letter so that the message becomes unreadable. Again almost everyone knows how to break such a code. One simply looks at the frequency of occurrence of the various letters making use of the fact that the frequency is, in language, different for each letter. As more letters are found more can be found making use of the fact that recognition of words is possible even if some of the letters are missing. Of course such a cipher is quite useless and is never used.
At the opposite end of the scale of security is an equally simple scheme which at one time was widely used. It is the one time random key or "one time pad". An example of this would be to modify in some way each part of the message (say each character, each byte or each bit) by incorporating a random piece of data. This random data is the key. It is often said that all forms of cryptography are in principle decipherable given sufficient time and computing power. This is not actually true. In fact it is common knowledge that if a truly random key can be generated and kept secure a message encoded with such a key can never be decoded no matter how much computing power is available. In fact it is very easy to see why this is true. A non- mathematical version of this argument might go roughly like this:
suppose you have a message encoded by a random key. The encrypted message appears to be just random data. It is obvious that the same random data could have been created from any other message by using a different random key. Since the key is random, these two random keys are equally probably the actual key and so the two messages are equally probably the real message. It follows that any message or part of message is equally probably a solution. Thus no amount of statistical analysis can ever lead progressively closer to the correct solution. All conceivable messages are equally probably the correct one.
This argument does not apply if the data is not truly random. For example, if it is generated by some form of pseudo-random number generating algorithm or if the data is biased in some way then this opens the door to possible attempts at decryption.
More seriously if some part of the key is used more than once for different message content then decryption becomes in principle very easy. That is why it is known as a one time key. It must be used only once.
One time keys are very rarely used for several reasons, and there appears in the art to be significant prejudice against their use which can be summarised as follows.
1. The key can only be used once and so the key needs to be as big as the data being encrypted. Thus to encrypt the whole of a hard disk another storage facility of the same size is needed.
2. If used for secure communications the one time key can only be used by one sender and any recipient also* needs a copy of the key. This poses obvious security problems. Ideally the sender should destroy the key after use, there should only be a single recipient who destroys the key after reading the message.
3. It has not been easy to envisage until now a system whereby the large key can be reliably guaranteed to be kept in a separate place to the data. The risk of human error implicitly incorporated in prior art systems using one time pads makes the use of one time pads too unreliable. For example if supplied on a CD there is a high probability that the CD would get left in the computer by mistake.
Although generating large amounts of truly random data is not trivial, the techniques are well known and with modern electronics it is not a problem to generate such data in an economical time.
Because of the difficulties, other encryption methodologies have been developed. Modern communications technology mostly uses public key cryptography. In this a prospective recipient makes available publicly an encryption key which anyone can use to send data to him. The highly mathematical encryption algorithm uses what is known as a "trap door function". This means that although it is theoretically possible to decrypt the data using the encryption key, there is an enormous discrepancy between the computing power needed for decryption and that needed for encryption. So much so that decryption is impractical for the average would be hacker. The recipient uses a separate secret decryption key which allows computationally efficient decryption. Great care is needed in choosing the characteristics of the keys employed to ensure that decryption without the decryption key is not too easy. This is usually automated but it is not easy to know just how secure these systems are in reality.
Other systems are also in use in which a secret key is typically generated from a pass phrase or password. Encryption is then carried out by an algorithm of some sort. There are many such standard methods. In this product the option to use such a method for the fixed key only is left open but the following description relates to the situation where both keys are one time pads. The Key
The key which is the subject of the present invention is in two parts both of which are, in the implementation being described here, one time pads.
The keys are initially loaded on to a flash drive, the size of which depends on the requirements of the specific user. The product is not intended for encrypting large files such as photos or videos and so the requirement of the average user will be no larger than 1 gigabyte. However with current technology the size could be up to 32 gigabytes.
The key consists of random data organised into files. It is convenient to organise the key into relatively small files which are named in accordance with their position in the key. This means that the encryption software need only load that small part of the key which is currently in use. This obviates the possibility that parts of the key might be temporarily stored in virtual memory on the hard disc and thereby leave a trace which would be a security risk.
The data is produced by a random thermal electronic noise source of a very high frequency. This noise source also has a very wide and flat frequency response. The autocorrelation time between samples which is known to be the Fourier transform of the frequency spectrum is therefore inherently short. The data is then sampled at a rate which is long compared to the autocorrelation time constant thus ensuring that even before entropy distillation the correlation between data bits and subsequent data bits is already very low. In order to remove bias from the data hardware feedback is used from the output bit stream. These two techniques ensure that even before further processing the data entropy is already high.
The key is then subjected to a form of entropy distillation which greatly reduces both bias and bit to bit correlation. At this stage it is already very difficult to conceive of a technique to attack the encrypted data on the basis of non randomness. In order to completely eliminate all bias and correlation the key is then exclusive ORed with a very large fixed random key. The entry point into this key for this step is not fixed but decided by a pseudo-random generator. Thus to even begin an attack it would be necessary to know this entry point in advance and also to either have a copy of the very large key or to have more than one encryption key with their entry points into the very large key available. It is very difficult to see how this could be realised by an attacker.
On installation of the key the user must go through the steps necessary to create a copy of the original key for backup"purposes and then the fixed key is extracted and installed on the target computer. The original copy of the fixed key on the flash drive is then securely shredded.
The user must decide where the fixed key is located. If the user intends to allow automated backup of the whole disk then the key must be located elsewhere, for example on another USB device, a memory card or other plug in card which the computer may accept such as an SD card. The user may decide that he is not worried however about the security of backed up data in the event of theft of the portable key and so these precautions will not be necessary. In this case the user will be given the option of not using a fixed key at all and therefore having access to a portable key of twice the size.
The User Interface
The user must install prior to first use driver software which implements the above and the following functionality. The installation is automated and made as transparent to the user as possible.
On installation of the driver software an artificial disk drive will be created. We will call this the virtual drive. On opening this drive the user initially sees an empty drive whose capacity (free space) is the remaining encryption capacity of any key present. At the same time a disk drive on the computer is assigned as the target drive for encrypted files. This is normally the main hard drive on the computer but may be any drive or a folder. The user is prompted to accept the default or change it. Encrypted files are created in one of two ways: They are always double encrypted with the portable and fixed keys unless the user has chosen the option of no fixed key.
By dragging files or folders from the target drive to the virtual drive. When an item is dragged to the virtual drive it does not disappear from the target drive as in a normal move operation but the item on the target drive will now become encrypted. To read or modify files in an encrypted folder they must from now on be accessed via the virtual drive. When an item is dragged into the virtual drive the directory (folder) structure above the item on the target drive is duplicated on the virtual drive but the contents of folders above the dragged item will be empty. If the item is a folder the user will be asked whether to include files and sub folders. Nothing is actually ever written to the flash drive but a virtual mirror of the dragged items appears to be on the virtual drive.
Files or folders can be created on the virtual drive in exactly the same way as any other files. The only difference is that they are not really there. When an item is created on the virtual drive the real data is created on the target drive in the corresponding part of the directory structure but in an encrypted form. When an encrypted file is modified it will be re-encrypted with a fresh part of both keys.
If it is desired to permanently decrypt a file or folder it can simply be deleted from the virtual drive. The user will then be prompted as to whether the data should be reinstated on the target drive in an unencrypted form or deleted altogether.
Of course if the key is removed decryption is impossible and the encrypted data can not be accessed. In this case on attempting to open an encrypted file the user will be prompted to insert the key with which it was encrypted. The encrypted data can and should however be backed up in the same way as any other important data to another flash drive, a CD/DVD, USB or network hard drive or a server on the local network or the internet. The only difference is that the encrypted data cannot be read without the key so that if the backup flash drive or CD is left on a train there is no way on earth that even the most sophisticated criminal could ever read it. The only possibility of risk comes if the key is left unattended with the laptop. That is why the seemingly trivial point about flash drives being designed to be kept on a key ring is in fact very important. Almost everybody carries a car key or door key of some description and people tend to keep their keys separately from their computer peripherals thus making accidental loss of both together much less likely. Also if the key is stolen, backed up data on a server, CD or flash drive which the thief might have access to cannot be decrypted. Because the fixed key is also needed the thief needs also to steal or access the computer itself.

