US20220278838A1 - System and methods for encryption based on environmental factors - Google Patents

System and methods for encryption based on environmental factors Download PDF

Info

Publication number
US20220278838A1
US20220278838A1 US17/745,480 US202217745480A US2022278838A1 US 20220278838 A1 US20220278838 A1 US 20220278838A1 US 202217745480 A US202217745480 A US 202217745480A US 2022278838 A1 US2022278838 A1 US 2022278838A1
Authority
US
United States
Prior art keywords
environmental factors
computer system
encryption
encryption key
entropy values
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
US17/745,480
Inventor
Jeffrey David Wisgo
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Citrix Systems Inc
Original Assignee
Citrix Systems Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Citrix Systems Inc filed Critical Citrix Systems Inc
Priority to US17/745,480 priority Critical patent/US20220278838A1/en
Assigned to CITRIX SYSTEMS, INC. reassignment CITRIX SYSTEMS, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: WISGO, JEFFREY DAVID
Publication of US20220278838A1 publication Critical patent/US20220278838A1/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0872Generation of secret information including derivation or calculation of cryptographic keys or passwords using geo-location information, e.g. location data, time, relative position or proximity to other entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2111Location-sensitive, e.g. geographical location, GPS
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2137Time limited access, e.g. to a computer or data

Definitions

  • Protecting data and applications on user devices is an increasingly important component of enterprise security.
  • Some solutions involve encryption based on a user entered password or personal identification number (PIN).
  • Other solutions use encryption based on a biometric approach such as facial recognition or fingerprint identification. These methods have their limitations, however. For example, weak passwords can often be guessed at, strong passwords can be stolen, and even biometric techniques can be spoofed.
  • a computer system includes a memory; and at least one processor coupled to the memory and configured to: measure one or more environmental factors; convert the one or more environmental factors to one or more entropy values by transforming of the one or more environmental factors to a selected number of bits; and combine the entropy values to generate an encryption key.
  • the computer system can include one or more of the following features.
  • the transforming of the one or more environmental factors includes truncating or rounding the one or more environmental factors to a selected number of bits.
  • the one or more environmental factors include one or more of a location of the computer system, a current date and time, parameters of a network environment to which the computer system is connected, and an identification of a server to which the computer system is connected.
  • the at least one processor can be configured to encrypt and/or decrypt at least a portion of a data file using the encryption key, thereby omitting a need to provide a password.
  • the at least one processor is further configured to encrypt and/or decrypt at least a portion of a binary executable application using the encryption key, thereby omitting a need to provide a password.
  • the at least one processor is further configured to perform the combining by concatenation of the entropy values or by summation of the entropy values.
  • the at least one processor is further configured to obtain encryption configuration parameters from an administration server, the encryption configuration parameters to identify the one or more of the environmental factors.
  • the at least one processor is further configured to determine if either: a data file should be encrypted using the encryption key; or a difference file should be created to capture edits made to the data file since a previous encryption based on environmental factors, the difference file to be encrypted using an alternate encryption technique, the alternate encryption technique not based on environmental factors.
  • a method for providing environmental based encryption includes measuring, by a computer system, one or more environmental factors; converting, by the computer system, the one or more environmental factors to one or more entropy values by transforming the one or more environmental factors to a selected number of bits; and combining, by the computer system, the entropy values to generate an encryption key.
  • the transforming of the one or more environmental factors includes truncating or rounding the one or more environmental factors to a selected number of bits.
  • the one or more environmental factors include one or more of a location of the computer system, a current date and time, parameters of a network environment to which the computer system is connected, and an identification of a server to which the computer system is connected.
  • a non-transitory computer readable medium storing executable sequences of instructions to provide environmental based encryption.
  • the sequences of instructions include instructions to: measure one or more environmental factors; convert the one or more environmental factors to one or more entropy values by transforming the one or more environmental factors to a selected number of bits; and combine the entropy values to generate an encryption key.
  • the non-transitory computer readable medium can include one or more of the following features.
  • the transforming of the one or more environmental factors includes truncating or rounding the one or more environmental factors to a selected number of bits.
  • the one or more environmental factors include one or more of a location of the computer system, a current date and time, parameters of a network environment to which the computer system is connected, and an identification of a server to which the computer system is connected. Instructions to encrypt and/or decrypt at least a portion of a data file using the encryption key, thereby omitting a need to provide a password.
  • FIG. 1 is a top-level block diagram of an implementation of an environmental based encryption (EBE) system on a computing platform, in accordance with an example of the present disclosure.
  • EBE environmental based encryption
  • FIG. 2 is a block diagram of the EBE system, in accordance with an example of the present disclosure.
  • FIG. 3 illustrates remote management of the EBE system, in accordance with an example of the present disclosure.
  • FIG. 4 is a flow diagram of a process for EBE, in accordance with an example of the present disclosure.
  • FIG. 5 is a flow diagram of a process for data file check-in with optional commitment using EBE, in accordance with an example of the present disclosure.
  • FIG. 6 is a block diagram of a computing platform configured to perform a process for EBE, in accordance with an example of the present disclosure.
  • the environmental factors include elements of the environment in which the device is operating such as location, time of day, and network factors, to name a few. These environmental factors can be measured and converted into entropy values, as will be explained in greater detail below.
  • the term “entropy,” as used herein, is a measure of the state of the environment, to a desired degree of precision. This form of entropy can be associated with a relative level of unpredictability of an encryption key. That is to say, greater entropy is associated with a more secure encryption key. Because these forms of entropy (e.g., derived from the measured environmental factors) are not directly entered by the user, they provide greater security against theft and hacking, and can be more convenient to use.
  • an EBE system measures environmental factors such as location and time of day. These factors are then converted to entropy values, for example, by truncating, rounding, or otherwise filtering the measured factors to a selected number of bits. The entropy values are then combined, by concatenation, summing, or any other suitable mathematical operation, to generate an environmentally based encryption key (an EBE key).
  • the number of bits used for the entropy value is a tradeoff between EBE key strength and practical operation, as will be explained in greater detail below.
  • the EBE system may then use the EBE key to encrypt and decrypt data and applications.
  • the EBE key may be used with any suitable key-based encryption technique, in light of the present disclosure.
  • a data file on a mobile device may be encrypted based on the fact that the mobile device is located in a particular conference room between the hours of 2 PM and 3 PM.
  • the data file would then be readable (e.g., through EBE decryption) only in that conference room between the hours of 2 PM and 3 PM.
  • the user does not need to remember a password, and there is no opportunity for a password to be stolen, guessed at, or hacked.
  • the user if the user desires to share that file with another person, the user need only tell that person the location and time at which the file can be accessed. In some examples, even this can be done in a secure way, such as telling the other party to “check the files at your usual coffee time in your favorite café,” for the case where the location is a known favorite coffee shop that is frequented at a known time.
  • the environmental factor may include the presence of (or relative distance to) a second device, which may be measured using radio frequency identification (RFID) techniques.
  • the second device may be a smart watch, an Internet-of-Things (loT) device, or any device with a serial number or tag that can be measured and identified by the mobile device employing the EBE system.
  • a Media Access Contol (MAC) address of the second device may be used as the entropy value, and thus the physical presence of this second device in the vicinity of the mobile device effectively functions as the encryption key.
  • RFID radio frequency identification
  • the environmental factors may include network factors such as any of the following: the Service Set Identifier (SSID) or other identifier of a network access point to which the mobile device is connected, the MAC address of the mobile device, an Internet Protocol (IP) address resolution for a domain name, the ping time to a specified network location, or an SSID to a specified wireless network access point to which the mobile device is not necessarily connected, and/or an identifier of a mobile device management (MDM) server with which the mobile device is enrolled.
  • SSID Service Set Identifier
  • IP Internet Protocol
  • MDM mobile device management
  • the systems and methods for environmental based encryption have several advantages over existing methods which are generally limited to user-entered passwords. For instance, the systems and methods described herein avoid the need for the user to write down or otherwise store passwords that are difficult to remember, thus reducing the possibility of loss or theft. Because passwords are not required, the environmentally based encryption key can be very long and therefore more secure than an encryption key based on a password. Additionally, it will generally be difficult for an unauthorized or nefarious party to duplicate the necessary environmental conditions to decrypt a data file, even if those environmental conditions were known.
