WO2023070159A1 - A data storage and management system - Google Patents

A data storage and management system Download PDF

Info

Publication number
WO2023070159A1
WO2023070159A1 PCT/AU2022/051295 AU2022051295W WO2023070159A1 WO 2023070159 A1 WO2023070159 A1 WO 2023070159A1 AU 2022051295 W AU2022051295 W AU 2022051295W WO 2023070159 A1 WO2023070159 A1 WO 2023070159A1
Authority
WO
WIPO (PCT)
Prior art keywords
electronic device
operational state
subscriber
controller
subscriber electronic
Prior art date
Application number
PCT/AU2022/051295
Other languages
French (fr)
Inventor
Anup Kattel
Original Assignee
Safecret Pty Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2021903464A external-priority patent/AU2021903464A0/en
Application filed by Safecret Pty Ltd filed Critical Safecret Pty Ltd
Publication of WO2023070159A1 publication Critical patent/WO2023070159A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/006Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management

Definitions

  • a data storage and management system A data storage and management system
  • This invention relates generally to a type of data storage and management system.
  • the system determines the existence of the subscriber by tracking the visiting/login history of the subscriber at regular intervals, transmitting communicatio n messages to the personalized digital account of the subscriber upon identifying the subscriber not logging in to the subscriber account and establishing a voice call with the contact number of the subscriber and/or the affiliates to confirm the demise/existence of the subscriber. Following a failure to determine the existence of the subscriber using these manners, the system transmits a link and password and confirming the identity of the designated recipients through video conference to view or download the data.
  • the present invention seeks to provide a data storage and management system which will overcome or substantially ameliorate at least some of the deficiencies of the prior art, or to at least provide an alternative.
  • a data storage and management system comprising a data storage management server comprising a processor executing computer program code instruction controllers including a storage controller configured to securely store data in a database in relation to a subscriber account, wherein the subscriber account identifies a subscriber electronic device and a designated recipient and an operational state verification controller.
  • the operational state verification controller and the subscriber electronic device communicate autonomously with each other (i.e., without requiring subscriber intervention to verify communications) in order for the operational state verification controller to determine an operational of the subscriber electronic device and whereby the storage controller controls designated recipient access of the data according to the operational state.
  • the operational state verification controller determines that the subscriber electronic device is operational, such as wherein the subscriber electronic device is powered on and in operable communication with the data storage management server via the wide area network.
  • the system may operate in a communication mode wherein the operational state verification controller determines the operational state of the subscriber electronic device whereby the operational state verification controller periodically transmits a verification request to the subscriber electronic device and wherein the subscriber electronic device is configured to autonomously respond to the verification request by transmitting a verification response to the subscriber electronic device.
  • the system may operate in a communication mode wherein the operational state verification controller determines the operational state of the subscriber electronic device whereby the subscriber electronic device periodically transmits a verification notification to the operational state verification controller.
  • the system may operate in a communication mode wherein the operational state verification controller determines the operational state of the subscriber electronic device whereby the subscriber electronic device periodically autonomously authenticates with a data storage management server and wherein the data storage management server updates an access log accordingly and the operational state verification controller periodically autonomously reads the access log to determine the operational of the subscriber electronic device.
  • Figure 1 shows a data storage and management system
  • Figure 2 shows a data storage management server of the system
  • Figure 3 shows a subscriber electronic device of the system
  • Figure 4 shows an intermediary server of the system
  • Figure 5 shows a registration process implemented by the system
  • Figure 6 shows an operational state determination process implement by the system
  • Figure 7 shows a direct autonomous communication process implemented by the system in an embodiment
  • Figure 8 shows an autonomous notification process implemented by the system in an embodiment
  • Figure 9 shows an intermediary server communication process implemented by the system in an embodiment
  • Figure 10 shows a failover operational state determination process implemented by the system in an embodiment.
  • Figure 1 shows a data storage and management system 100 comprising a data storage management server 104 in operable communication with subscriber electronic devices 101 across a wide area network 103, such as the Internet.
  • the data storage management server 104 may be in operable communication with subscriber electronic device 101 A and a further subscriber electronic device 101 B.
  • the system 100 may further involve an intermediary server 102.
  • FIG. 2 shows the data storage management server 104 in further detail.
  • the data storage management server 104 comprises a processor 105 for processing digital data.
  • Storage 106 in operable communication with the processor via a system bus 1 1 1 is configured for storing digital data including computer program code instructions.
  • the processor 105 fetches these computer program code instructions and associated data for implementing the computational functionality described herein.
  • the storage 106 may comprise a database 107 which is used for storing subscriber data 123, such as personal data, confidential data, data in text format, data in multimedia format (such as audio, image and video format) and the like.
  • subscriber data 123 such as personal data, confidential data, data in text format, data in multimedia format (such as audio, image and video format) and the like.
  • the computer program code instructions may be logically divided into a plurality of computer program code instruction controllers 108.
  • the data storage management server 104 may comprise a storage controller 109 which is configured to securely store the data 123 in the database 107 in relation to a subscriber account 121 .
  • the subscriber account 121 may identify at least one subscriber electronic device 101 and at least one designated recipient 122.
  • the data storage management server 104 may further comprise an operational state verification controller 1 10.
  • the operational state verification controller 1 10 and a subscriber electronic device 101 are configured to communicate autonomously with each other (i.e., without requiring manual intervention by the subscriber for each communication) in order for the operational state verification controller to autonomously determine an operational state of the subscriber electronic device 101 .
  • the storage controller 109 is configured for controlling designated recipient access of the subscriber data 123 according to the operational state.
  • the data storage management server 104 may further comprise a data interface 1 12 for sending and receiving data across the wide area network 103.
  • the storage 106 of the data storage management server 104 may further comprise cryptographic key pairs 1 14 each comprising a cryptographically related public key 1 15 and private key 124.
  • the key pairs 1 14 may comprise a subscriber electronic device specific cryptographic key pair 1 14B with public key 1 15B which is used to encrypt communications from the operational state verification controller 1 10 to a subscriber electronic device 101 and wherein the subscriber electronic device 101 comprises a corresponding private key 124B thereof used to decrypt the communication to verify the communication from the operational state verification controller.
  • the key pairs 1 14 may further comprise a data storage management server specific cryptographic key pair 1 14A with public key 1 15A which is used to encrypt communications from the subscriber electronic device 101 to the operational state verification controller 1 10 and wherein the operational state verification controller 1 10 uses the corresponding private key 124A thereof to decrypt the communication to verify the communication from the subscriber electronic device 101.
