최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | UP-0074996 (2002-02-12) |
등록번호 | US-7681034 (2010-04-21) |
발명자 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 36 인용 특허 : 317 |
Techniques for securing electronic data and keeping the electronic data secured at all times are disclosed. According to one embodiment, a client module in a client machine is configured to provide access control to secured documents that may be located in a local store, another computer machine or
Techniques for securing electronic data and keeping the electronic data secured at all times are disclosed. According to one embodiment, a client module in a client machine is configured to provide access control to secured documents that may be located in a local store, another computer machine or somewhere over a data network. The client module includes a document-securing module configured to operate in a path through which a document being accessed is caused to pass so that the document can be examined or detected for the security nature. If the document is secured, the document-securing module obtains a user or group key to decrypt security information in the secured document for access rules therein. If a user accessing the document is determined to have the access privilege to the secured document, a file key is retrieved from the security information and a cipher module is activated to decrypt the encrypted data portion with the file key. Likewise, if a document is to be secured, the cipher module encrypts clear data from the document to create the encrypted data portion. The document-securing module integrates proper or desired security information with the encrypted data portion to produce the secured document.
We claim: 1. A computer implemented method for securing a file, the method comprising: determining whether the file stored in a file system and being accessed is secured; if the file is determined to be secured, activating a cipher module and loading the file from the file system through the cipher
We claim: 1. A computer implemented method for securing a file, the method comprising: determining whether the file stored in a file system and being accessed is secured; if the file is determined to be secured, activating a cipher module and loading the file from the file system through the cipher module into an application; and if the file is determined to be non-secured, loading the file from the file system into the application without activating the cipher module, wherein the file includes a header having a file key, the file key is encrypted with a user key, and the user key is different from the file key. 2. The method of claim 1, wherein the cipher module, once activated, operates within an operating system. 3. The method of claim 1, wherein the file further includes an encrypted portion and the header includes or points to security information including the file key used to decrypt the encrypted portion. 4. The method of claim 3, wherein the loading the file from the file system through the cipher module into the application comprises: retrieving the file key; decrypting the encrypted portion with the file key in the cipher module; and sending the file in clear mode to the application. 5. The method of claim 4, wherein the retrieving the file key comprises: obtaining the user key; and decrypting security information including the file key with the user key to retrieve the file key. 6. The method of claim 1, further comprising: launching the application when a request to access the file is received. 7. A computer implemented method for securing a file, the method comprising: determining if the file stored in a file system and being accessed includes a header, wherein existence of the header indicates that the file is secured, wherein the header includes a file key, the file key is encrypted with a user key, and the user key is different from the file key; activating a cipher module and loading the file from the file system through the cipher module into an application if the file is determined to be secured; and loading the file from the file system into the application without activating the cipher module if the file is determined to be non-secured. 8. A computer implemented method for securing a file, the method comprising: determining if the file stored in a file system and being accessed has a flag, wherein existence of the flag indicates that the file is secured, wherein the file includes a header having a file key, the file key is encrypted with a user key, and the user key is different from the file key; activating a cipher module and loading the file from the file system through the cipher module into an application if the file is determined to be secured; and loading the file from the file system into the application without activating the cipher module if the file is determined to be non-secured. 9. A computer implemented method for securing a file, the method comprising: determining whether the file stored in a file system and being accessed is secured, wherein the file includes a header and an encrypted portion, the header including or pointing to security information including a file key used to decrypt the encrypted portion, wherein the security information including the file key is encrypted with a user key, and wherein the security information further includes access rules to control how and by whom the file is to be accessed; if the file is determined to be secured, activating a cipher module, loading the file from the file system through the cipher module into an application, retrieving the file key, obtaining the user key, decrypting the security information with the user key to retrieve the file key, and decrypting the encrypted portion with the file key in the cipher module, and sending the file in clear mode to the application; and if the file is determined to be non-secured, loading the file from the file system into the application without activating the cipher module. 10. The method of claim 9, wherein the loading the file from the file system through the cipher module into the application only happens if an access privilege is within permissions granted by the access rules. 