Patents Assigned to Security First Corp.
-
Publication number: 20140281542Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser may split or share a data set into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting an original data set into portions of data that may be communicated using one or more communications paths. Secure workgroup communication is supported through the secure distribution and management of a workgroup key for use with the secure data parser.Type: ApplicationFiled: February 14, 2014Publication date: September 18, 2014Applicant: SECURITY FIRST CORP.Inventors: Stephen C. Bono, Matthew D. Green, Gabriel D. Landau, Rick L. Orsini, Mark S. O'Hare, Roger S. Davenport
-
Publication number: 20140229731Abstract: The systems and methods disclosed herein transparently provide data security using a cryptographic file system layer that selectively intercepts and modifies (e.g., by encrypting) data to be stored in a designated directory. The cryptographic file system layer can be used in combination with one or more cryptographic approaches to provide a server-based secure data solution that makes data more secure and accessible, while eliminating the need for multiple perimeter hardware and software technologies.Type: ApplicationFiled: February 13, 2014Publication date: August 14, 2014Applicant: SECURITY FIRST CORP.Inventors: Mark S. O'Hare, Rick L. Orsini, Roger S. Davenport
-
Patent number: 8787583Abstract: A robust computational secret sharing scheme that provides for the efficient distribution and subsequent recovery of a private data is disclosed. A cryptographic key may be randomly generated and then shared using a secret sharing algorithm to generate a collection of key shares. The private data may be encrypted using the key, resulting in a ciphertext. The ciphertext may then be broken into ciphertext fragments using an Information Dispersal Algorithm. Each key share and a corresponding ciphertext fragment are provided as input to a committal method of a probabilistic commitment scheme, resulting in a committal value and a decommittal value. The share for the robust computational secret sharing scheme may be obtained by combining the key share, the ciphertext fragment, the decommittal value, and the vector of committal values.Type: GrantFiled: March 5, 2012Date of Patent: July 22, 2014Assignee: Security First Corp.Inventors: Mihir Bellare, Phillip Rogaway
-
Publication number: 20140201538Abstract: Systems and methods are provided for securing data. A processing device receives a data set and identifies a first subset of data from a first dimension of a multi-dimensional representation of the data set. The processing device encrypts the first subset of data using a first encryption technique to yield a first encrypted subset of data and replaces the first subset of data in the multi-dimensional representation of the data set with the first subset of encrypted data. The processing device then identifies a second subset of data from a second dimension of the multi-dimensional representation of the data set, with the second subset of data including at least a portion of the first subset of encrypted data, and encrypts the second subset of data using a second encryption technique to yield a second encrypted subset of data.Type: ApplicationFiled: January 27, 2014Publication date: July 17, 2014Applicant: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Stephen C. Bono, Gabriel D. Landau, Seth James Nielson
-
Patent number: 8769699Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data that may be communicated using multiple communications paths.Type: GrantFiled: May 10, 2012Date of Patent: July 1, 2014Assignee: Security First Corp.Inventors: Rick L. Orsini, Mark S. O'Hare, Roger S. Davenport, Steven Winick
-
Patent number: 8769270Abstract: Systems and methods are provided for creating and using a sharable file-level key to secure data files. The sharable file-level key is generated based on a workgroup key associated with the data file, as well as unique information associated with the data file. The sharable file-level key may be used to encrypt and split data using a Secure Parser. Systems and methods are also provided for sharing data without replicating the data on the machine of the end user. Data is encrypted and split across an external/consumer network and an enterprise/producer network. Access to the data is provided using a computing image generated by a server in the enterprise/producer network and then distributed to end users of the external/consumer network. This computing image may include preloaded files that provide pointers to the data that was encrypted and split. No access or replication of the data on the enterprise/producer network is needed in order for a user of the external/consumer network to access the data.Type: GrantFiled: September 20, 2011Date of Patent: July 1, 2014Assignee: Security First Corp.Inventors: Rick L. Orsini, Mark S. O'Hare, Gabriel D. Landau, Matthew Staker, William Yakamovich
-
