GENERATING A DISTRUBITION PACKAGE HAVING AN ACCESS CONTROL EXECUTION PROGRAM FOR IMPLEMENTING AN ACCESS CONTROL MECHANISM AND LOADING UNIT FOR A CLIENT

US 20130219462A1
Filed: 07/01/2011
Published: 08/22/2013
Est. Priority Date: 09/22/2010
Status: Active Grant

First Claim

Patent Images

1. A data distribution system comprising:

a processor;

a computer readable device including at least one program executed by the processor to perform operations, the operations comprising;

receiving a reception request for distribution data from a requesting client;

detecting an environment of the requesting client;

determining an access control execution program for implementing an access control mechanism and a loading unit on the requesting client, wherein the access control execution program is adapted to the detected environment of the requesting client, wherein the access control mechanism controls access to a resource from a process in the client in a manner that depends on a given policy, wherein the loading unit loads distribution data to a protected storage area of the requesting client;

determining a security policy specified for the requested distribution data;

generating a distribution package including the distribution data, the security policy, the loading unit, and the access control execution program; and

transmitting the generated distribution package to the client.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data distribution system, method and program for generating a distribution package for distribution data to a client. An environment of a requesting client requesting distribution data is detected. A determination is made of an access control execution program for implementing an access control mechanism and a loading unit on the requesting client. The access control execution program is adapted to the detected environment of the requesting client and control access to a resource from a process in the client. The loading unit loads the distribution data to a protected storage area of the client. A determination is made of a security policy specified for the distribution data. A distribution package is generated including the distribution data, the security policy, the loading unit, and the access control execution program adapted to the environment of the requesting client; and transmitting the generated distribution package to the requesting client.

Citations

26 Claims

1. A data distribution system comprising:
- a processor;
  
  a computer readable device including at least one program executed by the processor to perform operations, the operations comprising;
  
  receiving a reception request for distribution data from a requesting client;
  
  detecting an environment of the requesting client;
  
  determining an access control execution program for implementing an access control mechanism and a loading unit on the requesting client, wherein the access control execution program is adapted to the detected environment of the requesting client, wherein the access control mechanism controls access to a resource from a process in the client in a manner that depends on a given policy, wherein the loading unit loads distribution data to a protected storage area of the requesting client;
  
  determining a security policy specified for the requested distribution data;
  
  generating a distribution package including the distribution data, the security policy, the loading unit, and the access control execution program; and
  
  transmitting the generated distribution package to the client.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 11)
- - 2. The data distribution system of claim 1, wherein the operations further comprise:
    - in response to a registration request for distribution data, registering the distribution data for which registration is requested, a security policy defining information flow control for the distribution data, and information on a distribution destination of the distribution data into the data storage unit, and registering the distribution data.
  - 3. The data distribution system of claim 2, wherein the access control execution program includes code for executing on the requesting client when an operation using the distribution data finishes, to delete data in the protected storage area and eliminate the protected storage area.
  - 4. The data distribution system of claim 3,wherein the security policy specified for the distribution data includes a policy defining information flow control for a distribution destination subsequent to the distribution destination for at least part of the distribution data,wherein the access control mechanism controls, in accordance with the policy, whether or not a registration request for at least part of local data in the protected storage area as distribution data is to be permitted, andwherein the operations further comprise storing, in response to the registration request for the at least part of the local data as the distribution data, a security policy inheriting a policy specified for distribution data serving as the origin of the local data and the at least part of the local data as the distribution data into the data storage unit.
  - 5. The data distribution apparatus system of claim 1, wherein the operations further comprise storing a key with a term of validity in association with the distribution data, wherein the access control execution program includes code for further implementing to execute on the requesting client, after the term of validity of the key has expired, an expiration process to restrict access to the distribution data and the local data in the protected storage area.
  - 6. The data distribution system of claim 5, wherein the expiration process is executed to delete the local data in the protected storage area or save a difference between the local data in the protected storage area and the distribution data in the distribution package, re-acquire the key associated with the distribution data, and restore data in the protected storage area using the re-acquired key.
  - 7. The data distribution system of claim 1, wherein access to a resource from the process controlled in the manner that depends on a given policy includes at least one of reading of the local data in the protected storage area, storing of the local data into a removable medium, storing of the local data into a non-protected storage area, printing of the local data, copying to a clipboard in a state where the local data is opened, copy and paste between processes through a clipboard in a state where the local data is opened, screen copying in a state where a window of the local data is in an active mode, and writing to the protected storage area.
  - 11. The data distribution apparatus system of claim 1, wherein the operations further comprise:
    - changing the security policy specified for the distribution data in a manner that depends on the environment of the clients anddetermining an applied policy to be included in the distribution package.

