Security Enhanced Data Platform
First Claim
1. A security enhanced data platform method recorded on computer-readable medium and capable of execution by a computer, said method comprising the steps of:
- providing a main computer operating system;
customizing the computer operating system'"'"'s kernel;
replacing the computer operating system'"'"'s kernel and core utilities with a multi-level access control system;
providing an email and messaging server as the host for sending and receiving messages;
allowing automation of email retention in compliance with a document retention policy;
providing a primary subsystem;
said primary subsystem is a document management system;
providing a set of client side tools to specify classifications and compartments for selected areas of a document;
separating document data from document metadata;
allowing encrypted documents to be stored and the information about those documents to be stored in a database;
allowing for quick look up and access of secured documents;
providing a way to save the document in the format required by the system in order to allow the system to enforce the rules and privileges dictated to the system;
monitoring and recording all activity within the primary subsystem;
recording all changes to a document and making said document available for audit;
providing one or more supporting subsystems;
a first second subsystem is a security enhanced database management system;
integrating said security enhanced database management system with the multi-level access control system.securing data in the database as a whole, the tables in the database, the columns in the table, the rows in a table, or the individual cells of a database table;
a second subsystem is a user authentication and authorization system;
offering native enhanced security by enforcing privileges specified by the user authentication and authorization system;
a third subsystem is a workflow engine;
providing a runtime workflow engine used to route documents and data through a user defined approval process for actions on the documents or data;
a fourth subsystem is a secure two-factor authentication system;
providing a secure two-factor authentication sub-system adding an additional authentication mechanism;
a fifth subsystem is a cryptographic engine; and
providing data protection, data authentication, user authentication and vetting, and communications protection and authentication.
0 Assignments
0 Petitions
Accused Products
Abstract
The security enhanced data platform is comprised of two primary subsystems and a host of supporting subsystems. The first primary subsystem is a document management system. A set of client side tools provides the user a way to specify classifications and compartments for selected areas of a document, and a way to save the document in the format required by the system in order to allow the system to enforce the rules and privileges dictated to the system. The second subsystem is a security enhanced database management system. In documents the system allows different user privilege requirements on the document as a whole as well as on pages, paragraphs, sentences, words, and/or letters of a word. A history of document changes is maintained to provide an audit trail after the fact of who did what changes, where those changes were made and when those changes were made.
61 Citations
20 Claims
-
1. A security enhanced data platform method recorded on computer-readable medium and capable of execution by a computer, said method comprising the steps of:
-
providing a main computer operating system; customizing the computer operating system'"'"'s kernel; replacing the computer operating system'"'"'s kernel and core utilities with a multi-level access control system; providing an email and messaging server as the host for sending and receiving messages; allowing automation of email retention in compliance with a document retention policy; providing a primary subsystem; said primary subsystem is a document management system; providing a set of client side tools to specify classifications and compartments for selected areas of a document; separating document data from document metadata; allowing encrypted documents to be stored and the information about those documents to be stored in a database; allowing for quick look up and access of secured documents; providing a way to save the document in the format required by the system in order to allow the system to enforce the rules and privileges dictated to the system; monitoring and recording all activity within the primary subsystem; recording all changes to a document and making said document available for audit; providing one or more supporting subsystems; a first second subsystem is a security enhanced database management system; integrating said security enhanced database management system with the multi-level access control system. securing data in the database as a whole, the tables in the database, the columns in the table, the rows in a table, or the individual cells of a database table; a second subsystem is a user authentication and authorization system; offering native enhanced security by enforcing privileges specified by the user authentication and authorization system; a third subsystem is a workflow engine; providing a runtime workflow engine used to route documents and data through a user defined approval process for actions on the documents or data; a fourth subsystem is a secure two-factor authentication system; providing a secure two-factor authentication sub-system adding an additional authentication mechanism; a fifth subsystem is a cryptographic engine; and providing data protection, data authentication, user authentication and vetting, and communications protection and authentication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification