Creating and Validating Cryptographically Secured Documents
First Claim
1. A computer-readable medium having computer-executable instructions, which when executed perform actions, comprising:
- obtaining a key related to creating documents in a first namespace;
creating a document in the first namespace, the document identifying an encrypted field relating to an entity that is authorized to create documents in a second namespace associated with the document; and
using the key to create indicia that indicates that the document was created by an entity having access to the key.
2 Assignments
0 Petitions
Accused Products
Abstract
Aspects of the subject matter described herein relate to creating and validating cryptographically secured documents. In aspects, documents are encrypted to protect them from unauthorized access. An entity having namespace ownership rights may create a document in an authorized namespace and sign the document with a private key. Other entities may validate that the document was created by an authorized namespace owner by using a public key available in security data associated with a parent document of the document. For a root document, the public key may be available from a directory service. A namespace owner may change the namespace owner(s) that are allowed to create children of a document.
34 Citations
20 Claims
-
1. A computer-readable medium having computer-executable instructions, which when executed perform actions, comprising:
-
obtaining a key related to creating documents in a first namespace; creating a document in the first namespace, the document identifying an encrypted field relating to an entity that is authorized to create documents in a second namespace associated with the document; and using the key to create indicia that indicates that the document was created by an entity having access to the key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method implemented at least in part by a computer, the method comprising:
-
obtaining a child document that includes a signature of an entity that created the child document, the signature being created with the use of a private key; obtaining a parent document, the parent document being a parent of the child document, the parent document associated with data that includes a field that authorizes an entity to create children of the parent document, the field being encrypted, the parent document also including a public key corresponding to the private key; obtaining the public key; and determining via the public key that the signature of the entity that created the document was created with the use of the private key. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. In a computing environment, an apparatus, comprising:
-
a document locator operable to determine a location of a parent document that includes encrypted data, the parent document identifying security data associated with the parent document, the security data including an encrypted field relating to an entity that is authorized to create children documents of the parent document; a cryptographic component operable to perform cryptographic operations; and an creating component operable to use the cryptographic component and the encrypted field to create a child document. - View Dependent Claims (19, 20)
-
Specification