US20220253538A1 - Method and system for data security, validation, verification and provenance within independent computer systems and digital networks - Google Patents
Method and system for data security, validation, verification and provenance within independent computer systems and digital networks Download PDFInfo
- Publication number
- US20220253538A1 US20220253538A1 US17/476,838 US202117476838A US2022253538A1 US 20220253538 A1 US20220253538 A1 US 20220253538A1 US 202117476838 A US202117476838 A US 202117476838A US 2022253538 A1 US2022253538 A1 US 2022253538A1
- Authority
- US
- United States
- Prior art keywords
- data
- cryptographic
- generating
- generated
- sub
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6254—Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3257—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using blind signatures
Definitions
- the present disclosure relates to data security, and more specifically, but not exclusively, to a system and method for data security, validation, verification, and provenance within independent computer systems and digital networks.
- FIG. 1 is an exemplary top-level block diagram illustrating one embodiment of a data management system including a client device for partitioning data and generating cryptographic data.
- FIG. 2 is an exemplary top-level block diagram illustrating one embodiment of a data flow for generating a Data Secret ID using the data management system of FIG. 1 .
- FIG. 3 is an exemplary top-level block diagram illustrating an embodiment of a data flow for generating a Data Public ID using the data management system of FIG. 1 .
- FIG. 4 is an exemplary top-level block diagram illustrating an embodiment of a data flow for generating a Proof of Inclusion using the data management system of FIG. 1 .
- FIG. 5 is an exemplary top-level block diagram illustrating an embodiment of a data flow for validating a Proof of Inclusion using the data management system of FIG. 1 .
- FIG. 6 is an exemplary top-level block diagram illustrating an embodiment of a data flow for data storage using the data management system of FIG. 1 .
- FIG. 7 is an exemplary top-level block diagram illustrating an embodiment of a Verifiable Data Structure that can be used by the data management system of FIG. 1 for altering and verifying cryptographic data.
- FIG. 8 is an exemplary top-level block diagram illustrating an embodiment of an audit dataset that can be used by the data management system of FIG. 1 .
- FIG. 9 is an exemplary top-level block diagram illustrating an embodiment of a data flow process for auditing that can be executed using the data management system of FIG. 1 .
- FIG. 10 is an exemplary top-level block diagram illustrating an embodiment of a data flow path for data retrieval and validation using the data management system of FIG. 1 .
- a system for data management including recording, storing, verifying, authenticating and authorizing of cryptographic data and its attributes can prove desirable and provide a basis for a wide range of data management applications, such as for digital identity access to international travel, telecommunication services, financial services, banking, credit, insurance, medical records, and to prevent fraud or misuse of identity information.
- This result can be achieved, according to one embodiment disclosed herein, by a data management system 300 as illustrated in FIG. 1 .
- the data management system 300 is shown as including a client 301 .
- the client 301 receives data 302 in its original, unencrypted form.
- the data 302 includes data that has been subjected to cryptographic functions such as cryptographic primitives including, but not limited to hash functions, digital signature schemes and encryption functions.
- the data 302 can be of any nature, form, and complexity.
- the data 302 is shown as comprising data sub-parts 303 A-M. It should be understood that there can be any number of data sub-parts 303 comprising the data 302 .
- the data 302 can include a single sub-part 303 (not shown), thereby representing the full data set of the data 302 , or up to sub-part 303 M, thereby including M sub-portions 303 of the data 302 .
- a selected sub-part 303 can overlap with the data represented and/or contained by another sub-part 303 . In other words, the same portion of data can be maintained in two or more separate sub-parts 303 .
- the sub-parts 303 can also include only data that is unique from each other.
- a selected sub-part 303 can include other data that is not directly received as the data 302 (e.g., metadata for a selected sub-part 303 ).
- the client 301 provides the data sub-parts 303 to a cryptographic function 304 (e.g., such as a cryptographic function 304 A shown in FIG. 1 ).
- the cryptographic function 304 can include a cryptographic primitive such as, but not limited to, a hash function, a digital signature scheme, a blinding/unblinding technique, and/or an encryption function in order to generate one or more cryptographic sub-parts 305 .
- the cryptographic function 304 can include any combination of cryptographic primitives to generate the cryptographic sub-parts 305 .
- the cryptographic function 304 comprises a hash function (e.g., SHA-1, SHA-2, SHA-3 or script).
- the number of resulting cryptographic sub-parts 305 can be different from the number of data sub-parts 303 .
- the data 302 can be provided to the cryptographic function 304 A without the need for the data sub-parts 303 .
- the client 301 then provides the cryptographic sub-parts 305 to a second cryptographic function 304 B to generate cryptographic data 307 .
- the second cryptographic function 304 B can include any combination of cryptographic primitives to generate the cryptographic data 307 .
- the second cryptographic function 304 B comprises a hash function (e.g., SHA-1, SHA-2, SHA-3 or script).
- the second cryptographic function 304 B can be the same as the cryptographic function 304 A.
- the data 302 can be directly provided to the second cryptographic function 304 B to generate the cryptographic data 307 .
- a tree structure e.g., a Merkle Tree or other similar structure
- the client 301 provides the cryptographic data 307 and a blind factor 308 to a third cryptographic function 304 C to generate blinded data 310 , as shown on FIG. 2 .
- the blind factor 308 can represent a random value.
- a public key (not shown) of a storage 311 can be used as an additional input to the third cryptographic function 304 C.
- the blind factor 308 is optional.
- the blinded data 310 can be the same as the cryptographic data 307 .
- the third cryptographic function 304 C can include any combination of one or more cryptographic primitives to generate the blinded data 310 .
- the third cryptographic function 304 C can be the same as the cryptographic function 304 A and/or the second cryptographic function 304 B.
- the third cryptographic function 304 C includes a Verifiable Random Function, such as, but not limited to, RSA-FDH-VRF for blinding.
- the blinded data 310 is then sent to the storage 311 as shown on FIG. 2 .
- the storage 311 can reside on, or include components of, the client 301 .
- the data management system 300 is suitable for use with any type of storage 311 , such as a decentralized distributed storage, including, but not limited to, for example, a distributed hash table, a distributed database, a peer-to-peer hypermedia distributed storage (e.g., InterPlanetary File System (IPFS)), a distributed ledger (e.g., Blockchain), an operating memory, a centralized database, a cloud-based storage, and/or the like.
- IPFS InterPlanetary File System
- Blockchain distributed ledger
- the storage 311 is not decentralized or comprises a combination of distributed, decentralized servers, and centralized servers.
- the storage 311 can be maintained in operating memory of any component in the system 300 .
- FIG. 2 shows the storage 311 providing the blinded data 310 and a private key 312 to a fourth cryptographic function 304 D for producing a blinded signature 314 .
- the private key 312 is a (large) private cryptographic secret key.
- the fourth cryptographic function 304 D can include any combination of one or more cryptographic primitives to generate the blinded signature 314 .
- the fourth cryptographic function 304 D includes a deterministic encryption/signature scheme.
- the blinded signature 314 can be the same as the blinded data 310 .
- the fourth cryptographic function 304 D comprises a Verifiable Random Function, such as, but not limited to, RSA-FDH-VRF, for generating the blinded signature 314 .
- the fourth cryptographic function 304 D can be the same as the third cryptographic function 304 C.
- the blinded signature 314 can be returned to the client 301 as shown on FIG. 2 .
- the client 301 can provide the blinded signature 314 and the blind factor 308 to a fifth cryptographic function 304 E to generate a Data Secret ID 316 .
- a public key (not shown) of the storage 311 can be also used as an additional input for the fifth cryptographic function 304 E.
- the fifth cryptographic function 304 E includes any combination of one or more cryptographic primitives to generate the Data Secret ID 316 .
- the Data Secret ID 316 can be the same as the blinded signature 314 .
- the fifth cryptographic function 304 E includes a Verifiable Random Function (e.g., RSA-FDH-VRF) for unblinding the blinded signature 314 .
- unblinding includes shifting/unshifting a digital signature by a blinding factor to recover the original signature from the shifted signature.
- the Data Secret ID 316 is mathematically binded with the cryptographic data 307 .
- the fifth cryptographic function 304 E can be the same as the fourth cryptographic function 304 D and/or the third cryptographic function 304 C.
- the Data Secret ID 316 can be the same as the cryptographic data 307 —this is helpful in the case when the data 302 has a high combinatorial entropy preventing the possibility of brute-forcing the original data 302 comprised by the cryptographic data 307 .
- the storage 311 may not be involved in the process of generating the Data Secret ID 316 . However, in a preferred embodiment, due to the fact that the client 301 blinds the cryptographic data 307 before sending it to the storage 311 , the storage 311 is never being in a possession of the original data 302 and the cryptographic data 307 .
- the client 301 advantageously protects the original data 302 and the cryptographic data 307 to prevent brute-force or reverse engineer attacks on the blinded data 310 alone.
- the storage 311 it is not possible for the storage 311 to tamper with the Data Secret ID 316 —by the methods disclosed herein of the data management system 300 , the Data Secret ID 316 can be subjected to the verification and validation processes on a client 301 side which would flag any data tampering.
