GB2276965A - Protecting temporarily stored data. - Google Patents

Protecting temporarily stored data. Download PDF

Info

Publication number
GB2276965A
GB2276965A GB9406576A GB9406576A GB2276965A GB 2276965 A GB2276965 A GB 2276965A GB 9406576 A GB9406576 A GB 9406576A GB 9406576 A GB9406576 A GB 9406576A GB 2276965 A GB2276965 A GB 2276965A
Authority
GB
United Kingdom
Prior art keywords
data
session
memory
key
ciphering
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB9406576A
Other versions
GB2276965B (en
GB9406576D0 (en
Inventor
Pauli Hovinen
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ICL Personal Systems Oy
Original Assignee
ICL Personal Systems Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ICL Personal Systems Oy filed Critical ICL Personal Systems Oy
Publication of GB9406576D0 publication Critical patent/GB9406576D0/en
Publication of GB2276965A publication Critical patent/GB2276965A/en
Application granted granted Critical
Publication of GB2276965B publication Critical patent/GB2276965B/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules

Abstract

An arrangement for storing data (e.g. swapfiles) in computer equipment (4) comprising a first memory location (1), e.g. a volatile memory, for temporary storage of data for instance for the time of processing, and a second memory location (2), e.g. a non-volatile memory, for longer-term storage of data when desired. Ciphering means (3) converts the data into an encrypted mode with an exchangeable encryption key and into a decrypted mode by a corresponding decryption key. The arrangement also comprises a ciphering key generator (7) for generating at least one random encryption key (5) and a corresponding decryption key (6) for each discrete session. The encryption and decryption keys (5, 6) am retained during a session and their use is prevented after completion of the session, e.g. because they were stored in the volatile memory. <IMAGE>

Description

AN ARRANGEMENT FOR STORING DATA IN COMPUTER EQUIPNENT FIELD AND BACKGROUND OF THE INVENTION The present invention relates to an arrangement for storing data in computer equipment comprising a first memory location, e.g. a volatile memory, for temporary storage of data for instance for the time of processing, and a second memory location, e.g. a non-volatile memory, for longer-term storage of data when desired, and ciphering means for converting the data into an encrypted mode with an encryption key and respectively into a decrypted mode by a decryption key.
Computers make use of non-volatile memories, such as disk memories, for storing data files to be retained only temporarily - e.g. swap files -, since the use of volatile system memories, such as RAN memories, is often costly.
Even though temporary data files are retained in a non-volatile memory, they nevertheless are only needed during one session, in other words, during the working period of a user or when computer programs using such data files are run. By a session is meant in this context for example continuous performing of interactive data processing. A session may be contemplated to begin for instance with log-in and to end with log-off. Many computers retain data stored in temporary files in their non-volatile memory. This creates a security problem, since the content of old temporary data files may be retrieved from the non-volatile memory and thus unauthorized persons can access to confidential data possibly stored in such data files. Some computer equipment clear the temporary data files from the non-volatile memory to solve this problem. However, this is of no avail if an attempt is made to read the non-volatile memory before clearing, for instance when the computer has come to an abnormal halt in the midst of a session.
A known method for assuring security is to use ciphering. The data files can be converted into encrypted mode with an encryption program by giving the program an encryption key when the data is written, and the data can be converted into a decrypted mode using the same or another decryption key dependent on the encryption key employed when the data is read. Encryption systems typically require some manner of ciphering key management, to enable safe development, transmission and storage of keys.
It is an object of the present invention to provide a novel arrangement for storing data in computer equipment when data to be retained non-permanently is stored, with which arrangement particularly problems relating to ciphering key management can be substantially eliminated. This is achieved with the arrangement of the invention, comprising a ciphering key generator for generating at least one random encryption key and a corresponding decryption key for each discrete session for use in the cyphering means to encrypt data to be stored non-permanently prior to its storage in the second memory location and respectively to convert it into decrypted mode after reading from the second memory location, and means for retaining the generated encryption and decryption keys during a session and for destroying them after completion of the session at the latest. The basic idea of the invention is that the computer equipment itself generates the encryption and decryption keys that it uses for storing data to be temporarily retained in a non-volatile memory location.
In this way, these encryption and decryption keys are only known to the computer itself. Since the encryption and decryption of data is performed wholly automatically and independently by the computer itself, these operations are fully transparent to the user. However, at the end of the session at the latest the encryption and decryption keys are destroyed, for example erased from the volatile memory, and thus data possibly stored in the non-volatile memory location and intended only for temporary storage can no longer be deciphered. This procedure assures complete safety even for such temporarily stored data.
The encryption and decryption keys may be generated session-specifically, in which case the same encryption and decryption keys are used for the entire session (these keys may naturally also be the same depending on the ciphering program). Alternatively, encryption and decryption keys may be generated separately for each data file. In cases where several programs are executed during a session, the keys may be destroyed program-specifically, in which event exit from the program causes destroying of the keys.
For a better understanding of the present invention and to show how the same may be carried into effect reference will now be made, by way of example, to the accompanying drawing.
The figure shows at reference 4 computer equipment comprising a volatile memory location 1 which is the memory of the data processing section, such as a volatile memory or processor register. The computer equipment 4 further comprises a second memory location 2 which is a non-volatile memory and provides a storage area for possibly more permanent storing. Typically such a non-volatile memory location is a hard disk. This embodiment specifically relates to safe storage of temporarily stored data or data files in this memory location 2, and thus the figure only concerns storage of such temporarily stored data or data files in said non-volatile memory location 2. For clarity, other storage executed by the computer equipment 4 has not been shown in the figure.
Ciphering means 3 are provided on the data storage and reading route between memory location 1 and memory location 2. Data is stored from memory location 1 to memory location 2 on the one hand and read from memory location 2 to memory location 1 on the other hand through these ciphering means. The encryption and decryption keys 5 and 6 required for these ciphering means 3 are generated by a ciphering key generator 7. This ciphering key generator 7 operates independently and generates the encryption and decryption keys as randomly as possible.
These encryption and decryption keys are stored in storage means 8. Generation of the encryption and decryption keys is either session-related, data file-related or application-related. However, it is necessary that the encryption and decryption keys 5 and 6 are retained in storage means 8 only for the time for which the temporary data files or temporarily stored data encrypted by means of them must be available, that is, until the end of the session at the most. Thereafter the data stored using these random ciphering keys in the non-volatile memory location 2 can no longer be deciphered, since the key employed for their encryption has been destroyed from means 8. In practice this can mean for instance that the encryption key and the corresponding decryption key are stored in the volatile memory wherefrom they are lost when power is switched off from the memory circuit in question for instance at the end of a session.
The basic idea of the invention, according to which the encryption and decryption keys must no longer be available after the session, can also be realized in other manners than that contemplated above. The encryption and decryption keys may be selected randomly for example from a large group of alternative keys permanently stored in the microprocessor. In that case, the procedure can be such that the keys can no longer be accessed after the session, even if they existed physically. Also other methods for storing keys protected in a corresponding manner are possible within the scope of the present invention.
The figure shows as exterior connections interfacing to the computer equipment 4 a user on the one hand and a protected system on the other hand. These are naturally only exemplary user interfaces. The protected system has been indicated as a user interface because by means of the shown computer equipment 4 data temporarily transferred from the protected system for purposes of processing or editing into computer equipment 4 and possibly temporarily stored therein in that connection can be kept protected.
This is based on the fact that no decipherable remnants of processed data can remain in the computer equipment 4 after the processing of such protected data therein has been completed.
The arrangement of the invention has been described in the above with reference to one exemplary embodiment, and it is to be understood that equipment-related and computer-related modifications may be made therein without departing from the scope of the invention. A feature of the invention is that, in connection with temporary storage of data, an encryption key known only to the computer itself may be employed and, furthermore, that this key is destroyed by the computer itself or can otherwise no longer be accessed when said temporarily stored data is no longer needed.

