17931733. DECRYPTION KEY GENERATION AND RECOVERY simplified abstract (MICROSOFT TECHNOLOGY LICENSING, LLC)
Contents
- 1 DECRYPTION KEY GENERATION AND RECOVERY
- 1.1 Organization Name
- 1.2 Inventor(s)
- 1.3 DECRYPTION KEY GENERATION AND RECOVERY - A simplified explanation of the abstract
- 1.4 Simplified Explanation
- 1.5 Potential Applications
- 1.6 Problems Solved
- 1.7 Benefits
- 1.8 Potential Commercial Applications
- 1.9 Possible Prior Art
- 1.10 Original Abstract Submitted
DECRYPTION KEY GENERATION AND RECOVERY
Organization Name
MICROSOFT TECHNOLOGY LICENSING, LLC
Inventor(s)
Ramarathnam Venkatesan of Redmond WA (US)
Nishanth Chandran of Bangalore (IN)
DECRYPTION KEY GENERATION AND RECOVERY - A simplified explanation of the abstract
This abstract first appeared for US patent application 17931733 titled 'DECRYPTION KEY GENERATION AND RECOVERY
Simplified Explanation
The abstract describes a system where a decryption key is recovered to decrypt an encrypted resource, with one or more LAP servers determining if a user has the necessary attributes and is in the correct location to access the resource. The LAP servers request a cryptographic proof from the user to verify their attributes, releasing a portion of the decryption key upon validation, and releasing the second portion after verifying the user's location.
- Verification of user attributes and location by LAP servers
- Release of decryption key portions based on verification
Potential Applications
This technology could be applied in secure access control systems for sensitive information, such as government databases or corporate networks.
Problems Solved
This technology solves the problem of unauthorized access to encrypted resources by ensuring that users have the necessary attributes and are in the correct location to access the resource.
Benefits
The benefits of this technology include enhanced security for encrypted resources, as well as efficient and automated verification of user attributes and location.
Potential Commercial Applications
A potential commercial application of this technology could be in the development of secure cloud storage services that require strict access control based on user attributes and location.
Possible Prior Art
One possible prior art for this technology could be traditional access control systems that rely on passwords or physical access cards for verification, which may not be as secure or efficient as the system described in the patent application.
Unanswered Questions
How does the system handle cases where a user's attributes or location change frequently?
The system may need to have mechanisms in place to update and verify user attributes and location in real-time to accommodate such cases.
What measures are in place to prevent unauthorized access to the decryption key during the verification process?
There should be protocols and encryption methods in place to ensure that the decryption key is not compromised during the verification process.
Original Abstract Submitted
A decryption key is recovered that is utilized to decrypt an encrypted resource. One or more location attribute policy (LAP) servers determine whether a user attempting to access a resource has the necessary attributes to access the resource and is in a valid location in which the user is required to be to access the resource. The attributes and location are defined by a policy assigned to the resource. To verify that the user has the required attributes, the LAP server(s) request a cryptographic proof from the user that proves that the user has the required attributes. Upon validating the proof, a first portion of the decryption key is released. The LAP server(s) release a second portion of the decryption key after verifying that the user is in the required location. The LAP server(s) generate the decryption key based on the released portions.