- the data management system 300 advantageously prevents brute-force attacks of the Data Secret ID 316 from the original data 302 on the client 301 by forcing the client 301 to send blinded data 310 to the storage 311 where it is then subject to the fourth cryptographic function 304 D with the private key 312 known only to the storage 311 . Without knowledge of the private key 312 , it is computationally inefficient to brute-force the Data Secret ID 316 on the client 301 .
- the client 301 provides the data sub-parts 303 and the Data Secret ID 316 to a sixth cryptographic function 304 F in order to generate a set of salts 318 .
- the number of salts 318 can be different from the number of data sub-parts 303 .
- the sixth cryptographic function 304 F includes one or more cryptographic primitives to generate the salts 318 .
- the sixth cryptographic function 304 F includes a hash function, such as but not limited to SHA-1, SHA-2, SHA-3, or script.
- the sixth cryptographic function 304 F can be the same as the cryptographic functions 304 E, 304 D, 304 C, 304 B, and/or 304 A.
- the client 301 combines correlated data sub-parts 303 A-M and salts 318 A-M together and provides the resulting dataset 323 to a seventh cryptographic function 304 G to generate a set of salted cryptographic sub-parts 320 A-M.
- the seventh cryptographic function 304 G includes any combination of one or more cryptographic primitives to generate the set of salted cryptographic sub-parts 320 .
- the Data Public ID 322 can be the same as the Data Secret ID 316 .
- the seventh cryptographic function 304 G includes a hash function, such as but not limited to SHA-1, SHA-2, SHA-3, or script for hashing each part of the resulting dataset 323 .
- the client 301 provides the salted cryptographic sub-parts 320 to an eighth cryptographic function 304 H to generate a Data Public ID 322 as shown on FIG. 3 .
- the eighth cryptographic function 304 H includes any combination of one or more cryptographic primitives to generate the Data Public ID 322 .
- Data Public ID 322 can be the same as the cryptographic data 307 and/or the Data Secret ID 316 .
- the eighth cryptographic function 304 H includes a hash function, such as but not limited to SHA-1, SHA-2, SHA-3, or script.
- the eighth cryptographic function 304 H can be the same as the seventh cryptographic function 304 G.
- the data management system 300 prevents a brute-force attack of the all possible combinations that can be used as the Data Public ID 322 for all possible data 302 and/or the cryptographic data 307 that resides on the client 301 . Accordingly, it is difficult for anyone to receive or steal any meaningful data in its original easily accessible form, even for the data 302 that has a low combinatorial entropy.
- the Data Public ID 322 can be used publicly (e.g., published) without the fear of a brute-force or reverse-engineered attack.
- the client 301 can generate a proof of inclusion 324 , such as shown in FIG. 4 .
- FIG. 4 illustrates a single proof of inclusion 324 A generated for the selected sub-part 303 A, it should be understood that the same process can be applied for any of the data sub-parts 303 B-M to generate corresponding proofs of inclusion 324 B-M.
- the proof of inclusion 324 A for the sub-part 303 A includes the salt 318 A and the cryptographic sub-parts 320 B-M.
- the proof of inclusion 324 for the selected sub-part 303 can be used to mathematically prove that the selected sub-part 303 is indeed a part of the Data Public ID 322 as shown in FIG. 5 .
- the data sub-part 303 A is combined with the salt 318 A.
- the resulting combination is combined with the remaining part of the proof of inclusion 324 and form a dataset 325 .
- the client 301 then provides the dataset 325 to a ninth cryptographic function 3041 to generate the cryptographic data 326 .
- the top-level organization shown in FIG. 5 can be implemented on the storage 311 .
- FIG. 6 illustrates a top-level flow diagram of transmission of a dataset 332 to the storage 311 using the Data Public ID 322 as an identifier.
- the client 301 receives the data 327 in its original, unencrypted form.
- the data 327 includes data that has been subjected to cryptographic functions such as cryptographic primitives disclosed herein.
- the data 327 can be of any nature, form, and complexity.
- the data 327 can be the same as the original data 302 .
- the data 327 can be the same as one or many of the data sub-parts 303 .
- the client 301 provides the data 327 and a private key 333 to a tenth cryptographic function 304 J (e.g., a cryptographic primitive) to generate cryptographic data 331 .
- the private key 333 is a (large) private cryptographic secret key known only to the client 301 .
- the private key 333 need not be used.
- the tenth cryptographic function 304 J includes a FIPS- 186 - 3 (or its analogues) to produce a digital signature (e.g., the cryptographic data 331 ) for the data 327 . In other embodiments, different digital signatures schemes and approaches are used.
- the client 301 also provides the data 327 and the Data Secret ID 316 to an eleventh cryptographic function 304 K to generate cryptographic data 329 .
- the eleventh cryptographic function 304 K includes one or more cryptographic primitives to generate the cryptographic data 329 .
- the eleventh cryptographic function 304 K includes an encryption scheme, such as, but not limited to, Advanced Encryption Standard (AES), Pretty Good Privacy (PGP), Rivest-Shamir-Adleman (RSA), Data Encryption Standard (DES), Blowfish cipher, Twofish cipher, and other similar encryptions schemes.
- AES Advanced Encryption Standard
- PGP Pretty Good Privacy
- RSA Rivest-Shamir-Adleman
- DES Data Encryption Standard
- Blowfish cipher Twofish cipher, and other similar encryptions schemes.
- the client 301 forms the dataset 332 with the Data Public ID 322 as an identifier, the cryptographic data 329 , and the cryptographic data 331 .
- more data can be presented within the dataset 332 (e.g., meta-data can be included).
- the dataset 332 can be sent to the storage 311 .
- proofs of inclusion 324 of at least one sub-part 303 can be sent by the client 301 with the dataset 332 to the storage 311 .
- the storage 311 is shown as including a Verifiable Data Structure 334 .
- a Sparse Merkle Tree is used as the Verifiable Data Structure 334 .
- the storage 311 can uniquely identify a current checksum 335 A stored within the Verifiable Data Structure 334 against the corresponding Data Public ID 322 .
- the storage 311 then provides the cryptographic data 329 to a twelfth cryptographic function 304 L (e.g., a cryptographic primitive) to produce cryptographic data 344 .
- the storage 311 verifies the cryptographic data 331 by checking the cryptographic data 331 against a public key (not shown) of the client 301 paired with the private key 333 .
- the client 301 then provides the current checksum 335 A and the cryptographic data 344 to a thirteenth cryptographic function 304 M to produce a new checksum 335 B.
- the thirteenth cryptographic function 304 M includes one or more cryptographic primitives to generate the new checksum 335 B.
- the thirteenth cryptographic function 304 M includes hashing, such as, but not limited to, SHA-1, SHA-2, SHA-3, or script.
- a new tree root 336 B is computed.
- the client 301 sequentially computes the new tree root 336 B.
- the data management system 300 also encodes data about each change onto a distributed ledger, such as a ledger 339 shown in FIG. 7 .
- the data management system 300 is suitable for use with a wide range of ledgers 339 , such as any immutable distributed ledger, including, for example, a public Blockchain (e.g., Bitcoin® Blockchain, Ethereum® Blockchain, etc.) and/or a private Blockchain and/or the like.
- the storage 311 can be the same as the ledger 339 .
- the ledger 339 comprises a combination of public and/or private Blockchains.
- the data management system 300 provides the safety and integrity for multiple amounts of records and events within the system 300 , all within the parameters of a single ledger transaction on the ledger 339 .
- each transaction corresponds to a single event within the storage 311 .
- each transaction represents a set of events or records within the storage 311 .
- Each new record (or combination of records) of a transaction within the storage 311 generates a ledger transaction (not shown) into the ledger 339 as shown on FIG. 7 , which allows anyone to verify and validate the existence and accuracy of this data entry.
- the ledger transaction represents a Bitcoin® Blockchain transaction and the new tree root 336 B is written into an ‘OP_RETURN’ field of the ledger transaction.
- the ledger transaction can be broadcasted over a ledger 339 network.
- a new block reflecting the transaction
- the record(s) which the data managemnt system 300 has placed within the ledger transaction is secured inside the ledger 339 itself.
- the ledger transaction is in the block, it is difficult to revert or tamper it, so it is difficult to change its history.
- the ledger 339 executes smart contracts (e.g., Ethereum® Blockchain, Hyperledger® Fabric or Hyperledger® Indy).
- the smart contract is a computer protocol intended to digitally facilitate, verify, or enforce the negotiation or performance of a contract.
- the smart contracts allow the performance of credible transactions without third parties. These transactions are trackable and irreversible.
- These ledger transaction comprising the new tree root 336 B (raw or hashed) within the body (contents) of the ledger transaction is distributed over the ledger 339 network, replayed on every Blockchain node and represents a global state change of the ledger 339 .
- only some of the sequential new tree roots 336 are being published to the ledger 339 .
- a combination of the cryptographic data 329 and the cryptographic data 331 can be saved within the storage 311 with the associated Data Public ID 322 .
- This information is readable for the client 301 only if the client 301 is in possession of the original data 302 due to the fact that the Data Secret ID 316 is used as a decryption key for the cryptographic data 329 .
- the storage 311 cannot reconstruct either the Data Secret ID 316 or original data 302 , thereby providing full privacy for the client 301 .
