DOCUMENT SECURITY SYSTEM AND METHOD
First Claim
1. A method for document security, comprising:
- decrypting a key-map file located in an composite document with embedded access control;
decrypting a content part from the composite document with embedded access control, wherein the key-map file provides a key to access the content part;
loading the content part in decrypted form into a document serialization maintained in a transient memory, wherein the content part in decrypted form is maintained exclusively in the transient memory; and
erasing the content part in decrypted form upon termination of a program to access the decrypted content part from the document serialization.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for document security are described. The method decrypts a key-map file located a composite document with embedded access control, decrypts a content part from the composite document with embedded access control, wherein the key-map file provides a key to access the content part, loads the content part in decrypted form into a document serialization maintained in a transient memory where the content part in decrypted form is maintained exclusively in the transient memory, and erases the content part in decrypted form upon termination of a program to access the decrypted content part from the document serialization.
-
Citations
20 Claims
-
1. A method for document security, comprising:
-
decrypting a key-map file located in an composite document with embedded access control; decrypting a content part from the composite document with embedded access control, wherein the key-map file provides a key to access the content part; loading the content part in decrypted form into a document serialization maintained in a transient memory, wherein the content part in decrypted form is maintained exclusively in the transient memory; and erasing the content part in decrypted form upon termination of a program to access the decrypted content part from the document serialization. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for document security comprising:
-
a transient memory; a secured composite document comprising one or more encrypted content parts and one or more encrypted key-map files, the key-map files comprising access information for the one or more content parts corresponding to one or more users; and a document interface, to locate a key-map file corresponding to a user from one or more encrypted key-map files, to decrypt a content part that the user may access according a key in the located in the key-map file, and to store the content part in decrypted form in the transient memory for access by a user. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A non-transitory computer-readable medium having stored thereon instructions which when executed by a processor cause the processor to perform the method of:
-
retrieving a content part from a secured composite document, based on a request to access the content part; attempting to decrypt the content part using an access key in the secured composite document that corresponds to a particular user; erasing one or more other content parts previously decrypted from the secured composite document and stored in the transient memory, wherein the one or more other content parts are identified as candidates for erasing based on a pre-determined criterion; storing the content part in transient memory version, if the amount of transient memory erased is equal to or greater than the amount of memory space needed to store the content part in transient memory. - View Dependent Claims (19, 20)
-
Specification