Patents Assigned to Security First Corp.
-
Patent number: 9881177Abstract: The systems and methods disclosed herein transparently provide data security using a cryptographic file system layer that selectively intercepts and modifies (e.g., by encrypting) data to be stored in a designated directory. The cryptographic file system layer can be used in combination with one or more cryptographic approaches to provide a server-based secure data solution that makes data more secure and accessible, while eliminating the need for multiple perimeter hardware and software technologies.Type: GrantFiled: February 13, 2014Date of Patent: January 30, 2018Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Roger S. Davenport
-
Patent number: 9871770Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.Type: GrantFiled: June 11, 2013Date of Patent: January 16, 2018Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Roger S. Davenport, Steven Winick
-
Patent number: 9825927Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths. A keyed information dispersal algorithm (keyed IDA) may also be used. The key for the keyed IDA may additionally be protected by an external workgroup key, resulting in a multi-factor secret sharing scheme.Type: GrantFiled: June 25, 2015Date of Patent: November 21, 2017Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Mihir Bellare, Phillip Rogaway
-
Patent number: 9785785Abstract: Systems and methods are provided for creating and using a sharable file-level key to secure data files. The file-level key is generated based on a workgroup key associated with the data file and unique information associated with the data file. The file-level key may be used to encrypt and split data. Systems and methods are also provided for sharing data without replicating the data on an end user machine. Data is encrypted and split across an external/consumer network and an enterprise/producer network. Access to the data is provided using a computing image generated by a server in the enterprise/producer network and then distributed to end users of the external/consumer network. This computing image may include preloaded files that provide pointers to the data. No access or replication of the data on the enterprise/producer network is needed in order for a user of the external/consumer network to access the data.Type: GrantFiled: December 30, 2015Date of Patent: October 10, 2017Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Gabriel D. Landau, Matthew Staker, William Yakamovich
-
Patent number: 9774449Abstract: A robust computational secret sharing scheme that provides for the efficient distribution and subsequent recovery of a private data is disclosed. A cryptographic key may be randomly generated and then shared using a secret sharing algorithm to generate a collection of key shares. The private data may be encrypted using the key, resulting in a ciphertext. The ciphertext may then be broken into ciphertext fragments using an Information Dispersal Algorithm. Each key share and a corresponding ciphertext. Fragment are provided as input to a committal method of a probabilistic commitment scheme, resulting in a committal value and a decommittal value. The share for the robust computational secret sharing scheme may be obtained by combining the key share, the ciphertext fragment, the decommittal value, and the vector of committal values.Type: GrantFiled: July 6, 2016Date of Patent: September 26, 2017Assignee: Security First Corp.Inventors: Mihir Bellare, Phillip Rogaway
-
Patent number: 9733849Abstract: The systems and methods disclosed herein transparently provide an improved scalable cloud-based dynamically adjustable or configurable storage volume. In one aspect, a gateway provides a dynamically or configurably adjustable storage volume, including a local cache. The storage volume may be transparently adjusted for the amount of data that needs to be stored using available local or cloud-based storage. The gateway may use caching techniques and block clustering to provide gains in access latency compared to existing gateway systems, while providing scalable off-premises storage.Type: GrantFiled: November 23, 2015Date of Patent: August 15, 2017Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini
-
Patent number: 9613220Abstract: The present invention provides a method and system for securing sensitive data from unauthorized access or use. The method and system of the present invention is useful in a wide variety of settings, including commercial settings generally available to the public which may be extremely large or small with respect to the number of users. The method and system of the present invention is also useful in a more private setting, such as with a corporation or governmental agency, as well as between corporation, governmental agencies or any other entity.Type: GrantFiled: February 10, 2011Date of Patent: April 4, 2017Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, John Van Zandt, Roger S. Davenport
-
Patent number: 9589148Abstract: The systems and methods of the present invention provide a solution that makes data provably secure and accessible—addressing data security at the bit level—thereby eliminating the need for multiple perimeter hardware and software technologies. Data security is incorporated or weaved directly into the data at the bit level. The systems and methods of the present invention enable enterprise communities of interest to leverage a common enterprise infrastructure. Because security is already woven into the data, this common infrastructure can be used without compromising data security and access control. In some applications, data is authenticated, encrypted, and parsed or split into multiple shares prior to being sent to multiple locations, e.g., a private or public cloud. The data is hidden while in transit to the storage location, and is inaccessible to users who do not have the correct credentials for access.Type: GrantFiled: July 29, 2016Date of Patent: March 7, 2017Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini
-
Patent number: 9529998Abstract: Systems and methods are provided for securing data in virtual machine computing environments. A request is received for a security operation from a first virtual machine operating in a host operating system of a first device. In response to receiving the request, a first security module executes the security operation, the first security module implemented in a kernel of the host operating system. The result of the security operation is provided to the first virtual machine.Type: GrantFiled: June 24, 2015Date of Patent: December 27, 2016Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, John R. Mumaugh, Matt Staker
-
Patent number: 9516002Abstract: Two approaches are provided for distributing trust among certificate authorities. Each approach may be used to secure data in motion. One approach provides methods and systems in which a secure data parser is used to distribute trust in a set of certificate authorities during initial negotiation (e.g., the key establishment phase) of a connection between two devices. Another approach of the present invention provides methods and systems in which the secure data parser is used to disperse packets of data into shares. A set of tunnels is established within a communication channel using a set of certificate authorities, keys developed during the establishment of the tunnels are used to encrypt shares of data for each of the tunnels, and the shares of data are transmitted through each of the tunnels. Accordingly, trust is distributed among a set of certificate authorities in the structure of the communication channel itself.Type: GrantFiled: April 15, 2014Date of Patent: December 6, 2016Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Stephen C. Bono, Gabriel D. Landau, Seth James Nielson