  • the encryption key requires that the device be in a specific conference room at a specific time, it would be unlikely, although not impossible, that a remote hacker would be able to meet those conditions.
  • additional encryption may be employed using traditional passwords or other suitable techniques, as an extra layer of security, for example, in the most sensitive of applications.
  • FIG. 1 is a top-level block diagram of an implementation of an EBE system 100 on a computing platform 120 , in accordance with an example of the present disclosure.
  • an EBE system 100 is configured to provide security for data and/or applications using key-based encryption techniques, wherein the encryption key is computed from measurable environmental factors 140 .
  • the computing platform 120 may be a mobile device such as a smart phone, tablet, or laptop.
  • the computing platform 120 may be an loT device.
  • the EBE system 100 performs encryption and decryption operations 150 , 160 to manage access to encrypted data storage 130 by a user 110 .
  • applications e.g., binary executables, or parts thereof
  • FIG. 2 is a block diagram of the EBE system 100 of FIG. 1 , in accordance with an example of the present disclosure.
  • EBE system 100 is shown to include environmental factor processor 200 , entropy generator 210 , encryption key generator 220 , encryption/decryption processor 240 , and configuration/administration processor 260 .
  • Environmental factor processor 200 is configured to measure one or more environmental factors. These factors may include elements of the environment in which the computing platform 120 is operating such as location factors, temporal factors, network factors, connection to a specified server on a network, and inter-device factors, to name a few. It will be appreciated, however, that numerous other possibilities exist. Location factors may include longitude, latitude, and/or altitude. In some examples, location factors may be measured using a global positioning system (GPS) receiver. Temporal factors may also be measured using a GPS receiver, a clock, or other suitable timing device or circuit.
  • GPS global positioning system
  • network factors may include the SSID (or other identifier) of an attached network access point, the mobile devices current ID address or MAC address, IP address resolution for a specific domain name, the ping time to a specific network location, and/or the SSID (or other identifier) of a specified wireless network access point.
  • the SSID (or other identifier) of a specified wireless network access point may be used as a network factor, even if not currently connected.
  • some operating systems may store lists of previously-connected access points. If these lists can be accessed, they can be checked for the presence of one or more networks to which the computing platform 120 has been previously connected, even if they are not connected at that instant. Such lists may contain identifying information for the access point such as an SSID.
  • the network factors may be measured using networking hardware and protocols, whether wired or wireless.
  • inter-device factors may include the presence of, or relative distance to, a specific device, or the serial number of a tag for an RFID device.
  • Inter-device factors may be measured using RFID systems, or other suitable technology.
  • the choice of environmental factors to be measured may be determined by the configuration/administration processor 260 , which may be directed by a remote configuration/administration server 270 , an information technology (IT) administrator of the computing platform 120 , or the user 110 of FIG. 1 .
  • IT information technology
  • Entropy generator 210 is configured to convert the environmental factors to entropy values by truncation, rounding, or otherwise filtering to a selected number of bits. In some examples, other suitable mathematical techniques may be applied to the environmental factors to generate entropy values of the selected number of bits.
  • the number of bits used for the entropy value is a tradeoff between encryption key strength and practical operation.
  • Each environmental factor possesses an inherent quantity of available entropy. For example, an SSID is typically 32 characters or 128 bits, while a MAC address is 48 bits, and the presence of a specific RFID device may translate to only a single bit.
  • a greater number of bits has more entropy and may result in a more secure encryption key, however, there are practical limits to the size of the entropy values.
  • GPS may provide location accuracy on the order of 3 to 4 meters, but for real world usability, it may be best to round the location accuracy to a range of 10 to 20 meters, which corresponds to the size of a typical room.
  • time can be measured at millisecond accuracy, providing greater entropy, but it would not be feasible for the user to attempt to access the file in such a narrow time period. Thus, it would be more reasonable to round off the measured time to the order of many minutes or hours.
  • the degree of truncation or rounding may be determined by the configuration/administration processor 260 , in the same manner as described above in connection with the choice of environmental factors.
  • Encryption key generator 220 is configured to combine the entropy values to generate an environmental based encryption key.
  • the combining of entropy values may be accomplished through concatenation of the values, summation of the values, or through any suitable mathematical operation performed on those values.
  • the choice of the combining technique may also be determined by the configuration/administration processor 260 .
  • Encryption/decryption processor 240 is configured to encrypt or decrypt a data file or application (or portion thereof) using the generated environmental based encryption key.
  • the encryption/decryption process may use any suitable key-based encryption process, including, for example, salting algorithms, iterative algorithms, and elliptic-curve cryptography, to name a few.
  • configuration/administration processor 260 is configured to provide configuration parameters 265 to the environmental factor processor 200 , the entropy generator 210 , and the encryption key generator 220 . These parameters 265 may control, for example, the specific environmental factors to be chosen, the number of bits of entropy to be used, and the specific encryption technique to be employed. In some examples, the parameters 265 may be provided by configuration/administration server 270 , an IT administrator of the platform, or the user 110 of the platform.
  • a user interface or graphical user interface, 660 of FIG. 6 may be provided and configured to allow the IT administrator or user to provide direction and parameters to the EBE system, or otherwise engage in dialog with the EBE system.
  • Parameters may include, for example, the choice of environmental factors to be measured, the number of bits of entropy to be used, and the specific encryption technique to be used.
  • multiple encryptions may be performed to improve accessibility and convenience for the user. This would allow, for example, multiple time ranges (e.g., 9 AM-10 AM and 2 PM-3 PM), or multiple locations (e.g., home office and work conference room), for which user access to the encrypted data or applications would be allowed.
  • multiple time ranges e.g., 9 AM-10 AM and 2 PM-3 PM
  • multiple locations e.g., home office and work conference room
  • FIG. 3 illustrates remote management 300 of the EBE system 100 of FIG. 1 , in accordance with an example of the present disclosure.
  • a device management server 310 and/or an application management server 330 may be coupled to the computing platform 120 of FIG. 1 , as shown, for example through a network connection.
  • the device management server 310 is configured to manage various aspects of the computing platform 120 , including security and data encryption policies.
  • the device management server 310 may provide data encryption enforcement 320 that includes a mandate for performance of environmental based encryption, by EBE system 100 , of data and data files to be stored in encrypted data storage 130 , using the techniques as previously described.
  • wrapping techniques may be used to modify existing binary executables (without requiring a complete rebuild of the executables), to incorporate the EBE techniques described above into existing applications for deployment on the computing platform 120 of FIG. 1 .
  • application management server 330 is configured to provide environmental based encryption, using EBE system 100 , of applications 340 to be executed on computing platform 120 .
  • the application management server 330 may provide software development tools or a software development kit (SDK).
  • SDK may include, for example, an application programming interface (API) that a software developer can use in the development of software applications.
  • API application programming interface
  • the developer may incorporate calls to the API, in their software, to implement EBE functionality in the application.
  • a binary executable of an application may contain 9 Megabytes of data and 1 Megabyte of loader code, and the data portion may be encrypted using the EBE techniques described previously while the loader code portion can remain unencrypted.
  • the EBE functionality incorporated into that application through the API calls, may then prevent access to the encrypted data portion unless the appropriate environmental factors are met.
  • the encryption of the data portion may therefore defeat attempts at theft of the application.
  • some examples of the EBE system 100 of FIG. 1 are configured to provide encryption of data and applications, based on environmental factors which can be measured, and which do not require any explicit input from the user, such as strong passwords which can be difficult to remember.
  • the processes may be executed on a processor of any suitable type (e.g., processor(s) 610 of FIG. 6 ).
  • FIG. 4 is a flow diagram of a process 400 for EBE, in accordance with an example of the present disclosure.
  • an environmental factor processor 200 measures one or more selected environmental factors in which the computing system/platform is operating.
  • the environmental factors may include one or more of a location of the computer system, a current date and time, parameters of a network environment to which the computer system is connected, and an identification of a server to which the computer system is connected.
  • the environmental factors are converted to entropy values by truncation, rounding, or filtering (or other suitable mathematical operation) to a selected number of bits, for example by entropy generator 210 of FIG. 2 .
  • the entropy values are combined to generate an encryption key, for example by encryption key generator 220 of FIG. 2 .
