Secure document management system
First Claim
1. Apparatus for secure management of data in a computer controlled storage system comprising:
- a trusted data management server (tdm server), responsive to a user or user program application, capable of storing data in and retrieving data from a storage system that comprises;
security structure generator means to generate the following security management structures;
a unique identifier for said data;
access control information for said data;
a data signature for authenticating said data from said data and said unique identifier; and
an access control information signature for authenticating said access control information from said access control information and said unique identifier.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention provides a method and apparatus for secure management of data in a computer controlled storage system. The system includes a trusted data management server (tdm server), responsive to a user or user program application, for storing data in and retrieving data from a storage system. The tdm server includes a security structure generator to generate the following security management structures: an unique identifier for the data; access control information for the data; a data signature for authenticating the data from the data and the unique identifier; and an access control information signature for authenticating the access control information from the access control information and the unique identifier.
-
Citations
20 Claims
-
1. Apparatus for secure management of data in a computer controlled storage system comprising:
a trusted data management server (tdm server), responsive to a user or user program application, capable of storing data in and retrieving data from a storage system that comprises; security structure generator means to generate the following security management structures; a unique identifier for said data; access control information for said data; a data signature for authenticating said data from said data and said unique identifier; and an access control information signature for authenticating said access control information from said access control information and said unique identifier. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 18)
-
9. A method for secure management of data in a computer controlled storage system comprising:
in a trusted data management server (tdm server), responsive to a user or user program application, for storing data in and retrieving data from a storage system generating the following security management structures; a unique identifier for said data; access control information for said data; a data signature for authenticating said data from said data and said unique identifier; and an access control information signature for authenticating said access control information from said access control information and said unique identifier. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 19)
-
20. A method for storing a document in a secure storage system comprising the steps of:
-
submitting the document for secure storage; generating a random number at a trusted document management server; requesting a database management system to reserve the generated random number as a document key; computing a digital document signature at the trusted document management server, wherein the document signature is capable of authenticating document content and the document key; creating an initial access control list (ACL) at the trusted document management server; computing a digital ACL signature at the trusted document management sever, wherein the ACL signature is capable of authenticating ACL content and the document key; and instructing the database management system to store the document, the document signature, the ACL and the ACL signature.
-
Specification