Abstract: Systems and methods for non-deterministic multi-party, multi-user sender-receiver authentication and non-repudiated resilient authorized access to secret data are described herein. In one aspect, a method for data access includes receiving, at a server, a request for data access from a user; transmitting to users, a prompt for identity verification corresponding to the identity of each user, where at least one of user is different than the user requesting data access; receiving, in response to the identity verification prompt, a plurality of identification key fragments from storage locations or devices associated with the users, where each identification key fragment is user specific; generating an organization-specific data object from the plurality of identification key fragments; confirming the organization-specific data object by the users whose identities were validated; and authorizing the request for data access based on confirming the organization-specific data object.

Abstract: Systems and methods for non-deterministic multi-party, multi-user sender-receiver authentication and non-repudiated resilient authorized access to secret data are described herein. In one aspect, a method for data access includes receiving, at a server, a request for data access from a user; transmitting to users, a prompt for identity verification corresponding to the identity of each user, where at least one of user is different than the user requesting data access; receiving, in response to the identity verification prompt, a plurality of identification key fragments from storage locations or devices associated with the users, where each identification key fragment is user specific; generating an organization-specific data object from the plurality of identification key fragments; confirming the organization-specific data object by the users whose identities were validated; and authorizing the request for data access based on confirming the organization-specific data object.

Abstract: Systems and methods for non-deterministic multi-party, multi-user sender-receiver authentication and non-repudiated resilient authorized access to secret data are described herein.

Abstract: A method of securely storing a target number is provided based on the Chinese-Remainder Theorem, A set of n congruence pairs of numbers are generated, wherein a target number (a secret) can be uniquely derived from any t out of the n pairs. In one aspect the divisors are pre-selected such that any randomly selected n integers from the sequence are a valid Asmuth-Bloom sequence for any access structure (t, n) where 1<t?n?N. In another aspect, means are provided for pre-storing members of a Mignotte or Asmuth-Bloom sequence of N divisors in a look-up table from which n divisors can be selected. In this way a flexible access structure is supported. CRT secret shares for a selected access structure can be generated without having to perform the laborious process of calculating Mignotte sequences for each secret and access structure. Storage required to store the secret shares is also reduced by storing and retrieving congruence pairs in the form of an index and a remainder.

Abstract: Systems and methods for adaptive recursive descent data redundancy are described herein. In one embodiment, a method can include identifying the data object or file for Quantum Fragmentation, determining, via a first portion of a Quantum Fragmentation instance, a factor of fragmentation for the data object or file, transforming the data object or file into a plurality of first data fragments according to the factor of fragmentation by applying one or more cryptographic processing, integrity checking, and resilient fragmentation schemes, via the first portion of the Quantum Fragmentation instance, and persisting, via the first portion of the Quantum Fragmentation instance, each of the plurality of first data fragments to a data store of a plurality of available Cloud or other data stores or to a subsequent portion of the Quantum Fragmentation instance, wherein the persistence for each of the first data fragment occurs independently from the other first data fragments.

Abstract: A method of securely storing data including providing, within a secure data storage system, a plurality of secret sharing methods for selection and identifying a striping policy for storage of the data, in accordance with input preferences. The data can be split into N secret shares according to a secret sharing method, the selection being determined by the striping policy, wherein a threshold number, T, of such shares is sufficient to recover the data, where T is less than N, generating metadata associated with the data, the metadata identifying the selected secret sharing method and storing the metadata within the secure data storage system and writing the secret shares to storage that includes storage outside the secure data storage system, such that, when at least T shares are retrieved, the metadata can be recalled to identify the selected secret sharing method for recovery of the data.

Abstract: A method of securely storing data including: providing, within a secure data storage system, a plurality of secret sharing methods for selection and identifying a striping policy for storage of the data, in accordance with input preferences. The data can be split into N secret shares according to a secret sharing method, the selection being determined by the striping policy, wherein a threshold number, T, of such shares is sufficient to recover the data, where T is less than N, generating metadata associated with the data, the metadata identifying the selected secret sharing method and storing the metadata within the secure data storage system and writing the secret shares to storage that includes storage outside the secure data storage system, such that, when at least T shares are retrieved, the metadata can be recalled to identify the selected secret sharing method for recovery of the data.

Abstract: A method of securely storing a target number is provided based on the Chinese-Remainder Theorem, A set of n congruence pairs of numbers are generated, wherein a target number (a secret) can be uniquely derived from any t out of the n pairs. In one aspect the divisors are pre-selected such that any randomly selected n integers from the sequence are a valid Asmuth-Bloom sequence for any access structure (t, n) where 1<t?n?N. In another aspect, means are provided for prestoring members of a Mignotte or Asmuth-Bloom sequence of N divisors in a look-up table from which n divisors can be selected. In this way a flexible access structure is supported. CRT secret shares for a selected access structure can be generated without having to perform the laborious process of calculating Mignotte sequences for each secret and access structure. Storage required to store the secret shares is also reduced by storing and retrieving congruence pairs in the form of an index and a remainder.

Abstract: A method of securely storing data including: providing, within a secure data storage system, a plurality of secret sharing methods for selection and identifying a striping policy for storage of the data, in accordance with input preferences. The data can be split into N secret shares according to a secret sharing method, the selection being determined by the striping policy, wherein a threshold number, T, of such shares is sufficient to recover the data, where T is less than N, generating metadata associated with the data, the metadata identifying the selected secret sharing method and storing the metadata within the secure data storage system and writing the secret shares to storage that includes storage outside the secure data storage system, such that, when at least T shares are retrieved, the metadata can be recalled to identify the selected secret sharing method for recovery of the data.

Abstract: The present invention provides a service for allowing secure financial transactions to be carried out, the service involving authenticating a user's identity and/or status as part of a financial transaction with another party and in the event that the user is authenticated arranging for the transaction to be completed without revealing the user's financial details and/or other personal details to that other party. Authentication data and transaction data may be communicated over any suitable communications channel(s). The invention provides a trusted authentication and payment environment that protects a user's financial details, but allows them to be securely authenticated and arranges for transactions to be fulfilled, whilst providing other parties with reassurance that transactions will be completed. In this way, fraud and theft due to misappropriation of financial details can be minimized.

Abstract: The present invention provides a service for allowing secure financial transactions to be carried out, the service involving authenticating a user's identity and/or status as part of a financial transaction with another party and in the event that the user is authenticated arranging for the transaction to be completed without revealing the user's financial details and/or other personal details to that other party. Authentication data and transaction data may be communicated over any suitable communications channel(s). The invention provides a trusted authentication and payment environment that protects a user's financial details, but allows them to be securely authenticated and arranges for transactions to be fulfilled, whilst providing other parties with reassurance that transactions will be completed. In this way, fraud and theft due to misappropriation of financial details can be minimized.

Abstract: The present invention provides a service for allowing secure financial transactions to be carried out, the service involving authenticating a user's identity and/or status as part of a financial transaction with another party and in the event that the user is authenticated arranging for the transaction to be completed without revealing the user's financial details and/or other personal details to that other party. Authentication data and transaction data may be communicated over any suitable communications channel(s). The invention provides a trusted authentication and payment environment that protects a user's financial details, but allows them to be securely authenticated and arranges for transactions to be fulfilled, whilst providing other parties with reassurance that transactions will be completed. In this way, fraud and theft due to misappropriation of financial details can be minimized.

Abstract: A method of securely storing data including: providing, within a secure data storage system, a plurality of secret sharing methods for selection and identifying a striping policy for storage of the data, in accordance with input preferences. The data can be split into N secret shares according to a secret sharing method, the selection being determined by the striping policy, wherein a threshold number, T, of such shares is sufficient to recover the data, where T is less than N, generating metadata associated with the data, the metadata identifying the selected secret sharing method and storing the metadata within the secure data storage system and writing the secret shares to storage that includes storage outside the secure data storage system, such that, when at least T shares are retrieved, the metadata can be recalled to identify the selected secret sharing method for recovery of the data.

Abstract: The present invention provides a service for allowing secure financial transactions to be carried out, the service involving authenticating a user's identity and/or status as part of a financial transaction with another party and in the event that the user is authenticated arranging for the transaction to be completed without revealing the user's financial details and/or other personal details to that other party. Authentication data and transaction data may be communicated over any suitable communications channel(s). The invention provides a trusted authentication and payment environment that protects a user's financial details, but allows them to be securely authenticated and arranges for transactions to be fulfilled, while providing other parties with reassurance that transactions will be completed. In this way, fraud and theft due to misappropriation of financial details can be minimized.

Abstract: The present invention provides a service for allowing secure financial transactions to be carried out, the service involving authenticating a user's identity and/or status as part of a financial transaction with another party and in the event that the user is authenticated arranging for the transaction to be completed without revealing the user's financial details and/or other personal details to that other party. Authentication data and transaction data may be communicated over any suitable communications channel(s). The invention provides a trusted authentication and payment environment that protects a user's financial details, but allows them to be securely authenticated and arranges for transactions to be fulfilled, whilst providing other parties with reassurance that transactions will be completed. In this way, fraud and theft due to misappropriation of financial details can be minimized.

Abstract: The present invention provides a service for allowing secure financial transactions to be carried out, the service involving authenticating a user's identity and/or status as part of a financial transaction with another party and in the event that the user is authenticated arranging for the transaction to be completed without revealing the user's financial details and/or other personal details to that other party. Authentication data and transaction data may be communicated over any suitable communications channel(s). The invention provides a trusted authentication and payment environment that protects a user's financial details, but allows them to be securely authenticated and arranges for transactions to be fulfilled, while providing other parties with reassurance that transactions will be completed. In this way, fraud and theft due to misappropriation of financial details can be minimized.

Abstract: The present invention provides a service for allowing secure financial transactions to be carried out, the service involving authenticating a user's identity and/or status as part of a financial transaction with another party and in the event that the user is authenticated arranging for the transaction to be completed without revealing the user's financial details and/or other personal details to that other party. Authentication data and transaction data may be communicated over any suitable communications channel(s). The invention provides a trusted authentication and payment environment that protects a user's financial details, but allows them to be securely authenticated and arranges for transactions to be fulfilled, whilst providing other parties with reassurance that transactions will be completed. In this way, fraud and theft due to misappropriation of financial details can be minimized.