  • the combining is accomplished through the concatenation or summation of the entropy values, or through any other suitable mathematical operation that may be performed on the entropy values.
  • data and/or applications are encrypted and/or decrypted using the environmental based encryption key, for example by encryption/decryption processor 240 of FIG. 2 .
  • at least a portion of a data file or a portion of a binary executable application is encrypted or decrypted using the environmental based encryption key.
  • FIG. 5 is a flow diagram 500 of a process for data file check-in with optional commitment using EBE, in accordance with an example of the present disclosure.
  • EBE may be implemented under a check-in/check-out paradigm in which there is a distinction between saving a modified data file, and subsequently “committing” the changes so that they are encrypted using EBE. Changes that are not committed can still be encrypted, however, using a simpler or more traditional encryption key (e.g., a key that is based on a password).
  • the user may be required to commit the changes using EBE after a certain period of time has elapsed.
  • CEs represent a combination of environmental factors that result in an encryption key that has been used before. For example, if the user wants to employ a certain conference room as a CE, then when the user encrypts a file for the first time, the EBE system will record that CE as a hash of the encryption key generated from the environmental factors associated with that conference room. To maintain security, neither the encryption key, nor the environmental factors used to generate the key, are stored, only the hash is stored. The process may be repeated for multiple locations/environments that the user wishes to designate as CEs, and a table of hash values may be maintained, each entry created as a hash of the encryption key that was generated from the environmental factors associated with that CE.
  • the user will no longer be in a given CE. If, at that point, the user wants to save the file, they will have the option to create a new CE for their current environmental factors and encrypt the file under that CE, or to temporarily save a difference or delta of their changes using a simpler encryption key. In the event that security of the temporary file is compromised, only the differences will be exposed, not the entire data file.
  • CEs While an unlimited number of CEs may be created and used, in some examples the number may be limited to a relatively smaller number (e.g., less than 5) due to practical/operational constraints.
  • a hash of the encryption key 230 is compared to entries in a CE table (e.g., hashes of encryption keys for each CE) to determine if there is a match.
  • the encryption key is valid and the data file is checked-in by encrypting the file with the key 230 , and replacing the existing file.
  • the user is asked whether to create a new CE or to save a temporary copy of the differences between the current data file and the previous version of the data file.
  • the temporary copy of the differences is encrypted using an alternate encryption method and then saved.
  • the temporary copy may optionally be deleted after the expiration of a selected time limit.
  • the user may be warned before the temporary copy is deleted, for example through a message displayed on a display element 670 of FIG. 6 , of the computing platform 120 of FIG. 1 .
  • the EBT system 100 may engage in a dialogue with the user through a user interface 660 of FIG. 6 and display element 670 to determine if the temporary copy should be deleted.
  • a check is performed to determine if a limit on the number of CE instances will be exceeded.
  • a new CE is created and the data file is encrypted with a new key, associated with that CE, and saved.
  • a hash of the new key is added to the CE hash table.
  • a hash of the encryption key 230 is compared to entries in a CE table to determine if there is a match. If there is a match, the encryption key 230 can be used to decrypt the data file, which is then considered to be checked out. If there is not a match, the encryption key 230 is not valid for any of the CEs in the table, and any attempt to use that key to decrypt the file will fail (e.g., the data will be unusable/unreadable). In some examples, the EBE system may report this to the user for, example through a message displayed on display element 670 .
  • FIG. 6 is a block diagram of a computing platform 120 , of FIG. 1 , configured to perform a process for EBE, in accordance with an example of the present disclosure.
  • the platform 120 may be a mobile device, as previously described in connection with FIG. 1 .
  • the computing platform or device 120 includes one or more processors 610 , volatile memory 620 (e.g., random access memory (RAM)), non-volatile memory 630 , one or more network or communication interfaces 640 , a user interface (UI) 660 , a display element or screen 670 , and a communications bus 650 .
  • volatile memory 620 e.g., random access memory (RAM)
  • non-volatile memory 630 e.g., non-volatile memory 630
  • network or communication interfaces 640 e.g., a network or communication interfaces 640
  • UI user interface
  • display element or screen 670 e.g., a display element or screen 670
  • communications bus 650 e.g., a communications bus 650 .
  • the computing platform 120 may also be referred to as a computer or a computer system.
  • the non-volatile (non-transitory) memory 630 can include: one or more hard disk drives (HDDs) or other magnetic or optical storage media; one or more solid state drives (SSDs), such as a flash drive or other solid-state storage media; one or more hybrid magnetic and solid-state drives; and/or one or more virtual storage volumes, such as a cloud storage, or a combination of such physical storage volumes and virtual storage volumes or arrays thereof.
  • HDDs hard disk drives
  • SSDs solid state drives
  • virtual storage volumes such as a cloud storage, or a combination of such physical storage volumes and virtual storage volumes or arrays thereof.
  • the display element 670 can provide a graphical user interface (GUI) and in some cases, may be a touchscreen or any other suitable display device.
  • GUI graphical user interface
  • the UI 660 can include one or more input/output (I/O) devices (e.g., a mouse, a keyboard, a microphone, a camera, one or more speakers, one or more biometric scanners, one or more environmental sensors, and one or more accelerometers, etc.).
  • I/O input/output
  • the non-volatile memory 630 stores an operating system 632 , one or more applications 634 , data 636 , and EBE system 100 of FIG. 1 , such that, for example, computer instructions of the operating system 632 , the applications 634 , and the EBE system 100 , are executed by processor(s) 610 out of the volatile memory 620 .
  • the volatile memory 620 can include one or more types of RAM and/or a cache memory that can offer a faster response time than a main memory.
  • Data can be entered through the UI 660 or received from the other devices.
  • Data files to be encrypted (or that have been decrypted) may be displayed through user interface 660 for presentation to the user on display element 670 .
  • Various elements of the computing platform 120 can communicate via the communications bus 650 .
  • the illustrated computing platform 120 is shown merely as an example client device and can be implemented by any computing or processing environment with any type of machine or set of machines that can have suitable hardware and/or software capable of operating as described herein.
  • the processor(s) 610 can be implemented by one or more programmable processors to execute one or more executable instructions, such as a computer program, to perform the functions of the system.
  • processor describes circuitry that performs a function, an operation, or a sequence of operations. The function, operation, or sequence of operations can be hard coded into the circuitry or soft coded by way of instructions held in a memory device and executed by the circuitry.
  • a processor can perform the function, operation, or sequence of operations using digital values and/or using analog signals.
  • the processor can be embodied in one or more application specific integrated circuits (ASICs), microprocessors, digital signal processors (DSPs), graphics processing units (GPUs), microcontrollers, field programmable gate arrays (FPGAs), programmable logic arrays (PLAs), multicore processors, or general-purpose computers with associated memory.
  • ASICs application specific integrated circuits
  • DSPs digital signal processors
  • GPUs graphics processing units
  • FPGAs field programmable gate arrays
  • PDAs programmable logic arrays
  • multicore processors or general-purpose computers with associated memory.
  • the processor 610 can be analog, digital or mixed. In some examples, the processor 610 can be one or more physical processors. In some examples, the physical processors may be remotely located or cloud-based processors. A processor including multiple processor cores and/or multiple processors can provide functionality for parallel, simultaneous execution of instructions or for parallel, simultaneous execution of one instruction on more than one piece of data.
  • the network interfaces 640 can include one or more interfaces to enable the computing platform 120 to access a computer network 680 such as a Local Area Network (LAN), a Wide Area Network (WAN), a Personal Area Network (PAN), or the Internet through a variety of wired and/or wireless connections, including cellular connections.
  • a computer network 680 such as a Local Area Network (LAN), a Wide Area Network (WAN), a Personal Area Network (PAN), or the Internet through a variety of wired and/or wireless connections, including cellular connections.
  • the network 680 may allow for communication with other computing platforms 690 , to enable distributed computing.
  • the network 680 may allow for communication with other servers such as device management server 310 and/or application management server 330 , both of FIG. 3 .
  • the computing platform 120 can execute an application on behalf of a user of a client device.
  • the computing platform 120 can execute one or more virtual machines managed by a hypervisor. Each virtual machine can provide an execution session within which applications execute on behalf of a user or a client device, such as a hosted desktop session.
  • the computing platform 120 can also execute a terminal services session to provide a hosted desktop environment.
  • the computing platform 120 can provide access to a remote computing environment including one or more applications, one or more desktop applications, and one or more desktop sessions in which one or more applications can execute.
  • references to “or” can be construed as inclusive so that any terms described using “or” can indicate any of a single, more than one, and all of the described terms.
  • the term usage in the incorporated references is supplementary to that of this document; for irreconcilable inconsistencies, the term usage in this document controls.

