Method and systems for virtual file storage and encryption

US 10,516,674 B2
Filed: 02/10/2016
Issued: 12/24/2019
Est. Priority Date: 02/11/2015
Status: Active Grant

First Claim

Patent Images

1. A method for managing a non-transitory computer readable document file, the method comprising:

storing and accessing information relating to a business enterprise'"'"'s operations and structure for an access authorization to the computer readable document file;

saving the computer readable document file on a digital media storage database forming part of a host'"'"'s cloud storage system;

determining at least a first access permission level and a second access permission level for the computer readable document file;

identifying a first type of sensitive information and identifying a second type of sensitive information in the computer readable document file;

matching the first type of sensitive information in the computer readable document file with the first access permission level, and matching the second type of sensitive information in the computer readable document file with the second access permission level;

encrypting the identified first type of sensitive information, and encrypting the identified second type of sensitive information;

determining whether individuals meet a first plurality of threshold requirements for access to the computer readable document file at the first access permission level, and determining whether the individuals meet a second plurality of threshold requirements for access to the computer readable document file at the second access permission level;

if the individuals meet each of the first plurality of threshold requirements, then assigning the individuals the first access permission level to access the computer readable document file, and if the individuals meet each of the second plurality of threshold requirements, then assigning the individuals the second access permission level to access the computer readable document file; and

providing a first access key that is configured to provide the individuals that are assigned the first access permission level access to the first type of sensitive information in the computer readable document file, and providing a second access key that is configured to provide the individuals that are assigned the second access permission level access to the second type of sensitive information in the computer readable document file;

wherein the identifying of the first type of sensitive information or the second type of sensitive information in the computer readable document file is done via pre-programmed key-term identification.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention discloses an intelligent cloud server for cloud storage information management and encryption. In some embodiments, the intelligent cloud server can save and store documents without the need of first saving them in a local drive for upload. Upon storage, the document can be scanned and classified in a security level according to pre-determined settings and parameters. In some embodiments, depending on the classification, the system can encrypt portions of the document in order to facilitate the sharing and access of information in a secure way. Encryption keys and access to the encrypted portions are only provided upon authentication of the user, network, and/or need, according to corresponding protocols for the information.

Citations

17 Claims

1. A method for managing a non-transitory computer readable document file, the method comprising:
- storing and accessing information relating to a business enterprise'"'"'s operations and structure for an access authorization to the computer readable document file;
  
  saving the computer readable document file on a digital media storage database forming part of a host'"'"'s cloud storage system;
  
  determining at least a first access permission level and a second access permission level for the computer readable document file;
  
  identifying a first type of sensitive information and identifying a second type of sensitive information in the computer readable document file;
  
  matching the first type of sensitive information in the computer readable document file with the first access permission level, and matching the second type of sensitive information in the computer readable document file with the second access permission level;
  
  encrypting the identified first type of sensitive information, and encrypting the identified second type of sensitive information;
  
  determining whether individuals meet a first plurality of threshold requirements for access to the computer readable document file at the first access permission level, and determining whether the individuals meet a second plurality of threshold requirements for access to the computer readable document file at the second access permission level;
  
  if the individuals meet each of the first plurality of threshold requirements, then assigning the individuals the first access permission level to access the computer readable document file, and if the individuals meet each of the second plurality of threshold requirements, then assigning the individuals the second access permission level to access the computer readable document file; and
  
  providing a first access key that is configured to provide the individuals that are assigned the first access permission level access to the first type of sensitive information in the computer readable document file, and providing a second access key that is configured to provide the individuals that are assigned the second access permission level access to the second type of sensitive information in the computer readable document file;
  
  wherein the identifying of the first type of sensitive information or the second type of sensitive information in the computer readable document file is done via pre-programmed key-term identification.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, additionally comprising:
    - identifying third type of sensitive information in the computer readable document file;
      
      matching the third type of sensitive information in the computer readable document file with a permission level not matched for the first type of sensitive information or the second type of sensitive information;
      
      encrypting the identified third type of sensitive information in the computer readable document file; and
      
      providing a third access key for the encrypted third type of sensitive information to the individuals assigned with the matched access level for the third type of sensitive information.
  - 3. The method of claim 2, wherein one or more of the first plurality of threshold requirements is different from one or more of the second plurality of threshold requirements, one or more of the first plurality of threshold requirements is different from one or more of the third plurality of threshold requirements, and one or more of the second plurality of threshold requirements is different from one or more of the third plurality of threshold requirements, and wherein a number of the first plurality of threshold requirements is greater than a number of the second plurality of threshold requirements, and the number of the second plurality of threshold requirements is greater than a number of the third plurality of threshold requirements.
  - 4. The method of claim 3, wherein the first plurality of threshold requirements include i) that the individuals are active employees, ii) that the individuals are part of a business group that regularly uses information contained within the computer readable document file, iii) that the individuals are using a secure network, and iv) that the individuals are using an authorized device.
  - 5. The method of claim 4 wherein the second plurality of threshold requirements include i) that the individuals are employees or contractors, and ii) that the individuals are using a secure network.
  - 6. The method of claim 4 wherein the third plurality of threshold requirements includes i) that the individuals are employees, contractors, or affiliates, and ii) that the individuals are using a secure network.
  - 7. The method of claim 1, wherein the steps of encrypting comprise redacting sensitive information to prevent individuals who have been granted access to the computer readable document file but without the first or second access key from viewing the encrypted portions.
  - 8. The method of claim 7, additionally comprising:
    - segmenting the computer readable document file according to the encrypted identified first type or second type of sensitive information.
  - 9. The method of claim 1, additionally comprising:
    - duplicating data that excludes the identified first type or second type of sensitive information into a new document.
  - 10. The method of claim 1, wherein the identifying of the first type or second type of sensitive information in the computer readable document file is done via a pattern recognition algorithm.
  - 11. The method of claim 1, additionally comprising:
    - recording use of a provided access key;
      
