Method and system for enabling users of a group shared across multiple file security systems to access secured files
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-007/04
G06F-017/30
H04N-007/16
출원번호
UP-0610832
(2003-06-30)
등록번호
US-7730543
(2010-06-22)
발명자
/ 주소
Nath, Satyajit
대리인 / 주소
Sterne, Kessler, Goldstein & Fox PLLC
인용정보
피인용 횟수 :
38인용 특허 :
185
초록▼
Improved system and approaches for permitting users of different organizations to access secured files (e.g., documents) are disclosed. These users can be part of a group that is shared across a plurality of file security systems. For example, at a first file security system, a user of the shared gr
Improved system and approaches for permitting users of different organizations to access secured files (e.g., documents) are disclosed. These users can be part of a group that is shared across a plurality of file security systems. For example, at a first file security system, a user of the shared group can secure a file for restricted access by those users within the shared group. Subsequently, at a different file security system, another user of the shared group is able to access the content of the secured file.
대표청구항▼
What is claimed is: 1. A computer-implemented method for interacting between file security systems, the method comprising: creating, using a computing device, a first shared group at a first file security system; creating, using the computing device, a second shared group at a second file security
What is claimed is: 1. A computer-implemented method for interacting between file security systems, the method comprising: creating, using a computing device, a first shared group at a first file security system; creating, using the computing device, a second shared group at a second file security system; permitting one or more users of the first file security system to be within the second shared group; permitting one or more users of the second file security system to be within the first shared group; creating, using the computing device, a third shared group; and permitting one or more users who are within both the first and second shared groups to be within the third shared group. 2. The computer-implemented method as recited in claim 1, wherein one or more users of the first file security system are added to or removed from the third shared group. 3. The computer-implemented method as recited in claim 2, wherein one or more users of the second file security system are added to or removed from the third shared group. 4. The computer-implemented method as recited in claim 1, wherein creating the second shared group comprises receiving at least one cryptographic key associated with the second shared group. 5. The computer-implemented method as recited in claim 1, wherein permitting one or more users who are within both the first and second shared groups to be within the third shared group comprises: sending an invitation to the second file security system inviting users of the second file security system to join the third shared group; and receiving an acceptance to the invitation from the second file security system when if the second file security system desires to join the third shared group. 6. The computer-implemented method as recited in claim 5, wherein permitting one or more users who are within both the first and second shared groups to be within the third shared group further comprises providing at least one cryptographic key associated with the third shared group to the second file security system after the receiving receives the acceptance to the invitation. 7. The computer-implemented method as recited in claim 6, wherein the at least one cryptographic key associated with the third shared group comprises at least one public-private key pair. 8. The computer-implemented method as recited in claim 1, wherein the method further comprises: subsequently removing users of the second file security system from the third shared group. 9. The computer-implemented method as recited in claim 8, wherein permitting one or more users who are within both the first and second shared groups to be within the third shared group supplies at least one cryptographic key associated with the third shared group to the second file security system, and wherein the method further comprises: supplying at least one cryptographic key to the other file security systems within the third shared group after or during the removing. 10. The computer-implemented method as recited in claim 1, wherein permitting one or more users who are within both the first and second shared groups to be within the third shared group supplies, to the second file security system, at least one historical cryptographic key associated with the third shared group and at least one current cryptographic key associated with the third shared group. 11. A computer readable storage medium including at least computer program code for interacting between file security systems, the computer readable medium comprising: computer program code enabling a processor to create a first shared group at a first file security system; computer program code enabling a processor to create a second shared group at a second file security system; computer program code enabling a processor to permit one or more users of the first file security system to be within the second shared group; computer program code enabling a processor to permit one or more users of the second file security system to be within the first shared group; computer program code enabling a processor to create a third shared group; and computer program code enabling a processor to permit one or more users who are within both the first and second shared groups to be within the third shared group. 