Abstract

A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to measure one or more environmental factors; convert the one or more environmental factors to entropy values by truncation or rounding of the one or more environmental factors to a selected number of bits; and combine the entropy values to generate an encryption key. The one or more environmental factors may include a location of the computer system, a current date and time, parameters of a network environment to which the computer system is connected, or an identification of a server to which the computer system is connected. The at least one processor is further configured to encrypt and/or decrypt at least a portion of a data file and/or at least a portion of a binary executable application using the encryption key.

Description

    CROSS-REFERENCE TO RELATED APPLICATIONS
  • This application claims the benefit under 35 U.S.C. § 120 as a continuation of U.S. patent application Ser. No. 16/809,857, titled “SYSTEM AND METHODS FOR ENCRYPTION BASED ON ENVIRONMENTAL FACTORS,” filed on Mar. 5, 2020. The aforementioned application is hereby incorporated herein by reference in its entirety.
    • BACKGROUND
  • Protecting data and applications on user devices (particularly mobile devices) is an increasingly important component of enterprise security. Some solutions involve encryption based on a user entered password or personal identification number (PIN). Other solutions use encryption based on a biometric approach such as facial recognition or fingerprint identification. These methods have their limitations, however. For example, weak passwords can often be guessed at, strong passwords can be stolen, and even biometric techniques can be spoofed.
    • SUMMARY
  • In at least one example, a computer system is provided. The computer system includes a memory; and at least one processor coupled to the memory and configured to: measure one or more environmental factors; convert the one or more environmental factors to one or more entropy values by transforming of the one or more environmental factors to a selected number of bits; and combine the entropy values to generate an encryption key.
  • At least some examples of the computer system can include one or more of the following features. The transforming of the one or more environmental factors includes truncating or rounding the one or more environmental factors to a selected number of bits. The one or more environmental factors include one or more of a location of the computer system, a current date and time, parameters of a network environment to which the computer system is connected, and an identification of a server to which the computer system is connected. The at least one processor can be configured to encrypt and/or decrypt at least a portion of a data file using the encryption key, thereby omitting a need to provide a password. The at least one processor is further configured to encrypt and/or decrypt at least a portion of a binary executable application using the encryption key, thereby omitting a need to provide a password. The at least one processor is further configured to perform the combining by concatenation of the entropy values or by summation of the entropy values. The at least one processor is further configured to obtain encryption configuration parameters from an administration server, the encryption configuration parameters to identify the one or more of the environmental factors. The at least one processor is further configured to determine if either: a data file should be encrypted using the encryption key; or a difference file should be created to capture edits made to the data file since a previous encryption based on environmental factors, the difference file to be encrypted using an alternate encryption technique, the alternate encryption technique not based on environmental factors.
  • In at least one example, a method for providing environmental based encryption is provided. The method includes measuring, by a computer system, one or more environmental factors; converting, by the computer system, the one or more environmental factors to one or more entropy values by transforming the one or more environmental factors to a selected number of bits; and combining, by the computer system, the entropy values to generate an encryption key.
  • At least some examples of the method can include one or more of the following features. The transforming of the one or more environmental factors includes truncating or rounding the one or more environmental factors to a selected number of bits. The one or more environmental factors include one or more of a location of the computer system, a current date and time, parameters of a network environment to which the computer system is connected, and an identification of a server to which the computer system is connected. The act of encrypting and/or decrypting at least a portion of a data file using the encryption key, thereby omitting a need to provide a password. The act of encrypting and/or decrypting at least a portion of a binary executable application using the encryption key, thereby omitting a need to provide a password. The act of performing the combining by concatenation of the entropy values or by summation of the entropy values. The act of obtaining encryption configuration parameters from an administration server, the encryption configuration parameters to identify the one or more of the environmental factors. The act of determining if either: a data file should be encrypted using the encryption key; or a difference file should be created to capture edits made to the data file since a previous encryption based on environmental factors, the difference file to be encrypted using an alternate encryption technique, the alternate encryption technique not based on environmental factors.
  • In at least one example, a non-transitory computer readable medium storing executable sequences of instructions to provide environmental based encryption is provided. The sequences of instructions include instructions to: measure one or more environmental factors; convert the one or more environmental factors to one or more entropy values by transforming the one or more environmental factors to a selected number of bits; and combine the entropy values to generate an encryption key.
  • At least some examples of the non-transitory computer readable medium can include one or more of the following features. The transforming of the one or more environmental factors includes truncating or rounding the one or more environmental factors to a selected number of bits. The one or more environmental factors include one or more of a location of the computer system, a current date and time, parameters of a network environment to which the computer system is connected, and an identification of a server to which the computer system is connected. Instructions to encrypt and/or decrypt at least a portion of a data file using the encryption key, thereby omitting a need to provide a password. Instructions to encrypt and/or decrypt at least a portion of a binary executable application using the encryption key, thereby omitting a need to provide a password. Instructions to perform the combining by concatenation of the entropy values or by summation of the entropy values. Instructions to obtain encryption configuration parameters from an administration server, the encryption configuration parameters to identify the one or more of the environmental factors. Instructions to determine if either: a data file should be encrypted using the encryption key; or a difference file should be created to capture edits made to the data file since a previous encryption based on environmental factors, the difference file to be encrypted using an alternate encryption technique, the alternate encryption technique not based on environmental factors.
  • Still other aspects, examples, and advantages of these aspects and examples, are discussed in detail below. Moreover, it is to be understood that both the foregoing information and the following detailed description are merely illustrative examples of various aspects and features and are intended to provide an overview or framework for understanding the nature and character of the claimed aspects and examples. Any example or feature disclosed herein can be combined with any other example or feature. References to different examples are not necessarily mutually exclusive and are intended to indicate that a particular feature, structure, or characteristic described in connection with the example can be included in at least one example. Thus, terms like “other” and “another” when referring to the examples described herein are not intended to communicate any sort of exclusivity or grouping of features but rather are included to promote readability.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • Various aspects of at least one example are discussed below with reference to the accompanying figures, which are not intended to be drawn to scale. The figures are included to provide an illustration and a further understanding of the various aspects and are incorporated in and constitute a part of this specification but are not intended as a definition of the limits of any particular example. The drawings, together with the remainder of the specification, serve to explain principles and operations of the described and claimed aspects. In the figures, each identical or nearly identical component that is illustrated in various figures is represented by a like numeral. For purposes of clarity, not every component may be labeled in every figure.
  • FIG. 1 is a top-level block diagram of an implementation of an environmental based encryption (EBE) system on a computing platform, in accordance with an example of the present disclosure.
  • FIG. 2 is a block diagram of the EBE system, in accordance with an example of the present disclosure.
  • FIG. 3 illustrates remote management of the EBE system, in accordance with an example of the present disclosure.
  • FIG. 4 is a flow diagram of a process for EBE, in accordance with an example of the present disclosure.
  • FIG. 5 is a flow diagram of a process for data file check-in with optional commitment using EBE, in accordance with an example of the present disclosure.
  • FIG. 6 is a block diagram of a computing platform configured to perform a process for EBE, in accordance with an example of the present disclosure.
    •  DETAILED DESCRIPTION
  • As noted previously, protecting data and applications on user devices is critical for enterprise security, and encryption is an important part of that process. This is particularly true for mobile devices such as smart phones, tablets, and laptops. User entered passwords or PINs, as well as biometric approaches based on facial recognition or fingerprint identification, can be used, but these methods all have their limitations. For example, weak passwords can be guessed at or otherwise broken, strong passwords are burdensome for the user to deal with and can be stolen. Biometric techniques offer some advantages, but even these can be circumvented through spoofing techniques.
  • To address these problems, and as summarized above, various examples described herein are directed to systems and methods for providing encryption based on environmental factors. In some examples, the environmental factors include elements of the environment in which the device is operating such as location, time of day, and network factors, to name a few. These environmental factors can be measured and converted into entropy values, as will be explained in greater detail below. The term “entropy,” as used herein, is a measure of the state of the environment, to a desired degree of precision. This form of entropy can be associated with a relative level of unpredictability of an encryption key. That is to say, greater entropy is associated with a more secure encryption key. Because these forms of entropy (e.g., derived from the measured environmental factors) are not directly entered by the user, they provide greater security against theft and hacking, and can be more convenient to use.
  • In some examples, an EBE system measures environmental factors such as location and time of day. These factors are then converted to entropy values, for example, by truncating, rounding, or otherwise filtering the measured factors to a selected number of bits. The entropy values are then combined, by concatenation, summing, or any other suitable mathematical operation, to generate an environmentally based encryption key (an EBE key). The number of bits used for the entropy value is a tradeoff between EBE key strength and practical operation, as will be explained in greater detail below. The EBE system may then use the EBE key to encrypt and decrypt data and applications. The EBE key may be used with any suitable key-based encryption technique, in light of the present disclosure.
  • For example, a data file on a mobile device may be encrypted based on the fact that the mobile device is located in a particular conference room between the hours of 2 PM and 3 PM. The data file would then be readable (e.g., through EBE decryption) only in that conference room between the hours of 2 PM and 3 PM. As such, the user does not need to remember a password, and there is no opportunity for a password to be stolen, guessed at, or hacked. Additionally, if the user desires to share that file with another person, the user need only tell that person the location and time at which the file can be accessed. In some examples, even this can be done in a secure way, such as telling the other party to “check the files at your usual coffee time in your favorite café,” for the case where the location is a known favorite coffee shop that is frequented at a known time.