- the data management system 300 is suitable to store more than one value/record associated with the Data Public ID 322 cryptographic data 329 and/or cryptographic data 331 .
- the client 301 can perform the audit of any operation, performed by the storage 311 . Any data tampering or unsanctioned data removal can be detected, such as shown on FIG. 8 .
- the client 301 receives an Audit Dataset 341 for the operation of interest from the storage 311 .
- the Audit Dataset 341 includes at least an Old Proof Path 340 A, a New Proof Path 340 B, a corresponding Data Public ID 322 , and the cryptographic data 344 .
- the client 301 provides the checksum 335 and Cryptographic data 344 received from the storage 311 to the thirteenth cryptographic function 304 M to produce an Audit checksum 345 .
- the client 301 changes the checksum 335 within the Old Proof Path 340 A to the Audit checksum 345 and rebuilds the whole Verifiable Data Structure 334 up to the new Audit Root 346 .
- An operation (or transaction) being audited is validated, checked and verified if the Audit checksum 345 equals the new checksum 335 B, the Audit Root 346 equals the New Root 336 B, and the Audit Root 346 and the New Root 336 B respectively equals the Published Root 342 .
- the client 301 need not be in possession of the original data 302 to be able to validate each operation from the storage 311 .
- the client 301 performs the audit of each operation happening on the storage 311 —each New Root 336 B becomes trusted once audit is successfully completed.
- the client 301 sends Data Public ID 322 (known to him) to the storage 311 as shown on FIG. 10 .
- the storage 311 locates all of the cryptographic data 329 A-X and/or 322 A-X associated with the Data Public ID 322 and sends them back to the client 301 .
- the client 301 cannot read the original data 327 from the cryptographic data 329 without the knowledge of the Data Secret ID 316 —the Data Secret ID 316 is used as a key to decrypt the cryptographic data 329 .
- the client 301 that is in possession of the Data Secret ID 316 can read the original data 327 .
- Authenticity of the each of cryptographic data 329 A-X can be checked by the client 301 through validating correlated cryptographic data 331 A-X.
- the client 301 can check that all of the cryptographic data sets 329 for the corresponding Data Public ID 322 were returned correctly and in full and that the storage 311 is not tampering with data or hiding some data.
- a client 301 provides received cryptographic data 329 A-X to the twelfth cryptographic function 304 L separately from each other in order to generate a set of the corresponding cryptographic data 344 A-X.
- the client 301 provides resulted cryptographic dataset 344 A-X to the thirteenth cryptographic function 304 M one by one, sequentially, providing the result back to the function input until all of the cryptographic data 344 A-X were processed through the thirteenth cryptographic function 304 M.
- Resulted data equals the Current checksum 348 if and only if the storage 311 has provided the client 301 with all of the stored cryptographic data 329 for the Data Public ID 322 .
- the data management system can determine a proof of absence similar to a proof of inclusion described herein. For example, in a preferred embodiment, if no cryptographic data 329 A-X (and/or 331 ) were ever stored within the storage 311 for a given Data Public ID 322 , the storage 311 provides a mathematical proof of absence to client 301 . Accordingly, the storage 311 generates a special Proof Path (not shown) comprising special a known empty value as the Current checksum 348 . The empty value is known for every user of the data management system 300 . The client 301 then validates the Proof Path described above—only authentic proofs of absence would pass this validation.
- the methods and systems described herein provides a secure and private storage solution allowing the client 301 to store and get access to the original data 302 of any nature, form, and complexity.
- the Data Secret ID 316 can be generated only if the client 301 is already in a possession of the original data 302 .
- the Data Secret ID 316 and, accordingly, the Data Public ID 322 cannot be derived from the original data 302 on the client 301 without the storage 311 involvement in the process—it is a prevention of possible brute-force attack, especially for the original data 302 having a low entropy distribution (passport data, for instance).
- the storage 311 receives only the blinded data 310 , which, by itself, is not enough to restore the original data 302 .
- the storage 311 cannot tamper with data identifiers 322 and 316 generation because the blinded signature 314 can be effectively checked, asserted, and validated on the client 301 .
- the Data Public ID 322 advantageously can be shared, become public, and used as the public identifier for the original data 302 —there is no efficient way to restore neither the original data 302 nor the Data Secret ID 316 out of the Data Public ID 322 alone.
- the original data 302 partitioning and proofs of inclusion 324 generation process provides an efficient way to store, retrieve, manipulate and validate data sets 302 and 327 of any size and complexity due to the fact that a client 302 don't have to generate the cryptographic data sets 331 for each of the data 302 sub-parts 303 .
- data partitioning provides an advantage of partial data matching and provable search within the storage 311 .
- the datasets 327 stored within the storage 311 can be accessed, read, and decrypted by the client 301 only if the client 301 is already in a possession of the original data 302 due to the fact that data 327 is encrypted using the Data Secret ID 316 that could be generated from the original form of data 302 only.
- the storage 311 has no efficient way to read stored datasets 327 —data privacy of the client 302 is preserved as well.
- the system 300 provides an advantage of the provable audit process described above, allowing the client 301 to ensure that the storage 311 does not tampering with the data 302 and/or the datasets 327 it stores and there is no altering or removal of the datasets 327 due to the process of using Verifiable Data Structures 334 and publishing its roots 336 A, 336 B to the append-only Ledger 339 .
Abstract
A system and method for reliably and securely recording and storing all attributes of data, such as for the identification and authorization of individual identity as well as attributes relating to it and personal data including but not limited to individual's physical description, bank details, travel history, etc. (the “Personally Identifiable Information “PII”). PII can be difficult to manage in networks where correlation between data sources is required. Thus, in some embodiments, the system combines a distributed database to create a framework for a robust security. The system manages the distributed database to associate transactions, or actions, using data, digital signatures, and/or cryptographic keys, which can be unique to an individual.
Description
- This application is a continuation of U.S. patent application Ser. No. 16/212,348, filed on Dec. 6, 2018, which claims priority to U.S. Provisional Application Ser. No. 62/595,416, filed Dec. 6, 2017, and is related to U.S. patent application Ser. No. 15/480,313, filed Apr. 5, 2017, which claims priority to U.S. Provisional Application Ser. No. 62/318,648, filed on Apr. 5, 2016, and is also related to U.S. patent application Ser. No. 16/031,433, filed Jul. 10, 2018, which claims priority to U.S. Provisional Application Ser. No. 62/530,755, filed on Jul. 10, 2017, and which applications are hereby incorporated by reference in their entirety and for all purposes.
- The present disclosure relates to data security, and more specifically, but not exclusively, to a system and method for data security, validation, verification, and provenance within independent computer systems and digital networks.
- Traditional and generally accepted security measures and common security infrastructure—such as passwords, key management software, and two-factor authentication approaches—have failed to deliver reliable and secure protection of both the infrastructures they are meant to protect, as well as the individual user's personal data.
- The increased number of hacks, attacks, security breaches, successful fraud attempts, and stolen passwords from end-users—and even entire databases from private companies as well as public/government organizations—have led to declining trust from users regarding organizations that provision their credentials and integrity of the personal data that is used to provide user access. Generally, data compromise generates a lack of confidence in trusting personal identifiable information to anyone. This increased user fear and concern for individual data privacy, as well as personal data safety held by third parties, have led to increased technical challenges for organizations to maintain and protect the personal identifiable information of their users. For example, conventional methods typically require increased resources to improve data center monitoring and security—including firewalls, secure environments, data breach detection, penetration testing, resilience exercises against potential hacks and security breaches.
- The main reason for the lack of security in conventional systems is that outdated concepts and poor fundamental design is commonly used in technologies and practices aimed at establishing and protecting identity as well as existing (or a potential user's) personal details. Most organizations using these outdated technologies are forced to store any personal data collected centrally and store the personal data “as is”—unencrypted. Even when it's encrypted, such data currently can be stolen and used elsewhere for nefarious purposes, due to the single point of compromise in the conventional approaches.
- While there are many faults within conventional personal identity management systems, some examples include: storing data in its initial or apparent form; storing data in open form or un-encrypted; storing data in encrypted form that can easily be restored to their initial or open form; storing of passwords including digital keys; existence of backdoors; not decentralized, “all eggs in one basket” storage; having a single point of compromise; and conceptually offering any form of “trusted authorities.”
- In view of the foregoing, a need exists for an improved system for data management in an effort to overcome the aforementioned obstacles and deficiencies of conventional data collection, storage, query, and management systems.