12. A method for restricting access to electronic files, the method comprising: receiving, at a computing device, respective requests from a first requestor being a member of a first group and a second requestor being a member of a second group requesting access to a security system, one of the first and second requestor being associated with the security system, the security system being accessible by a shared group including at least one member from each of the first group and the second group; verifying, using the computing device, authentication information from the first and second requestor to determine if they are part of the shared group; and allowing respective ones of the first and second requestors access to the security system upon successful verification they are part of the shared group. 13. The method as recited in claim 12, wherein the requestors within the shared group are able to access key-pairs needed to decrypt and/or encrypt an electronic file for restricted access by only those requestors within the shared group, and wherein the electronic file contains encrypted file data and encrypted security information, the encrypted security information is decrypted with a key from the key-pairs corresponding to the shared group. 14. The method as recited in claim 13, wherein the security information includes at least a key to decrypt the encrypted file data. 15. A computer-readable storage medium comprising computer program code enabling a computing device to perform a method for restricting access to electronic files, the method comprising: receiving respective requests from a first requestor being a member of a first group and a second requestor being a member of a second group requesting access to a security system, one of the first and second requestor being associated with the security system, the security system being accessible by a shared group including at least one member from each of the first group and the second group; verifying authentication information from the first and second requestor to determine if they are part of the shared group; and allowing respective ones of the first and second requestors access to the security system upon successful verification they are part of the shared group. 16. A system that restricts access to electronic files, comprising: a computing device comprising: a processor; and a memory; wherein the computing device is capable of receiving respective requests from a first requestor being a member of a first group and a second requestor being a member of a second group requesting access to the security system, one of the first and second requestor being associated with the security system, the security system being accessible by a shared group including at least one member from each of the first group and the second group; and wherein the computing device is capable of verifying authentication information from the first and second requestor to determine if they are part of the shared group, wherein respective ones of the first and second requestors are allowed access to the security system upon successful verification they are part of the shared group. 17. The system as recited in claim 16, wherein the requestors within the shared group are able to access key-pairs needed to decrypt and/or encrypt electronic files for restricted access by only those requestors within the shared group. 18. The system as recited in claim 17, wherein following an event, the key-pairs associated with the shared group are changed. 19. The system as recited in claim 18, wherein the event is an entity withdrawal from the shared group.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (185)
Edward M. Scheidt ; Ersin L. Domangue, Access control and authorization system.
Bahl, Paramvir; Venkatachary, Srinivasan; Balachandran, Anand, Authentication methods and systems for accessing networks, authentication methods and systems for accessing the internet.
Strickler Gary E. ; Knapp Herbert William ; Holenstein Bruce D. ; Holenstein Paul J., Bidirectional database replication scheme for controlling ping-ponging.
Reed Drummond Shattuck ; Heymann Peter Earnshaw ; Mushero Steven Mark ; Jones Kevin Benard ; Oberlander Jeffrey Todd ; Banay Dan, Computer-based communication system and method using metadata defining a control structure.
Reed Drummond Shattuck ; Heymann Peter Earnshaw ; Mushero Steven Mark ; Jones Kevin Benard ; Oberlander Jeffrey Todd, Computer-based communication system and method using metadata defining a control-structure.
Auerbach Joshua Seth (Ridgefield CT) Chow Chee-Seng (Cupertino CA) Kaplan Marc Adam (Katonah NY) Crigler Jeffrey Charles (McLean VA), Creation and distribution of cryptographic envelope.
Roumiantsev,Andrei Igorevich; Koltsov,Alexandre Vladimirovich; O'Doherty,Brian John; Tararoukhine,Ilia Valerievich, Data transfer and management system.
Ohtsu Toshiyuki,JPX, Dynamic adding system for memory files shared among hosts, dynamic adding method for memory files shared among hosts, and computer-readable medium recording dynamic adding program for memory files sh.
Downs Edgar ; Gruse George Gregory ; Hurtado Marco M. ; Lehman Christopher T. ; Milsted Kenneth Louis ; Lotspiech Jeffrey B., Electronic content delivery system.
Smith Jeffrey C. ; Bandini Jean-Christophe, Electronic document delivery system in which notification of said electronic document is sent to a recipient thereof.
Tozawa,Jun; Nogami,Hiroshi; Shibayama,Tetsuya; Kataoka,Tomohiro; Fujio,Hiroshi, Encryption and decryption communication semiconductor device and recording/reproducing apparatus.
Elmer Thomas I. (Sunnyvale CA) Nguyen Tuan T. (Milpitas CA) Lin Rung-Pan (San Jose CA), Encryption of streams of addressed information to be used for program code protection.
Shimbo Atsushi,JPX ; Takahashi Toshinari,JPX ; Tomoda Ichiro,JPX ; Murota Masao,JPX, File editing system and shared file editing system with file content secrecy, file version management, and asynchronous.
Eshel Marc M. (Tarrytown NY) Hunt Guerney D. H. (Ithaca NY) Jones Donald N. (Vestal NY) Meyer Christopher (Vestal NY) Schwartz Frederick A. (Binghamton NY), File manager for files shared by heterogeneous clients.
Shimizu Hideo,JPX ; Hori Satomi,JPX ; Endoh Naoki,JPX ; Saisho Toshiaki,JPX, Information processing system having function of securely protecting confidential information.
Asano,Tomoyuki; Osawa,Yoshitomo, Information recording device, information playback device, information recording method, information playback method, and information recording medium and program providing medium used therewith.
Pensak David A. ; Cristy John J. ; Singles Steven J., Information security architecture for encrypting documents for remote access while maintaining access control.
Phillips,Robert S.; Davis,Scott H.; Dietterich,Daniel J.; Nyman,Scott E.; Porter,David, Internet-based shared file service with native PC client access and semantics.
Phillips,Robert S.; Davis,Scott H.; Dietterich,Daniel J.; Nyman,Scott E.; Porter,David, Internet-based shared file service with native PC client access and semantics and distributed access control.
Thomsen,Daniel Jay; O'Brien,Richard; Bogle,Jessica; Payne,Charles, Locally adaptable central security management in a heterogeneous network environment.
John E. Parsons, Jr. ; Bradley J. Graziadio ; Oshoma Momoh, Maintaining a first session on a first computing device and subsequently connecting to the first session via different computing devices and adapting the first session to conform to the different com.
Zavalkovsky,Arthur; Elfassy,Nitsan, Method and apparatus for communicating network quality of service policy information to a plurality of policy enforcement points.
McLaughlin Michael D. (San Jose CA) Signa John C. (Sunnyvale CA) Greicar Richard K. (Moss Beach CA) Taylor John M. (London GB2), Method and apparatus for display calibration and control.
Basani, Vijay R.; Mangiapudi, Krishna; Murach, Lynne M.; Karge, Leroy R.; Revsin, Vitaly S.; Bestavros, Azer; Crovella, Mark E.; LaRosa, Domenic J., Method and apparatus for reliable and scalable distribution of data files in distributed networks.
Chan, Shannon; Jensenworth, Gregory; Goertzel, Mario C.; Shah, Bharat; Swift, Michael M.; Ward, Richard B., Method and system for secure running of untrusted content.
Komuro Teruyoshi,JPX ; Osawa Yoshitomo,JPX ; Shima Hisato ; Asano Tomoyuki,JPX, Method and system for transferring information using an encryption mode indicator.
Lambert Howard Shelton,GBX ; Orchard James Ronald Lewis,GBX, Method for controlling access to electronically provided services and system for implementing such method.
Bala,Vasanth; Smith,Michael D., Method for protecting digital content from unauthorized use by automatically and dynamically integrating a content-protection agent.
Richard Patrick,CAX ; Csinger Andrew,CAX ; Knipe Bruce,CAX ; Woodward Bruce,CAX, Method of and apparatus for providing secure distributed directory services and public key infrastructure.
Hochberg,Avishai Haim; Marek,Toby Lyn; Cannon,David Maxwell; Martin,Howard Newton; Warren, Jr.,Donald Paul; Haye,Mark Alan, Method, system, and program for retention management and protection of stored objects.
Shamoon,Talal G.; Hill,Ralph D.; Radcliffe,Chris D.; Hwa,John P.; Sibert,W. Olin; Van Wie,David M., Methods and apparatus for persistent control and protection of content.
Beattie,Douglas D.; Creighton, Jr.,Neal Lewis; Bailey,Christopher T. M.; Remy,David L.; Hamandi,Hani, Methods and systems for automated authentication, processing and issuance of digital certificates.
Vahalia Uresh K. ; Gupta Uday ; Porat Betti ; Tzelnic Percy, Network file server sharing local caches of file access information in data processors assigned to respective file systems.
Takahashi Toshinari,JPX ; Nogami Hiroyasu,JPX, Software distribution system and software utilization scheme for improving security and user convenience.
Rusnak David J. ; Zientara John T., System and method for controlling access rights to and security of digital content in a distributed information system, e.g., Internet.
Carman David W. ; Balenson David M. ; Tajalli Homayoon ; Walker Stephen T., System and method for controlling access to a user secret using a key recovery field.
