METHOD AND APPARATUS FOR QUERYING CONTENT PROTECTED BY IDENTITY-BASED ENCRYPTION

US 20110235799A1
Filed: 03/24/2010
Published: 09/29/2011
Est. Priority Date: 03/24/2010
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

causing, at least in part, transmission of a query associated with a first user, the first user being described according to a first set of criteria; and

based, at least in part, on the query, receiving one or more second sets of criteria associated with respective second users, wherein the second sets of criteria are matched, at least in part, to the first set of criteria, and wherein at least one of the second sets of criteria is used as a public key for encrypting data according to an identity-based encryption scheme.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An approach is provided for reducing communication traffic/cost and protecting content by applying recipient criteria in identity-based encryption. A criterion application of a querier causes, at least in part, transmission of a query associated with a first user described according to a first set of criteria. Based on the query, the criterion application of the querier receives one or more second sets of criteria associated with respective second users, wherein the second sets of criteria are matched, at least in part, to the first set of criteria, and wherein at least one of the second sets of criteria is used as a public key for encrypting data according to an identity-based encryption scheme. A criterion application of an information store receives the query associated with the first user, and matches one or more second sets of criteria with all or part of the first set of criteria.

52 Citations

View as Search Results

21 Claims

1. A method comprising:
- causing, at least in part, transmission of a query associated with a first user, the first user being described according to a first set of criteria; and
  
  based, at least in part, on the query, receiving one or more second sets of criteria associated with respective second users, wherein the second sets of criteria are matched, at least in part, to the first set of criteria, and wherein at least one of the second sets of criteria is used as a public key for encrypting data according to an identity-based encryption scheme.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. A method of claim 1, further comprising:
    - causing, at least in part, presentation of the second sets of criteria,receiving an input, from the first user, for selecting one of the second sets of criteria;
      
      receiving data encrypted using the selected second set of criteria as the public key; and
      
      causing, at least in part, decryption of the data based, at least in part, on the selected second set of criteria.
  - 3. A method of claim 2, wherein the decryption further comprises:
    - causing, at least in part, transmission of a request for a decryption key for the selected second set of criteria based, at least in part, on the input; and
      
      receiving the decryption key in response to the request,wherein the decryption is based, at least in part, on the decryption key.
  - 4. A method of claim 1, wherein an information store maintains the set of criteria associated with the first user, the method further comprising:
    - negotiating with the information store to store, publish, keep confidential, or a combination thereof all or some of the first set of criteria.
  - 5. A method of claim 1, further comprising at least one of:
    - formatting the first set of criteria, the second sets of criteria, the query, the data, or a combination thereof into respective predetermined information representation structures;
      
      constructing reduced ordered binary decision diagrams from the information representation structures; and
      
      computing a hash identifier corresponding to respective ones of the reduced ordered binary decision diagrams,wherein the first set of criteria, the second sets of criteria, the query, the data, or a combination thereof are transmitted or received in as at least one of the information representation structure, the reduced ordered binary decision diagram, and the hash identifier.
  - 6. A method of claim 1, further comprising:
    - selecting one third set of criteria; and
      
      causing, at least in part, encryption of the query using the selected third set of criteria as the public key according to an identity-based encryption scheme,wherein encryption limits access to the query to one or more third users associated with one or more fourth sets of criteria that match, at least in part, the selected third set of criteria.

7. An apparatus comprising:
- at least one processor; and
  
  at least one memory including computer program code,the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following,cause, at least in part, transmission of a query associated with a first user, the user being described according to a first set of criteria; and
  
  based, at least in part, on the query, receive one or more second sets of criteria associated with respective second users, wherein the second sets of criteria are matched, at least in part, to the first set of criteria, and wherein at least one of the second sets of criteria is used as a public key for encrypting data according to an identity-based encryption scheme.
- View Dependent Claims (8, 9, 10)
- - 8. An apparatus of claim 7, wherein the apparatus is further caused to:
    - cause, at least in part, presentation of the second sets of criteria,receive an input, from the first user, for selecting one of the second sets of criteria;
      
      receive data encrypted using the selected second set of criteria as the public key; and
      
      cause, at least in part, decryption of the data based, at least in part, on the selected second set of criteria.
  - 9. An apparatus of claim 8, wherein the apparatus is further caused to:
    - cause, at least in part, transmission of a request for a decryption key for the selected second set of criteria based, at least in part, on the input; and
      
      receive the decryption key in response to the request,wherein the decryption is based, at least in part, on the decryption key.
  - 10. An apparatus of claim 7, wherein an information store maintains the set of criteria associated with the first user, and the apparatus is further caused to:
    - negotiate with the information store to store, publish, keep confidential, or a combination thereof all or some of the first set of criteria.

