[특허]Method and architecture for providing pervasive security to digital assets

Method and architecture for providing pervasive security to digital assets 원문보기

IPC분류정보
국가/구분	United States(US) Patent 등록
국제특허분류(IPC7판)	G06F-099/00
출원번호	US-0076254 (2002-02-12)
등록번호	US-7260555 (2007-08-21)
발명자 / 주소	Rossmann,Alain Zuili,Patrick Ouya,Michael Michio Humpich,Serge Lee,Chang Ping Vainstein,Klimenty Hilderbrand,Hal Garcia,Denis Jacques Paul Supramaniam,Senthilvasan Huang,Weiqing Ryan,Nicholas Michael
출원인 / 주소	Guardian Data Storage, LLC
대리인 / 주소	Sterne, Kessler, Goldstein & Fox P.L.L.C.
인용정보	피인용 횟수 : 72 인용 특허 : 36

초록 ▼

Techniques for providing pervasive security to digital assets are disclosed. According to one aspect of the techniques, a server is configured to provide access control (AC) management for a user (e.g., a single user, a group of users, software agents or devices) with a need to access secured data. Within the server module, various access rules for the secured data and/or access privileges for the user can be created, updated and managed so that the user with the proper access privileges can access the secured documents if granted by the corresponding access rules in the secured data.

