Cryptographically controlling access to documents
First Claim
1. A computer-readable medium having computer-executable instructions, which when executed perform actions, comprising:
- obtaining a document that includes encrypted data, the document including an identifier that identifies security data associated with the document, at least some of the security data being encrypted;
decrypting at least a portion of the security data to obtain an indication of an action that is authorized with respect to the document;
obtaining, from the security data, a key associated with the action;
using the key to perform the action.
2 Assignments
0 Petitions
Accused Products
Abstract
Aspects of the subject matter described herein relate to cryptographically controlling access to documents. In aspects, documents are encrypted to protect them from unauthorized access. A security principal seeking to access a document first obtains the document. The document includes an identifier that identifies security data associated with the document. The security data includes an encrypted portion that includes authorizations for security principals that have access to the document. A security principal having the appropriate key can decrypt its authorization in the security data to obtain one or more other keys that may be used to access the document. These other keys correspond to access rights that the security principal has with respect to the document.
-
Citations
20 Claims
-
1. A computer-readable medium having computer-executable instructions, which when executed perform actions, comprising:
-
obtaining a document that includes encrypted data, the document including an identifier that identifies security data associated with the document, at least some of the security data being encrypted; decrypting at least a portion of the security data to obtain an indication of an action that is authorized with respect to the document; obtaining, from the security data, a key associated with the action; using the key to perform the action. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method implemented at least in part by a computer, the method comprising:
-
receiving a request for document that includes encrypted data, the document including an identifier that identifies security data associated with the document, at least some of the security data being encrypted, the at least some of the security data that is encrypted indicating an action that is authorized with respect to accessing the document; and in response to the request, sending the document. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. In a computing environment, an apparatus, comprising:
-
a requesting component operable to request access to a document that includes an identifier that identifies security data associated with the document, at least some of the security data being encrypted, the security data indicating an action that is authorized with respect to the document; a document locator operable to determine a location of the document; and a cryptographic component operable to perform the action on the document. - View Dependent Claims (18, 19, 20)
-
Specification