Method and apparatus for transitioning between states of security policies used to secure electronic documents
First Claim
1. A document security system for restricting access to secured documents, the system comprising:
- a processor;
a policy system configured to enable the processor to store at least one process-driven security policy on a computer readable storage medium, wherein the process-driven security policy includes a plurality of different states and transition rules, wherein each of the different states is associated with one or more access restrictions, wherein at least one of the different states has distinct access restrictions for secured documents which reside in that state, and wherein the transition rules specify circumstances under which a secured document is to transition from one state to another, wherein the secured document includes at least a security information portion and an encrypted data portion, the security information portion including at least an encrypted file key, wherein the circumstances include the occurrence of internal and external events, wherein the external events originate from outside the policy system and wherein in response to detecting a transition from a previous state of the process-driven security policy for the secured document to a current state, the secured document is modified by decrypting the file key and then re-encrypting the file key, whereby the file key is encrypted differently for the current state than the previous state;
wherein the policy system is configured to enable the processor to provide a reference to the process-driven security policy to a client computer, the reference referring to the process-driven security policy and an accessor user list resident on the policy system; and
an access manager configured to enable the processor to access the process-driven security policy and determine whether a requestor is permitted to access a secured document based on the policy state associated therewith at the time access is requested, the requestor being listed in the accessor user list, and the corresponding one or more access restrictions thereof for the process-driven security policy.
4 Assignments
0 Petitions
Accused Products
Abstract
Techniques for dynamically altering security criteria used in a file security system are disclosed. The security criteria pertains to keys (or ciphers) used by the file security system to encrypt electronic files to be secured or to decrypt electronic files already secured. The security criteria can, among other things, include keys that are required to gain access to electronic files. Here, the keys can be changed automatically as electronic files transition between different states of a process-driven security policy. The dynamic alteration of security criteria enhances the flexibility and robustness of the security system. In other words, access restrictions on electronic files can be dependent on the state of the process-driven security policy and enforced in conjunction with one or more cryptographic methods.
-
Citations
28 Claims
-
1. A document security system for restricting access to secured documents, the system comprising:
-
a processor; a policy system configured to enable the processor to store at least one process-driven security policy on a computer readable storage medium, wherein the process-driven security policy includes a plurality of different states and transition rules, wherein each of the different states is associated with one or more access restrictions, wherein at least one of the different states has distinct access restrictions for secured documents which reside in that state, and wherein the transition rules specify circumstances under which a secured document is to transition from one state to another, wherein the secured document includes at least a security information portion and an encrypted data portion, the security information portion including at least an encrypted file key, wherein the circumstances include the occurrence of internal and external events, wherein the external events originate from outside the policy system and wherein in response to detecting a transition from a previous state of the process-driven security policy for the secured document to a current state, the secured document is modified by decrypting the file key and then re-encrypting the file key, whereby the file key is encrypted differently for the current state than the previous state; wherein the policy system is configured to enable the processor to provide a reference to the process-driven security policy to a client computer, the reference referring to the process-driven security policy and an accessor user list resident on the policy system; and an access manager configured to enable the processor to access the process-driven security policy and determine whether a requestor is permitted to access a secured document based on the policy state associated therewith at the time access is requested, the requestor being listed in the accessor user list, and the corresponding one or more access restrictions thereof for the process-driven security policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for transitioning at least one secured document through a security-policy state machine having a plurality of different states, each of the plurality of different states having distinct access restrictions for secured documents which reside in that state, the method comprising:
-
receiving an event, wherein the event is one of a group of internal and external events, wherein the external events originate from outside the security-policy state machine; determining whether the event causes a state transition for the at least one secured document from a former state to a subsequent different state of the security-policy state machine; automatically transitioning from the former state to the subsequent different state of the security-policy state machine in response to determining that the event causes the state transition, wherein the at least one secured document includes at least a security information portion and an encrypted data portion, the security information portion including at least an encrypted file key, and wherein the transitioning comprises modifying the at least one secured document by decrypting the encrypted file key and then re-encrypting the file key, whereby the file key is encrypted differently for the current state than the former state; and providing a reference to the security-policy state machine to a client computer, the reference referring to a current state of the security-policy state machine and an accessor user list resident in the security-policy state machine. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
-
21. A method for imposing access restrictions on electronic documents, the method comprising:
-
providing at least one process-driven security policy at a server computer, wherein the process-driven security policy is associated with a plurality of different states, and wherein each of the different states has distinct access restrictions for secured documents which reside in that state; providing a reference to the process-driven security policy to a client computer, the reference referring to the process-driven security policy and an accessor user list resident on the server computer; associating the reference to an electronic document; transitioning the process-driven security policy from one state to a current state in response to the occurrence of an event, wherein the event is one of a group of internal and external events, wherein the external events are external to the server computer, wherein the electronic document includes at least a security information portion and an encrypted data portion, the security information portion including at least an encrypted file key, and wherein the transitioning comprises modifying the electronic document by decrypting the encrypted file key and then re-encrypting the file key, whereby the file key is encrypted differently for the current state than the former state; and subsequently determining at the server computer whether a requestor is permitted to access the electronic document, the access being based on a current state of the process-driven security policy and the requestor being listed in the accessor user list, the current state being informed to the server computer by sending the reference to the server computer. - View Dependent Claims (22, 23, 24, 25, 26)
-
-
27. A non-transitory computer readable storage medium having instructions stored thereon, the instructions comprising:
-
instructions to detect an occurrence of an event, wherein the event is one of a group of internal and external events; instructions to determine whether the event causes a state transition for at least one secured document from a former state to a subsequent different state of a security-policy state machine having a plurality of different states, each of the plurality of different states having distinct access restrictions for secured documents which reside in that state; and instructions to automatically transition from the former state to the subsequent different state of the security-policy state machine upon determining that the event causes the state transition, wherein the external events originate from outside the security-policy state machine, and wherein the at least one secured document includes at least a security information portion and an encrypted data portion, the security information portion including at least an encrypted file key, and wherein the transitioning comprises modifying the at least one secured document by decrypting the encrypted file key and then re-encrypting the file key, whereby the file key is encrypted differently for the current state than the former state; and instructions to provide a reference to the process-driven security policy to a client machine, wherein the reference refers to the process-driven security policy and an accessor user list resident in the security-policy state machine.
-
-
28. A non-transitory computer readable storage medium having instructions stored thereon, the instructions comprising:
-
instructions to provide at least one process-driven security policy at a server machine, wherein the process-driven security policy has a plurality of different states and transition rules associated therewith, wherein each of the different states has distinct access restrictions for secured documents which reside in that state, wherein the transition rules specify circumstances under which an electronic document is to transition from one state to another, wherein the circumstances include the occurrence of internal and external events, wherein the external events originate from outside the server machine, and wherein the at least one secured document includes at least a security information portion and an encrypted data portion, the security information portion including at least an encrypted file key, and wherein the transitioning comprises modifying the at least one secured document by decrypting the encrypted file key and then re-encrypting the file key, whereby the file key is encrypted differently for the current state than the former state; instructions to provide a reference to the process-driven security policy to a client machine, wherein the reference refers to the process-driven security policy and an accessor user list resident on the server machine; instructions to associate the reference to an electronic document; instructions to transform the process-driven security policy from one state to a current state; and instructions to determine at the server computer whether a requestor is permitted to access the electronic document, wherein the access is based on a current state of the process-driven security policy and the requestor being listed in the accessor user list, and wherein the current state is informed to the server computer by sending the reference to the server computer.
-
Specification