  • a new cryptographic key pair 1 14A may be generated and used for each subscriber account or each individual subscriber electronic device 101 of the subscriber account.
  • the key pairs 1 14 may comprise a data storage management server specific cryptographic key pair 1 14A with private key 124A which is used to cryptographically sign the communications from the operational state verification controller 1 10 to a subscriber electronic device 101 and wherein the subscriber electronic device 101 comprises a corresponding public key 1 15A thereof used to verify the signature of the communication from the operational state verification controller.
  • the key pairs 1 14 may further comprise a subscriber electronic device specific cryptographic key pair 1 14B with private key 124B which is used to cryptographically sign the communications from the subscriber electronic device 101 to the operational state verification controller 1 10 and wherein the operational state verification controller 1 10 uses the corresponding public key 1 15b thereof to verify the signature of the communication from the subscriber electronic device 101 .
  • FIG. 3 shows the subscriber electronic device 101 in further detail.
  • the subscriber electronic device 101 may take the form of a mobile communication device, including one with a bespoke software application installed thereon for implementing the functionality described herein.
  • the subscriber electronic device 101 may comprise the aforedescribed processor 105, storage 106, data interface 1 12, controllers 108 and the like.
  • the subscriber electronic device 101 may comprise an autonomous response controller 1 13 which is configured for autonomously responding to verification requests from the operational state verification controller 1 10.
  • the subscriber electronic device may comprise an autonomous notification controller 125 which is configured for autonomously transmitting verification notifications to the operational state verification controller.
  • Figure 4 shows the intermediary server 102 in further detail which may similarly comprise the aforedescribed processor 105, storage 106, data interface 1 12, controllers 108 and the like.
  • the intermediary server 102 may further store an access log 1 16 for recording authenticated access of the subscriber electronic device 101 and which is periodically read by the operational state verification controller 1 10.
  • FIG. 5 shows a registration process 1 17 implemented by the system 100.
  • a subscriber may authenticate with the data storage management server 104 to create a subscriber account 121.
  • the subscriber may upload data 123 for storage within the database 107.
  • the data 123 may comprise data in various formats, including text, audio, video, multimedia and the like.
  • the data storage management server 104 may be configured for encrypting the data 123 within the database 107.
  • the subscriber may specify designated recipients 122.
  • Recipients may be designated in a number of ways.
  • the subscriber may specify contact details of recipients, such as by way of an emai l address, mobile phone number or the like with which the data storage management server 104 may transmit electronic communications.
  • the recipient may be designated by unique code or password which is used by a recipient to subsequently access the data 123.
  • the subscriber may configure settings in relation to the subscriber account 121 .
  • the settings may include time period after which the data 123 is released or otherwise made accessible to designated recipients.
  • the subscriber may install a software application on the subscriber electronic device 101 if required.
  • the software application may install the autonomous response controller 1 13 or the autonomous notification controller 125 in embodiments.
  • Figure 6 shows an operational state determination process 1 18 implemented by the system 100.
  • the data storage management server 104 securely stores the data 123 received at step 127.
  • the operational state verification controller 1 10 and the autonomous response controller 1 13 of the subscriber electronic device 101 autonomously communicate with each other in order for the operational state verification controller 1 10 to determine an operational state of the subscriber electronic device 101 .
  • the operational state verification controller 1 10 and/or the subscriber electronic device 101 may attempt to communicate with each other a number of times and wherein such failure communication is determined by the inability of the operational state verification controller 1 10 and the subscriber electronic device 101 to communicate with each other for a time period.
  • the time period may be configured by the subscriber and stored in relation to the subscriber account 121.
  • the data storage management server may enter a further communication mode 149.
  • the operational state verification controller 1 10 attempts to communicate with the subscriber in another manner as opposed to the autonomous communication between the operational state verification controller 1 10 and the subscriber electronic device 101 .
  • the operational state verification controller may send an electronic message (such as by email, SMS, push notification or the like) requiring a manual response from the subscriber.
  • Different time periods may be configured for the different types of communication modes.
  • the subscriber may specify that the system 100 should attempt autonomous communication between the operational state verification controller 1 10 and the subscriber electronic device 101 for seven days wherein, following communication failure, the data storage management server 104 is configured to transmit electronic message to an email account of the subscriber and await a response within a 14 day period.
  • the different types of communication modes may comprise a combination of two or more of the processes described in figures 7 - 9 below.
  • the system 100 may failover to the process described in Figure 7.
  • the system 100 may failover to the process described in Figure 9.
  • the storage controller 109 controls designated recipient access of the data 123 at step 135 accordingly.
  • the data storage management server 104 transmits an electronic message to a designated recipient using specified contact details thereof (i.e., such as by email communication, SMS communication, push notification and the like) indicating that the data 123 is available for access by the recipient.
  • specified contact details thereof i.e., such as by email communication, SMS communication, push notification and the like
  • the data storage management server 104 may decrypt the data 123 so that the data 123 may be downloaded by the designated recipient.
  • the data storage management server 104 may provide a cryptographic key, password, authentication credentials or the like to the designated recipient which may be used by the designated recipient to access the data 123.
  • the data storage management server 104 may transmit the data 123 to the designated recipient.
  • the data storage management server 104 may decrypt the data 123, compress the data in an archive and transmit the archive by email to an email address of a designated recipient.
  • Figure 7 illustrates a direct autonomous communication process 1 19 between the operational state verification controller 1 10 and the subscriber electronic device 101.
  • the operational state verification controller 1 10 transmits a verification request to the subscriber electronic device 101 .
  • the operational state verification controller 1 10 may be configured for periodically transmitting the verification request, such as every hour.
  • the subscriber electronic device 101 receives the verification request.
  • the subscriber electronic device 101 may be configured for verifying the verification request.
  • the operational state verification controller 1 10 may use the public key 1 15b of the subscriber electronic device specific cryptographic key pair 1 14b to encrypt the verification request.
  • the subscriber electronic device 101 may be configured for using the private key 124b to decrypt the encrypted verification request to verify the verification request as being genuine and from the data storage management server 104.
  • the operational state verification controller may use the private key 124A of the data storage management server specific cryptographic key pair 1 14A to cryptographically sign the verification request.
  • the subscriber electronic device 101 may be configured for using the public key 1 15A to verify the cryptographic signature to prove the verification request as being genuine and from the data storage management server 104.
