System for and method of remote secure backup
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-011/30
G06F-012/14
H04L-009/00
H04L-009/08
G06F-011/14
출원번호
US-0533778
(2009-07-31)
등록번호
US-9338005
(2016-05-10)
발명자
/ 주소
Fascenda, Anthony
Sturniolo, Emil
Cichielo, Robert
Benware, Paul
출원인 / 주소
KOOLSPAN, INC.
대리인 / 주소
Hunton & Williams LLP
인용정보
피인용 횟수 :
2인용 특허 :
6
초록
Systems and methods for registering a module for backup, backing up a module, and restoring a backed up module are provided.
대표청구항▼
1. A method of securely registering a module for backup, wherein the module comprises a processor, the method comprising: generating an export cryptographic key using the module, wherein the module comprises a first nonvolatile memory and a second nonvolatile memory, and further wherein the first no
1. A method of securely registering a module for backup, wherein the module comprises a processor, the method comprising: generating an export cryptographic key using the module, wherein the module comprises a first nonvolatile memory and a second nonvolatile memory, and further wherein the first nonvolatile memory and the second nonvolatile memory are logically partitioned portions of a single physical persistent memory;automatically generating, using the processor, a backup cryptographic key for the module that is unique to the module, wherein the backup key is employed to encrypt user data associated with the module for transmission of the user data to a backup center;generating a hash of the backup key;encrypting, using the processor, the backup cryptographic key using the export cryptographic key;transmitting the encrypted backup cryptographic key, the generated hash of the backup key, and a module identifier corresponding to the module, to a backup center; andstoring the encrypted backup cryptographic key, the transmitted hash of the backup key, and the transmitted module identifier, with the backup center. 2. The method of claim 1, wherein the module lacks a power supply. 3. The method of claim 1, wherein a form factor of the module may be one or more of the following: a Secure Digital Card (“SD”), mini SD, micro SD, PCMCIA, P2, Compact Flash, Memory Stick, PRO Memory Stick, PRO Duo Memory Stick, Micro Memory Stick, Multi Media Card, SmartMedia Memory Card, MultiMedia Memory Card, Reduced Size MultiMedia Memory Card, MultiMedia Memory Card Mobile, MultiMedia Memory Card Plus, MultiMedia Memory Card Micro, xD Memory Card, SIP, DIP and Universal Serial Bus (“USB”). 4. A method of securely backing up a module with cryptographic parameters, wherein the module comprises a processor, the method comprising: determining, using the processor, whether a plurality of user blocks or sectors of data of the module have changed, wherein the module comprises a first nonvolatile memory and a second nonvolatile memory, and further wherein the first nonvolatile memory and the second nonvolatile memory are logically partitioned portions of a single physical persistent memory;encrypting each user block of the plurality of changed user blocks or sectors of data using at least one of a plurality of backup cryptographic keys, wherein each of the plurality of backup cryptographic keys are generated to correspond to each user block of the plurality of changed user blocks or sectors of data, and further wherein the plurality of backup cryptographic keys are encrypted by the module using an export cryptographic key generated by the module;transmitting the encrypted changed user blocks or sectors of data to a backup center; andstoring the changed user blocks or sectors of data in storage associated with the backup center. 5. The method of claim 4, further including: transmitting the backup cryptographic key to the backup center with the encrypted changed user blocks or sectors of data. 6. The method of claim 4, wherein the module lacks a power supply. 7. The method of claim 4, wherein a form factor of the module may be one or more of the following: a Secure Digital Card (“SD”), mini SD, micro SD, PCMCIA, P2, Compact Flash, Memory Stick, PRO Memory Stick, PRO Duo Memory Stick, Micro Memory Stick, Multi Media Card, SmartMedia Memory Card, MultiMedia Memory Card, Reduced Size MultiMedia Memory Card, MultiMedia Memory Card Mobile, MultiMedia Memory Card Plus, MultiMedia Memory Card Micro, xD Memory Card, SIP, DIP and Universal Serial Bus (“USB”). 8. A method of securely restoring a new module with cryptographic parameters, wherein the new module comprises nonvolatile memory and a processor, the method comprising: registering the new module;reading an original backup cryptographic key into a master module, the original backup cryptographic key generated by an original module;decrypting the original cryptographic backup key;reading a new backup cryptographic key into the master module, the new backup cryptographic key associated with the new module, wherein the new backup cryptographic key is generated by the new module, unique to the new module, and encrypted by the new module using an export cryptographic key generated by the new module;reading encrypted original user data from backup storage, wherein the original user data is from the original module;decrypting the original user data using the original backup cryptographic key;encrypting the decrypted original user data using the new backup cryptographic key;transmitting the user data encrypted using the new backup cryptographic key to the new module and the backup storage; anddestroying the original user data and the original backup cryptographic key. 9. The method of claim 8, wherein the decrypting the original backup cryptographic key includes: decrypting the original backup cryptographic key within the master module. 10. The method of claim 8, wherein the module lacks a power supply. 11. The method of claim 8, wherein a form factor of the module may be one or more of the following: a Secure Digital Card (“SD”), mini SD, micro SD, PCMCIA, P2, Compact Flash, Memory Stick, PRO Memory Stick, PRO Duo Memory Stick, Micro Memory Stick, Multi Media Card, SmartMedia Memory Card, MultiMedia Memory Card, Reduced Size MultiMedia Memory Card, MultiMedia Memory Card Mobile, MultiMedia Memory Card Plus, MultiMedia Memory Card Micro, xD Memory Card, SIP, DIP and Universal Serial Bus (“USB”). 12. A system comprising: a module comprising a processor, wherein the master module is operable to generate an export cryptographic key, generate a backup cryptographic key that is unique to the master module, wherein the backup key is employed to encrypt user data associated with the module for transmission of the user data to a backup center, encrypt the backup cryptographic key using the export cryptographic key, generate a hash of the backup key, and transmit the encrypted backup cryptographic key, the generated hash of the backup key, and a module identifier corresponding to the module, to a backup center;the backup center, in communication with the module, the backup center comprising off-site storage and a backup key database, wherein the backup center is operable to store encrypted data from the module and recall data to the module or to a second module, and wherein the backup key database comprises at least one backup cryptographic key that has been encrypted according to the export cryptographic key; andwherein the module comprises a first nonvolatile memory and a second nonvolatile memory, and further wherein the first nonvolatile memory and the second nonvolatile memory are logically partitioned portions of a single physical persistent memory. 13. The system of claim 12, wherein the is further operable to: encrypt data changed after a historical time; andtransmit the encrypted changed data to the backup center. 14. The system of claim 13, wherein the historical time is a time the module last transmitted encrypted changed data to the backup center. 15. The method of claim 8, wherein the decrypting the original user data includes: decrypting, within the master module, the original user data using the original backup cryptographic key. 16. The method of claim 8, wherein the encrypting the decrypted original user data includes: encrypting, within the master module, the decrypted original user data using the new cryptographic backup key.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (6)
Kohiyama, Tomohisa; Tsunoda, Motoyasu, Hidden data backup and retrieval for a secure device.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.