Object access level
First Claim
1. A system for regulating access to information of different levels of sensitivity, the system comprising:
- an input configured to receive authentication information from a user; and
a processor configured to;
produce a first token key;
encrypt a read-write portion of a first cryptographic key associated with a first sensitivity level using the first token key;
encrypt the first token key using first authentication information associated with the first sensitivity level;
produce a second token key by applying a one-way function to the first token key;
encrypt a read-write portion of a second cryptographic key associated with a second sensitivity level using the first token key, the second sensitivity level being lower than the first sensitivity level; and
encrypt the second token key using second authentication information associated with the second sensitivity level.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for regulating access to information of different levels of sensitivity includes an input configured to receive authentication information from a user, and a processor configured to: produce a first token key; encrypt a read-write portion of a first cryptographic key associated with a first sensitivity level using the first token key; encrypt the first token key using first authentication information associated with the first sensitivity level; produce a second token key by applying a one-way function to the first token key; encrypt a read-write portion of a second cryptographic key associated with a second sensitivity level using the first token key, the second sensitivity level being lower than the first sensitivity level; and encrypt the second token key using second authentication information associated with the second sensitivity level.
62 Citations
14 Claims
-
1. A system for regulating access to information of different levels of sensitivity, the system comprising:
-
an input configured to receive authentication information from a user; and
a processor configured to;
produce a first token key;
encrypt a read-write portion of a first cryptographic key associated with a first sensitivity level using the first token key;
encrypt the first token key using first authentication information associated with the first sensitivity level;
produce a second token key by applying a one-way function to the first token key;
encrypt a read-write portion of a second cryptographic key associated with a second sensitivity level using the first token key, the second sensitivity level being lower than the first sensitivity level; and
encrypt the second token key using second authentication information associated with the second sensitivity level. - View Dependent Claims (2, 3)
-
-
4. A computer program product for regulating access to information of different levels of sensitivity, the computer program product comprising computer-readable instructions configured to cause a computer to:
-
receive authentication information from a user;
produce a first token key;
encrypt a read-write portion of a first cryptographic key associated with a first sensitivity level using the first token key;
encrypt the first token key using first authentication information associated with the first sensitivity level;
produce a second token key by applying a one-way function to the first token key;
encrypt a read-write portion of a second cryptographic key associated with a second sensitivity level using the first token key, the second sensitivity level being lower than the first sensitivity level; and
encrypt the second token key using second authentication information associated with the second sensitivity level. - View Dependent Claims (5, 6)
-
-
7. A method of controlling access to sensitive information, the method comprising:
-
obtaining a first token key;
receiving first authentication information associated with a first sensitivity level and second authentication information associated with a second sensitivity level that is lower than the first sensitivity level and thus indicative of less-sensitive information;
encrypting a read-write portion of a first cryptographic key associated with the first sensitivity level using the first token key;
encrypting the first token key using the first authentication information;
producing a second token key by applying a first one-way function to the first token key;
encrypting a read-write portion of a second cryptographic key associated with a second sensitivity level using the first token key; and
encrypting the second token key using second authentication information associated with the second sensitivity level. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
-
Specification