Data output method, system and apparatus
First Claim
1. A system comprising:
- an output device for outputting data onto a removable storage medium;
a first computing entity arranged to encrypt a first data set based on encryption parameters comprising public data of a trusted party and an encryption key string comprising a second data set that defines a policy for allowing the output of the first data set onto a said removable storage medium, the first computing entity being further arranged to output the encrypted first data set for the output device; and
a second computing entity associated with the trusted party and arranged when satisfied that said policy has been met, to output for the output device a decryption key for use in decrypting the encrypted first data set, the second computing entity being arranged to generate this decryption key in dependence on the encryption key string and private data related to said public data;
the output device being arranged to use the decryption key in decrypting the encrypted first data set.
1 Assignment
0 Petitions
Accused Products
Abstract
Data to be output to a removable storage medium is encrypted for sending to an output device by an encryption process based on encryption parameters comprising public data of a trusted party and an encryption key string comprising a policy for allowing the output of the data. The trusted party provides a decryption key to the output device but only after being satisfied that the policy has been met. The decryption key is generated in dependence on the encryption key string and private data of the trusted party. The output device uses the decryption key in decrypting the data to be output. Embodiments are provided that involve multiple policies and trusted parties.
-
Citations
40 Claims
-
1. A system comprising:
-
an output device for outputting data onto a removable storage medium;
a first computing entity arranged to encrypt a first data set based on encryption parameters comprising public data of a trusted party and an encryption key string comprising a second data set that defines a policy for allowing the output of the first data set onto a said removable storage medium, the first computing entity being further arranged to output the encrypted first data set for the output device; and
a second computing entity associated with the trusted party and arranged when satisfied that said policy has been met, to output for the output device a decryption key for use in decrypting the encrypted first data set, the second computing entity being arranged to generate this decryption key in dependence on the encryption key string and private data related to said public data;
the output device being arranged to use the decryption key in decrypting the encrypted first data set. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A data output method comprising the steps of:
-
(a) encrypting a first data set based on encryption parameters comprising public data of a trusted party and an encryption key string comprising a second data set that defines a policy for allowing the output of the first data set to a removable storage medium, (b) providing the encrypted first data set to an output device adapted to output data to a removable storage medium;
(c) at the trusted party checking that said policy has been satisfied and thereafter providing the output device with a decryption key for use in decrypting the encrypted first data set, this decryption key being generated in dependence on the encryption key string and private data related to said public data; and
(d) at the output device using the decryption key in decrypting the encrypted first data set and outputting the first data set to a removable recording medium. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A printing system comprising:
-
a printer;
a first computing entity arranged to encrypt a first data set based on encryption parameters comprising public data of a trusted party and an encryption key string comprising a second data set that defines a policy for allowing the printing of the first data set, the first computing entity being further arranged to output the encrypted first data set for the printer; and
a second computing entity associated with the trusted party and arranged when satisfied that said policy has been met, to output for the printer a decryption key for use in decrypting the encrypted first data set, the second computing entity being arranged to generate this decryption key in dependence on the encryption key string and private data related to said public data;
the printer being arranged to use the decryption key in decrypting the encrypted first data set. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. Printing apparatus including:
-
means for receiving both an encryption key string comprising policy data defining a policy for allowing the printing of payload data, and said payload encrypted based on encryption parameters comprising public data of a trusted party and said encryption key string;
means for providing the encryption key string to the trusted authority and for receiving back a decryption key; and
means for using the received decryption key in decrypting the encrypted payload data for printing. - View Dependent Claims (40)
-
Specification