대표청구항 ▼

We claim: 1. A method for providing access control management to electronic data, the method comprising: establishing a secured link between a server providing the access control management and a client machine when an authentication request is received from the client machine, the authentication request including an identifier identifying a user of the client machine to access the electronic data, wherein the electronic data is not from the server but secured in a format including security information and an encrypted data portion, the security information including a file key and access rules and controlling restrictive access to the encrypted data portion; authenticating the user according to the identifier; and activating a user key after the user is authenticated, wherein the user key is used to access the access rules in the security information, the file key can be retrieved to decrypt the encrypted data portion only if access privilege of the user is successfully measured by the access rules. 2. The method as recited in claim 1 further comprising maintaining an access control management, wherein the access control management comprises: a rule manager including at least one set of rules for the electronic data; and an administration interface from which the rules for a designated place for the electronic data are created, managed, or updated. 3. The method as recited in claim 2, wherein the designated place is a folder and all files in the folder are subject to the rules. 4. The method as recited in claim 2, wherein the designated place is a repository and all files in the repository are subject to the rules. 5. The method as recited in claim 2, wherein the rule manager provides a graphic user interface from which the rules can be created, managed or updated. 6. The method as recited in claim 5, wherein parameters determining the rules from the graphic user interface are subsequently expressed in a markup language. 7. The method as recited in claim 6, wherein the parameters expressed in the markup language are uploaded to the client machine after the user is authenticated. 8. The method as recited in claim 7, wherein the markup language is Extensible Access Control Markup Language. 9. The method as recited in claim 7, wherein the markup language is selected from a group consisting of HTML, XML and SGML. 10. The method as recited in claim 2, wherein the access control management further comprises a user manager coupled to a database including a list of authorized users and respective access privileges associated with each of the authorized users. 11. The method as recited in claim 10, wherein the authenticating of the user comprises: looking up in the database for the user; and getting, from the database, access location information as to where the user is authorized to access the electronic data if information about the user is located in the database. 12. The method as recited in claim 11, wherein the identifier further identifiers the client machine; and wherein the authenticating of the user comprises determining, from the access location information, whether the client machine is permitted by the user to access the electronic data. 13. The method as recited in claim 11, wherein the access location information pertains to locations or specific client machines from which the user is authorized to access the electronic data. 14. The method as recited in claim 1 ,wherein the user key is in the client machine; and wherein the activating of the user key comprises: sending an authentication message to the client machine; and activating the user key with the authentication message. 15. The method as recited in claim 14, wherein the electronic data, when secured, includes a header that further includes the security information being encrypted and a signature signifying that the electronic data is secured. 16. The method as recited in claim 1 further comprising associating the activated user key with the user locally. 17. The method as recited in claim 16, wherein the electronic data, when secured, includes a header that includes the security information being encrypted and a signature signifying that the electronic data is secured; the encrypted security information including the access rules and a file key, and wherein the method further comprises: receiving the header from the client machine; decrypting the security information in the header to retrieve the access rules therein; and retrieving the file key when the access rules are measured successfully against access privilege of the user. 18. The method as recited in claim 17 further comprising sending the file key to the client machine in which the encrypted data portion can be decrypted with the file key by a cipher module executing in the client machine. 19. A method for providing access control management to electronic data in a client machine, the method comprising: authenticating a user attempting to access the electronic data; maintaining a private key and a public key, both associated with the user, wherein the electronic data, when secured, includes a header and an encrypted data portion, the header further includes security information controlling who, how, when or where the secured electronic data can be accessed and the encrypted data portion is an encrypted version of the electronic data according to a predetermined cipher scheme; encrypting the security information with the public key in the client machine when the electronic data is to be written into a store; and decrypting the security information with the private key in the client machine when the electronic data is to be accessed by an application. 20. The method as recited in claim 19, wherein the authentication of the user comprises: establishing a link with the client machine from which the user is attempting to access the electronic data; demanding credential information from the user; and receiving the credential information from the client machine over the link. 21. The method as recited in claim 20, wherein the credential information includes a pair of usemame and password provided by the user. 22. The method as recited in claim 20, wherein the credential information includes biometric information captured from the user by an apparatus coupled to the client machine. 23. The method as recited in claim 20, wherein the encrypting of the security information with the public key comprises: receiving access rules and a file key, wherein the file key has been used to produce the encrypted data portion in the client machine; including the access rules and the file key into the security information; and encrypting the security information with the public key. 24. The method as recited in claim 23 further comprising: generating the header with the security information encrypted therein; and uploading the header to the client machine where the header is integrated with the encrypted data portion. 25. The method as recited in claim 23, wherein the access rules are expressed in a markup language. 26. The method as recited in claim 25, wherein the markup language is one of Extensible Access Control Markup Language, HTML, XML and SGML. 27. The method as recited in claim 20, wherein the decrypting of the security information with the private key comprises: receiving the header from the client machine over the link; parsing the security information from the header; and decrypting the security information with the private key. 28. The method as recited in claim 27 further comprising: obtaining access rules from the security information; determining whether the access rules accommodate access privilege of the user; when the determining succeeds, retrieving a file key from the security information; and sending the file key to the client machine over the link; and when the determining fails, sending an error message to the client machine over the link. 29. The method as recited in claim 28, wherein the error message indicates that the user does not have the access privilege to access the electronic data. 30. A method for providing access control management to electronic data, the method comprising: receiving a request to access the electronic data in a store; determining security nature of the electronic data by intercepting the electronic data moving from the store through an operating system layer to an application for the data; when the security nature indicates that the electronic data is secured, the electronic data including a header and an encrypted data portion, the header including security information controlling restrictive access to the encrypted data portion and the encrypted data portion including an encrypted version of the electronic data according to a predetermined cipher scheme, determining from the security information if the user has necessary access privilege in the operating system layer to access the encrypted data portion without consulting with another machine; and obtaining a file key and decrypting the encrypted data portion with the file key only after the user is determined to have the necessary access privilege to access the encrypted data portion, and thereafter the application receives the electronic data in clear form. 31. The method as recited in claim 30 further comprising retrieving a user key associated with a user making the request. 