Document Security Management System
First Claim
1. A document security management system for securely managing documents or data files for users, the document management system comprising:
- a document repository, providing a facility for storing data files representing the documents;
a key repository for storing a public key of one or more encryption key pairs, each of the encryption key pairs being associated with one of the documents stored in the document repository and comprising a public key and a private key, wherein each document stored in the document repository is encrypted with the public key of the encryption key pair associated with the document; and
a plurality of client terminals configured to retrieve the documents from the document repository for processing by a user, wherein each user is provided with a digital certificate comprising a certificate key pair, each certificate key pair comprising a public key and a private key, and the key repository includes the private key of the encryption key pair encrypted with the public key of the certificate key pair associated with the user, the client terminal being operable with the private key of the certificate key pair, the client terminal being configured to decrypt the private key of encryption key pair using the private key of the certificate key pair, to retrieve the encrypted document from the document repository, and to decrypt the document using the decrypted private key of the encryption key pair to access the document.
0 Assignments
0 Petitions
Accused Products
Abstract
A document security management system for securely managing documents for users. The document management system comprises a document repository providing a facility for storing data files representing the documents. A key repository stores a public key of one or more encryption key pairs, each of the encryption key pairs being associated with one of the documents stored in the document repository. Each document stored in the document repository is encrypted with the public key of the encryption key pair associated with the document. A plurality of client terminals are operable to store and to retrieve the documents from the documentary repository for processing by a user. Each user is in possession of a digital certificate comprising a certificate key pair. The key repository includes the private key of the encryption key pair encrypted with the public key of the certificate key pair associated with the user. The client terminal is operable with the private key of the certificate key pair in possession of a user. The client terminal is operable to decrypt the private key of the encryption key pair using the private key of the certificate key pair of a user, and to retrieve the encrypted document from the document repository and to decrypt the document using the decrypted private key of the encryption key pair. Thus, in accordance with the present invention a two tier arrangement of private key/public key pairs is provided with a first private key/public key pair called the encryption key pair being associated with each of the documents and a second digital certificate private key/public key pair called a certificate key pair being associated with the users. A document management system according to the present invention is therefore provided with an improvement in security with respect to document management and document management security.
115 Citations
17 Claims
-
1. A document security management system for securely managing documents or data files for users, the document management system comprising:
-
a document repository, providing a facility for storing data files representing the documents; a key repository for storing a public key of one or more encryption key pairs, each of the encryption key pairs being associated with one of the documents stored in the document repository and comprising a public key and a private key, wherein each document stored in the document repository is encrypted with the public key of the encryption key pair associated with the document; and a plurality of client terminals configured to retrieve the documents from the document repository for processing by a user, wherein each user is provided with a digital certificate comprising a certificate key pair, each certificate key pair comprising a public key and a private key, and the key repository includes the private key of the encryption key pair encrypted with the public key of the certificate key pair associated with the user, the client terminal being operable with the private key of the certificate key pair, the client terminal being configured to decrypt the private key of encryption key pair using the private key of the certificate key pair, to retrieve the encrypted document from the document repository, and to decrypt the document using the decrypted private key of the encryption key pair to access the document. - View Dependent Claims (2, 3, 4, 5, 6, 7, 17)
-
-
8. A method of securely managing documents for users, the method comprising:
-
storing data files representing documents on a document repository; storing a public key of one or more encryption key pairs on a key repository, each of the encryption key pairs being associated with one of the documents stored in the document repository and each of the encryption key pairs comprising a public key and a private key, and each document stored in the document repository being encrypted with the public key of the encryption key pair associated with the documents; storing the documents in the document repository for processing by a user, wherein the key repository includes the private key of an encryption key pair encrypted with the public key of a digital certificate key pair associated with the user; decrypting the private key of the encryption key pair using the private key of the certificate key pair; retrieving the encrypted document from the document repository; and decrypting the document using the decrypted private key of the first document private key/public key pair. - View Dependent Claims (9, 10)
-
-
11. A document repository for a document management system for securely managing documents for users, the document repository configured to store data files representing documents, each stored document being associated with a first private key/public key pair and each stored document being encrypted with the public key of the first document private key/public key pair associated with the document, wherein the document repository is further configured to store in association with each of the documents a hash value generated from the document and a digital signature generated from the hash value and the private key of a second private key/public key pair provided to a user.
- 12. A client terminal operable in combination with a key repository and a document repository of a document security management system, the client terminal being configured to store and to retrieve documents to and from the documentary repository for processing by a user, wherein each user possesses a digital certificate comprising a certificate key pair, the certificate key pair comprising a public key and a private key, and the key repository includes the private key of an encryption key pair encrypted with the public key of the certificate key pair of the user, the client terminal being provided by the user with the private key of the certificate key pair of the user, the client terminal being configured to decrypt the private key of the encryption key pair using the private key of the certificate key pair, to retrieve the encrypted document from the document repository, and to decrypt the document using the decrypted private key of the encryption key pair.
-
14. A key repository operable in combination with a document repository and one or more client terminals of a document security management system, the key repository being configured to store a public key of one or more encryption key pairs, each of the encryption key pairs comprising a public key and a private key and each of the encryption key pairs being associated with one of the documents stored in the document repository, wherein each document stored in the document repository is encrypted with the public key of the encryption key pair associated with the document, wherein the key repository includes the private key of the encryption key pair encrypted with a public key of a digital certificate key pair associated with the user.
-
15. (canceled)
-
16. (canceled)
Specification