Abstract: According to a communication device includes a sharing processing unit, a storage, and a controller. The sharing processing unit shares an encryption key with one or more external devices. The storage stores therein the encryption key. The controller compares a current amount representing an amount of the stored encryption key with a specified reference amount and performs control to continue or stop sharing processing, which is performed by the sharing processing unit, for sharing the encryption key on the basis of a comparison result.

Abstract: Techniques described herein leverage a trusted entity within a domain to enable devices to establish trust with one another so they can securely discover each other and connect to one another. In various examples discussed herein, a device is configured to provide trust information to, and/or receive trust information from, the trusted entity. The trust information may include, for example, a public key of an encryption key pair, a certificate signed by the trusted entity proving authenticity, and/or a hash function and a hash seed used to compute a series of results that form a hash chain. The device may use the trust information to discover another device and to connect to the other device securely and automatically (e.g., with no user involvement or limited user involvement). Moreover, the device may use the trust information to dynamically change a MAC address being used to communicate with the other device.

Abstract: Systems and methods are disclosed for performing data sanitization at a data storage device (DSD). In an embodiment, an apparatus may comprise a controller configured to receive a data sanitization command from a host, perform a data sanitization operation to securely erase data from a memory, produce an attestation including information related to the data sanitization operation, and sign the attestation to produce a signed attestation. In another embodiment, a memory device may store instructions that cause a processor to perform a method comprising performing a data sanitization operation to securely erase data from a data storage medium, generating an attestation including information related to the data sanitization operation, and digitally signing the attestation using an authentication key.

Abstract: System and method of producing a collection of possibilities that agree on information that must be disclosed (disclosable information) and disagree with a sufficient degree of diversity as defined by a policy to protect the sensitive information. A policy defines: what information is possible, what information the recipient would believe, what information is sensitive (to protect), what information is disclosable (to share) and sufficiency conditions that specify the degree of ambiguity required to consider the sensitive information protected. A formalism is utilized that provably achieves these goals for a variety of structured datasets including tabular data such as spreadsheets or databases as well as annotated graphs. The formalism includes the ability to generate a certificate that proves a disclosure adheres to a policy. This certificate is produced either as part of the protection process or separately using an altered process.

Abstract: A system and a method of counter management and security key update for device-to-device (D2D) communication are provided. The method includes creating by a user equipment, a new packet data convergence protocol (PDCP) entity for a service group wherein a service group is identified by a destination identifier (ID), determining if any PDCP entity of the service group exists or not, generating a new proximity service (ProSe)traffic key (PTK) from a ProSe group key (PGK) corresponding to the service group associated with the new PDCP entity, initializing a new packet counter associated with the service group to zero if the new PDCP entity is a first PDCP entity associated with the service group, generating a ProSe encryption key (PEK) from the PTK and encrypting data packets mapped to the new PDCP entity using the PEK and a packet counter associated with the service group.

Abstract: A rich client performs single sign-on (SSO) to access a web- or cloud-based application. According to the described SSO approach, the rich client delegates to its native application server the task of obtaining a credential, such as a SAML assertion. The native server, acting on behalf of the user, obtains an assertion from a federated identity provider (IdP) that is then returned to the rich client. The rich client provides the assertion to a cloud-based proxy, which presents the assertion to an identity manager to attempt to prove that the user is entitled to access the web- or cloud-based application using the rich client. If the assertion can be verified, it is exchanged with a signed token, such as a token designed to protect against cross-site request forgery (CSRF). The rich client then accesses the web- or cloud-based application making a REST call that includes the signed token. The application, which recognizes the request as trustworthy, responds to the call with the requested data.

Abstract: The invention relates to a method for creating a set of asymmetrical cryptographic key pairs, wherein the set of key pairs has a first key pair (K1) and a second key pair (K2), wherein the first key pair is formed by a first private (G1) and a first public key (O1) and the second key pair is formed by a second private (G2) and a second public key (O2), wherein a first cipher (C_G2_O1) is allocated to the first and second key pair, wherein the first cipher is formed by an encryption of the second private key (G2) with the first public key (O1), having the following steps: adding a third asymmetrical cryptographic key pair (K3) to the set of key pairs, wherein the third key pair is formed by a third private (G3) and a third public key (O3); creating a second cipher (C_G3_O1) by encrypting the third private key (G3) with the first public key (O1); storing the second cipher (212; 186), wherein the set of key pairs has a directed graph structure.

Abstract: A computer-based method for characterizing data dependent on at least one variable is described. The method comprises sampling the data in a smart manner by sampling the data in a finite sequence of sampling points, the finite sequence of sampling points being controlled by a magnifying factor for controlling a spacing between elements of the finite sequence of sampling points and being determined such that function values of functions of a family of functions in said finite sequence of sampling points satisfy a recurrence relation. A corresponding device also is described as well as software-related products.

Abstract: One or more techniques and/or systems are provided for provisioning encrypted key blobs and client certificates. That is, a trusted execution environment on a first machine may provide a key service provider with a cryptographic encryption key. The key service provider may encrypt a key blob using the cryptographic encryption key and/or wrap the encrypted key blob with one or more policies, such as a platform policy. The key service provider may provision the encrypted key blob to a client on the first machine. The client may submit the encrypted key blob to the trusted execution environment for validation so that the client may perform key actions, such as sign an email or encrypt data. Because the key blob may be specific to a particular trusted execution environment and/or machine, the key service provider may re-wrap the key blob if the client “roams” to a second machine.

Abstract: A method of configuring a network device for key sharing, the method comprising obtaining (410) in electronic form at least two parameter sets, a parameter set comprising a private modulus (p1) a public modulus (N), and a bivariate polynomial (f1) having integer coefficients, the binary representation of the public modulus and the binary representation of the private modulus are the same in at least key length (b) consecutive bits, generating local key material for the network device comprising obtaining (420) in electronic form an identity number (A) for the network device, and for each parameter set of the at least two parameter sets obtaining a corresponding univariate polynomial, by determining, using a polynomial manipulation device, a univariate polynomial from the bivariate polynomial of the parameter set by substituting (430) the identity number into said bivariate polynomial, and reducing the result of the substitution modulo the private modulus of the parameter set, and electronically storing (450)

Abstract: A method and system configured to produce a cryptographic signature on a message, under a key, at a user computer wherein the key is shared between the user computer, which stores a first key-share, and an authentication computer, which stores a second key-share and a first authentication value. The user computer encodes the message to produce a blinded message, produces the first authentication value from a user password and a secret value, and produces a second authentication value by encoding the first authentication value and a nonce. The authentication computer uses the nonce to determine if the first authentication value is correct and, if so, encodes the blinded message using the second key-share to produce a partial signature. The user computer produces a signature on the message under the key by encoding the partial signature and the message using the first key-share and an unblinding function.

Abstract: The present invention is directed to solve a problem that time is required for a process related to verification of a public key certificate of a message sender. An in-vehicle device mounted on a vehicle has a memory for holding information of a device which failed in verification of a public key certificate. At the time of performing communication between vehicles or between a vehicle and a roadside device, a check is made to see whether or not information of a device included in a message transmitted matches information of a device which failed and held in the memory. When the information matches, verification of a public key certificate is not performed.

Abstract: An apparatus comprises a storage system and a key manager incorporated in or otherwise associated with the storage system. The storage system is configured to store data items across a plurality of dimensions with each such dimension comprising a plurality of classes. The key manager is configured to assign class keys to respective ones of the classes of each of the dimensions. A given one of the data items associated with at least one of the classes in each of two or more of the dimensions is encrypted for storage in the storage system using a multidimensional key determined as a function of the class keys corresponding to respective ones of the classes with which that data item is associated. Such an arrangement allows all of the data items associated with a given one of the classes to be deleted by deleting the class key assigned to the given class.

Abstract: A technique for maintaining encrypted content received over a network in a secure processor without exposing a key used to decrypt the content in the clear is disclosed.

Abstract: A system and method for distributing key pair credentials that includes receiving a public key message at a key master service, wherein the public key message originates from a first client application; associating a key identifier with the public key; storing the public key at the key master service indexed at least by a key identifier; receiving a request for a public key from an outside service, wherein the request specifies a key identifier; and responding to the request with a public key according to the key identifier.

Abstract: In an embodiment, a security engine of a processor includes an identity provider logic to generate a first key pair of a key pairing associating system user and a service provider that provides a web service and having a second system coupled to the system via a network, to perform a secure communication with the second system to enable the second system to verify that the identity provider logic is executing in a trusted execution environment, and responsive to the verification, to send a first key of the first key pair to the second system. This key may enable the second system to verify an assertion communicated by the identity provider logic that the user has been authenticated to the system according to a multi-factor authentication. Other embodiments are described and claimed.

Abstract: Provided are techniques for controlling access to computing resources comprising generating a first fingerprint corresponding to a first executable file; storing the fingerprint in a non-transitory computer-readable storage medium; receiving a request to execute a second executable file on a computing system; generating a second fingerprint corresponding to the second executable file; determining whether or not the first fingerprint matches the second fingerprint; and, in response to determining that the first and second fingerprints match, executing the executable file on the computing system; and, in response to determining that the first and second fingerprints do not match, preventing the executable file from executing on the computing system.

Abstract: An encoded information reading (EIR) terminal can comprise a microprocessor, a memory, and an EIR device including a two-dimensional imager. The EIR device can be configured to output raw message data containing an encoded message and/or outputting a decoded message corresponding to an encoded message. The EIR terminal can be configured, responsive to acquiring an image containing decodable indicia, to pre-process the acquired image and transmit the pre-processed image to an external decoding computer for decoding the decodable indicia.

Abstract: A server establishes a secure session with a client device where a private key used in the handshake when establishing the secure session is stored in a different server. During the handshake procedure, the server receives a premaster secret that has been encrypted using a public key bound with a domain for which the client device is attempting to establish a secure session with. The server transmits the encrypted premaster secret to another server for decryption. The server receives the decrypted premaster secret and continues with the handshake procedure including generating a master secret from the decrypted premaster secret and generating one or more session keys that are used in the secure session for encrypting and decrypting communication between the client device and the server.

Abstract: A method of providing a new enhanced public key by a secure communications terminal for securing system communications, the secure communications terminal having a processor operably connected to a memory and a communications interface, the method comprising: generating, by the processor, a first portion for verifying a client account; generating, by the processor, a second portion for authenticating a public key server; generating, by the processor, an asymmetric public key and a corresponding asymmetric private key; combining, by the processor, the first portion, the second portion and the asymmetric public key to form the new enhanced public key; normalizing, by the processor, the enhanced public key based on a size of the asymmetric public key.

Abstract: A novel method and apparatus for protection of streamed media content is disclosed. In one aspect, the apparatus includes control means for governance of content streams or content objects, decryption means for decrypting content streams or content objects under control of the control means, and feedback means for tracking actual use of content streams or content objects. The control means may operate in accordance with rules received as part of the streamed content, or through a side-band channel. The rules may specify allowed uses of the content, including whether or not the content can be copied or transferred, and whether and under what circumstances received content may be “checked out” of one device and used in a second device. The rules may also include or specify budgets, and a requirement that audit information be collected and/or transmitted to an external server. In a different aspect, the apparatus may include a media player designed to call plugins to assist in rendering content.

Abstract: A method, system and terminal for encrypting and decrypting an application program on a communication terminal are disclosed, including the communication terminal using an identification number of a subscriber identification card as an encryption key, performing encryption processing on an application program to be protected, and obtaining an encrypted application program. The method, system and terminal also include, when a user accesses the encrypted application program, the communication terminal performing matching processing on an identification number of a subscriber identification card inserted currently and the encryption key, and if a processing result is that the identification number of the subscriber identification card inserted currently is matched with the encryption key, performing decryption processing on the encrypted application program for the user to use.

Abstract: In a resource-on-demand environment, dynamically created server instances are allowed to boot from encrypted boot volumes. Access keys to the boot volumes are provided from a key provider that authenticates new instances based on possession of a security token that has been previously shared between the key provider and the new instance through an out-of-band communication.

Abstract: A “trusted service” establishes a trust relationship with an identity provider and interacts with the identity provider over a trusted connection. The trusted service acquires a token from the identity provider for a given user (or set of users) without having to present the user's credentials. The trusted service then uses this token (e.g., directly, by invoking an API, by acquiring another token, or the like) to access and obtain a cloud service on a user's behalf even in the user's absence. This approach enables background services to perform operations within a hosted session (e.g., via OAuth-based APIs) without presenting user credentials or even having the user present.

Abstract: A technique for attesting a plurality of data processing systems includes generating a logical grouping for a data processing system. The logical grouping is associated with a rule that describes a condition that must be met in order for the data processing system to be considered trusted. A list of one or more children associated with the logical grouping is retrieved. The one or more children are attested to determine whether each of the one or more children is trusted. In response to the attesting, the rule is applied to determine whether the condition has been met in order for the data processing system to be considered trusted. A plurality of logical groupings is associated to determine whether an associated plurality of data processing systems can be considered trusted.

Abstract: A method and system for storing data in a key value storage having a plurality of n servers, wherein t<n servers may fail arbitrarily and wherein 3t+1=n is satisfied, the method includes: a) generating commitment information for a secret information, b) disseminating a first message including the data to be stored, a corresponding key for the data and the generated commitment information to the n servers, c) storing the information included in the first message on at least a number of servers, d) providing first storing confirmation information by at least n-t servers, e) disseminating a second message including corresponding key and the secret information to the n servers, f) storing the information included in the second message, and g) providing second storing confirmation information by at least n-t servers.

Abstract: An information processing apparatus includes: an record information obtaining mechanism which obtains record information representing a provision destination of one predetermined electronic information property by a terminal device relating to a provider of the electronic information property; a weighting mechanism which extracts the provision destination included in the obtained actual achievement information and performs weighting on the extracted provision destination based on a reference predetermined in accordance with the attribute of the provision destination; and an evaluation value calculating mechanism which calculates an evaluation value of the provider based on the weighted value.

Abstract: According to an embodiment, a communication device is connected to a plurality of external devices which share key information with each other. The communication device includes a detector and an instructing unit. The detector is configured to, from among the external devices, detect an external device that has been subject to attack. The instructing unit is configured to issue an instruction to stop using key information which is shared with the detected external device.

Abstract: To access a service, each user device stores one first key. The user device is connected to a first server. A terminal sends to a second server a connection request. The second server responds with first data relating to a transaction identifier and an associated challenge. The terminal determines a first result depending upon the first data and the first key. The terminal sends to the first server the first result and user device data. The first server identifies a user device based upon the user device data and sends to the device the first result. The device determines the challenge and the transaction identifier based upon the first result and the first key and sends to the second server the challenge and the transaction identifier. The second server verifies whether the data received from the device matches the first data and, if so, authorizes the terminal to connect.

Abstract: Systems and methods are disclosed for customizing, distributing and processing audio fingerprint data. An example method includes receiving, at a first device, an activation signal and a first audio fingerprint via first wireless communications between the first device and a communications network, the receiving occurring while the first device is not recording audio via a microphone of the first device; based on the activation signal, recording audio using the microphone during a first time period; generating a second audio fingerprint representative of the recorded audio; determining whether the second audio fingerprint matches the first audio fingerprint; and sending an indication of whether the second audio fingerprint matches the first audio fingerprint to an audience measurement entity via second wireless communications between the first device and the communications network.

Abstract: Methods and systems are provided for decentralizing user data access rights control activities in networked organizations having diverse access control models and file server protocols. A folder management application enables end users of the file system to make requests for access to storage elements, either individually, or by becoming members of a user group having group access privileges. Responsibility for dealing with such requests is distributed to respective group owners and data owners, who may delegate responsibility to authorizers. The application may also consider automatically generated proposals for changes to access privileges. An automatic system continually monitors and analyzes access behavior by users who have been pre-classified into groups having common data access privileges. As the organizational structure changes, these groups are adaptively changed both in composition and in data access rights.

Abstract: The invention relates to a computer implemented method for analyzing data of a first user, wherein an asymmetric cryptographic key pair is associated with the first user, said asymmetric cryptographic key pair comprising a public key and a private key, the data being stored pseudonymously in a database with the data being assigned to an identifier, wherein the identifier comprises the public key, the method comprising: receiving a set of rules, the set of rules describing data processing steps, receiving the identifier, retrieving the data assigned to the identifier from the database, analyzing the retrieved data by applying the set of rules, providing a result of the analysis.

Abstract: A method for identifying potentially malicious network elements within a network is useable in a network which includes a plurality of domains administrated by different operators P1, . . . , Pn. In the method, a functional entity receives qualifying information regarding at least one network element that has been transmitted by at least some of the operators P1, . . . , Pn. The at least one network element is qualified as being potentially malicious. The functional entity provides at least one of an alarm information and an alarm activity based on a predefined number of the operators P1, . . . , Pn having transmitted the qualifying information regarding a same potentially malicious network element to the functional entity.

Abstract: In various implementations, a first device retrieves, from a memory, encrypted data encrypted using a first key. The first device transmits, to a second device, a request for an encrypted first key, where the encrypted first key is generated by encrypting the first key using a second key. The first device receives the encrypted first key. The first device transmits, to an identity and access management device (IAM), a request for an encrypted second key, where the encrypted second key is generated by encrypting the second key using a third key. The first device receives the encrypted second key. The first device decrypts the encrypted second key using the third key, decrypts the encrypted first key using the decrypted second key, and decrypts the encrypted data using the decrypted first key. The first device deletes, from its cache, the decrypted first key after a period of time.

Abstract: A network with a set of servers can support authentication from a module, where the module includes an embedded universal integrated circuit card (eUICC). The network can send a first network module identity, a first key K, and an encrypted second key K for an eUICC profile to an eUICC subscription manager. The second key K can be encrypted with a symmetric key. The module can receive and activate the eUICC profile, and the network can authenticate the module using the first network module identity and the first key K. The network can (i) authenticate the user of the module using a second factor, and then (ii) send the symmetric key to the module. The module can decrypt the encrypted second key K using the symmetric key. The network can authenticate the module using the second key K. The module can comprise a mobile phone.

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to pair devices to an in-body network. An example apparatus disclosed herein includes a device capability manager to identify remote sensors associated with a candidate medical device, an encryption engine to provide the candidate medical device with hashing instructions to be applied to input values from selected ones of the remote sensors, a measurement engine to acquire input values from local sensors corresponding to the selected ones of the available remote sensors during a measurement schedule, the encryption engine to apply the hashing instructions to the input values from the local sensors, and a pairing engine to authorize the candidate medical device when an encryption key associated with the remote sensors includes a threshold indication of parity with an encryption key associated with the local sensors.

Abstract: Method for data privacy in a distributed communication system includes: receiving first and second encrypted data from first and second client terminals, each having a different data representation; analyzing the first and second data representations to determine a common data representation; translating the first and second encrypted data to a shared data representation using the common data representation; performing operations on the first encrypted data and second encrypted data to generate a first and second operated encrypted data; reverting the first operated encrypted data back to said first data representation and sending the reverted first encrypted date to the first client terminal for decryption by the first client terminal; and reverting the second operated encrypted data back to said second data representation and sending the reverted second encrypted date to the second client terminal for decryption by the second client terminal.

Abstract: A system and method for controlling use of content in accordance with usage rights associated with the content and determined in accordance with the environment of a user device. A request is received for secure content from a user device and the integrity of the environment of the user device is verified. Appropriate usage rights are retrieved based upon the results of the verification of integrity and the content is rendered on the user device in accordance with the appropriate usage rights.

Abstract: An information processing system includes a first authentication function unit that issues first authentication information which is necessary to perform an authentication collaboration function between the information processing system and an external service and indicates that an authentication is completed by a first authentication function; an administration unit that issues second authentication information which is necessary to use an internal service and indicates that the authentication is completed by a second authentication function and performs, when a collaboration authentication request using the second authentication information is received from an external apparatus and if the received second authentication information is authorized, the collaboration authentication request for the first authentication function and sends the collaboration authentication response from the first authentication function to the external apparatus; and an authentication function using unit that acquires the first au

Abstract: Systems and methods to provide licensing and licensing management to source code components. The system receives a request from a component developer for a component license. The system sends a public key, a component identifier, and licensing code to the developer and the developer embeds the public key, the component identifier, and the licensing code within the source of the component. The developer sends the embedded component to the system, which publishes the component for sale on a web site. A purchaser of the component can embed the component, API code, and a generated license key into a developed application. The API code is invoked, which activates the component within the application. The application can be sent to the system where it can be published to a web site for sale.

Abstract: Example method, apparatus, and computer program product embodiments are disclosed to enable out-of-band short-range communication carrier transport switching for connection setup in device-to-device communication. example embodiments of the invention include a method comprising the steps of participating, by a first device, in a wireless network managed by at least one of an access point device or a group owner device; and exchanging, by the first device, information with a second device over a wireless out-of-band short-range carrier, the exchanged information comprising in-band communication connection parameters for enabling the second device to join the wireless network and authentication information recognizable by the at least one of an access point device or a group owner device managing the wireless network.

Abstract: A system and method provide efficient, secure, and highly reliable authentication for transaction processing and/or access control applications. A personal digital key (PDK) is programmed using a trusted programming device to initialize and/or register the PDK for use. In one embodiment, the initialization and registration processes are administered by a specialized trusted Notary to ensure the processes follow defined security procedures. In a biometric initialization, the programming device acquires a biometric input from a user and writes the biometric data to a tamperproof memory in the PDK. In registration, the Programmer communicates to one or more remote registries to create or update entries associated with the user PDK. Once initialized and registered, the PDK can be used for various levels of secure authentication processes.

Abstract: Methods and nodes (300a, 300b, 302) for handling a usage policy (P1.P2) pertaining to source data (D1,D2) generated by a source node (300a, 300b). The usage policy dictates permission to access and use the source data. The source node calculates a signature (Sig) based on an identification (id_D) of the source data and the usage policy (P) of the source data, and provides the source data, its usage policy and the calculated signature to a data processing node (302). The data processing node then generates new data (D3) based on the source data, and calculates a new signature (Sig3) based on an identification (ldj_)3) of the new data and at least one of: a new usage policy (P3) pertaining to the generated new data, and the usage policy (P1, P2) of the source data.

Abstract: Provided are a method for transmitting uplink data by a terminal in a mobile communication system, the method comprising: when data to be transmitted to uplink is generated in an idle mode, transmitting a ranging request message including at least one of a group identifier allocated to each terminal group to which the terminal belongs, an offline transmission indicator indicating transmission of uplink data in a state in which the terminal is not connected to a network, and uplink data, to a base station; and receiving a ranging response message confirming that the uplink data has been successfully transmitted, from the base station.

Abstract: Methods, systems and apparatuses for a mediator enforcing policies to a resource utilizing an electronic content, are disclosed. One method includes receiving, by a mediator computing device of a mediator, a second share SKG2 from an owner server, wherein a first share SKG1 is provided to a member server of a member of a group by the owner server, wherein the owner defines policies associated with the group. The method further includes the mediator receiving a request from the member for mediation, including the mediator receiving a dispatch of the header of the encrypted electronic content, determining, by the mediator, whether the member is eligible to access the electronic content based at least in part on the policies associated with the group, if eligible, the mediator responds to the request for mediation with a member accessible header.

Abstract: A content encryption device generates encrypted content and an encrypted content copying device copies the encrypted content on an information storage medium. The storage medium is sold at a charge or distributed at no charge. A user gets the storage medium to connect the storage medium to a user terminal device or set the storage medium in a user terminal device, accesses to a content key distribution device to present a part or a whole of medium information of the storage medium to the distribution device. The distribution device grasps the whole of the medium information of the copied medium together with copied content and makes a content key encryption device issue an encrypted content key on the basis of user presentation information and distributes it to the terminal device.

Abstract: A method for acquisition of a software application stored on a software application distribution unit and intended to be supplied to a user computer unit is disclosed wherein, the user computer unit communicates an item of identification information identifying the software application to be acquired to an electronic security module connected to the user computer unit. The module generates, using a secret and identification information, an item of user information and transmits it with the identification information to the unit. The unit protects with the user information the software application identified by the identification information and the protected software application is transmitted to the user computer unit. Thus, the software application is protected with an item of information from the electronic security module of the user. The protected software application then has its protection removed on an electronic security unit equipped with an electronic security module.

Abstract: A network server is operated so as to facilitate legal eavesdropping by receiving, from the first user via a network, a session key (SK) encrypted with a second user's public key, kpubU2, and the SK encrypted with an escrow server's (ES) public key, kpubES. The kpubU2 key is the public key of the second user asymmetric private/public key pair kpriU2/kpubU2. The kpubES key is the public key of the ES asymmetric private/public key pair kpriES/kpubES. The received SK encrypted with kpubES is stored. The SK encrypted with kpubU2 is transmitted to the second user via the network. A message encrypted with the SK is received from one of the first and the second users via the network, stored, and transmitted to the other of the first and the second users via the network.

Abstract: A method of providing a distributed file system allowing the storage of data comprising a plurality of directories and files arranged in a hierarchical structure on a key addressable storage system, the storage system being accessible by a plurality of users, the method comprising the steps of: storing data of a child directory on the storage system and creating a datamap which provides the at least one location of the stored data; assigning an identifier to the child directory and to a parent directory for the child directory; encrypting the datamap using both the child directory identifier and the parent directory identifier; and storing the encrypted datamap on the storage system using at least part of the child directory identifier as the key.

Abstract: A method for encryption of blocks of data (201-206) is provided including the steps of: encrypting (301) a block of data using a current random number (211-216) generated for the block of data (201-206); encoding (303) the current random number using one or more of a set of previous random numbers, each of the set of previous random numbers having been used to encrypt a previously sent block of data; and transmitting (304) the encrypted block of data (241-246) with the one or more versions of the encoded current random number (272-276), each version for a different one of the previous random numbers.