Cryptographic file labeling system for supporting secured access by multiple users

US 5,953,419 A
Filed: 05/06/1996
Issued: 09/14/1999
Est. Priority Date: 05/06/1996
Status: Expired due to Term

First Claim

Patent Images

1. A machine system for maintaining confidential information generally in encrypted form while allowing for intelligible access to such confidential information by multiple users, said machine system comprising:

(a) a first data conveyance means for conveying digitized first data representing said encrypted form of the confidential information and for further conveying digitized second data representing an associated label,(a.1) wherein said encrypted form of the confidential information is producible by a first encrypting process using a first encryption key,(a.2) wherein said second data contains two or more encrypted versions of a first decryption key, said first decryption key being a signal that is applicable to a first decrypting process for decrypting the encrypted form of the confidential information and for thereby producing a plaintext form of the confidential information,(a.2a) wherein a first of said two or more encrypted versions of the first decryption key is decipherable by a first user key, the first user key being associated with a first user among said multiple users;

(a.2b) wherein a second of said two or more encrypted versions of the first decryption key is decipherable by a second user key, the second user key being associated with a second user among said multiple users;

(b) a first decrypting mechanism, operatively coupled to the first data conveyance means, for receiving the first data and for, upon a supplying of said first decryption key to said first decrypting mechanism, decrypting the first data into digitized third data representing the plaintext form of the confidential information; and

(c) a second decrypting mechanism, operatively coupled to the first data conveyance means, for receiving at least one portion of said second data and for, upon a supplying of a corresponding one of said first and second user keys to the second decrypting mechanism, decrypting the at least one portion of said second data into digitized fourth data in accordance with a second decryption process so that said fourth data includes the first decryption key,(c.1) wherein the second decrypting mechanism is operatively coupled to supply the first decryption key to the first decrypting mechanism;

(c.2) wherein said second decrypting mechanism defines part of an asymmetric encryption/decryption system;

(a.2c) wherein said first user key defines a private part of a first public-private key pair associated with said first user; and

(a.2d) wherein said second user key defines a private part of a second public-private key pair associated with said second user.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system is disclosed for automatically distributing secured versions (*Sys_-- D_-- key*) of a file decryption key (Sys_-- D_-- key) to a plurality of file users by way of the file'"'"'s security label. The label is defined to contain a plurality of Access-Control-Entries Records (ACER'"'"'s) where each ACER includes a respective secured version (*Sys_-- D_-- key*) of the file decryption key. Each such secured version (*Sys_-- D_-- key*) is decipherable by a respective ACER private key. Each ACER may include respective other data such as:

(a) ACER-unique identifying data for uniquely identifying the ACER or an associated user;

(b) decryption algorithm identifying data for identifying the decryption process to be used to decrypt the encrypted *DATA* portion of the file; and

(c) special handling code for specifying special handling for the code-containing ACER. The label is preferably covered by a digital signature but includes an extension buffer that is not covered by the digital signature. Users who wish to have an ACER of their own added to the label may submit add-on requests by writing to the extension buffer.

253 Citations

53 Claims

1. A machine system for maintaining confidential information generally in encrypted form while allowing for intelligible access to such confidential information by multiple users, said machine system comprising:
- (a) a first data conveyance means for conveying digitized first data representing said encrypted form of the confidential information and for further conveying digitized second data representing an associated label,(a.1) wherein said encrypted form of the confidential information is producible by a first encrypting process using a first encryption key,(a.2) wherein said second data contains two or more encrypted versions of a first decryption key, said first decryption key being a signal that is applicable to a first decrypting process for decrypting the encrypted form of the confidential information and for thereby producing a plaintext form of the confidential information,(a.2a) wherein a first of said two or more encrypted versions of the first decryption key is decipherable by a first user key, the first user key being associated with a first user among said multiple users;
  
  (a.2b) wherein a second of said two or more encrypted versions of the first decryption key is decipherable by a second user key, the second user key being associated with a second user among said multiple users;
  
  (b) a first decrypting mechanism, operatively coupled to the first data conveyance means, for receiving the first data and for, upon a supplying of said first decryption key to said first decrypting mechanism, decrypting the first data into digitized third data representing the plaintext form of the confidential information; and
  
