With identity theft and data security breach incidents on the rise in today's digital age, data (information) security is a major concern for individuals and organizations. Some of the reasons for identity theft and data security breach include hacking, loss or theft of equipment containing valuable data, phishing or other types of electronic eavesdropping, etc. The impact of identity theft and data security breach can be significant and long lasting. In that regard, various countries have enacted laws that govern the way personal data is handled, transferred and stored. Therefore, multinational companies operating in those countries have to abide by the laws for every country of operation. Further, companies may also lose potential business or partnership opportunities by failing to take privacy into account. Even further, from the perspective of obtaining customer trust, customers typically rely on companies, merchants, and organizations that provide data security. In some circumstances, such as healthcare, the financial industry, etc., protecting sensitive information and/or communications is of critical importance.
From the perspective of individuals, securing their data is equally important. For example, in 2011, it was reported that Sony's PLAYSTATION™ Network potentially exposed 100 million users to fraud in one of the largest data breaches in history. Personal information of customers who use online banking, or perform other financial and/or personal transactions are vulnerable to phishing, eavesdropping, and various other electronic intrusions, and therefore their data must be secured.
Most conventional information security methodologies (generally known as cryptographic systems) can be typically characterized as belonging to either an asymmetric key-based infrastructure alternatively known as a public-private key-based PPK) infrastructure, or a symmetric key-based infrastructure.
Public-private key-based infrastructure is essentially an asymmetric cryptographic system (e.g., RSA-2048 algorithm, AES algorithm, and their variants) that generates two keys for every user-a public key and a private key. A public key is shared by a user (e.g., user A) with other users who wish to send data to user A. Thus, a user who wishes to send data to user A obtains user A's public key (that is publicly available), encrypts the data to be sent to user A, and finally sends the encrypted data. Upon receiving the encrypted data, user A uses a private key (typically, a secret key that is not publicly available) to decrypt the data. Without using the private key, data encrypted using this infrastructure is typically difficult to be decrypted.
However, a significant problem with systems designed using the PPK infrastructure is that every user must own a public key and a private key. The public key is shared with other users and used by them for encryption of data, whereas the data is decrypted using the user's private key. Thus, if a user's private key is ever compromised, any data sent to the user can be decrypted easily. For example, in an enterprise, private keys are more prone to be compromised as the private key is usually accessed by persons other than the key owner, such as IT department personnel, outside contractors, and the like. Moreover, key management is difficult because of the need for mapping key owners to a public key every time encrypted data is sent to a key owner. Also, if a user wants to change their public and/or private key, it would destroy the integrity of the data that has been encrypted previously. In other words, a significant disadvantage with the conventional PPK infrastructure is that keys are tied to persons. Therefore, changing either public or private keys makes it difficult to dynamically scale various aspects of key management. Additionally, a multi-party conversation (e.g., online conversations or communications involving more than two persons) can be problematic as every person must have access to every other person's respective key. Hence, this infrastructure is primarily used for encryption of individual emails, messages, and other such unitary types of data usually limited to two persons.
Other conventional cryptographic systems typically belong to the family of symmetric key-based systems (e.g., DES, BLOWFISH, and others), wherein a single key is used for encryption and decryption. In these systems, keys (conceptually similar to passwords) that protect the data are used, in addition to the data to be encrypted, as inputs into an algorithm that generates encrypted data as output. The person who wishes to decrypt the data uses the same key that was used during encryption. Thus, in the event the key becomes compromised, all the data protected with the key similarly becomes compromised. Symmetric key-based systems are used primarily for bulk data encryption and are flexible to allow for multi-party communications. Thus, the keys do not change with each new instance of data or user communication, but remain the same throughout the key lifecycle. Because, symmetric key-based systems require secret key exchanges between all of the communicating parties, their scalability is limited.
Generally speaking, most conventional data security systems of today are designed on a “thicker wall” approach using the above-mentioned systems. In other words, these systems attempt to secure the data while the data remains within the electronic premises of an organization's enterprise system, or a user's computing device. However, in today's digital age, such an approach is no longer workable, as the data is often circulated (and shared) among various other entities and systems, e.g., an organization's partners, a user's friends or acquaintances, SaaS providers, email providers, ISPs, hosting providers, and the like. Thus, because so many parties and chances for data leak are involved, there are many opportunities for data breach, hacking, inadequate security measures, and the like. Accordingly, if a individual user's key is compromised at any intermediate system or entity, every bit of data associated with that key is compromised. In summary, systems that assign keys to persons are problematic.
Therefore, there is a long-felt but unresolved need for a system or method that manages data security and keys based on instances of data, not individual users. Such a system therefore will generate context-based keys, e.g., the keys are based on the environment wherein the data is generated, such that every key relating to every instance of data is different. In contrast to conventional data security systems, the proposed system should have distinct aspects of authentication and encryption. Because authentication and encryption are considered distinct aspects, users should not encrypt data using a single key. On the contrary, data should be encrypted using context-based or data-based keys, and data access should be allowed based on authentication of users.
Further, the proposed key management system should provide auditing and validity capabilities, yet be scalable and flexible. Ideal auditing involves generation of an audit trail that is agnostic of the user's application software (e.g., web browser, email software, etc.) or even the operating system/platform on which the program is running.
Moreover, the authentication aspects of a desired system should provide the ability to manage the rights of individuals who are able to access data and/or programs according to pre-defined policies/roles, i.e., provide role-based access control functionality. In other words, an ideal key management system should be implemented in user computing device as a generic (i.e., device, platform, or application-agnostic) application software that does not require the use of specifically designed application programming interfaces (API's) in order to communicate with application programs and/or hardware associated with each user's respective computing device.
Further, the system should be highly interactive and easily configurable by users having minimal technical skills, and easily operable by system administrators. Further, the system should be easily accessible online by a plurality of users via their respective computing devices so that users can choose to secure data arising out of user interaction with any kind of software and/or hardware system associated any kind of computing device.