  • the subscriber electronic device 101 autonomously transmits a verification response to the operational state verification controller 1 10. In other words, manual intervention of the subscriber is not required for the subscriber electronic device 101 to autonomously respond to the verification request.
  • the aforedescribed software application may install the autonomous response controller 1 13 as a background process in the subscriber electronic device 101 .
  • the autonomous response controller 1 13 may monitor network traffic to identify verification requests from the operational state verification controller 1 10 so as to be able to respond autonomously.
  • An alternative to monitoring network traffic may involve maintaining an open connection to the server 104 to allow server 104 to be able to communicate with the subscriber electronic device 101 across a public wide area network 103 such as the Internet.
  • the operational state verification controller 1 10 receives the verification response from the subscriber electronic device 101.
  • the operational state verification controller 1 10 may verify the verification response from the subscriber electronic device 101.
  • the subscriber electronic device 101 may hold the public key 1 15A of the data storage management server specific cryptographic key pair 1 14A.
  • the subscriber electronic device 101 may store and use the public key 1 15A to encrypt the response.
  • the data storage management server 104 uses the corresponding private key 124A to decrypt the verification response to verify that the response is genuine and from the subscriber electronic device 101.
  • subscriber electronic device 101 may create a cryptographic key pair 1 14 specific to the subscriber electronic device 101.
  • the subscriber electronic device 101 holds both keys 1 15, 124 whereas the data storage management server 104 retains only the public key 1 15 thereof.
  • the data storage management server 104 is able individually encrypt communications sent to each subscriber electronic device 101 registered with the system 100.
  • the private key 124 retained on subscriber electronic device 101 may be used to cryptographically sign the requests that are sent to the server.
  • datastore management system 100 may create a cryptographic key pair 1 14 specific to the subscriber account or specific to each subscriber electronic device 101.
  • the data storage management server 104 holds both keys 1 15, 124 whereas the subscriber electronic device 101 retains only the public key 1 15 thereof. In this way, each subscriber electronic device 101 is able individually encrypt communications sent to the data storage management server 104.
  • the private key 124 retained on data storage management server 104 may be used to cryptographically sign the requests that are sent to subscriber electronic device 101 .
  • the operational state verification controller 1 10 determines that the communication is successful 141 and at step 142, the operational state verification controller 1 10 may sleep for a time period prior recommencing transmission of the verification response to the subscriber electronic device at step 136. [0090] Alternatively, following communication failure, the system 100 would implement the aforedescribed steps of Figure 6.
  • Figure 8 illustrates an autonomous notification process 120 implemented by the system 100 in an embodiment.
  • the autonomous notification controller 125 of the subscriber electronic device 101 periodically and autonomously transmits a verification notification to the operational state verification controller 1 10.
  • the subscriber electronic device 101 may store an address of the data storage management server 104 (such as a URL, static IP address and the like) so as to be able to transmit the verification notification accordingly.
  • an address of the data storage management server 104 such as a URL, static IP address and the like
  • the operational state verification controller 1 10 may receive the verification notification at step 148 and, at step 150 may verify the cryptographic signature of the notification using public key 1 15b of the subscriber electronic device specific cryptographic key pair 1 14b specific to the subscriber electronic device 101 as the request may be signed by device 101 using private key 124b before transmitting it.
  • the verification notification may also be encrypted by recipient electronic device 101 using public key 1 15A of cryptographic key pair 1 14A and the request can be decrypted by the server using private key 124A.
  • the operational state verification controller 1 10 may determine successful communication at step 151 . Alternatively, following lack of receipt of a verification notification for a time period, the operational state verification controller 1 10 may implement the aforedescribed communication failure steps of Figure 6.
  • the operational state verification controller 1 10 may transmit an acknowledgement to the subscriber electronic device 101.
  • the autonomous notification controller 125 may be configured to operate depending on receipt of acknowledgement from the operational state verification controller 1 10. [0098] For example, following receipt of acknowledgement from the operational state verification controller 1 10, the autonomous notification controller 125 may sleep for a time period at step 153 prior recommencing autonomous transmission at step 143.
  • the autonomous notification controller 125 may reattempt the sending of the autonomous notification.
  • the autonomous notification controller 125 may attempt transmission of the autonomous notification to a failover URL or IP address of the server 104.
  • Figure 9 shows an intermediary server communication process 131 implemented by the system 100 which involves the intermediary server 102.
  • the subscriber electronic device 101 periodically authenticates with the intermediary server 145.
  • the subscriber electronic device 101 may store access credentials to allow for the autonomous authentication with the intermediary server 145.
  • the subscriber electronic device 101 may periodically transmit a verification notification to the intermediary server 145 which is verified by the intermediary server 145, such as by use of the subscriber electronic device specific cryptographic key pair 114b for encrypted request and cryptographic key pair 1 15A for cryptographically signed message or both.
  • the intermediary server 131 updates the access log 116 with a record of the access by the subscriber electronic device 101.
  • the access log 1 16 may record the date and time of the access by the subscriber electronic device 101.
  • the operational state verification controller 1 10 is configured to read the access log 1 16 at step 147. Similarly, the operational state verification controller 1 10 may comprise authentication credentials to allow the operational state verification controller 110 to autonomously authenticate with the intermediary server 102 to gain access to the access log 1 16. [0105] At step 148, the operational state verification controller 1 10 may determine the operational state of the subscriber electronic device 101 according to the access log 1 16.
  • the access log 1 16 may store an identifier of the subscriber electronic device 101 , such as an ID, code or the like thereof.
  • the operational state verification controller 1 10 may search the access log 1 16 to seek the ID, code or the like of the subscriber electronic device 101 .
  • the operational state verification controller 1 10 may flush the access log 1 16.
  • Figure 10 shows a failover operational state determination process 154 implemented by the system 100 in an embodiment.
  • the subscriber may register a further subscriber electronic device 154.
  • the subscriber may register an AppleTM iPhoneTM as a first subscriber electronic device 101 A and iPadTM as a further subscriber electronic device 101 B.
  • step 155 the system operates in a first operational mode of communication wherein the operational state verification controller 1 10 and the first subscriber electronic device 101 A communicate autonomously to determine the operational state.
  • the system may enter a second mode of operation at step 158 wherein the system 100 attempts further autonomous communication between the further subscriber electronic device 101 B and the operational state verification controller 1 10 at step 159.
  • the system may determine the operational state further according to the further operational state.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Business, Economics & Management (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Human Resources & Organizations (AREA)
  • Strategic Management (AREA)
  • Data Mining & Analysis (AREA)
  • Marketing (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • General Business, Economics & Management (AREA)
  • Databases & Information Systems (AREA)
  • Economics (AREA)
  • Accounting & Taxation (AREA)
  • Power Engineering (AREA)
  • Telephonic Communication Services (AREA)

