Distributed cryptographic object method
DC CAFCFirst Claim
1. A method for providing multi-level multimedia security in a data network, comprising:
- a) accessing an object-oriented key manager;
b) selecting a first object to encrypt;
c) selecting a first label for the first object;
d) encrypting the first object;
e) labelling the encrypted first object;
f) displaying the first label as a header array;
g) reading the first object label;
h) determining access authorization based on the first object label; and
i) decrypting the first object if access authorization is granted.
5 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A system for increasing the security of a computer system, while giving an individual user a large amount of flexibility and power. To give users the most power and flexibility, a standard object that has the capability to embed objects is used. To allow users even more flexibility, a standard object tracking mechanism is used that allows users to distribute to other individuals multiple encrypted objects embedded in a single encrypted object. By effecting compartmentalization of every object by label attributes and algorithm attributes, multi-level multimedia security is achieved. Label attributes are used to restrict access to objects based on location, group, or other criteria and may specify personal access. Access type, such as read-only, write-only, and print-only may be specified. Nested embedded objects may be accessed directly through selection from a header array.
-
Citations
17 Claims
-
1. A method for providing multi-level multimedia security in a data network, comprising:
-
a) accessing an object-oriented key manager; b) selecting a first object to encrypt; c) selecting a first label for the first object; d) encrypting the first object; e) labelling the encrypted first object; f) displaying the first label as a header array; g) reading the first object label; h) determining access authorization based on the first object label; and i) decrypting the first object if access authorization is granted. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for providing multi-level multimedia security in a data network, comprising:
-
A) digital logic means, the digital logic means comprising; 1) a system memory means for storing data; 2) an encryption algorithm module, comprising logic for converting unencrypted objects into encrypted objects, the encryption algorithm module being electronically connected to the system memory means for accessing data stored in the first system memory; 3) means for arranging a plurality of encrypted objects such that at least some of the plurality of encrypted objects are embedded within others of the encrypted objects; 4) an object labelling subsystem, comprising logic means for limiting object access, subject to label conditions of a selected object and further subject to conditions of all labels associated with objects in which the selected object is embedded, the object labelling subsystem being electronically connected to the system memory means for accessing data stored in the system memory means and the object labelling subsystem being further electronically connected to the encryption algorithm module to accept inputs from the encryption algorithm module; 5) a decryption algorithm module, comprising logic for converting encrypted objects into unencrypted objects, the decryption algorithm module being electronically connected to the system memory means for accessing data stored in the system memory means; and 6) an object label identification subsystem, comprising logic for limiting object access, subject to label conditions, the object label identification subsystem being electronically connected to the system memory means for accessing data stored in the system memory means and the object label identification subsystem being further electronically connected to the decryption algorithm module to accept inputs from the deception algorithm module. B) the encryption algorithm module working in conjunction with the object labelling subsystem to create an encrypted object such that the object label identification subsystem limits access to an encrypted object. - View Dependent Claims (15, 16, 17)
-
Specification