-
FIG. 1 is an exemplary top-level block diagram illustrating one embodiment of a data management system including a client device for partitioning data and generating cryptographic data. -
FIG. 2 is an exemplary top-level block diagram illustrating one embodiment of a data flow for generating a Data Secret ID using the data management system ofFIG. 1 . -
FIG. 3 is an exemplary top-level block diagram illustrating an embodiment of a data flow for generating a Data Public ID using the data management system ofFIG. 1 . -
FIG. 4 is an exemplary top-level block diagram illustrating an embodiment of a data flow for generating a Proof of Inclusion using the data management system ofFIG. 1 . -
FIG. 5 is an exemplary top-level block diagram illustrating an embodiment of a data flow for validating a Proof of Inclusion using the data management system ofFIG. 1 . -
FIG. 6 is an exemplary top-level block diagram illustrating an embodiment of a data flow for data storage using the data management system ofFIG. 1 . -
FIG. 7 is an exemplary top-level block diagram illustrating an embodiment of a Verifiable Data Structure that can be used by the data management system ofFIG. 1 for altering and verifying cryptographic data. -
FIG. 8 is an exemplary top-level block diagram illustrating an embodiment of an audit dataset that can be used by the data management system ofFIG. 1 . -
FIG. 9 is an exemplary top-level block diagram illustrating an embodiment of a data flow process for auditing that can be executed using the data management system ofFIG. 1 . -
FIG. 10 is an exemplary top-level block diagram illustrating an embodiment of a data flow path for data retrieval and validation using the data management system ofFIG. 1 . - It should be noted that the figures are not drawn to scale and that elements of similar structures or functions are generally represented by like reference numerals for illustrative purposes throughout the figures. It also should be noted that the figures are only intended to facilitate the description of the preferred embodiments. The figures do not illustrate every aspect of the described embodiments and do not limit the scope of the present disclosure.
- Since currently-available personal identity management systems are deficient because of outdated data storage and data management techniques, a system for data management including recording, storing, verifying, authenticating and authorizing of cryptographic data and its attributes can prove desirable and provide a basis for a wide range of data management applications, such as for digital identity access to international travel, telecommunication services, financial services, banking, credit, insurance, medical records, and to prevent fraud or misuse of identity information. This result can be achieved, according to one embodiment disclosed herein, by a
data management system 300 as illustrated inFIG. 1 . - Turning to
FIG. 1 , thedata management system 300 is shown as including aclient 301. In a preferred embodiment, theclient 301 receivesdata 302 in its original, unencrypted form. In other embodiments, thedata 302 includes data that has been subjected to cryptographic functions such as cryptographic primitives including, but not limited to hash functions, digital signature schemes and encryption functions. Thedata 302 can be of any nature, form, and complexity. Thedata 302 is shown as comprisingdata sub-parts 303A-M. It should be understood that there can be any number ofdata sub-parts 303 comprising thedata 302. By way of another example, thedata 302 can include a single sub-part 303 (not shown), thereby representing the full data set of thedata 302, or up tosub-part 303M, thereby includingM sub-portions 303 of thedata 302. In yet another embodiment, a selectedsub-part 303 can overlap with the data represented and/or contained by anothersub-part 303. In other words, the same portion of data can be maintained in two or moreseparate sub-parts 303. Similarly, thesub-parts 303 can also include only data that is unique from each other. In an even further embodiment, a selectedsub-part 303 can include other data that is not directly received as the data 302 (e.g., metadata for a selected sub-part 303). - The
client 301 provides thedata sub-parts 303 to a cryptographic function 304 (e.g., such as acryptographic function 304A shown inFIG. 1 ). Thecryptographic function 304 can include a cryptographic primitive such as, but not limited to, a hash function, a digital signature scheme, a blinding/unblinding technique, and/or an encryption function in order to generate one or morecryptographic sub-parts 305. In some embodiments, thecryptographic function 304 can include any combination of cryptographic primitives to generate thecryptographic sub-parts 305. In a preferred embodiment, thecryptographic function 304 comprises a hash function (e.g., SHA-1, SHA-2, SHA-3 or script). In an even further embodiment, the number of resultingcryptographic sub-parts 305 can be different from the number ofdata sub-parts 303. In yet another embodiment (not shown), thedata 302 can be provided to thecryptographic function 304A without the need for thedata sub-parts 303. - The
client 301 then provides thecryptographic sub-parts 305 to a secondcryptographic function 304B to generatecryptographic data 307. In some embodiments, the secondcryptographic function 304B can include any combination of cryptographic primitives to generate thecryptographic data 307. In a preferred embodiment, the secondcryptographic function 304B comprises a hash function (e.g., SHA-1, SHA-2, SHA-3 or script). In some embodiments, the secondcryptographic function 304B can be the same as thecryptographic function 304A. In yet another embodiment, thedata 302 can be directly provided to the secondcryptographic function 304B to generate thecryptographic data 307. In some embodiments, a tree structure (e.g., a Merkle Tree or other similar structure) can be derived from the set ofcryptographic sub-parts 305 before applying the secondcryptographic function 304B to the tree root. - In a preferred embodiment, the
client 301 provides thecryptographic data 307 and ablind factor 308 to a thirdcryptographic function 304C to generate blindeddata 310, as shown onFIG. 2 . Theblind factor 308 can represent a random value. In some embodiments, a public key (not shown) of astorage 311 can be used as an additional input to the thirdcryptographic function 304C. In some other embodiments, theblind factor 308 is optional. In some other embodiments, the blindeddata 310 can be the same as thecryptographic data 307. In some embodiments, the thirdcryptographic function 304C can include any combination of one or more cryptographic primitives to generate the blindeddata 310. In some embodiments, the thirdcryptographic function 304C can be the same as thecryptographic function 304A and/or thesecond cryptographic function 304B. In a preferred embodiment, the thirdcryptographic function 304C includes a Verifiable Random Function, such as, but not limited to, RSA-FDH-VRF for blinding. - The blinded
data 310 is then sent to thestorage 311 as shown onFIG. 2 . In some embodiments, thestorage 311 can reside on, or include components of, theclient 301. Thedata management system 300 is suitable for use with any type ofstorage 311, such as a decentralized distributed storage, including, but not limited to, for example, a distributed hash table, a distributed database, a peer-to-peer hypermedia distributed storage (e.g., InterPlanetary File System (IPFS)), a distributed ledger (e.g., Blockchain), an operating memory, a centralized database, a cloud-based storage, and/or the like. In other embodiments, thestorage 311 is not decentralized or comprises a combination of distributed, decentralized servers, and centralized servers. In even further embodiments, thestorage 311 can be maintained in operating memory of any component in thesystem 300. -
FIG. 2 shows thestorage 311 providing the blindeddata 310 and aprivate key 312 to afourth cryptographic function 304D for producing a blindedsignature 314. In a preferred embodiment, theprivate key 312 is a (large) private cryptographic secret key. In some embodiments, thefourth cryptographic function 304D can include any combination of one or more cryptographic primitives to generate the blindedsignature 314. In some embodiments, thefourth cryptographic function 304D includes a deterministic encryption/signature scheme. In even further embodiments, the blindedsignature 314 can be the same as the blindeddata 310. In a preferred embodiment, thefourth cryptographic function 304D comprises a Verifiable Random Function, such as, but not limited to, RSA-FDH-VRF, for generating the blindedsignature 314. In yet another embodiment, thefourth cryptographic function 304D can be the same as the thirdcryptographic function 304C. - The blinded
signature 314 can be returned to theclient 301 as shown onFIG. 2 . Theclient 301 can provide the blindedsignature 314 and theblind factor 308 to afifth cryptographic function 304E to generate aData Secret ID 316. In some embodiments, a public key (not shown) of thestorage 311 can be also used as an additional input for thefifth cryptographic function 304E. In some embodiments, thefifth cryptographic function 304E includes any combination of one or more cryptographic primitives to generate theData Secret ID 316. In yet another embodiment, theData Secret ID 316 can be the same as the blindedsignature 314. In a preferred embodiment, thefifth cryptographic function 304E includes a Verifiable Random Function (e.g., RSA-FDH-VRF) for unblinding the blindedsignature 314. In some embodiments, unblinding includes shifting/unshifting a digital signature by a blinding factor to recover the original signature from the shifted signature. Thereby, theData Secret ID 316 is mathematically binded with thecryptographic data 307. In further embodiments, thefifth cryptographic function 304E can be the same as thefourth cryptographic function 304D and/or the thirdcryptographic function 304C. - In some embodiments, the
Data Secret ID 316 can be the same as thecryptographic data 307—this is helpful in the case when thedata 302 has a high combinatorial entropy preventing the possibility of brute-forcing theoriginal data 302 comprised by thecryptographic data 307. In some other embodiments, thestorage 311 may not be involved in the process of generating theData Secret ID 316. However, in a preferred embodiment, due to the fact that theclient 301 blinds thecryptographic data 307 before sending it to thestorage 311, thestorage 311 is never being in a possession of theoriginal data 302 and thecryptographic data 307. Accordingly, theclient 301 advantageously protects theoriginal data 302 and thecryptographic data 307 to prevent brute-force or reverse engineer attacks on the blindeddata 310 alone. Advantageously, in the preferred embodiment, it is not possible for thestorage 311 to tamper with theData Secret ID 316—by the methods disclosed herein of thedata management system 300, theData Secret ID 316 can be subjected to the verification and validation processes on aclient 301 side which would flag any data tampering. Thedata management system 300 advantageously prevents brute-force attacks of theData Secret ID 316 from theoriginal data 302 on theclient 301 by forcing theclient 301 to send blindeddata 310 to thestorage 311 where it is then subject to thefourth cryptographic function 304D with theprivate key 312 known only to thestorage 311. Without knowledge of theprivate key 312, it is computationally inefficient to brute-force theData Secret ID 316 on theclient 301. - Turning to
