Patents Assigned to Security First Corp.
  • Patent number: 10068103
    Abstract: The systems and methods of the present invention provide a solution that makes data provably secure and accessible—addressing data security at the bit level—thereby eliminating the need for multiple perimeter hardware and software technologies. Data security is incorporated or weaved directly into the data at the bit level. The systems and methods of the present invention enable enterprise communities of interest to leverage a common enterprise infrastructure. Because security is already woven into the data, this common infrastructure can be used without compromising data security and access control. In some applications, data is authenticated, encrypted, and parsed or split into multiple shares prior to being sent to multiple locations, e.g., a private or public cloud. The data is hidden while in transit to the storage location, and is inaccessible to users who do not have the correct credentials for access.
    Type: Grant
    Filed: April 19, 2013
    Date of Patent: September 4, 2018
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini
  • Patent number: 10031679
    Abstract: The systems and methods disclosed herein transparently provide an improved scalable cloud-based dynamically adjustable or configurable storage volume. In one aspect, a gateway provides a dynamically or configurably adjustable storage volume, including a local cache. The storage volume may be transparently adjusted for the amount of data that needs to be stored using available local or cloud-based storage. The gateway may use caching techniques and block clustering to provide gains in access latency compared to existing gateway systems, while providing scalable off-premises storage.
    Type: Grant
    Filed: November 23, 2015
    Date of Patent: July 24, 2018
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini
  • Patent number: 10027484
    Abstract: Systems and methods are provided for securely sharing data. A processor forms two or more shares of a data set encrypted with a symmetric key, the data set associated with a first user device, and causes the encrypted data set shares to be stored separately from each other in at least one remote storage location. The processor generates first and second encrypted keys by encrypting data indicative of the symmetric key with a first asymmetric key of first and second asymmetric key pairs associated with the first user device and a second user device, respectively, and causes the encrypted key to be stored in the at least one storage location. To restore the data set, a predetermined number of the two or more encrypted data set shares and at least one of the second asymmetric keys of the first and second asymmetric key pairs are needed.
    Type: Grant
    Filed: June 24, 2015
    Date of Patent: July 17, 2018
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini, Don Martin
  • Patent number: 9992170
    Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data that may be communicated using multiple communications paths.
    Type: Grant
    Filed: June 11, 2013
    Date of Patent: June 5, 2018
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini, Roger S. Davenport, Steven Winick
  • Patent number: 9985932
    Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data that may be communicated using multiple communications paths.
    Type: Grant
    Filed: May 10, 2012
    Date of Patent: May 29, 2018
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini, Roger S. Davenport, Steven Winick
  • Patent number: 9935923
    Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.
    Type: Grant
    Filed: February 10, 2012
    Date of Patent: April 3, 2018
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini, Roger S. Davenport, Steven Winick
  • Patent number: 9916456
    Abstract: Systems and methods are provided for securing a virtual machine by causing a plurality of shares of virtual machine files to be separately stored in response to a stop command. Systems and methods are also provided for restoring a data set with a cryptographic restoration application in response to a series of user inputs received when no visual indicator of the cryptographic restoration algorithm is displayed, and for restoring a data set with data shares received from another computer device in response to detecting a communication link with the device.
    Type: Grant
    Filed: March 14, 2013
    Date of Patent: March 13, 2018
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini
  • Patent number: 9906500
    Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.
    Type: Grant
    Filed: May 12, 2015
    Date of Patent: February 27, 2018
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini, Roger S. Davenport
  • Patent number: 9881177
    Abstract: The systems and methods disclosed herein transparently provide data security using a cryptographic file system layer that selectively intercepts and modifies (e.g., by encrypting) data to be stored in a designated directory. The cryptographic file system layer can be used in combination with one or more cryptographic approaches to provide a server-based secure data solution that makes data more secure and accessible, while eliminating the need for multiple perimeter hardware and software technologies.
    Type: Grant
    Filed: February 13, 2014
    Date of Patent: January 30, 2018
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini, Roger S. Davenport
  • Patent number: 9871770
    Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.
    Type: Grant
    Filed: June 11, 2013
    Date of Patent: January 16, 2018
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini, Roger S. Davenport, Steven Winick
  • Patent number: 9825927
    Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths. A keyed information dispersal algorithm (keyed IDA) may also be used. The key for the keyed IDA may additionally be protected by an external workgroup key, resulting in a multi-factor secret sharing scheme.
    Type: Grant
    Filed: June 25, 2015
    Date of Patent: November 21, 2017
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini, Mihir Bellare, Phillip Rogaway
  • Patent number: 9785785
    Abstract: Systems and methods are provided for creating and using a sharable file-level key to secure data files. The file-level key is generated based on a workgroup key associated with the data file and unique information associated with the data file. The file-level key may be used to encrypt and split data. Systems and methods are also provided for sharing data without replicating the data on an end user machine. Data is encrypted and split across an external/consumer network and an enterprise/producer network. Access to the data is provided using a computing image generated by a server in the enterprise/producer network and then distributed to end users of the external/consumer network. This computing image may include preloaded files that provide pointers to the data. No access or replication of the data on the enterprise/producer network is needed in order for a user of the external/consumer network to access the data.
    Type: Grant
    Filed: December 30, 2015
    Date of Patent: October 10, 2017
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini, Gabriel D. Landau, Matthew Staker, William Yakamovich
  • Patent number: 9774449
    Abstract: A robust computational secret sharing scheme that provides for the efficient distribution and subsequent recovery of a private data is disclosed. A cryptographic key may be randomly generated and then shared using a secret sharing algorithm to generate a collection of key shares. The private data may be encrypted using the key, resulting in a ciphertext. The ciphertext may then be broken into ciphertext fragments using an Information Dispersal Algorithm. Each key share and a corresponding ciphertext. Fragment are provided as input to a committal method of a probabilistic commitment scheme, resulting in a committal value and a decommittal value. The share for the robust computational secret sharing scheme may be obtained by combining the key share, the ciphertext fragment, the decommittal value, and the vector of committal values.
    Type: Grant
    Filed: July 6, 2016
    Date of Patent: September 26, 2017
    Assignee: Security First Corp.
    Inventors: Mihir Bellare, Phillip Rogaway
  • Patent number: 9733849
    Abstract: The systems and methods disclosed herein transparently provide an improved scalable cloud-based dynamically adjustable or configurable storage volume. In one aspect, a gateway provides a dynamically or configurably adjustable storage volume, including a local cache. The storage volume may be transparently adjusted for the amount of data that needs to be stored using available local or cloud-based storage. The gateway may use caching techniques and block clustering to provide gains in access latency compared to existing gateway systems, while providing scalable off-premises storage.
    Type: Grant
    Filed: November 23, 2015
    Date of Patent: August 15, 2017
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini
  • Patent number: 9613220
    Abstract: The present invention provides a method and system for securing sensitive data from unauthorized access or use. The method and system of the present invention is useful in a wide variety of settings, including commercial settings generally available to the public which may be extremely large or small with respect to the number of users. The method and system of the present invention is also useful in a more private setting, such as with a corporation or governmental agency, as well as between corporation, governmental agencies or any other entity.
    Type: Grant
    Filed: February 10, 2011
    Date of Patent: April 4, 2017
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini, John Van Zandt, Roger S. Davenport
  • Patent number: 9589148
    Abstract: The systems and methods of the present invention provide a solution that makes data provably secure and accessible—addressing data security at the bit level—thereby eliminating the need for multiple perimeter hardware and software technologies. Data security is incorporated or weaved directly into the data at the bit level. The systems and methods of the present invention enable enterprise communities of interest to leverage a common enterprise infrastructure. Because security is already woven into the data, this common infrastructure can be used without compromising data security and access control. In some applications, data is authenticated, encrypted, and parsed or split into multiple shares prior to being sent to multiple locations, e.g., a private or public cloud. The data is hidden while in transit to the storage location, and is inaccessible to users who do not have the correct credentials for access.
    Type: Grant
    Filed: July 29, 2016
    Date of Patent: March 7, 2017
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini
  • Patent number: 9529998
    Abstract: Systems and methods are provided for securing data in virtual machine computing environments. A request is received for a security operation from a first virtual machine operating in a host operating system of a first device. In response to receiving the request, a first security module executes the security operation, the first security module implemented in a kernel of the host operating system. The result of the security operation is provided to the first virtual machine.
    Type: Grant
    Filed: June 24, 2015
    Date of Patent: December 27, 2016
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini, John R. Mumaugh, Matt Staker
  • Patent number: 9516002
    Abstract: Two approaches are provided for distributing trust among certificate authorities. Each approach may be used to secure data in motion. One approach provides methods and systems in which a secure data parser is used to distribute trust in a set of certificate authorities during initial negotiation (e.g., the key establishment phase) of a connection between two devices. Another approach of the present invention provides methods and systems in which the secure data parser is used to disperse packets of data into shares. A set of tunnels is established within a communication channel using a set of certificate authorities, keys developed during the establishment of the tunnels are used to encrypt shares of data for each of the tunnels, and the shares of data are transmitted through each of the tunnels. Accordingly, trust is distributed among a set of certificate authorities in the structure of the communication channel itself.
    Type: Grant
    Filed: April 15, 2014
    Date of Patent: December 6, 2016
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini, Stephen C. Bono, Gabriel D. Landau, Seth James Nielson
  • Patent number: 9465952
    Abstract: Systems and methods are provided for transmitting data for secure storage. For each of two or more data sets, a plurality of shares are generated containing a distribution of data from an encrypted version of the data set. The shares are then stored in a shared memory device, wherein a data set may be reconstructed from a threshold number of the associated plurality of shares using an associated key. Also provided are systems and methods for providing access to secured data. A plurality of shares containing a distribution of data from an encrypted version of a data set are stored in a memory device. A client is provided with a virtual machine that indicates the plurality of shares, and the capability to reconstruct the data set from the plurality of shares using an associated key.
    Type: Grant
    Filed: March 16, 2015
    Date of Patent: October 11, 2016
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini, Matt Staker
  • Patent number: 9449180
    Abstract: The present invention provides a method and system for securing sensitive data from unauthorized access or use. The method and system of the present invention is useful in a wide variety of settings, including commercial settings generally available to the public which may be extremely large or small with respect to the number of users. The method and system of the present invention is also useful in a more private setting, such as with a corporation or governmental agency, as well as between corporation, governmental agencies or any other entity.
    Type: Grant
    Filed: April 18, 2008
    Date of Patent: September 20, 2016
    Assignee: Security First Corp.
    Inventors: Mark S. O'Hare, Rick L. Orsini, John Van Zandt, Roger S. Davenport