  • While there is an inconvenience cost associated with this scheme (e.g., the need to be in a specific place at a specific time), that cost can be mitigated to some extent by encrypting the file using multiple sets of environmental factors, which in this example, would allow the file to be accessed at multiple locations and at multiple times that may be chosen for convenience or based on security concerns (e.g., locations considered to be safe). The locations and times would typically be limited in number and chosen with security considerations in mind, for example, locations frequented by people who are authorized to access the files.
  • As another example, the environmental factor may include the presence of (or relative distance to) a second device, which may be measured using radio frequency identification (RFID) techniques. The second device may be a smart watch, an Internet-of-Things (loT) device, or any device with a serial number or tag that can be measured and identified by the mobile device employing the EBE system. In some examples, a Media Access Contol (MAC) address of the second device may be used as the entropy value, and thus the physical presence of this second device in the vicinity of the mobile device effectively functions as the encryption key.
  • As another example, the environmental factors may include network factors such as any of the following: the Service Set Identifier (SSID) or other identifier of a network access point to which the mobile device is connected, the MAC address of the mobile device, an Internet Protocol (IP) address resolution for a domain name, the ping time to a specified network location, or an SSID to a specified wireless network access point to which the mobile device is not necessarily connected, and/or an identifier of a mobile device management (MDM) server with which the mobile device is enrolled. It will be appreciated that these are just a few examples, and many other types of environmental factors may be employed by the EBE system.
  • As will be understood in view of this disclosure, the systems and methods for environmental based encryption provided herein have several advantages over existing methods which are generally limited to user-entered passwords. For instance, the systems and methods described herein avoid the need for the user to write down or otherwise store passwords that are difficult to remember, thus reducing the possibility of loss or theft. Because passwords are not required, the environmentally based encryption key can be very long and therefore more secure than an encryption key based on a password. Additionally, it will generally be difficult for an unauthorized or nefarious party to duplicate the necessary environmental conditions to decrypt a data file, even if those environmental conditions were known. For example, if the encryption key requires that the device be in a specific conference room at a specific time, it would be unlikely, although not impossible, that a remote hacker would be able to meet those conditions. To guard against this unlikely possibility, however, additional encryption may be employed using traditional passwords or other suitable techniques, as an extra layer of security, for example, in the most sensitive of applications.
  • Examples of the methods and systems discussed herein are not limited in application to the details of construction and the arrangement of components set forth in the following description or illustrated in the accompanying drawings. The methods and systems are capable of implementation in other examples and of being practiced or of being carried out in various ways. Examples of specific implementations are provided herein for illustrative purposes only and are not intended to be limiting. In particular, acts, components, elements and features discussed in connection with any one or more examples are not intended to be excluded from a similar role in any other examples.
  • Environmental Based Encryption System
  • FIG. 1 is a top-level block diagram of an implementation of an EBE system 100 on a computing platform 120, in accordance with an example of the present disclosure. In some examples, an EBE system 100 is configured to provide security for data and/or applications using key-based encryption techniques, wherein the encryption key is computed from measurable environmental factors 140. In some examples, the computing platform 120 may be a mobile device such as a smart phone, tablet, or laptop. In some examples, the computing platform 120 may be an loT device. As shown in FIG. 1, the EBE system 100 performs encryption and decryption operations 150, 160 to manage access to encrypted data storage 130 by a user 110. In some examples, applications (e.g., binary executables, or parts thereof) may also be encrypted, as will be discussed in greater detail below.
  • FIG. 2 is a block diagram of the EBE system 100 of FIG. 1, in accordance with an example of the present disclosure. EBE system 100 is shown to include environmental factor processor 200, entropy generator 210, encryption key generator 220, encryption/decryption processor 240, and configuration/administration processor 260.
  • Environmental factor processor 200 is configured to measure one or more environmental factors. These factors may include elements of the environment in which the computing platform 120 is operating such as location factors, temporal factors, network factors, connection to a specified server on a network, and inter-device factors, to name a few. It will be appreciated, however, that numerous other possibilities exist. Location factors may include longitude, latitude, and/or altitude. In some examples, location factors may be measured using a global positioning system (GPS) receiver. Temporal factors may also be measured using a GPS receiver, a clock, or other suitable timing device or circuit.
  • In some examples, network factors may include the SSID (or other identifier) of an attached network access point, the mobile devices current ID address or MAC address, IP address resolution for a specific domain name, the ping time to a specific network location, and/or the SSID (or other identifier) of a specified wireless network access point.
  • In some examples, the SSID (or other identifier) of a specified wireless network access point may be used as a network factor, even if not currently connected. For example, some operating systems may store lists of previously-connected access points. If these lists can be accessed, they can be checked for the presence of one or more networks to which the computing platform 120 has been previously connected, even if they are not connected at that instant. Such lists may contain identifying information for the access point such as an SSID.
  • The network factors may be measured using networking hardware and protocols, whether wired or wireless. In some examples, inter-device factors may include the presence of, or relative distance to, a specific device, or the serial number of a tag for an RFID device. Inter-device factors may be measured using RFID systems, or other suitable technology.
  • It will be appreciated that, in some examples, different combinations of environmental factors may be particularly useful, such as the combination of location factors and temporal factors, or the combination of location factors and network factors.
  • In some examples, the choice of environmental factors to be measured may be determined by the configuration/administration processor 260, which may be directed by a remote configuration/administration server 270, an information technology (IT) administrator of the computing platform 120, or the user 110 of FIG. 1.
  • Entropy generator 210 is configured to convert the environmental factors to entropy values by truncation, rounding, or otherwise filtering to a selected number of bits. In some examples, other suitable mathematical techniques may be applied to the environmental factors to generate entropy values of the selected number of bits. The number of bits used for the entropy value is a tradeoff between encryption key strength and practical operation. Each environmental factor possesses an inherent quantity of available entropy. For example, an SSID is typically 32 characters or 128 bits, while a MAC address is 48 bits, and the presence of a specific RFID device may translate to only a single bit. A greater number of bits has more entropy and may result in a more secure encryption key, however, there are practical limits to the size of the entropy values. For example, GPS may provide location accuracy on the order of 3 to 4 meters, but for real world usability, it may be best to round the location accuracy to a range of 10 to 20 meters, which corresponds to the size of a typical room. Similarly, time can be measured at millisecond accuracy, providing greater entropy, but it would not be feasible for the user to attempt to access the file in such a narrow time period. Thus, it would be more reasonable to round off the measured time to the order of many minutes or hours.
  • In some examples, the degree of truncation or rounding may be determined by the configuration/administration processor 260, in the same manner as described above in connection with the choice of environmental factors.
  • Encryption key generator 220 is configured to combine the entropy values to generate an environmental based encryption key. In some examples, the combining of entropy values may be accomplished through concatenation of the values, summation of the values, or through any suitable mathematical operation performed on those values. In some examples, the choice of the combining technique may also be determined by the configuration/administration processor 260.
  • Encryption/decryption processor 240 is configured to encrypt or decrypt a data file or application (or portion thereof) using the generated environmental based encryption key. In some examples, the encryption/decryption process may use any suitable key-based encryption process, including, for example, salting algorithms, iterative algorithms, and elliptic-curve cryptography, to name a few.
  • As previously described, configuration/administration processor 260 is configured to provide configuration parameters 265 to the environmental factor processor 200, the entropy generator 210, and the encryption key generator 220. These parameters 265 may control, for example, the specific environmental factors to be chosen, the number of bits of entropy to be used, and the specific encryption technique to be employed. In some examples, the parameters 265 may be provided by configuration/administration server 270, an IT administrator of the platform, or the user 110 of the platform.
  • In some examples, a user interface or graphical user interface, 660 of FIG. 6, may be provided and configured to allow the IT administrator or user to provide direction and parameters to the EBE system, or otherwise engage in dialog with the EBE system. Parameters may include, for example, the choice of environmental factors to be measured, the number of bits of entropy to be used, and the specific encryption technique to be used.
  • In some examples, multiple encryptions, using different sets of environmental factors, may be performed to improve accessibility and convenience for the user. This would allow, for example, multiple time ranges (e.g., 9 AM-10 AM and 2 PM-3 PM), or multiple locations (e.g., home office and work conference room), for which user access to the encrypted data or applications would be allowed.
  • FIG. 3 illustrates remote management 300 of the EBE system 100 of FIG. 1, in accordance with an example of the present disclosure. A device management server 310 and/or an application management server 330 may be coupled to the computing platform 120 of FIG. 1, as shown, for example through a network connection. In some examples, the device management server 310 is configured to manage various aspects of the computing platform 120, including security and data encryption policies. As such, the device management server 310 may provide data encryption enforcement 320 that includes a mandate for performance of environmental based encryption, by EBE system 100, of data and data files to be stored in encrypted data storage 130, using the techniques as previously described. In some examples, wrapping techniques may be used to modify existing binary executables (without requiring a complete rebuild of the executables), to incorporate the EBE techniques described above into existing applications for deployment on the computing platform 120 of FIG. 1.
  • In some examples, application management server 330 is configured to provide environmental based encryption, using EBE system 100, of applications 340 to be executed on computing platform 120. The application management server 330 may provide software development tools or a software development kit (SDK). The SDK may include, for example, an application programming interface (API) that a software developer can use in the development of software applications. The developer may incorporate calls to the API, in their software, to implement EBE functionality in the application. For example, a binary executable of an application may contain 9 Megabytes of data and 1 Megabyte of loader code, and the data portion may be encrypted using the EBE techniques described previously while the loader code portion can remain unencrypted. When the application is executed, the EBE functionality incorporated into that application, through the API calls, may then prevent access to the encrypted data portion unless the appropriate environmental factors are met. The encryption of the data portion may therefore defeat attempts at theft of the application.