FIG. 3 , theclient 301 provides the data sub-parts 303 and theData Secret ID 316 to a sixthcryptographic function 304F in order to generate a set ofsalts 318. In some embodiments, the number ofsalts 318 can be different from the number of data sub-parts 303. In some embodiments, the sixthcryptographic function 304F includes one or more cryptographic primitives to generate thesalts 318. In a preferred embodiment, the sixthcryptographic function 304F includes a hash function, such as but not limited to SHA-1, SHA-2, SHA-3, or script. In other embodiments, the sixthcryptographic function 304F can be the same as thecryptographic functions - The
client 301 combines correlated data sub-parts 303A-M andsalts 318A-M together and provides the resultingdataset 323 to a seventhcryptographic function 304G to generate a set of salted cryptographic sub-parts 320A-M. In some embodiments, theseventh cryptographic function 304G includes any combination of one or more cryptographic primitives to generate the set of saltedcryptographic sub-parts 320. In yet another embodiment, theData Public ID 322 can be the same as theData Secret ID 316. In a preferred embodiment, theseventh cryptographic function 304G includes a hash function, such as but not limited to SHA-1, SHA-2, SHA-3, or script for hashing each part of the resultingdataset 323. - The
client 301 provides the saltedcryptographic sub-parts 320 to aneighth cryptographic function 304H to generate aData Public ID 322 as shown onFIG. 3 . In some embodiments, the eighthcryptographic function 304H includes any combination of one or more cryptographic primitives to generate theData Public ID 322. In some embodiments,Data Public ID 322 can be the same as thecryptographic data 307 and/or theData Secret ID 316. In a preferred embodiment, the eighthcryptographic function 304H includes a hash function, such as but not limited to SHA-1, SHA-2, SHA-3, or script. In some embodiments, the eighthcryptographic function 304H can be the same as theseventh cryptographic function 304G. - Advantageously, the
data management system 300 prevents a brute-force attack of the all possible combinations that can be used as theData Public ID 322 for allpossible data 302 and/or thecryptographic data 307 that resides on theclient 301. Accordingly, it is difficult for anyone to receive or steal any meaningful data in its original easily accessible form, even for thedata 302 that has a low combinatorial entropy. In some embodiments, theData Public ID 322 can be used publicly (e.g., published) without the fear of a brute-force or reverse-engineered attack. - For each given
data sub-part 303, theclient 301 can generate a proof ofinclusion 324, such as shown inFIG. 4 . AlthoughFIG. 4 illustrates a single proof ofinclusion 324A generated for the selected sub-part 303A, it should be understood that the same process can be applied for any of the data sub-parts 303B-M to generate corresponding proofs of inclusion 324B-M. The proof ofinclusion 324A for the sub-part 303A includes thesalt 318A and the cryptographic sub-parts 320B-M. - Advantageously, the proof of
inclusion 324 for the selected sub-part 303 can be used to mathematically prove that the selectedsub-part 303 is indeed a part of theData Public ID 322 as shown inFIG. 5 . Turning toFIG. 5 , the data sub-part 303A is combined with thesalt 318A. The resulting combination is combined with the remaining part of the proof ofinclusion 324 and form adataset 325. Theclient 301 then provides thedataset 325 to aninth cryptographic function 3041 to generate thecryptographic data 326. Only if thecryptographic data 326 equals to theData Public ID 322, then the proof ofinclusion 324 is valid, correct, and proves that the data sub-part 303A is the part of theoriginal data 302 having theData Public ID 322. In some embodiments, the top-level organization shown inFIG. 5 can be implemented on thestorage 311. -
FIG. 6 illustrates a top-level flow diagram of transmission of adataset 332 to thestorage 311 using theData Public ID 322 as an identifier. In a preferred embodiment, theclient 301 receives thedata 327 in its original, unencrypted form. In other embodiments, thedata 327 includes data that has been subjected to cryptographic functions such as cryptographic primitives disclosed herein. Thedata 327 can be of any nature, form, and complexity. In some embodiments, thedata 327 can be the same as theoriginal data 302. In some embodiments, thedata 327 can be the same as one or many of thedata sub-parts 303. - The
client 301 provides thedata 327 and aprivate key 333 to atenth cryptographic function 304J (e.g., a cryptographic primitive) to generatecryptographic data 331. In a preferred embodiment, theprivate key 333 is a (large) private cryptographic secret key known only to theclient 301. In some embodiments, theprivate key 333 need not be used. In a preferred embodiment, thetenth cryptographic function 304J includes a FIPS-186-3 (or its analogues) to produce a digital signature (e.g., the cryptographic data 331) for thedata 327. In other embodiments, different digital signatures schemes and approaches are used. - The
client 301 also provides thedata 327 and theData Secret ID 316 to aneleventh cryptographic function 304K to generatecryptographic data 329. In some embodiments, theeleventh cryptographic function 304K includes one or more cryptographic primitives to generate thecryptographic data 329. In a preferred embodiment, theeleventh cryptographic function 304K includes an encryption scheme, such as, but not limited to, Advanced Encryption Standard (AES), Pretty Good Privacy (PGP), Rivest-Shamir-Adleman (RSA), Data Encryption Standard (DES), Blowfish cipher, Twofish cipher, and other similar encryptions schemes. - As shown in
FIG. 6 , theclient 301 forms thedataset 332 with theData Public ID 322 as an identifier, thecryptographic data 329, and thecryptographic data 331. In some embodiments, more data can be presented within the dataset 332 (e.g., meta-data can be included). Thedataset 332 can be sent to thestorage 311. In some embodiments, proofs ofinclusion 324 of at least one sub-part 303 can be sent by theclient 301 with thedataset 332 to thestorage 311. - Turning to
FIG. 7 , thestorage 311 is shown as including aVerifiable Data Structure 334. In a preferred embodiment, a Sparse Merkle Tree is used as theVerifiable Data Structure 334. Using theData Public ID 322, thestorage 311 can uniquely identify acurrent checksum 335A stored within theVerifiable Data Structure 334 against the correspondingData Public ID 322. Thestorage 311 then provides thecryptographic data 329 to atwelfth cryptographic function 304L (e.g., a cryptographic primitive) to producecryptographic data 344. In some embodiments, thestorage 311 verifies thecryptographic data 331 by checking thecryptographic data 331 against a public key (not shown) of theclient 301 paired with theprivate key 333. - The
client 301 then provides thecurrent checksum 335A and thecryptographic data 344 to athirteenth cryptographic function 304M to produce anew checksum 335B. In some embodiments, thethirteenth cryptographic function 304M includes one or more cryptographic primitives to generate thenew checksum 335B. In a preferred embodiment, thethirteenth cryptographic function 304M includes hashing, such as, but not limited to, SHA-1, SHA-2, SHA-3, or script. - As shown in
FIG. 7 , anew tree root 336B is computed. In a preferred embodiment, theclient 301 sequentially computes thenew tree root 336B. In some embodiments, thedata management system 300 also encodes data about each change onto a distributed ledger, such as aledger 339 shown inFIG. 7 . Thedata management system 300 is suitable for use with a wide range ofledgers 339, such as any immutable distributed ledger, including, for example, a public Blockchain (e.g., Bitcoin® Blockchain, Ethereum® Blockchain, etc.) and/or a private Blockchain and/or the like. In some embodiments, thestorage 311 can be the same as theledger 339. In some embodiments, theledger 339 comprises a combination of public and/or private Blockchains. In some embodiments, thedata management system 300 provides the safety and integrity for multiple amounts of records and events within thesystem 300, all within the parameters of a single ledger transaction on theledger 339. In some other embodiments, each transaction corresponds to a single event within thestorage 311. In alternative embodiments, each transaction represents a set of events or records within thestorage 311. Each new record (or combination of records) of a transaction within thestorage 311 generates a ledger transaction (not shown) into theledger 339 as shown onFIG. 7 , which allows anyone to verify and validate the existence and accuracy of this data entry. - For example, when the
ledger 339 represents a Bitcoin® Blockchain, the ledger transaction represents a Bitcoin® Blockchain transaction and thenew tree root 336B is written into an ‘OP_RETURN’ field of the ledger transaction. The ledger transaction can be broadcasted over aledger 339 network. As soon as a new block (reflecting the transaction) is created on theledger 339, the record(s) which thedata managemnt system 300 has placed within the ledger transaction is secured inside theledger 339 itself. Stated in another way, once the ledger transaction is in the block, it is difficult to revert or tamper it, so it is difficult to change its history. In other embodiments, theledger 339 executes smart contracts (e.g., Ethereum® Blockchain, Hyperledger® Fabric or Hyperledger® Indy). The smart contract is a computer protocol intended to digitally facilitate, verify, or enforce the negotiation or performance of a contract. The smart contracts allow the performance of credible transactions without third parties. These transactions are trackable and irreversible. These ledger transaction comprising thenew tree root 336B (raw or hashed) within the body (contents) of the ledger transaction is distributed over theledger 339 network, replayed on every Blockchain node and represents a global state change of theledger 339. In yet another one embodiment, only some of the sequential new tree roots 336 are being published to theledger 339. - In some embodiments, a combination of the
cryptographic data 329 and thecryptographic data 331 can be saved within thestorage 311 with the associatedData Public ID 322. This information is readable for theclient 301 only if theclient 301 is in possession of theoriginal data 302 due to the fact that theData Secret ID 316 is used as a decryption key for thecryptographic data 329. Thestorage 311 cannot reconstruct either theData Secret ID 316 ororiginal data 302, thereby providing full privacy for theclient 301. In a preferred embodiment, thedata management system 300 is suitable to store more than one value/record associated with theData Public ID 322cryptographic data 329 and/orcryptographic data 331. - Advantageously, the
