Method and system for enabling users of a group shared across multiple file security systems to access secured files

US 7,730,543 B1
Filed: 06/30/2003
Issued: 06/01/2010
Est. Priority Date: 06/30/2003
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for interacting between file security systems, the method comprising:

creating, using a computing device, a first shared group at a first file security system;

creating, using the computing device, a second shared group at a second file security system;

permitting one or more users of the first file security system to be within the second shared group;

permitting one or more users of the second file security system to be within the first shared group;

creating, using the computing device, a third shared group; and

permitting one or more users who are within both the first and second shared groups to be within the third shared group.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Improved system and approaches for permitting users of different organizations to access secured files (e.g., documents) are disclosed. These users can be part of a group that is shared across a plurality of file security systems. For example, at a first file security system, a user of the shared group can secure a file for restricted access by those users within the shared group. Subsequently, at a different file security system, another user of the shared group is able to access the content of the secured file.

315 Citations

19 Claims

1. A computer-implemented method for interacting between file security systems, the method comprising:
- creating, using a computing device, a first shared group at a first file security system;
  
  creating, using the computing device, a second shared group at a second file security system;
  
  permitting one or more users of the first file security system to be within the second shared group;
  
  permitting one or more users of the second file security system to be within the first shared group;
  
  creating, using the computing device, a third shared group; and
  
  permitting one or more users who are within both the first and second shared groups to be within the third shared group.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The computer-implemented method as recited in claim 1, wherein one or more users of the first file security system are added to or removed from the third shared group.
  - 3. The computer-implemented method as recited in claim 2, wherein one or more users of the second file security system are added to or removed from the third shared group.
  - 4. The computer-implemented method as recited in claim 1, wherein creating the second shared group comprises receiving at least one cryptographic key associated with the second shared group.
  - 5. The computer-implemented method as recited in claim 1, wherein permitting one or more users who are within both the first and second shared groups to be within the third shared group comprises:
    - sending an invitation to the second file security system inviting users of the second file security system to join the third shared group; and
      
      receiving an acceptance to the invitation from the second file security system when if the second file security system desires to join the third shared group.
  - 6. The computer-implemented method as recited in claim 5, wherein permitting one or more users who are within both the first and second shared groups to be within the third shared group further comprises providing at least one cryptographic key associated with the third shared group to the second file security system after the receiving receives the acceptance to the invitation.
  - 7. The computer-implemented method as recited in claim 6, wherein the at least one cryptographic key associated with the third shared group comprises at least one public-private key pair.
  - 8. The computer-implemented method as recited in claim 1, wherein the method further comprises:
    - subsequently removing users of the second file security system from the third shared group.
  - 9. The computer-implemented method as recited in claim 8, wherein permitting one or more users who are within both the first and second shared groups to be within the third shared group supplies at least one cryptographic key associated with the third shared group to the second file security system, andwherein the method further comprises:
    - supplying at least one cryptographic key to the other file security systems within the third shared group after or during the removing.
  - 10. The computer-implemented method as recited in claim 1, wherein permitting one or more users who are within both the first and second shared groups to be within the third shared group supplies, to the second file security system, at least one historical cryptographic key associated with the third shared group and at least one current cryptographic key associated with the third shared group.

11. A computer readable storage medium including at least computer program code for interacting between file security systems, the computer readable medium comprising:
- computer program code enabling a processor to create a first shared group at a first file security system;
  
  computer program code enabling a processor to create a second shared group at a second file security system;
  
  computer program code enabling a processor to permit one or more users of the first file security system to be within the second shared group;
  
  computer program code enabling a processor to permit one or more users of the second file security system to be within the first shared group;
  
  computer program code enabling a processor to create a third shared group; and
  
  computer program code enabling a processor to permit one or more users who are within both the first and second shared groups to be within the third shared group.

12. A method for restricting access to electronic files, the method comprising:
- receiving, at a computing device, respective requests from a first requestor being a member of a first group and a second requestor being a member of a second group requesting access to a security system, one of the first and second requestor being associated with the security system, the security system being accessible by a shared group including at least one member from each of the first group and the second group;
  
  verifying, using the computing device, authentication information from the first and second requestor to determine if they are part of the shared group; and
  
  allowing respective ones of the first and second requestors access to the security system upon successful verification they are part of the shared group.
- View Dependent Claims (13, 14)
- - 13. The method as recited in claim 12, wherein the requestors within the shared group are able to access key-pairs needed to decrypt and/or encrypt an electronic file for restricted access by only those requestors within the shared group, andwherein the electronic file contains encrypted file data and encrypted security information, the encrypted security information is decrypted with a key from the key-pairs corresponding to the shared group.
  - 14. The method as recited in claim 13, wherein the security information includes at least a key to decrypt the encrypted file data.

15. A computer-readable storage medium comprising computer program code enabling a computing device to perform a method for restricting access to electronic files, the method comprising:
- receiving respective requests from a first requestor being a member of a first group and a second requestor being a member of a second group requesting access to a security system, one of the first and second requestor being associated with the security system, the security system being accessible by a shared group including at least one member from each of the first group and the second group;
  
  verifying authentication information from the first and second requestor to determine if they are part of the shared group; and
  
  allowing respective ones of the first and second requestors access to the security system upon successful verification they are part of the shared group.

16. A system that restricts access to electronic files, comprising:
- a computing device comprising;
  
  a processor; and
  
  a memory;
  
  wherein the computing device is capable of receiving respective requests from a first requestor being a member of a first group and a second requestor being a member of a second group requesting access to the security system, one of the first and second requestor being associated with the security system, the security system being accessible by a shared group including at least one member from each of the first group and the second group; and
  
  wherein the computing device is capable of verifying authentication information from the first and second requestor to determine if they are part of the shared group,wherein respective ones of the first and second requestors are allowed access to the security system upon successful verification they are part of the shared group.
- View Dependent Claims (17, 18, 19)
- - 17. The system as recited in claim 16, wherein the requestors within the shared group are able to access key-pairs needed to decrypt and/or encrypt electronic files for restricted access by only those requestors within the shared group.
  - 18. The system as recited in claim 17, wherein following an event, the key-pairs associated with the shared group are changed.
  - 19. The system as recited in claim 18, wherein the event is an entity withdrawal from the shared group.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intellectual Ventures I LLC (Intellectual Ventures LLC)
Original Assignee
Guardian Data Storage LLC
Inventors
Nath, Satyajit
Primary Examiner(s)
CERVETTI, DAVID GARCIA

Application Number

US10/610,832
Time in Patent Office

2,528 Days
Field of Search

713/171, 726/14, 726/27
US Class Current

726/27
CPC Class Codes

G06F 21/6218   to a system of files or obj...

H04L 63/065   for group communications cr...

H04L 63/104   Grouping of entities

H04N 21/2541   Rights Management protectin...

H04N 21/25875   involving end-user authenti...

H04N 21/26613   for generating or managing ...

H04N 21/2743   Video hosting of uploaded d...

H04N 21/4788   communicating with other us...

Method and system for enabling users of a group shared across multiple file security systems to access secured files

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

315 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for enabling users of a group shared across multiple file security systems to access secured files

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

315 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links