Abstract

A data storage and management system has a data storage management server comprising a processor executing computer program code instruction controllers including a storage controller configured to securely store data in a database in relation to a subscriber account, wherein the subscriber account identifies a subscriber electronic device and a designated recipient and an operational state verification controller. The operational state verification controller and the subscriber electronic device communicate autonomously with each other in order for the operational state verification controller to determine an operational of the subscriber electronic device and whereby the storage controller controls designated recipient access of the data according to the operational state.

Description

A data storage and management system
Field of the Invention
[0001 ] This invention relates generally to a type of data storage and management system.
Background of the Invention
[0002] Data storage and access systems may be used to securely store confidential data of a subscriber for autonomous release following unavailability of the subscriber. [0003] US 9882881 B2 (Kohli et. al) 28 April 2016 discloses a system for providing personalized and confidential data management and sharing services to the subscriber wherein a subscriber may enter personalized and confidential data and designate recipients.
[0004] The system determines the existence of the subscriber by tracking the visiting/login history of the subscriber at regular intervals, transmitting communicatio n messages to the personalized digital account of the subscriber upon identifying the subscriber not logging in to the subscriber account and establishing a voice call with the contact number of the subscriber and/or the affiliates to confirm the demise/existence of the subscriber. Following a failure to determine the existence of the subscriber using these manners, the system transmits a link and password and confirming the identity of the designated recipients through video conference to view or download the data.
[0005] The present invention seeks to provide a data storage and management system which will overcome or substantially ameliorate at least some of the deficiencies of the prior art, or to at least provide an alternative.
[0006] It is to be understood that, if any prior art information is referred to herein, such reference does not constitute an admission that the information forms part of the common general knowledge in the art, in Australia or any other country.
Summary of the Disclosure
[0007] There is provided herein a data storage and management system comprising a data storage management server comprising a processor executing computer program code instruction controllers including a storage controller configured to securely store data in a database in relation to a subscriber account, wherein the subscriber account identifies a subscriber electronic device and a designated recipient and an operational state verification controller.
[0008] The operational state verification controller and the subscriber electronic device communicate autonomously with each other (i.e., without requiring subscriber intervention to verify communications) in order for the operational state verification controller to determine an operational of the subscriber electronic device and whereby the storage controller controls designated recipient access of the data according to the operational state.
[0009] Successful communication between the operational state verification controller and the subscriber electronic device allows the operational state verification controller to determine that the subscriber electronic device is operational, such as wherein the subscriber electronic device is powered on and in operable communication with the data storage management server via the wide area network. [0010] In embodiments, the system may operate in a communication mode wherein the operational state verification controller determines the operational state of the subscriber electronic device whereby the operational state verification controller periodically transmits a verification request to the subscriber electronic device and wherein the subscriber electronic device is configured to autonomously respond to the verification request by transmitting a verification response to the subscriber electronic device.
[001 1 ] In embodiments, the system may operate in a communication mode wherein the operational state verification controller determines the operational state of the subscriber electronic device whereby the subscriber electronic device periodically transmits a verification notification to the operational state verification controller.
[0012] In embodiments, the system may operate in a communication mode wherein the operational state verification controller determines the operational state of the subscriber electronic device whereby the subscriber electronic device periodically autonomously authenticates with a data storage management server and wherein the data storage management server updates an access log accordingly and the operational state verification controller periodically autonomously reads the access log to determine the operational of the subscriber electronic device.
[0013] Other aspects of the invention are also disclosed.
Brief Description of the Drawings
[0014] Notwithstanding any other forms which may fall within the scope of the present invention, preferred embodiments of the disclosure will now be described, by way of example only, with reference to the accompanying drawings in which:
[0015] Figure 1 shows a data storage and management system;
[0016] Figure 2 shows a data storage management server of the system;
[0017] Figure 3 shows a subscriber electronic device of the system;
[0018] Figure 4 shows an intermediary server of the system;
[0019] Figure 5 shows a registration process implemented by the system;
[0020] Figure 6 shows an operational state determination process implement by the system;
[0021 ] Figure 7 shows a direct autonomous communication process implemented by the system in an embodiment;
[0022] Figure 8 shows an autonomous notification process implemented by the system in an embodiment;
[0023] Figure 9 shows an intermediary server communication process implemented by the system in an embodiment; and
[0024] Figure 10 shows a failover operational state determination process implemented by the system in an embodiment.
Description of Embodiments
[0025] Figure 1 shows a data storage and management system 100 comprising a data storage management server 104 in operable communication with subscriber electronic devices 101 across a wide area network 103, such as the Internet. In the embodiment shown, the data storage management server 104 may be in operable communication with subscriber electronic device 101 A and a further subscriber electronic device 101 B.
[0026] The system 100 may further involve an intermediary server 102.
[0027] Figure 2 shows the data storage management server 104 in further detail. The data storage management server 104 comprises a processor 105 for processing digital data. Storage 106 in operable communication with the processor via a system bus 1 1 1 is configured for storing digital data including computer program code instructions. In use, the processor 105 fetches these computer program code instructions and associated data for implementing the computational functionality described herein.
[0028] The storage 106 may comprise a database 107 which is used for storing subscriber data 123, such as personal data, confidential data, data in text format, data in multimedia format (such as audio, image and video format) and the like.
[0029] The computer program code instructions may be logically divided into a plurality of computer program code instruction controllers 108.