  (c) a second decrypting mechanism, operatively coupled to the first data conveyance means, for receiving at least one portion of said second data and for, upon a supplying of a corresponding one of said first and second user keys to the second decrypting mechanism, decrypting the at least one portion of said second data into digitized fourth data in accordance with a second decryption process so that said fourth data includes the first decryption key,(c.1) wherein the second decrypting mechanism is operatively coupled to supply the first decryption key to the first decrypting mechanism;
  
  (c.2) wherein said second decrypting mechanism defines part of an asymmetric encryption/decryption system;
  
  (a.2c) wherein said first user key defines a private part of a first public-private key pair associated with said first user; and
  
  (a.2d) wherein said second user key defines a private part of a second public-private key pair associated with said second user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 2. A machine system according to claim 1 wherein:
    - (a.3) said first data conveyance means includes digital data storing means for storing said digitized first and second data.
  - 3. A machine system according to claim 2 wherein:
    - (a.4) said first data conveyance means further includes digital data transmitting means for transmitting said first and second data by way of a nonsecure data transmission path.
  - 4. A machine system according to claim 2 wherein:
    - (a.3b) said second data contains a plurality of Access-Control-Entries Records (ACER'"'"'s),(a.3bi) a first of the plural ACER'"'"'s includes said first encrypted version of the first decryption key;
      
      (a.3bii) a second of the plural ACER'"'"'s includes said second encrypted version of the first decryption key;
      
      (a.3biii) the first ACER further includes a first user associating signal for associating the first ACER with said first user;
      
      (a.3biv) the second ACER includes a second user associating signal for associating the second ACER with said second user.
  - 5. A machine system according to claim 4 further comprising:
    - (d) search means for scanning the plural ACER'"'"'s within the second data, for locating therein a user-associated ACER that includes the user associating signal of an otherwise identified user, and for causing the corresponding encrypted version of the first decryption key to be supplied from the user-associated ACER to be supplied to said second decrypting mechanism.
  - 6. A machine system according to claim 5 further comprising:
    - (e) identity authenticating means, operatively coupled to the search means, for authenticating the identity of an access-requesting user and for, upon successful authentication of the identity of the access-requesting user, supplying a corresponding user identification signal to the search means to thereby otherwise identify the access-requesting user.
  - 7. A machine system according to claim 6 further comprising:
    - (f) a user-key distributing means, responsive to the identity authenticating means, for supplying the associated user key of the otherwise identified access-requesting user to the second decrypting mechanism upon successful authentication of the identity of the access-requesting user by the identity authenticating means.
  - 8. A machine system according to claim 7 further comprising:
    - (g) a first encrypting mechanism, operatively coupled to the first data conveyance means, for receiving supplied data signals representing the confidential information and for, upon a supplying of a first encryption key to said first encrypting mechanism, encrypting the supplied data signals to thereby produce said first data and for further supplying said first data to the first data conveyance means; and
      
      (h) a second encrypting mechanism, operatively coupled to the first data conveyance means, for receiving at least one portion of confidential data to be conveyed by the first data conveyance means and for, upon a supplying of a user encryption key to the second encrypting mechanism, encrypting the at least one portion of said to-be-conveyed confidential data to thereby produce a secured portion of the second data so that said secured portion includes an encrypted version of the first decryption key,(h.1) wherein the second encrypting mechanism is operatively coupled to receive the user encryption key of the access-requesting user from the user-key distributing means after successful authentication of the identity of the access-requesting user by the identity authenticating means.
  - 9. A machine system according to claim 8 wherein said first encrypting mechanism carries out a selectable one of a plurality of encrypting processes and responds to a supplied encryption algorithm select signal by carrying out a selected one of said plurality of encrypting algorithms as indicated by the encryption algorithm selecting signal.
  - 10. A machine system according to claim 9 wherein the selectable encrypting processes include two or more members of the group consisting of:
    - (1) XORring with a supplied keystream;
      
      (2) X_-- NORing with a supplied keystream;
      
      (3) performing according to the Data Encryption Standard (DES);
      
      (4) performing triple-DES;
      
      (5) performing RSA RC4™
      
      ;
      