client 301 can perform the audit of any operation, performed by thestorage 311. Any data tampering or unsanctioned data removal can be detected, such as shown onFIG. 8 . Turning toFIG. 8 , theclient 301 receives anAudit Dataset 341 for the operation of interest from thestorage 311. TheAudit Dataset 341 includes at least an OldProof Path 340A, aNew Proof Path 340B, a correspondingData Public ID 322, and thecryptographic data 344. - With reference now to
FIG. 9 , in order to validate, check and verify the operation being under audit, theclient 301 provides the checksum 335 andCryptographic data 344 received from thestorage 311 to thethirteenth cryptographic function 304M to produce anAudit checksum 345. Theclient 301 changes the checksum 335 within the OldProof Path 340A to the Audit checksum 345 and rebuilds the wholeVerifiable Data Structure 334 up to thenew Audit Root 346. An operation (or transaction) being audited is validated, checked and verified if theAudit checksum 345 equals thenew checksum 335B, theAudit Root 346 equals theNew Root 336B, and theAudit Root 346 and theNew Root 336B respectively equals the PublishedRoot 342. - Advantageously, the
client 301 need not be in possession of theoriginal data 302 to be able to validate each operation from thestorage 311. - In a preferred embodiment, the
client 301 performs the audit of each operation happening on thestorage 311—eachNew Root 336B becomes trusted once audit is successfully completed. - In order to get all of the data associated with the
Data Public ID 322 from thestorage 311, theclient 301 sends Data Public ID 322 (known to him) to thestorage 311 as shown onFIG. 10 . Thestorage 311 locates all of thecryptographic data 329A-X and/or 322A-X associated with theData Public ID 322 and sends them back to theclient 301. Advantageously, theclient 301 cannot read theoriginal data 327 from thecryptographic data 329 without the knowledge of theData Secret ID 316—theData Secret ID 316 is used as a key to decrypt thecryptographic data 329. And conversely, theclient 301 that is in possession of theData Secret ID 316 can read theoriginal data 327. Authenticity of the each ofcryptographic data 329A-X can be checked by theclient 301 through validating correlatedcryptographic data 331A-X. - As an advantage, the
client 301 can check that all of thecryptographic data sets 329 for the correspondingData Public ID 322 were returned correctly and in full and that thestorage 311 is not tampering with data or hiding some data. In order to do that, aclient 301 provides receivedcryptographic data 329A-X to thetwelfth cryptographic function 304L separately from each other in order to generate a set of the correspondingcryptographic data 344A-X. As shown onFIG. 10 , theclient 301 provides resultedcryptographic dataset 344A-X to thethirteenth cryptographic function 304M one by one, sequentially, providing the result back to the function input until all of thecryptographic data 344A-X were processed through thethirteenth cryptographic function 304M. Resulted data equals theCurrent checksum 348 if and only if thestorage 311 has provided theclient 301 with all of the storedcryptographic data 329 for theData Public ID 322. - In some embodiments, the data management system can determine a proof of absence similar to a proof of inclusion described herein. For example, in a preferred embodiment, if no
cryptographic data 329A-X (and/or 331) were ever stored within thestorage 311 for a givenData Public ID 322, thestorage 311 provides a mathematical proof of absence toclient 301. Accordingly, thestorage 311 generates a special Proof Path (not shown) comprising special a known empty value as theCurrent checksum 348. The empty value is known for every user of thedata management system 300. Theclient 301 then validates the Proof Path described above—only authentic proofs of absence would pass this validation. - Advantageously, the methods and systems described herein provides a secure and private storage solution allowing the
client 301 to store and get access to theoriginal data 302 of any nature, form, and complexity. TheData Secret ID 316 can be generated only if theclient 301 is already in a possession of theoriginal data 302. Moreover, theData Secret ID 316 and, accordingly, theData Public ID 322 cannot be derived from theoriginal data 302 on theclient 301 without thestorage 311 involvement in the process—it is a prevention of possible brute-force attack, especially for theoriginal data 302 having a low entropy distribution (passport data, for instance). - At the same time, the privacy of the
client 301 is preserved—thestorage 311 receives only the blindeddata 310, which, by itself, is not enough to restore theoriginal data 302. Advantageously, thestorage 311 cannot tamper withdata identifiers signature 314 can be effectively checked, asserted, and validated on theclient 301. TheData Public ID 322 advantageously can be shared, become public, and used as the public identifier for theoriginal data 302—there is no efficient way to restore neither theoriginal data 302 nor theData Secret ID 316 out of theData Public ID 322 alone. - The
original data 302 partitioning and proofs ofinclusion 324 generation process provides an efficient way to store, retrieve, manipulate and validatedata sets client 302 don't have to generate thecryptographic data sets 331 for each of thedata 302sub-parts 303. Moreover, data partitioning provides an advantage of partial data matching and provable search within thestorage 311. This, in fact, provides an advantage of proving that thestorage 311 indeed stores a sub-part 303 of thedata 302 related to theData Public ID 322 without the need to reveal any other information rather than the sub-part 303 of thedata 302 that theclient 301 is already in possession of and a related proof ofinclusion 325, which by itself does not provide any useful additional information for an attacker. - The
datasets 327 stored within thestorage 311 can be accessed, read, and decrypted by theclient 301 only if theclient 301 is already in a possession of theoriginal data 302 due to the fact thatdata 327 is encrypted using theData Secret ID 316 that could be generated from the original form ofdata 302 only. Thestorage 311 has no efficient way to read storeddatasets 327—data privacy of theclient 302 is preserved as well. - The
system 300 provides an advantage of the provable audit process described above, allowing theclient 301 to ensure that thestorage 311 does not tampering with thedata 302 and/or thedatasets 327 it stores and there is no altering or removal of thedatasets 327 due to the process of usingVerifiable Data Structures 334 and publishing itsroots Ledger 339. - The disclosed embodiments are susceptible to various modifications and alternative forms, and specific examples thereof have been shown by way of example in the drawings and are herein described in detail. It should be understood, however, that the disclosed embodiments are not to be limited to the particular forms or methods disclosed, but to the contrary, the disclosed embodiments are to cover all modifications, equivalents, and alternatives.
Claims (20)
1. A method for managing secured data within independent computer systems and digital networks, the method comprising:
generating a cryptographic data stream by processing original data representing the secured data on a local client device through a cryptographic function;
generating blinded data by providing the cryptographic data stream and a blind factor to a second cryptographic function;
generating a blinded signature by providing the generated blinded data and a private key to a third cryptographic function of a storage device, the private key accessible only to the storage device; and
generating a data secret identifier by providing the generated blinded signature and the blind factor to a fourth cryptographic function, wherein the generated data secret identifier is mathematically binded with the generated cryptographic data stream, and the storage device is never in possession of the original data and the generated cryptographic data stream.
2. The method of claim 1 , further comprising:
partitioning the original data on the local client device into one or more original data sub-parts prior to said generating the cryptographic data stream;
generating one or more cryptographic data sub-parts by processing the partitioned original data sub-parts on the local client device through a first cryptographic function,
wherein said generating the cryptographic data stream comprises processing the generated cryptographic data-sub parts through the cryptographic function.
3. The method of claim 2 , further comprising deriving a tree structure from the generated cryptographic data-sub parts prior to said generating the cryptographic data stream.
4. The method of claim 2 , further comprising generating a data public identifier, comprising:
generating a set of salts by processing the partitioned original data sub-parts and the generated data secret identifier through a fifth cryptographic function;
combining the set of salts and the partitioned original data sub-parts by associating a selected salt with its corresponding data sub-part;
generating a set of cryptographic salts by processing the combined set of salts and the partitioned original data sub-parts data through a sixth cryptographic function; and
generating the data public identifier by processing the set of cryptographic salts through a seventh cryptographic function.
5. The method of claim 4 , further comprising generating a proof of inclusion for each partitioned original data sub-part, a selected proof of inclusion for a selected partitioned original data sub-part includes its corresponding salt and the generated set of cryptographic salts, the selected proof of inclusion for mathematically establishing that the selected partitioned original data sub-part is included in the generated data public identifier.
6. The method of claim 5 , further comprising mathematically establishing that the selected original data sub-part is included in the generated data public identifier by forming a dataset by combining the selected original data sub-art and the selected proof of inclusion; generating a proof cryptographic data by processing the dataset through an eighth cryptographic function; determining whether the proof cryptographic data equals the data public identifier.
7. The method of claim 4 , further comprising providing the generated cryptographic data stream and the data public identifier to a verifiable data structure, the verifiable data structure comparing a current checksum with the data public identifier.
8. The method of claim 7 , further comprising producing a new checksum by processing the current checksum and the generated cryptographic data stream to a twelfth cryptographic data stream.
9. The method of claim 1 , wherein said generating blinded data comprises providing a random value as the blind factor.
10. The method of claim 1 , wherein said generating blinded data further comprises providing a public key of the storage device to the second cryptographic function.