12. (canceled)

13. A client computer connected over a network to a data distribution system distributing a distribution package, the client apparatus comprising:
- a processor;
  
  a computer readable device including at least one program executed by the processor to perform operations, comprising;
  
  transmitting, to the data distribution system, a reception request for distribution data;
  
  transmitting, to the data distribution apparatus, environmental information describing an environment of the client apparatus;
  
  receiving, from the data distribution apparatus, a distribution package including the distribution data, a security policy specified for the distribution data, and an access control execution program adapted to the environment of the client for implementing an access control mechanism, and a loading unit;
  
  executing, the access control execution program to control access a resource from a process in the client in a manner that depends on the security policy; and
  
  executing the loading unit to load the distribution data to a protected storage area of the client.
- View Dependent Claims (21, 22)
- - 21. The client computer of claim 13, wherein the operations further comprise:
    - deleting local data in the protected area; and
      
      eliminating the protected area.
  - 22. The client computer of claim 21, wherein the operations further comprise:
    - determining whether termination conditions are satisfied in response to active applications in the client terminating, wherein the operations of deleting the local data and eliminating the protected area are performed in response to determining that the termination conditions are satisfied.

14. A data distribution method for providing a distribution package, comprising:
- receiving a reception request for distribution data from a requesting client;
  
  detecting an environment of the requesting client;
  
  determining distribution data to be distributed and a security policy specified for the distribution data;
  
  determining an access control execution program for implementing an access control mechanism and a loading unit on the requesting client, wherein the access control execution program is adapted to the detected environment of the requesting client, wherein the access control mechanism controls access to a resource from a process in the client in a manner that depends on the security policy, wherein the loading unit loads the distribution data to a protected storage area of the client;
  
  generating a distribution package including the distribution data, the security policy, the loading unit, and the access control execution program; and
  
  transmitting the generated distribution package to the client.
- View Dependent Claims (8, 9, 10, 15, 16, 17)
- - 8. The data distribution method of claim 14 further comprising:
    - storing a key with a term of validity in association with the distribution data, wherein the access control execution program includes code to execute on the requesting client, after the term of validity of the key has expired, an expiration process restricting access to the distribution data and local data in the protected storage area.
  - 9. The data distribution method of claim 8, wherein the expiration process is further executed to delete the local data in the protected storage area or save a difference between the local data in the protected storage area and the distribution data in the distribution package, re-acquire the key associated with the distribution data, and a restore data in the protected storage area using the re-acquired key.
  - 10. The data distribution method of claim 14, wherein the access to the resource from the process in the requesting client controlled in the manner that depends on the given policy includes at least one of reading of local data in the protected storage area, storing of the local data into a removable medium, storing of the local data into a non-protected storage area, printing of the local data, copying to a clipboard in a state where the local data is opened, copy and paste between processes through a clipboard in a state where the local data is opened, screen copying in a state where a window of the local data is in an active mode, and writing to the protected storage area.
  - 15. The data distribution method of claim 14, further comprising:
    - storing in response to a registration request for distribution data, the distribution data for which registration is required, a security policy defining information flow control for the distribution data, and information on a distribution destination of the distribution data and;
      
