Controlled sharing of media data that are retrievable over a public computer network
First Claim
1. A computer-implemented method for controlled sharing of media data, the method comprising:
- adding a digital signature to a media data;
encrypting the media data into an encrypted media data using a session key, the media data to be shared by an owner of the media data with a first user and a second user;
encrypting the session key into a first encrypted session key by using a public key of the first user;
encrypting the session key into a second encrypted session key using a public key of the second user;
providing the encrypted media data from an encrypted media storage to a first client computer employed by the first user and to a second client computer employed by the second user by way of a web page hosted by a media sharing platform;
decrypting the first encrypted session key back into the session key using a first private key of the first user, the first public key and the first private key forming an asymmetric key pair;
decrypting the encrypted media data using the session key in the first client computer employed by the first user to receive the encrypted media data and the first encrypted session key;
rendering the media data in the first client computer;
decrypting the second encrypted session key back into the session key using a second private key of the second user, the second public key and the second private key forming an asymmetric key pair;
decrypting the encrypted media data using the session key in the second client computer employed by the second user to receive the encrypted media data and the second encrypted session key;
rendering the media data in the second client computer;
in response to an instruction from an owner of the media data to stop sharing the media data with the first user but not with the second user, preventing the first client computer from further receiving the first encrypted session key while continually allowing the second client computer to receive the second encrypted session key.
1 Assignment
0 Petitions
Accused Products
Abstract
An owner of media data encrypts the media data using a session key. The session key is encrypted using a public key of a designated recipient of the media data. A key manager provides the encrypted session key to the recipient while the owner is sharing the media data with the recipient. The encrypted media data is published and accessed by the recipient over a public computer network. The encrypted session key and the encrypted media data are received in the recipient'"'"'s computer, where the encrypted session key is decrypted into the session key using the recipient'"'"'s private key and the encrypted media data is decrypted into the media data using the session key. When the owner is no longer sharing the media data with the recipient, the recipient is prevented from further receiving the encrypted session key from the key manager.
-
Citations
11 Claims
-
1. A computer-implemented method for controlled sharing of media data, the method comprising:
-
adding a digital signature to a media data; encrypting the media data into an encrypted media data using a session key, the media data to be shared by an owner of the media data with a first user and a second user; encrypting the session key into a first encrypted session key by using a public key of the first user; encrypting the session key into a second encrypted session key using a public key of the second user; providing the encrypted media data from an encrypted media storage to a first client computer employed by the first user and to a second client computer employed by the second user by way of a web page hosted by a media sharing platform; decrypting the first encrypted session key back into the session key using a first private key of the first user, the first public key and the first private key forming an asymmetric key pair; decrypting the encrypted media data using the session key in the first client computer employed by the first user to receive the encrypted media data and the first encrypted session key; rendering the media data in the first client computer; decrypting the second encrypted session key back into the session key using a second private key of the second user, the second public key and the second private key forming an asymmetric key pair; decrypting the encrypted media data using the session key in the second client computer employed by the second user to receive the encrypted media data and the second encrypted session key; rendering the media data in the second client computer; in response to an instruction from an owner of the media data to stop sharing the media data with the first user but not with the second user, preventing the first client computer from further receiving the first encrypted session key while continually allowing the second client computer to receive the second encrypted session key. - View Dependent Claims (2, 3, 4)
-
-
5. A computer network comprising:
-
a first client computer employed by a first user with whom an owner of media data wants to share the media data, the first client computer including a first key for decrypting a first encrypted session key into a session key, the session key being for decrypting an encrypted media data into the media data; a second client computer employed by a second user with whom the owner of media data wants to share the media data, the second client computer including a second key for decrypting a second encrypted session key into the session key; an owner client computer employed by the owner of the media data, the owner client computer being configured to encrypt the media data into the encrypted media data and to forward the encrypted media data for storage in an encrypted media storage configured to store the encrypted media data; a media sharing platform hosting a web page that allows access to the encrypted media data; and a key management server configured to store the first encrypted session key for distribution to the first client computer so long as the owner of the media data is sharing the media data with the first user, to store the second encrypted session key for distribution to the second client computer so long as the owner of the media data is sharing the media data with the second user, and to stop providing the first encrypted session key to the first client computer while continually allowing the second client computer to receive the second encrypted session key in response to receiving an instruction from the media owner to stop sharing the media data with the first user but not with the second user. - View Dependent Claims (6)
-
-
7. A computer-implemented method for controlled sharing of media data, the method comprising:
-
encrypting a media data into encrypted media data; encrypting a session key into a first encrypted session key and a second encrypted session key; indicating on a web page hosted by a media sharing platform an availability of the encrypted media data; receiving the encrypted media data and the first encrypted session key in a first recipient client computer over a computer network, the first recipient client computer being employed by a first recipient with whom an owner of the media data is sharing the media data; decrypting the encrypted session key into the session key and the encrypted media data into the media data in the first recipient client computer, the encrypted media data being decrypted using the session key; and preventing further decryption of the first encrypted session key in the first recipient client computer while continually allowing decryption of the second encrypted session key in a second recipient client computer employed by a second recipient in response to receiving an instruction from the owner of the media data to stop sharing the media data with the first recipient but not with the second recipient. - View Dependent Claims (8, 9, 10, 11)
-
Specification