32. The method as recited in claim 31 wherein said determining from the security information if the user has necessary access privilege comprises: decrypting the security information with the user key; retrieving access rules from the security information; and measuring the access rules against the access privilege of the user. 33. The method as recited in claim 32 further comprising: retrieving the file key from the security information if the measuring of the access rules against the access privilege succeeds. 34. The method as recited in claim 32 further comprising: causing the client machine to display an error message to the user if the measuring of the access rules against the access privilege fails. 35. The method as recited in claim 31, wherein the retrieving of the user key comprises: establishing a link with a server executing an access control management; sending to the server an authentication request including an identifier identifying the user for the access control management to authenticate the user; forwarding the header to the server; and receiving the file key retrieved from the header. 36. The method as recited in claim 35 further comprising: activating a cipher module; and decrypting the encrypted data portion by the cipher module with the received file key. 37. The method as recited in claim 36 further comprising loading the decrypted data portion into the application. 38. The method as recited in claim 31, wherein the retrieving of the user key comprises: establishing a link with a server executing an access control management; sending to the server an authentication request including an identifier identifying the user for the access control management to authenticate the user; receiving an authentication message after the user is authenticated; and activating the user key locally in the client machine. 39. The method as recited in claim 38, wherein the user key is in an illegible format before the activating of the user key locally in the client machine. 40. A system for providing access control management to electronic data, the system comprising: a client machine executing a document securing module that operates in a path through which the electronic data is caused to pass when selected, the document securing module determining security nature of the electronic data, an access control server coupled to the client machine over a network, the access control server including an account manager managing all users who access the electronic data; and wherein the client machine and a user thereof are caused by the document securing module to be authenticated with the access control server when the security nature indicates that the electronic data is secured; and wherein access rules in the secured electronic data are retrieved with a user key associated with the user to test against access privilege of the user to determine if the user can access the secured electronic data. 41. The system as recited in claim 40, wherein the access privilege of the user is also tested against other rules imposed by the system. 42. The system as recited in claim 40, wherein the document securing module activates a cipher module to decrypt an encrypted data portion in the secured electronic data with a file key obtained therefrom after the document securing module determines that the access privilege of the user is permitted by the access rules. 43. The system as recited in claim 42, wherein the user key stays in the access control server that receives part of the secured electronic data; and wherein the access rules and the file key are obtained from the part of the secured electronic data. 44. The system as recited in claim 43, wherein the access control server forwards the file key to the client machine in a secured form over the network. 45. The system as recited in claim 42, wherein the user key stays in the client machine and is activated when both the client machine and the user are authenticated by the access control server. 46. A system for providing access control management to electronic data, the system comprising: a storage device including at least an active place designated for keeping the electronic data secured, the secured electronic data including encrypted security information that further includes at least a set of access rules and a file key, wherein the access rules, expressed in a descriptive language, protects the tile key and controls restrictive access to the secured electronic data; a client machine coupled to the storage device and executing a document securing module operative to intercept the electronic data when the electronic data is caused to transport from the active place; an access control server coupled to the client machine over a network and receiving a part of the electronic data including the encrypted security information from the client machine, the encrypted security information being decrypted with a user key associated with a user attempting to access the electronic data after both the user and the client machine are authenticated; wherein the set of access rules are measured against access privilege of the user in the access control server, if successful, the file key is returned to the client machine to facilitate a recovery of the electronic data in clear mode. 47. A software product to be executable in a computing device for providing access control management to electronic data, the software product comprising: program code for establishing a secured link between a server supporting the access control management and a client machine when an authentication request is received therefrom, the authentication request including an identifier identifying a user from the client machine to access the electronic data not received from the server but in a secured format including a file key and security information and an encrypted data, the security information including access rules and controlling restrictive access to the encrypted data portion; program code for authenticating the user according to the identifier; and program code for activating a user key after the user is authenticated, wherein the user key is used to access the access rules in the security information, the file key can be retrieved to decrypt the encrypted data portion only if access privilege of the user is successfully measured by the access rules. 48. The software product as recited in claim 47 further comprising program code for maintaining an access control management, wherein the access control management comprises: a rule manager including at least one set of rules for the electronic data; and an administration interface from which the rules for a designated place for the electronic data are created, managed or updated. 49. The software product as recited in claim 48, wherein the designated place is a folder and all files in the folder are subject to the rules. 50. The software product as recited in claim 46, wherein the designated place is a repository and all files in the repository are subject to the rules. 51. The software product as recited in claim 46, wherein the rule manager provides a graphic user interface from which the rules can be created, managed or updated. 52. The software product as recited in claim 51, wherein parameters determining the rules from the graphic user interface are subsequently expressed in a markup language. 53. The software product as recited in claim 52, wherein the parameters expressed in the markup language are uploaded to the client machine after the authenticating of the user succeeds. 54. The software product as recited in claim 53, wherein the markup language is Extensible Access Control Markup Language. 55. The software product as recited in claim 53, wherein the markup language is selected from a group consisting of HTML, XML and SGML. 56. The software product as recited in claim 48, wherein the access control management further comprises a user manager coupled to a database including a list of authorized users and respective access privileges associated with each of the authorized users. 57. The software product as recited in claim 56, wherein the program code for authenticating the user comprises: program code for looking up in the database for the user; and program code for getting, from the database, access location information as to where the user is authorized to access the electronic data if the user is located in the database. 58. The software product as recited in claim 57, wherein the identifier further identifiers the client machine; and wherein the program code for authenticating the user comprises program code for determining, from the access location information, whether the client machine is permitted by the user to access the electronic data. 59. The software product as recited in claim 57, wherein the access location information pertains to locations or specific client machines from which the user is authorized to access the electronic data. 60. The software product as recited in claim 47, wherein the user key is in the client machine; and wherein the program code for activating the user key comprises: program code for sending an authentication message to the client machine; and program code for activating the user key with the authentication message. 61. The software product as recited in claim 60, wherein the electronic data, when secured, includes a header and an encrypted data portion; and wherein the header includes security information that can be accessed with the activated user key. 62. The software product as recited in claim 47 further comprising program code for associating the activated user key with the user locally. 63. The software product as recited in claim 62, wherein the electronic data, when secured, includes a header and an encrypted data portion, the header includes security information and a file key; and wherein the software product further comprises: program code for receiving the header from the client machine; program code for decrypting the header to retrieve, access rules in the security information; and program code for retrieving the file key when the access rules are measured successfully against access privilege of the user. 64. The software product as recited in claim 63 further comprising sending the file key to the client machine in which the encrypted data portion can be decrypted with the file key by a cipher module executing in the client machine. 65. A software product to be executable in a computing device for providing access control management to electronic data in a client machine, the software product comprising: program code for authenticating a user attempting to access the electronic data; program code for maintaining a private key and a public key, both associated with the user, wherein the electronic data, when secured, includes a header and an encrypted data portion, the header further includes security information controlling restrictive access to the encrypted data portion and protecting the private key by access rules therein; program code for encrypting the security information with the public key in the client machine when the electronic data is to be written into a store; and program code for decrypting the security information with the private key in the client machine when the electronic data is to be accessed by an application. 66. The software product as recited in claim 65, wherein the program code for authenticating the user comprises: program code for establishing a link with the client machine from which the user is attempting to access the electronic data; program code for demanding credential information from the user; and program code for receiving the credential information from the client machine over the secured link. 67. The software product as recited in claim 66, wherein the credential information includes a pair of username and password provided by the user. 68. The software product as recited in claim 66, wherein the credential information includes biometric information captured from the user by an apparatus coupled to the client machine. 69. The software product as recited in claim 66, wherein the program code for encrypting the security information with the public key comprises: program code for receiving the access rules and a file key from the client machine over the link, wherein the file key has been used to produce the encrypted data portion in the client machine; program code for including the access rules and a file key into the security information; and program code for encrypting the security information with the public key. 70. The software product as recited in claim 69 further comprising: program code for generating the header with the security information encrypted therein; and program code for uploading the header to the client machine where the header is integrated with the encrypted data portion. 71. The software product as recited in claim 70, wherein the access rules are expressed in a markup language. 72. The software product as recited in claim 71, wherein the markup language is one of Extensible Access Control Markup Language, HTML, XML and SGML. 73. The software product as recited in claim 66, wherein the program code for decrypting the security information with the private key comprises: program code for receiving the header from the client machine over the link; program code for parsing the security information from the header; and program code for decrypting the security information with the private key. 74. The software product as recited in claim 73 further comprising: program code for obtaining access rules from the security information; program code for determining whether the access rules accommodate access privilege of the user; when the determining program code is executed successfully, program code for retrieving a file from the security information; and program code for sending the file key to the client machine over the link; and when the determining program code is executed unsuccessfully, program code for sending an error message to the client machine over the link. 75. The software product as recited in claim 74 wherein the error message indicate that the user does not have the access privilege to access the electronic data. 76. A software product to be executable in a computing device for providing access control management to electronic data, the software product comprising: program code for receiving a request to access the electronic data in a store; program code for determining security nature of the electronic data by intercepting the electronic data moving from the store through an operating system layer to an application for the data; when the security nature indicates that the electronic data is secured, wherein the electronic data including a header and an encrypted data portion, the header including security information and the encrypted data portion including an encrypted version of the electronic data according to a predetermined encryption scheme, program code for determining from the security information if the user has necessary access privilege in the operating system layer to access the encrypted data portion; and program code for a file key from the security information and decrypting the encrypted data portion only after the access privilege of the user is permitted in view of the security information, and thereafter the application receives the electronic data in clear form. 77. The software product as recited in claim 76 further comprising program code for retrieving a user key associated with a user making the request. 78. The software product as recited in claim 77 wherein the program code for determining from the security information, if the user has necessary access privilege, comprises: program code for decrypting the security information with the user key; program code for retrieving access rules from the security information; and program code for measuring the access rules against the access privilege of the user. 79. The software product as recited in claim 78 further comprising: program code for causing the client machine to display an error message to the user if the measuring of the access rules against the access privilege fails. 80. The software product as recited in claim 78, wherein the program code for retrieving the user key comprises: program code for establishing a link with a server executing an access control management; program code for sending to the server an authentication request including an identifier identifying the user for the access control management to authenticate the user; program code for forwarding the header to the server; and program code for receiving a file key retrieved from the header. 81. The software product as recited in claim 80 further comprising: program code for activating a cipher module; and program code for decrypting the encrypted data portion by the cipher module with the received file key. 82. The software product as recited in claim 81 further comprising program code for loading the decrypted data portion into the application. 83. The software product as recited in claim 77, wherein the program code for retrieving the user key comprises: program code for establishing a link with a server executing an access control management; program code for sending to the server an authentication request including an identifier identifying the user for the access control management to authenticate the user; program code for receiving an authentication message after the user is authenticated; and program code for activating the user key locally in the client machine. 84. The software product as recited in claim 83, wherein the user key is in an illegible format before the activating of the user key locally in the client machine. 85. The software product as recited in claim 83, wherein the computing device is a media player having a network capacity, the media player generating audio and/or video from the electronic data when the software product is executed in the media player.

