Claims:CLAIMS
What is claimed is:
1. A system for controlling data access and storing of data, comprising:
a provider’s computing device and a partner’s computing device configured with a data managing platform ,:

a key managing module configured to provide a provider’s key to be kept in a provider’s control and a partner’s key to be kept in partner’s control and an ideal key for encryption of data and decryption of data; and

a data encrypting or decrypting module configured to encrypt or decrypt the data received from the provider’s computing device using the ideal key, wherein the ideal key is encrypted or decrypted by the combination of the provider’s key and the partner’s key; and

a provider’s database integrated to provider’s computing device and a partner’s database integrated into the partner’s computing device, wherein the encrypted data is stored in the partner’s database.

2. The system of claim 1, wherein the data managing platform further comprising a data analytics module configured to analyze the data stored in the partner’s computing device.

3. The system of claim 1, wherein the data managing platform further comprising a backend module configured to perform the backend operations.

4. The system of claim 1, wherein the data managing platform further comprising a user interface module configured to monitor the backend data.

5. The system of claim 1, wherein the decrypted ideal key is used for encryption of data and decryption of data.
6. The system of claim 1, wherein the decrypted ideal key is not persisted anywhere.

7. The system of claim 1, wherein the provider provides authentication credentials to the partner for accessing the key store holding the provider’s key.

8. A method for controlling data access and storing of data, comprising:
sending a plurality of requests to a provider’s account from a partner’s computing device, wherein receiving authentication details to the partner’s computing device as per the plurality of requests sent;

receiving a provider’s key to the partner’s computing device using the authentication details, wherein combining the provider’s key with a partner’s key to form a combined key;

encrypting an ideal key using the combined key in the partner’s computing device, wherein the encrypted ideal key stored in offsite location; and

decrypting the ideal key using the combined key, wherein encrypting the data in the partner’s computing device using the decrypted ideal key; and storing the encrypted data in the partner’s computing device and the decrypted ideal key is not persisted anywhere.

9. The method of claim 8 comprising a step of rotating the provider’s key and the partners’ key.

10. A method for performing data analytics, comprising:
sending a plurality of requests to a provider’s account from a partner’s computing device, wherein receiving authentication details to a partner’s computing device as per the plurality of requests sent;

receiving a provider’s key to the partner’s computing device using the authentication details, wherein combining the provider’s key with a partner’s key to form a combined key;

decrypting the ideal key using the combined key, wherein obtaining the encrypted ideal key from an offsite location; and

decrypting the data using the decrypted ideal key in the partner’s computing device, wherein the obtaining the encrypted data from a partner’s database and the decrypted data is not persisted anywhere; and performing data analytics on the data by the data managing platform.
, Description:DESCRIPTION
TECHNICAL FIELD

[001] The present disclosure generally relates to the field of data access control and secure data storage. More particularly, to a system and method that enables retroactively revoking data access that was previously granted.

BACKGROUND

[002] Many corporates, organizations, and institutions, handle and process most of the data in digital forms. In many cases, such data includes confidential, secret or sensitive information. But for business reasons, there will be a need to share the data with partners over the agreement period.

[003] Data leakages or loss is a matter of high concern for corporates today. In many cases, sensitive data is stored, in encrypted form on storage device that are external or internal to a computing device. Typically, the data is provided with a decryption key to the business partner. The decryption key is used to decrypt the encrypted data. However, a problem or security risk may arise when the agreement period gets completed. The problem may be referred to physically copying the data from the provider’s system into the partner’s system. Typically the provider’s system can’t control access of data which is already copied into the partner’s system when the agreement is cancelled with the partner.

[004] In the light of aforementioned discussion there exists a need for a system and method that would overcome or ameliorate the above mentioned disadvantages.

BRIEF SUMMARY

[005] The following presents a simplified summary of the disclosure in order to provide a basic understanding to the reader. This summary is not an extensive overview of the disclosure and it does not identify key/critical elements of the invention or delineate the scope of the invention. Its sole purpose is to present some concepts disclosed herein in a simplified form as a prelude to the more detailed description that is presented later.

[006] The following presents a simplified summary of the disclosure in order to provide a basic understanding to the reader. This summary is not an extensive overview of the disclosure and it does not identify key/critical elements of the invention or delineate the scope of the invention. Its sole purpose is to present some concepts disclosed herein in a simplified form as a prelude to the more detailed description that is presented later.