[0030] The data storage management server 104 may comprise a storage controller 109 which is configured to securely store the data 123 in the database 107 in relation to a subscriber account 121 .
[0031 ] The subscriber account 121 may identify at least one subscriber electronic device 101 and at least one designated recipient 122.
[0032] The data storage management server 104 may further comprise an operational state verification controller 1 10. The operational state verification controller 1 10 and a subscriber electronic device 101 are configured to communicate autonomously with each other (i.e., without requiring manual intervention by the subscriber for each communication) in order for the operational state verification controller to autonomously determine an operational state of the subscriber electronic device 101 . [0033] As will be described in further detail below, the storage controller 109 is configured for controlling designated recipient access of the subscriber data 123 according to the operational state. [0034] The data storage management server 104 may further comprise a data interface 1 12 for sending and receiving data across the wide area network 103.
[0035] The storage 106 of the data storage management server 104 may further comprise cryptographic key pairs 1 14 each comprising a cryptographically related public key 1 15 and private key 124.
[0036] In the embodiment shown, the key pairs 1 14 may comprise a subscriber electronic device specific cryptographic key pair 1 14B with public key 1 15B which is used to encrypt communications from the operational state verification controller 1 10 to a subscriber electronic device 101 and wherein the subscriber electronic device 101 comprises a corresponding private key 124B thereof used to decrypt the communication to verify the communication from the operational state verification controller.
[0037] Furthermore, the key pairs 1 14 may further comprise a data storage management server specific cryptographic key pair 1 14A with public key 1 15A which is used to encrypt communications from the subscriber electronic device 101 to the operational state verification controller 1 10 and wherein the operational state verification controller 1 10 uses the corresponding private key 124A thereof to decrypt the communication to verify the communication from the subscriber electronic device 101. A new cryptographic key pair 1 14A may be generated and used for each subscriber account or each individual subscriber electronic device 101 of the subscriber account.
[0038] As an alternative to encryption, in the embodiment shown, the key pairs 1 14 may comprise a data storage management server specific cryptographic key pair 1 14A with private key 124A which is used to cryptographically sign the communications from the operational state verification controller 1 10 to a subscriber electronic device 101 and wherein the subscriber electronic device 101 comprises a corresponding public key 1 15A thereof used to verify the signature of the communication from the operational state verification controller.
[0039] Similary, the key pairs 1 14 may further comprise a subscriber electronic device specific cryptographic key pair 1 14B with private key 124B which is used to cryptographically sign the communications from the subscriber electronic device 101 to the operational state verification controller 1 10 and wherein the operational state verification controller 1 10 uses the corresponding public key 1 15b thereof to verify the signature of the communication from the subscriber electronic device 101 .
[0040] Figure 3 shows the subscriber electronic device 101 in further detail. In embodiments, the subscriber electronic device 101 may take the form of a mobile communication device, including one with a bespoke software application installed thereon for implementing the functionality described herein.
[0041 ] The subscriber electronic device 101 may comprise the aforedescribed processor 105, storage 106, data interface 1 12, controllers 108 and the like.
[0042] The subscriber electronic device 101 may comprise an autonomous response controller 1 13 which is configured for autonomously responding to verification requests from the operational state verification controller 1 10.
[0043] In embodiments, the subscriber electronic device may comprise an autonomous notification controller 125 which is configured for autonomously transmitting verification notifications to the operational state verification controller.
[0044] Figure 4 shows the intermediary server 102 in further detail which may similarly comprise the aforedescribed processor 105, storage 106, data interface 1 12, controllers 108 and the like.
[0045] The intermediary server 102 may further store an access log 1 16 for recording authenticated access of the subscriber electronic device 101 and which is periodically read by the operational state verification controller 1 10.
[0046] Figure 5 shows a registration process 1 17 implemented by the system 100. At step 126, a subscriber may authenticate with the data storage management server 104 to create a subscriber account 121.
[0047] At step 127, the subscriber may upload data 123 for storage within the database 107. The data 123 may comprise data in various formats, including text, audio, video, multimedia and the like.
[0048] The data storage management server 104 may be configured for encrypting the data 123 within the database 107. [0049] At step 128, the subscriber may specify designated recipients 122.
[0050] Recipients may be designated in a number of ways. In one manner, the subscriber may specify contact details of recipients, such as by way of an emai l address, mobile phone number or the like with which the data storage management server 104 may transmit electronic communications.
[0051 ] Alternatively, the recipient may be designated by unique code or password which is used by a recipient to subsequently access the data 123.
[0052] At step 129, the subscriber may configure settings in relation to the subscriber account 121 . The settings may include time period after which the data 123 is released or otherwise made accessible to designated recipients.
[0053] At step 130, the subscriber may install a software application on the subscriber electronic device 101 if required. The software application may install the autonomous response controller 1 13 or the autonomous notification controller 125 in embodiments.
[0054] Figure 6 shows an operational state determination process 1 18 implemented by the system 100.
[0055] At step 132, the data storage management server 104 securely stores the data 123 received at step 127.
[0056] At step 133, the operational state verification controller 1 10 and the autonomous response controller 1 13 of the subscriber electronic device 101 autonomously communicate with each other in order for the operational state verification controller 1 10 to determine an operational state of the subscriber electronic device 101 .
[0057] Successful communication between the operational state verification controller 1 10 and the subscriber electronic device 101 allows the operational state verification controller 1 10 to determine that the subscriber electronic device is operational, such as wherein, the subscriber electronic device 101 is powered on and in operable communication with the data storage management server 104 via the wide area network 103. [0058] However, at step 134, failure of the operational state verification controller 1 10 and the subscriber electronic device 101 to communicate autonomously with each other allows the operational state verification controller 1 10 to determine that the subscriber electronic device 101 is nonoperational.
