System and method for controlling the disposition of computer-based objects
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-017/30
G06F-021/10
G06Q-040/00
출원번호
US-0031136
(2008-02-14)
등록번호
US-9928349
(2018-03-27)
발명자
/ 주소
Bantz, David F.
Caceres, Ramon
Chefalas, Thomas E.
Jalan, Srikant
Mastrianni, Steven J.
Pickover, Clifford A.
출원인 / 주소
International Business Machines Corporation
대리인 / 주소
Ryan, Mason & Lewis, LLP
인용정보
피인용 횟수 :
1인용 특허 :
34
초록▼
A secure object manager obtains, from an authorized person, a specification for disposition of at least one object, and creates first instructions, pertaining to the disposition, for a remote secure-object agent on a remote system. A copy of the object and the first instructions are sent to a remote
A secure object manager obtains, from an authorized person, a specification for disposition of at least one object, and creates first instructions, pertaining to the disposition, for a remote secure-object agent on a remote system. A copy of the object and the first instructions are sent to a remote secure-object agent on a remote system, which controls the copy based on the first instructions.
대표청구항▼
1. A method for controlling disposition of at least one computer-based object, said method comprising the steps of: obtaining, by at least one processing device of a secure centralized object manager server, from a person authorized to specify said disposition of said at least one computer-based obj
1. A method for controlling disposition of at least one computer-based object, said method comprising the steps of: obtaining, by at least one processing device of a secure centralized object manager server, from a person authorized to specify said disposition of said at least one computer-based object, a specification of such disposition;creating, with at least one processing device of said secure centralized object manager server, first instructions to be evaluated by a remote secure-object agent on a remote system, wherein said first instructions (i) pertain to said disposition of said at least one computer-based object, and (ii) specify whether redistribution of said at least one computer-based object by said remote secure-object agent is allowed; andfacilitating sending a copy of said computer-based object and said first instructions to said remote secure-object agent on said remote system, wherein said remote secure-object agent evaluates a request to redistribute said at least one computer-based object to one or more of an insecure open object manager that is distinct from said remote secure-object agent and an additional remote secure-object agent on a second remote system by comparing said request to redistribute to said first instructions specifying whether said redistribution of said at least one computer-based object by said remote secure-object agent is allowed. 2. The method of claim 1, wherein said obtaining step comprises obtaining a selection of an action to be performed on said at least one computer-based object, said specification of said disposition being obtained in association with said action. 3. The method of claim 2, wherein said obtaining said selection of said action comprises presenting, to said person, at least choices for redistributing and withdrawing said computer-based object. 4. The method of claim 3, wherein said redistributing comprises at least one of unlimited redistributing, redistributing subject to originator notification, redistributing subject to a limited lifetime, redistributing subject to logging of actions performed on said copy of said computer-based object, and redistributing subject to time-changing access rules. 5. The method of claim 3, further comprising the additional steps of: obtaining, from said person, selection of said redistributing choice; andresponsive to said selection of said redistributing choice, offering said person choices for said specification of said disposition, said choices comprising at least preventing further distribution, specifying a lifetime for said copy, and specifying recipients for said copy. 6. The method of claim 5, wherein said choices further comprise permission to save to disk, permission to print, permission to perform at least one of extending and defeating expiration time-out, permission to edit, permission to index, permission to read, and permission to delete. 7. The method of claim 3, further comprising the additional steps of: obtaining, from said person, selection of said withdrawing choice; andresponsive to said selection of said withdrawing choice, facilitating destruction of all transmitted copies of said computer-based object. 8. The method of claim 1, further comprising the additional step of verifying receipt of said copy of said computer-based object and said first instructions by said remote secure-object agent on said remote system. 9. The method of claim 1, further comprising the additional step of controlling said copy of said remote system, based on said first instructions. 10. The method of claim 9, wherein said controlling comprises: obtaining, by said secure object agent, from a recipient of said copy, a specification of putative further disposition of said copy;comparing, by said secure object agent, said specification of said putative further disposition, to said first instructions; andresponsive to said comparing indicating that said putative further disposition of said copy is not permitted by said first instructions, awaiting alternative specification from said recipient. 11. The method of claim 10, further comprising the additional steps of: obtaining, by said secure object agent, from said recipient of said copy, said alternative specification;comparing, by said secure object agent, said alternative specification to said first instructions; andresponsive to said comparing indicating that said alternative specification is permitted by said first instructions, carrying out said alternative specification. 12. The method of claim 10, wherein said specification of putative further disposition comprises putative redistribution of said copy of said computer-based object to an open object manager. 13. The method of claim 10, wherein said specification of putative further disposition comprises putative redistribution of said copy of said computer-based object to a further secure object agent on a further remote system, further comprising the additional step of prompting said recipient whether said first instructions are to be modified for said redistribution to said further secure object agent on said further remote system. 14. The method of claim 9, wherein said obtaining, creating and facilitating occur substantially at an originating system, further comprising the additional steps of: encrypting said copy of said computer-based object and said first instructions at said originating system; anddecrypting said copy of said computer-based object and said first instructions at said remote system. 15. A method for controlling disposition of at least one copy of a computer-based object, said method comprising the steps of: obtaining, by at least one processing device of a secure object agent from a remote secure object manager, a copy of said computer-based object together with first instructions, said first instructions specifying allowable disposition of said copy;obtaining, by at least one processing device of said secure object agent, from a recipient of said copy, a specification of putative further disposition of said copy;comparing, by at least one processing device of said secure object agent, said specification of said putative further disposition, to said first instructions; andresponsive to said comparing indicating that said putative further disposition of said copy is not permitted by said first instructions, awaiting alternative specification from said recipient. 