CONTROL METHOD, PROGRAM AND SYSTEM FOR LINK ACCESS
First Claim
1. A computer executed link access control program for a system in which a first user being an owner of a first document referenced by a document link, a second user being an owner of a second document in which the first document is embedded as a link, and a third user being able to view the first document embedded or to be embedded in a second document each have a private key and a public key in a computer, the public key of each user being shared with each user comprising:
- a step for generating an encryption key with a proxy signature in the computer of the first user using the private key of the first user and the public key of the third user;
a step for encrypting the first key using the public key of the second user to obtain a first value;
a step for attaching a signature to value X using the private key of the first user, and generating function F(X) for encrypting it further with the public key of the third user using the encryption key with a proxy signature;
a step for subjecting information in the second document attaching a link to the first document to function F( ) to obtain a value, signing the value with the private key of the second user, and sending the information along with the second document to the computer of the third user; and
a step in the computer of the third user for receiving information signed using the private key of the second user along with the second document, verifying the signature in information signed using the private key of the first user with the public key of the second user, obtaining the value subjected to F( ), decrypting the value using the private key of the third user, verifying the decrypted value using the public key of the first user, and obtaining the information in the second document attaching a link to the first document.
0 Assignments
0 Petitions
Accused Products
Abstract
A plurality of users is assumed in which user A is the owner of content providing the source of a link, user B is the owner of the content providing the destination of the link, and user C is a viewer. Each user has a private key and a public key, and the public keys are shared by the users. User B selects user C in advance as a viewer. User B creates data including a value in which an encryption key with a proxy signature generated on the basis of the public key of user C and its own private key is encrypted using the public key of user A, and distributes the data to user A, which is the owner of the content providing the source of the link. User A decrypts the received data including the value using its own private key. This makes a function available based on encryption with the proxy signature. User A converts the link information using this function, signs the information using its own private key, and sends it to user C. User C verifies the signature by checking the received information using the public key of user A and the public key of user B, extracts the link information generated by user A using the function, decrypts it using its own private key, and obtains the link information.
8 Citations
10 Claims
-
1. A computer executed link access control program for a system in which a first user being an owner of a first document referenced by a document link, a second user being an owner of a second document in which the first document is embedded as a link, and a third user being able to view the first document embedded or to be embedded in a second document each have a private key and a public key in a computer, the public key of each user being shared with each user comprising:
-
a step for generating an encryption key with a proxy signature in the computer of the first user using the private key of the first user and the public key of the third user; a step for encrypting the first key using the public key of the second user to obtain a first value; a step for attaching a signature to value X using the private key of the first user, and generating function F(X) for encrypting it further with the public key of the third user using the encryption key with a proxy signature; a step for subjecting information in the second document attaching a link to the first document to function F( ) to obtain a value, signing the value with the private key of the second user, and sending the information along with the second document to the computer of the third user; and a step in the computer of the third user for receiving information signed using the private key of the second user along with the second document, verifying the signature in information signed using the private key of the first user with the public key of the second user, obtaining the value subjected to F( ), decrypting the value using the private key of the third user, verifying the decrypted value using the public key of the first user, and obtaining the information in the second document attaching a link to the first document. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer implemented link access control system for a system in which a first user being an owner of a first document referenced by a document link, a second user being an owner of a second document in which the first document is embedded as a link, and a third user being able to view the first document embedded or to be embedded in a second document each have a private key and a public key in a computer, the public key of each user being shared with each user, comprising:
-
means for generating an encryption key with a proxy signature in the computer of the first user using the private key of the first user and the public key of the third user; means for encrypting the first key using the public key of the second user to obtain a first value; means for attaching a signature to value X using the private key of the first user, and generating function F(X) for encrypting it further with the public key of the third user using the encryption key with a proxy signature, means for subjecting information in the second document attaching a link to the first document to function F( ) to obtain a value, signing the value with the private key of the second user, and sending the information along with the second document to the computer of the third user; and means in the computer of the third user for receiving information signed using the private key of the second user along with the second document, verifying the signature in information signed using the private key of the first user with the public key of the second user, obtaining the value subjected to F( ), decrypting the value using the private key of the third user, verifying the decrypted value using the public key of the first user, and obtaining the information in the second document attaching a link to the first document. - View Dependent Claims (7, 8, 9, 10)
-
Specification
-
- Resources
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsKamijoh, Kohichi, Miyashita, Hisashi, Nakamura, Hiroaki
-
Application NumberUS13/752,964Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current713/176CPC Class CodesH04L 2209/16 Obfuscation or hiding, e.g....H04L 2209/76 Proxy, i.e. using intermedi...H04L 9/0822 using key encryption keyH04L 9/0861 Generation of secret inform...H04L 9/0869 involving random numbers or...H04L 9/30 Public key, i.e. encryption...