      (6) performing RSA RC5™
      
      ; and
      
      (7) carrying out the Blowfish algorithm.
  - 11. The machine system of claim 6 wherein said user identifying signal is at least 40 bits long.
  - 12. A machine system according to claim 1 wherein:
    - (a.3) the combination of said first encrypting process and said first decrypting mechanism defines a symmetric encryption/decryption system and said first decryption key is the same as said first encryption key.
  - 13. A machine system according to claim 12 wherein:
    - (c.2a) said second decrypting mechanism operates in accordance with the RSA public/private algorithm.
  - 14. A machine system according to claim 1 wherein:
    - (a.3) said second data contains a plurality of Access-Control-Entries Records (ACER'"'"'s) and each respective ACER includes;
      
      (a.3a) a first entry containing a respective, encrypted version of the first decryption key, and(a.3b) a second entry containing non-encrypted other data.
  - 15. A machine system according to claim 14 wherein said non-encrypted other data includes:
    - (a.3bi) an identification of a decryption algorithm that may be used to decrypt the first data with a plaintext version of the first decryption key as derived from the respective ACER-contained, encrypted version of said first decryption key.
  - 16. A machine system according to claim 14 wherein said on-encrypted other data includes:
    - (a.3bi) a unique identification of the respective ACER for distinguishing the respective ACER from other ACER'"'"'s within said second data.
  - 17. A machine system according to claim 16 wherein said unique identification of at least one ACER includes a Unique User Identification signal (UUID) for associating the at least one ACER with a respective one of said multiple users.
  - 18. A machine system according to claim 14 wherein said non-encrypted other data includes at least two members of the following group:
    - (a.3bi) a unique identification of the respective ACER for distinguishing the respective ACER from other ACER'"'"'s within said second data;
      
      (a.3bii) an identification of a decryption algorithm that may be used to decrypt the first data with a plaintext version of the first decryption key as derived from the respective ACER-contained, encrypted version of said first decryption key;
      
      (a.3biii) an identification of the first encrypting process that was used to produce said first data;
      
      (a.3biv) a special processing code for specifying special processing for the respective ACER;
      
      (a.3bv) a record format code for specifying a respective data format for additional data contained in the respective ACER; and
      
      (a.3bvi) a group identifying code for specifying a group of ACER'"'"'s or a group of users to which the respective ACER or respectively-associated user belongs.
  - 19. A machine system according to claim 14 wherein said non-encrypted other data includes at least five members of the following group:
    - (a.3bi) a unique identification of the respective ACER for distinguishing the respective ACER from other ACER'"'"'s within said second data;
      
      (a.3bii) an identification of a decryption algorithm that may be used to decrypt the first data with a plaintext version of the first decryption key as derived from the respective ACER-contained, encrypted version of said first decryption key;
      
      (a.3biii) an identification of the first encrypting process that was used to produce said first data;
      
      (a.3biv) a special processing code for specifying special processing for the respective ACER;
      
      (a.3bv) a record format code for specifying a respective data format for additional data contained in the respective ACER; and
      
      (a.3bvi) a group identifying code for specifying a group of ACER'"'"'s or a group of users to which the respective ACER or respectively-associated user belongs.
  - 20. A machine system according to claim 1 wherein:
    - (a.3) said second data contains a plurality of Access-Control-Entries Records (ACER'"'"'s) and each respective ACER includes;
      
      (a.3a) a first entry containing a respective, encrypted version of the first decryption key, and(a.3b) a second entry containing encrypted other data.
  - 21. A machine system according to claim 20 wherein said encrypted other data includes at least one member of the following group:
    - (a.3bi) a unique identification of a user associated with the respective ACER, said identification distinguishing the respective user from others of said multiple users;
      
      (a.3bii) an identification of a decryption algorithm that may be used to decrypt the first data with a plaintext version of the first decryption key as derived from the respective ACER-contained, encrypted version of said first decryption key;
      
      (a.3biii) an identification of the first encrypting process that was used to produce said first data;
      
      (a.3biv) a respective, encrypted version of the first encryption key; and
      
      (a.3bv) a respective, encrypted version of another encryption or decryption key that is distributable by way of the respective ACER.
  - 22. A machine system according to claim 20 wherein said encrypted other data includes at least four members of the following group:
    - (a.3bi) a unique identification of a user associated with the respective ACER, said identification distinguishing the respective user from others of said multiple users;
      
      (a.3bii) an identification of a decryption algorithm that may be used to decrypt the first data with a plaintext version of the first decryption key as derived from the respective ACER-contained, encrypted version of said first decryption key;
      