      registering the distribution data.
  - 16. The data distribution method of claim 15,wherein the security policy specified for the distribution data includes a policy defining information flow control for a distribution destination subsequent to the distribution destination for at least part of the distribution data,wherein the access control mechanism controls, in accordance with the policy, whether or not the registration request for at least part of local data in the protected storage area as the distribution data is to be permitted, andwherein the step of the registering causes a security policy specified for distribution data serving as the origin of the local data to be inherited by a security policy specified for the at least part of the local data, in response to the registration request for the at least part of the local data as the distribution data.
  - 17. The data distribution method of claim 16, further comprising:
    - in response to a key acquisition request from the client, determining a key with a term of validity stored in association with the distribution data; and
      
      transmitting the key to the client, wherein the access control execution program includes code for further implementing on a client, after the term of validity of the key has expired, an expiration process to restrict access to the distribution data and local data in the protected storage area.

18. A method for receiving distribution data, comprising:
- transmitting a reception request for distribution data to a data distribution system;
  
  transmitting environmental information describing an environment of the client apparatus to the data distribution system;
  
  receiving a distribution package including the distribution data, a security policy specified for the distribution data, an access control execution program adapted to the environment of the client for implementing an access control mechanism and a loading unit;
  
  activating the access control execution program to control access to a resource from a process in the client in a manner that depends on the security policy; and
  
  executing the loading unit to load the distribution data to a protected storage area on the client, from the data distribution system apparatus.
- View Dependent Claims (23, 24)
- - 23. The method of claim 18, further comprising:
    - deleting local data in the protected area; and
      
      eliminating the protected area.
  - 24. The method of claim 23, further comprising:
    - determining whether termination conditions are satisfied in response to active applications in the client terminating, wherein the operations of deleting the local data and eliminating the protected area are performed in response to determining that the termination conditions are satisfied.

19. A computer readable device including a program executable by a computer, the program causing the computer to perform operations, the operations comprising:
- receiving a reception request for distribution data from a requesting client;
  
  detecting an environment of the requesting client;
  
  determining an access control execution program for implementing an access control mechanism and a loading unit on the requesting client, wherein the access control execution program is adapted to the detected environment of the requesting client, wherein the access control mechanism controls access to a resource from a process in the client in a manner that depends on a given policy, wherein the loading unit loads distribution data included in a distribution package to a protected storage area of the client;
  
  determining a security policy specified for the distribution data;
  
  a distribution package including the distribution data, the security policy, the loading unit, and the access control execution program adapted to the environment of the requesting; and
  
  transmitting the generated distribution package to the requesting client.
- View Dependent Claims (25, 26)
- - 25. The computer readable device of claim 19, wherein the access control execution program includes code for executing on the requesting client when an operation using the distribution data finishes, to delete data in the protected storage area and eliminate the protected storage area.
  - 26. The computer readable device of claim 25, further comprising:
    - wherein the security policy specified for the distribution data includes a policy defining information flow control for a distribution destination subsequent to the distribution destination for at least part of the distribution data,wherein the access control mechanism controls, in accordance with the policy, whether or not a registration request for at least part of local data in the protected storage area as distribution data is to be permitted, andstoring, in response to the registration request for the at least part of the local data as the distribution data, a security policy inheriting a policy specified for distribution data serving as the origin of the local data and the at least part of the local data as the distribution data into the data storage unit.

20. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Furuichi, Sanehiro, Tada, Masami, Aratsu, Taku

Granted Patent

US 9,501,628 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/556   involving covert channels, ...

G06F 21/62   Protecting access to data v...

G06F 2221/2119   Authenticating web pages, e...

H04L 63/0428   wherein the data content is...

H04L 63/102   Entity profiles

H04L 67/1097   for distributed storage of ...

GENERATING A DISTRUBITION PACKAGE HAVING AN ACCESS CONTROL EXECUTION PROGRAM FOR IMPLEMENTING AN ACCESS CONTROL MECHANISM AND LOADING UNIT FOR A CLIENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

GENERATING A DISTRUBITION PACKAGE HAVING AN ACCESS CONTROL EXECUTION PROGRAM FOR IMPLEMENTING AN ACCESS CONTROL MECHANISM AND LOADING UNIT FOR A CLIENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links