GB2552438B - Encryption techniques - Google Patents

Encryption techniques

Info

Publication number: GB2552438B
Authority: GB; United Kingdom
Prior art keywords: encryption techniques; encryption; techniques
Prior art date: 2016-02-12
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.): Active

Application number

GB1717704.9A

Other versions

GB2552438A (en

GB2552438B8 (en

GB201717704D0 (en

Inventor

D Ray Kenneth

J Thomas Andrew

John Merry Anthony

Schutz Harald

Berger Andreas

Edward Tyrone Shaw John

Ortner Stefan

Vanbiervliet Vincent

Gruber Norbert

Hein Markus

Wintersberger Gerald

Humphries Russell

Sullivan Gordon

Wenzel Artur

Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)

Sophos Ltd

Original Assignee

Sophos Ltd

Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)

2016-02-12

Filing date

2016-06-17

Publication date

2018-07-04

2016-02-12 Priority claimed from US15/042,916 external-priority patent/US9984248B2/en

2016-02-12 Priority claimed from US15/042,862 external-priority patent/US10650154B2/en

2016-04-14 Priority claimed from US15/099,524 external-priority patent/US10791097B2/en

2016-04-14 Priority claimed from US15/098,684 external-priority patent/US10263966B2/en

2016-04-14 Priority claimed from US15/099,542 external-priority patent/US10628597B2/en

2016-04-14 Priority claimed from US15/098,720 external-priority patent/US10686827B2/en

2016-06-10 Priority claimed from US15/179,447 external-priority patent/US10681078B2/en

2016-06-17 Application filed by Sophos Ltd filed Critical Sophos Ltd

2016-06-17 Priority to GB1808581.1A priority Critical patent/GB2565185B/en

2017-12-13 Publication of GB201717704D0 publication Critical patent/GB201717704D0/en

2018-01-24 Publication of GB2552438A publication Critical patent/GB2552438A/en

2018-07-04 Publication of GB2552438B publication Critical patent/GB2552438B/en

2021-12-08 Application granted granted Critical

2021-12-08 Publication of GB2552438B8 publication Critical patent/GB2552438B8/en

Status Active legal-status Critical Current

2036-06-17 Anticipated expiration legal-status Critical

Classifications

- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3265—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/88—Detecting or preventing theft or loss
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2147—Locking files
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/062—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying encryption of the keys

Landscapes

Engineering & Computer Science (AREA)
Computer Security & Cryptography (AREA)
Theoretical Computer Science (AREA)
Computer Hardware Design (AREA)
General Engineering & Computer Science (AREA)
Software Systems (AREA)
Computer Networks & Wireless Communication (AREA)
Signal Processing (AREA)
Physics & Mathematics (AREA)
General Physics & Mathematics (AREA)
Computing Systems (AREA)
Health & Medical Sciences (AREA)
General Health & Medical Sciences (AREA)
Bioethics (AREA)
Multimedia (AREA)
Technology Law (AREA)
Databases & Information Systems (AREA)
Virology (AREA)
Storage Device Security (AREA)
Electrochromic Elements, Electrophoresis, Or Variable Reflection Or Absorption Elements (AREA)
Data Exchanges In Wide-Area Networks (AREA)

GB1717704.9A 2016-02-12 2016-06-17 Encryption techniques Active GB2552438B8 (en)

Priority Applications (1)

Application Number	Priority Date	Filing Date	Title
GB1808581.1A GB2565185B (en)	2016-02-12	2016-06-17	Encryption techniques

Applications Claiming Priority (8)

Application Number	Priority Date	Filing Date	Title
US15/042,916 US9984248B2 (en)	2016-02-12	2016-02-12	Behavioral-based control of access to encrypted content by a process
US15/042,862 US10650154B2 (en)	2016-02-12	2016-02-12	Process-level control of encrypted content
US15/098,684 US10263966B2 (en)	2016-04-14	2016-04-14	Perimeter enforcement of encryption rules
US15/098,720 US10686827B2 (en)	2016-04-14	2016-04-14	Intermediate encryption for exposed content
US15/099,542 US10628597B2 (en)	2016-04-14	2016-04-14	Just-in-time encryption
US15/099,524 US10791097B2 (en)	2016-04-14	2016-04-14	Portable encryption format
US15/179,447 US10681078B2 (en)	2016-06-10	2016-06-10	Key throttling to mitigate unauthorized file access
PCT/US2016/038020 WO2017138976A1 (en)	2016-02-12	2016-06-17	Encryption techniques

