US20060236406A1 - System and computer based method to automatically archive and retrieve encrypted remote client data files - Google Patents
System and computer based method to automatically archive and retrieve encrypted remote client data files Download PDFInfo
- Publication number
- US20060236406A1 US20060236406A1 US11/454,415 US45441506A US2006236406A1 US 20060236406 A1 US20060236406 A1 US 20060236406A1 US 45441506 A US45441506 A US 45441506A US 2006236406 A1 US2006236406 A1 US 2006236406A1
- Authority
- US
- United States
- Prior art keywords
- backup
- remote user
- data
- client
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/22—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
- G06F11/2294—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing by remote test
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1458—Management of the backup or restore process
- G06F11/1464—Management of the backup or restore process for networked environments
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/068—Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10—TECHNICAL SUBJECTS COVERED BY FORMER USPC
- Y10S—TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10S707/00—Data processing: database and file management or data structures
- Y10S707/99951—File or database maintenance
- Y10S707/99952—Coherency, e.g. same view to multiple users
- Y10S707/99953—Recoverability
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10—TECHNICAL SUBJECTS COVERED BY FORMER USPC
- Y10S—TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10S707/00—Data processing: database and file management or data structures
- Y10S707/99951—File or database maintenance
- Y10S707/99952—Coherency, e.g. same view to multiple users
- Y10S707/99955—Archiving or backup
Definitions
- the invention relates generally to a data processing system of allowing for the dynamic remote configuration and utilization of a backup archive.
- the present invention provides for secured utilization of an encrypted backup archive.
- the instant invention advances the art by allowing its practice to be supported via an encrypted communications protocol interfacing with, and relying upon, the teachings, practices and claims disclosed in co-pending U.S. patent applications Ser. No. 09/239,425 and 09/255,837 (hereinafter synonymously referred to as “Secure Agent” or “SA”).
- Secure Agent utilizes a secure login sequence wherein a client connects to a Secure Agent server using a key known to both systems and a client connects and presents the server with user identification (as used herein the term “client” refers synonymously to a remote user establishing, and communicating with the instant invention through Secure Agent allocation and encryption processes as taught in the above noted applications).
- client refers synonymously to a remote user establishing, and communicating with the instant invention through Secure Agent allocation and encryption processes as taught in the above noted applications.
- the Secure Agent server initiates a protocol whereby the client's identification is verified and subsequent communication is conducted within a secured (encrypted) construct.
- server should be considered a hardware configuration represented as a central processing unit wherein Secure Agent and Host DLL's are executed.
- DLL refers to a Secure Agent host dynamically linked library (a.k.a. Host DLL).
- DLL Secure Agent host dynamically linked library
- DLL or “dynamically linked library” is used in a manner consistent with that known to those skilled in the art.
- the term “DLL” refers to a library of executable functions or data that can be used by a Windows application.
- the instant invention provides for one or more particular functions and program access to such functions by creating a static or dynamic link to the DLL of reference, with “static links” remaining constant during program execution and “dynamic links” created by the program as needed.
- the Secure Agent server presents a variable unit of data, such as the time of day, to the client as a challenge.
- the client must then encrypt that data and supply it back to the server. If the server is able to decrypt the data using the stored client's key so that the result matches the original unencrypted challenge data, the user is considered authenticated and the connection continue.
- the key is never passed between the two systems and is therefore never at risk of exposure.
- the initial variable unit of data seeds the transmission of subsequent data so that the traffic for each client server session is unique. Further, each byte of data transmitted is influenced by the values of previously sent data. Therefore, the connection is secure across any communication passageway including public networks such as, but not limited to, the Internet.
- the distance between the client and server is not of consequence but is typically a remote connection. For accountability purposes, the actions of a client may be recorded or logged to non-volatile storage at almost any detail level desired.
- the access rights of each client is governed by data stored on the Secure Agent server to which the client is associated.
- such rights might encompass the ability to administer and utilize the services of the server system, which would, in turn, include capabilities such as adding new client users, changing a user's rights, loading new code to the server, using a feature (or service) of the server and more.
- Secure Agent allows for the transmission of new code to the server and for that code to be implemented upon demand by a client.
- Such dynamic, real-time implementation allows for the behavior of the server to be modified. It is to this behavior modification the instant invention addresses its teachings, and thereby advances the contemporary art.
- the present invention is best viewed as comprised of at least two server software components with one or more client subcomponents or sub-processes disclosed in association thereto.
- server is used synonymously with “server central processing unit”, “server CPU”, and the term “client” is used synonymously with “host user”, “client central processing unit”, “client CPU” and “remote user”.
- CPU Central Processing Units
- a further object of the instant invention is to provide for a secured logon sequence utilizing encrypted data transmission in accordance with the teachings, disclosure and claims of the above noted pending patent applications.
- An additional object of the present invention is to provide the capability by which an administrator may add and remove one or more users with respect to backup archives.
- Yet another object of the instant invention is to provide a facility by which an administrator may manage the security groups to which a user belongs, thus controlling the access of devices by users at any level desired down to an individual user level.
- a further object of the instant invention is to provide the ability for a user to store and retrieve files on a auxiliary storage device communicably attached to a backup archive server CPU.
- Yet another object of the instant invention is to allow for dynamic user specification of a backup set encryption key.
- a further object of the instant invention is to provide for interactive retrieval capability of stored data files using a user specified backup set encryption key.
- Another object of the instant invention is to provide a system wherein backup data files encrypted according to a user password key are received from a remote user at a backup archive server then decrypted using said encryption key based on the user's password and re-encrypted prior to storage using a backup set encryption key specified by the user during file backup.
- a further object of the instant invention is to provide selective archiving of data files.
- the Applicant has developed an innovative system to remotely configure and utilize a backup archive.
- FIG. 1 is a system schematic providing a conceptual overview of primary hardware and software components of the instant invention as practiced in its preferred embodiment.
- FIG. 2 is a process step illustration of the invention's backup sequence when practiced in its preferred embodiment.
- FIG. 3 is a process step illustration of the invention's retrieval process when practiced in its preferred embodiment.
- FIGS. 1 through 3 discuss and illustrate the invention as practiced in its preferred embodiment.
- FIG. 1 illustrates a system schematic detailing primary processing components of the invention when practiced in its preferred embodiment wherein at least one security administrator central processing unit 1 has executing under dispatching control of its operating system fourth software 2 and is communicably attached to at least one backup archive server central processing unit 3 executing under the dispatching control of its operating system, second software 9 and third software 11 .
- the backup archive server central processing unit 3 further has communicably attached an auxiliary storage unit 5 such as, but not limited to, a mass storage unit, tape device or other similarly intended structure designed to accommodate the storage and retrieval of digitalized data.
- the backup archive server 3 may optionally have attached to it a CD recorder 6 .
- Also communicably attached to the backup archive server central processing unit 3 are one or more remote users 7 (herein synomously referred to as clients, remote clients, users) each shown executing under the dispatching control of their respective operating systems first software 10 . It is herein noted that the communicable attachment of central processing units in FIG. 1 may be facilitated via any network compatible means over which digitized information may be transmitted.
- Client side central processing unit configurations are compatible with those typically employed as web servers, database servers, application servers, workstations, personal computers, desktop computers and laptop computers.
- Backup archive server central processing units 3 of the instant invention are typically those hardware central processing unit configurations capable of providing information and services to one or more remote users such as, but not limited to, web servers, database servers and application servers.
- Said backup archive server central processing unit 3 may alternatively be configured to accommodate a single or multiple control programs each of which is capable of responding to remote user requests and interaction requirements.
- the resiliency and flexibility of the instant invention allows for one or more backup archive server processing units 3 to be embodied as a mainframe computer employing one or more control programs each of which may have under its dispatching control functionality of multiple second 9 and third software 11 instruction sets.
- FIG. 2 illustrates process steps associated with the instant invention's computer based method for verifying and facilitating the automated archiving of remote client data files.
- a remote user first defines a backup set as seen at box 22 indicating information he/she desires to be stored upon the auxiliary storage device 5 of the instant invention's backup archive server central processing unit 3 .
- the user specifies those directories and/or files to be backed up or to be excluded from said backup operation as seen at box 24 , the frequency and time of day at which the specified files are to be backed up as seen at box 26 , an encryption key for the backup data set as seen at box 28 and the identification of the backup archive server CPU he/she wishes to use 29 .
- the instant invention affords the remote user the security of encrypting files according to a logon password key with encrypted files received from the remote user at a backup archive server then decrypted using this password based encryption key and re-encrypted prior to storage using a backup set encryption key specified by the user during file backup and retrieval processes.
- Automated password key based encryption is facilitated via a secure login and transmission protocol such as disclosed in detail in co-pending U.S. patent application Ser. No. 09/239,425 entitled “A Secure Electronic Mail System” filed on Jan. 28, 1999.
- first software 10 operating within each remote user central processing unit 7 encrypts data to be transmitted to the backup central processing unit according to a generated encryption key based upon the user's password.
- the remote client machine 7 logs onto the backup archive server 3 using a pre-authorized user id and password 30 .
- the backup of specified user files is then initiated via transmission of the encrypted data stream encoded according to the user's password key 32 .
- the first software 10 of the instant invention ensures that only files which have been modified since the last backup are transmitted to the backup archive server central processing unit 3 .
- User files are then decrypted via third software 11 using the remote user's password encryption key and then re-encrypted according to a remote user determined and dynamically specified backup key 36 , said backup key specified in element 28 .
- the re-encrypted information is then stored in an auxiliary storage device as indicated earlier, such as a mass storage unit 5 or optional CD burner 6 .
- FIG. 3 illustrates the invention's computer based method for verifying, facilitating and retrieving backed up remote client data files.
- a remote user first logs onto a backup archive server 3 using a predefined user id and password as shown at box 42 .
- the successfullly logged on user then specifies the location where retrieved files are to be stored on the remote/client machine as shown at box 44 , and then specifies a location from which the remote user wishes to retrieve files from as shown at box 46 .
- the user Having specified the location from which to recover retrievable and selective backup files, the user next specifies the encryption key of the backup set used when the backup set was created 48 .
- the encryption key had been designated initially at the time of the backup sets'creation.
- the user next determines which files are to be recovered as shown at box 50 and third software 11 residing within the backup archive server central processing unit 3 retrieves those files and decrypts them on the server as shown at box 52 , utilizing the client provided encryption key for decrypting purposes.
- the decrypted retrieved files are then re-encrypted according to the remote user's sign on/password based encryption key as shown at box 54 and the re-encrypted files are then transmitted to the remote user as shown at box 56 .
- the remote user Once received by the remote user, the remote user once again via his/her based password encryption key decrypts the files and renders recognizable data contained therein.
Abstract
A remote user establishes an interactive session. A pre-determined backup set is encrypted at a remote user site according to a key based upon the user's password. Encrypted backup data is then transmitted to a backup archive server and decrypted utilizing the user's password generated key and re-encrypted according to a user specified backup set key and stored upon an auxiliary storage unit. The present invention further embodies a retrieval process wherein a remote user designates one or more files to be retrieved and the backup set encryption key used during the initial backup operation. Software executing within the backup archive server CPU retrieves and decrypts the specified files according to the originally specified backup set key and re-encrypts the files according to the remote user's password. Retrieved information is then transmitted to the remote user whereupon it is subsequently decrypted at the remote user site.
Description
- This application is a continuation-in-part of (a) U.S. patent application Ser. No. 09/239,425 entitled “A Secure Electronic Mail System” filed on Jan. 28, 1999 and (b) 09/255,837 entitled “For Information Encoding And Transfer” filed on Feb. 23, 1999 which are continuation-in-part applications of U.S. patent application Ser. No. 08/892,982, filed Jul. 15, 1997, and entitled “Remote Access and Security System”, now U.S. Pat. No. 5,970,149; which is a continuation-in-part of U.S. patent application Ser. No. 08/752,249, filed Nov. 19, 1996, and entitled “Combined Remote Access and Security System”.
- This application is not referenced in any microfiche appendix.
- 1. Technical Field of the Invention
- The invention relates generally to a data processing system of allowing for the dynamic remote configuration and utilization of a backup archive.
- 2. Background of the Invention
- The present invention provides for secured utilization of an encrypted backup archive. The instant invention advances the art by allowing its practice to be supported via an encrypted communications protocol interfacing with, and relying upon, the teachings, practices and claims disclosed in co-pending U.S. patent applications Ser. No. 09/239,425 and 09/255,837 (hereinafter synonymously referred to as “Secure Agent” or “SA”).
- Secure Agent Service Overview
- The following overview is provided to facilitate a comprehensive understanding of the teachings of the instant invention. Secure Agent utilizes a secure login sequence wherein a client connects to a Secure Agent server using a key known to both systems and a client connects and presents the server with user identification (as used herein the term “client” refers synonymously to a remote user establishing, and communicating with the instant invention through Secure Agent allocation and encryption processes as taught in the above noted applications). If recognized, the Secure Agent server initiates a protocol whereby the client's identification is verified and subsequent communication is conducted within a secured (encrypted) construct. For purposes of this overview, the term “server” should be considered a hardware configuration represented as a central processing unit wherein Secure Agent and Host DLL's are executed. The term “DLL” as used herein refers to a Secure Agent host dynamically linked library (a.k.a. Host DLL). The term “DLL” or “dynamically linked library” is used in a manner consistent with that known to those skilled in the art. Specifically, the term “DLL” refers to a library of executable functions or data that can be used by a Windows application. As such, the instant invention provides for one or more particular functions and program access to such functions by creating a static or dynamic link to the DLL of reference, with “static links” remaining constant during program execution and “dynamic links” created by the program as needed.
- The Secure Agent server presents a variable unit of data, such as the time of day, to the client as a challenge. The client must then encrypt that data and supply it back to the server. If the server is able to decrypt the data using the stored client's key so that the result matches the original unencrypted challenge data, the user is considered authenticated and the connection continue. The key is never passed between the two systems and is therefore never at risk of exposure.
- The initial variable unit of data seeds the transmission of subsequent data so that the traffic for each client server session is unique. Further, each byte of data transmitted is influenced by the values of previously sent data. Therefore, the connection is secure across any communication passageway including public networks such as, but not limited to, the Internet. The distance between the client and server is not of consequence but is typically a remote connection. For accountability purposes, the actions of a client may be recorded or logged to non-volatile storage at almost any detail level desired.
- The access rights of each client (what the client is able to accomplish during a session) is governed by data stored on the Secure Agent server to which the client is associated. As an example, such rights might encompass the ability to administer and utilize the services of the server system, which would, in turn, include capabilities such as adding new client users, changing a user's rights, loading new code to the server, using a feature (or service) of the server and more.
- Consequently, Secure Agent allows for the transmission of new code to the server and for that code to be implemented upon demand by a client. Such dynamic, real-time implementation in turn, allows for the behavior of the server to be modified. It is to this behavior modification the instant invention addresses its teachings, and thereby advances the contemporary art.
- As will be readily appreciated by those skilled in the art, though the instant invention utilizes encryption/decryption and code recognition technology associated with Secure Agent, an alternative technology may be employed in support of the instant invention without departing from the disclosure, teachings and claims presented herein.
- The present invention is best viewed as comprised of at least two server software components with one or more client subcomponents or sub-processes disclosed in association thereto. As used throughout the instant invention specification and claims, the term “server” is used synonymously with “server central processing unit”, “server CPU”, and the term “client” is used synonymously with “host user”, “client central processing unit”, “client CPU” and “remote user”.
- It is an object of the instant invention to provide for one or more remote backup archive server Central Processing Units (CPU) to backup one or more remote user files.
- A further object of the instant invention is to provide for a secured logon sequence utilizing encrypted data transmission in accordance with the teachings, disclosure and claims of the above noted pending patent applications.
- An additional object of the present invention is to provide the capability by which an administrator may add and remove one or more users with respect to backup archives.
- Yet another object of the instant invention is to provide a facility by which an administrator may manage the security groups to which a user belongs, thus controlling the access of devices by users at any level desired down to an individual user level.
- A further object of the instant invention is to provide the ability for a user to store and retrieve files on a auxiliary storage device communicably attached to a backup archive server CPU.
- Yet another object of the instant invention is to allow for dynamic user specification of a backup set encryption key.
- A further object of the instant invention is to provide for interactive retrieval capability of stored data files using a user specified backup set encryption key.
- Another object of the instant invention is to provide a system wherein backup data files encrypted according to a user password key are received from a remote user at a backup archive server then decrypted using said encryption key based on the user's password and re-encrypted prior to storage using a backup set encryption key specified by the user during file backup.
- A further object of the instant invention is to provide selective archiving of data files.
- Responsive to the foregoing challenges, the Applicant has developed an innovative system to remotely configure and utilize a backup archive.
- It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only, and are not restrictive of the invention as claimed. The accompanying drawings, which are incorporated herein by reference, and which constitute a part of this specification, illustrate certain embodiments of the invention and, together with the detailed description, serve to explain the principles of the present invention.
- In this respect, before explaining at least one embodiment of the invention in detail, it is to be understood that the invention is not limited in this application to the details of construction and to the arrangement so the components set forth in the following description or illustrated in the drawings. The invention is capable of other embodiments and of being practiced and carried out in various ways. Also, it is to be understood that the phraseology and terminology employed herein are for the purpose of description and should not be regarded as limiting.
- Additional objects and advantages of the invention are set forth, in part, in the description which follows and, in part, will be apparent to one of ordinary skill in the art from the description and/or from the practice of the invention.
- These together with other objects of the invention, along with the various features of novelty which characterize the invention, are pointed out with particularity in the claims annexed to and forming a part of this disclosure. For a better understanding of the invention, its operating advantages and the specific objects attained by its uses, reference would be had to the accompanying drawings, depictions and descriptive matter in which there is illustrated preferred embodiments and results of the invention.
-
FIG. 1 is a system schematic providing a conceptual overview of primary hardware and software components of the instant invention as practiced in its preferred embodiment. -
FIG. 2 is a process step illustration of the invention's backup sequence when practiced in its preferred embodiment. -
FIG. 3 is a process step illustration of the invention's retrieval process when practiced in its preferred embodiment. - While the making and using of various embodiments of the present invention are discussed in detail below, it should be appreciated that the present invention provides for inventive concepts capable of being embodied in a variety of specific contexts. The specific embodiments discussed herein are merely illustrative of specific manners in which to make and use the invention and are not to be interpreted as limiting the scope of the instant invention.
- While the invention has been described with a certain degree of particularity, it is clear that many changes may be made in the details of construction and the arrangement of components without departing from the spirit and scope of this disclosure. It is understood that the invention is not limited to the embodiments set forth herein for purposes of exemplification, but is to be limited only by the scope of the attached claim or claims, including the full range of equivalency to which each element thereof is entitled.
