Disclosed are various embodiments for facilitating the encryption of files as well as facilitating requiring a user to employ an authenticator device in order to access a file that is encrypted or otherwise secured. The authenticator device can provide an authenticator code in which a security key u
Disclosed are various embodiments for facilitating the encryption of files as well as facilitating requiring a user to employ an authenticator device in order to access a file that is encrypted or otherwise secured. The authenticator device can provide an authenticator code in which a security key used to access a secured file can be embedded. An additional layer of encryption can also be applied in the authenticator code.
대표청구항▼
1. A method for controlling access to an encrypted file, comprising: establishing a trusted relationship between an authenticator device and a file storage application hosting the encrypted file;receiving a request to access the encrypted file from an access device;authenticating the request by dete
1. A method for controlling access to an encrypted file, comprising: establishing a trusted relationship between an authenticator device and a file storage application hosting the encrypted file;receiving a request to access the encrypted file from an access device;authenticating the request by determining that the access device has authority to access the encrypted file;providing a decryption key to the authenticator device when the access device has authority;providing the encrypted file to the access device;transmitting the decryption key from the authenticator device to the access device; anddecrypting the encrypted file, by the access device, using the decryption key received from the authenticator device. 2. The method of claim 1, wherein establishing the trusted relationship comprises: receiving authentication credentials from the authenticator device; andverifying authenticity of the authentication credentials. 3. The method of claim 1, wherein determining that the access device has authority to access the encrypted file comprises: obtaining a hardware identifier of the access device; anddetermining that the hardware identifier corresponds to a device with authorization to access the encrypted file. 4. The method of claim 1, wherein the access device automatically deletes the decryption key after decrypting the encrypted file. 5. The method of claim 1, further comprising: receiving, by the authenticator device, a password;using the password to generate a time-varying password; anddouble-encrypting the decryption key using the time-varying password prior to providing the decryption key to the access device. 6. The method of claim 5, further comprising: executing a pairing process to establish a trusted relationship between the authenticator device and the access device; andexchanging a shared secret used to create the time-varying password between the authenticator device and the access device during the pairing process. 7. The method of claim 1, wherein transmitting the decryption key from the authenticator device to the access device comprises: displaying the decryption key on the authenticator device in the form of a QR code; andtaking a picture of the QR code using the access device. 8. One or more non-transitory computer readable media comprising instructions which, when executed by one or more processors, execute a method for controlling access to an encrypted file, the instructions being configured to: establish a trusted relationship between an authenticator device and a file storage application hosting the encrypted file;receive a request to access the encrypted file from an access device;authenticate the request by determining that the access device has authority to access the encrypted file;provide a decryption key to the authenticator device when the access device has authority;provide the encrypted file to the access device;transmit the decryption key from the authenticator device to the access device; anddecrypt the encrypted file, by the access device, using the decryption key received from the authenticator device. 9. The one or more non-transitory computer readable media of claim 8, further comprising instructions which, when executed: receive authentication credentials from the authenticator device; andverify authenticity of the authentication credentials. 10. The one or more non-transitory computer readable media of claim 8, wherein determining that the access device has authority to access the encrypted file comprises: obtaining a hardware identifier of the access device; anddetermining that the hardware identifier corresponds to a device with authorization to access the encrypted file. 11. The one or more non-transitory computer readable media of claim 8, further comprising instructions which, when execute, delete the decryption key after decrypting the encrypted file. 12. The one or more non-transitory computer readable media of claim 8, further comprising instructions which, when executed: receive, by the authenticator device, a password;use the password to generate a time-varying password; anddouble-encrypt the decryption key using the time-varying password prior to providing the decryption key to the access device. 13. The one or more non-transitory computer readable media claim 12, further comprising instructions which, when executed: execute a pairing process to establish a trusted relationship between the authenticator device and the access device; andexchange a shared secret used to create the time-varying password between the authenticator device and the access device during the pairing process. 14. The one or more non-transitory computer readable media of claim 8, wherein transmitting the decryption key from the authenticator device to the access device comprises: displaying the decryption key on the authenticator device in the form of a QR code; andtaking a picture of the QR code using the access device. 15. A system for controlling access to an encrypted file, comprising: an authenticator device;an access device; anda file storage system hosting the encrypted file, wherein: the file storage system establishes a trusted relationship with the authenticator device;the file storage system receives a request to access the encrypted file from an access device;the file storage system authenticates the request by determining that the access device has authority to access the encrypted file;the file storage system provides a decryption key to the authenticator device when the access device has authority;the file storage system provides the encrypted file to the access device;the authenticator device transmits the decryption key to the access device; andthe access device decrypts the encrypted file using the decryption key received from the authenticator device. 16. The system of claim 15, wherein establishing the trusted relationship comprises: receiving authentication credentials from the authenticator device; andverifying authenticity of the authentication credentials. 17. The system of claim 15, wherein determining that the access device has authority to access the encrypted file comprises: obtaining a hardware identifier of the access device; anddetermining that the hardware identifier corresponds to a device with authorization to access the encrypted file. 18. The system of claim 15, wherein the access device automatically deletes the decryption key after decrypting the encrypted file. 19. The system of claim 15, wherein: the authenticator device receives a password and uses the password to generate a time-varying password; andthe authenticator device double-encrypts the decryption key using the time-varying password prior to providing the decryption key to the access device. 20. The system of claim 15, wherein transmitting the decryption key from the authenticator device to the access device comprises: displaying the decryption key on the authenticator device in the form of a QR code; andtaking a picture of the QR code using the access device.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (99)
Wright,Michael; Boucher,Peter; Nault,Gabe; Smith,Merrill; Jacobson,Sterling K; Wood,Jonathan; Mims,Robert, Administration of protection of data accessible by a mobile device.