16. The method of claim 15, further comprising the additional steps of: obtaining, by said secure object agent, from said recipient of said copy, said alternative specification;comparing, by said secure object agent, said alternative specification to said first instructions; andresponsive to said comparing indicating that said alternative specification is permitted by said first instructions, carrying out said alternative specification. 17. The method of claim 15, wherein said specification of putative further disposition comprises putative redistribution of said copy of said computer-based object to an open object manager. 18. The method of claim 15, wherein said specification of putative further disposition comprises putative redistribution of said copy of said computer-based object to a further secure object agent on a further remote system, further comprising the additional step of prompting said recipient whether said first instructions are to be modified for said redistribution to said further secure object agent on said further remote system. 19. The method of claim 15, wherein said first instructions further specify at least one action to be taken subsequent to obtaining said instructions, further comprising the additional step of performing said at least one action. 20. The method of claim 19, wherein said at least one action comprises checking a lifetime of said copy of said computer-based object. 21. A method of providing a service for controlling disposition of at least one computer-based object, said method comprising the steps of: obtaining, by at least one processing device of a service provider, from a person authorized to specify said disposition of said at least one object, a copy of said computer-based object and first instructions pertaining to said disposition, wherein said first instructions specify whether redistribution of said at least one computer-based object by a remote secure-object agent is allowed;facilitating, by at least one processing device of said service provider, receipt of requests for access to said copy by one or more of an insecure open object manager that is distinct from said service provider and an additional remote secure-object agent on a remote system, said copy residing on a server;comparing, by at least one processing device of said service provider, said requests for access to said first instructions specifying whether said redistribution of said at least one computer-based object by said remote secure-object agent is allowed;performing, by said service provider, at least one of granting and denying said requests for access to said copy, in accordance with said comparison of said specification of said disposition to said first instructions; andcharging a fee for said service. 22. The method of claim 21, wherein said fee comprises at least one of a flat fee and a fee based on usage of said server. 23. A computer program product comprising a non-transitory computer useable medium including computer usable program code for controlling disposition of at least one computer-based object, said computer program product including: computer usable program code for obtaining, by at least one processing device of a secure centralized object manager server, from a person authorized to specify said disposition of said at least one computer-based object, a specification of such disposition;computer usable program code for creating, with at least one processing device of said secure centralized object manager server, first instructions to be evaluated by a remote secure-object agent on a remote system, wherein said first instructions (i) pertain to said disposition of said at least one computer-based object, and (ii) specify whether redistribution of said at least one computer-based object by said remote secure-object agent is allowed; andcomputer usable program code for facilitating sending a copy of said computer-based object and said first instructions to said remote secure-object agent on said remote system, wherein said remote secure-object agent evaluates a request to redistribute said at least one computer-based object to one or more of an insecure open object manager that is distinct from said remote secure-object agent and an additional remote secure-object agent on a second remote system by comparing said request to redistribute to said first instructions specifying whether said redistribution of said at least one computer-based object by said remote secure-object agent is allowed. 24. The computer program product of claim 23, further comprising computer usable program code for controlling said copy of at said remote system, based on said first instructions. 25. A computer program product comprising a non-transitory computer useable medium including computer usable program code for controlling disposition of at least one copy of a computer-based object, said computer program product including: computer usable program code for obtaining, by at least one processing device of a secure object agent from a remote secure object manager, a copy of said computer-based object together with first instructions, said first instructions specifying allowable disposition of said copy;computer usable program code for obtaining, by at least one processing device of said secure object agent, from a recipient of said copy, a specification of putative further disposition of said copy;computer usable program code for comparing, by at least one processing device of said secure object agent, said specification of said putative further disposition, to said first instructions; andcomputer usable program code for responsive to said comparing indicating that said putative further disposition of said copy is not permitted by said first instructions, awaiting alternative specification from said recipient.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (34)
Robertson, Don; Amiel, Meir; Spivak, Victor, Automatic detection and redistribution of content management code.
Ali Seifu ; Burket Thomas G. ; Hu Tawei ; Kozina Gerald Edward ; Lee Thomas S., Distributed storage management system having a cache server and method therefor.
Kessler, Carl Shawn; Lanfranchi, Giovanni; Lindquist, David Bruce; Rajaraman, Bala, Distribution of software based on scheduled time to deploy software dynamic resource state of systems involved in deployment of software and based upon environmental conditions.
Jhingan,Nikhil; Vasnani,Vinod U.; Lim,Chee Siang; Arora,Neeraj; Rao,E. Vijay; Mongia,Amit, Methods and systems for email attachment distribution and management.
Komine, Hiroaki; Yokoshi, Noriyuki; Ikeda, Kazuaki; Naka, Tsuyoshi; Nakamura, Toshiharu, Object management system and data processing system with centralized mechanism for managing containment relationships among objects.
Aronberg David B. ; Goldman Dov J. ; Spiro Peter A., System and method for software distribution and desktop management in a computer network environment.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.