이 특허에 인용된 특허 (36)

Edward M. Scheidt ; Ersin L. Domangue, Access control and authorization system.
상세보기
Win Teresa ; Belmonte Emilio, Administrative roles that govern access to administrative functions.
상세보기
Davies Donald W. (Sunbury-on-Thames GB2), Apparatus and methods for granting access to computers.
상세보기
Reed Drummond Shattuck ; Heymann Peter Earnshaw ; Mushero Steven Mark ; Jones Kevin Benard ; Oberlander Jeffrey Todd ; Banay Dan, Computer-based communication system and method using metadata defining a control structure.
상세보기
Reed Drummond Shattuck ; Heymann Peter Earnshaw ; Mushero Steven Mark ; Jones Kevin Benard ; Oberlander Jeffrey Todd, Computer-based communication system and method using metadata defining a control-structure.
상세보기
Seheidt Edward M. (McLean VA) Crowley John J. (Rockville MD), Cryptographic key management method and apparatus.
상세보기
Seheidt Edward M. ; Crowley John J., Cryptographic key management method and apparatus.
상세보기
Scheidt, Edward M.; Wack, C. Jay, Cryptographic key split combiner.
상세보기
Scheidt, Edward M.; Wack, C. Jay, Cryptographic key split combiner.
상세보기
Boebert William E. (Minneapolis MN) Markham Thomas R. (Anoka MN) Olmsted Robert A. (Minnetonka MN), Data enclave and trusted path system.
상세보기
Boebert William E. (Minneapolis MN) Markham Thomas R. (Anoka MN) Olmsted Robert A. (Minnetonka MN), Data enclave and trusted path system.
상세보기
Win Teresa ; Belmonte Emilio, Distributed access management of information resources.
상세보기
Shanton M. Greg, Distributed cryptographic object method.
상세보기
Shanton M. Greg, Distributed cryptographic object method.
상세보기
Shanton M. Greg (Fairfax VA), Distributed cryptographic object method.
상세보기
Shanton M. Greg (Manassas VA), Distributed cryptographic object method.
상세보기
Shimbo Atsushi,JPX ; Takahashi Toshinari,JPX ; Tomoda Ichiro,JPX ; Murota Masao,JPX, File editing system and shared file editing system with file content secrecy, file version management, and asynchronous.
상세보기
Sprague Peter J. (249 Undermountain Rd. Lenox MA 02140) Lipscomb Thomas H. (145 E. 74th St. New York NY 10021), Information distribution system.
상세보기
Pensak David A. ; Cristy John J. ; Singles Steven J., Information security architecture for encrypting documents for remote access while maintaining access control.
상세보기
Wiederhold Gio, Information sharing system and method with requester dependent sharing and security rules.
상세보기
Van Oorschot Paul C.,CAX, Method and apparatus for creating communities of trust in a secure communication system.
상세보기
Thomlinson Matthew W. ; Field Scott ; Cooper Allan, Method and system for securely archiving core data secrets.
상세보기
Richard Patrick,CAX ; Csinger Andrew,CAX ; Knipe Bruce,CAX ; Woodward Bruce,CAX, Method of and apparatus for providing secure distributed directory services and public key infrastructure.
상세보기
David A. Pensak ; John J. Cristy ; Steven J. Singles, Method of encrypting information for remote access while maintaining access control.
상세보기
O'Neil Kevin ; Seidman Glenn R., Personal information security and exchange tool.
상세보기
Thomlinson Matthew W. ; Field Scott ; Cooper Allan, Protected storage of core data secrets.
상세보기
Carroll Robert B., Secure server and method of operation for a distributed information system.
상세보기
Rusnak David J. ; Zientara John T., System and method for controlling access rights to and security of digital content in a distributed information system, e.g., Internet.
상세보기
Lipner Steven B. ; Balenson David M. ; Ellison Carl M. ; Walker Stephen T., System and method for controlling access to a user secret.
상세보기
Carman David W. ; Balenson David M. ; Tajalli Homayoon ; Walker Stephen T., System and method for controlling access to a user secret using a key recovery field.
상세보기
Moriconi Mark ; Qian Shelly, System and method for maintaining security in a distributed computer network.
상세보기
Boebert William E. (Minneapolis MN), System and method for trusted path communications.
상세보기
Yamaguchi Toshikazu (Kanagawaken JPX) Tanaka Kiyoto (Kanagawaken JPX), System and scheme of cipher communication.
상세보기
Schneck Paul B. ; Abrams Marshall D., System for controlling access and distribution of digital property.
상세보기
Schneck Paul B. ; Abrams Marshall D., System for controlling access and distribution of digital property.
상세보기
Davis Mark Charles ; Gray Steve D. ; Kuehr-McLaren David Gerard ; Morrison Ian A. ; Shoriak Timothy G., Systems, methods and computer program products for authenticating client requests with client certificate information.
상세보기

