×

Method, apparatus and computer program product for securely sharing a content item

  • US 10,225,084 B1
  • Filed: 12/29/2015
  • Issued: 03/05/2019
  • Est. Priority Date: 12/29/2015
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method, comprising executing, on at least one processor, the steps of:

  • storing an encrypted content item on behalf of a first user;

    storing an identifier enabling identification of an encryption key used to encrypt the content item;

    storing a list comprising one or more other users trusted to access the encrypted content item;

    notifying a second user that the second user is trusted to access the encrypted content item;

    receiving an authentication request comprising information identifying the second user;

    in response to receiving the authentication request, performing an authentication operation in connection with the authentication request by authenticating the information identifying the second user;

    upon successful authentication of the second user, issuing an access token to the second user that grants access to the content item encrypted by the first user;

    receiving the access token from the second user;

    in response to receiving the access token, validating the access token to confirm that the second user has access to the content item encrypted by the first user;

    providing, by a content management server and to the second user, the encrypted content item and the identifier enabling identification of the encryption key used to encrypt the content item;

    receiving, from the second user, a request requesting a decryption key suitable for decrypting the encrypted content item, the request comprising the identifier enabling identification of the encryption key used to encrypt the content item;

    in response to receiving the request, utilizing the identifier to obtain the decryption key for decrypting the encrypted content item; and

    providing, by a key management server and to the second user, the decryption key for enabling the second user to decrypt the encrypted content item;

    wherein the content management server is separate to the key management server; and

    further wherein the second user will not be provided with all of the encrypted content item, the identifier and the decryption key by the content management server and the key management server until the access token is validated.

View all claims
  • 11 Assignments
Timeline View
Assignment View
    ×
    ×