1. Field of the Invention
The present invention relates to computer systems. More particularly, the present invention relates to the protection of encrypted data.
2. Description of Related Art
Users of laptop computer systems and similar devices are frequently mobile with the computer systems. A laptop computer system is easily lost, stolen or illicitly accessed. This creates risk not only due to loss of the data stored on the laptop computer system but also due to potential parent system compromise, such as compromise of a larger corporate network or corporate database.
Some current solutions advocate that the user utilize whole disk encryption to protect the data on the laptop computer system from compromise. In a simple loss scenario, whole disk encryption protects against these risks; however, whole disk encryption is insufficient protection in the face of threats which involve coercing access from the user.
For example, consider a user transiting a high risk area with a laptop computer system containing encrypted data. During transit, the user can be stopped and asked to provide access to the laptop computer system. While the data on the laptop computer system is encrypted, the user can be coerced to provide the password or other information to access the encrypted data. In some cases, regional laws may even compel a user to provide this access information. Once the access information is divulged, the coercer has access to the laptop computer system, the data, and potentially the parent system. Even if the laptop computer system is returned, the laptop computer system is potentially compromised, and the data at risk.