Electrical computers and digital processing systems: multicomput – Remote data accessing – Accessing a remote server
Reexamination Certificate
1999-02-22
2002-03-12
Burgess, Glenton B. (Department: 2153)
Electrical computers and digital processing systems: multicomput
Remote data accessing
Accessing a remote server
C713S152000, C713S186000, C713S168000, C713S176000
Reexamination Certificate
active
06356941
ABSTRACT:
FIELD AND BACKGROUND OF THE INVENTION
The present invention relates to a system and method for providing secure storage and transaction facilities for electronically stored data in a computer networking environment, and in particular, to such a system and method in which access to the facility is controlled by the owner of the information.
The security of information is extremely important for modern society, particularly since the advent of the Internet. Unauthorized exposure of such information, and/or unintended or unauthorized use of information may significantly damage organizations and individuals. Damage may also be caused by lost, corrupted or misused information. Thus, appropriate security measures are required in order to protect information from such damaging actions, while still maintaining the availability of such information to authorized individuals and/or organizations.
The mode of storage for information significantly alters the security measures required to protect the information. For example, information which is written on paper can be physically protected through storage in a physical safe. Such a physical safe is a device which contains the paper, thereby preventing unauthorized access to the information, and hence preventing unauthorized or unintended exposure or use of the information.
Physical safes have the advantage of ease of implementation and use, but have the drawback of being restricted to one physical location, such that the user must be physically present in the same location as the safe in order to access the information. Currently, flexibility and ease of access to information are highly valued, particularly through the Internet and organizational intranets, which provide connections between computers through a network. Accessing information through a network enables users at physically separate locations to share information, but also increases the possibility of unauthorized or unintended access to the information. Various attempts to provide a solution to the problem of security for electronically stored information are known in the art, but all of these attempted solutions have various drawbacks. For example, each solution is only able to provide a portion of the required security, thereby increasing the complexity of any security system for electronically stored information, which must be assembled from a number of different technologies. Even with such complicated, advanced security systems, unauthorized intruders such as “hackers” can still penetrate these security systems and access the electronically stored information. Thus, currently available security systems are both complicated to construct and maintain, and are not able to provide a comprehensive, reliable solution to the problem of information security.
In addition, security systems which are known in the art are designed to protect data by screening each interface, or “channel”, to the data, thereby requiring many different systems to be assembled in order to provide full security. Furthermore, by attempting to screen multiple channels to data, the probability of overlooking one or more such channels increases significantly, such that the data then becomes vulnerable to access through such channels. Therefore, the success of the security system depends upon the ability of the system administrator to determine all necessary rules for filtering communication or access. Any risk which is overlooked can therefore result in a potential vulnerability of the system. Thus, currently available security systems in the art rely upon the ability to determine risks and vulnerabilities, and to account for every such risk and vulnerability, thereby resulting in complicated security systems.
Certainly, such complicated security systems are difficult, if not impossible, for the average user to understand and to maintain. Such users must trust the system administrator to competently and expertly manage the security system, thereby relinquishing control to the system administrator. However, a security system which could be simply and easily maintained by the average user, such that the average user would have control over his or her own information, would return individual control to each user. In addition, such a security system would also preferably be more robust and secure than existing security solutions. Unfortunately, such a security system is not currently available in the art.
There is thus a need for, and it would be useful to have, a system and a method for secure storage and transfer of electronically stored information, which provides a comprehensive and reliable security solution to the problem of information security for all types of information, regardless of the format or type of information, which is simple to operate and maintain even for the average user such that individual control over data is possible, and which still permits flexible authorized access to the information as needed.
REFERENCES:
patent: 5007083 (1991-04-01), Constant
patent: 5191611 (1993-03-01), Lang
patent: 5550976 (1996-08-01), Henderson et al.
patent: 5719938 (1998-02-01), Haas et al.
patent: 5752031 (1998-05-01), Cutler et al.
patent: 5862346 (1999-01-01), Kley et al.
patent: 5864683 (1999-01-01), Boebert et al.
patent: 5875296 (1999-02-01), Shi et al.
patent: 5889958 (1999-03-01), Willens
patent: 5892917 (1999-04-01), Myerson
patent: 5911045 (1999-06-01), Leyba et al.
patent: 5913041 (1999-06-01), Ramanathan et al.
patent: 5969632 (1999-10-01), Diamant et al.
patent: 6009475 (1999-12-01), Shrader
patent: 6018745 (2000-01-01), Kuftedjian
patent: 6021497 (2000-02-01), Bouthillier et al.
patent: 6026463 (2000-02-01), Klein
patent: 6052785 (2000-04-01), Lin et al.
patent: 6061798 (2000-05-01), Coley et al.
patent: 6098056 (2000-08-01), Rusnak et al.
patent: 6105042 (2000-08-01), Agonovic et al.
patent: 6105131 (2000-08-01), Carroll
patent: 6163859 (2000-12-01), Lee et al.
patent: 6182222 (2001-01-01), Oparaji
patent: 0043027 (1982-01-01), None
Davis, B., Web Security Help, Informationweek, Jun. 15, 1998, p. 143.
Burgess Glenton B.
Cyber-Ark Software Ltd.
Edelman Bradley
Friedman Mark M.
LandOfFree
Network vaults does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Network vaults, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Network vaults will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2849027