Richard R. Viets ; David G. Motes ; Paula Budig Greve ; Wayne W. Herberg, System and method for controlling access to documents stored on an internal network.
Viets, Richard R.; Motes, David G.; Greve, Paula Budig; Herberg, Wayne W., System and method for controlling access to documents stored on an internal network.
Olsen, Theis; Bundesen, Rune Windfeld; Hougaard, Claes Christian; Nordly, Trygve Thor, System and method for ensuring secure transfer of a document from a client of a network to a printer.
Kiessig,Rick; Yost,David A.; Mathon,John D., System and method for managing content with event driven actions to facilitate workflow and other features.
Sakurai Hiroshi (Tokyo JPX) Ikeda Nobuyuki (Tokyo JPX) Watabe Akehiro (Tokyo JPX), System and method for processing document information using password protected icons that represent document content.
Bess, Dwayne Lamarr; Brischke, Harold Allan; Keller, Andrew Charles; Wagner-Krankel, Dale Alan; Tijerina, Jacob Garza; Connolly, Jr., Billy Ray; O'Connor, Karen Ann; McDaniel, James William; Lewis, R, System and method of providing electronic access to one or more documents.
McDonnal William D. (Tigard OR) Lohstroh Shawn (Beaverton OR) Grawrock David (Aloha OR), System for automatic decryption of file data on a per-use basis and automatic re-encryption within context of multi-thre.
Bacha, Hamid; Carroll, Robert Bruce; Mirlas, Lev; Tchao, Sung Wei, System for electronic repository of data enforcing access control on data search and retrieval.
Riedel,Erik; Karamanolis,Christos; Kallahalla,Mahesh; Swaminathan,Ram, System for ensuring data privacy and user differentiation in a distributed file system.
Hahn Samuel S. ; LeGault Kenn ; Wheeler Maxon ; Degenhardt Jon R., System for organizing document icons with suggestions, folders, drawers, and cabinets.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for the secure transaction management and electronic rights protection.
Davis Mark Charles ; Gray Steve D. ; Kuehr-McLaren David Gerard ; Morrison Ian A. ; Shoriak Timothy G., Systems, methods and computer program products for authenticating client requests with client certificate information.
Bly Sara A. (Mountain View CA) Hodges Jeffrey D. (Newark CA) Kupfer Michael D. (Mountain View CA) Lewis Brian T. (Palo Alto CA) Tallan Michael L. (Mountain View CA) Tom Stephen B. (San Francisco CA), Updating local copy of shared data in a collaborative system.
Vainstein, Klimenty; Nath, Satyajit; Ouye, Michael Michio, Method and apparatus for transitioning between states of security policies used to secure electronic documents.
Vainstein, Klimenty; Nath, Satyajit; Ouye, Michael Michio, Method and apparatus for transitioning between states of security policies used to secure electronic documents.
Huang, Weiqing; Supramaniam, Senthilvasan; Vainstein, Klimenty, Method and system for implementing changes to security policies in a distributed security system.
Garcia, Denis Jacques Paul; Ouye, Michael Michio; Rossmann, Alain; Crocker, Steven Toye; Gilbertson, Eric; Huang, Weiqing; Humpich, Serge; Vainstein, Klimenty; Ryan, Nicholas Michael, Methods and systems for providing access control to secured data.
Garcia, Denis Jacques Paul; Ouye, Michael Michio; Rossmann, Alain; Crocker, Steven Toye; Gilbertson, Eric; Huang, Weiqing; Humpich, Serge; Vainstein, Klimenty; Ryan, Nicholas Michael, Methods and systems for providing access control to secured data.
Garcia, Denis Jacques Paul; Ouye, Michael Michio; Rossmann, Alain; Crocker, Steven Toye; Gilbertson, Eric; Huang, Weiqing; Humpich, Serge; Vainstein, Klimenty; Ryan, Nicholas Michael, Methods and systems for providing access control to secured data.
Garcia, Denis Jacques Paul; Ouye, Michael Michio; Rossmann, Alain; Crocker, Steven Toye; Gilbertson, Eric; Huang, Weiqing; Humpich, Serge; Vainstein, Klimenty; Ryan, Nicholas Michael, Methods and systems for providing access control to secured data.
O'Hare, Mark S.; Orsini, Rick L.; Bono, Stephen C.; Green, Matthew D.; Landau, Gabriel D.; Davenport, Roger S., Systems and methods for secure workgroup management and communication.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.