11. The method of claim 1 , wherein said generating the cryptographic data stream comprises processing the original data through a hash function.
12. The method of claim 1 , further comprising creating an associated ledger transaction in a distributed ledger comprising said generated blinded signature of the storage device.
13. A method for managing secured data within independent computer systems and digital networks, the method comprising:
generating a cryptographic data stream by processing original data representing the secured data on a local client device through a cryptographic function;
generating blinded data by providing the cryptographic data stream to a second cryptographic function;
generating a blinded signature by providing the generated blinded data and a private key to a third cryptographic function of a storage device being different than the local client device, the private key accessible only to the storage device; and
generating a data secret identifier by providing the generated blinded signature to a fourth cryptographic function, wherein the generated data secret identifier is mathematically binded with the generated cryptographic data stream.
14. The method of claim 13 , further comprising generating a data public identifier, comprising:
generating a set of salts by processing the partitioned original data sub-parts and the generated data secret identifier through a fifth cryptographic function;
combining the set of salts and the partitioned original data sub-parts by associating a selected salt with its corresponding data sub-part;
generating a set of cryptographic salts by processing the combined set of salts and the partitioned original data sub-parts data through a sixth cryptographic function; and
generating the data public identifier by processing the set of cryptographic salts through a seventh cryptographic function.
15. A computer-implemented system for managing secured data within independent computer systems and digital networks, the method comprising:
a client device for generating a cryptographic data stream by processing original data representing the secured data through a cryptographic function, generating blinded data by providing the cryptographic data stream and a blind factor to a second cryptographic function;
a verifiable storage device in communication with the client device for generating a blinded signature by processing the generated blinded data and a private key to a third cryptographic function, the private key accessible only to the storage device ; and
wherein the client device further generated a data secret identifier by providing the generated blinded signature and the blind factor to a fourth cryptographic function, wherein the generated data secret identifier is mathematically binded with the generated cryptographic data stream, and the storage device is never in possession of the original data and the generated cryptographic data stream.
16. The computer-implemented system of claim 15 , wherein said client device further partitions the original data into one or more original data sub-parts prior to said generating the cryptographic data stream, generates one or more cryptographic data sub-parts by processing the partitioned original data sub-parts through a first cryptographic function,
wherein the client device generates the cryptographic data stream by processing the generated cryptographic data-sub parts through the cryptographic function.
17. The computer-implemented system of claim 16 , wherein said client device further derives a tree structure from the generated cryptographic data-sub parts prior to said generating the cryptographic data stream.
18. The computer-implemented system of claim 16 , wherein said client device further generates a data public identifier by generating a set of salts by processing the partitioned original data sub-parts and the generated data secret identifier through a fifth cryptographic function; combining the set of salts and the partitioned original data sub-parts by associating a selected salt with its corresponding data sub-part; generating a set of cryptographic salts by processing the combined set of salts and the partitioned original data sub-parts data through a sixth cryptographic function; and generating the data public identifier by processing the set of cryptographic salts through a seventh cryptographic function.
19. The computer-implemented system of claim 15 , further comprising a distributed ledger in communication with the verifiable storage device for managing ledger transactions based on any transaction occurring in the verifiable storage device.
20. The computer-implemented system of claim 15 , wherein said verifiable storage device comprises at least one of a distributed hash table, a distributed database, a peer-to-peer hypermedia distributed storage, a distributed ledger, an operating memory, a centralized database, and a cloud-based storage.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US17/476,838 US20220253538A1 (en) | 2017-12-06 | 2021-09-16 | Method and system for data security, validation, verification and provenance within independent computer systems and digital networks |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201762595416P | 2017-12-06 | 2017-12-06 | |
US16/212,348 US11151259B2 (en) | 2017-12-06 | 2018-12-06 | Method and system for data security, validation, verification and provenance within independent computer systems and digital networks |
US17/476,838 US20220253538A1 (en) | 2017-12-06 | 2021-09-16 | Method and system for data security, validation, verification and provenance within independent computer systems and digital networks |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/212,348 Continuation US11151259B2 (en) | 2017-12-06 | 2018-12-06 | Method and system for data security, validation, verification and provenance within independent computer systems and digital networks |
Publications (1)
Publication Number | Publication Date |
---|---|
US20220253538A1 true US20220253538A1 (en) | 2022-08-11 |
Family
ID=65201638
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/212,348 Active 2039-06-29 US11151259B2 (en) | 2017-12-06 | 2018-12-06 | Method and system for data security, validation, verification and provenance within independent computer systems and digital networks |
US17/476,838 Abandoned US20220253538A1 (en) | 2017-12-06 | 2021-09-16 | Method and system for data security, validation, verification and provenance within independent computer systems and digital networks |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/212,348 Active 2039-06-29 US11151259B2 (en) | 2017-12-06 | 2018-12-06 | Method and system for data security, validation, verification and provenance within independent computer systems and digital networks |
Country Status (6)
Country | Link |
---|---|
US (2) | US11151259B2 (en) |
EP (1) | EP3735648A1 (en) |
CA (1) | CA3082977A1 (en) |
MX (1) | MX2020005746A (en) |
SG (1) | SG11202008621QA (en) |
WO (1) | WO2019111056A1 (en) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10374792B1 (en) * | 2016-09-29 | 2019-08-06 | EMC IP Holding Company LLC | Layout-independent cryptographic stamp of a distributed dataset |
US20220123947A1 (en) * | 2019-01-18 | 2022-04-21 | Zeu Technologies, Inc. | A Method for Generating Random Numbers in Blockchain Smart Contracts |
US11290444B2 (en) | 2019-03-18 | 2022-03-29 | Dan Vasile Mimis | Method and system for strong authentication and secure communication |
EP3790224A1 (en) * | 2019-09-04 | 2021-03-10 | I25S ApS | Sparsed merkle tree method and system for processing sets of data for storing and keeping track of the same in a specific network |
CN111460489B (en) * | 2019-12-09 | 2023-06-06 | 重庆锐云科技有限公司 | IPFS-based block chain customer perpetual storage method |
US11363059B2 (en) * | 2019-12-13 | 2022-06-14 | Microsoft Technology Licensing, Llc | Detection of brute force attacks |
US20210336789A1 (en) * | 2020-03-30 | 2021-10-28 | Facebook, Inc. | Deterministic sparse-tree based cryptographic proof of liabilities |
IL274165B2 (en) * | 2020-04-23 | 2023-08-01 | Google Llc | Privacy preserving application and device error detection |
US20210406394A1 (en) * | 2020-06-25 | 2021-12-30 | Bank Of America Corporation | Pre-registration of secure travel information |
CN112346709A (en) * | 2020-11-11 | 2021-02-09 | 湖南智慧政务区块链科技有限公司 | House selection sequence number generation system and method based on verifiable random number |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7653712B1 (en) * | 2004-09-30 | 2010-01-26 | Emc Corporation | Methods and apparatus for processing configuration data |
US20100042833A1 (en) * | 2008-08-12 | 2010-02-18 | Platt David C | Data anonymity system |
US20120221854A1 (en) * | 2004-10-25 | 2012-08-30 | Security First Corp. | Secure data parser method and system |
US20170116693A1 (en) * | 2015-10-27 | 2017-04-27 | Verimatrix, Inc. | Systems and Methods for Decentralizing Commerce and Rights Management for Digital Assets Using a Blockchain Rights Ledger |
US20180083932A1 (en) * | 2016-09-16 | 2018-03-22 | Bank Of America Corporation | Systems and devices for hardened remote storage of private cryptography keys used for authentication |
US20180300493A1 (en) * | 2017-04-13 | 2018-10-18 | Nec Europe Ltd. | Secure and efficient cloud storage with retrievability guarantees |
US20200295934A1 (en) * | 2017-09-27 | 2020-09-17 | Covault Inc. | Joint blind key escrow |
Family Cites Families (39)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
RU2153191C2 (en) * | 1998-09-29 | 2000-07-20 | Закрытое акционерное общество "Алкорсофт" | Method for blind production of digital rsa signature and device which implements said method |
