Systems and methods for controlling electronic document use

US 8,611,544 B1
Filed: 01/25/2011
Issued: 12/17/2013
Est. Priority Date: 01/25/2011
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

receiving, at a server, a request for a document key for accessing a document on a client device, wherein the request comprises;

an identity of an access policy; and

information about the document;

determining, at the server, whether access to the document is permitted according to the access policy by identifying the access policy in a stored record using the identity of the access policy that was received, the access policy specifying access privileges applicable to one or more documents without specifying access privileges specific to individually-identified documents; and

upon determining that access to the document is permitted;

computing, at the server, the document key using the information about the document, wherein the document key is document specific, wherein, prior to the computing of the document key, the document key is not stored for access by the server; and

responding to the request by providing the document key for use in accessing the document on the client device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One exemplary embodiment involves receiving, at a server, a request for a document key for accessing a document on a client device, wherein the request comprises an identity of an access policy and information about the document. The exemplary method further comprises determining, at the server, whether access to the document is permitted according to the access policy. If access to the document is permitted, the exemplary method involves computing, at the server, the document key using the information about the document, wherein the document key is document specific, wherein, prior to the computing of the document key, the document key is not stored for access by the server. The exemplary method further involves responding to the request by providing the document key for use in accessing the document on the client device.

44 Citations

View as Search Results

18 Claims

1. A computer-implemented method comprising:
- receiving, at a server, a request for a document key for accessing a document on a client device, wherein the request comprises;
  
  an identity of an access policy; and
  
  information about the document;
  
  determining, at the server, whether access to the document is permitted according to the access policy by identifying the access policy in a stored record using the identity of the access policy that was received, the access policy specifying access privileges applicable to one or more documents without specifying access privileges specific to individually-identified documents; and
  
  upon determining that access to the document is permitted;
  
  computing, at the server, the document key using the information about the document, wherein the document key is document specific, wherein, prior to the computing of the document key, the document key is not stored for access by the server; and
  
  responding to the request by providing the document key for use in accessing the document on the client device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein the request comprises license information, wherein the license information comprises:
    - the identity of the access policy,a licensed person identifier identifying a person whose access to the document is controlled by the access policy, anda timestamp identifying a time at which security was first applied to the document.
  - 3. The method of claim 2 wherein the request further comprises an identity of a person requesting access to the document on the client device.
  - 4. The method of claim 3 wherein determining whether access to the document is permitted comprises comparing the licensed person identifier to the identity of the person requesting access to the document on the client device.
  - 5. The method of claim 4 wherein determining whether access to the document is permitted comprises identifying a stored record comprising the access policy, the access policy specifying access privileges applicable to one or more documents without specifying access privileges specific to individually-identified documents and without specifying access privileges specific to individual persons, wherein the stored record is accessible at the server.
  - 6. The method of claim 1 wherein the document key is computed without the server accessing a stored record comprising document-specific information.
  - 7. The method of claim 1 wherein computing the document key comprises forming a unique value that comprises the information about the document.
  - 8. The method of claim 1 wherein computing the document key comprises applying a function to the information about the document.
  - 9. The method of claim 1 wherein computing the document key comprises applying a function to the information about the document and a seed value, wherein the seed value is retrieved from a record accessible to the server, wherein the seed value is used to compute document keys for multiple documents.

10. A system comprising:
- a processor; and
  
  a non-transitory computer-readable medium communicatively coupled to the processor, wherein the processor is configured to execute program modules tangibly embodied in the non-transitory computer-readable medium to perform operations, the modules comprising;
  
  a module for receiving a request for a document key for accessing a document on a client device, wherein the request comprises;
  
  an identity of an access policy; and
  
  information about the document;
  
  a module for determining whether access to the document is permitted according to the access policy by identifying the access policy in a stored record using the identity of the access policy that was received, the access policy specifying access privileges applicable to one or more documents without specifying access privileges specific to individually-identified documents; and
  
  a module for computing the document key using the information about the document, wherein the document key is document specific, wherein, prior to the computing of the document key, the document key is not stored for access; and
  
  a module for responding to the request, if access to the document is permitted, by providing the document key for use in accessing the document on the client device.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The system of claim 10 wherein the request comprises license information, wherein the license information comprises:
    - the identity of the access policy,a licensed person identifier identifying a person whose access to the document is controlled by the access policy, anda timestamp identifying a time at which security was first applied to the document.
  - 12. The system of claim 11 wherein the request further comprises an identity of a person requesting access to the document on the client device.
  - 13. The system of claim 12 wherein the module for determining whether access to the document is permitted is configured to compare the licensed person identifier to the identity of the person requesting access to the document on the client device.
  - 14. The system of claim 13 wherein the access policy specifies access privileges applicable to one or more documents without specifying access privileges specific to individual persons.
  - 15. The system of claim 11 wherein the document key is computed without the server accessing a stored record comprising document-specific information.
  - 16. The system of claim 11 wherein the module for computing the document key is configured to compute the document key by applying a function to the information about the document.
  - 17. The system of claim 11 wherein the module for computing the document key is configured to compute the document key by applying a function to the information about the document and a seed value, wherein the seed value is used to compute document keys for multiple documents.

18. A computer-implemented method comprising:
- receiving, at a server, a request for a document key for accessing a document on a client device, wherein the request comprises;
  
  a user identity identifying a requester requesting access to the document;
  
  an identity of an access policy; and
  
  information about the document;
  
  determining, at the server, whether access to the document is permitted according to the access policy by identifying the access policy in a stored record using the identity of the access policy that was received, the access policy specifying access privileges applicable to one or more documents without specifying access privileges specific to individually-identified documents; and
  
  upon determining that access to the document is permitted;
  
  computing, at the server, the document key using the information about the document and using the user identity, wherein the document key is document specific, wherein, prior to the computing of the document key, the document key is not stored for access by the server; and
  
  responding to the request by providing the document key for use in accessing the document on the client device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Adobe Inc.
Original Assignee
Adobe Systems Incorporated (Adobe Inc.)
Inventors
Herbach, Jonathan, Mehrotra, Chetan, Sharma, Varun, Islam, Shadkam
Primary Examiner(s)
Armouche, Hadi
Assistant Examiner(s)
Harris, Christopher C.

Application Number

US13/013,368
Time in Patent Office

1,057 Days
Field of Search

380277-279, 726/1, 726/17, 726/21, 726/27, 713/165
US Class Current

380/279
CPC Class Codes

H04L 63/08 for authentication of entit...

H04L 63/10 for controlling access to d...

Systems and methods for controlling electronic document use

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

44 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for controlling electronic document use

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links