-
Patent number: 9465952Abstract: Systems and methods are provided for transmitting data for secure storage. For each of two or more data sets, a plurality of shares are generated containing a distribution of data from an encrypted version of the data set. The shares are then stored in a shared memory device, wherein a data set may be reconstructed from a threshold number of the associated plurality of shares using an associated key. Also provided are systems and methods for providing access to secured data. A plurality of shares containing a distribution of data from an encrypted version of a data set are stored in a memory device. A client is provided with a virtual machine that indicates the plurality of shares, and the capability to reconstruct the data set from the plurality of shares using an associated key.Type: GrantFiled: March 16, 2015Date of Patent: October 11, 2016Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Matt Staker
-
Patent number: 9449180Abstract: The present invention provides a method and system for securing sensitive data from unauthorized access or use. The method and system of the present invention is useful in a wide variety of settings, including commercial settings generally available to the public which may be extremely large or small with respect to the number of users. The method and system of the present invention is also useful in a more private setting, such as with a corporation or governmental agency, as well as between corporation, governmental agencies or any other entity.Type: GrantFiled: April 18, 2008Date of Patent: September 20, 2016Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, John Van Zandt, Roger S. Davenport
-
Patent number: 9443097Abstract: The systems and methods of the present invention provide a solution that makes data provably secure and accessible—addressing data security at the bit level—thereby eliminating the need for multiple perimeter hardware and software technologies. Data security is incorporated or weaved directly into the data at the bit level. The systems and methods of the present invention enable enterprise communities of interest to leverage a common enterprise infrastructure. Because security is already woven into the data, this common infrastructure can be used without compromising data security and access control. In some applications, data is authenticated, encrypted, and parsed or split into multiple shares prior to being sent to multiple locations, e.g., a private or public cloud. The data is hidden while in transit to the storage location, and is inaccessible to users who do not have the correct credentials for access.Type: GrantFiled: March 31, 2011Date of Patent: September 13, 2016Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini
-
Patent number: 9411524Abstract: Data processing and an accelerator system therefore are described. An embodiment relates generally to a data processing system. In such an embodiment, a bus and an accelerator are coupled to one another. The accelerator has an application function block. The application function block is to process data to provide processed data to storage. A network interface is coupled to obtain the processed data from the storage for transmission.Type: GrantFiled: October 18, 2013Date of Patent: August 9, 2016Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Lawrence A. Laurich, Stephen Paul Sample, Michael H. Wang, Babu Rao Kandimalla, Don Martin, Steven Mark Casselman
-
Patent number: 9407431Abstract: A robust computational secret sharing scheme that provides for the efficient distribution and subsequent recovery of a private data is disclosed. A cryptographic key may be randomly generated and then shared using a secret sharing algorithm to generate a collection of key shares. The private data may be encrypted using the key, resulting in a ciphertext. The ciphertext may then be broken into ciphertext fragments using an Information Dispersal Algorithm. Each key share and a corresponding ciphertext. Fragment are provided as input to a committal method of a probabilistic commitment scheme, resulting in a committal value and a decommittal value. The share for the robust computational secret sharing scheme may be obtained by combining the key share, the ciphertext fragment, the decommittal value, and the vector of committal values.Type: GrantFiled: June 16, 2014Date of Patent: August 2, 2016Assignee: Security First Corp.Inventors: Mihir Bellare, Phillip Rogaway
-
Patent number: 9397827Abstract: A common interface for managing cryptographic keys is provided. A request to manage a cryptographic key may be received in a first interface format, translated to a common interface format, and then executed remotely from the first interface. Return arguments may then be translated from the common interface format to a format compatible with the first interface and communicated securely to the first interface. The cryptographic keys may be used in connection with a secure data parser that secures data by randomly distributing data within a data set into two or more shares.Type: GrantFiled: February 23, 2012Date of Patent: July 19, 2016Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Roger S. Davenport
-
Patent number: 9338140Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data that may be communicated using multiple communications paths.Type: GrantFiled: May 10, 2012Date of Patent: May 10, 2016Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Roger S. Davenport, Steven Winick
-
Patent number: 9317705Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.Type: GrantFiled: December 19, 2013Date of Patent: April 19, 2016Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Roger S. Davenport, Steven Winick
-
Patent number: 9298937Abstract: The present invention provides a method and system for securing sensitive data from unauthorized access or use. The method and system of the present invention is useful in a wide variety of settings, including commercial settings generally available to the public which may be extremely large or small with respect to the number of users. The method and system of the present invention is also useful in a more private setting, such as with a corporation or governmental agency, as well as between corporation, governmental agencies or any other entity.Type: GrantFiled: August 29, 2014Date of Patent: March 29, 2016Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, John Van Zandt, Roger S. Davenport
-
Patent number: 9294445Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data that may be communicated using multiple communications paths.Type: GrantFiled: May 10, 2012Date of Patent: March 22, 2016Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Roger S. Davenport, Steven Winick