  • Environmental Based Encryption Processes
  • As described above, some examples of the EBE system 100 of FIG. 1 are configured to provide encryption of data and applications, based on environmental factors which can be measured, and which do not require any explicit input from the user, such as strong passwords which can be difficult to remember. The processes may be executed on a processor of any suitable type (e.g., processor(s) 610 of FIG. 6).
  • FIG. 4 is a flow diagram of a process 400 for EBE, in accordance with an example of the present disclosure. At operation 410, an environmental factor processor 200, of FIG. 2, measures one or more selected environmental factors in which the computing system/platform is operating. In some examples, the environmental factors may include one or more of a location of the computer system, a current date and time, parameters of a network environment to which the computer system is connected, and an identification of a server to which the computer system is connected.
  • At operation 420, the environmental factors are converted to entropy values by truncation, rounding, or filtering (or other suitable mathematical operation) to a selected number of bits, for example by entropy generator 210 of FIG. 2.
  • At operation 430, the entropy values are combined to generate an encryption key, for example by encryption key generator 220 of FIG. 2. In some examples, the combining is accomplished through the concatenation or summation of the entropy values, or through any other suitable mathematical operation that may be performed on the entropy values.
  • At operation 440, data and/or applications are encrypted and/or decrypted using the environmental based encryption key, for example by encryption/decryption processor 240 of FIG. 2. In some examples, at least a portion of a data file or a portion of a binary executable application is encrypted or decrypted using the environmental based encryption key.
  • FIG. 5 is a flow diagram 500 of a process for data file check-in with optional commitment using EBE, in accordance with an example of the present disclosure. Because encryption keys can change frequently, it may be inconvenient to encrypt data each time a file is modified. For this reason, in some examples, EBE may be implemented under a check-in/check-out paradigm in which there is a distinction between saving a modified data file, and subsequently “committing” the changes so that they are encrypted using EBE. Changes that are not committed can still be encrypted, however, using a simpler or more traditional encryption key (e.g., a key that is based on a password). In some examples, the user may be required to commit the changes using EBE after a certain period of time has elapsed.
  • To facilitate the check-in/check-out process, one or more “commit environments” (CEs) can be created. A CE represents a combination of environmental factors that result in an encryption key that has been used before. For example, if the user wants to employ a certain conference room as a CE, then when the user encrypts a file for the first time, the EBE system will record that CE as a hash of the encryption key generated from the environmental factors associated with that conference room. To maintain security, neither the encryption key, nor the environmental factors used to generate the key, are stored, only the hash is stored. The process may be repeated for multiple locations/environments that the user wishes to designate as CEs, and a table of hash values may be maintained, each entry created as a hash of the encryption key that was generated from the environmental factors associated with that CE.
  • At a future point in time, when the environmental factors change, the user will no longer be in a given CE. If, at that point, the user wants to save the file, they will have the option to create a new CE for their current environmental factors and encrypt the file under that CE, or to temporarily save a difference or delta of their changes using a simpler encryption key. In the event that security of the temporary file is compromised, only the differences will be exposed, not the entire data file.
  • While an unlimited number of CEs may be created and used, in some examples the number may be limited to a relatively smaller number (e.g., less than 5) due to practical/operational constraints.
  • To this end, as illustrated in FIG. 5, at operation 510, a hash of the encryption key 230, of FIG. 2, is compared to entries in a CE table (e.g., hashes of encryption keys for each CE) to determine if there is a match.
  • At operation 520, if there is a match, then the encryption key is valid and the data file is checked-in by encrypting the file with the key 230, and replacing the existing file. At operation 530, if there is not a match, the user is asked whether to create a new CE or to save a temporary copy of the differences between the current data file and the previous version of the data file.
  • At operation 540, if the user chose not to create a new CE, the temporary copy of the differences is encrypted using an alternate encryption method and then saved. At operation 550, the temporary copy may optionally be deleted after the expiration of a selected time limit. In some examples, the user may be warned before the temporary copy is deleted, for example through a message displayed on a display element 670 of FIG. 6, of the computing platform 120 of FIG. 1. In some examples, the EBT system 100 may engage in a dialogue with the user through a user interface 660 of FIG. 6 and display element 670 to determine if the temporary copy should be deleted.
  • At operation 560, if the user chose to create a new CE, a check is performed to determine if a limit on the number of CE instances will be exceeded. At operation 570, if the limit is not exceeded, a new CE is created and the data file is encrypted with a new key, associated with that CE, and saved. At operation 580, a hash of the new key is added to the CE hash table.
  • For the data file check-out process, a hash of the encryption key 230 is compared to entries in a CE table to determine if there is a match. If there is a match, the encryption key 230 can be used to decrypt the data file, which is then considered to be checked out. If there is not a match, the encryption key 230 is not valid for any of the CEs in the table, and any attempt to use that key to decrypt the file will fail (e.g., the data will be unusable/unreadable). In some examples, the EBE system may report this to the user for, example through a message displayed on display element 670.
  • Computing Platform for Environmental Based Encryption
  • FIG. 6 is a block diagram of a computing platform 120, of FIG. 1, configured to perform a process for EBE, in accordance with an example of the present disclosure. In some cases, the platform 120 may be a mobile device, as previously described in connection with FIG. 1.
  • The computing platform or device 120 includes one or more processors 610, volatile memory 620 (e.g., random access memory (RAM)), non-volatile memory 630, one or more network or communication interfaces 640, a user interface (UI) 660, a display element or screen 670, and a communications bus 650. The computing platform 120 may also be referred to as a computer or a computer system.
  • The non-volatile (non-transitory) memory 630 can include: one or more hard disk drives (HDDs) or other magnetic or optical storage media; one or more solid state drives (SSDs), such as a flash drive or other solid-state storage media; one or more hybrid magnetic and solid-state drives; and/or one or more virtual storage volumes, such as a cloud storage, or a combination of such physical storage volumes and virtual storage volumes or arrays thereof.
  • The display element 670 can provide a graphical user interface (GUI) and in some cases, may be a touchscreen or any other suitable display device. The UI 660 can include one or more input/output (I/O) devices (e.g., a mouse, a keyboard, a microphone, a camera, one or more speakers, one or more biometric scanners, one or more environmental sensors, and one or more accelerometers, etc.).
  • The non-volatile memory 630 stores an operating system 632, one or more applications 634, data 636, and EBE system 100 of FIG. 1, such that, for example, computer instructions of the operating system 632, the applications 634, and the EBE system 100, are executed by processor(s) 610 out of the volatile memory 620. In some examples, the volatile memory 620 can include one or more types of RAM and/or a cache memory that can offer a faster response time than a main memory. Data can be entered through the UI 660 or received from the other devices. Data files to be encrypted (or that have been decrypted) may be displayed through user interface 660 for presentation to the user on display element 670. Various elements of the computing platform 120 can communicate via the communications bus 650.
  • The illustrated computing platform 120 is shown merely as an example client device and can be implemented by any computing or processing environment with any type of machine or set of machines that can have suitable hardware and/or software capable of operating as described herein.
  • The processor(s) 610 can be implemented by one or more programmable processors to execute one or more executable instructions, such as a computer program, to perform the functions of the system. As used herein, the term “processor” describes circuitry that performs a function, an operation, or a sequence of operations. The function, operation, or sequence of operations can be hard coded into the circuitry or soft coded by way of instructions held in a memory device and executed by the circuitry. A processor can perform the function, operation, or sequence of operations using digital values and/or using analog signals.
  • In some examples, the processor can be embodied in one or more application specific integrated circuits (ASICs), microprocessors, digital signal processors (DSPs), graphics processing units (GPUs), microcontrollers, field programmable gate arrays (FPGAs), programmable logic arrays (PLAs), multicore processors, or general-purpose computers with associated memory.
  • The processor 610 can be analog, digital or mixed. In some examples, the processor 610 can be one or more physical processors. In some examples, the physical processors may be remotely located or cloud-based processors. A processor including multiple processor cores and/or multiple processors can provide functionality for parallel, simultaneous execution of instructions or for parallel, simultaneous execution of one instruction on more than one piece of data.
  • The network interfaces 640 can include one or more interfaces to enable the computing platform 120 to access a computer network 680 such as a Local Area Network (LAN), a Wide Area Network (WAN), a Personal Area Network (PAN), or the Internet through a variety of wired and/or wireless connections, including cellular connections. In some examples, the network 680 may allow for communication with other computing platforms 690, to enable distributed computing. In some examples, the network 680 may allow for communication with other servers such as device management server 310 and/or application management server 330, both of FIG. 3.
  • In described examples, the computing platform 120 can execute an application on behalf of a user of a client device. For example, the computing platform 120 can execute one or more virtual machines managed by a hypervisor. Each virtual machine can provide an execution session within which applications execute on behalf of a user or a client device, such as a hosted desktop session. The computing platform 120 can also execute a terminal services session to provide a hosted desktop environment. The computing platform 120 can provide access to a remote computing environment including one or more applications, one or more desktop applications, and one or more desktop sessions in which one or more applications can execute.
  • Having thus described several aspects of at least one example, it is to be appreciated that various alterations, modifications, and improvements will readily occur to those skilled in the art. For instance, examples disclosed herein can also be used in other contexts. Such alterations, modifications, and improvements are intended to be part of this disclosure and are intended to be within the scope of the examples discussed herein. Accordingly, the foregoing description and drawings are by way of example only.
  • Also, the phraseology and terminology used herein is for the purpose of description and should not be regarded as limiting. Any references to examples, components, elements or acts of the systems and methods herein referred to in the singular can also embrace examples including a plurality, and any references in plural to any example, component, element or act herein can also embrace examples including only a singularity. References in the singular or plural form are not intended to limit the presently disclosed systems or methods, their components, acts, or elements. The use herein of “including,” “comprising,” “having,” “containing,” “involving,” and variations thereof is meant to encompass the items listed thereafter and equivalents thereof as well as additional items. References to “or” can be construed as inclusive so that any terms described using “or” can indicate any of a single, more than one, and all of the described terms. In addition, in the event of inconsistent usages of terms between this document and documents incorporated herein by reference, the term usage in the incorporated references is supplementary to that of this document; for irreconcilable inconsistencies, the term usage in this document controls.