US7068787B1 (en) | 1998-10-23 | 2006-06-27 | Contentguard Holdings, Inc. | System and method for protection of digital works |
US20030177016A1 (en) | 2002-03-13 | 2003-09-18 | Delta Air Lines, Inc. | Revenue recognition system and method for efficiently performing business-related processing and storing of event information related to a transaction |
US8606668B2 (en) | 2003-07-22 | 2013-12-10 | Sap Ag | Parallel availability control checks in financial management system |
US10154034B2 (en) | 2010-04-26 | 2018-12-11 | International Business Machines Corporation | Cooperative data access request authorization in a dispersed storage network |
US8396747B2 (en) | 2005-10-07 | 2013-03-12 | Kemesa Inc. | Identity theft and fraud protection system and method |
US7974924B2 (en) | 2006-07-19 | 2011-07-05 | Mvisum, Inc. | Medical data encryption for communication over a vulnerable system |
US20080294895A1 (en) | 2007-02-15 | 2008-11-27 | Michael Bodner | Disaggregation/reassembly method system for information rights management of secure documents |
US10231077B2 (en) | 2007-07-03 | 2019-03-12 | Eingot Llc | Records access and management |
US9092047B2 (en) | 2010-06-04 | 2015-07-28 | Broadcom Corporation | Method and system for content aggregation via a broadband gateway |
US20100215175A1 (en) | 2009-02-23 | 2010-08-26 | Iron Mountain Incorporated | Methods and systems for stripe blind encryption |
US8972555B2 (en) | 2011-03-04 | 2015-03-03 | Unisys Corporation | IPsec connection to private networks |
US9069979B2 (en) | 2012-09-07 | 2015-06-30 | Oracle International Corporation | LDAP-based multi-tenant in-cloud identity management system |
US9838370B2 (en) | 2012-09-07 | 2017-12-05 | Oracle International Corporation | Business attribute driven sizing algorithms |
WO2014075050A1 (en) | 2012-11-12 | 2014-05-15 | CRAM Worldwide, Inc. | Systems and methods of transmitting data |
US10037623B2 (en) | 2013-03-15 | 2018-07-31 | Bwise B.V. | Dynamic risk structure creation systems and/or methods of making the same |
US9767299B2 (en) | 2013-03-15 | 2017-09-19 | Mymail Technology, Llc | Secure cloud data sharing |
US20140331061A1 (en) | 2013-05-02 | 2014-11-06 | Solidfire, Inc | Drive level encryption key management in a distributed storage system |
US9135454B2 (en) | 2013-05-31 | 2015-09-15 | Alcatel Lucent | Systems and methods for enabling searchable encryption |
CN103327084B (en) | 2013-06-08 | 2017-01-04 | 北京古盘创世科技发展有限公司 | The cloud storage system of a kind of public and private mixed distribution formula and cloud storage method |
WO2015175854A2 (en) | 2014-05-15 | 2015-11-19 | Cryptyk, Inc. (Trading As Bitsavr Inc.) | System and method for digital currency storage, payment and credit |
RU2589861C2 (en) | 2014-06-20 | 2016-07-10 | Закрытое акционерное общество "Лаборатория Касперского" | System and method of user data encryption |
US11275747B2 (en) | 2015-03-12 | 2022-03-15 | Yahoo Assets Llc | System and method for improved server performance for a deep feature based coarse-to-fine fast search |
US9396341B1 (en) | 2015-03-31 | 2016-07-19 | Emc Corporation | Data encryption in a de-duplicating storage in a multi-tenant environment |
US10402792B2 (en) | 2015-08-13 | 2019-09-03 | The Toronto-Dominion Bank | Systems and method for tracking enterprise events using hybrid public-private blockchain ledgers |
KR20180108566A (en) | 2015-10-14 | 2018-10-04 | 캠브리지 블록체인 엘엘씨 | SYSTEM AND METHOD FOR MANAGING DIGITAL IDENTITY |
EP3420523B1 (en) | 2016-02-22 | 2021-02-17 | Royal Bank Of Canada | Electronic document platform |
EP3420516B1 (en) | 2016-02-23 | 2021-03-24 | Nchain Holdings Limited | Methods and systems for the efficient transfer of entities on a blockchain |
JP7249148B2 (en) | 2016-02-23 | 2023-03-30 | エヌチェーン ライセンシング アーゲー | Blockchain-based universal tokenization system |
CN109314636B (en) | 2016-02-23 | 2022-01-11 | 区块链控股有限公司 | Cryptographic method and system for secure extraction of data from blockchains |
US10063529B2 (en) | 2016-03-28 | 2018-08-28 | Accenture Global Solutions Limited | Secure 3D model sharing using distributed ledger |
ES2835784T3 (en) | 2016-04-05 | 2021-06-23 | Zamna Tech Limited | Method and system for managing personal information within independent computer systems and digital networks |
US10580100B2 (en) | 2016-06-06 | 2020-03-03 | Chicago Mercantile Exchange Inc. | Data payment and authentication via a shared data structure |
CA3017579A1 (en) | 2016-06-06 | 2017-12-14 | Thomson Reuters Global Resources Unlimited Company | Systems and methods for providing a personal distributed ledger |
US10361869B2 (en) | 2016-08-23 | 2019-07-23 | International Business Machines Corporation | Event ledger |
US10862959B2 (en) | 2016-11-28 | 2020-12-08 | Keir Finlow-Bates | Consensus system and method for adding data to a blockchain |
US10621150B2 (en) | 2017-03-05 | 2020-04-14 | Jonathan Sean Callan | System and method for enforcing the structure and content of databases synchronized over a distributed ledger |
US10740455B2 (en) | 2017-05-11 | 2020-08-11 | Microsoft Technology Licensing, Llc | Encave pool management |
US10025797B1 (en) | 2018-02-23 | 2018-07-17 | True Return Systems LLC | Method and system for separating storage and process of a computerized ledger for improved function |
-
2018
- 2018-12-06 WO PCT/IB2018/001533 patent/WO2019111056A1/en unknown
- 2018-12-06 SG SG11202008621QA patent/SG11202008621QA/en unknown
- 2018-12-06 CA CA3082977A patent/CA3082977A1/en not_active Abandoned
- 2018-12-06 MX MX2020005746A patent/MX2020005746A/en unknown
- 2018-12-06 US US16/212,348 patent/US11151259B2/en active Active
- 2018-12-06 EP EP18839611.3A patent/EP3735648A1/en not_active Withdrawn
-
2021
- 2021-09-16 US US17/476,838 patent/US20220253538A1/en not_active Abandoned
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7653712B1 (en) * | 2004-09-30 | 2010-01-26 | Emc Corporation | Methods and apparatus for processing configuration data |
US20120221854A1 (en) * | 2004-10-25 | 2012-08-30 | Security First Corp. | Secure data parser method and system |
US20100042833A1 (en) * | 2008-08-12 | 2010-02-18 | Platt David C | Data anonymity system |
US20170116693A1 (en) * | 2015-10-27 | 2017-04-27 | Verimatrix, Inc. | Systems and Methods for Decentralizing Commerce and Rights Management for Digital Assets Using a Blockchain Rights Ledger |
US20180083932A1 (en) * | 2016-09-16 | 2018-03-22 | Bank Of America Corporation | Systems and devices for hardened remote storage of private cryptography keys used for authentication |
US20180300493A1 (en) * | 2017-04-13 | 2018-10-18 | Nec Europe Ltd. | Secure and efficient cloud storage with retrievability guarantees |
US20200295934A1 (en) * | 2017-09-27 | 2020-09-17 | Covault Inc. | Joint blind key escrow |
Also Published As
Publication number | Publication date |
---|---|
US11151259B2 (en) | 2021-10-19 |
SG11202008621QA (en) | 2020-10-29 |
EP3735648A1 (en) | 2020-11-11 |
US20190171825A1 (en) | 2019-06-06 |
WO2019111056A1 (en) | 2019-06-13 |
MX2020005746A (en) | 2020-08-20 |
CA3082977A1 (en) | 2019-06-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20220253538A1 (en) | Method and system for data security, validation, verification and provenance within independent computer systems and digital networks | |
US11200340B2 (en) | Method and system for managing personal information within independent computer systems and digital networks | |
US11496310B2 (en) | Methods and systems for universal storage and access to user-owned credentials for trans-institutional digital authentication | |
EP3451578B1 (en) | Turn-control rewritable blockchain | |
CN111130757B (en) | Multi-cloud CP-ABE access control method based on block chain | |
AU2017269734B2 (en) | Cryptologic rewritable blockchain | |
US20190305938A1 (en) | Threshold secret share authentication proof and secure blockchain voting with hardware security modules | |
KR102055116B1 (en) | Data security service | |
US20220141014A1 (en) | Storing secret data on a blockchain | |
CN110837634B (en) | Electronic signature method based on hardware encryption machine | |
Vargas et al. | Mitigating risk while complying with data retention laws | |
Li et al. | CIA: a collaborative integrity auditing scheme for cloud data with multi-replica on multi-cloud storage providers | |
JP2022541919A (en) | Systems and methods for biometric protocol standards | |
Yang et al. | Provable Ownership of Encrypted Files in De-duplication Cloud Storage. | |
Lyu et al. | NSSIA: a new self-sovereign identity scheme with accountability | |
Said et al. | A multi-factor authentication-based framework for identity management in cloud applications | |
US11868460B2 (en) | Authorized encryption | |
Ramprasath et al. | Protected Data Sharing using Attribute Based Encryption for Remote Data Checking in Cloud Environment | |
Keerthana et al. | Slicing, Tokenization, and Encryption Based Combinational Approach to Protect Data-at-Rest in Cloud Using TF-Sec Model | |
Adlam et al. | Applying Blockchain Technology to Security-Related Aspects of Electronic Healthcare Record Infrastructure | |
Zhang et al. | Attribute Based Conjunctive Keywords Search with Verifiability and Fair Payment Using Blockchain | |
Aly | Securing Digital Archiving Systems Against Mass Breaches and Long-Term Security Degradation | |
CN117454442A (en) | Anonymous security and traceable distributed digital evidence obtaining method and system | |
CN116781332A (en) | Block chain-based network flow evidence obtaining and tracing method and system | |
RU2022108015A (en) | LIMITED, FULLY CLOSED CONJUNCTIVE DATABASE QUERY TO PROTECT USER PRIVACY AND IDENTITY |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |