Abstract: A method and system of enforcing a computer policy uses a central server to manage user profiles, policies and encryption keys. The server securely supplies the keys to client devices only after checking that the policy has been complied with. The checks include both the identity of the user and the machine identity of the client device. The keys are held in a secure environment of the client device, for example in a Trusted Platform Module (TPM), and remain inaccessible at all times to the end user. Theft or loss of a portable client device does not result in any encrypted data being compromised since the keys needed to decrypt that data are not extractable from the secure environment.
Type:
Grant
Filed:
January 11, 2011
Date of Patent:
November 6, 2018
Assignee:
Scentrics Information Security Technologies Ltd.
Abstract: A system is described for communicating with a mobile device. The mobile device exchanges an electronic message with a messaging server, where the message is encrypted with a messaging key. The mobile device encrypts a copy of the message with a monitoring key different from the messaging key, and sends the encrypted copy to a monitoring server remote from the messaging server. The mobile device communicates with the messaging server via a network router. The network router is configured to block transmission of an encrypted electronic message between the mobile device and the messaging server when an access condition is not met.
Type:
Grant
Filed:
March 23, 2017
Date of Patent:
July 17, 2018
Assignee:
Scentrics Information Security Technologies Ltd.
Inventors:
Guru Paran Chandrasekaran, Andrea Bittau
Abstract: A system is described for communicating with a mobile device. The mobile device exchanges an electronic message with a messaging server, where the message is encrypted with a messaging key. The mobile device encrypts a copy of the message with a monitoring key different from the messaging key, and sends the encrypted copy to a monitoring server remote from the messaging server. The mobile device communicates with the messaging server via a network router. The network router is configured to block transmission of an encrypted electronic message between the mobile device and the messaging server when an access condition is not met.
Type:
Grant
Filed:
January 30, 2012
Date of Patent:
April 18, 2017
Assignee:
Scentrics Information Security Technologies Ltd
Inventors:
Guru Paran Chandrasekaran, Andrea Bittau
Abstract: A mobile device (2) exchanges an electronic message with a messaging server (4), where the message is encrypted with a messaging key. The mobile device encrypts a copy of the message with a monitoring key (9) different from the messaging key, and sends the encrypted copy to a monitoring server (5) remote from the messaging server (4).
Type:
Application
Filed:
January 30, 2012
Publication date:
March 20, 2014
Applicant:
Scentrics Information Security Technologies Ltd.
Inventors:
Guru Paran Chandrasekaran, Andrea Bittau
Abstract: A method and system of enforcing a computer policy uses a central server to manage user profiles, policies and encryption keys. The server securely supplies the keys to client devices only after checking that the policy has been complied with. The checks include both the identity of the user and the machine identity of the client device. The keys are held in a secure environment of the client device, for example in a Trusted Platform Module (TPM), and remain inaccessible at all times to the end user. Theft or loss of a portable client device does not result in any encrypted data being compromised since the keys needed to decrypt that data are not extractable from the secure environment.
Type:
Application
Filed:
January 11, 2011
Publication date:
June 20, 2013
Applicant:
SCENTRICS INFORMATION SECURITY TECHNOLOGIES LTD