Claims

Claims
Claim 1
A system for the protection of data on a laptop or other computer from unauthorised access comprising:
a portable random one time pad based encryption and decryption key comprising random data located on a flash drive or other removable storage medium;
driver software which when "the key is in place transparently allows read and write access to the encrypted data by the user and by all installed software without modification which allows decrypted access to the encrypted data and which ensures that if the portable key is not connected, the data can be accessed only in its encrypted and unintelligible form for the purpose of backup and copying.
Claim 2
A system as in claim 1 including a fixed encryption and decryption key stored on the target computer or an additional storage device stored within the target computer.
Claim 3
A system as in claims 1 and 2 in which the fixed key is also in the form of a truly random one time pad.
Claim 4
A system as in claims 2 and 3 in which the fixed key is not a one time pad.
Claim 5 A system as in claims 2 to 4 where use of the fixed key requires entry of a password.
Claim 6
A system as in any of the preceding claims in which the configuration of the encrypted data subset uses the simple device of dragging and dropping the data from the unencrypted drive or folder, to a designated drive or folder whereupon the original data is overwritten by an encrypted copy and is subsequently only accessible via when the key is present.
Claim 7
A system as in any of the preceding δlaims in which the portable key is kept on a flash drive or other device with a retractable connector.
Claim 8
A system as in any of the preceding claims in which the portable key is kept on a flash drive or other device with the facility to attach it to a key ring.
Claim 9
A system as in any of the preceding claims in which the files encrypted with both keys may be stored on the flash drive containing the portable key.
Claim 10
A system as in any of the preceding claims in which the random data is organised into two or more files.
PCT/GB2010/000660 2009-04-04 2010-04-01 A data protection system Ceased WO2010112869A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP10717197A EP2414984A1 (en) 2009-04-04 2010-04-01 A data protection system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB0905917.1 2009-04-04
GB0905917A GB2469141A (en) 2009-04-04 2009-04-04 Protecting data from unauthorised access using one-time pad stored on removable storage device