-
FIGS. 1 through 3 discuss and illustrate the invention as practiced in its preferred embodiment. -
FIG. 1 illustrates a system schematic detailing primary processing components of the invention when practiced in its preferred embodiment wherein at least one security administrator central processing unit 1 has executing under dispatching control of its operating systemfourth software 2 and is communicably attached to at least one backup archive server central processing unit 3 executing under the dispatching control of its operating system,second software 9 andthird software 11. The backup archive server central processing unit 3 further has communicably attached anauxiliary storage unit 5 such as, but not limited to, a mass storage unit, tape device or other similarly intended structure designed to accommodate the storage and retrieval of digitalized data. - In addition to
auxiliary storage 5 capability communicably attached to the backup archive server 3, the backup archive server 3 may optionally have attached to it aCD recorder 6. - Also communicably attached to the backup archive server central processing unit 3 are one or more remote users 7 (herein synomously referred to as clients, remote clients, users) each shown executing under the dispatching control of their respective operating systems
first software 10. It is herein noted that the communicable attachment of central processing units inFIG. 1 may be facilitated via any network compatible means over which digitized information may be transmitted. Client side central processing unit configurations are compatible with those typically employed as web servers, database servers, application servers, workstations, personal computers, desktop computers and laptop computers. Backup archive server central processing units 3 of the instant invention are typically those hardware central processing unit configurations capable of providing information and services to one or more remote users such as, but not limited to, web servers, database servers and application servers. Said backup archive server central processing unit 3 may alternatively be configured to accommodate a single or multiple control programs each of which is capable of responding to remote user requests and interaction requirements. The resiliency and flexibility of the instant invention, however, allows for one or more backup archive server processing units 3 to be embodied as a mainframe computer employing one or more control programs each of which may have under its dispatching control functionality of multiple second 9 andthird software 11 instruction sets. -
FIG. 2 illustrates process steps associated with the instant invention's computer based method for verifying and facilitating the automated archiving of remote client data files. - In
FIG. 2 , a remote user first defines a backup set as seen atbox 22 indicating information he/she desires to be stored upon theauxiliary storage device 5 of the instant invention's backup archive server central processing unit 3. To provide parameters for said backup set, the user specifies those directories and/or files to be backed up or to be excluded from said backup operation as seen atbox 24, the frequency and time of day at which the specified files are to be backed up as seen atbox 26, an encryption key for the backup data set as seen atbox 28 and the identification of the backup archive server CPU he/she wishes to use 29. It is emphasized that the instant invention affords the remote user the security of encrypting files according to a logon password key with encrypted files received from the remote user at a backup archive server then decrypted using this password based encryption key and re-encrypted prior to storage using a backup set encryption key specified by the user during file backup and retrieval processes. Automated password key based encryption is facilitated via a secure login and transmission protocol such as disclosed in detail in co-pending U.S. patent application Ser. No. 09/239,425 entitled “A Secure Electronic Mail System” filed on Jan. 28, 1999. - The co-pending application further includes references to supporting detail and disclosure with said detail, disclosure and co-pending application incorporated herein by reference in their totality. Once the
remote user 7 has logged on to the backup archive server 3 and been verified viasecond software 9 as an authorized user,first software 10 operating within each remote usercentral processing unit 7 encrypts data to be transmitted to the backup central processing unit according to a generated encryption key based upon the user's password. As scheduled, or optionally via a manual input entry, theremote client machine 7 logs onto the backup archive server 3 using a pre-authorized user id andpassword 30. - The backup of specified user files is then initiated via transmission of the encrypted data stream encoded according to the user's
password key 32. In so doing, thefirst software 10 of the instant invention ensures that only files which have been modified since the last backup are transmitted to the backup archive server central processing unit 3. User files are then decrypted viathird software 11 using the remote user's password encryption key and then re-encrypted according to a remote user determined and dynamically specifiedbackup key 36, said backup key specified inelement 28. The re-encrypted information is then stored in an auxiliary storage device as indicated earlier, such as amass storage unit 5 oroptional CD burner 6. -
FIG. 3 illustrates the invention's computer based method for verifying, facilitating and retrieving backed up remote client data files. InFIG. 3 , a remote user first logs onto a backup archive server 3 using a predefined user id and password as shown atbox 42. The successfullly logged on user then specifies the location where retrieved files are to be stored on the remote/client machine as shown atbox 44, and then specifies a location from which the remote user wishes to retrieve files from as shown atbox 46. Having specified the location from which to recover retrievable and selective backup files, the user next specifies the encryption key of the backup set used when the backup set was created 48. The encryption key had been designated initially at the time of the backup sets'creation. - The user next determines which files are to be recovered as shown at
box 50 andthird software 11 residing within the backup archive server central processing unit 3 retrieves those files and decrypts them on the server as shown atbox 52, utilizing the client provided encryption key for decrypting purposes. The decrypted retrieved files are then re-encrypted according to the remote user's sign on/password based encryption key as shown atbox 54 and the re-encrypted files are then transmitted to the remote user as shown atbox 56. Once received by the remote user, the remote user once again via his/her based password encryption key decrypts the files and renders recognizable data contained therein.
Claims (5)
1-11. (canceled)
12. A system to automatically archive and retrieve encrypted remote client data files comprising:
at least one backup archive server central processing unit connected to a network;
at least one auxiliary storage device communicably attached to said backup archive server central processing unit, wherein communication between said backup archive server central processing unit and said auxiliary storage device is encrypted;
at least one client central processing unit communicably attached to said backup archive server central processing unit wherein all communication is encrypted;
first software for transmitting at least one remote client duplicate backup file encrypted according to the remote client's password across a network from said client central processing unit to said backup archive server central processing unit and for processing encrypted data communicated from second software, said first software executing within said client central processing unit;
second software for processing encrypted data communicated from said first software, validating authorized remote client access and storing said transmitted client back-up file, said second software executing within said backup archive server central processing unit and further including a software instruction set for transmitting data between said backup archive server central processing unit and a suitable data archival device; and
third software wherein all data transmitted between said client and said backup archive server central processing units is encrypted data.
13. The system to automatically archive and retrieve encrypted remote client data files in accordance with claim 12 further comprising at least one robotic CD rom, DVD, or other suitable data archival device and media recording and printing device communicably attached to said backup archive server central processing unit.
14. A computer based method for automatically archiving and retrieving remote client data files comprising:
(a) a remote user specifying a back-up set to archive;
(b) said remote user specifying files to be archived or excluded;
(c) said remote user specifying the frequency and time of day of automated archiving activity;
(d) said remote user specifying an encryption key for said defined backup set;
(e) said remote user scheduling or manually requesting a remote client machine log on to a backup archive server;
(f) said user specifying the identification of a backup server CPU to be utilized for backup purposes;
(g) transmitting from said remote user across a network to a backup archive server remote user defined files which have been modified since last backup;
(h) decrypting at said backup archive server data identified in (g);
(i) re-encrypting the data decrypted in (h) according to a remote user determined and specified backup set key in (d); and
(j) storing data re-encrypted in (i) to an auxiliary storage device.
