US9270447B2ActiveUtilityA1

Demand based encryption and key generation and distribution systems and methods

67
Assignee: GIDWANI ARVINDPriority: Nov 3, 2011Filed: Aug 15, 2014Granted: Feb 23, 2016
Est. expiryNov 3, 2031(~5.3 yrs left)· nominal 20-yr term from priority
Inventors:Arvind Gidwani
H04L 63/062H04L 9/30H04L 9/08H04L 2209/56H04L 9/083H04L 9/0819H04L 67/06H04L 63/0428
67
PatentIndex Score
2
Cited by
199
References
30
Claims

Abstract

Systems and methods providing a key management platform that generates and distributes demand-based encryption and decryption keys are described.

Claims

exact text as granted — not AI-modified
The invention claimed is:  
     
       1. A requester system, comprising:
 a memory designed to store computer program code; and 
 a processor communicatively coupled to the memory; 
 wherein when the processor executes the computer program code, the processor is operable to at least:
 generate a request, identification information identifying a receiver system, and one or more use parameters associate with a data file; 
 send the request to a key management system, wherein the sending of the request is configured to cause the key management system to generate a private encryption key and a public encryption key; 
 send the identification information to the key management system, wherein the sending of the identification information is configured to cause the key management system to send the public encryption key to the receiver system; 
 receive the private encryption key from the key management system; 
 modify the data file with the use parameters before the data file is encrypted; 
 encrypt the data file using the private encryption key; and 
 send the encrypted data file to the receiver system. 
 
 
     
     
       2. The requester system of  claim 1 , wherein the processor encrypts the data file based on the use parameters. 
     
     
       3. The requester system of  claim 1 , wherein the processor is further operable to send the use parameters to the key management system, wherein the sending of the use parameters is configured to cause the key management system to generate the public encryption key based on the use parameters. 
     
     
       4. The requester system of  claim 1 , wherein the use parameters specify an expiration date of the public encryption key. 
     
     
       5. The requester system of  claim 1 , wherein the processor is further operable to:
 generate payment information; and 
 send the payment information to the key management system, wherein the sending of the payment information is configured to cause the key management system to generate the private encryption key and the public encryption key upon authentication of the payment information. 
 
     
     
       6. The requester system of  claim 1 , wherein the processor is further operable to send an access instruction to the receiver system, wherein the sending of the access instruction is configured to prohibit the receiver system from accessing the data file after a first number of access attempts by the receiver system and after an elapsed time period from when the encrypted data file was sent to the receiver system. 
     
     
       7. The requester system of  claim 1 , wherein the processor is further operable to:
 receive a notification relating to an attempt, by the receiver system, at taking an action in relation to the data file; 
 generate, based on the notification, an instruction configured to deny the action; and send the instruction to the receiver system, wherein the sending of the instruction is configured to prevent the receiver system from completing the action. 
 
     
     
       8. The requester system of  claim 1 , wherein the use parameters specify security restrictions of the data file. 
     
     
       9. The requester system of  claim 1 , wherein the use parameters restrict operation of the data file. 
     
     
       10. The requester system of  claim 1 , wherein the encryption is embedded in the data file. 
     
     
       11. The requester system of  claim 1 , wherein the processor is further operable to validate the private encryption key. 
     
     
       12. A requester system, comprising:
 a memory designed to store computer program code; and 
 a processor communicatively coupled to the memory; 
 wherein when the processor executes the computer program code, the processor is operable to at least:
 generate a request, identification information identifying a receiver system, and one or more use parameters associate with a data file; 
 send the request to a key management system, wherein the sending of the request is configured to cause the key management system to generate a private encryption key and a public encryption key; 
 send the identification information to the key management system, wherein the sending of the identification information is configured to cause the key management system to send the public encryption key to the receiver system; 
 receive the private encryption key from the key management system; 
 encrypt the data file using the private encryption key; 
 send the encrypted data file to the receiver system; and 
 send an access instruction to the receiver system, wherein the sending of the access instruction is configured to prohibit the receiver system from accessing the data file after a first number of access attempts by the receiver system and after an elapsed time period from when the encrypted data file was sent to the receiver system. 
 
 
     
     
       13. The requester system of  claim 12 , wherein the processor encrypts the data file based on the use parameters. 
     
     
       14. The requester system of  claim 12 , wherein the processor is further operable to send the use parameters to the key management system, wherein the sending of the use parameters is configured to cause the key management system to generate the public encryption key based on the use parameters. 
     
     
       15. The requester system of  claim 12 , wherein the use parameters specify an expiration date of the public encryption key. 
     
     
       16. The requester system of  claim 12 , wherein the processor is further operable to modify the data file with the use parameters before the data file is encrypted. 
     
     
       17. The requester system of  claim 12 , wherein the processor is further operable to:
 generate payment information; and 
 send the payment information to the key management system, wherein the sending of the payment information is configured to cause the key management system to generate the private encryption key and the public encryption key upon authentication of the payment information. 
 
     
     
       18. The requester system of  claim 12 , wherein the processor is further operable to:
 receive a notification relating to an attempt, by the receiver system, at taking an action in relation to the data file; 
 generate, based on the notification, an instruction configured to deny the action; and send the instruction to the receiver system, wherein the sending of the instruction is configured to prevent the receiver system from completing the action. 
 
     
     
       19. The requester system of  claim 12 , wherein the use parameters specify security restrictions of the data file. 
     
     
       20. The requester system of  claim 12 , wherein the use parameters restrict operation of the data file. 
     
     
       21. The requester system of  claim 12 , wherein the encryption is embedded in the data file. 
     
     
       22. The requester system of  claim 12 , wherein the processor is further operable to validate the private encryption key. 
     
     
       23. A key management system, the system comprising:
 a memory designed to store computer program code; and 
 a processor communicatively coupled to the memory; 
 wherein when the processor executes the computer program code, the processor is operable to at least: 
 receive, from a requester system, a request to generate a private encryption key and a public encryption key; 
 receive, from the requester system, identification information identifying a receiver system; 
 generate a first private encryption key and a first public encryption key in response to receiving the request; 
 send the first private encryption key to the requester system; 
 send the first public encryption key to the receiver system; and 
 send an instruction specifying the use parameters to an application running on the receiver system, wherein the application controls access to an encrypted data file that was received from the system by the receiver system based on the instruction specifying the use parameters. 
 
     
     
       24. The key management system of  claim 23 , wherein the processor is further operable to:
 receive, from the requester system, use parameters; and 
 generate, based on the use parameters, the first public encryption key. 
 
     
     
       25. The key management system of  claim 23 , wherein the use parameters specify an expiration date for the public encryption key. 
     
     
       26. The key management system of  claim 23 , wherein the processor is further operable to:
 generate one or more passcodes associated with the first private encryption key and the first public encryption key; and 
 send at least one of the passcodes to the system; and send at least one of the passcodes to the receiver system. 
 
     
     
       27. The key management system of  claim 23 , wherein the processor is further operable to:
 receive payment information from the requester system; and 
 wherein the generation of the private encryption key and the public encryption key is based at least in part upon authentication of the payment information. 
 
     
     
       28. The key management system of  claim 23 , wherein the use parameters specify security restrictions of the data file. 
     
     
       29. The key management system of  claim 23 , wherein the use parameters restrict operation of the data file. 
     
     
       30. The key management system of  claim 23 , wherein the encryption is embedded in the data file.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.