Protection of encryption keys in a database
US9158933B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | May 12, 2009 |
| Grant date | Oct 13, 2015 |
| Priority date | — |
| Expiry date | Jun 13, 2032 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L9/0894
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
System, method, computer program product embodiments and combinations and sub-combinations thereof for protection of encryption keys in a database are described herein. An embodiment includes a master key and a dual master key, both of which are used to encrypt encryption keys in a database. To access encrypted data, the master key and dual master key must be supplied to a database server by two separate entities, thus requiring dual control of the master and dual master keys. Furthermore, passwords for the master and dual master keys must be supplied separately and independently, thus requiring split knowledge to access the master and dual master keys. In another embodiment, a master key and a key encryption key derived from a user password is used for dual control. An embodiment also includes supplying the secrets for the master key and dual master key through server-private files.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.