[0059] The operational state verification controller 1 10 and/or the subscriber electronic device 101 may attempt to communicate with each other a number of times and wherein such failure communication is determined by the inability of the operational state verification controller 1 10 and the subscriber electronic device 101 to communicate with each other for a time period. As alluded to above, the time period may be configured by the subscriber and stored in relation to the subscriber account 121.
[0060] Following communication failure at step 134, the data storage management server may enter a further communication mode 149.
[0061 ] In the further communication mode, the operational state verification controller 1 10 attempts to communicate with the subscriber in another manner as opposed to the autonomous communication between the operational state verification controller 1 10 and the subscriber electronic device 101 .
[0062] In one manner, the operational state verification controller may send an electronic message (such as by email, SMS, push notification or the like) requiring a manual response from the subscriber.
[0063] Different time periods may be configured for the different types of communication modes.
[0064] For example, the subscriber may specify that the system 100 should attempt autonomous communication between the operational state verification controller 1 10 and the subscriber electronic device 101 for seven days wherein, following communication failure, the data storage management server 104 is configured to transmit electronic message to an email account of the subscriber and await a response within a 14 day period.
[0065] In embodiments, the different types of communication modes may comprise a combination of two or more of the processes described in figures 7 - 9 below. [0066] For example, following communication failure using the process described in Figure 8, the system 100 may failover to the process described in Figure 7. In embodiments, following communication failure using the process described i n Figure 7, the system 100 may failover to the process described in Figure 9.
[0067] Following further communication failure at step 150, the storage controller 109 controls designated recipient access of the data 123 at step 135 accordingly.
[0068] In one embodiment, the data storage management server 104 transmits an electronic message to a designated recipient using specified contact details thereof (i.e., such as by email communication, SMS communication, push notification and the like) indicating that the data 123 is available for access by the recipient.
[0069] The data storage management server 104 may decrypt the data 123 so that the data 123 may be downloaded by the designated recipient.
[0070] Alternatively, the data storage management server 104 may provide a cryptographic key, password, authentication credentials or the like to the designated recipient which may be used by the designated recipient to access the data 123.
[0071 ] In further embodiments the data storage management server 104 may transmit the data 123 to the designated recipient. For example, the data storage management server 104 may decrypt the data 123, compress the data in an archive and transmit the archive by email to an email address of a designated recipient.
[0072] Figure 7 illustrates a direct autonomous communication process 1 19 between the operational state verification controller 1 10 and the subscriber electronic device 101.
[0073] At step 136, the operational state verification controller 1 10 transmits a verification request to the subscriber electronic device 101 . The operational state verification controller 1 10 may be configured for periodically transmitting the verification request, such as every hour.
[0074] At step 137, the subscriber electronic device 101 receives the verification request.
[0075] At step 143, the subscriber electronic device 101 may be configured for verifying the verification request. Specifically, the operational state verification controller 1 10 may use the public key 1 15b of the subscriber electronic device specific cryptographic key pair 1 14b to encrypt the verification request.
[0076] Upon receipt of the verification request, the subscriber electronic device 101 may be configured for using the private key 124b to decrypt the encrypted verification request to verify the verification request as being genuine and from the data storage management server 104.
[0077] Alternatively, at step 143, the operational state verification controller may use the private key 124A of the data storage management server specific cryptographic key pair 1 14A to cryptographically sign the verification request.
[0078] Upon receipt of the verification request, the subscriber electronic device 101 may be configured for using the public key 1 15A to verify the cryptographic signature to prove the verification request as being genuine and from the data storage management server 104.
[0079] At step 138, the subscriber electronic device 101 autonomously transmits a verification response to the operational state verification controller 1 10. In other words, manual intervention of the subscriber is not required for the subscriber electronic device 101 to autonomously respond to the verification request.
[0080] The aforedescribed software application may install the autonomous response controller 1 13 as a background process in the subscriber electronic device 101 .
[0081 ] As such, the autonomous response controller 1 13 may monitor network traffic to identify verification requests from the operational state verification controller 1 10 so as to be able to respond autonomously. An alternative to monitoring network traffic may involve maintaining an open connection to the server 104 to allow server 104 to be able to communicate with the subscriber electronic device 101 across a public wide area network 103 such as the Internet.
[0082] At step 139, the operational state verification controller 1 10 receives the verification response from the subscriber electronic device 101.
[0083] At step 140, the operational state verification controller 1 10 may verify the verification response from the subscriber electronic device 101. [0084] Specifically, the subscriber electronic device 101 may hold the public key 1 15A of the data storage management server specific cryptographic key pair 1 14A.
[0085] As such, prior transmitting the verification response, the subscriber electronic device 101 may store and use the public key 1 15A to encrypt the response.
[0086] When receiving the encrypted verification response from the subscriber electronic device 101 , the data storage management server 104 uses the corresponding private key 124A to decrypt the verification response to verify that the response is genuine and from the subscriber electronic device 101.
[0087] At the creation of each subscriber account, subscriber electronic device 101 may create a cryptographic key pair 1 14 specific to the subscriber electronic device 101. The subscriber electronic device 101 holds both keys 1 15, 124 whereas the data storage management server 104 retains only the public key 1 15 thereof. In this way, the data storage management server 104 is able individually encrypt communications sent to each subscriber electronic device 101 registered with the system 100. Furthermore, the private key 124 retained on subscriber electronic device 101 may be used to cryptographically sign the requests that are sent to the server.
