Selective data encryption using style sheet processing
First Claim
1. A computer program product embodied on computer readable media readable by a computing system in a computing environment, for enforcing security policy using style sheet processing, comprising:
- computer-readable program code for obtaining an input document;
computer-readable program code for obtaining a Document Type Definition (DTD) that defines elements of said input document, wherein;
(1) an attribute of at least one element defined in said DTD references one of a plurality of stored policy enforcement objects;
(2) more than one of said references may reference a single stored policy enforcement object; and
(3) each of said stored policy enforcement objects specifies a visibility policy for said referencing element or elements, said visibility policy identifying an encryption requirement for all elements having that visibility policy and a community whose members are authorized to view those elements;
computer-readable program code for applying one or more style sheets to said input document, thereby adding markup notation to each element of said input document for which said element definition in said DTD references one of said stored policy enforcement objects specifying a visibility policy with a non-null encryption requirement, resulting in creation of an interim transient document that indicates elements of said input document which are to be encrypted; and
computer-readable program code for creating an output document in which each element of said interim transient document for which markup notation has been added is encrypted in a manner that enables each community member that is authorized to view that element to use key distribution material associated with the output document to decrypt the encrypted element, and that precludes decryption of the encrypted element by unauthorized community members.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, system, and computer program product for selectively encrypting one or more elements of a document using style sheet processing. Disclosed is a policy-driven augmented style sheet processor (e.g. an Extensible Stylesheet Language, or “XSL”, processor) that creates a selectively-encrypted document (e.g. an Extensible Markup Language, or “XML”, document) carrying key-distribution material, such that by using an augmented document processor (e.g. an augmented XML processing engine), an agent can recover only the information elements for which it is authorized. The Document Type Definition (DTD) or schema associated with a document is modified, such that the DTD or schema specifies a reference to stored security policy to be applied to document elements. Each document element may specify a different security policy, such that the different elements of a single document can be encrypted differently (and, some elements may remain unencrypted). The key distribution material enables a document to be encrypted for decryption by an audience that is unknown at the time of document creation, and enables access to the distinct elements of a single encrypted document to be controlled for multiple users and/or groups of users. In this manner, group collaboration is improved by giving more people easier access to information for which they are authorized, while protecting sensitive data from unauthorized agents. A key recovery technique is also defined, whereby the entire document can be decrypted by an authorized agent regardless of how the different elements were originally encrypted and the access protections which were applied to those elements.
-
Citations
60 Claims
-
1. A computer program product embodied on computer readable media readable by a computing system in a computing environment, for enforcing security policy using style sheet processing, comprising:
-
computer-readable program code for obtaining an input document;
computer-readable program code for obtaining a Document Type Definition (DTD) that defines elements of said input document, wherein;
(1) an attribute of at least one element defined in said DTD references one of a plurality of stored policy enforcement objects;
(2) more than one of said references may reference a single stored policy enforcement object; and
(3) each of said stored policy enforcement objects specifies a visibility policy for said referencing element or elements, said visibility policy identifying an encryption requirement for all elements having that visibility policy and a community whose members are authorized to view those elements;
computer-readable program code for applying one or more style sheets to said input document, thereby adding markup notation to each element of said input document for which said element definition in said DTD references one of said stored policy enforcement objects specifying a visibility policy with a non-null encryption requirement, resulting in creation of an interim transient document that indicates elements of said input document which are to be encrypted; and
computer-readable program code for creating an output document in which each element of said interim transient document for which markup notation has been added is encrypted in a manner that enables each community member that is authorized to view that element to use key distribution material associated with the output document to decrypt the encrypted element, and that precludes decryption of the encrypted element by unauthorized community members. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A system for enforcing security policy using style sheet processing in a computing environment, comprising:
-
an input document;
a Document Type Definition (DTD) that defines elements of said input document, wherein;
(1) an attribute of at least one element defined in said DTD references one of a plurality of stored policy enforcement objects;
(2) more than one of said references may reference a single stored policy enforcement object; and
(3) each of said stored policy enforcement objects specifies a visibility policy for said referencing element of elements, said visibility policy identifying an encryption requirement for all elements having that visibility policy and a community whose members are authorized to view those elements;
means for applying one or more style sheets to said input document, thereby adding markup notation to each element of said input document for which said element definition in said DTD references one of said stored policy enforcement objects specifying a visibility policy with a non-null encryption requirement, resulting in creation of an interim transient document that indicates elements of said input document which are to be encrypted; and
means for creating an output document in which each element of said interim transient document for which markup notation has been added is encrypted in a manner that enables each community member that is authorized to view that element to use key distribution material associated with the output document to decrypt the encrypted element, and that precludes decryption of the encrypted element by unauthorized community members. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. A method for enforcing security policy using style sheet processing in a computing environment, comprising:
-
providing an input document;
providing a Document Type Definition (DTD) that defines elements of said input document, wherein;
(1) an attribute of at least one element defined in said DTD references one of a plurality of stored policy enforcement objects;
(2) more than one of said references may reference a single stored policy enforcement object; and
(3) each of said stored policy enforcement objects specifies a visibility policy for said referencing element of elements, said visibility policy identifying an encryption requirement for all elements having that visibility policy and a community whose members are authorized to view those elements;
applying one or more style sheets to said input document, thereby adding markup notation to each element of said input document for which said element definition in said DTD references one of said stored policy enforcement objects specifying a visibility policy with a non-null encryption requirement, resulting in creation of an interim transient document that indicates elements of said input document which are to be encrypted; and
creating an output document in which each element of said interim transient document for which markup notation has been added is encrypted in a manner that enables each community member that is authorized to view that element to use key distribution material associated with the output document to decrypt the encrypted element, and that precludes decryption of the encrypted element by unauthorized community members. - View Dependent Claims (42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60)
-
Specification