15. The computer based method for automatically archiving and retrieving remote client data files according to claim 14 further comprising:
(a). a remote user logging on to a backup archive server using a pre-authorized user ID and password;
(b). said remote user specifying a client CPU file location to which retrieved files are to be stored;
(c). said remote user specifying an appropriate backup set from which to recover files;
(d). said remote user specifying the encryption key of the backup set to be restored;
(e). said remote user specifying files within said backup set to be retrieved;
(f). retrieving remote client data which has been encrypted according to a remote user determined and specified backup set key;
(g). decrypting the data retrieved in (f);
(h). re-encrypting the data decrypted in (g) according to said remote user's password key; and,
(i). transmitting data re-encrypted in (h) to a remote user authorized to receive said data.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/454,415 US20060236406A1 (en) | 1996-11-19 | 2006-06-16 | System and computer based method to automatically archive and retrieve encrypted remote client data files |
Applications Claiming Priority (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US75224996A | 1996-11-19 | 1996-11-19 | |
US08/892,982 US5970149A (en) | 1996-11-19 | 1997-07-15 | Combined remote access and security system |
US09/239,425 US6499108B1 (en) | 1996-11-19 | 1999-01-28 | Secure electronic mail system |
US25583799A | 1999-02-23 | 1999-02-23 | |
US09/971,244 US7080260B2 (en) | 1996-11-19 | 2001-10-04 | System and computer based method to automatically archive and retrieve encrypted remote client data files |
US11/454,415 US20060236406A1 (en) | 1996-11-19 | 2006-06-16 | System and computer based method to automatically archive and retrieve encrypted remote client data files |
Related Parent Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US09/239,425 Continuation-In-Part US6499108B1 (en) | 1996-11-19 | 1999-01-28 | Secure electronic mail system |
US25583799A Continuation-In-Part | 1996-11-19 | 1999-02-23 | |
US09/971,244 Continuation US7080260B2 (en) | 1996-11-19 | 2001-10-04 | System and computer based method to automatically archive and retrieve encrypted remote client data files |
Publications (1)
Publication Number | Publication Date |
---|---|
US20060236406A1 true US20060236406A1 (en) | 2006-10-19 |
Family
ID=25518118
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US09/971,244 Expired - Fee Related US7080260B2 (en) | 1996-11-19 | 2001-10-04 | System and computer based method to automatically archive and retrieve encrypted remote client data files |
US11/454,415 Abandoned US20060236406A1 (en) | 1996-11-19 | 2006-06-16 | System and computer based method to automatically archive and retrieve encrypted remote client data files |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US09/971,244 Expired - Fee Related US7080260B2 (en) | 1996-11-19 | 2001-10-04 | System and computer based method to automatically archive and retrieve encrypted remote client data files |
Country Status (2)
Country | Link |
---|---|
US (2) | US7080260B2 (en) |
EP (1) | EP1300746A3 (en) |
Cited By (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080307020A1 (en) * | 2007-06-08 | 2008-12-11 | Steve Ko | Electronic backup and restoration of encrypted data |
US20080310633A1 (en) * | 2007-06-15 | 2008-12-18 | Research In Motion Limited | Method and devices for providing secure data backup from a mobile communication device to an external computing device |
US20090313483A1 (en) * | 2008-06-12 | 2009-12-17 | Microsoft Corporation | Single Instance Storage of Encrypted Data |
US20110016089A1 (en) * | 2009-07-16 | 2011-01-20 | Apple Inc. | Restoring data to a mobile device |
US8495024B2 (en) | 2006-08-04 | 2013-07-23 | Apple Inc. | Navigation of electronic backups |
US20130191497A1 (en) * | 2012-01-25 | 2013-07-25 | International Business Machines Corporation | Storage and Transmission of Log Data In a Networked System |
US8504527B2 (en) | 2006-08-04 | 2013-08-06 | Apple Inc. | Application-based backup-restore of electronic information |
US8745523B2 (en) | 2007-06-08 | 2014-06-03 | Apple Inc. | Deletion in electronic backups |
US8775378B2 (en) | 2006-08-04 | 2014-07-08 | Apple Inc. | Consistent backup of electronic information |
US8943026B2 (en) | 2011-01-14 | 2015-01-27 | Apple Inc. | Visual representation of a local backup |
US8965929B2 (en) | 2007-06-08 | 2015-02-24 | Apple Inc. | Manipulating electronic backups |
US8984029B2 (en) | 2011-01-14 | 2015-03-17 | Apple Inc. | File system management |
US9009115B2 (en) | 2006-08-04 | 2015-04-14 | Apple Inc. | Restoring electronic information |
US20160004646A1 (en) * | 2013-02-28 | 2016-01-07 | Panasonic Intellectual Property Management Co., Ltd. | Encryption and recording apparatus, encryption and recording system, and encryption and recording method |
US9360995B2 (en) | 2007-06-08 | 2016-06-07 | Apple Inc. | User interface for electronic backup |
US9454587B2 (en) | 2007-06-08 | 2016-09-27 | Apple Inc. | Searching and restoring of backups |
WO2017131827A1 (en) * | 2016-01-28 | 2017-08-03 | Pure Storage, Inc. | Efficiently managing encrypted data on a remote backup server |
Families Citing this family (72)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
SE9904094D0 (en) * | 1999-11-12 | 1999-11-12 | Protegrity Research & Dev | Method for reencryption of a database |
US8156074B1 (en) | 2000-01-26 | 2012-04-10 | Synchronoss Technologies, Inc. | Data transfer and synchronization system |
US8611873B2 (en) * | 2004-05-12 | 2013-12-17 | Synchronoss Technologies, Inc. | Advanced contact identification system |
US8620286B2 (en) * | 2004-02-27 | 2013-12-31 | Synchronoss Technologies, Inc. | Method and system for promoting and transferring licensed content and applications |
US6671757B1 (en) | 2000-01-26 | 2003-12-30 | Fusionone, Inc. | Data transfer and synchronization system |
US6892225B1 (en) * | 2000-07-19 | 2005-05-10 | Fusionone, Inc. | Agent system for a secure remote access system |
US7895334B1 (en) | 2000-07-19 | 2011-02-22 | Fusionone, Inc. | Remote access communication architecture apparatus and method |
US8073954B1 (en) | 2000-07-19 | 2011-12-06 | Synchronoss Technologies, Inc. | Method and apparatus for a secure remote access system |
US7818435B1 (en) | 2000-12-14 | 2010-10-19 | Fusionone, Inc. | Reverse proxy mechanism for retrieving electronic content associated with a local network |
US6704886B1 (en) * | 2001-01-25 | 2004-03-09 | Emc Corporation | Data backup system having independent data restore execution |
US8615566B1 (en) | 2001-03-23 | 2013-12-24 | Synchronoss Technologies, Inc. | Apparatus and method for operational support of remote network systems |
US7293179B2 (en) * | 2001-08-01 | 2007-11-06 | Johnson R Brent | System and method for virtual tape management with remote archival and retrieval via an encrypted validation communication protocol |