Claims (5)

1. A system for storing data in a computer during a computing session and comprising a first memory means suitable for short term storage of data, a second memory means suitable for longer term storage of data, a ciphering key generator for generating at least one random encryption key and at least one corresponding decryption key for the session, ciphering means for converting data read from the first memory means, prior to storage in the second memory means into an encrypted form using the or each encryption key and for converting encrypted data read from the second memory into a decrypted form using the or each decryption key, and means for retaining the encryption and decryption keys during the session and for preventing their use after completion of the session.
2. A system according to claim 1, wherein the first memory means is a volatile memory.
3. A system according to claim 1 or 2, wherein the second memory means is a non-volatile memory.
4. An arrangement for storing data in computer equipment comprising a first memory location, e.g. a volatile memory, for temporary storage of data for instance for the time of processing; a second memory location, e.g. a non volatile memory for longer-term storage of data when desired; ciphering means for converting the data into an encrypted mode with an exchangeable encryption key and into a decrypted mode with a corresponding decryption key, said arrangement comprising a ciphering key generator for generating at least one random encryption key and a corresponding decryption key for each discrete session for use in the ciphering means to encrypt data to be stored non-permanently prior to its sotrage in the second memory location and respectively to convert it into decrypted mode after reading from the second memory location; and means for retaining'the generated encryption and decryption keys during a session and for preventing their use after completion of the session.
5. A system for storing data in a computer substantially as hereinbefore described with reference to the accompanying drawing.
GB9406576A 1993-04-05 1994-03-31 An arrangement for storing data in computer equipment Expired - Fee Related GB2276965B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
FI931530A FI93280C (en) 1993-04-05 1993-04-05 An arrangement for storing data on computer hardware

Publications (3)

Publication Number Publication Date
GB9406576D0 GB9406576D0 (en) 1994-05-25
GB2276965A true GB2276965A (en) 1994-10-12
GB2276965B GB2276965B (en) 1997-07-09

Family

ID=8537685

Family Applications (1)

Application Number Title Priority Date Filing Date
GB9406576A Expired - Fee Related GB2276965B (en) 1993-04-05 1994-03-31 An arrangement for storing data in computer equipment

Country Status (2)