11. A computer implemented method for securing a file, the method comprising: maintaining a file key in a temporary memory space; encrypting the file with the file key in a cipher module to produce an encrypted portion; preparing security information for the encrypted portion, the security information being encrypted with a user key and including the file key and access rules to control access to the encrypted portion, wherein the access rules in the security information comprise user information identifying who has access to the encrypted portion and how the encrypted portion is to be accessed; and attaching the security information to the encrypted portion. 12. The method of claim 11, further comprising deleting the file key from the temporary memory space when the attaching the security information to the encrypted portion is complete. 13. The method of claim 11, wherein the encrypting the file with the file key, the preparing the security information, and the attaching the security information happen whenever the file is caused to be stored. 14. The method of claim 11, wherein the encrypting the file with the file key, the preparing the security information, and the attaching the security information happen upon receiving an instruction from an application or an operating system supporting the application. 15. The method of claim 14, wherein the instruction is one of (i) Save, (ii) Close or (iii) Exit, all provided in the application. 16. The method of claim 14, wherein the instruction is generated from an automatic operation of saving the file being opened into a storage space, the automatic operation being triggered by the application itself or the operating system. 17. The method of claim 11, wherein the user key is associated with a member selected from a group consisting of a user, a device, a software module, and a group of users. 18. The method of claim 11, further comprising: launching an application that accesses the file. 19. A computer implemented method for providing access control to a file, the method comprising: forwarding a request to access the file to a file system manager in an operating system; activating a document securing module by the file system manager to determine whether the file stored in a file system driver and being accessed is secured, wherein the file includes a header having a file key, the file key is encrypted with a user key, and the user key is different from the file key; activating a cipher module if the file is determined to be secured; and loading the file from the file system driver through the cipher module into an application. 20. The method of claim 19, further comprising: retrieving security information from the file if the file is determined to be secured, the security information including the file key and access rules; and obtaining an access privilege requesting to access the file. 21. The method of claim 20, wherein the activating the cipher module proceeds successfully when the access privilege is within permissions granted by the access rules. 22. The method of claim 21, wherein the activating the cipher module comprises decrypting an encrypted portion of the file with the file key. 23. The method of claim 19, further comprising: launching the application under the operating system when the request to access the file is received. 24. A computer-readable storage medium having stored thereon, computer-executable instructions that, if executed by a computing device, cause the computing device to perform a method comprising: determining whether the file stored in a file system and being accessed is secured; if the file is determined to be secured, activating a cipher module; and loading the file from the file system through the cipher module into an application; and if the file is determined to be non-secured, loading the file from the file system into the application without activating the cipher module; wherein the file includes a header having a file key, the file key is encrypted with a user key, and the user key is different from the file key. 25. The computer-readable storage medium of claim 24, wherein the file further includes an encrypted portion and the header includes or points to security information including the file key used to decrypt the encrypted portion. 26. The computer readable storage medium of claim 24, wherein the program code stored on the medium, if executed, causes the application to be launched when a request to access the file is received. 27. A computer-readable storage medium having stored thereon, computer-executable instructions that, if executed by a computing device, cause the computing device to perform a method comprising: determining if the file stored in a file system and being accessed includes a header, wherein existence of the header indicates that the file is secured, wherein the header includes a file key, the file key is encrypted with a user key, and the user key is different from the file key; if the file is determined to be secured, activating a cipher module; and loading the file from the file system through the cipher module into the application; and if the file is determined to be non-secured, loading the file from the file system into the application without activating the cipher module. 28. The computer-readable storage medium of claim 27, wherein the loading the file from the file system driver through the cipher module into the application comprises: retrieving the file key; decrypting an encrypted portion with the file key in the cipher module; and sending the file in clear mode to the application. 