[007] An objective of the present disclosure is directed towards giving control to a provider’s computing device to make it technically infeasible for a partner’s computing device to access data which is already copied from the provider’s computing device into the partner’s computing device.

[008] Another objective of the present disclosure is directed towards enabling non feasibility of pattern or trend recognition on data without decrypting the data through contributing non-equality preserving, non-range preserving, and non-prefix-preserving encryption.

[009] Another objective of the present disclosure is directed towards enabling encryption and decryption process without involving any human handling of keys.

[0010] Yet another objective of the present disclosure is directed towards enabling a non-feasibility of breaking the encrypted data without the key.

[0011] Yet another objective of the present disclosure is directed towards implementing security factors that render the key used for decryption unusable once the data sharing agreement ceases to be active.

[0012] Another objective of the present disclosure is directed towards implementing security to the provider’s data to keep it safe from hackers both during and after the agreement period.

[0013] According to an exemplary aspect of the present disclosure, the system includes a provider’s computing device and a partner’s computing device configured with a data managing platform.

[0014] According to an exemplary aspect of the present disclosure, the data managing platform comprises a key managing module which is configured to provide a provider’s key to a provider and a partner’s key to a partner and an ideal key is used for encryption of data and decryption of data. The ideal key is not persisted anywhere in its decrypted form.

[0015] According to an exemplary aspect of the present disclosure, the data managing platform further includes a data encrypting or decrypting module which is configured to encrypt or decrypt the provider’s data that is transferred into the partner’s computing device using the ideal key and the ideal key is encrypted or decrypted by a secret combination of the provider’s key and the partner’s key. The encrypted ideal key is preserved in an offsite location.

[0016] According to an exemplary aspect of the present disclosure, the data given by the provider to the partner is encrypted using the ideal key and stored in the partner’s database. At the encryption time, to derive ideal key, the platform needs to get the provider’s key and get the partner’s key and combine them in a secret manner and get encrypted ideal key from offsite location and decrypt the ideal key with the secret combination.

[0017] According to an exemplary aspect of the present disclosure, to decrypt the data in partner’s database, the data managing platform needs to get the provider’s key and get the partner’s key and combine them in a secret manner and get encrypted ideal key from offsite location and decrypt the ideal key with the secret combination and then decrypt the data in the partner’s database using the decrypted ideal key

[0018] According to an exemplary aspect of the present disclosure, a provider’s database and the partner’s database are integrated with the provider’s computing device and the partner’s computing respectively and the encrypted data is stored in the partner’s database.

BRIEF DESCRIPTION OF DRAWINGS

[0019] Other objects and advantages of the present invention will become apparent to those skilled in the art upon reading the following detailed description of the preferred embodiments, in conjunction with the accompanying drawings, wherein like reference numerals have been used to designate like elements, and wherein:

[0020] FIG. 1A is a block diagram depicting a system for controlling data access, according to aspects of an embodiment of the invention.

[0021] FIG. 1B is a block diagram depicting a data managing platform 110 shown in FIG. 1A, according to aspects of an embodiment of the invention.

[0022] FIG. 2 is a block diagram illustrating the details of a typical equipment that constitutes computing device in which various aspects of the present disclosure are operative by execution of appropriate software instructions.

[0023] FIG. 3 is a flow diagram depicting the method for encrypting and storing of ideal key, in one or more exemplary embodiments of the present invention.

[0024] FIG. 4 is a flow diagram depicting the method for encrypting data, in one or more exemplary embodiments.

[0025] FIG. 5 is a flow diagram depicting the method for decrypting data, in one or more exemplary embodiments

DETAILED DESCRIPTION

[0026] It is to be understood that the present disclosure is not limited in its application to the details of construction and the arrangement of components set forth in the following description or illustrated in the drawings. The present disclosure is capable of other embodiments and of being practiced or of being carried out in various ways. Also, it is to be understood that the phraseology and terminology used herein is for the purpose of description and should not be regarded as limiting.

[0027] The use of “including”, “comprising” or “having” and variations thereof herein is meant to encompass the items listed thereafter and equivalents thereof as well as additional items. The terms “a” and “an” herein do not denote a limitation of quantity, but rather denote the presence of at least one of the referenced item. Further, the use of terms “first”, “second”, and “third”, and the like, herein do not denote any order, quantity, or importance, but rather are used to distinguish one element from another.