이 특허를 인용한 특허 (72)

Huang, Fei; Huang, Shu; Ren, Liwei, Cascading security architecture.
상세보기
Fujinami, Yasushi; Ohshima, Takenori; Hayakawa, Goro; Hamada, Toshiya, Data processing apparatus, data processing method, program, program recording medium, data recording medium, and data structure.
상세보기
Patti, Joseph G.; Lamberg, Michael, Data storage incorporating cryptographically enhanced data protection.
상세보기
Herbach, Jonathan D.; Donahue, James; Shapiro, William M., Distributed document version control.
상세보기
Herbach, Jonathan D.; Gilchrist, Gary, Distributed document version control.
상세보기
Vainstein, Klimenty, Document security system that permits external users to gain access to secured files.
상세보기
Vainstein, Klimenty, Document security system that permits external users to gain access to secured files.
상세보기
Ouye, Michael Michio; Crocker, Steven Toye, Dynamic evaluation of access rights.
상세보기
Sibert, Hervé, Electronic device and method of software or firmware updating of an electronic device.
상세보기
Shapiro, William M., Family of encryption keys.
상세보기
Lin, Jian-Jr; Huang, Ke-Sen, File management system and method.
상세보기
Kaler, Christopher G.; Brown, Allen L.; Atkinson, Robert G.; Lucco, Steven E., Grouping and nesting hierarchical namespaces.
상세보기
Supramaniam,Senthilvasan; Huang,Weiqing; Vainstein,Klimenty, Guaranteed delivery of changes to security policies in a distributed system.
상세보기
Rossmann, Alain, Hybrid systems for securing digital assets.
상세보기
Furuya, Tomoyuki, Information processing apparatus and data management system.
상세보기
Mittal, Hemant; Nadiminti, Syama Sundararao; Wang, Sue Pei, Managing keys for encrypted shared documents.
상세보기
Alain, Rossmann; Zuili, Patrick; Ouye, Michael Michio; Humpich, Serge; Lee, Chang-Ping; Vainstein, Klimenty; Hilderbrand, Hal; Garcia, Denis Jacques Paul; Supramaniam, Senthilvasan; Huang, Weiqing; Ryan, Nicholas Michael, Managing secured files in designated locations.
상세보기
Garcia, Denis Jacques Paul, Method and apparatus for securing digital assets.
상세보기
Lee, Chang-Ping; Garcia, Denis Jacques Paul, Method and apparatus for securing electronic data.
상세보기
Vainstein, Klimenty; Nath, Satyajit; Ouye, Michael Michio, Method and apparatus for transitioning between states of security policies used to secure electronic documents.
상세보기
Vainstein, Klimenty; Nath, Satyajit; Ouye, Michael Michio, Method and apparatus for transitioning between states of security policies used to secure electronic documents.
상세보기
Donahue, James, Method and apparatus providing end to end protection for a document.
상세보기
Roegner, Michael W., Method and system for dynamically implementing an enterprise resource policy.
상세보기
Nath, Satyajit, Method and system for enabling users of a group shared across multiple file security systems to access secured files.
상세보기
Kenrich, Michael Frederick; Hildebrand, Hal S.; Supramaniam, Senthilvasan, Method and system for fault-tolerant transfer of files across a network.
상세보기
Huang, Weiqing; Supramaniam, Senthilvasan; Vainstein, Klimenty, Method and system for implementing changes to security policies in a distributed security system.
상세보기
Huang, Weiqing; Supramaniam, Senthilvasan; Vainstein, Klimenty, Method and system for implementing changes to security policies in a distributed security system.
상세보기
Vainstein, Klimenty, Method and system for managing security tiers.
상세보기
Kinghorn, Gary Mark; Garcia, Denis Jacques Paul, Method and system for protecting electronic data in enterprise environment.
상세보기
Ryan,Nicholas M., Method and system for protecting encrypted files transmitted over a network.
상세보기
Nath, Satyajit, Method and system for providing document retention using cryptography.
상세보기
Nath, Satyajit, Method and system for providing document retention using cryptography.
상세보기
Nath, Satyajit; Vainstein, Klimenty; Ouye, Michael Michio, Method and system for securing digital assets using process-driven security policies.
상세보기
Nath, Satyajit; Vainstein, Klimenty; Ouye, Michael Michio, Method and system for securing digital assets using process-driven security policies.
상세보기
Roegner, Michael W., Method and system for selecting advertisements to be presented to a viewer.
상세보기
Roegner, Michael W., Method and system for selecting content items to be presented to a viewer.
상세보기
Ryan, Nicholas M., Method and system for using remote headers to secure electronic files.
상세보기