Publications (1)

Publication Number Publication Date
WO2010112869A1 true WO2010112869A1 (en) 2010-10-07

Family

ID=40750158

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2010/000660 Ceased WO2010112869A1 (en) 2009-04-04 2010-04-01 A data protection system

Country Status (3)

Country Link
EP (1) EP2414984A1 (en)
GB (1) GB2469141A (en)
WO (1) WO2010112869A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102207913A (en) * 2011-06-09 2011-10-05 中兴通讯股份有限公司 Write protection control method and device in embedded system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070255963A1 (en) * 2006-04-28 2007-11-01 Erix Pizano System and method for biometrically secured, transparent encryption and decryption
EP1953669A2 (en) * 2007-01-30 2008-08-06 Technology Properties Limited System and method of storage device data encryption and data access via a hardware key
GB2449410A (en) * 1992-10-30 2008-11-26 Commw Of Australia Communications security and trusted path method and means

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5623546A (en) * 1995-06-23 1997-04-22 Motorola, Inc. Encryption method and system for portable data
US5802175A (en) * 1996-09-18 1998-09-01 Kara; Salim G. Computer file backup encryption system and method
US7702922B2 (en) * 2004-08-17 2010-04-20 Microsoft Corporation Physical encryption key system
US20070011469A1 (en) * 2005-07-11 2007-01-11 Simdesk Technologies Secure local storage of files
US8588421B2 (en) * 2007-01-26 2013-11-19 Microsoft Corporation Cryptographic key containers on a USB token

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2449410A (en) * 1992-10-30 2008-11-26 Commw Of Australia Communications security and trusted path method and means
US20070255963A1 (en) * 2006-04-28 2007-11-01 Erix Pizano System and method for biometrically secured, transparent encryption and decryption
EP1953669A2 (en) * 2007-01-30 2008-08-06 Technology Properties Limited System and method of storage device data encryption and data access via a hardware key

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102207913A (en) * 2011-06-09 2011-10-05 中兴通讯股份有限公司 Write protection control method and device in embedded system

Also Published As

Publication number Publication date
GB0905917D0 (en) 2009-05-20
EP2414984A1 (en) 2012-02-08
GB2469141A (en) 2010-10-06

Similar Documents

Publication Publication Date Title
US6292899B1 (en) Volatile key apparatus for safeguarding confidential data stored in a computer system memory
US8315394B2 (en) Techniques for encrypting data on storage devices using an intermediate key
CN104239820B (en) A kind of safety storage apparatus
US10592641B2 (en) Encryption method for digital data memory card and assembly for performing the same
JP2009225437A (en) Secure disposal of stored data
KR20080071528A (en) Method and system for storage data encryption and data access
US20080235521A1 (en) Method and encryption tool for securing electronic data storage devices
EP2264639A2 (en) Securing executable code integrity using auto-derivative key
US20080077807A1 (en) Computer Hard Disk Security
US20080016127A1 (en) Utilizing software for backing up and recovering data
US20080313473A1 (en) Method and surveillance tool for managing security of mass storage devices
EP2037389A1 (en) An electronic file protection system having one or more removeable memory devices
Belenko et al. “Secure Password Managers” and “Military-Grade Encryption” on Smartphones: Oh, Really?
US8200964B2 (en) Method and apparatus for accessing an encrypted file system using non-local keys
US9697372B2 (en) Methods and apparatuses for securing tethered data
US11283600B2 (en) Symmetrically encrypt a master passphrase key
CN1776563A (en) File encrypting device based on USB interface
EP2414984A1 (en) A data protection system
CN113946850B (en) A method, apparatus, electronic and storage medium for using a key
US20090077377A1 (en) System and method of protecting content of an electronic file for sending and receiving
CN117454412A (en) Encryption and decryption file system and method
CN105224892A (en) A kind of hard disk data protection method, device and system
US10992453B2 (en) System architecture for encrypting external memory
Kiltz et al. Hidden in Plain Sight-Persistent Alternative Mass Storage Data Streams as a Means for Data Hiding With the Help of UEFI NVRAM and Implications for IT Forensics
Halcrow Demands, solutions, and improvements for Linux filesystem security

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10717197

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2010717197

Country of ref document: EP