Country Link
FI (1) FI93280C (en)
GB (1) GB2276965B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2366631A (en) * 2000-03-04 2002-03-13 Ericsson Telefon Ab L M A communication node and a method of recovering security data following a power failure
US6941456B2 (en) * 2001-05-02 2005-09-06 Sun Microsystems, Inc. Method, system, and program for encrypting files in a computer system
EP1008249A4 (en) * 1996-01-16 2005-09-21 Symantec Corp System for decryption and re-encryption of files
US7131010B2 (en) 2000-07-24 2006-10-31 Sony Corporation Data processing system, data processing method, data processing apparatus, and program providing medium
WO2006135999A1 (en) * 2005-06-24 2006-12-28 Research In Motion Limited System and method for managing memory in a mobile device
US7321660B2 (en) 2002-04-18 2008-01-22 Hewlett-Packard Development Company, L.P. Method and apparatus for encrypting/decrypting data using timed-release keys
CN100517417C (en) * 2001-07-25 2009-07-22 松下电器产业株式会社 Deciphering equipment, deciphering equipment making method and providing system
US7594276B2 (en) 1998-03-24 2009-09-22 Symantec Corporation Bubble-protected system for automatic decryption of file data on a per-use basis and automatic re-encryption

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2163577A (en) * 1984-08-23 1986-02-26 Nat Res Dev Software protection device
GB2247548A (en) * 1990-08-13 1992-03-04 Marconi Gec Ltd Data security system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2163577A (en) * 1984-08-23 1986-02-26 Nat Res Dev Software protection device
GB2247548A (en) * 1990-08-13 1992-03-04 Marconi Gec Ltd Data security system

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1008249A4 (en) * 1996-01-16 2005-09-21 Symantec Corp System for decryption and re-encryption of files
US7594276B2 (en) 1998-03-24 2009-09-22 Symantec Corporation Bubble-protected system for automatic decryption of file data on a per-use basis and automatic re-encryption
GB2366631A (en) * 2000-03-04 2002-03-13 Ericsson Telefon Ab L M A communication node and a method of recovering security data following a power failure
GB2366631B (en) * 2000-03-04 2004-10-20 Ericsson Telefon Ab L M Communication node, communication network and method of recovering from a temporary failure of a node
US7131010B2 (en) 2000-07-24 2006-10-31 Sony Corporation Data processing system, data processing method, data processing apparatus, and program providing medium
US6941456B2 (en) * 2001-05-02 2005-09-06 Sun Microsystems, Inc. Method, system, and program for encrypting files in a computer system
CN100517417C (en) * 2001-07-25 2009-07-22 松下电器产业株式会社 Deciphering equipment, deciphering equipment making method and providing system
US7321660B2 (en) 2002-04-18 2008-01-22 Hewlett-Packard Development Company, L.P. Method and apparatus for encrypting/decrypting data using timed-release keys
WO2006135999A1 (en) * 2005-06-24 2006-12-28 Research In Motion Limited System and method for managing memory in a mobile device

Also Published As

Publication number Publication date
FI931530A0 (en) 1993-04-05
FI93280C (en) 1995-03-10
GB2276965B (en) 1997-07-09
FI93280B (en) 1994-11-30
GB9406576D0 (en) 1994-05-25
FI931530A (en) 1994-10-06

Similar Documents

Publication Publication Date Title
EP1596269A2 (en) A system and method for rendering selective presentation of documents
US6178243B1 (en) User-controlled document processing
US5870468A (en) Enhanced data privacy for portable computers
JP4578119B2 (en) Information processing apparatus and security ensuring method in information processing apparatus
EP1580642B1 (en) Method and apparatus for protecting data on storage medium and storage medium
US6598161B1 (en) Methods, systems and computer program products for multi-level encryption
US6993661B1 (en) System and method that provides for the efficient and effective sanitizing of disk storage units and the like
DE10196006B4 (en) Create a key hierarchy for use in an isolated execution environment
US20100017625A1 (en) Architecure, system, and method for operating on encrypted and/or hidden information
EP0575765A1 (en) Secure file erasure
WO1999049380A8 (en) System for intercepting file accesses and for automatic decryption and re-encryption of file data on a per-use basis
JP2003280989A (en) Internal memory type tamper-resistant processor and secrecy protection method
US20110083020A1 (en) Securing a smart card
EP1536307B1 (en) Encryption of system paging file
US20070143630A1 (en) Method and device for protecting a program comprising a functional block
JP2005085188A (en) Program protection method, program protection program, and program protection device
US20040117639A1 (en) Secure driver
GB2276965A (en) Protecting temporarily stored data.
GB2315575A (en) Encryption circuit in I/O subsystem
US20030046564A1 (en) Storage medium and method for storing data decrypting algorithm
US7941862B2 (en) Data access method against cryptograph attack
US20070016803A1 (en) Securing sensitive data in memory
US7508938B1 (en) Method and apparatus for generating and using a tamper-resistant encryption key
JPH08509087A (en) File encryption structure
KR100298506B1 (en) System for preventing illegal installation according to cooperation between integrated circuit card and program

Legal Events

Date Code Title Description
PCNP Patent ceased through non-payment of renewal fee

Effective date: 20050331