Cryptography – Key management – Key escrow or recovery
Reexamination Certificate
1999-09-14
2004-06-08
Moise, Emmanuel L. (Department: 2136)
Cryptography
Key management
Key escrow or recovery
C380S277000, C713S165000, C713S180000, C713S152000
Reexamination Certificate
active
06748084
ABSTRACT:
This application incorporates by reference Taiwanese application Serial No. 88108252, Filed 1999 May 20.
BACKGROUND OF THE INVENTION
1. Field of the Invention
The invention relates in general to a data access control system and a method thereof, and more particularly to a system and method, using secret sharing and dynamic password, in order to increase the security of data access while data log-in is performed.
2. Description of the Related Art
Due to the rapid developing of computer system and the technique of storage media, the data of a variety of systems, such as on-line transaction, mail delivery, database and electrically stored information communications are accessed electrically. The popularity of digital access brings convenience to the users, however, also causes some side effects. Counterfeit and manipulation become even harder to detect and trace while the data is electrically stored. Taking the bank transaction system as an example, the credit card paying system is stored with card numbers of cardholders, details of each transaction and personal references. The privacy of cardholders could not be well protected if the bank is lack of secure control system. Therefore, it is highly demanded to encrypt important information so that administrators are able to control the information better and the related staff can be kept away from the temptation of counterfeit.
As mentioned above, data have to be encrypted to insure the security. However, freely accessing all the encrypted data by a single data administrator would be insecure. Moreover, we have to ensure that the data should not be accessed by the previous data administrator and as less as possible of the encrypted data needed to be amended. This kind of problem is frequently met. Taking a server of electrical transaction as an example, its database contains the personal references of cardholders.
For a control procedure for data management system of a bank, the data is not allowed to be handled, read or erase by a single staff, particularly, when the data includes any of the following features.
(1) The recorded data represents the status of the procedure.
(2) The system contains data not desired to be read.
Referring to
FIG. 1
, which shows a block diagram of a conventional data access control system. As a system user
11
is accessing the data on-line or locally, via the internet
13
, the inputted data will be sent to the data access control system
15
as cipher text or directly. In the data access control system
15
, the data is encrypted, if desired, by servers or the storage processing unit
151
. The data is then sent to and stored in the data storage unit
153
. The data access of the system is controlled by a key K of a storage processing unit
151
to prevent the data being read by unauthorized persons. Since the key K is usually controlled a single data administrator, the following problems may occur:
(1) data administrators could interrupt the normal procedure to counterfeit and manipulate the data in the data storage unit;
(2) the selection of a key holder is hard since the key is completely controlled by the key holder;
(3) all the cipher text has to be changed because of the transference or resign of the key holder, which is time-consuming.
A system of secret sharing is disclosed in U.S. Pat. No. 5,764,767 by Beimel et al. Referring to
FIG. 2A
, Secret S, such as a code of a safe, is divided n Secret Shares s
i
(i=1~n) by a dealer
21
, using a method provided by Shamir and Blakley. The n Secret Shares s
i
of the Secret S along with n Key K
i
are delivered to n Participants P
i
, respectively. Referring to
FIG. 2B
, the Key K
i
is composed of n−1 Key Constituents k
i
j
(j=1~n, i≠j). The Key Constituents k
i
j
is for each Participant P
i
to communicate with other Participants P
j
(j&egr;[1,n], j≠i). Referring to
FIG. 2C
, the Secret S reconstructing procedure includes the following steps. First, m (1<m<n) Participants P
j
′(j&egr;[1,m]) are selected from n Participants P
i
, and at least one Participant P
k
′(k&egr;[1,n]) is denoted from m Participants P
j
′ as a Recipient to execute. Then, the Recipient P
k
′ receives and decrypts the encrypted Secret Shares s
j
′ from the other m−1 Participants P
J
′(j≠k), and utilizes the m−1 Secret Shares s
j
′ and his own Secret Share s
k
′(m Secret Share s
i
in total) to reconstruct the Secret S. In addition, the Recipient P
k
′ receives m−1 Secret Share s
j
′ and completes decrypting by using his own n−1 Key Constituent k
i
j
.
According to the above-mentioned secret reconstruction system, secret data has to be divided into a number of secret shares to be shared by the respective participants. To reconstruct the secret data, each participant needs to obtain the authority of all the other participants. For example, each K
i
includes n−1Key Constituent k
j
i
to communicate with other Participants P
i
. As a result, if any one of the Participants is changed, the process of secret reconstruction becomes redundant. In addition, little error of any one participant may cause unrecoverable mistake, since the system proposed by Beimel et al. is not designed particularly for the managing member to obtain the secret data. Moreover, since the recipient utilizes the key constituent to obtain the encrypted secret shares from other participants and the encryption method does not change along with each load in, it is easy to be recognized while the procedure is repeated and the system is restarted.
SUMMARY OF THE INVENTION
It is therefore an object of the invention to provide a system and method for the control of data access. A key is first divided into a number of subkeys for different key holders. The accessing right of the data administrator is therefore distributed and the above-mentioned problems of the conventional system and method are overcome. By packaging the subkey to form a dynamic code while data log-in is performed, the system security is then increased.
It is another object of the invention to provide a method for data access control, wherein a master key is used to access data. The method includes the following steps. The master key is first divided into n subkeys and the subkeys are kept separately, wherein a (m,n)-threshold scheme is used, and m is a natural number larger than 1 but smaller than n. A master key is then used for the reconstruction procedure to obtain m subkeys in order to reconstruct the master key. Next, the master key is used to encrypt and decrypt said data while said data is desired to be accessed.
It is therefore a further object of the invention to provide a method for secure data access control, wherein a master key is used to access data. The method includes the following steps. First, the master key is divided into a number of subkeys that are kept separately. Next, a master key reconstruction procedure and dynamic data log-in are utilized to obtain a number of subkeys in order to reconstruct the master key. Then, the master key is used to encrypt and decrypt said data while said data is desired to be accessed.
It is therefore another object of the invention of the invention to provide a data access control system for accessing data. The system includes the following elements: a data storage unit for saving the data; a master key for encrypting and decrypting the data; a subkey control module for dividing the master key into n subkeys, using a (m,n)-threshold scheme, wherein m is a natural number larger than 1 but smaller than n; a master key reconstruction module which receives m subkeys to reconstruct the master key; and a data control module ,which uses the master key reconstructed by the master key reconstruction module to control accessing the data form the data storage unit.
Thus, anyone, including the data administrator, has to obtain m subkeys to reconstruct the master key in order to amend and read the data. Hence, the data are effectively protected. Even
Chen Yen-Sha
Cheng Jen-Chieh
Gau Min-Jea
Tsuei Wen
Yang Wen-Hsin
Industrial Technology Research Institute
Moise Emmanuel L.
Rabin & Berdo P.C.
LandOfFree
Data access control system and method thereof does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Data access control system and method thereof, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Data access control system and method thereof will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3299416