      (a.3biii) an identification of the first encrypting process that was used to produce said first data;
      
      (a.3biv) a respective, encrypted version of the first encryption key; and
      
      (a.3bv) a respective, encrypted version of another encryption or decryption key that is distributable by way of the respective ACER.
  - 23. A machine system according to claim 1 further comprising:
    - (d) second data conveyance means which is operatively coupled to the first data conveyance means for conveying replicas of said first data and said second data to and/or away from the first data conveyance means.
  - 24. A machine system according to claim 23 wherein said second data conveyance means includes at least one member of the group consisting of:
    - (d.1) transportable media;
      
      (d.2) drive means for reading data from or writing data to transportable media; and
      
      (d.3) I/O means for communicating with other machine systems.
  - 25. The machine system of claim 1 wherein said first decryption key is at least 40 bits long.

26. A machine-implemented method for distributing confidential information in encrypted form to multiple users, said method comprising the steps of:
- (a) conveying to at least one user machine, first data representing said encrypted form of the confidential information, where said encrypted form of the confidential information is producible by a first encrypting process using a first encryption key;
  
  (b) conveying to said at least one user machine, second data representing an associated label of the first data; and
  
  (c) including within said second data two or more Access-Control-Entries Records (ACER'"'"'s) each containing a respective, encrypted version of a first decryption key, said first decryption key being a signal that is applicable to a first decrypting process for decrypting the encrypted form of the confidential information and for thereby producing a plaintext form of the confidential information,(c.1) wherein a first of said encrypted versions of the first decryption key, which is contained in a respective first of said ACER'"'"'s, is decipherable by a first ACER key, the first ACER key being associated with said first ACER, and(c.2) wherein a second of said encrypted versions of the first decryption key, which is contained in a respective second of said ACER'"'"'s, is decipherable by a second ACER key, the second ACER key being associated with the second ACER, and the second ACER key being different from the first ACER key.
- View Dependent Claims (27, 28, 29, 30)
- - 27. A machine-implemented method according to claim 26 further comprising the step of:
    - (d) decrypting one of said ACER-contained encrypted versions of the first decryption key by using the corresponding ACER key to thereby produce a plaintext version of the first decryption key.
  - 28. A machine-implemented method according to claim 27 further comprising the step of:
    - (e) decrypting said first data by using said plaintext version of the first decryption key.
  - 29. A machine-implemented method according to claim 28 further comprising the steps of:
    - (f) associating each of said multiple users with a respective one of said ACER'"'"'s; and
      
      (g) upon receipt of a file access request associated with one of said multiple users, locating the associated ACER and using the encrypted version of the first decryption key contained within the located ACER to produce said plaintext version of the first decryption key.
  - 30. A machine-implemented method according to claim 26 wherein:
    - (c.1a) the first ACER key is a first private decryption key belonging to a first public/private key pair of a first of said users; and
      
      (c.2a) the second ACER key is a second private decryption key belonging to a second public/private key pair of a second of said users.

31. A machine-usable memory storing a multi-user data structure comprising:
- (a) a secured file data portion (*FILE DATA* portion) that is encrypted by a first encrypting process using a first encryption key; and
  
  (b) a file label portion associated with the secured file data portion, said file label portion including;
  
  (b.1) a plurality of Access-Control-Entries Records (ACER'"'"'s) each containing a respective, encrypted version of a first decryption key, said first decryption key being a signal that is applicable to a first decrypting process for decrypting said *FILE DATA* portion, wherein each ACER-contained encrypted version is decipherable by an ACER-specific key.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 32. A machine-usable memory according to claim 31 wherein each ACER further includes non-encrypted other data and the non-encrypted other data contains at least one member of the following group:
    - (b.1i) a unique identification of the respective ACER for distinguishing the respective ACER from other ACER'"'"'s within said file label;
      
      (b.1ii) an identification of a decryption algorithm that may be used to decrypt the encrypted *DATA* portion with a plaintext version of the first decryption key as derived from the respective ACER-contained, encrypted version of said first decryption key;
      
      (b.1iii) an identification of the first encrypting process that was used to produce said encrypted *DATA* portion;
      
      (b.1iv) a special processing code for specifying special processing for the respective ACER;
      