US7472231B1 (en) | 2001-09-07 | 2008-12-30 | Netapp, Inc. | Storage area network data cache |
US7171434B2 (en) * | 2001-09-07 | 2007-01-30 | Network Appliance, Inc. | Detecting unavailability of primary central processing element, each backup central processing element associated with a group of virtual logic units and quiescing I/O operations of the primary central processing element in a storage virtualization system |
JP2003244379A (en) * | 2002-02-20 | 2003-08-29 | Minolta Co Ltd | Data transmitter |
US20040034177A1 (en) * | 2002-05-02 | 2004-02-19 | Jian Chen | Polymer and method for using the polymer for solubilizing nanotubes |
US20040123131A1 (en) * | 2002-12-20 | 2004-06-24 | Eastman Kodak Company | Image metadata processing system and method |
US7814338B2 (en) * | 2003-06-09 | 2010-10-12 | Johnson R Brent | System and method for virtual tape management with creation and management options |
US8645471B2 (en) | 2003-07-21 | 2014-02-04 | Synchronoss Technologies, Inc. | Device message management system |
JP4509536B2 (en) * | 2003-11-12 | 2010-07-21 | 株式会社日立製作所 | Information processing apparatus, information management method, program, and recording medium for supporting information management |
US7412603B2 (en) * | 2003-12-05 | 2008-08-12 | Microsoft Corporation | Methods and systems for enabling secure storage of sensitive data |
US9542076B1 (en) | 2004-05-12 | 2017-01-10 | Synchronoss Technologies, Inc. | System for and method of updating a personal profile |
US20080082421A1 (en) * | 2004-05-12 | 2008-04-03 | Richard Onyon | Monetization of an advanced contact identification system |
US20060080521A1 (en) * | 2004-09-23 | 2006-04-13 | Eric Barr | System and method for offline archiving of data |
US8266631B1 (en) | 2004-10-28 | 2012-09-11 | Curen Software Enterprises, L.L.C. | Calling a second functionality by a first functionality |
US7774789B1 (en) * | 2004-10-28 | 2010-08-10 | Wheeler Thomas T | Creating a proxy object and providing information related to a proxy object |
US7899189B2 (en) * | 2004-12-09 | 2011-03-01 | International Business Machines Corporation | Apparatus, system, and method for transparent end-to-end security of storage data in a client-server environment |
WO2006066999A2 (en) * | 2004-12-22 | 2006-06-29 | International Business Machines Corporation | Method, system and computer program product for handling data |
WO2006078572A2 (en) * | 2005-01-18 | 2006-07-27 | Tricipher, Inc. | Asymmetric crypto-graphy with rolling key security |
US20060182283A1 (en) * | 2005-02-14 | 2006-08-17 | Tricipher, Inc. | Architecture for asymmetric crypto-key storage |
US20060182277A1 (en) * | 2005-02-14 | 2006-08-17 | Tricipher, Inc. | Roaming utilizing an asymmetric key pair |
US8074069B2 (en) * | 2005-02-24 | 2011-12-06 | International Business Machines Corporation | Reading a locked windows NFTS EFS encrypted computer file |
US8578349B1 (en) | 2005-03-23 | 2013-11-05 | Curen Software Enterprises, L.L.C. | System, method, and computer readable medium for integrating an original language application with a target language application |
US7673134B2 (en) * | 2005-04-07 | 2010-03-02 | Lenovo (Singapore) Pte. Ltd. | Backup restore in a corporate infrastructure |
JP2008546253A (en) * | 2005-05-19 | 2008-12-18 | フュージョンワン インコーポレイテッド | Security protection method and information service provision method |
EP1746524A1 (en) * | 2005-07-22 | 2007-01-24 | Fujitsu Siemens Computers GmbH | Method producing an encrypted backup file and method for restoring data from this backup file in a pocket PC |
HUE038108T2 (en) * | 2005-09-27 | 2018-09-28 | Morgan Stanley | Processing encumbered electronic communications |
US7568124B2 (en) * | 2006-06-02 | 2009-07-28 | Microsoft Corporation | Driving data backups with data source tagging |
US20080104709A1 (en) * | 2006-09-29 | 2008-05-01 | Verus Card Services | System and method for secure data storage |
US7660780B1 (en) * | 2006-12-22 | 2010-02-09 | Patoskie John P | Moving an agent from a first execution environment to a second execution environment |
US7949626B1 (en) | 2006-12-22 | 2011-05-24 | Curen Software Enterprises, L.L.C. | Movement of an agent that utilizes a compiled set of canonical rules |
US8132179B1 (en) | 2006-12-22 | 2012-03-06 | Curen Software Enterprises, L.L.C. | Web service interface for mobile agents |
US7970724B1 (en) | 2006-12-22 | 2011-06-28 | Curen Software Enterprises, L.L.C. | Execution of a canonical rules based agent |
US8423496B1 (en) | 2006-12-22 | 2013-04-16 | Curen Software Enterprises, L.L.C. | Dynamic determination of needed agent rules |
US8200603B1 (en) | 2006-12-22 | 2012-06-12 | Curen Software Enterprises, L.L.C. | Construction of an agent that utilizes as-needed canonical rules |
US9311141B2 (en) | 2006-12-22 | 2016-04-12 | Callahan Cellular L.L.C. | Survival rule usage by software agents |
WO2008094508A2 (en) * | 2007-01-26 | 2008-08-07 | Fusionone, Inc. | System for and method of backing up content for use on a mobile device |
NL1033542C2 (en) * | 2007-03-14 | 2008-09-16 | Livesafer B V | Method for saving a file. |
JP4903071B2 (en) * | 2007-03-15 | 2012-03-21 | 株式会社リコー | Information processing apparatus, software update method, and image processing apparatus |
US8561136B2 (en) * | 2007-10-10 | 2013-10-15 | R. Brent Johnson | System to audit, monitor and control access to computers |
US8181111B1 (en) | 2007-12-31 | 2012-05-15 | Synchronoss Technologies, Inc. | System and method for providing social context to digital activity |
US9251012B2 (en) * | 2008-01-18 | 2016-02-02 | Tivo Inc. | Distributed backup and retrieval system |
US8548950B2 (en) * | 2008-05-22 | 2013-10-01 | The Board Of Trustees Of The Leland Stanford Junior University | Method and system for data archiving |
US20100057790A1 (en) * | 2008-08-29 | 2010-03-04 | Johnson R Brent | Secure virtual tape management system with console and catalog monitoring and updating |
US8214584B2 (en) * | 2008-08-29 | 2012-07-03 | Johnson R Brent | Secure virtual tape management system with early read support options |
US8423604B2 (en) * | 2008-08-29 | 2013-04-16 | R. Brent Johnson | Secure virtual tape management system with balanced storage and multi-mirror options |
US20100162032A1 (en) * | 2008-12-23 | 2010-06-24 | David Dodgson | Storage availability using cryptographic splitting |
EP2234028A1 (en) * | 2009-02-26 | 2010-09-29 | Research In Motion Limited | System and method of handling encrypted backup data |
US9465786B2 (en) | 2009-08-25 | 2016-10-11 | Keeper Security, Inc. | Method for facilitating quick logins from a mobile device |
US8738934B2 (en) | 2009-08-25 | 2014-05-27 | Keeper Security, Inc. | Method and apparatus for protecting account numbers and passwords |
US8255006B1 (en) | 2009-11-10 | 2012-08-28 | Fusionone, Inc. | Event dependent notification system and method |