      wherein the recorded use includes one or more of access time and date, duration of document access, device'"'"'s internet protocol address, device'"'"'s serial number, network location, and user.
  - 12. The method of claim 1, wherein one or more of the first plurality of threshold requirements is different from one or more of the second plurality of threshold requirements, and wherein a number of the first plurality of threshold requirements is greater than a number of the second plurality of threshold requirements.

13. A cloud based file management system comprising:
- an intelligent cloud server including a controller, the controller comprising a computer processor in digital communication with a digital media storage device and wherein the digital media storage device stores software code;
  
  a transmitter in logical communication with the intelligent cloud server and also in logical communication with a communication network, wherein the software is executable upon demand and operative with the processor to;
  
  store and access information relating to a business enterprise'"'"'s operations and structure for an access authorization to a computer readable document file;
  
  determine at least a first access permission level and a second access permission level;
  
  identify a first type of sensitive information and a second type of sensitive information in the computer readable document file;
  
  match the first type of sensitive information in the computer readable document file with the first access permission level, and match the second type of sensitive information in the computer readable document file with the second access permission level;
  
  encrypt the identified first type of sensitive information, and encrypt the identified second type of sensitive information;
  
  determine whether individuals meet a first plurality of threshold requirements for access to the computer readable document file at the first access permission level, and determine whether the individuals meet a second plurality of threshold requirements for the computer readable document file at the second access permission level;
  
  if the individuals meet each of the first plurality of threshold requirements, then assign the individuals the first access permission level to access the computer readable document file, and if the individuals meet each of the second plurality of threshold requirements, then assign the individuals the second access permission level to access the computer readable document file; and
  
  provide a first access key configured to provide the individuals that are assigned the first access permission level access to the first type of sensitive information in the computer readable document file, and provide a second access key that is configured to provide the individuals that are assigned the second access permission level access to the second type of sensitive information in the computer readable document file;
  
  wherein the identifying of the first type of sensitive information or the second type of sensitive information in the computer readable document file is done via pre-programmed key-term identification.
- View Dependent Claims (14, 15, 16)
- - 14. The cloud based file management system of claim 13, wherein the intelligent cloud server is additionally configured with the processor to:
    - identify a third type of sensitive information in the computer readable document file;
      
      match the third type of sensitive information in the computer readable document file with a permission level not matched for the first type or the second type of sensitive information;
      
      encrypt the identified third type of sensitive information in the computer readable document file; and
      
      provide a third access key for the encrypted third type of sensitive information to individuals assigned with the matched access level for the third type of sensitive information.
  - 15. The cloud based file management system of claim 14, wherein the intelligent cloud server is additionally configured with the processor to:
    - segment the computer readable document file according to the encrypted identified first type or second type of sensitive information.
  - 16. The cloud based file management system of claim 15, wherein the first type or second type of sensitive information in the computer readable document file is identified via a pattern recognition algorithm.

17. A method for managing a non-transitory computer readable document file, the method comprising:
- storing and accessing operational information relating to a operations and structure of an enterprise;
  
  saving the computer readable document file on a digital media storage database forming part of a host'"'"'s cloud storage system;
  
  determining, by the host'"'"'s cloud storage system, at least a first access permission level and a second access permission level for the computer readable document file;
  
  processing the operational information to assign individuals who have been granted access to the computer readable document file at least one of the first permission level and the second permission level;
  
  identifying a first type of sensitive information in the computer readable document file;
  
  matching the first type of sensitive information in the file with at least one of the at least first access permission level and the second access permission level;
  
  encrypting the identified first type of sensitive information; and
  
  transmitting an access key from the host'"'"'s cloud storage system to at least one of the individuals'"'"' computing devices, wherein the access key is configured to provide access to the individuals assigned with the one of the at least first access permission level and the second access permission level corresponding to the first type of sensitive information,wherein the identifying of the first type of sensitive information in the computer readable document file is done via pre-programmed key-term identification,wherein the assignment of the first access permission level or the second access permission level to a select individual is based on the select individual'"'"'s type and history of access to information in the computer readable document file by a group to which the select individual belongs, andwherein the transmission of the access occurs after the host'"'"'s clouds storage system verifies the select individual'"'"'s computing device communication network'"'"'s security upon receiving a request for access to the first type of sensitive information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
KeepitSafe, Inc. (Ziff Davis, Inc.)
Original Assignee
J2 Global Ip Limited
Inventors
Sayed, Saheeq, Kondzielewska, Karolina, Eikenberry, John
Primary Examiner(s)
Bayou, Yonas A

Application Number

US15/548,076
Publication Number

US 20180248887A1
Time in Patent Office

1,413 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6209   to a single file or object,...

G06F 21/6245   Protecting personal data, e...

H04L 63/0428   wherein the data content is...

H04L 63/105   Multiple levels of security

Method and systems for virtual file storage and encryption

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Method and systems for virtual file storage and encryption

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links