Information security architecture for encrypting documents for remote access while maintaining access control

US 20020078361A1
Filed: 12/15/2000
Published: 06/20/2002
Est. Priority Date: 12/15/2000
Status: Active Grant

First Claim

Patent Images

1. A method of controlling distribution of a segment of encrypted electronic information, comprising:

receiving, from a key server, a protected decryption key associated with the segment;

retrieving, at a user location, the segment;

obtaining an unprotected copy of the decryption key from the protected decryption key;

decrypting, in response to said obtaining, the segment using the unprotected copy of the decryption key;

destroying the unprotected copy of the decryption key at the user location in response to said decrypting;

displaying the decrypted segment in response to said decrypting; and

destroying the decrypted segment in response to said displaying.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of controlling distribution of a segment of encrypted electronic information is presented. A key server receives a protected copy of a decryption key for the segment The segment is retrieved at a user location. The protected copy of the decryption key is accessed. In response to the accessing, the segment is decrypted using the accessed copy of the decryption key at the user location. The accessed copy of the decryption key is destroyed at the user location in response to the decrypting. The decrypted segment is displayed in response to the decrypting. The decrypted segment is destroyed in response to the displaying.

218 Citations

27 Claims

1. A method of controlling distribution of a segment of encrypted electronic information, comprising:
- receiving, from a key server, a protected decryption key associated with the segment;
  
  retrieving, at a user location, the segment;
  
  obtaining an unprotected copy of the decryption key from the protected decryption key;
  
  decrypting, in response to said obtaining, the segment using the unprotected copy of the decryption key;
  
  destroying the unprotected copy of the decryption key at the user location in response to said decrypting;
  
  displaying the decrypted segment in response to said decrypting; and
  
  destroying the decrypted segment in response to said displaying.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising:
    - saving, in response to said receiving, the protected decryption key;
      
      wherein said destroying the unprotected copy of the decryption key does not effect the unprotected copy of the decryption key.
  - 3. The method of claim 1, further comprising:
    - said receiving further comprising receiving at least one access policy associated with at least one of the key server, the user location, the segment, the decryption key, and a user, the at least one access policy including at least one fixed time limitation;
      
      said determining comprising determining whether current operating conditions, including the current time, satisfy the at least one access policy.
  - 4. The method of claim 1, further comprising:
    - saving, in response to said receiving, the protected decryption key in memory; and
      
      rendering the protected copy of the decryption key inaccessible after an expiration time in the at least one access policy.

5. A method for issuing a key lease, comprising:
- receiving, at a remote server, a request to lease a decryption key for an encrypted electronic segment;
  
  determining whether a key lease can be issued for the encrypted electronic information based on at least one of a remote server restriction, an information restriction, and a user restriction;
  
  creating a voucher in response to a determination that the key lease can be issued, said voucher including at least the decryption key, and at least one time limitation associated with the decryption key;
  
  encrypting at least the decryption key of the voucher; and
  
  sending the voucher to the user location.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 13, 14, 16, 18, 19, 20, 21)
- - 6. The method of claim 5, wherein said creating further comprises adding access policies associated with the information to the voucher.
  - 7. The method of claim 5, wherein said receiving further comprises receiving a requested time frame of use of the key lease, and wherein the at least one time limitation includes an expiration time based on at least one of a maximum allowed by the remote server, a maximum allowed by the information, a maximum allowed by user limitations, and the requested time frame.
  - 8. The method of claim 5, further comprising:
    - said encrypting utilizing a first information from the user location and a second information from the remote server; and
      
      said sending further comprises sending the second information to the user location;
      
      wherein the second information is insufficient in and of itself to decrypt the voucher.
  - 9. The method of claim 5, further comprising destroying the decryption key at the remote server after a predetermined period of time.
  - 10. The method of claim 5, further comprising:
    - logging said obtaining in a log; and
      
      sending, from the user location to a remote server, the log.
  - 11. The method of claim 10, further comprising logging a time of said obtaining in the log.
  - 13. The method of claim 12, further comprising:
    - displaying the accessed segment in response to said accessing; and
      
      destroying the accessed segment in response to said displaying.
  - 14. The method of claim 12, wherein the voucher includes access policies, the method further comprises:
    - determining, in response to said decrypting, whether operating parameters satisfy the access policies; and
      
      said accessing being responsive to said operating parameters being determined to satisfy the access policies;
      
      wherein said accessing is responsive to said decrypting through said determining.
  - 16. The method of claim 15, further comprising:
    - displaying the decrypted segment in response to said accessing; and
      
      destroying the decrypted segment in response to one of said displaying.
  - 18. The method of claim 17, further comprising restoring a connection between the user location and the remote server.
  - 19. The method of claim 18, further comprising revoking the key lease after said restoring.
  - 20. The method of claim 18, further comprising:
    - logging said obtaining in a log; and
      
      sending, after said restoring, the log from the user location to the remote server.
  - 21. The method of claim 20, further comprising detecting, at one of the user location and the remote server, from the contents of the log, any tampering at the user location relating to at least one of the key lease, the segment, and operating conditions at the user location.

12. A method of controlling distribution of electronic information, comprising:
- sending, from a user location to a key server, a request to access a protected segment, and a first information;
  
  receiving, at the user location from the key server, an encrypted voucher and a second information, said voucher including at least a decryption key associated with the segment;
  
  retrieving, at a user location, the segment;
  
  obtaining a decrypted copy of the decryption key using the first and second information;
  
  accessing, in response to said decrypting, the segment using the at least a portion of the voucher;
  
  destroying, in response to said accessing, the decrypted copy of the decryption key.

15. A method for controlling distribution of electronic information, comprising:
- retrieving, at a user location, a segment of encrypted electronic information;
  
  receiving, from a key server, an encrypted decryption key for the segment;
  
  saving said encrypted decryption key in a memory;
  
  obtaining a decrypted copy of the decryption key in response to an authorized user request to access the segment;
  
  accessing the segment using the decrypted copy of the decryption key at the user location for the segment; and
  
  destroying the decrypted copy of the decryption key at the user location in response to said accessing without destroying the encrypted decryption key in memory.

17. A method of accessing a protected segment of electronic information, the segment having an associated key, comprising:
- retrieving, at the user location, the segment;
  
  receiving, at the user location from the remote server, the key;
  
  accessing the segment, in response to said receiving, using the key;
  
  displaying the segment as accessed;
  
  destroying the key in response to one of said displaying and said accessing, wherein the key is never stored in memory at a user location between said receiving and said destroying;
  
  receiving, at the user location from the remote server, an encrypted key lease including the key;
  
  saving the encrypted key lease in a memory;
  
  breaking a connection between the user location and the remote server; and
  
  during a period of the broken connection;
  
  retrieving, at the user location, the segment;
  
  obtaining a decrypted copy of the key from the key lease;
  
  accessing the segment in response to said obtaining;
  
  displaying the segment as accessed; and
  
  destroying the decrypted copy of the key in response to one of said displaying and said accessing.

22. A method of viewing a segment of encrypted electronic information on a display, comprising:
- receiving, from a remote server, an encrypted decryption key for the segment;
  
  retrieving, at a user location, a segment of encrypted electronic information;
  
  first decrypting the encrypted decryption key in response to the presence of authorized conditions;
  
  second decrypting the segment using the decrypted decryption key;
  
  destroying, at the user location, all copies of the decrypted decryption key in response to said second decrypting, without destroying the encrypted decryption key;
  
  displaying the segment as decrypted on the display; and
  
  destroying, at the user location, the segment as decrypted in response to said displaying.
- View Dependent Claims (25, 27)
- - 25. The method of claim 24, further comprising preventing the source from storing the copy of the decryption key, wherein said destroying leaves said segment permanently inaccessible absent breaking of the encryption protecting of the segment.
  - 27. The method of claim 26, further comprising:
    - means for saving, in response to said receiving, said protected decryption key;
      
      wherein said means for destroying said unprotected copy of said decryption key does not effect said unprotected copy of said decryption key.

23. A method of controlling distribution of a segment of encrypted electronic information, the segment having a first and second portion, the method comprising:
- receiving, from a key server, an encrypted voucher, the voucher including first and second decryption keys associated with the first and second portions, respectively, retrieving, at a user location, the segment;
  
  accessing the protected copy of the first decryption key;
  
  decrypting, in response to said accessing, the first portion of the segment using the accessed copy of the first decryption key;
  
  destroying the accessed copy of the first decryption key at the user location in response to said decrypting;
  
  displaying the decrypted segment in response to one of said decrypting and said destroying;
  
  destroying the decrypted first portion in response to said displaying;
  
  accessing the protected copy of the second decryption key after said destroying the first decrypted segment; and
  
  decrypting, in response to said accessing the protected copy of the second decryption key, the second portion of the segment using the accessed copy of the second decryption key.

24. A method of limiting access to a segment of encrypted information, comprising:
- saving, at a remote server, a decryption key for the segment, the segment being at a location other than the remote server;
  
  receiving a request from an authorized user for the decryption key;
  
  sending a copy of the decryption key from the remote server to a source of the request;
  
  destroying the decryption key at the remote server in response to the elapse of a predetermined period of time.

26. A system for accessing a protected segment of electronic information, comprising:
- means for receiving, from a key server, a protected decryption key associated with said segment;
  
  means for retrieving, at a user location, said segment;
  
  means for obtaining an unprotected copy of said decryption key from said protected decryption key;
  
  means for decrypting, in response to said obtaining, said segment using said unprotected copy of said decryption key;
  
  means for destroying said unprotected copy of said decryption key at said user location in response to said decrypting;
  
  means for displaying said decrypted segment in response to said decrypting; and
  
  means for destroying said decrypted segment in response to said displaying.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
EMC Corporation (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Sharko, John, Giroux, David

Granted Patent

US 6,978,376 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/183
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/062   for key distribution, e.g. ...

H04L 63/068   using time-dependent keys, ...

H04L 63/10   for controlling access to d...

H04L 9/083   involving central third par...

H04L 9/088   Usage controlling of secret...

Information security architecture for encrypting documents for remote access while maintaining access control

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

218 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Information security architecture for encrypting documents for remote access while maintaining access control

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

218 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links