System for electronic repository of data enforcing access control on data retrieval
First Claim
1. A secure electron data storage and retrieval system with the electronic data stored therein maintained secure from the repository manager, comprising:
- a data repository;
a repository manager for managing storage and retrieval of encrypted electronic data of a deposing computer into and out of the data repository;
an agent program of the depositing computer, accessible to the repository manager whether the depositing computer is online or off-line, the agent program having means in an environment secure from the repository manager to decrypt, on authentication of a requesting computer, the encrypted electronic data of the depositing computer retrieved from the data repository on request of the requesting computer;
where the repository manager is further adapted to digitally sign the encrypted electronic prior to storage in the data repository, and to forward a copy of the signed encrypted data to the agent program of the depositing computer, and wherein the agent program of the depositing computer is adapted to verify in the environment secure from the repository manager against the signed encrypted data, the retrieved encrypted electronic following decryption; and
where the agent program is further adapted to forward the decrypted electronic data directly from the environment secure from the repository manager to the requesting computer without providing access to the repository manager.
1 Assignment
0 Petitions
Accused Products
Abstract
When an electronic document is made available for review by other entities, it is often convenient to store the document in a repository or database managed by a third party. A system is provided in which the originator of the document is able to ensure the integrity and security of its document filed with a third party repository without having to trust the administrator of the repository. Both the document originator and the repository administrator have vault environments which are secure extensions of their respective work spaces. The vault of the document originator encrypts a document that it receives from the originator, prior to forwarding it on to the vault of the repository. On receipt of the encrypted document, the repository'"'"'s vault signs the encrypted document itself before storing the document in the electronic repository and returns to the originator'"'"'s vault proof of deposit of the encrypted document in the form of a copy of the signed encrypted document. An access control list identifying access ownership privileges for the document are also stored in the repository. Updates to the access control list are under the control of document originator, or another computer designated by the document originator. When a request is made to view the document, it is made from the vault of the requesting party (a secure extension of the requesting party'"'"'s work space) to the repository'"'"'s vault. The repository'"'"'s vault retrieves a copy of the encrypted document which it forwards, along with the requestor'"'"'s identity to the originator'"'"'s vault. The originator'"'"'s vault verifies that the access control is valid, then verifies that the requestor is authorized to view the document from the access control list, then decrypts the document and forwards the decrypted document directly to the requestor'"'"'s vault. The requestor provides proof of receipt of the decrypted document.
-
Citations
18 Claims
-
1. A secure electron data storage and retrieval system with the electronic data stored therein maintained secure from the repository manager, comprising:
-
a data repository;
a repository manager for managing storage and retrieval of encrypted electronic data of a deposing computer into and out of the data repository;
an agent program of the depositing computer, accessible to the repository manager whether the depositing computer is online or off-line, the agent program having means in an environment secure from the repository manager to decrypt, on authentication of a requesting computer, the encrypted electronic data of the depositing computer retrieved from the data repository on request of the requesting computer;
where the repository manager is further adapted to digitally sign the encrypted electronic prior to storage in the data repository, and to forward a copy of the signed encrypted data to the agent program of the depositing computer, and wherein the agent program of the depositing computer is adapted to verify in the environment secure from the repository manager against the signed encrypted data, the retrieved encrypted electronic following decryption; and
where the agent program is further adapted to forward the decrypted electronic data directly from the environment secure from the repository manager to the requesting computer without providing access to the repository manager. - View Dependent Claims (2, 3, 4)
-
-
5. A process for authenticating user access to electronic data stored in a data repository secure from a repository manager unrelated to a source of the electronic data, comprising:
-
associating an access control list of user authorizations with the electronic data when stored in the data repository in an environment secure from the repository manager;
effecting updates to the access control list only from the source of the electronic data;
storing the updated access control list with the electronic data stored in the data repository in an environment secure from the repository manager;
storing evidence of the updated access control list at the source of the electronic data and at any use computer to have effected the update;
verifying accuracy of the updated access control list stored with the electronic data in the data repository with the evidence stored at the source before releasing the electronic data to a requesting authorized user;
identifying a revision level of the updated access control list;
associating a current time stop with the updated access control list, where the step of storing evidence comprises;
creating a token of the revision level and current time stamp;
storing the token at every with access to the electronic data in the data repository;
attaching the token to the updated access control list to form a data structure;
digitally signing the data structure;
storing the singed data structure with the updated access control list in the data repository and at the source; and
where the step of verifying accuracy of the updated access control list compromises;
verifying decrypting the data repository and at the source; and
comparing the verified data structure with the updated access control list retrieved from the data repository. - View Dependent Claims (6, 7)
-
-
8. A process for secure storage and retrieval of electronic data in a rite data repository, comprising:
-
digitally signaling the electronic data at a source;
encrypting the electronic data at the source;
forwarding the encrypted electronic data to the data repository;
digitally signing the encrypted electronic data at the data repository to produce a deposit receipt;
storing the encrypted electronic data and deposit receipt in the data repository in an environment fee of access by the data repository manager;
returning a copy of the deposit receipt to the source;
receiving a request from a requesting user, for access to the stored electronic data;
retrieving the encrypted electronic data and forwarding the retrieved data to the source;
verifying the requesting user as authorized to access the electronic data; and
if verified, decrypting the retrieved data by the source and sending it directly to the requesting user without providing access to the data by the repository manager. - View Dependent Claims (9, 10, 11)
-
-
12. A computer program product on a computer usable medium for authenticating user access to electronic data stored in a data repository secure from a repository manager unrelated to a source of the electronic data, said computer program product comprising:
-
computer software for associating an access control list of user authorizations with the electronic data when stored in the data repository in an environment secure from the repository manager;
computer software for effecting updates to the access control list from the source of electronic data;
computer software for storing the updated access control list with the electronic data stored in the data repository in an environment secure from the repository manager;
computer software for storing the evidence of the updated access control list at the source of the electronic data and at any user computer to have effected the update;
computer software for verifying accuracy of the updated access control list stored with the electronic data in the data repository with the evidence stored at the source before releasing the electronic data to a requesting authorized user;
where the computer software for effecting updates to the access control list comprises;
computer software for identifying a revision level of the updated access control list; and
computer software for associating a current time stamp with the updated access control list; and
where the step of storing evidence comprises;
computer software for creating a token of the revision level and current time stamp; and
computer software for storing the token at every user with access to the electronic data in the data repository;
computer software for attaching the token to the updated access control list to form a data structure;
computer software for digitally the signing the data structure computer software for storing the signed data structure with the updated access control list in the data repository and at the source; and
where the software for verifying accuracy of the updated access control list comprises;
computer software for verifying decrypting the data structure signature at the source; and
computer software for comparing the verified data structure with the updated access control list retrieved from data repository. - View Dependent Claims (13, 14, 15, 16)
-
-
17. The computer program product according to clam 16, further comprising computer software for verifying accuracy of the updated access control list stored with the electronic data in the data repository with the evidence stored at the source before releasing the electronic data to the requesting user.
-
18. A computer program Product on a computer for secure storage and retrieval of electronic dam in a remote data repository, comprising:
-
computer software for digitally signing the electronic data at a source;
computer software for encrypting the electronic data at the source;
computer software for forwarding the encrypted electronic data to the data repository;
computer software for storing the encrypted electronic data and deposit receipt in the data repository in an environment free of access by the data depository manager;
computer software for returning a copy of the deposit receipt to the source;
computer software for receiving a request from a requesting user, for access to the stored electronic data;
computer software for retrieving the encrypted electronic data and forwarding the retrieved data the source;
computer software for verifying the requesting user as authorized to access the electronic data; and
computer software at the source for decrypting the retrieved data when verified and sending it directly to the requesting user without providing access to the data repository manager.
-
Specification