Varriale, Anronio; Colazzo, Laura; Bianco, Alberto; Turolla, Maura, Method for selectively enabling access to file systems of mobile terminals.
상세보기
Garcia, Denis Jacques Paul; Ouye, Michael Michio; Rossmann, Alain; Crocker, Steven Toye; Gilbertson, Eric; Huang, Weiqing; Humpich, Serge; Vainstein, Klimenty; Ryan, Nicholas Michael, Methods and systems for providing access control to secured data.
상세보기
Garcia, Denis Jacques Paul; Ouye, Michael Michio; Rossmann, Alain; Crocker, Steven Toye; Gilbertson, Eric; Huang, Weiqing; Humpich, Serge; Vainstein, Klimenty; Ryan, Nicholas Michael, Methods and systems for providing access control to secured data.
상세보기
Garcia, Denis Jacques Paul; Ouye, Michael Michio; Rossmann, Alain; Crocker, Steven Toye; Gilbertson, Eric; Huang, Weiqing; Humpich, Serge; Vainstein, Klimenty; Ryan, Nicholas Michael, Methods and systems for providing access control to secured data.
상세보기
Garcia, Denis Jacques Paul; Ouye, Michael Michio; Rossmann, Alain; Crocker, Steven Toye; Gilbertson, Eric; Huang, Weiqing; Humpich, Serge; Vainstein, Klimenty; Ryan, Nicholas Michael, Methods and systems for providing access control to secured data.
상세보기
Chew, Yen Hsiang, Multi-key cryptography for encrypting file system acceleration.
상세보기
Kenrich, Michael Frederick; Gutnik, Yevgeniy, Multi-level file digests.
상세보기
Kenrich, Michael Frederick; Gutnik, Yevgeniy, Multi-level file digests.
상세보기
Shapiro, William M.; Donahue, James; Herbach, Jonathan D., Offline access in a document control system.
상세보기
Zuberi, Khawar M., Preventing quality of service policy abuse in a network.
상세보기
Zuberi, Khawar M., Preventing quality of service policy abuse in a network.
상세보기
Cope, Warren Scott, Process and system for providing and managing offline input of field documentation to a complex project workflow system.
상세보기
Ryan, Nicholas M., Protecting encrypted files transmitted over a network.
상세보기
Cerruti, Julian Ariel; Lanza, Mariela Claudia; Manzato, Guillermo; Prediletto, Mariano Alejandro; Whitmore, James J., Providing consistent cryptographic operations.
상세보기
Reyna Almandos, Patricio Marcelo; Coria, Eduardo Martin; Lanza, Mariela Claudia; Manzato, Guillermo; Prediletto, Mariano Alejandro; Whitmore, James J, Providing consistent cryptographic operations across several applications.
상세보기
Albahdal, Abdullah A; Boult, Terrance E, Secure biometric cloud storage system.
상세보기
Garcia,Denis Jacques Paul, Secured data format for access control.
상세보기
Hildebrand, Hal S.; Garcia, Denis Jacques Paul, Security system for generating keys from access rules in a decentralized manner and methods therefor.
상세보기
Gutnik, Yevgeniy, Security system that uses indirect password-based encryption.
상세보기
Vainstein, Klimenty; Ouye, Michael Michio, Security system with staging capabilities.
상세보기
Ryan, Nicholas, System and method for imposing security on copies of secured items.
상세보기
Hildebrand, Hal S., System and method for providing different levels of key security for controlling access to secured items.
상세보기
Hildebrand, Hal S.; Vainstein, Klimenty, System and method for providing distributed access control to secured documents.
상세보기
Zuili, Patrick; Vainstein, Klimenty, System and method for providing manageability to security information for secured items.
상세보기
Vainstein, Klimenty; Hildebrand, Hal, System and method for providing multi-location access management to secured items.
상세보기
Vainstein, Klimenty; Hildebrand, Hal, System and method for providing multi-location access management to secured items.
상세보기
Roegner, Michael W., System for managing access to protected resources.
상세보기
Roegner, Michael W., System for managing access to protected resources.
상세보기
Bernaudin, Ingrid; Yu, Mei; Dunn, Angus, Systems and methods for secure storage on a mobile device.
상세보기
Edwards, Jr., Robert Clair; Kaczmarski, Michael Allen; Vargas, Omar Bond, Systems for authenticating a user's credentials against multiple sets of credentials.
상세보기
Herbach, Jonathan D.; Donahue, James; Shapiro, William M., Transparent authentication process integration.
상세보기
Herbach, Jonathan D.; Donahue, James; Shapiro, William M., Transparent authentication process integration.
상세보기
Iwami, Hideki, Wireless communication method and apparatus thereof.
상세보기
Iwami, Hideki, Wireless communication method and apparatus thereof.
상세보기
Iwami, Hideki, Wireless communication method and apparatus thereof.
상세보기