Publications (4)

Publication Number	Publication Date
GB201717704D0 GB201717704D0 (en)	2017-12-13
GB2552438A GB2552438A (en)	2018-01-24
GB2552438B true GB2552438B (en)	2018-07-04
GB2552438B8 GB2552438B8 (en)	2021-12-08

Family

ID=59563510

Family Applications (2)

Application Number	Title	Priority Date	Filing Date
GB1717704.9A Active GB2552438B8 (en)	2016-02-12	2016-06-17	Encryption techniques
GB1808581.1A Active GB2565185B (en)	2016-02-12	2016-06-17	Encryption techniques

Family Applications After (1)

Application Number	Title	Priority Date	Filing Date
GB1808581.1A Active GB2565185B (en)	2016-02-12	2016-06-17	Encryption techniques

Country Status (4)

Country	Link
AU (1)	AU2016392715B2 (en)
CA (1)	CA3014175A1 (en)
GB (2)	GB2552438B8 (en)
WO (1)	WO2017138976A1 (en)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number	Priority date	Publication date	Assignee	Title
US10681078B2 (en)	2016-06-10	2020-06-09	Sophos Limited	Key throttling to mitigate unauthorized file access
US10263966B2 (en)	2016-04-14	2019-04-16	Sophos Limited	Perimeter enforcement of encryption rules
US9984248B2 (en)	2016-02-12	2018-05-29	Sophos Limited	Behavioral-based control of access to encrypted content by a process
US10686827B2 (en)	2016-04-14	2020-06-16	Sophos Limited	Intermediate encryption for exposed content
US10791097B2 (en)	2016-04-14	2020-09-29	Sophos Limited	Portable encryption format
US10628597B2 (en)	2016-04-14	2020-04-21	Sophos Limited	Just-in-time encryption
US10650154B2 (en)	2016-02-12	2020-05-12	Sophos Limited	Process-level control of encrypted content
GB2551983B (en)	2016-06-30	2020-03-04	Sophos Ltd	Perimeter encryption
US11138574B2 (en) *	2017-02-17	2021-10-05	Tiffany Walling-McGarity	Systems and methods for protecting digital media
US11126718B2 (en) *	2017-07-12	2021-09-21	Acronis International Gmbh	Method for decrypting data encrypted by ransomware
CN110990875B (en) *	2019-12-06	2023-06-20	九江学院	Ciphertext access control method based on cloud computing platform
US11880482B2 (en) *	2020-12-10	2024-01-23	International Business Machines Corporation	Secure smart containers for controlling access to data
US20240171556A1 (en) *	2021-03-30	2024-05-23	Tlefonaktiebolaget LM Ericsson (publ)	Network Time Protocol Key Encryption

Citations (6)

* Cited by examiner, † Cited by third party
Publication number	Priority date	Publication date	Assignee	Title
US20020071554A1 (en) *	1997-02-13	2002-06-13	Scheidt Edward M.	Cryptographic key split combiner
US20080077994A1 (en) *	2006-09-27	2008-03-27	Fatih Comlekoglu	Trusted enclave for a computer system
US20140189808A1 (en) *	2012-12-28	2014-07-03	Lookout, Inc.	Multi-factor authentication and comprehensive login system for client-server networks
US20140281542A1 (en) *	2008-02-22	2014-09-18	Security First Corp.	Systems and methods for secure workgroup management and communication
US20140351586A1 (en) *	2012-02-20	2014-11-27	Lock Box Pty Ltd	Cryptographic method and system
WO2016038397A1 (en) *	2014-09-14	2016-03-17	Sophos Limited	Labeling computing objects for improved threat detection

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number	Priority date	Publication date	Assignee	Title
US8090659B2 (en) *	2001-09-18	2012-01-03	Music Public Broadcasting, Inc.	Method and system for providing location-obscured media delivery
US8826449B2 (en) *	2007-09-27	2014-09-02	Protegrity Corporation	Data security in a disconnected environment
US7783666B1 (en) *	2007-09-26	2010-08-24	Netapp, Inc.	Controlling access to storage resources by using access pattern based quotas
US20090144545A1 (en) *	2007-11-29	2009-06-04	International Business Machines Corporation	Computer system security using file system access pattern heuristics
US8352735B2 (en) *	2008-01-31	2013-01-08	International Business Machines Corporation	Method and system for encrypted file access
US8281382B1 (en) *	2008-06-30	2012-10-02	Amazon Technologies, Inc.	Dynamic throttling systems and services
US20120174196A1 (en) *	2010-12-30	2012-07-05	Suresh Bhogavilli	Active validation for ddos and ssl ddos attacks
GB2516972A (en) *	2013-08-09	2015-02-11	Ibm	Validating DDoS attacks based on social media content