      (b.1v) a record format code for specifying a respective data format for additional data contained in the respective ACER; and
      
      (b.1vi) a group identifying code for specifying a group of ACER'"'"'s or a group of users to which the respective ACER or respectively-associated user belongs.
  - 33. A machine-usable memory according to claim 31 wherein the file label portion further includes:
    - (b.2) a digital signature covering part of the file label portion; and
      
      (b.3) an extension buffer space not covered by said digital signature.
  - 34. A machine-usable memory according to claim 31 wherein the file label portion further includes:
    - (b.2) a number-of-ACER'"'"'s signal representing the number of activated ACER'"'"'s present in the label portion; and
      
      (b.3) a length-of-ACER'"'"'s signal indicating the total extent of activated ACER'"'"'s present in the label portion.
  - 35. A machine-usable memory according to claim 31 wherein the file label portion further includes:
    - (b.2) a length-of-label signal representing the total length of the label.
  - 36. A machine-usable memory according to claim 31 wherein the file label portion further includes:
    - (b.2) a plaintext banner that directs inquirers to a network-accessible file for further information respecting the attached *FILE DATA*.
  - 37. A machine-usable memory according to claim 31 wherein each ACER further includes non-encrypted other data and the non-encrypted other data contains at least four members of the following group:
    - (b.1i) a unique identification of the respective ACER for distinguishing the respective ACER from other ACER'"'"'s within said file label;
      
      (b.1ii) an identification of a decryption algorithm that may be used to decrypt the encrypted *DATA* portion with a plaintext version of the first decryption key as derived from the respective ACER-contained, encrypted version of said first decryption key;
      
      (b.1iii) an identification of the first encrypting process that was used to produce said encrypted *DATA* portion;
      
      (b.1iv) a special processing code for specifying special processing for the respective ACER;
      
      (b.1v) a record format code for specifying a respective data format for additional data contained in the respective ACER; and
      
      (b.1vi) a group identifying code for specifying a group of ACER'"'"'s or a group of users to which the respective ACER or respectively-associated user belongs.
  - 38. A machine-usable memory according to claim 31 wherein the ACER-specific key is a private decryption key of a user associated with said ACER.
  - 39. A machine-usable memory according to claim 31 wherein each ACER further includes non-encrypted other data and the non-encrypted other data contains at least three members of the following group:
    - (b.1i) a unique identification of the respective ACER for distinguishing the respective ACER from other ACER'"'"'s within said file label;
      
      (b.1ii) an identification of a decryption algorithm that may be used to decrypt the encrypted *DATA* portion with a plaintext version of the first decryption key as derived from the respective ACER-contained, encrypted version of said first decryption key;
      
      (b.1iii) an identification of the first encrypting process that was used to produce said encrypted *DATA* portion;
      
      (b.1iv) a special processing code for specifying special processing for the respective ACER;
      
      (b.1v) a record format code for specifying a respective data format for additional data contained in the respective ACER; and
      
      (b.1vi) a group identifying code for specifying a group of ACER'"'"'s or a group of users to which the respective ACER or respectively-associated user belongs;
      
      and wherein the file label portion further includes;
      
      (b.2) a digital signature covering part of the file label portion; and
      
      (b.3) an extension buffer space not covered by said digital signature.
  - 40. A machine-usable memory according to claim 31 wherein each ACER further includes non-encrypted other data and the non-encrypted other data contains at least three members of the following group:
    - (b.1i) a unique identification of the respective ACER for distinguishing the respective ACER from other ACER'"'"'s within said file label;
      
      (b.1ii) an identification of a decryption algorithm that may be used to decrypt the encrypted *DATA* portion with a plaintext version of the first decryption key as derived from the respective ACER-contained, encrypted version of said first decryption key;
      
      (b.1iii) an identification of the first encrypting process that was used to produce said encrypted *DATA* portion;
      
      (b.1iv) a special processing code for specifying special processing for the respective ACER;
      
      (b.1v) a record format code for specifying a respective data format for additional data contained in the respective ACER; and
      
      (b.1vi) a group identifying code for specifying a group of ACER'"'"'s or a group of users to which the respective ACER or respectively-associated user belongs;
      
      and wherein the file label portion further includes;
      
      (b.2) a number-of-ACER'"'"'s signal representing the number of activated ACER'"'"'s present in the label portion; and
      
      (b.3) a length-of-ACER'"'"'s signal indicating the total extent of activated ACER'"'"'s present in the label portion.