US8412934B2 (en) * | 2010-04-07 | 2013-04-02 | Apple Inc. | System and method for backing up and restoring files encrypted with file-level content protection |
US8589680B2 (en) * | 2010-04-07 | 2013-11-19 | Apple Inc. | System and method for synchronizing encrypted data on a device having file-level content protection |
US8788842B2 (en) | 2010-04-07 | 2014-07-22 | Apple Inc. | System and method for content protection based on a combination of a user PIN and a device specific identifier |
US8510552B2 (en) * | 2010-04-07 | 2013-08-13 | Apple Inc. | System and method for file-level data protection |
US8943428B2 (en) | 2010-11-01 | 2015-01-27 | Synchronoss Technologies, Inc. | System for and method of field mapping |
CN102811212A (en) * | 2011-06-02 | 2012-12-05 | 英业达集团(天津)电子技术有限公司 | Data encryption method with repetitive data deleting function and system thereof |
US8769274B2 (en) | 2012-09-05 | 2014-07-01 | International Business Machines Corporation | Backup and restore in a secure appliance with integrity and confidentiality |
US9819663B1 (en) * | 2014-04-02 | 2017-11-14 | ThinAir Labs, Inc. | Data protection file system |
EP3315977A1 (en) * | 2016-10-31 | 2018-05-02 | Rohde & Schwarz GmbH & Co. KG | Measuring device for measuring signals and data handling method |
US11546315B2 (en) * | 2020-05-28 | 2023-01-03 | Hewlett Packard Enterprise Development Lp | Authentication key-based DLL service |
US11882222B2 (en) * | 2020-07-23 | 2024-01-23 | The Toronto-Dominion Bank | Multidirectional synchronization of confidential data using distributed ledgers |
Citations (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4588991A (en) * | 1983-03-07 | 1986-05-13 | Atalla Corporation | File access security method and means |
US5235641A (en) * | 1990-03-13 | 1993-08-10 | Hitachi, Ltd. | File encryption method and file cryptographic system |
US5659614A (en) * | 1994-11-28 | 1997-08-19 | Bailey, Iii; John E. | Method and system for creating and storing a backup copy of file data stored on a computer |
US5748735A (en) * | 1994-07-18 | 1998-05-05 | Bell Atlantic Network Services, Inc. | Securing E-mail communications and encrypted file storage using yaksha split private key asymmetric cryptography |
US5764972A (en) * | 1993-02-01 | 1998-06-09 | Lsc, Inc. | Archiving file system for data servers in a distributed network environment |
US5778395A (en) * | 1995-10-23 | 1998-07-07 | Stac, Inc. | System for backing up files from disk volumes on multiple nodes of a computer network |
US5940507A (en) * | 1997-02-11 | 1999-08-17 | Connected Corporation | Secure file archive through encryption key management |
US5970149A (en) * | 1996-11-19 | 1999-10-19 | Johnson; R. Brent | Combined remote access and security system |
US6023506A (en) * | 1995-10-26 | 2000-02-08 | Hitachi, Ltd. | Data encryption control apparatus and method |
US6275855B1 (en) * | 1997-11-02 | 2001-08-14 | R. Brent Johnson | System, method and article of manufacture to enhance computerized alert system information awareness and facilitate real-time intervention services |
US6584466B1 (en) * | 1999-04-07 | 2003-06-24 | Critical Path, Inc. | Internet document management system and methods |
US6728711B2 (en) * | 2000-06-19 | 2004-04-27 | Hewlett-Packard Development Company, L.P. | Automatic backup/recovery process |
US6785786B1 (en) * | 1997-08-29 | 2004-08-31 | Hewlett Packard Development Company, L.P. | Data backup and recovery systems |
US7010689B1 (en) * | 2000-08-21 | 2006-03-07 | International Business Machines Corporation | Secure data storage and retrieval in a client-server environment |
US7130426B1 (en) * | 1999-03-17 | 2006-10-31 | Lg Electronics Inc. | Digital data file encryption apparatus and method and recording medium for recording digital data file encryption program thereon |
US7222233B1 (en) * | 2000-09-14 | 2007-05-22 | At&T Corp. | Method for secure remote backup |
US7373517B1 (en) * | 1999-08-19 | 2008-05-13 | Visto Corporation | System and method for encrypting and decrypting files |
US7406596B2 (en) * | 2000-03-10 | 2008-07-29 | Herbert Street Technologies | Data transfer and management system |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6272631B1 (en) * | 1997-06-30 | 2001-08-07 | Microsoft Corporation | Protected storage of core data secrets |
WO1999046660A2 (en) * | 1998-03-12 | 1999-09-16 | Fairbanks Systems Group | System and method for backing up computer files over a wide area computer network |
CA2256936C (en) * | 1998-12-23 | 2002-04-02 | Hamid Bacha | System for electronic repository of data enforcing access control on data search and retrieval |
-
2001
- 2001-10-04 US US09/971,244 patent/US7080260B2/en not_active Expired - Fee Related
- 2001-12-06 EP EP01129027A patent/EP1300746A3/en not_active Ceased
-
2006
- 2006-06-16 US US11/454,415 patent/US20060236406A1/en not_active Abandoned
Patent Citations (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4588991A (en) * | 1983-03-07 | 1986-05-13 | Atalla Corporation | File access security method and means |
US5235641A (en) * | 1990-03-13 | 1993-08-10 | Hitachi, Ltd. | File encryption method and file cryptographic system |
US5764972A (en) * | 1993-02-01 | 1998-06-09 | Lsc, Inc. | Archiving file system for data servers in a distributed network environment |
US5748735A (en) * | 1994-07-18 | 1998-05-05 | Bell Atlantic Network Services, Inc. | Securing E-mail communications and encrypted file storage using yaksha split private key asymmetric cryptography |
US5659614A (en) * | 1994-11-28 | 1997-08-19 | Bailey, Iii; John E. | Method and system for creating and storing a backup copy of file data stored on a computer |
US5778395A (en) * | 1995-10-23 | 1998-07-07 | Stac, Inc. | System for backing up files from disk volumes on multiple nodes of a computer network |
US20020107877A1 (en) * | 1995-10-23 | 2002-08-08 | Douglas L. Whiting | System for backing up files from disk volumes on multiple nodes of a computer network |
US6023506A (en) * | 1995-10-26 | 2000-02-08 | Hitachi, Ltd. | Data encryption control apparatus and method |
US5970149A (en) * | 1996-11-19 | 1999-10-19 | Johnson; R. Brent | Combined remote access and security system |
US5940507A (en) * | 1997-02-11 | 1999-08-17 | Connected Corporation | Secure file archive through encryption key management |
US6785786B1 (en) * | 1997-08-29 | 2004-08-31 | Hewlett Packard Development Company, L.P. | Data backup and recovery systems |
US6275855B1 (en) * | 1997-11-02 | 2001-08-14 | R. Brent Johnson | System, method and article of manufacture to enhance computerized alert system information awareness and facilitate real-time intervention services |
US7130426B1 (en) * | 1999-03-17 | 2006-10-31 | Lg Electronics Inc. | Digital data file encryption apparatus and method and recording medium for recording digital data file encryption program thereon |
US6584466B1 (en) * | 1999-04-07 | 2003-06-24 | Critical Path, Inc. | Internet document management system and methods |