IPC	Description
A	생활필수품
A62	인명구조; 소방(사다리 E06C)
A62B	인명구조용의 기구, 장치 또는 방법(특히 의료용에 사용되는 밸브 A61M 39/00; 특히 물에서 쓰이는 인명구조 장치 또는 방법 B63C 9/00; 잠수장비 B63C 11/00; 특히 항공기에 쓰는 것, 예. 낙하산, 투출좌석 B64D; 특히 광산에서 쓰이는 구조장치 E21F 11/00)
A62B-1/08	.. 윈치 또는 풀리에 제동기구가 있는 것

내보내기 구분	파일저장 인쇄 메일전송
구성항목	기본정보 상세정보 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표IPC 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 공고번호, 공고일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표출원인, 출원인국적, 출원인주소, 발명자, 발명자E, 발명자코드, 발명자주소, 발명자 우편번호, 발명자국적, 대표IPC, IPC코드, 요약, 미국특허분류, 대리인주소, 대리인코드, 대리인(한글), 대리인(영문), 국제공개일자, 국제공개번호, 국제출원일자, 국제출원번호, 우선권, 우선권주장일, 우선권국가, 우선권출원번호, 원출원일자, 원출원번호, 지정국, Citing Patents, Cited Patents
저장형식	Text(ASCII format) Excel format PIAS분석(.xls)
메일정보	받는사람 (필수) @ 보내는사람 (선택) @ 제목 내용 KISTI 검색결과 이메일 서비스
안내	총 건의 자료가 검색되었습니다. 다운받으실 자료의 인덱스를 입력하세요. (1-10,000) 검색결과의 순서대로 최대 10,000건 까지 다운로드가 가능합니다. 데이타가 많을 경우 속도가 느려질 수 있습니다.(최대 2~3분 소요) 다운로드 파일은 UTF-8 형태로 저장됩니다. 파일의 내용이 제대로 보이지 않을실 때는 웹브라우저 상단의 보기 -> 인코딩 -> 자동선택 여부를 확인하십시오. ~ Text(ASCII format) Excel format

연합인증

Method and architecture for providing pervasive security to digital assets 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

이 특허에 인용된 특허 (36)

이 특허를 인용한 특허 (72)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트

연합인증

Method and architecture for providing pervasive security to digital assets 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

전체(0) 논문(0) 특허(0) 보고서(0)

전체(0) 논문(0) 특허(0) 보고서(0)

이 특허에 인용된 특허 (36)

이 특허를 인용한 특허 (72)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트