Approach for managing access to electronic documents on network devices using document retention policies and document security policies
First Claim
1. A computer-implemented method for managing access to electronic documents, the computer-implemented method comprising:
- at a network device, detecting a request to access a particular electronic document stored on the network device; and
in response to detecting the request to access the particular electronic document stored on the network device, applying a document retention policy to the particular electronic document by;
determining that the particular electronic document belongs to a particular electronic document retention classification from a plurality of electronic document retention classifications,retrieving document retention policy data for the particular electronic document retention classification, wherein the document retention policy data for the particular document retention classification specifies one or more deletion criteria for the particular document retention classification,determining whether any of the one or more deletion criteria for the particular electronic document retention classification are satisfied,if any of the one or more deletion criteria for the particular electronic document retention classification are satisfied, then causing the particular electronic document to be deleted,if none of the one or more deletion criteria for the particular electronic document retention classification are satisfied, then applying a document security policy to the particular electronic document by;
determining that the particular electronic document belongs to a particular document security classification from the plurality of document security classifications,retrieving document security policy data for the particular document security classification, wherein the document security policy data for the particular document security classification specifies one or more access criteria for the particular document security classification,determining, based upon the one or more access criteria for the particular document security classification and one or more attributes of a user associated with the request to access the particular electronic document, whether the user is authorized to access the particular electronic document, andif the user is not authorized to access the particular electronic document, then preventing access to the particular electronic document.
1 Assignment
0 Petitions
Accused Products
Abstract
An approach for managing access to electronic documents uses document retention and document security policies. In response to detecting a request to access a particular electronic document stored on a network device, a document retention policy and a document security policy are applied to the particular electronic document. If, based upon application of the document retention policy to the particular electronic document, a determination is made that the particular electronic document is to be deleted, then the particular electronic document is deleted from the network device. If, based upon application of the document security policy to the particular electronic document, a determination is made that access to the particular electronic document should be denied, then access to the particular electronic document is denied. Retention policy audits, automatic or manual loading or auto-destruction code and self-extracting and executable data may also be used to enforce document retention and document security policies.
-
Citations
20 Claims
-
1. A computer-implemented method for managing access to electronic documents, the computer-implemented method comprising:
-
at a network device, detecting a request to access a particular electronic document stored on the network device; and in response to detecting the request to access the particular electronic document stored on the network device, applying a document retention policy to the particular electronic document by; determining that the particular electronic document belongs to a particular electronic document retention classification from a plurality of electronic document retention classifications, retrieving document retention policy data for the particular electronic document retention classification, wherein the document retention policy data for the particular document retention classification specifies one or more deletion criteria for the particular document retention classification, determining whether any of the one or more deletion criteria for the particular electronic document retention classification are satisfied, if any of the one or more deletion criteria for the particular electronic document retention classification are satisfied, then causing the particular electronic document to be deleted, if none of the one or more deletion criteria for the particular electronic document retention classification are satisfied, then applying a document security policy to the particular electronic document by; determining that the particular electronic document belongs to a particular document security classification from the plurality of document security classifications, retrieving document security policy data for the particular document security classification, wherein the document security policy data for the particular document security classification specifies one or more access criteria for the particular document security classification, determining, based upon the one or more access criteria for the particular document security classification and one or more attributes of a user associated with the request to access the particular electronic document, whether the user is authorized to access the particular electronic document, and if the user is not authorized to access the particular electronic document, then preventing access to the particular electronic document. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer-readable medium for managing access to electronic documents, the computer-readable medium carrying instructions which, when processed by one or more processors, causes:
-
at a network device, detecting a request to access a particular electronic document stored on the network device; and in response to detecting the request to access the particular electronic document stored on the network device, applying a document retention policy to the particular electronic document by; determining that the particular electronic document belongs to a particular electronic document retention classification from a plurality of electronic document retention classifications, retrieving document retention policy data for the particular electronic document retention classification, wherein the document retention policy data for the particular document retention classification specifies one or more deletion criteria for the particular document retention classification, determining whether any of the one or more deletion criteria for the particular electronic document retention classification are satisfied, if any of the one or more deletion criteria for the particular electronic document retention classification are satisfied, then causing the particular electronic document to be deleted, if none of the one or more deletion criteria for the particular electronic document retention classification are satisfied, then applying a document security policy to the particular electronic document by; determining that the particular electronic document belongs to a particular document security classification from the plurality of document security classifications, retrieving document security policy data for the particular document security classification, wherein the document security policy data for the particular document security classification specifies one or more access criteria for the particular document security classification, determining, based upon the one or more access criteria for the particular document security classification and one or more attributes of a user associated with the request to access the particular electronic document, whether the user is authorized to access the particular electronic document, and if the user is not authorized to access the particular electronic document, then preventing access to the particular electronic document. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. An apparatus for managing access to electronic documents, the apparatus comprising a memory storing instructions which, when processed by one or more processors, causes:
-
at a network device, detecting a request to access a particular electronic document stored on the network device; and in response to detecting the request to access the particular electronic document stored on the network device, applying a document retention policy to the particular electronic document by; determining that the particular electronic document belongs to a particular electronic document retention classification from a plurality of electronic document retention classifications, retrieving document retention policy data for the particular electronic document retention classification, wherein the document retention policy data for the particular document retention classification specifies one or more deletion criteria for the particular document retention classification, determining whether any of the one or more deletion criteria for the particular electronic document retention classification are satisfied, if any of the one or more deletion criteria for the particular electronic document retention classification are satisfied, then causing the particular electronic document to be deleted, if none of the one or more deletion criteria for the particular electronic document retention classification are satisfied, then applying a document security policy to the particular electronic document by; determining that the particular electronic document belongs to a particular document security classification from the plurality of document security classifications, retrieving document security policy data for the particular document security classification, wherein the document security policy data for the particular document security classification specifies one or more access criteria for the particular document security classification, determining, based upon the one or more access criteria for the particular document security classification and one or more attributes of a user associated with the request to access the particular electronic document, whether the user is authorized to access the particular electronic document, and if the user is not authorized to access the particular electronic document, then preventing access to the particular electronic document. - View Dependent Claims (18, 19, 20)
-
Specification