Methods and systems for providing access control to secured data
First Claim
1. A method, comprising:
- determining, by a server device, whether an old key associated with a user should be updated;
generating, by the server device, based on determining that the old key should be updated, a new key using a cipher to replace the old key;
encrypting the new key using credential information of the user;
receiving a request from the user to access a secured document that is secured using the old key;
decrypting, by the server device, at least a portion of the secured document using the old key in response to receiving the request;
encrypting, by the server device, the at least a portion of the secured document using the new key in response to receiving the request; and
upon authorizing the user to access the new key at the server, transmitting, by the server device, the new key to a client device of the user, wherein the new key enables the user to access the requested secured document.
0 Assignments
0 Petitions
Accused Products
Abstract
In a system for providing access control management to electronic data, techniques to secure the electronic data and keep the electronic data secured at all times are disclosed. According to one embodiment, a secured file or secured document includes two parts: an attachment, referred to as a header, and an encrypted document or data portion. The header includes security information that points to or includes the access rules and a file key. The access rules facilitate restrictive access to the secured document and essentially determine who/when/how/where the secured document can be accessed. The file key is used to encrypt/decrypt the encrypted data portion. Only those who have the proper access privileges are permitted to retrieve the file key to encrypt/decrypt the encrypted data portion.
-
Citations
20 Claims
-
1. A method, comprising:
-
determining, by a server device, whether an old key associated with a user should be updated; generating, by the server device, based on determining that the old key should be updated, a new key using a cipher to replace the old key; encrypting the new key using credential information of the user; receiving a request from the user to access a secured document that is secured using the old key; decrypting, by the server device, at least a portion of the secured document using the old key in response to receiving the request; encrypting, by the server device, the at least a portion of the secured document using the new key in response to receiving the request; and upon authorizing the user to access the new key at the server, transmitting, by the server device, the new key to a client device of the user, wherein the new key enables the user to access the requested secured document. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A non-transitory computer-readable medium having stored thereon executable program instructions, execution of which by a computing device causes the computing device to perform operations comprising:
-
determining, by a server device, whether an old key associated with a user should be updated; generating, by the server device, based on determining that the old should be updated, a new key using a cipher to replace the old key; encrypting the new key using credential information of the user; subsequently receiving a request from the user to access a secured document that is secured using the old key; decrypting, by the server device, at least a portion of the secured document using the old key in response to receiving the request; encrypting, by the server device, the at least a portion of the secured document using the new key in response to receiving the request; and upon authorizing the user to access the new key at the server, transmitting, by the server device, the new key to a client device of the user, wherein the new key enables the user to access the requested secured document. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system, comprising:
-
a server device; a key manager, implemented on the server device, configured to; determine whether an old key associated with a user should be updated; generate, based on determining that the old key should be updated, a new key using a cipher to replace the old key; encrypt the new key using credential information of the user; subsequently receive a request from the user to access a secured document that is secured using the old key; decrypt at least a portion of the secured document using the old key in response to receiving the request; encrypt the at least a portion of the secured document using the new key in response to receiving the request; and upon the server device authorizing the user to access the new key at the server, transmit the new key to a client device of the user, wherein the new key enables the user to access the requested secured document.
-
Specification