US7373517B1 (en) * | 1999-08-19 | 2008-05-13 | Visto Corporation | System and method for encrypting and decrypting files |
US7406596B2 (en) * | 2000-03-10 | 2008-07-29 | Herbert Street Technologies | Data transfer and management system |
US6728711B2 (en) * | 2000-06-19 | 2004-04-27 | Hewlett-Packard Development Company, L.P. | Automatic backup/recovery process |
US7010689B1 (en) * | 2000-08-21 | 2006-03-07 | International Business Machines Corporation | Secure data storage and retrieval in a client-server environment |
US7222233B1 (en) * | 2000-09-14 | 2007-05-22 | At&T Corp. | Method for secure remote backup |
Cited By (28)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8495024B2 (en) | 2006-08-04 | 2013-07-23 | Apple Inc. | Navigation of electronic backups |
US9009115B2 (en) | 2006-08-04 | 2015-04-14 | Apple Inc. | Restoring electronic information |
US8775378B2 (en) | 2006-08-04 | 2014-07-08 | Apple Inc. | Consistent backup of electronic information |
US8504527B2 (en) | 2006-08-04 | 2013-08-06 | Apple Inc. | Application-based backup-restore of electronic information |
US8965929B2 (en) | 2007-06-08 | 2015-02-24 | Apple Inc. | Manipulating electronic backups |
US8745523B2 (en) | 2007-06-08 | 2014-06-03 | Apple Inc. | Deletion in electronic backups |
US9360995B2 (en) | 2007-06-08 | 2016-06-07 | Apple Inc. | User interface for electronic backup |
US8429425B2 (en) * | 2007-06-08 | 2013-04-23 | Apple Inc. | Electronic backup and restoration of encrypted data |
US10891020B2 (en) | 2007-06-08 | 2021-01-12 | Apple Inc. | User interface for electronic backup |
US20080307020A1 (en) * | 2007-06-08 | 2008-12-11 | Steve Ko | Electronic backup and restoration of encrypted data |
US9454587B2 (en) | 2007-06-08 | 2016-09-27 | Apple Inc. | Searching and restoring of backups |
US9354982B2 (en) | 2007-06-08 | 2016-05-31 | Apple Inc. | Manipulating electronic backups |
US9594916B2 (en) | 2007-06-15 | 2017-03-14 | Blackberry Limited | Method and devices for providing secure data backup from a mobile communication device to an external computing device |
US20080310633A1 (en) * | 2007-06-15 | 2008-12-18 | Research In Motion Limited | Method and devices for providing secure data backup from a mobile communication device to an external computing device |
US9053330B2 (en) | 2007-06-15 | 2015-06-09 | Blackberry Limited | Method and devices for providing secure data backup from a mobile communication device to an external computing device |
US8484464B2 (en) * | 2007-06-15 | 2013-07-09 | Research In Motion Limited | Method and devices for providing secure data backup from a mobile communication device to an external computing device |
US20090313483A1 (en) * | 2008-06-12 | 2009-12-17 | Microsoft Corporation | Single Instance Storage of Encrypted Data |
US8397084B2 (en) | 2008-06-12 | 2013-03-12 | Microsoft Corporation | Single instance storage of encrypted data |
US20110016089A1 (en) * | 2009-07-16 | 2011-01-20 | Apple Inc. | Restoring data to a mobile device |
US8984029B2 (en) | 2011-01-14 | 2015-03-17 | Apple Inc. | File system management |
US9411812B2 (en) | 2011-01-14 | 2016-08-09 | Apple Inc. | File system management |
US8943026B2 (en) | 2011-01-14 | 2015-01-27 | Apple Inc. | Visual representation of a local backup |
US10303652B2 (en) | 2011-01-14 | 2019-05-28 | Apple Inc. | File system management |
US20140095648A1 (en) * | 2012-01-25 | 2014-04-03 | International Business Machines Corporation | Storage and Transmission of Log Data In a Networked System |
US20130191497A1 (en) * | 2012-01-25 | 2013-07-25 | International Business Machines Corporation | Storage and Transmission of Log Data In a Networked System |
US20160004646A1 (en) * | 2013-02-28 | 2016-01-07 | Panasonic Intellectual Property Management Co., Ltd. | Encryption and recording apparatus, encryption and recording system, and encryption and recording method |
US9811476B2 (en) * | 2013-02-28 | 2017-11-07 | Panasonic Intellectual Property Management Co., Ltd. | Encryption and recording apparatus, encryption and recording system, and encryption and recording method |
WO2017131827A1 (en) * | 2016-01-28 | 2017-08-03 | Pure Storage, Inc. | Efficiently managing encrypted data on a remote backup server |
Also Published As
Publication number | Publication date |
---|---|
EP1300746A3 (en) | 2008-01-16 |
US7080260B2 (en) | 2006-07-18 |
US20020016912A1 (en) | 2002-02-07 |
EP1300746A2 (en) | 2003-04-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7080260B2 (en) | System and computer based method to automatically archive and retrieve encrypted remote client data files | |
US10534919B1 (en) | Backup service and appliance with single-instance storage of encrypted data | |
US6615349B1 (en) | System and method for manipulating a computer file and/or program | |
US6944857B1 (en) | Method, system, computer program product, and article of manufacture for updating a computer program according to a stored configuration | |
US6289450B1 (en) | Information security architecture for encrypting documents for remote access while maintaining access control | |
KR100423797B1 (en) | Method of protecting digital information and system thereof | |
US7089553B1 (en) | Method, system, computer program product, and article of manufacture for downloading a remote computer program according to a stored configuration | |
EP1522167B1 (en) | A method and an apparatus for retrieving a value secured in a key management system | |
US7711728B2 (en) | System and method for searching for static data in a computer investigation system | |
US20070136572A1 (en) | Encrypting system to protect digital data and method thereof | |
US20070189541A1 (en) | Method and system for initialzing a key management system | |
US20020077986A1 (en) | Controlling and managing digital assets | |
JP2011507414A (en) | System and method for protecting data safety | |
JPH10260903A (en) | Group ciphering method and file ciphering system | |
WO2006101554A2 (en) | Computer system for searching static data | |
US10630722B2 (en) | System and method for sharing information in a private ecosystem | |
US20180139208A1 (en) | Secure virtualization of remote storage systems | |
US20060230264A1 (en) | Backup restore in a corporate infrastructure | |
US20180137291A1 (en) | Securing files at rest in remote storage systems | |
WO2000062472A1 (en) | System and method for transmission of encrypted files from a central server computer to a remote computer | |
US7703092B1 (en) | Method, system, computer program product, and article of manufacture for installation and configuration of a computer program according to a stored configuration | |
TW200830200A (en) | Information security management system and method for electronic document | |
EP1410629A1 (en) | System and method for receiving and storing a transport stream | |
KR20190076531A (en) | Cloud storage encryption system | |
JP2007067630A (en) | Data transmission system using network and its method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |