System, method, and computer program product for sensitive data recovery in high security systems
US11044105B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 13, 2019 |
| Grant date | Jun 22, 2021 |
| Priority date | — |
| Expiry date | Dec 9, 2039 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0823
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system, method, and computer program product are provided for sensitive data recovery in high security systems. In operation, a client device receives a request by a user to initiate a data recovery process to recover data that is encrypted. The client device generates a new data recovery request key pair. The client device creates a data recovery request that includes a data recovery request public key. The client device signs the data recovery request using an identity private key that is associated with a certificate issued by a certification authority (CA). The client device sends the data recovery request to a server system storing the data. The server system accesses an offline data recovery subsystem (ODRS) storing a data recovery key pair to authenticate the user. The ODRS generates and stores a secret data recovery code. The client device receives the secret data recovery code that was communicated to the user. The client device sends the secret data recovery code along with the data recovery request to the server system. The server system verifies the received secret data recovery code against the stored secret data recovery code. The server system verifies a public key…
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.