Claims (24)

1. A computer system comprising:
a memory; and
at least one processor coupled to the memory and configured to:
measure one or more environmental factors including a location of the computer system;
convert the one or more environmental factors to one or more entropy values by transforming of the one or more environmental factors to a selected number of bits; and
combine the entropy values to generate an encryption key.
2. The computer system of claim 1, wherein the transforming of the one or more environmental factors includes truncating or rounding the one or more environmental factors to a selected number of bits.
3. The computer system of claim 1, wherein the one or more environmental factors include one or more of a current date and time, parameters of a network environment to which the computer system is connected, and an identification of a server to which the computer system is connected.
4. The computer system of claim 1, wherein the at least one processor is further configured to encrypt and/or decrypt at least a portion of a data file using the encryption key, thereby omitting a need to provide a password.
5. The computer system of claim 1, wherein the at least one processor is further configured to encrypt and/or decrypt at least a portion of a binary executable application using the encryption key, thereby omitting a need to provide a password.
6. The computer system of claim 1, wherein the at least one processor is further configured to perform the combining by concatenation of the entropy values or by summation of the entropy values.
7. The computer system of claim 1, wherein the at least one processor is further configured to obtain encryption configuration parameters from an administration server, the encryption configuration parameters to identify the one or more of the environmental factors.
8. The computer system of claim 1, wherein the at least one processor is further configured to determine if either:
a data file should be encrypted using the encryption key; or
a difference file should be created to capture edits made to the data file since a previous encryption based on environmental factors, the difference file to be encrypted using an alternate encryption technique, the alternate encryption technique not based on environmental factors.
9. A method for providing environmental based encryption comprising:
measuring, by a computer system, one or more environmental factors including a location of the computer system;
converting, by the computer system, the one or more environmental factors to one or more entropy values by transforming the one or more environmental factors to a selected number of bits; and
combining, by the computer system, the entropy values to generate an encryption key.
10. The method of claim 9, wherein the transforming of the one or more environmental factors includes truncating or rounding the one or more environmental factors to a selected number of bits.
11. The method of claim 9, wherein the one or more environmental factors include one or more of a current date and time, parameters of a network environment to which the computer system is connected, and an identification of a server to which the computer system is connected.
12. The method of claim 9, further comprising encrypting and/or decrypting at least a portion of a data file using the encryption key, thereby omitting a need to provide a password.
13. The method of claim 9, further comprising encrypting and/or decrypting at least a portion of a binary executable application using the encryption key, thereby omitting a need to provide a password.
14. The method of claim 9, further comprising performing the combining by concatenation of the entropy values or by summation of the entropy values.
15. The method of claim 9, further comprising obtaining encryption configuration parameters from an administration server, the encryption configuration parameters to identify the one or more of the environmental factors.
16. The method of claim 9, further comprising determining if either:
a data file should be encrypted using the encryption key; or
a difference file should be created to capture edits made to the data file since a previous encryption based on environmental factors, the difference file to be encrypted using an alternate encryption technique, the alternate encryption technique not based on environmental factors.
17. A non-transitory computer readable medium storing executable sequences of instructions to provide environmental based encryption, the sequences of instructions comprising instructions to:
measure one or more environmental factors including a location of the computer system;
convert the one or more environmental factors to one or more entropy values by transforming the one or more environmental factors to a selected number of bits; and
combine the entropy values to generate an encryption key.
18. The computer readable medium of claim 17, wherein the transforming of the one or more environmental factors includes truncating or rounding the one or more environmental factors to a selected number of bits.
19. The computer readable medium of claim 17, wherein the one or more environmental factors include one or more of a current date and time, parameters of a network environment to which the computer system is connected, and an identification of a server to which the computer system is connected.
20. The computer readable medium of claim 17, wherein the sequences of instructions further include instructions to encrypt and/or decrypt at least a portion of a data file using the encryption key, thereby omitting a need to provide a password.
21. The computer readable medium of claim 17, wherein the sequences of instructions further include instructions to encrypt and/or decrypt at least a portion of a binary executable application using the encryption key, thereby omitting a need to provide a password.
22. The computer readable medium of claim 17, the sequences of instructions further include instructions to perform the combining by concatenation of the entropy values or by summation of the entropy values.
23. The computer readable medium of claim 17, wherein the sequences of instructions further include instructions to obtain encryption configuration parameters from an administration server, the encryption configuration parameters to identify the one or more of the environmental factors.
24. The computer readable medium of claim 17, wherein the sequences of instructions further include instructions to determine if either:
a data file should be encrypted using the encryption key; or
a difference file should be created to capture edits made to the data file since a previous encryption based on environmental factors, the difference file to be encrypted using an alternate encryption technique, the alternate encryption technique not based on environmental factors.
US17/745,480 2020-03-05 2022-05-16 System and methods for encryption based on environmental factors Pending US20220278838A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US17/745,480 US20220278838A1 (en) 2020-03-05 2022-05-16 System and methods for encryption based on environmental factors

