Securing information in a design collaboration and trading partner environment

US 20030065792A1
Filed: 09/28/2001
Published: 04/03/2003
Est. Priority Date: 09/28/2001
Status: Abandoned Application

First Claim

Patent Images

1. A method for controlling access to sensitive information, including storing an object securely at an object storage location logically remote from the location of the owner of said object;

receiving a request for access to said object from a requester;

authenticating said requestor at a location logically remote from the location where said object is stored; and

granting access to said object.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention provides a method and system for providing distributed, secure access to sensitive information. An owner of a data object causes the object to be placed at a secure location logically remote to the owner. The object resides in an electronic vault which itself resides in a protected workspace. A trading partner may be given access to both the workspace and the vault through a decentralized authentication process using an access control entity. Upon determining that the trading partner should be given access to the object, the access control entity provides the trading partner access to the vault and the object. At the discretion of the object owner, attempting to access the object may trigger a Nondisclosure Agreement or other administrative task to be completed prior to granting access to the object. Data relating to access and attempts to access protected objects are recorded in a computerized log.

Citations

32 Claims

1. A method for controlling access to sensitive information, including storing an object securely at an object storage location logically remote from the location of the owner of said object;
- receiving a request for access to said object from a requester;
  
  authenticating said requestor at a location logically remote from the location where said object is stored; and
  
  granting access to said object.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein said storing further includes placing said object in an electronic vault;
    - and placing said vault in a workspace
  - 3. The method of claim 2, wherein said electronic vault is a secure area within a computer system and access is limited only to those authorized.
  - 4. The method of claim 2, wherein said workspace is a secure area within a computer system limiting access to only those authorized.
  - 5. The method of claim 1, wherein said receiving includes an attempt by said requestor to access said object, wherein said attempt causes said requester to be redirected to an access control entity.
  - 6. The method of claim 1, wherein said authenticating further includes transferring authentication control to an access control entity;
    - determining the authentication status of said requestor;
      
      obtaining a confidentiality agreement from said requester; and
      
      providing said status to said object storage location.
  - 7. The method of claim 6, wherein said access control entity is logically remote from said object storage location.
  - 8. The method of claim 6, wherein said access control entity controls access to said object storage location.
  - 9. The method of claim 6, wherein said transferring includes opening a communications path from said access control entity to said requester.
  - 10. The method of claim 6, wherein said determining includes said requestor proving their identity to said access control entity in a previously agreed manner.
  - 11. The method of claim 6, wherein said obtaining includes said requestor agreeing to the terms of a nondisclosure agreement before access to said object is granted.
  - 12. The method of claim 11, wherein said nondisclosure agreement is executed by someone other than said requestor at the request of said requestor through an electronic interchange.
  - 13. The method of claim 6, wherein said providing includes recording a data log relating to the access requested by said requester.
  - 14. The method of claim 1, wherein said granting includes unlocking access to a workspace.

15. The method of 14, wherein said granting further includes unlocking access to a vault.
- View Dependent Claims (16)
- - 16. The method of claim 15, wherein said granting further includes recording data relating to the access granted to said requester.

17. An apparatus for controlling access to sensitive information, including means for storing an object securely at an object storage location logically remote from the location of the owner of said object;
- means for receiving a request for access to said object from a requestor;
  
  means for authenticating said requestor at a location logically remote from the location where said object is stored; and
  
  means for granting access to said object.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 18. The apparatus of claim 17, wherein said means for storing further includes means for placing said object in an electronic vault;
    - and means for placing said vault in a workspace.
  - 19. The apparatus of claim 18, wherein said electronic vault is a secure area within a computer system limiting access to only those authorized.
  - 20. The apparatus of claim 18, wherein said workspace is a secure area within a computer system limiting access to only those authorized.
  - 21. The apparatus of claim 17, wherein said means for receiving includes means for redirecting said requestor to an access control entity upon attempting to access said object.
  - 22. The apparatus of claim 17, wherein said means for authenticating further includes means for transferring authentication control to an access control entity;
    - means for determining the authentication status of said requestor;
      
      means for obtaining a confidentiality agreement from said requester; and
      
      means for providing said status to said object storage location.
  - 23. The apparatus of claim 22, wherein said access control entity is logically remote from said object storage location.
  - 24. The apparatus of claim 22, wherein said access control entity includes means for controlling access to said object storage location.
  - 25. The apparatus of claim 22, wherein said means for transferring includes means for opening a communications path from said access control entity to said requestor.
  - 26. The apparatus of claim 22, wherein said means for determining includes means for said requester proving their identity to said access control entity in a previously agreed manner.
  - 27. The apparatus of claim 22, wherein said means for obtaining includes means for said requestor agreeing to the terms of a nondisclosure agreement before access to said object is granted.
  - 28. The apparatus of claim 27, wherein said nondisclosure agreement is executed by someone other than said requester at the request of said requestor through an electronic interchange.
  - 29. The apparatus of claim 22, wherein said means for providing includes means for recording a data log detailing the access requested by said requestor.
  - 30. The apparatus of claim 17, wherein said means for granting includes means for unlocking access to a workspace.

31. The apparatus of 30, wherein said means for granting further includes means for unlocking access to a vault.
- View Dependent Claims (32)
- - 32. The apparatus of claim 31, wherein said means for granting further includes means for recording data relating to the access granted to said requestor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
E2open Incorporated (E2open Parent Holdings, Inc.)
Original Assignee
E2open Incorporated (E2open Parent Holdings, Inc.)
Inventors
Clark, Gregory Scott

Application Number

US09/967,907
Publication Number

US 20030065792A1
Time in Patent Office

Days
Field of Search
US Class Current

709/229
CPC Class Codes

G06Q 10/10   Office automation; Time man...

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 63/126   the source of the received ...

Securing information in a design collaboration and trading partner environment

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Securing information in a design collaboration and trading partner environment

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links