[0028] Referring to FIG. 1A is a block diagram 100a depicting a system for controlling data access, according to aspects of an embodiment of the invention. The system 100 includes a provider’s computing device 102, a provider’s database 104, a partner’s computing device 106, a partner’s database 108, a data managing platform 110 and a network 112.

[0029] The provider’s computing device 102 and the partner’s computing device 106 may be connected through the network 112. The partner’s computing device 106 may be configured with the data managing platform 110. The network 112 may be a local area network (LAN), a wide area network (WAN), the internet, or a combination of different networks. The provider’s computing device 102 and the partner’s computing device 106 may include, but not limited to, a computer workstation, an interactive kiosk, and a personal mobile computing device such as a digital assistant, a mobile phone, a laptop, storage devices, backend servers hosting database or other software or the like. The data managing platform 110 may be configured to give control solution to the provider’s account to make the data access technically infeasible for the partner. For example, the data of the provider becomes inaccessible to the partner when the agreement period gets expired. The data managing platform 110 may be configured to mandate a provider’s key kept in the custody of the provider and a partner’s key kept in custody of the partner. The data is not feasible to be decrypted without the combination of the provider’s key and the partner’s key.

[0030] The data managing platform 110 may be an encryption algorithm. The data managing platform 110 may be configured to be readily apparent to those of ordinary skill in the art that anyone or combination of encryption algorithms are suitable for use in the system and method of the present invention. The data managing platform 110 may be configured for securing sensitive data from unauthorized use or access. The data managing platform 110 may include a web application, a mobile application, or other software application known in the art of future implemented, without limiting the scope of the present disclosure.

[0031] The partner’s computing device 106 may be configured to access the data from the provider’s account. Once the data is accessed, the data managing platform 110 may be configured to encrypt the data and the encrypted data may be stored in the partner’s database 108. The provider’s computing device 102 may be configured to withdraw access by stopping sharing of the provider’s key, then the provider may make it technically infeasible for partner to access the data already copied into the partner’s database 108.

[0032] Referring to FIG. 1B is a block diagram 100b depicting a data managing platform 110 shown in FIG. 1A, according to aspects of an embodiment of the invention. The data managing platform 110 includes a key managing module 114, a data analytics module 116, a data encrypting or decrypting module 118, a backend module 120 and a user interface module 122.

[0033] The key managing module 114 may be configured to provide the provider’s key and the partner’s key to the provider’s computing device 102 and the partner’s computing device 106 respectively. The key managing module 114 may be configured to provide the ideal key for encrypting and decrypting the data. The ideal key may be encrypted and decrypted by a combined key. The combined key is a secret combination of the provider’s key and the partner’s key. The combined key may not be persisted anywhere. The ideal key without encryption may not be physically stored anywhere. Encrypted ideal key may be stored outside the partner’s computing device 106 and provider’s account. In an instance, to get the raw form of ideal key or decrypted ideal key, a program may, on the fly, get the encrypted ideal key from the offsite location. The encrypted ideal key may also be referred as cipher of the ideal key. The encrypted ideal key may be decrypted by the combined key. The decrypted ideal key may not be persisted anywhere. The provider’s account may be configured to return the current value of provider’s key at any time in the data managing platform 110.
[0034] Moreover, the provider’s key and the partner’s key undergo key-rotation independently i.e. their current value keeps changing periodically. Even theft of the provider’s key and the partner’s key alone may not cause a data breach given the several other security factors involved. Moreover, the key rotation of ideal key renders the stolen key stale. The provider’s computing device 102 may return the current value of provider’s key at any time. Whenever the provider’s key or partner’s key undergo rotation, the encrypted ideal key may be regenerated and updated in its place of storage. Even stealing of the encrypted ideal key alone may not cause a security breach given the several other factors involved. The rotation of the encrypted ideal key may render the stolen encrypted ideal key stale. This security implementation may be given to the provider’s data, which safeguards from hackers both during and after the agreement period.

[0035] The provider’s key may reside in the control of the provider’s account and the partner’s key may reside under the control of the partner. Here, the provider’s key may not be saved or logged anywhere in the partner’s computing device 106. The provider’s account may be configured to give authentication credentials to the partner’s computing device 106 to enable the data managing platform 110 to contact provider’s computing device 102or for accessing a key store holding the provider’s key. The provider’s account may also grant access to the provider’s key to the partner’s computing device 106. Whenever needed, to process the data for approved legitimate business purposes, the key managing module 114 in the partner’s computing device may contact the provider’s account seeking the provider’s key, authenticating itself with the account login credentials. The key managing module 114 may be configured to receive the provider’s key in this way.