29. The computer-readable storage medium of claim 28, wherein the retrieving the file key comprises: obtaining the user key; and decrypting security information including the file key with the user key to retrieve the file key. 30. A computer-readable storage medium having stored thereon, computer-executable instructions that, if executed by a computing device, cause the computing device to perform a method comprising: determining whether the file stored in a file system and being accessed is secured, wherein the file includes a header and an encrypted portion, the header including or pointing to security information including a file key used to decrypt the encrypted portion, wherein the security information including the file key is encrypted with a user key, and wherein the security information further includes access rules of how and by whom the file is to be accessed; if the file is determined to be secured, activating a cipher module; and loading the file from the file system through the cipher module into the application; retrieving the file key; obtaining the user key; decrypting the security information with the user key to retrieve the file key; decrypting the encrypted portion with the file key in the cipher module; and sending the file in clear mode to the application; and if the file is determined to be non-secured, loading the file from the file system into the application without activating the cipher module. 31. The computer-readable storage medium of claim 30, wherein the loading the file from the file system through the cipher module into the application proceeds if an access privilege is within permissions granted by the access rules. 32. A computer-readable storage medium having stored thereon, computer-executable instructions that if executed by a computing device, cause the computing device to perform a method comprising: maintaining a file key in a temporary memory space; encrypting the file with the file key in a cipher module to produce an encrypted file, wherein the file has been opened with an application and the cipher module operates transparently as far as a user executing the application is concerned; and storing, in a storage space, a secured file including the encrypted file and a header, wherein the header includes or points to security information including the file key, wherein the security information further includes access rules of how and by whom the file is to be accessed. 33. The computer-readable storage medium of claim 32, the method further comprising deleting the file key from the temporary memory space if the application closes the file. 34. The computer-readable storage medium of claim 32, wherein the encrypting the file with the file key happens if the file is caused to be stored. 35. The computer-readable storage medium of claim 32, wherein the encrypting the file with the file key happens an instruction from the application or an operating system supporting the application. 36. The computer-readable storage medium of claim 35, wherein the instruction is one of (i) Save, (ii) Close or (iii) Exit, all provided in the application. 37. The computer-readable storage medium of claim 35, wherein the instruction is generated from an automatic operation of saving the file being opened into the storage space, the automatic operation is either triggered by the application itself or the operating system. 38. The computer-readable storage medium of claim 32, further comprising encrypting the security information with a user key associated with a member selected from a group consisting of a user, a device, a software module, and a group of users. 39. The computer-readable storage medium of claim 32, further comprising attaching the header to the encrypted file, wherein the header includes the security information encrypted in addition to a flag indicating that the file is secured. 40. The computer readable storage medium of claim 32, wherein the program code stored on the medium, if executed, causes the application to be launched. 41. A computing device for securing a file, comprising: an application configured to access the file that includes security information and an encrypted portion, the security information further including a file key and access rules, the encrypted portion being an encrypted version of the file; and a cipher module configured to activate upon determining that the file being accessed is secured; wherein the security information is configured to be encrypted with a user key, is configured to be decrypted with the user key when authenticated, and includes access rules of how and by whom the file is to be accessed; and wherein the file key is configured to be retrieved to decrypt the encrypted portion only after the access rules have been successfully measured against access privilege. 42. The computing device of claim 41, further comprising an operating system configured to support operations of the application, and wherein the cipher module is embedded in the operating system. 43. The computing device of claim 41, wherein the cipher module is configured to operate in a path through which the file is caused to pass when accessed by the application. 44. The computing device of claim 41, further including a memory space and a storage space, and wherein the file key is temporarily kept in the memory space when the file is successfully loaded into the application. 45. The computing device of claim 44, wherein the file key is deleted from the memory space as soon as the file is written back to the storage space. 46. The computing device of claim 41, wherein the user key becomes authenticated by an authentication process. 47. The computing device of claim 41, wherein the computing device is coupled to a second computing device over a data network and the user key becomes authenticated only after successful logging from the computing device into the second computing device. 48. The computing device of claim 41, wherein the computing device is provided with means for capturing biometric data and the user key becomes authenticated only after the biometric data is successfully verified. 49. The computing device of claim 41, wherein the user key becomes authenticated after the computing device receives credential information. 50. The computing device of claim 49, wherein the credential information includes at least one of a password, biometric information, or personalized information. 51. The computing device of claim 50, wherein the biometric information is captured from a device coupled to the computing device. 52. The computing device of claim 41, wherein the application is launched to access the file.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.