CRYPTOGRAPHIC METHOD AND SYSTEM

US 20140351586A1
Filed: 08/08/2014
Published: 11/27/2014
Est. Priority Date: 02/20/2012
Status: Abandoned Application

First Claim

Patent Images

1. A method of accessing encrypted content via one or more data stores accessible by a first user having a first computer, the method comprising the steps of:

providing a first blob to a first data store, the first blob comprising encrypted content, encrypted with a first content key;

providing a second blob to a second data store, the second blob comprising an encrypted first content key;

providing the first and second blobs and rights management criteria for use by the first computer;

decrypting the second blob by the first computer to obtain the first content key and enabling the decryption of the first blob to obtain unencrypted content; and

providing the unencrypted content by the first computer to the first user via a client-side application,wherein the client-side application controls operations available that the first user can perform on the content in accordance with the rights management criteria.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In the field of security for electronic data and/or communications, a method of providing data security and/or privacy in a distributed and/or decentralised network environment. Private collaboration and/or information sharing between users, agents and/or applications is enabled, as well as the sharing of key(s) and/or content between a first user and/or agent and a second user and/or agent. The sharing may be of encrypted information via information sharing services.

Citations

17 Claims

1. A method of accessing encrypted content via one or more data stores accessible by a first user having a first computer, the method comprising the steps of:
- providing a first blob to a first data store, the first blob comprising encrypted content, encrypted with a first content key;
  
  providing a second blob to a second data store, the second blob comprising an encrypted first content key;
  
  providing the first and second blobs and rights management criteria for use by the first computer;
  
  decrypting the second blob by the first computer to obtain the first content key and enabling the decryption of the first blob to obtain unencrypted content; and
  
  providing the unencrypted content by the first computer to the first user via a client-side application,wherein the client-side application controls operations available that the first user can perform on the content in accordance with the rights management criteria.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method as claimed in claim 1, wherein a second user has a second computer, further comprising:
    - providing the first blob and the second blob and the rights management criteria for use by the second computer;
      
      decrypting the second blob by the second computer to obtain the first content key and enabling the decryption the first blob to obtain the unencrypted content; and
      
      providing the unencrypted content by the second computer to the second user via a second client-side application,wherein the second client-side application controls operations available that the second user can perform on the content in accordance with the rights management criteria.
  - 3. The method as claimed in claim 1, wherein the first blob remains on the first computer.
  - 4. The method as claimed in claim 1, wherein the first computer pulls the first blob from the first data store.
  - 5. The method as claimed in claim 1, wherein the first data store pushes the first blob to the first computer.
  - 6. The method as claimed in claim 2, wherein the first blob is replicated to the second computer.
  - 7. The method as claimed in claim 1, wherein the first blob on the first computer is synchronised with the first blob stored in the first data store.
  - 8. The method as claimed in claim 1, wherein the first computer stores the first blob and by replication or synchronisation the first blob is provided to the first data store.
  - 9. The method as claimed in claim 1, wherein the first data store and the second data store are the same data store
  - 10. The method as claimed in claim 1, wherein a plurality of first blobs, corresponding to a plurality of corresponding content, are provided to a plurality of data stores.
  - 11. The method as claimed in claim 10, wherein the second blob or a plurality of second blobs corresponding to the plurality of first blobs is provided to the plurality of data stores.
  - 12. The method as claimed in claim 1, wherein a plurality of computers provide to a plurality of data stores, a plurality of first blobs corresponding to a plurality of corresponding content.
  - 13. The method as claimed in claim 12, further wherein the second blob or a plurality of second blobs corresponding to the plurality of first blobs is provided to the plurality of data stores.
  - 14. The method as claimed in claim 1, wherein the second blob further comprises a permit.
  - 15. The method as claimed in claim 1, wherein the rights management criteria comprises any one or any combination of restricting and/or controlling decryption, copying, saving, printing, copying to clipboard, watermarking and/or access times.
  - 16. The method as claimed in claim 1, wherein the client-side application is an agent adapted to make use of at-rest encrypted content and control what the second user can or can'"'"'t do with content.
  - 17. The method as claimed in claim 1, wherein the client-side application is:
    - a vieweran enforcing applicationa reader, oran applicationwhich enables specific rights either directly granted to the respective user or obtained in real-time from a rights management server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
KL Data Security Pty Limited
Original Assignee
Lock Box Pty Limited
Inventors
HOOK, David Geoffrey, HARVEY, Richard Hans, DETTMAN, Peter Kai

Application Number

US14/455,300
Publication Number

US 20140351586A1
Time in Patent Office

Days
Field of Search
US Class Current

713/164
CPC Class Codes

G06F 21/6218   to a system of files or obj...

H04L 63/061   for key exchange, e.g. in p...

H04L 9/0822   using key encryption key

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/14   using a plurality of keys o...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

CRYPTOGRAPHIC METHOD AND SYSTEM

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

CRYPTOGRAPHIC METHOD AND SYSTEM

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links