Patent number: 8745372Abstract: Systems and methods are provided for distributing trust among a set of certificate authorities. One approach provides methods and systems in which the secure data parser is used to distribute trust in a set of certificate authorities during initial negotiation of a connection between two devices. Another approach provides methods and systems in which the secure data parser is used to disperse packets of data into shares. A set of tunnels is established within a communication channel using a set of certificate authorities, keys developed during the establishment of the tunnels are used to encrypt shares of data, and the shares of data are transmitted through each of the tunnels.Type: GrantFiled: November 24, 2010Date of Patent: June 3, 2014Assignee: Security First Corp.Inventors: Rick L. Orsini, Mark S. O'Hare, Stephen C. Bono, Gabriel D. Landau, Seth James Nielson
-
Patent number: 8745379Abstract: Two approaches are provided for distributing trust among a set of certificate authorities. Each approach may be used to secure data in motion. One approach provides methods and systems in which the secure data parser is used to distribute trust in a set of certificate authorities during initial negotiation (e.g., the key establishment phase) of a connection between two devices. Another approach provides methods and systems in which the secure data parser is used to disperse packets of data into shares. A set of tunnels is established within a communication channel using a set of certificate authorities, keys developed during the establishment of the tunnels are used to encrypt shares of data for each of the tunnels, and the shares of data are transmitted through each of the tunnels. Accordingly, trust is distributed among a set of certificate authorities in the structure of the communication channel itself.Type: GrantFiled: August 20, 2012Date of Patent: June 3, 2014Assignee: Security First Corp.Inventors: Rick L. Orsini, Mark S. O'Hare, Stephen C. Bono, Gabriel D. Landau, Seth James Nielson
-
Publication number: 20140150120Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing data in and communicating data with cloud computing resources. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security.Type: ApplicationFiled: November 18, 2013Publication date: May 29, 2014Applicant: SECURITY FIRST CORP.Inventors: Rick L. Orsini, Mark S. O'Hare, Don Martin
-
Publication number: 20140108807Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.Type: ApplicationFiled: December 19, 2013Publication date: April 17, 2014Applicant: SECURITY FIRST CORP.Inventors: Rick L. Orsini, Mark S. O'Hare, Roger S. Davenport, Steven Winick
-
Publication number: 20140108726Abstract: Data processing and an accelerator system therefore are described. An embodiment relates generally to a data processing system. In such an embodiment, a bus and an accelerator are coupled to one another. The accelerator has an application function block. The application function block is to process data to provide processed data to storage. A network interface is coupled to obtain the processed data from the storage for transmission.Type: ApplicationFiled: October 18, 2013Publication date: April 17, 2014Applicant: SECURITY FIRST CORP.Inventors: Lawrence A. Laurich, Stephen Paul Sample, Michael H. Wang, Babu Rao Kandimalla, Rick L. Orsini, Mark S. O'Hare, Don Martin, Steven Mark Casselman
-
Patent number: 8677148Abstract: Systems and methods are provided for securing data. A processing device receives a data set and identifies a first subset of data from a first dimension of a multi-dimensional representation of the data set. The processing device encrypts the first subset of data using a first encryption technique to yield a first encrypted subset of data and replaces the first subset of data in the multi-dimensional representation of the data set with the first subset of encrypted data. The processing device then identifies a second subset of data from a second dimension of the multi-dimensional representation of the data set, with the second subset of data including at least a portion of the first subset of encrypted data, and encrypts the second subset of data using a second encryption technique to yield a second encrypted subset of data.Type: GrantFiled: January 27, 2012Date of Patent: March 18, 2014Assignee: Security First Corp.Inventors: Mark S. O'Hare, Rick L. Orsini, Stephen C. Bono, Gabriel D. Landau, Seth James Nielson
-
Patent number: 8656167Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser may split or share a data set into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting an original data set into portions of data that may be communicated using one or more communications paths. Secure workgroup communication is supported through the secure distribution and management of a workgroup key for use with the secure data parser.Type: GrantFiled: February 23, 2009Date of Patent: February 18, 2014Assignee: Security First Corp.Inventors: Stephen C. Bono, Matthew D. Green, Gabriel D. Landau, Rick L. Orsini, Mark S. O'Hare, Roger Davenport
-
