Clearance-based method for dynamically configuring encryption strength
First Claim
1. A method for configuring encryption strengths for data, comprising the steps of:
- (a) providing a piece of the data with a sensitivity level;
(b) authenticating a remote user with a clearance level for accessing the data;
(c) selecting an encryption strength for the piece of the data based on the clearance level of the remote user, if the clearance level of the remote user allows access to the piece of the data with the sensitivity level;
(d) encrypting the piece of the data; and
(e) providing access to the encrypted piece of the data to the remote user.
1 Assignment
0 Petitions
Accused Products
Abstract
The method for configuring encryption strengths for data includes: providing a piece of the data with a sensitivity level; authenticating a remote user with a clearance level for accessing the data; selecting an encryption strength for the piece of the data based on the clearance level of the remote user, if the clearance level of the remote user allows access to the piece of the data with the sensitivity level; encrypting the piece of the data; and providing access to the encrypted piece of the data to the remote user. Remote users have varying levels of clearance to access data. Data is assigned varying sensitivity levels. Each clearance level allows the remote user to access data at that sensitivity level or below. The strength of the data encryption is based upon the remote user'"'"'s clearance level or a requested session sensitivity level. Access control to data is thus more flexible.
-
Citations
38 Claims
-
1. A method for configuring encryption strengths for data, comprising the steps of:
-
(a) providing a piece of the data with a sensitivity level;
(b) authenticating a remote user with a clearance level for accessing the data;
(c) selecting an encryption strength for the piece of the data based on the clearance level of the remote user, if the clearance level of the remote user allows access to the piece of the data with the sensitivity level;
(d) encrypting the piece of the data; and
(e) providing access to the encrypted piece of the data to the remote user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for configuring encryption strengths for data, comprising the steps of:
-
(a) providing a piece of the data with a sensitivity level;
(b) authenticating a remote user with a clearance level for accessing the data;
(c) receiving a request from the remote user for access to the piece of data;
(d) determining if the clearance level of the remote user allows access to the piece of data with the sensitivity level;
(e) selecting an encryption strength for the piece of data based on the clearance level of the remote user, if the clearance level of the remote user allows access to the piece of data with the sensitivity level;
(f) encrypting the piece of the data; and
(g) providing access to the encrypted piece of the data to the remote user. - View Dependent Claims (12, 13, 14, 16, 17, 18, 19)
-
-
15. A method for configuring encryption strengths for data, comprising the steps of:
-
(a) providing the data, wherein each piece of the data has one of a plurality of sensitivity levels;
(b) receiving a clearance level assigned to a remote user for accessing the data and a request for a session sensitivity level;
(c) authenticating the remote user and validating the session sensitivity level;
(d) determining pieces of the data with sensitivity levels at or below the session sensitivity level to which the clearance level allows the remote user to access; and
(e) selecting an encryption strength for the pieces of the data based on the session sensitivity level;
(f) encrypting the pieces of the data; and
(g) providing access to the encrypted pieces of the data to the remote user.
-
-
20. A computer readable medium with program instructions for configuring encryption strengths for data, comprising the instructions for:
-
(a) providing a piece of the data with a sensitivity level;
(b) authenticating a remote user with a clearance level for accessing the data;
(c) selecting an encryption strength for the piece of the data based on the clearance level of the remote user, if the clearance level of the remote user allows access to the piece of the data with the sensitivity level;
(d) encrypting the piece of the data; and
(e) providing access to the encrypted piece of the data to the remote user. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A computer readable medium with program instructions for configuring encryption strengths for data, comprising the instructions for:
-
(a) providing a piece of the data with a sensitivity level;
(b) authenticating a remote user with a clearance level for accessing the data;
(c) receiving a request from the remote user for access to the piece of data;
(d) determining if the clearance level of the remote user allows access to the piece of data with the sensitivity level;
(e) selecting an encryption strength for the piece of data based on the clearance level of the remote user, if the clearance level of the remote user allows access to the piece of data with the sensitivity level;
(f) encrypting the piece of the data; and
(g) providing access to the encrypted piece of the data to the remote user. - View Dependent Claims (31, 32, 33, 35, 36, 37, 38)
-
-
34. A computer readable medium with program instructions for configuring encryption strengths for data, comprising the instructions for:
-
(a) providing the data, wherein each piece of the data has one of a plurality of sensitivity levels;
(b) receiving a clearance level assigned to a remote user for accessing the data and a request for a session sensitivity level;
(c) authenticating the remote user and validating the session sensitivity level;
(d) determining pieces of the data with sensitivity levels at or below the session sensitivity level to which the clearance level allows the remote user to access; and
(e) selecting an encryption strength for the pieces of the data based on the session sensitivity level;
(f) encrypting the pieces of the data; and
(g) providing access to the encrypted pieces of the data to the remote user.
-
Specification