[0036] The data encrypting or decrypting module 118 may be configured to encrypt or decrypt the received data using the decrypted ideal key. The data analytics module 116 may be configured to analyse the decrypted data of the provider’s account and the partner’s computing device 106. The decrypted data may not be persisted anywhere. The backend module 120 may be configured to perform other backend operations in the application. As security measure, the audit trailing on these modules may include, but not limited to, key requests report, key access reports, provided keys history, a data weightage, and the like. The user interface module 122 may be configured to display results given by the backend module 120. The partner’s database 108 may be configured to store the encrypted data.

[0037] Referring to FIG. 2 is a block diagram 200 illustrating the details of a computing device 200 in which various aspects of the present disclosure are operative by execution of appropriate software instructions. The computing device 200 may correspond to computing devices such as the provider’s computing device 102 and the partner’s computing device 106(or any other system in which the various features disclosed above can be implemented).

[0038] The computing device 200 may contain one or more processors such as a central processing unit (CPU) 210, random access memory (RAM) 220, secondary memory 227, graphics controller 260, display unit 270, network interface 280, and input interface 290. All the components except display unit 270 may communicate with each other over communication path 250, which may contain several buses as is well known in the relevant arts. The components of Figure 2 are described below in further detail.

[0039] CPU 210 may execute instructions stored in RAM 220 to provide several features of the present disclosure. CPU 210 may contain multiple processing units, with each processing unit potentially being designed for a specific task. Alternatively, CPU 210 may contain only a single general-purpose processing unit.

[0040] RAM 220 may receive instructions from secondary memory 230 using communication path 250. RAM 220 is shown currently containing software instructions, and/or data such as those used in threads and stacks, constituting shared environment 225 and/or user programs 226. Shared environment 225 includes operating systems, device drivers, virtual machines, etc., which provide a (common) run time environment for execution of user programs 226. The RAM 220 may also be configured to store the modules of the data managing platform 110.

[0041] Graphics controller 260 generates display signals (e.g., in RGB format) to display unit 270 based on data/instructions received from CPU 210. Display unit 270 contains a display screen to display the images defined by the display signals. Input interface 290 may correspond to a keyboard and a pointing device (e.g., touch-pad, mouse) and may be used to provide inputs. Network interface 280 provides connectivity to a network (e.g., using Internet Protocol), and may be used to communicate with other systems (such as those shown in Figure 1, network 112 connected to the network.

[0042] Secondary memory 230 may contain hard drive 235, flash memory 236, and removable storage drive 237. Secondary memory 230 may store the data software instructions (e.g., for performing the actions noted above with respect to the Figures), which enable digital processing system 200 to provide several features in accordance with the present disclosure.

[0043] Some or all of the data and instructions may be provided on removable storage unit 240, and the data and instructions may be read and provided by removable storage drive 237 to CPU 210. Floppy drive, magnetic tape drive, CD-ROM drive, DVD Drive, Flash memory, removable memory chip (PCMCIA Card, EEPROM) are examples of such removable storage drive 237.

[0044] Removable storage unit 240 may be implemented using medium and storage format compatible with removable storage drive 237 such that removable storage drive 237 can read the data and instructions. Thus, removable storage unit 240 includes a computer readable (storage) medium having stored therein computer software and/or data. However, the computer (or machine, in general) readable medium can be in other forms (e.g., non-removable, random access, etc.).

[0045] In this document, the term "computer program product" is used to generally refer to removable storage unit 240 or hard disk installed in hard drive 235. These computer program products are means for providing software to digital processing system 200. CPU 210 may retrieve the software instructions, and execute the instructions to provide various features of the present disclosure described above.

[0046] The term “storage media/medium” as used herein refers to any non-transitory media that store data and/or instructions that cause a machine to operate in a specific fashion. Such storage media may comprise non-volatile media and/or volatile media. Non-volatile media includes, for example, optical disks, magnetic disks, or solid-state drives, such as storage memory 230. Volatile media includes dynamic memory, such as RAM 220. Common forms of storage media include, for example, a floppy disk, a flexible disk, hard disk, solid-state drive, magnetic tape, or any other magnetic data storage medium, a CD-ROM, any other optical data storage medium, any physical medium with patterns of holes, a RAM, a PROM, and EPROM, a FLASH-EPROM, NVRAM, any other memory chip or cartridge.