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US16/809,857 US11381395B2 (en) 2020-03-05 2020-03-05 System and methods for encryption based on environmental factors
US17/745,480 US20220278838A1 (en) 2020-03-05 2022-05-16 System and methods for encryption based on environmental factors

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US16/809,857 Continuation US11381395B2 (en) 2020-03-05 2020-03-05 System and methods for encryption based on environmental factors

Publications (1)

Publication Number Publication Date
US20220278838A1 true US20220278838A1 (en) 2022-09-01

Family

ID=77556652

Family Applications (2)

Application Number Title Priority Date Filing Date
US16/809,857 Active 2040-08-04 US11381395B2 (en) 2020-03-05 2020-03-05 System and methods for encryption based on environmental factors
US17/745,480 Pending US20220278838A1 (en) 2020-03-05 2022-05-16 System and methods for encryption based on environmental factors

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US16/809,857 Active 2040-08-04 US11381395B2 (en) 2020-03-05 2020-03-05 System and methods for encryption based on environmental factors

Country Status (1)

Country Link
US (2) US11381395B2 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11381395B2 (en) * 2020-03-05 2022-07-05 Citrix Systems, Inc. System and methods for encryption based on environmental factors
US11475010B2 (en) 2020-09-09 2022-10-18 Self Financial, Inc. Asynchronous database caching
US20220075877A1 (en) 2020-09-09 2022-03-10 Self Financial, Inc. Interface and system for updating isolated repositories
US11470037B2 (en) * 2020-09-09 2022-10-11 Self Financial, Inc. Navigation pathway generation
US11641665B2 (en) 2020-09-09 2023-05-02 Self Financial, Inc. Resource utilization retrieval and modification

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020131592A1 (en) * 2001-03-16 2002-09-19 Harris Hinnant Entropy sources for encryption key generation
US20060062384A1 (en) * 2004-09-21 2006-03-23 Nortel Networks Limited Method and apparatus for generating large numbers of encryption keys
US7177426B1 (en) * 2000-10-11 2007-02-13 Digital Authentication Technologies, Inc. Electronic file protection using location
US20110075840A1 (en) * 2009-09-30 2011-03-31 Zayas Fernando A Method and system for generating random numbers in a storage device
US20120173870A1 (en) * 2010-12-29 2012-07-05 Anoop Reddy Systems and Methods for Multi-Level Tagging of Encrypted Items for Additional Security and Efficient Encrypted Item Determination
US20130136255A1 (en) * 2011-11-30 2013-05-30 Certicom Corp. Assessing cryptographic entropy
US20130236019A1 (en) * 2012-03-07 2013-09-12 Gregory Marc Zaverucha Intercepting key sessions
US20150117646A1 (en) * 2013-10-30 2015-04-30 Apriva, Llc System and method for performing a secure cryptographic operation on a mobile device including an entropy filter
US20150131796A1 (en) * 2012-05-18 2015-05-14 Omlis Limited Encryption key generation
US20180129476A1 (en) * 2016-11-09 2018-05-10 Google Inc. Hardened random number generator
US20200145236A1 (en) * 2017-06-22 2020-05-07 Telefonaktiebolaget Lm Ericsson (Publ) A Method for Generating Operating Entropy
US20200266989A1 (en) * 2017-11-09 2020-08-20 Electric Society Sa An ad-hoc network
US20210409207A1 (en) * 2018-11-09 2021-12-30 Visa International Service Association Distributed entropy system and method
US11381395B2 (en) * 2020-03-05 2022-07-05 Citrix Systems, Inc. System and methods for encryption based on environmental factors

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9329836B2 (en) * 2014-04-17 2016-05-03 International Business Machines Corporation Extracting entropy from the vibration of multiple machines
WO2018212978A1 (en) * 2017-05-17 2018-11-22 Kwourz Research Llc Time-based encryption key derivation
US20200082060A1 (en) * 2018-09-10 2020-03-12 Aveva Software, Llc Secure calling convention system and methods
US10817590B1 (en) * 2020-02-26 2020-10-27 Amera IoT Inc. Method and apparatus for creating and using quantum resistant keys

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7177426B1 (en) * 2000-10-11 2007-02-13 Digital Authentication Technologies, Inc. Electronic file protection using location
US20020131592A1 (en) * 2001-03-16 2002-09-19 Harris Hinnant Entropy sources for encryption key generation
US20060062384A1 (en) * 2004-09-21 2006-03-23 Nortel Networks Limited Method and apparatus for generating large numbers of encryption keys
US20110075840A1 (en) * 2009-09-30 2011-03-31 Zayas Fernando A Method and system for generating random numbers in a storage device
US20120173870A1 (en) * 2010-12-29 2012-07-05 Anoop Reddy Systems and Methods for Multi-Level Tagging of Encrypted Items for Additional Security and Efficient Encrypted Item Determination
US20130136255A1 (en) * 2011-11-30 2013-05-30 Certicom Corp. Assessing cryptographic entropy
US20130236019A1 (en) * 2012-03-07 2013-09-12 Gregory Marc Zaverucha Intercepting key sessions
US20150131796A1 (en) * 2012-05-18 2015-05-14 Omlis Limited Encryption key generation
US20150117646A1 (en) * 2013-10-30 2015-04-30 Apriva, Llc System and method for performing a secure cryptographic operation on a mobile device including an entropy filter
US20180129476A1 (en) * 2016-11-09 2018-05-10 Google Inc. Hardened random number generator
US20200145236A1 (en) * 2017-06-22 2020-05-07 Telefonaktiebolaget Lm Ericsson (Publ) A Method for Generating Operating Entropy
US20200266989A1 (en) * 2017-11-09 2020-08-20 Electric Society Sa An ad-hoc network
US20210409207A1 (en) * 2018-11-09 2021-12-30 Visa International Service Association Distributed entropy system and method
US11381395B2 (en) * 2020-03-05 2022-07-05 Citrix Systems, Inc. System and methods for encryption based on environmental factors

Also Published As

Publication number Publication date
US20210281403A1 (en) 2021-09-09
US11381395B2 (en) 2022-07-05

Similar Documents

Publication Publication Date Title
US11381395B2 (en) System and methods for encryption based on environmental factors
US10083311B2 (en) Cryptographic key
JP6166749B2 (en) Context-based data access control
CN111475841B (en) Access control method, related device, equipment, system and storage medium
US9992172B2 (en) Secure key management in a data storage system
US8489889B1 (en) Method and apparatus for restricting access to encrypted data
CN106992851B (en) TrustZone-based database file password encryption and decryption method and device and terminal equipment
CN106980793B (en) TrustZone-based universal password storage and reading method, device and terminal equipment
JP2014531659A (en) System and method for user authentication
US11398902B2 (en) Systems and methods for non-deterministic multi-party, multi-user sender-receiver authentication and non-repudiatable resilient authorized access to secret data
CN109076054B (en) System and method for managing encryption keys for single sign-on applications
US20210117533A1 (en) Private password constraint validation
KR100954841B1 (en) Method and Apparatus of managing unity data on mobile device and Recording medium using this
US20200244441A1 (en) One-time password with unpredictable moving factor
US10218713B2 (en) Global attestation procedure
CN110532792B (en) Method and system for checking privacy information
TW201734877A (en) Method and device for concealing user information contained in application
EP3427173B1 (en) Passcodes for computing devices
US20240114012A1 (en) Zero-trust distributed data sharing
US20240089098A1 (en) Decryption key generation and recovery
US11550964B2 (en) Account-specific security in an email client
US20240104229A1 (en) Verifiable attribute maps
Qaddour Multifactor Biometric Authentication for Cloud Computing
CN115470525A (en) File protection method, system, computing device and storage medium
CN115712889A (en) System, method, apparatus, electronic device, and medium for device authentication

Legal Events

Date Code Title Description
STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

AS Assignment

Owner name: CITRIX SYSTEMS, INC., FLORIDA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:WISGO, JEFFREY DAVID;REEL/FRAME:060188/0911

Effective date: 20200304

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED