Generic file format for multiple security requirements

US 6,016,491 A
Filed: 01/07/1997
Issued: 01/18/2000
Est. Priority Date: 07/29/1996
Status: Expired due to Term

First Claim

Patent Images

1. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform method steps for preparing secure file packaging, said method steps comprising:

identifying file components to be packaged together;

specifying security requirements for each said file component;

specifying security requirements for the secure file packaging;

obtaining parameters for the security requirements for each said file component, calling security functions associated with the security requirements associated with each said file component, and processing each said file component;

obtaining parameters for the security requirements for the secure file packaging and calling security functions associated with the security requirements associated with the secure file packaging; and

creating a securely packaged file, wherein said creating step further comprises the steps of;

formatting a file header for said securely packaged file, wherein said header identifies a beginning and a length of said securely packaged file;

reformatting said processed file components to provide (a) at least one data file containing said processed file components in said securely packaged file, wherein a portion of said data file is in a secured form and (b) a file body in said securely packaged file for each of said processed file components, wherein each of said file bodies contains a pointer to said processed file component within said data file and security protections for said processed file component; and

formatting a file trailer for said securely packaged file, wherein said trailer provides security protection for said securely packaged file.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A generic secure file format to solve problems associated with secure storage and interchange. The file format allows multiple files to be wrapped into a single entity for storage or transmission interchange. Each file can have different security requirements from that of other files. Different file types can be interchanged under a single wrapper in this secure file format. The secure file format also allows one file to be divided into multiple sections and wraps them into a single file. Each section of the file has its own security protection. This enables only sensitive information to be protected, and leaves other sections with less or no security protection. This results in higher performance since security related operations are only required for a small portion of the file.

Citations

19 Claims

1. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform method steps for preparing secure file packaging, said method steps comprising:
- identifying file components to be packaged together;
  
  specifying security requirements for each said file component;
  
  specifying security requirements for the secure file packaging;
  
  obtaining parameters for the security requirements for each said file component, calling security functions associated with the security requirements associated with each said file component, and processing each said file component;
  
  obtaining parameters for the security requirements for the secure file packaging and calling security functions associated with the security requirements associated with the secure file packaging; and
  
  creating a securely packaged file, wherein said creating step further comprises the steps of;
  
  formatting a file header for said securely packaged file, wherein said header identifies a beginning and a length of said securely packaged file;
  
  reformatting said processed file components to provide (a) at least one data file containing said processed file components in said securely packaged file, wherein a portion of said data file is in a secured form and (b) a file body in said securely packaged file for each of said processed file components, wherein each of said file bodies contains a pointer to said processed file component within said data file and security protections for said processed file component; and
  
  formatting a file trailer for said securely packaged file, wherein said trailer provides security protection for said securely packaged file.

2. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform method steps for preparing a generic secure file wrapper, said method steps comprising:
- selecting file components to be packaged in the wrapper;
  
  reformatting the file components to provide (a) a file body for each said file component, wherein each of said file bodies contains a pointer to file data and security protections for said file data, and (b) at least one data file containing said file data, wherein a portion of said file data is in a secured form;
  
  processing a file header for the wrapper identifying a beginning and a length of the wrapper; and
  
  processing a file trailer providing security protection for the wrapper.

3. A method for preparing secure file packaging, comprising the steps of:
- identifying file components to be packaged together;
  
  specifying security requirements for each said file component;
  
  specifying security requirements for the secure file packaging;
  
  obtaining parameters for the security requirements for each said file component, calling security functions associated with the security requirements associated with each said file component and processing each said file component;
  
  obtaining parameters for the security requirements for the secure file packaging and calling security functions associated with the security requirements associated with the secure file packaging; and
  
  creating a securely packaged file, wherein said creating step further comprises the steps of;
  
  formatting a file header for said securely packaged file, wherein said header identifies a beginning and a length of said securely packaged file;
  
  reformatting said processed file components to provide (a) at least one data file containing said processed file components in said securely packaged file, wherein a portion of said data file is in a secured form and (b) a file body in said securely packaged file for each of said processed file components, wherein each of said file bodies contains a pointer to said processed file component within said data file and security protections for said processed file component; and
  
  formatting a file trailer for said securely packaged file, wherein said trailer provides security protection for said securely packaged file.
- View Dependent Claims (4, 5, 6, 7)
- - 4. The method according to claim 3, wherein:
    - the step of specifying security requirements for each said file component comprises identifying security protections required for each said file component and identifying a security algorithm associated with said security protections; and
      
      the step of obtaining parameters for the security requirements for each said file component comprises obtaining parameters for the security algorithm.
  - 5. The method according to claim 4, wherein the step of specifying the security requirements for each said file component further comprises specifying an operation mode of the security algorithm, a character set used and an output file name.
  - 6. The method, according to claim 3, wherein the file components are individual files.
  - 7. The method, according to claim 3, wherein the file components are sections of a compound file.

8. A method for preparing a generic secure file wrapper, comprising the steps of:
- selecting file components to be packaged in the wrapper;
  
  reformatting the file components to provide (a) a file body for each said file component, wherein each of said file bodies contains a pointer to file data and security protections for said file data, and (b) at least one data file containing said file data, wherein a portion of said file data is in a secured form;
  
  processing a file header for the wrapper identifying a beginning and a length of the wrapper; and
  
  processing a file trailer providing security protection for the wrapper.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The method, according to claim 8, further comprising the step of processing the wrapper in the following order:
    - (i) the file header;
      
      (ii) all of the file bodies;
      
      (iii) the file trailer; and
      
      (iv) said at least one data file.
  - 10. The method according to claim 8, wherein each said file body further comprises a tag identifying the file component and setting out a length of the file body, and wherein the security protections comprise security types and security algorithms for said security types to access the file data in said secured form.
  - 11. The method according to claim 8, wherein the file trailer contains a tag identifying a length of the trailer and security specifications and parameters for the wrapper.
  - 12. The method, according to claim 8, wherein the file components are individual files.
  - 13. The method, according to claim 8, wherein the file components are sections of a compound file.

14. A wrapper for securing files for transmission or storage, wherein said wrapper resides on a computer readable memory, said wrapper comprising:
- a header for identifying a beginning and a length of the wrapper;
  
  at least one data file resulting from reformatting processed file components, said data file comprised of a stored version of each of one or more said file components, wherein each of said stored versions is either a secure representation of said file component or a non-secure representation of said file component;
  
  for each of said stored versions, a file body resulting from said reformatting, comprising;
  
  a pointer to a location in said data file, said location being where said stored version of said file component begins;
  
  security specifications for said stored version of said file component; and
  
  output file specification parameters for accessing the stored version of said file component; and
  
  a trailer containing security specifications for the wrapper.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The wrapper, according to claim 14, wherein at least some of the file data is secured by at least one of encryption, data integrity or digital signature.
  - 16. The wrapper, according to claim 14, wherein the security specifications include security type, security algorithms, security algorithm parameters and operation modes for the security algorithms.
  - 17. The wrapper, according to claim 14, further comprising address data in plain text form.
  - 18. The wrapper, according to claim 17, wherein the address data is contained in at least one initial data segment in the data file.
  - 19. The wrapper, according to claim 17, wherein the address data is located before the header.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
International Business Machines Corporation
Inventors
Kou, Weidong
Primary Examiner(s)
Amsbury, Wayne
Assistant Examiner(s)
Loomis, John C.

Application Number

US08/781,465
Time in Patent Office

1,106 Days
Field of Search

707/9, 380/3, 380/4, 395/186, 395/187.01, 395/188.01
US Class Current

1/1
CPC Class Codes

G06F 21/6227   where protection concerns t...

G06F 2221/2107   File encryption

Y10S 707/99939   Privileged access

Y10S 707/99942   Manipulating data structure...

Generic file format for multiple security requirements

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Generic file format for multiple security requirements

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links