41. A machine-implemented file-decrypting method for decrypting a multi-user data structure in response to an access request associated with one user among a plurality of users,wherein the multi-user data structure has:
- (1) a secured file data portion (*FILE DATA* portion) that is encrypted by a first encrypting process using a first encryption key; and
  
  (2) a file label portion associated with the secured file data portion, where the file label portion includes;
  
  (2.1) a plurality of Access-Control-Entries Records (ACER'"'"'s) each containing a respective, encrypted version of a first decryption key, said first decryption key being a signal that is applicable to a first decrypting process for decrypting said *FILE DATA* portion, wherein each ACER-contained encrypted version is decipherable by an ACER-specific key,said file-decrypting method comprising the steps of;
  
  (a) locating among said Access-Control-Entries Records (ACER'"'"'s), an ACER associated with said one user;
  
  (b) obtaining a private key of the one user; and
  
  (c) using the obtained key to decrypt the respective, encrypted version in the located ACER to thereby produce a plaintext version of the first decryption key; and
  
  (d) using the produced plaintext version of the first decryption key to decrypt the secured file data portion.
- View Dependent Claims (42, 43)
- - 42. A machine-implemented file-decrypting method according to claim 41 where the file label portion includes:
    - (2.2) a digital signature covering part of the file label portion; and
      
      said method further comprises the step of;
      
      (e) using the digital signature to verify that the file label portion has not been tampered with in an unauthorized manner before using the file label portion.
  - 43. A machine-implemented file-decrypting method according to claim 41 where the file label portion includes:
    - (2.2) a label-presence verifying field containing code for verifying that the label portion is present; and
      
      said method further comprises the step of;
      
      (e) using the label-presence verifying field to verify that the file label is present before proceeding with one or more of said steps (a) through (d).

44. A method for distributing encrypted *FILE DATA* signals to a plurality of users and for providing respective authorized users among said plurality of users each with intelligible access to information represented by a plaintext version of the encrypted *FILE DATA* signals,wherein said *FILE DATA* signals are producible by using a first encrypting algorithm in combination with a first encryption key to encrypt the plaintext version of said *FILE DATA* signals,said method comprising the steps of:
- (a) conveying the encrypted *FILE DATA* signals to a first data conveyance means;
  
  (b) defining a companion first decryption algorithm and a companion first decryption key that are usable for decrypting the conveyed *FILE DATA* signals;
  
  (c) for each respective authorized user, encrypting the companion first decryption key by using a respective second encryption algorithm in combination with a respective second encryption key to thereby produce a respective encrypted version of the companion first decryption key, wherein said second encryption key is a public key of the respective authorized user, and said respective second encryption algorithm is an asymmetric algorithm based on paired public and private keys;
  
  (d) for each respective authorized user, conveying the respective encrypted version to the first conveyance means; and
  
  (e) for each respective authorized user, associating at least partially by means of the first conveyance means, the respective encrypted version of the companion first decryption key with the conveyed *FILE DATA* signals.
- View Dependent Claims (45)
- - 45. The method of claim 44 further comprising the steps of:
    - (f) assigning a unique user identification code sequence to each respective authorized user; and
      
      (g) conveying the unique user identification code sequence of each respective authorized user to the first conveyance means;
      
      wherein said step (e) of associating includes;
      
      (e.1) associating the conveyed unique user identification code sequence of each respective authorized user with the user'"'"'s respective encrypted version of the companion first decryption key.

46. A method for reducing possible data leakage due to an allegedly compromised user key where the allegedly compromised user key is initially usable for gaining intelligible access to a file access key, the file access key providing intelligible access to an encrypted file, said method comprising the steps of:
- (a) providing a file security label having a plurality of access control entries records (ACER'"'"'s), wherein each ACER includes a respective encrypted version of the file access key, each respective encrypted version of the file access key of each ACER being decipherable with a respective user key associated with said ACER;
  
  (b) locating among said plurality of access control entries records (ACER'"'"'s), an ACER if any, that is associated with said allegedly compromised user key;
  
  (c) canceling out the intelligible-access gaining usability of the located ACER from the file label without affecting such same usability of others of the ACER'"'"'s that are not associated with said allegedly compromised user key.