Patent number: 8654971Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing data in and communicating data with cloud computing resources. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security.Type: GrantFiled: May 19, 2010Date of Patent: February 18, 2014Assignee: Security First Corp.Inventors: Rick L Orsini, Mark S. O'Hare, Don Martin
-
Patent number: 8656189Abstract: Systems and methods are provided for transmitting data for secure storage. For each of two or more data sets, a plurality of shares are generated containing a distribution of data from an encrypted version of the data set. The shares are then stored in a shared memory device, wherein a data set may be reconstructed from a threshold number of the associated plurality of shares using an associated key. Also provided are systems and methods for providing access to secured data. A plurality of shares containing a distribution of data from an encrypted version of a data set are stored in a memory device. A client is provided with a virtual machine that indicates the plurality of shares, and the capability to reconstruct the data set from the plurality of shares using an associated key.Type: GrantFiled: August 11, 2011Date of Patent: February 18, 2014Assignee: Security First Corp.Inventors: Rick L. Orsini, Mark S. O'Hare, Matt Staker
-
Patent number: 8650434Abstract: Systems and methods for reading and writing a set of data using a journaling service are provided. The journaling service may be used to identify and record data storage operations associated with one or more shares of data stored in one or more share locations. The journaling service may use logs to record each of the read and write requests to the share locations. In some embodiments, the log may be a queue data structure that stores information associated with failed data storage operations. In some embodiments, the journaling service may leverage both memory and disk storage in order to maintain the journaling queue. In some embodiments, the journaling queue may maintain information associated with the state of each share location. In some embodiments, this information may be used by the journaling service to determine when to monitor and record information regarding data storage operations associated with the share locations.Type: GrantFiled: March 31, 2011Date of Patent: February 11, 2014Assignee: Security First Corp.Inventors: Rick L. Orsini, Mark S. O'Hare
-
Patent number: 8644502Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.Type: GrantFiled: November 5, 2012Date of Patent: February 4, 2014Assignee: Security First Corp.Inventors: Rick L. Orsini, Mark S. O'Hare, Roger Davenport, Steven Winick
-
Publication number: 20130346748Abstract: Systems and methods are provided for transmitting data for secure storage. For each of two or more data sets, a plurality of shares are generated containing a distribution of data from an encrypted version of the data set. The shares are then stored in a shared memory device, wherein a data set may be reconstructed from a threshold number of the associated plurality of shares using an associated key. Also provided are systems and methods for providing access to secured data. A plurality of shares containing a distribution of data from an encrypted version of a data set are stored in a memory device. A client is provided with a virtual machine that indicates the plurality of shares, and the capability to reconstruct the data set from the plurality of shares using an associated key.Type: ApplicationFiled: August 22, 2013Publication date: December 26, 2013Applicant: Security First Corp.Inventors: Rick L. Orsini, Mark S. O'Hare, Matt Staker
-
Patent number: 8601498Abstract: Data processing and an accelerator system therefore are described. An embodiment relates generally to a data processing system. In such an embodiment, a bus and an accelerator are coupled to one another. The accelerator has an application function block. The application function block is to process data to provide processed data to storage. A network interface is coupled to obtain the processed data from the storage for transmission.Type: GrantFiled: May 27, 2011Date of Patent: December 3, 2013Assignee: Security First Corp.Inventors: Lawrence A. Laurich, Stephen Paul Sample, Michael H. Wang, Babu Rao Kandimalla, Rick L. Orsini, Mark S. O'Hare, Don Martin, Steven Mark Casselman
-
Publication number: 20130268774Abstract: Systems and methods are provided for securing a virtual machine by causing a plurality of shares of virtual machine files to be separately stored in response to a stop command. Systems and methods are also provided for restoring a data set with a cryptographic restoration application in response to a series of user inputs received when no visual indicator of the cryptographic restoration algorithm is displayed, and for restoring a data set with data shares received from another computer device in response to detecting a communication link with the device.Type: ApplicationFiled: March 14, 2013Publication date: October 10, 2013Applicant: SECURITY FIRST CORP.Inventors: Mark S. O'Hare, Rick L. Orsini