Method and system for metadata-driven document management and access control

US 8,131,762 B2
Filed: 04/14/2011
Issued: 03/06/2012
Est. Priority Date: 05/15/2007
Status: Active Grant

First Claim

Patent Images

1. A method for facilitating tag-based document access control, the method comprising:

providing at a computer system a user interface to allow a recipient of a document to create an access-control tag that specifies an access-control scheme for a part of the document, wherein the access-control tag comprises;

a condition part that specifies the conditions for enforcing access control policies, anda policy part that specifies the access control policies to be enforced and specifies the part of the document over which the access control policies are applied; and

applying the access-control scheme at the computer system to the part of the document based on the access-control tag, wherein applying the access-control scheme involves;

issuing a warning in response to receiving a command from the recipient of the document that conflicts with the access-control scheme; and

allowing the recipient of the document to remove the access-control tag.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system is provided to facilitate tag-based organization of documents. During operation, the system receives an original user query. The system extends the query to include documents with an IN-tag and exclude documents with an OUT-tag. The system then performs a search based on the extended query to indicate a collection of documents which satisfy the extended query. The system further allows a user to add a document to the collection of documents or remove a document from the collection of documents. Next, the system modifies a tagging property of the document.

42 Citations

View as Search Results

12 Claims

1. A method for facilitating tag-based document access control, the method comprising:
- providing at a computer system a user interface to allow a recipient of a document to create an access-control tag that specifies an access-control scheme for a part of the document, wherein the access-control tag comprises;
  
  a condition part that specifies the conditions for enforcing access control policies, anda policy part that specifies the access control policies to be enforced and specifies the part of the document over which the access control policies are applied; and
  
  applying the access-control scheme at the computer system to the part of the document based on the access-control tag, wherein applying the access-control scheme involves;
  
  issuing a warning in response to receiving a command from the recipient of the document that conflicts with the access-control scheme; and
  
  allowing the recipient of the document to remove the access-control tag.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the access-control tag specifies one or more of:
    - a time at which the access-control scheme is activated or deactivated; and
      
      a period of time during which the access-control scheme is effective.
  - 3. The method of claim 1,wherein the access-control tag specifies an event upon the occurrence of which the access-control scheme is activated or deactivated.
  - 4. The method of claim 1,wherein the access-control scheme specifies one or more users or user groups to whom access to the part of the document is denied or allowed.

5. A non-transitory computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for facilitating tag-based document access control, the method comprising:
- providing at a computer system a user interface to allow a recipient of a document to create an access-control tag that specifies an access-control scheme for a part of the document, wherein the access-control tag comprises;
  
  a condition part that specifies the conditions for enforcing access control policies, anda policy part that specifies the access control policies to be enforced and specifies the part of the document over which the access control policies are applied; and
  
  applying the access-control scheme at the computer system to the part of the document based on the access-control tag, wherein applying the access-control scheme involves;
  
  issuing a warning in response to receiving a command from the recipient of the document that conflicts with the access-control scheme; and
  
  allowing the recipient of the document to remove the access-control tag.
- View Dependent Claims (6, 7, 8)
- - 6. The storage medium of claim 5, wherein the access-control tag specifies one or more of:
    - a time at which the access-control scheme is activated or deactivated; and
      
      a period of time during which the access-control scheme is effective.
  - 7. The storage medium of claim 5,wherein the access-control tag specifies an event upon the occurrence of which the access-control scheme is activated or deactivated.
  - 8. The storage medium of claim 5,wherein the access-control scheme specifies one or more users or user groups to whom access to the part of the document is denied or allowed.

9. A system for facilitating tag-based document access control, the method comprising:
- a processor;
  
  a user interface configured to allow a recipient of a document to create an access-control tag that specifies an access-control scheme for a part of the document, wherein the access-control tag comprises;
  
  a condition part that specifies the conditions for enforcing access control policies, anda policy part that specifies the access control policies to be enforced and specifies the part of the document over which the access control policies are applied; and
  
  an access-control mechanism configured to apply the access-control scheme at the computer system to the part of the document based on the access-control tag, wherein, while applying the access-control scheme, the access-control mechanism is configured to;
  
  issue a warning in response to receiving a command from the recipient of the document that conflicts with the access-control scheme; and
  
  allow the recipient of the document to remove the access-control tag.
- View Dependent Claims (10, 11, 12)
- - 10. The system of claim 9, wherein the access-control tag specifies one or more of:
    - a time at which the access-control scheme is activated or deactivated; and
      
      a period of time during which the access-control scheme is effective.
  - 11. The system of claim 9,wherein the access-control tag specifies an event upon the occurrence of which the access-control scheme is activated or deactivated.
  - 12. The system of claim 9,wherein the access-control scheme specifies one or more users or user groups to whom access to the part of the document is denied or allowed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Xerox Corporation (Xerox Holdings Corp.)
Original Assignee
Palo Alto Research Center, Inc. (Xerox Holdings Corp.)
Inventors
Smetters, Diana K., Churchill, Elizabeth F., Nelson, Lester D.
Primary Examiner(s)
Stevens, Robert
Assistant Examiner(s)
MYINT, DENNIS Y

Application Number

US13/086,823
Publication Number

US 20110196896A1
Time in Patent Office

327 Days
Field of Search

707/708, 707/713, 707/781, 707/783, 707/694, 712/216
US Class Current

707/781
CPC Class Codes

G06F 16/2453 Query optimisation

Method and system for metadata-driven document management and access control

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

42 Citations

12 Claims

Specification

Use Cases

Quick Links

Others

Method and system for metadata-driven document management and access control

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

42 Citations

12 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others