47. A key-distribution method for use with an asymmetric first encryption/decryption system where the first encryption/decryption system uses a first encryption key during encryption and the first encryption/decryption system uses a different first decryption key during decryption, said method comprising the steps of:
- (a) encrypting supplied plaintext data using the first encryption key to produce resulting encrypted data;
  
  (b) supplying the resulting encrypted data to a data conveying means;
  
  (c) producing plural encrypted versions of the first decryption key using a respective plurality of different second encryption keys and conveying said plural encrypted versions of the first decryption key to the data conveying means;
  
  (d) producing plural encrypted versions of the first encryption key using a respective plurality of different encrypting keys and further conveying said encrypted versions of the first encryption key to said data conveyance means, wherein said plurality of different encrypting keys are each respectively part of a respective asymmetric second encryption/decryption system; and
  
  (e) associating by means of an associating media, respective ones of the encrypted versions of the first encryption key and respective ones of the encrypted versions of the first decryption key with one another and with said encrypted data.
- View Dependent Claims (48)
- - 48. The method of claim 47 further comprising the step of selectively conveying the encrypted versions of the first encryption key to some but not all authorized users.

49. A method for selectively enabling multiple users to access encrypted replicas of a given file where respective first and second ones of the encrypted replicas are stored in different first and second locations, said method comprising the steps of:
- (a) providing a file label at the first location that permits a given user (User_-- #J) to intelligibly access the first encrypted replica which is located at the first location; and
  
  (b) providing a second file label at the second location that blocks the same user (User_-- #J) from intelligibly accessing the second encrypted replica which is located at said second location.

50. A method for changing the number of authorized users that are authorized to intelligibly access an encrypted *FILE DATA* portion of a file wherein the file further includes a file label portion containing one or more active access control entries records (ACER'"'"'s), said file label portion including a number-of-ACER'"'"'s indicator for defining the number of active ACER'"'"'s, and each ACER including a respective encrypted version a file access key, the file access key providing intelligible accessibility to said encrypted *FILE DATA* portion, said method comprising the step of:
- (a) altering the number-of-ACER'"'"'s indicator in the label portion to thereby redefine the number of active ACER'"'"'s.

51. A method for locating related versions of a secured file where the secured file and the related versions each includes a *FILE DATA* portion and an associated label portion, the label portion having an ordered collection of access control entries records (ACER'"'"'s) including a first ACER, each ACER being logically associated with a unique user identification, said method comprising the steps of:
- (a) obtaining the user identification associated with the first ACER in said collection; and
  
  (b) using the obtained user identification to locate secured other files wherein the first ACER in each secured other file is logically associated to the same user identification.

52. A method for authorizing new users to intelligibly access a secured file having an *FILE DATA* portion and an associated file label portion where the file label portion includes activated ACER'"'"'s and the file label portion further includes an extension buffer zone for receiving ACER add-on requests, said method comprising the steps of:
- (a) including the public key of a requesting user in a respective ACER add-on request;
  
  (b) using the included public key to encrypt a plaintext version of a file access key, where the plaintext version of a file access key is usable for decrypting the *FILE DATA* portion.

53. A method of hiding from general viewing the presence of one or more ACER'"'"'s (Access-Control-Entries Records) in a file label portion containing a plurality of ACER'"'"'s, said method comprising the step of:
- (a) including a special handling code in the respective one or more ACER'"'"'s whose presence is to be hidden, the included special handling code being for instructing one or more label-using programs to not display each of said one or more specially-handled ACER'"'"'s.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Symantec Corporation (NortonLifeLock Inc.)
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Lohstroh, Shawn R., McDonnal, William D., Grawrock, David
Primary Examiner(s)
Hayes, Gail O.
Assistant Examiner(s)
White, Carmen

Application Number

US08/642,217
Time in Patent Office

1,226 Days
Field of Search

380/21, 380/49
US Class Current

713/165
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/6209   to a single file or object,...

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2211/008   Public Key, Asymmetric Key,...

G06F 2221/2141   Access rights, e.g. capabil...

Cryptographic file labeling system for supporting secured access by multiple users

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

253 Citations

53 Claims

Specification

Solutions

Use Cases

Quick Links

Cryptographic file labeling system for supporting secured access by multiple users

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

253 Citations

53 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links