Method and system for proxy approval of security changes for a file security system

US 20050086531A1
Filed: 10/20/2003
Published: 04/21/2005
Est. Priority Date: 10/20/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method for approving a security change for a file security system that secures electronic files, said method comprising:

receiving a requested security change from a requestor;

identifying a plurality of approvers to approve or disapprove of the requested security change;

notifying the approvers of an approval request for the requested security change;

determining whether the requested security change is approved based on responses from the approvers to the approval request; and

performing the requested security change when said determining determines that the requested security change has been approved.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for providing a file security system with an approval process to implement security changes are disclosed. The approval process can be substantially automated as well as configurable and/or flexible. The approval process can make use of a set of approvers that can approve or deny a security change. Different security changes can require the approval of different approvers. The approvers can also be arranged into groups of approvers, and such groups can make use of a hierarchical arrangement.

Citations

33 Claims

1. A method for approving a security change for a file security system that secures electronic files, said method comprising:
- receiving a requested security change from a requestor;
  
  identifying a plurality of approvers to approve or disapprove of the requested security change;
  
  notifying the approvers of an approval request for the requested security change;
  
  determining whether the requested security change is approved based on responses from the approvers to the approval request; and
  
  performing the requested security change when said determining determines that the requested security change has been approved.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. A method as recited in claim 1, wherein said notifying of the approvers is achieved by electronic mail.
  - 3. A method as recited in claim 2, wherein the responses from the approval group are provided as electronic mail.
  - 4. A method as recited in claim 1, wherein no one of the plurality of approvers can individually approve the requested security change.
  - 5. A method as recited in claim 1, wherein the plurality of approvers are arranged as a set or group.
  - 6. A method as recited in claim 1, wherein the plurality of approvers are arranged in a plurality of sets or groups, and wherein said determining requires approval from more than one of the plurality of sets or groups in order to determine that the requested security change is approved.
  - 7. A method as recited in claim 6, wherein the plurality of sets or groups are arranged in a hierarchy, and wherein progression to a next level in the hierarchy requires approval from the set or group associated with a current level.
  - 8. A method as recited in claim 1, wherein the plurality of approvers are users of the file security system.
  - 9. A method as recited in claim 1, wherein the plurality of approvers form a set of approvers, and wherein said determining determines that the requested security change is approved when a subset of the set of approvers approve the requested security change.
  - 10. A method as recited in claim 1, wherein the plurality of approvers identified by said identifying is dependent on the requested security change.
  - 11. A method as recited in claim 1, wherein the plurality of approvers identified by said identifying is dependent on the requester.
  - 12. A method as recited in claim 1, wherein said notifying operates to substantially simultaneously notify all of the approvers of the approval request for the requested security change.
  - 13. A method as recited in claim 1, wherein said notifying operates to substantially concurrently notify all of the approvers of the approval request for the requested security change.
  - 14. A method as recited in claim 1, wherein the electronic files secured by the file security system are electronic documents.

15. A file security system that restricts access to secured electronic documents, said file security system comprising:
- an access server that restricts access to the secured electronic documents; and
  
  an approval manager operatively connected to said access server, said approval manager operates a security change approval process to determine whether a requested security change is approved.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 16. A file security system as recited in claim 15, wherein said file security system has one or more system administrators, and wherein said approval manager operates the security change approval process without any interaction from the one or more system administrators.
  - 17. A file security system as recited in claim 15, wherein, in operating the security change approval process, a plurality of approvers are notified of the requested security change and asked to approve or disapprove the requested security change.
  - 18. A file security system as recited in claim 17, wherein the plurality of approvers are notified by notification electronic mail messages.
  - 19. A file security system as recited in claim 18, wherein the plurality of approvers approve or disapprove the requested security change using reply electronic mail messages.
  - 20. A file security system as recited in claim 19, wherein the reply electronic mail messages include a digital signature of the associated approver to verify authenticity.
  - 21. A file security system as recited in claim 17, wherein no one of the approvers can individually approve the requested security change.
  - 22. A file security system as recited in claim 17, wherein the plurality of approvers are arranged as a set or group.
  - 23. A file security system as recited in claim 17, wherein the plurality of approvers are arranged into a plurality of sets or groups, and wherein said approval manager requires approval from more than one of the plurality of sets or groups in order to determine that the requested security change is approved.
  - 24. A file security system as recited in claim 17, wherein the plurality of sets or groups are arranged in a hierarchy, and wherein progression to a next level in the hierarchy requires approval from the set or group associated with a current level.
  - 25. A file security system as recited in claim 17, wherein the approvers are users of the file security system.
  - 26. A file security system as recited in claim 17, wherein the plurality of approvers form a set of approvers, and wherein said approval manager determines that the requested security change is approved when a subset of the set of approvers approve the requested security change.
  - 27. A file security system as recited in claim 17, wherein said approval manager identifies the plurality of approvers dependent on the requested security change.
  - 28. A file security system as recited in claim 17, wherein said approval manager identifies the plurality of approvers dependent on the requestor.
  - 29. A file security system as recited in claim 15, wherein said file security system further comprises:
    - a key store operatively connected to said access server, said key store stores cryptographic keys used to gain access to the secured electronic documents.

30. A computer readable medium including at least computer program code for approving a security change for a file security system that secures electronic files, said computer readable medium comprising:
- computer program code for notifying a plurality of approvers of an approval request for the requested security change;
  
  computer program code for determining whether the requested security change is approved based on responses from the approvers to the approval request; and
  
  computer program code for performing the requested security change when said determining determines that the requested security change has been approved.
- View Dependent Claims (31, 32, 33)
- - 31. A computer readable medium as recited in claim 30, wherein said notifying of the approvers is achieved by electronic mail.
  - 32. A computer readable medium as recited in claim 31, wherein the responses from the approval group are electronic mail.
  - 33. A computer readable medium as recited in claim 30, wherein no one of the plurality of approvers can individually approve the requested security change.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intellectual Ventures I LLC (Intellectual Ventures LLC)
Original Assignee
PSS Systems, Inc. (International Business Machines Corporation)
Inventors
Kenrich, Michael Frederick

Application Number

US10/690,243
Publication Number

US 20050086531A1
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

G06F 21/604 Tools and structures for ma...

Method and system for proxy approval of security changes for a file security system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for proxy approval of security changes for a file security system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links