[0047] Storage media is distinct from but may be used in conjunction with transmission media. Transmission media participates in transferring information between storage media. For example, transmission media includes coaxial cables, copper wire and fiber optics, including the wires that comprise bus 250. Transmission media can also take the form of acoustic or light waves, such as those generated during radio-wave and infra-red data communications.

[0048] Referring to FIG. 3 is a flow diagram 300 depicting the method for encrypting and storing the ideal key, in one or more exemplary embodiments of the present invention. Method 300 may be carried out in the context of the details of FIG. 1A-FIG. 1B and FIG. 2. However, method 300 may also be carried out in any desired environment. Further, the aforementioned definitions may equally apply to the description below.

[0049] The method commences at step 302, the provider’s account may give authentication details to the partner. According to the preferred embodiment, the provider’s key may be received to the partner’s computing device using these authentication details given by the provider, at step 304. The key managing module creates a key (referred as partner’s key), at step 305. The partner’s key which remains in custody of partner is physically stored at an off-site location. According to another embodiment, the provider’s key and the partner’s key may be combined in secret manner to form the combined key, at step 306. According to another embodiment, the combined key may not be persisted anywhere. According to another embodiment, the partner’s key may be stored in an offsite location, at step 307. According to another embodiment, the key managing module creates an ideal key at step 309. The ideal key may be encrypted using the combined key, at step 308. Yet another embodiment, the encrypted ideal key may be stored in respective offsite location, at step 310. According to another embodiment, the decrypted ideal key may not be persisted anywhere.

[0050] Referring to FIG. 4 is a flow diagram 400 depicting the method for encrypting data, in one or more exemplary embodiments. Method 400 may be carried out in the context of the details of FIG. 1A-FIG. 1B, FIG. 2 and FIG. 3. However, method 400 may also be carried out in any desired environment. Further, the aforementioned definitions may equally apply to the description below.

[0051] The method commences at step 402, the provider’s key may be received by the partner’s computing device using the authentication details given by the provider’ account. According to another embodiment, the partner’s key may be got from the offsite location, at step 406. According to another embodiment, the provider’s key and the partner’s key may be combined in secret manner to form the combined key, at step 404. According to another embodiment, the encrypted ideal key may be got from respective offsite location, at step 407. According to another embodiment, the encrypted ideal key may be decrypted using the combined key, at step 408. The decrypted ideal key may not be persisted anywhere. According to another embodiment, the data may be got from the provider’s computing device, at step 411. According to another embodiment, the data may be encrypted in the partner’s computing device using the decrypted ideal key, at step 410. Yet another embodiment, the encrypted data may be stored in the partner’s database, at step 412. The pre-encrypted version of the data received from provider’s computing device at step 414 is destroyed.

[0052] Referring to FIG. 5 is a flow diagram 500 depicting the method for decrypting data, in one or more exemplary embodiments. Method 500 may be carried out in the context of the details of FIG. 1A-FIG. 1B, FIG. 2, FIG. 3 and FIG. 4. However, method 500 may also be carried out in any desired environment. Further, the aforementioned definitions may equally apply to the description below.

[0053] The method commences at step 502, According to the preferred embodiment, the provider’s key may be received by the partner’s computing device using the authentication details initially given by the provider. According to preferred embodiment, the partner’s key may be got from the respective offsite location, at step 506. According to the preferred embodiment, the provider’s key and the partner’s key may be combined in secret manner to form the combined key, at step 504. The combined key may not be persisted anywhere. According to the preferred embodiment, the encrypted ideal key may be got from the respective offsite location, at step 509. According to the preferred embodiment, the encrypted ideal key may be decrypted using the combined key, at step 508. According to the preferred embodiment, the data in partner’s database may be decrypted using the decrypted ideal key, at step 510. Yet another embodiment, perform data analytics on the decrypted data by the data managing platform, at step 512. Yet another embodiment, the decrypted data may be destroyed upon completion of analytics, at step 514. The decrypted data may not be persisted anywhere.

[0054] Although the present disclosure has been described in terms of certain preferred embodiments and illustrations thereof, other embodiments and modifications to preferred embodiments may be possible that are within the principles and spirit of the invention. The above descriptions and figures are therefore to be regarded as illustrative and not restrictive.

[0055] Thus the scope of the present disclosure is defined by the appended claims and includes both combinations and sub combinations of the various features described herein above as well as variations and modifications thereof, which would occur to persons skilled in the art upon reading the foregoing description.