Managing access to a secure content-part of a PPCD following introduction of the PPCD into a workflow
First Claim
1. A method for managing access to a secure content-part of a publicly posted composite document (PPCD) following introduction of the PPCD into a workflow among a plurality of workflow participants, said method comprising:
- in a secure content manager,receiving, from a workflow participant of the plurality of workflow participants, a key-map file for a subsequent workflow participant that is to receive the key-map file, wherein the key-map file comprises a set of keys to enable the subsequent workflow participant to access the content-part in the PPCD;
verifying authenticity of the received key-map file;
identifying and authenticating the subsequent workflow participant to receive the PPCD;
accessing a public key of the subsequent workflow participant; and
encrypting, using the public key of the subsequent workflow participant, by a processor, the key map file or a symmetric key used to encrypt the key-map file prior to receipt of the key-map file by the secure content manager; and
sending the encrypted key-map file to the subsequent workflow participant.
1 Assignment
0 Petitions
Accused Products
Abstract
In a method for managing access to a secure content-part of a PPCD following introduction of the PPCD into a workflow among a plurality of workflow participants, in a secure content manager, from a workflow participant of the plurality of workflow participants, a key-map file for a subsequent workflow participant that is to receive the key-map file is received, wherein the key-map file comprises a set of keys to enable the subsequent workflow participant to access the content-part in the PPCD. In addition, authenticity of the received key-map file is verified, the subsequent workflow participant to receive the PPCD is identified and authenticated, a public key of the subsequent workflow participant is accessed, the key map file or a symmetric key used to encrypt the key-map file prior to receipt of the key-map file by the secure content manager is encrypted using the public key of the subsequent workflow participant, and the encrypted key-map file is sent to the subsequent workflow participant.
14 Citations
15 Claims
-
1. A method for managing access to a secure content-part of a publicly posted composite document (PPCD) following introduction of the PPCD into a workflow among a plurality of workflow participants, said method comprising:
in a secure content manager, receiving, from a workflow participant of the plurality of workflow participants, a key-map file for a subsequent workflow participant that is to receive the key-map file, wherein the key-map file comprises a set of keys to enable the subsequent workflow participant to access the content-part in the PPCD; verifying authenticity of the received key-map file; identifying and authenticating the subsequent workflow participant to receive the PPCD; accessing a public key of the subsequent workflow participant; and encrypting, using the public key of the subsequent workflow participant, by a processor, the key map file or a symmetric key used to encrypt the key-map file prior to receipt of the key-map file by the secure content manager; and sending the encrypted key-map file to the subsequent workflow participant. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A secure content manager for managing access to a secure content-part of a publicly posted composite document (PPCD) following introduction of the PPCD into a workflow among a plurality of workflow participants, said apparatus comprising:
-
at least one module to receive, from a workflow participant of the plurality of workflow participants, an encrypted key-map file for a subsequent workflow participant that is to receive the encrypted key-map file, wherein the encrypted key-map file comprises a set of keys to enable the subsequent workflow participant to access the content-part in the PPCD, to verify authenticity of the received encrypted key-map file, to identify and authenticate the subsequent workflow participant, to decrypt the encrypted key-map file or an encrypted symmetric key used to encrypt the key-map file in response to the authenticity of the encrypted key-map file being verified, to access a public key of the subsequent workflow participant, to re-encrypt, using the public key of the subsequent workflow participant, the key-map file or the symmetric key used to encrypt the key-map file prior to receipt of the key-map file by the secure content manager, and to send the re-encrypted key-map file to the subsequent workflow participant; and a processor to implement the at least one module. - View Dependent Claims (12, 13, 14)
-
-
15. A non-transitory computer readable storage medium on which is embedded a computer program, said computer program implementing a method for managing access to a secure content-part of a publicly posted composite document (PPCD) following introduction of the PPCD into a workflow among a plurality of workflow participants, said computer program comprising a set of instructions to:
-
receive, in a secure content manager, from a workflow participant of the plurality of workflow participants, an encrypted key-map file for a subsequent workflow participant that is to receive the key-map file, wherein the key-map file comprises a set of keys to enable the subsequent workflow participant to access the content-part in the PPCD; verify authenticity of the received key-map file; decrypt one of the encrypted key-map and an encrypted symmetric key used to encrypt the key-map file using a public key of the secure content manager; identify and authenticate the subsequent workflow participant to receive the PPCD; establish a valid and trusted public key for the subsequent workflow participant in response to the subsequent workflow participant being authenticated; re-encrypt, using the valid and trusted public key of the subsequent workflow participant, the key-map file and a symmetric key used to encrypt the key-map file; and send the re-encrypted key-map file to the subsequent workflow participant.
-
Specification