2016
- 2016-06-17 GB GB1717704.9A patent/GB2552438B8/en active Active
- 2016-06-17 WO PCT/US2016/038020 patent/WO2017138976A1/en active Application Filing
- 2016-06-17 GB GB1808581.1A patent/GB2565185B/en active Active
- 2016-06-17 AU AU2016392715A patent/AU2016392715B2/en active Active
- 2016-06-17 CA CA3014175A patent/CA3014175A1/en active Pending

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number	Priority date	Publication date	Assignee	Title
US20020071554A1 (en) *	1997-02-13	2002-06-13	Scheidt Edward M.	Cryptographic key split combiner
US20080077994A1 (en) *	2006-09-27	2008-03-27	Fatih Comlekoglu	Trusted enclave for a computer system
US20140281542A1 (en) *	2008-02-22	2014-09-18	Security First Corp.	Systems and methods for secure workgroup management and communication
US20140351586A1 (en) *	2012-02-20	2014-11-27	Lock Box Pty Ltd	Cryptographic method and system
US20140189808A1 (en) *	2012-12-28	2014-07-03	Lookout, Inc.	Multi-factor authentication and comprehensive login system for client-server networks
WO2016038397A1 (en) *	2014-09-14	2016-03-17	Sophos Limited	Labeling computing objects for improved threat detection

Also Published As

Publication number	Publication date
GB2552438A (en)	2018-01-24
WO2017138976A1 (en)	2017-08-17
GB2565185B (en)	2019-11-27
GB2552438B8 (en)	2021-12-08
GB2565185A (en)	2019-02-06
GB201808581D0 (en)	2018-07-11
CA3014175A1 (en)	2017-08-17
AU2016392715B2 (en)	2020-07-23
AU2016392715A1 (en)	2018-09-13
GB201717704D0 (en)	2017-12-13

Publication	Publication Date	Title
GB2551242B (en)	2020-01-29	Authentication
GB2551983B (en)	2020-03-04	Perimeter encryption
AU201616677S (en)	2017-01-03	Cylindres
GB2552438B8 (en)	2021-12-08	Encryption techniques
GB201615128D0 (en)	2016-10-19	Methods
GB201610162D0 (en)	2016-07-27	Methods
GB201709075D0 (en)	2017-07-19	Methods
GB201621728D0 (en)	2017-02-01	Methods
GB201615343D0 (en)	2016-10-26	Methods
GB201621386D0 (en)	2017-02-01	Methods
PL3258640T3 (en)	2020-12-28	Location based authentication
AU201710564S (en)	2017-03-14	Bookrack
GB201619945D0 (en)	2017-01-11	Methods
AU201713059S (en)	2017-05-24	SUNSHADE - square
GB201601868D0 (en)	2016-03-16	Methods
GB2546803B (en)	2018-05-23	Disk encryption
GB2546802B (en)	2018-05-30	Disk encryption
AU201713060S (en)	2017-05-24	SUNSHADE - triangle
AU2016376V (en)	2017-02-15	NinbellaPurple Alyogyne huegelii
AU2016361V (en)	2017-01-19	JCU8 Desmanthus virgatus
AU2016359V (en)	2016-12-23	JCU6 Desmanthus bicornutus
AU2016362V (en)	2017-01-03	JCU9 Desmanthus pernambucanus
AU2016360V (en)	2016-12-23	JCU7 Desmanthus leptophyllus
AU201616673S (en)	2016-12-21	tallboy
AU2016303V (en)	2016-11-09	Desse1601 Desmanthus virgatus

Legal Events

Date	Code	Title	Description
2021-12-15	S117	Correction of errors in patents and applications (sect. 117/patents act 1977)	Free format text: REQUEST FILED; REQUEST FOR CORRECTION UNDER SECTION 117 FILED ON 19 OCTOBER 2021
2021-12-22	S117	Correction of errors in patents and applications (sect. 117/patents act 1977)	Free format text: CORRECTIONS ALLOWED; REQUEST FOR CORRECTION UNDER SECTION 117 FILED ON 19 OCTOBER 2021 ALLOWED ON 25 NOVEMBER 2021