[0088] Similarly, at the creation of each subscriber account, datastore management system 100 may create a cryptographic key pair 1 14 specific to the subscriber account or specific to each subscriber electronic device 101. The data storage management server 104 holds both keys 1 15, 124 whereas the subscriber electronic device 101 retains only the public key 1 15 thereof. In this way, each subscriber electronic device 101 is able individually encrypt communications sent to the data storage management server 104. Furthermore, the private key 124 retained on data storage management server 104 may be used to cryptographically sign the requests that are sent to subscriber electronic device 101 .
[0089] At step 141 , the operational state verification controller 1 10 determines that the communication is successful 141 and at step 142, the operational state verification controller 1 10 may sleep for a time period prior recommencing transmission of the verification response to the subscriber electronic device at step 136. [0090] Alternatively, following communication failure, the system 100 would implement the aforedescribed steps of Figure 6.
[0091 ] Figure 8 illustrates an autonomous notification process 120 implemented by the system 100 in an embodiment.
[0092] At step 143, the autonomous notification controller 125 of the subscriber electronic device 101 periodically and autonomously transmits a verification notification to the operational state verification controller 1 10.
[0093] The subscriber electronic device 101 may store an address of the data storage management server 104 (such as a URL, static IP address and the like) so as to be able to transmit the verification notification accordingly.
[0094] The operational state verification controller 1 10 may receive the verification notification at step 148 and, at step 150 may verify the cryptographic signature of the notification using public key 1 15b of the subscriber electronic device specific cryptographic key pair 1 14b specific to the subscriber electronic device 101 as the request may be signed by device 101 using private key 124b before transmitting it. The verification notification may also be encrypted by recipient electronic device 101 using public key 1 15A of cryptographic key pair 1 14A and the request can be decrypted by the server using private key 124A.
[0095] Following successful receipt and verification, the operational state verification controller 1 10 may determine successful communication at step 151 . Alternatively, following lack of receipt of a verification notification for a time period, the operational state verification controller 1 10 may implement the aforedescribed communication failure steps of Figure 6.
[0096] At step 153, the operational state verification controller 1 10 may transmit an acknowledgement to the subscriber electronic device 101.
[0097] The autonomous notification controller 125 may be configured to operate depending on receipt of acknowledgement from the operational state verification controller 1 10. [0098] For example, following receipt of acknowledgement from the operational state verification controller 1 10, the autonomous notification controller 125 may sleep for a time period at step 153 prior recommencing autonomous transmission at step 143.
[0099] However, following lack of receipt of acknowledgement from the operational state verification controller 110, the autonomous notification controller 125 may reattempt the sending of the autonomous notification. The autonomous notification controller 125 may attempt transmission of the autonomous notification to a failover URL or IP address of the server 104.
[0100] Figure 9 shows an intermediary server communication process 131 implemented by the system 100 which involves the intermediary server 102.
[0101 ] At step 145, the subscriber electronic device 101 periodically authenticates with the intermediary server 145. The subscriber electronic device 101 may store access credentials to allow for the autonomous authentication with the intermediary server 145.
[0102] Alternatively, the subscriber electronic device 101 may periodically transmit a verification notification to the intermediary server 145 which is verified by the intermediary server 145, such as by use of the subscriber electronic device specific cryptographic key pair 114b for encrypted request and cryptographic key pair 1 15A for cryptographically signed message or both.
[0103] At step 146, the intermediary server 131 updates the access log 116 with a record of the access by the subscriber electronic device 101. Typically, the access log 1 16 may record the date and time of the access by the subscriber electronic device 101.
[0104] Periodically, the operational state verification controller 1 10 is configured to read the access log 1 16 at step 147. Similarly, the operational state verification controller 1 10 may comprise authentication credentials to allow the operational state verification controller 110 to autonomously authenticate with the intermediary server 102 to gain access to the access log 1 16. [0105] At step 148, the operational state verification controller 1 10 may determine the operational state of the subscriber electronic device 101 according to the access log 1 16.
[0106] For example, the access log 1 16 may store an identifier of the subscriber electronic device 101 , such as an ID, code or the like thereof. As such, the operational state verification controller 1 10 may search the access log 1 16 to seek the ID, code or the like of the subscriber electronic device 101 .
[0107] Following successful identification of the subscriber electronic device 101 from the access log 1 16, the operational state verification controller 1 10 may flush the access log 1 16.
[0108] Figure 10 shows a failover operational state determination process 154 implemented by the system 100 in an embodiment.
[0109] At step 154, the subscriber may register a further subscriber electronic device 154. For example, the subscriber may register an Apple™ iPhone™ as a first subscriber electronic device 101 A and iPad™ as a further subscriber electronic device 101 B.
[01 10] At step 155, the system operates in a first operational mode of communication wherein the operational state verification controller 1 10 and the first subscriber electronic device 101 A communicate autonomously to determine the operational state.
[01 1 1 ] However, following communication failure at step 157, the system may enter a second mode of operation at step 158 wherein the system 100 attempts further autonomous communication between the further subscriber electronic device 101 B and the operational state verification controller 1 10 at step 159.
[01 12] As such, at step 160, the system may determine the operational state further according to the further operational state.
[01 13] In other words, following communication failure with the first subscriber electronic device 101 A, the system 100 fails over to autonomous communication with the further subscriber electronic device 101 B, and, further following communication failure therewith, releases the data 123. [01 14] The foregoing description, for purposes of explanation, used specific nomenclature to provide a thorough understanding of the invention. However, it will be apparent to one skilled in the art that specific details are not required in order to practise the invention. Thus, the foregoing descriptions of specific embodiments of the invention are presented for purposes of illustration and description. They are not intended to be exhaustive or to limit the invention to the precise forms disclosed as obviously many modifications and variations are possible in view of the above teachings. The embodiments were chosen and described in order to best explain the principles of the invention and its practical applications, thereby enabling others skilled in the art to best utilize the invention and various embodiments with various modifications as are suited to the particular use contemplated. It is intended that the following claims and their equivalents define the scope of the invention.