Bhaskaran,Harikrishnan, Communication system and method for compressing information sent by a communication device to a target portable communication device.
Lee, Woo Jae; Bertz, Lyle T.; Perez, Cesar; Dreiling, Ryan Patrick; Cole, Jason D., Conserving bandwidth by restricting videos communicated in a wireless telecommunications network.
Johnson, David Nephi; Nielson, Dustin Lance; Griffis, Jr., Jerry E.; Beus, David Kent; Jensen, Nathan Blaine; Street, William; Sherman, Paul Erik; Cook, Michael William; Carter, Stephen R, Credential mapping.
Mendez, Daniel J.; Riggins, Mark D.; Wagle, Prasad; Bui, Hong Q.; Ng, Mason; Quinlan, Sean Michael; Ying, Christine C.; Zuleeg, Christopher R.; Cowan, David J.; Aptekar-Strober, Joanna A.; Bailes, R. Stanley, Global server for authenticating access to remote services.
Craft, David John; Dubey, Pradeep K.; Hofstee, Harm Peter; Kahle, James Allan, Method and system for controlled distribution of application code and content data within a computer network.
Craft, David John; Dubey, Pradeep K.; Hofstee, Harm Peter; Kahle, James Allan, Method and system for controlled distribution of application code and content data within a computer network.
Maurya, Sanjiv; Tse, Benson Wei-Ming; VanZile, Frank; Bonham, Larry Dean; Peterson, Phil; Friend, John, Method and system for distributing and updating software in wireless devices.
Ellis, Richard Donald; Newcombe, Christopher Richard; Jones, Paul David; Birum, Derrick Jason; Dunkle, Harold Michael; Thompson, Mikel Howard, Method and system for granting access to system and content.
Bruton, III, David Aro; Overby, Jr., Linwood H.; Rodriguez, Adolfo Francisco, Methods, systems and computer program products for selectively allowing users of a multi-user system access to network resources.
Laird,David; Jones,Martin Kelly, Notification systems and methods enabling user entry of notification trigger information based upon monitored mobile vehicle location.
Wright,Michael; Boucher,Peter; Nault,Gabe; Smith,Merrill; Jacobson,Sterling K; Wood,Jonathan; Mims,Robert, Protection of data accessible by a mobile device.
Mann, Dwayne R.; Heard, Robert W.; Burchett, Christopher D.; Gordon, Ian R., Server, computer memory, and method to support security policy maintenance and distribution.
Wolovitz, Lionel; Collins, Tim, Service management system and associated methodology of providing service related message prioritization in a mobile client.
Ng, Mason; Mendez, Daniel J.; Quinlan, Sean Michael, System and method for automatically forwarding email and email events via a computer network to a server computer.
Heard, Robert W.; Mann, Dwayne R.; Burchett, Christopher D.; Gordon, Ian R., System and method for distribution of security policies for mobile devices.
Riggins Mark D. ; Bailes R. Stanley ; Bui Hong O. ; Cowan David I. ; Mendez Daniel I. ; Ng Mason ; Quinlan Sean Michael ; Wagle Prasad ; Ying Christine C. ; Zuleeg Christopher R. ; Aptekar-Strober Jo, System and method for globally accessing computer services.
Mendez, Daniel J.; Riggins, Mark D.; Wagle, Prasad; Bui, Hong Q.; Ng, Mason; Quinlan, Sean Michael; Ying, Christine C.; Zuleeg, Christopher R.; Cowan, David J.; Aptekar-Strober, Joanna A.; Bailes, R., System and method for globally and securely accessing unified information in a computer network.
Mendez,Daniel J.; Riggins,Mark D.; Wagle,Prasad; Bui,Hong Q.; Ng,Mason; Quinlan,Sean Michael; Ying,Christine C.; Zuleeg,Christopher R.; Cowan,David J.; Aptekar Strober,Joanna A.; Bailes,R. Stanley, System and method for globally and securely accessing unified information in a computer network.
Mendez Daniel J. ; Riggins Mark D. ; Wagle Prasad ; Ying Christine C., System and method for securely synchronizing multiple copies of a workspace element in a network.
Ng Mason ; Quinlan Sean Michael ; Ruan Tom ; Mendez Daniel J. ; Zhu Jing ; Cheng ; Jr. Martin ; Williams Matt ; Riggins Mark D., System and method for updating a remote database in a network.
Mendez Daniel J. ; Riggins Mark D. ; Wagle Prasad ; Ying Christine C., System and method for using a global translator to synchronize workspace elements across a network.
Piccionelli, Greg A.; Rittmaster, Ted R., System and process for limiting distribution of information on a communication network based on geographic location.
Gennaro Rosario ; Johnson Donald Byron ; Karger Paul Ashley ; Matyas ; Jr. Stephen Michael ; Peyravian Mohammad ; Safford David Robert ; Yung Marcel Mordechay ; Zunic Nevenko, Two-phase cryptographic key recovery system.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.