Secure and searchable storage system and method

US 7,512,814 B2
Filed: 11/09/2004
Issued: 03/31/2009
Est. Priority Date: 11/09/2004
Status: Active Grant

First Claim

Patent Images

1. A system for storing electronic documents in a secure and searchable manner, the system including a client portion and a server portion, the client portion being located at a trusted location and comprising:

a parser to parse electronic documents received at the client portion to identify terms of interest within the received electronic document;

a search and retrieval interface to specify one or more terms of interest to identify and retrieve one or more documents from the server portion;

a first encryptor to encrypt identified terms of interest to obtain ciphertext versions of the terms of interest;

a second encryptor to encrypt the received document to obtain a ciphertext version of the received document;

a decryptor to decrypt a ciphertext version of a retrieved document to obtain a plaintext version; and

client communications means to transfer the ciphertext version of the received document and the ciphertext version of the identified terms to the server portion and to receive a ciphertext version of documents from the server portion; and

the server portion comprising;

server communications means to receive from a client portion the ciphertext version of a document and the ciphertext version of identified terms and to transfer the ciphertext version of an identified document to the client portion;

a storage device to store ciphertext versions of documents received from the client portion;

an indexer and search engine to construct and maintain a searchable index of received ciphertext versions of identified terms contained in the ciphertext versions of documents received from the client portion and responsive to the search and retrieval interface of the client portion to cause the storage device and the server communications means to transfer ciphertext copies of the identified documents of interest to the client portion;

an encryptor to encrypt ciphertext documents received at the server portion and to decrypt ciphertext documents to be transferred to the client portion;

a retention manager operable to determine the relevant destruction date for each ciphertext document received at the server portion; and

a retention key manager storing an encryption key for each destruction date of documents stored in the storage device, the retention key manager responsive to the retention manager to provide the encryption key for the relevant destruction date to the encryptor and to destroy encryption keys whose related destruction date has passed, wherein the retention manager compares one or more characteristics of each received ciphertext document to predefined criteria to determine the relevant destruction date for the received document; and

a dictionary tool operable to maintain a list of the identified plaintext terms of interest for all documents received at the client portion and wherein wildcard terms specified at the search and retrieval interface are matched to terms in the maintained list, the matched terms being encrypted by the first encryptor.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for securely storing electronic documents is provided. The system includes a client portion and a server portion and the client portion is located at a trusted location. The client portion encrypts each electronic document and produces a list of terms of interest relating to the document, which terms are also encrypted. The encrypted document and the encrypted terms are transferred to a server portion which need not be located at a trusted location. The document is stored at the server portion in a manner which allows for locating the document again via the encrypted terms and returning the encrypted document to the trusted client portion, where it can be decrypted. Attachments to documents can also be encrypted and stored at the server, as can copies of dynamic documents, such as web pages. The server portion can also have a retention manager and encryptor which is used to implement document retention and destruction policies defined by the user of the system.

129 Citations

9 Claims

1. A system for storing electronic documents in a secure and searchable manner, the system including a client portion and a server portion, the client portion being located at a trusted location and comprising:
- a parser to parse electronic documents received at the client portion to identify terms of interest within the received electronic document;
  
  a search and retrieval interface to specify one or more terms of interest to identify and retrieve one or more documents from the server portion;
  
  a first encryptor to encrypt identified terms of interest to obtain ciphertext versions of the terms of interest;
  
  a second encryptor to encrypt the received document to obtain a ciphertext version of the received document;
  
  a decryptor to decrypt a ciphertext version of a retrieved document to obtain a plaintext version; and
  
  client communications means to transfer the ciphertext version of the received document and the ciphertext version of the identified terms to the server portion and to receive a ciphertext version of documents from the server portion; and
  
  the server portion comprising;
  
  server communications means to receive from a client portion the ciphertext version of a document and the ciphertext version of identified terms and to transfer the ciphertext version of an identified document to the client portion;
  
  a storage device to store ciphertext versions of documents received from the client portion;
  
  an indexer and search engine to construct and maintain a searchable index of received ciphertext versions of identified terms contained in the ciphertext versions of documents received from the client portion and responsive to the search and retrieval interface of the client portion to cause the storage device and the server communications means to transfer ciphertext copies of the identified documents of interest to the client portion;
  
  an encryptor to encrypt ciphertext documents received at the server portion and to decrypt ciphertext documents to be transferred to the client portion;
  
  a retention manager operable to determine the relevant destruction date for each ciphertext document received at the server portion; and
  
  a retention key manager storing an encryption key for each destruction date of documents stored in the storage device, the retention key manager responsive to the retention manager to provide the encryption key for the relevant destruction date to the encryptor and to destroy encryption keys whose related destruction date has passed, wherein the retention manager compares one or more characteristics of each received ciphertext document to predefined criteria to determine the relevant destruction date for the received document; and
  
  a dictionary tool operable to maintain a list of the identified plaintext terms of interest for all documents received at the client portion and wherein wildcard terms specified at the search and retrieval interface are matched to terms in the maintained list, the matched terms being encrypted by the first encryptor.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1 wherein the client communications means and the server communications means communicate via an encrypted link.
  - 3. The system of claim 1 wherein the second encryptor is the decryptor.
  - 4. The system of claim 1 wherein the parser also operates to relate identified terms of interest to at least one metadata field for the received document.
  - 5. The system of claim 1 wherein the client portion is further operable to encrypt and transfer to the server portion ciphertext copies of attachments to documents received at the client portion and the server portion is further operable to index and store the ciphertext copies of attachments in the storage device.
  - 6. The system of claim 1 wherein the parser further includes a content reference engine operable to copy dynamic documents referred to in the received document, the client portion being operable to encrypt the copies of dynamic documents to obtain ciphertext copies of the dynamic documents and the server portion being operable to store to the ciphertext copies of the dynamic documents.

7. A method of securely storing electronic documents in a secure and searchable manner, comprising the steps of:
- at a trusted location, receiving copies of electronic documents to be stored;
  
  parsing the received copies to identify terms of interest in the documents;
  
  validating at the client portion an encryption key to be used to encrypt the received copies of electronic documents by;
  
  (a) retrieving from the server portion a validation data set comprising plaintext test data, a ciphertext version of the plaintext test data previously encrypted with the key to be validated, and a digital signature for each of the plaintext test data and ciphertext version of the plaintext data;
  
  (b) determining a digital signature for the plaintext test data and comparing the determined digital signature to the retrieved digital signature for the plaintext data set to determine if the plaintext data set has been corrupted and determining a digital signature for the cyphertext version of the plaintext test data and comparing the determined digital signature to the retrieved digital signature for the cyphertext version of the plaintext data set to determine if the cyphertext version of the plaintext data set has been corrupted;
  
  (c) if either or both or both of the plaintext data set and the cyphertext version of the plaintext data set has been corrupted, performing steps (a) and (b) again to obtain an uncorrupted validation data set; and
  
  (d) encrypting the plaintext data set with the encryption key to be validated and comparing the resulting cyphertext version of the plaintext data set to the ciphertext version of the plaintext data set in the retrieved uncorrupted validation data set and deeming the encryption key to be valid if the encrypted the plaintext data set is identical to the ciphertext version of the plaintext data set in the retrieved uncorrupted validation data set and otherwise deeming the encryption key to be invalid;
  
  encrypting the received documents to obtain ciphertext versions of the received documents and encrypting the identified terms of interest found in each document to obtain ciphertext copies of the terms;
  
  transferring the ciphertext copies of the documents and identified terms to a second location over a communications link;
  
  receiving the ciphertext copies of the documents at the second location and storing received ciphertext copies on a storage device;
  
  receiving the ciphertext copies of the identified terms of interest at the second location and constructing and maintaining an index which indicates, for each received ciphertext term of interest, the storage location of each ciphertext copy of the documents which contains the term of interest;
  
  providing a search interface at the trusted location wherein a user can search for a stored ciphertext copy of a document stored on the storage device by defining a query containing one or more plaintext terms of interest, the plaintext terms of interest being encrypted and, over the communications link, being compared to the ciphertext terms in the index to identify the ciphertext copies of documents stored on the storage device;
  
  transmitting the identified ciphertext copies of documents over the communications link to the trusted location and decrypting the transmitted ciphertext copies of the documents at the trusted location to obtain plaintext copies of the identified documents; and
  
  using a dictionary tool to maintain a list of identified terms of interest at the trusted location and accepting queries at the search interface including one or more wildcard operators and examining the maintained list of identified terms of interest to expanding the wildcard operators in the query.
- View Dependent Claims (8, 9)
- - 8. The method of claim 7 further comprising the step of encrypting copies of attachments to received documents and storing the resulting ciphertext copies of the attachments in the storage device.
  - 9. The method of claim 7 further comprising the step of copying dynamic documents referred to in the received documents;
    - encrypting the copies of the dynamic documents to obtain ciphertext copies of the dynamic documents; and
      
      storing the ciphertext copies of the dynamic documents in the storage device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Proofpoint Incorporated
Original Assignee
Fortiva, Inc. (Proofpoint Incorporated)
Inventors
Chen, Paul, Tebo, Christopher
Primary Examiner(s)
Moise; Emmanuel L
Assistant Examiner(s)
GERGISO, TECHANE

Application Number

US10/983,890
Publication Number

US 20060101285A1
Time in Patent Office

1,603 Days
Field of Search

713/193, 713/158, 713/182
US Class Current

713/193
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6227   where protection concerns t...

H04L 63/0421   Anonymous communication, i....

H04L 63/08   for authentication of entit...

Secure and searchable storage system and method

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

129 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Secure and searchable storage system and method

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

129 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links