Claims

Claims
1 . A data storage and management system comprising: a data storage management server comprising a processor executing computer program code instruction controllers including: a storage controller configured to securely store data in a database in relation to a subscriber account, wherein the subscriber account identifies a subscriber electronic device and a designated recipient; and an operational state verification controller, wherein the operational state verification controller and the subscriber electronic device communicate autonomously with each other in order for the operational state verification controller to determine an operational of the subscriber electronic device and whereby the storage controller controls designated recipient access of the data according to the operational state.
2. The system as claimed in claim 1 , wherein the operational state is determined by failure of the operational state verification controller and the subscriber electronic device to communicate autonomously with each other for a time period.
3. The system as claimed in claim 2, wherein the subscriber account configures the time period.
4. The system as claimed in claim 1 , wherein the operational state verification controller determines the operational state of the subscriber electronic device whereby: the operational state verification controller periodically transmits a verification request to the subscriber electronic device; and wherein the subscriber electronic device is configured to autonomously respond to the verification request by transmitting a verification response to the subscriber electronic device.
5. The system as claimed in claim 4, wherein a processor of the subscriber electronic device executes an autonomous response controller which autonomously responds to the verification request.
6. The system as claimed in claim 5, wherein the autonomous response controller is installed as a background process on the subscriber electronic device on which monitors network traffic to identify verification request from the operation al state verification controller.
7. The system as claimed in claim 1 , wherein the operational state verification controller determines the operational state of the subscriber electronic device whereby the subscriber electronic device periodically transmits a verification notification to the operational state verification controller.
8. The system as claimed in claim 7, wherein the operational state verification controller is configured to transmit an acknowledgement to the subscriber electronic device responsive to the verification notification.
9. The system as claimed in claim 8, wherein a processor of the subscriber electronic device executes an autonomous notification controller and wherein the autonomous notification controller is operationally configured depending on receipt of the acknowledgement.
10. The system as claimed in claim 9, wherein following failure to receive the acknowledgement following transmission of a verification notification, the autonomous notification controller is configured for resending a verification notification.
1 1 . The system as claimed in claim 9, wherein following failure to receive the acknowledgement following transmission of a verification notification, the autonomous notification controller is configured for resending a verification notification to a failover address of the data storage management server.
12. The system as claimed in claim 1 , wherein the operational state verification controller determines the operational state of the subscriber electronic device whereby: the subscriber electronic device periodically autonomously authenticates with a data storage management server and wherein the data storage management server updates an access log accordingly; and the operational state verification controller periodically autonomously reads the access log to determine the operational of the subscriber electronic device.
13. The system as claimed in claim 12, wherein the intermediary server records an identifier of the subscriber electronic device in the access log.
14. The system as claimed in claim 1 , wherein the subscriber account identifies a further subscriber electronic device and wherein the operational state verification controller and the further subscriber electronic device communicate autonomously with each other to allow the operational state verification controller to determine a further operational state of the further subscriber electronic device and wherein the storage controller controls the designated recipient access of the data further according to the further operational state.
15. The system as claimed in claim 14, wherein the operational state verification controller operates in a: first mode wherein the operational state verification controller communicates autonomously with the subscriber electronic device, and responsive to failure of the operational state verification controller and the subscriber electronic device to communicate autonomously with each other for a time period, the operational state verification controller operates in a: second mode wherein the operational state verification controller communicates autonomously with the further subscriber electronic device.
16. The system as claimed in claim 1 , wherein autonomous communication between the operational state verification and the subscriber electronic device is verified.
17. The system as claimed in claim 16, wherein the autonomous communication is cryptographically verified.
18. The system as claimed in claim 17, wherein the autonomous communication from the operational state verification controller is encrypted with a public key of a cryptographic key pair held by the subscriber electronic device and wherein the autonomous communication is verified by decryption of the autonomous communication by the subscriber electronic device with a corresponding private key of the cryptographic key pair held by the subscriber electronic device.
18
19. The system as claimed in claim 17, wherein the autonomous communication from the subscriber electronic device is encrypted with a public key of a cryptographic key pair held by the operational state verification controller and wherein the autonomous communication is verified by decryption of the autonomous communication by the operational state verification controller with a corresponding private key of the cryptographic key pair held by the operational state verification controller.
20. The system as claimed in claim 17, wherein the autonomous communication from the operational state verification controller is cryptographically signed with a private key of a cryptographic key pair held by the operational state verification controller and wherein the autonomous communication is verified by verifying the signature of the autonomous communication by the subscriber electronic device with a corresponding public key of the cryptographic key pair held by the subscriber electronic device.
21. The system as claimed in claim 17, wherein the autonomous communication from the subscriber electronic device is cryptographically signed with a private key of a cryptographic key pair held by the subscriber electronic device and wherein the autonomous communication is verified by decryption of the autonomous communication by the operational state verification controller with a corresponding public key of the cryptographic key pair held by the operational state verification controller.
22. The system as claimed in claim 1 , wherein, following by failure of the operational state verification controller and the subscriber electronic device to communicate autonomously with each other for a time period, the system fails over to a communication mode as claimed in any one of claims 4, 7 and 12.
23. The system as claimed in claim 1 , wherein, following by failure of the operational state verification controller and the subscriber electronic device to communicate autonomously with each other for a time period, the following communication failure, fails over from a communication mode as claimed in claim 7 to a communication mode as claimed in claim 4.
19
PCT/AU2022/051295 2021-10-29 2022-10-28 A data storage and management system WO2023070159A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
AU2021903464 2021-10-29
AU2021903464A AU2021903464A0 (en) 2021-10-29 A system for securing electronic messages
AU2022901512 2022-06-02
AU2022901512A AU2022901512A0 (en) 2022-06-02 A system for securing electronic messages

Publications (1)

Publication Number Publication Date
WO2023070159A1 true WO2023070159A1 (en) 2023-05-04

Family

ID=86160232

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU2022/051295 WO2023070159A1 (en) 2021-10-29 2022-10-28 A data storage and management system

Country Status (1)

Country Link
WO (1) WO2023070159A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2866404A2 (en) * 2012-09-27 2015-04-29 ZTE Corporation Mobile terminal with built-in pppoe dialing function and dialing method thereof
CN104240351B (en) * 2014-09-18 2015-07-15 广东建邦计算机软件有限公司 User interaction method and device based on access control system
US10365982B1 (en) * 2017-03-10 2019-07-30 Pure Storage, Inc. Establishing a synchronous replication relationship between two or more storage systems
CN108989346B (en) * 2018-08-30 2021-03-16 上海同态信息科技有限责任公司 Third-party valid identity escrow agile authentication access method based on account hiding

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2866404A2 (en) * 2012-09-27 2015-04-29 ZTE Corporation Mobile terminal with built-in pppoe dialing function and dialing method thereof
CN104240351B (en) * 2014-09-18 2015-07-15 广东建邦计算机软件有限公司 User interaction method and device based on access control system
US10365982B1 (en) * 2017-03-10 2019-07-30 Pure Storage, Inc. Establishing a synchronous replication relationship between two or more storage systems
CN108989346B (en) * 2018-08-30 2021-03-16 上海同态信息科技有限责任公司 Third-party valid identity escrow agile authentication access method based on account hiding

Similar Documents

Publication Publication Date Title
CN103503408B (en) system and method for providing access credentials
CN101258505B (en) Secure software updates
US8635109B2 (en) System and method for providing offers for mobile devices
US7697926B2 (en) Device and method for generating user notifications associated with tasks that are pending completion
US20070269041A1 (en) Method and apparatus for secure messaging
US9264420B2 (en) Single sign-on for network applications
US20110237221A1 (en) Method and apparatus for bearer and server independent parental control on smartphone, managed by the smartphone
KR20120014181A (en) Method and system for activating computer applications with sms messaging
US11558499B2 (en) System and method for controlling devices using short message service
KR20040075293A (en) Apparatus and method simplifying an encrypted network
KR101972110B1 (en) security and device control method for fog computer using blockchain technology
WO2021138217A1 (en) Method, chip, device and system for authenticating a set of at least two users
US20220247729A1 (en) Message transmitting system with hardware security module
US20180115896A1 (en) Seamless unique user identification and management
US20240064143A1 (en) Methods, mediums, and systems for verifying devices in an encrypted messaging system
WO2023070159A1 (en) A data storage and management system
WO2016126151A1 (en) System for establishing secure communication between multiple electronic communication devices
CN113079506B (en) Network security authentication method, device and equipment
JP2002182923A (en) Device control system
KR102176430B1 (en) Restoration automation apparatus and control method thereof
TWI795148B (en) Device, method and system of handling access control
US20240106859A1 (en) Methods, mediums, and systems for verifying devices in an encrypted messaging system
JP2010251945A (en) Electronic certificate management system for communication authentication and terminal device
CN117336058A (en) Data communication method, electronic device, and storage medium
US20180248868A1 (en) Method and communication system for secured and automated communication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22884794

Country of ref document: EP

Kind code of ref document: A1