11. A method comprising:
- receiving a query associated with a first user, the first user being described according to a first set of criteria;
  
  matching one or more second sets of criteria with all or part of the first set of criteria, wherein the matching defines respective second users who are qualified to receive the query, and wherein at least one of the second sets of criteria is used as a public key for encrypting data associated with a respective second user according to an identity-based encryption scheme; and
  
  causing, at least in part, transmission of the second sets of criteria in response to the query.
- View Dependent Claims (12, 13, 14, 15)
- - 12. A method of claim 11, wherein the first set of criteria, the second sets of criteria, or a combination thereof include at least one of a user personality feature, a technical capability of a receiving device, a usage pattern of the device, an environmental condition in which the device is used, and context information associated with the device.
  - 13. A method of claim 11, further comprising:
    - receiving a request, from the first user, for a decryption key for at least one of the second sets of criteria;
      
      causing, at least in part, verification of whether the first set of criteria substantially describe the first user; and
      
      causing, at least in part, transmission of the decryption key based, at least in part, on the verification.
  - 14. A method of claim 13, wherein the verification comprises at least one of:
    - determining one or more access rights associated with the first user; and
      
      causing, at least in part, comparison of all or part of the first set of criteria against information associated with the user that is available locally or externally including an online or offline public record, a transaction history, an activity history, a history of visited locations, an interaction history, associated communication content items, associated memberships, or a combination thereof.
  - 15. A method of claim 13, wherein the verification and the transmission are performed by a private key generator, the information store, or a combination thereof.

16. An apparatus comprising:
- at least one processor; and
  
  at least one memory including computer program code,the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following,receive a query associated with a first user, the first user being described according to a first set of criteria;
  
  match one or more second sets of criteria with all or part of the first set of criteria, wherein the matching defines respective second users who are qualified to receive the query, and wherein at least one of the second sets of criteria is used as a public key for encrypting data associated with a respective second user according to an identity-based encryption scheme, andcause, at least in part, transmission of the second sets of criteria in response to the query.
- View Dependent Claims (17, 18, 19, 20)
- - 17. An apparatus of claim 16, wherein the first set of criteria, the second sets of criteria, or a combination thereof include at least one of a user personality feature, a technical capability of a receiving device, a usage pattern of the device, an environmental condition in which the device is used, and context information associated with the device.
  - 18. An apparatus of claim 16, wherein the apparatus is further caused to:
    - receive a request, from the first user, for a decryption key for at least one of the second sets of criteria;
      
      cause, at least in part, verification of whether the first set of criteria substantially describe the first user; and
      
      cause, at least in part, transmission of the decryption key based, at least in part, on the verification.
  - 19. An apparatus of claim 18, wherein the apparatus is further caused to:
    - determine one or more access rights associated with the first user; and
      
      cause, at least in part, comparison of all or part of the first set of criteria against information associated with the user that is available locally or externally including an online or offline public record, a transaction history, an activity history, a history of visited locations, an interaction history, associated communication content items, associated memberships, or a combination thereof.
  - 20. An apparatus of claim 18, wherein the verification and the transmission are performed by a private key generator, the information store, or a combination thereof.

21-62. -62. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Sovio, Sampo Juhani, Luukkala, Vesa-Veikko

Granted Patent

US 9,025,767 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/30
CPC Class Codes

G06F 16/951   Indexing; Web crawling tech...

H04L 2209/60   Digital content management,...

H04L 63/0428   wherein the data content is...

H04L 63/0442   wherein the sending and rec...

H04L 63/062   for key distribution, e.g. ...

H04L 9/083   involving central third par...

H04L 9/3073   involving pairings, e.g. id...

METHOD AND APPARATUS FOR QUERYING CONTENT PROTECTED BY IDENTITY-BASED ENCRYPTION

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

52 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND APPARATUS FOR QUERYING CONTENT PROTECTED BY IDENTITY-BASED ENCRYPTION

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

52 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links