Key-based content management and access systems and methods

US 8,787,579 B2
Filed: 06/30/2008
Issued: 07/22/2014
Est. Priority Date: 06/30/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving data representative of a content instance over a network from an access device associated with a first user;

storing said content instance;

encrypting said content instance in response to a command initiated by said first user by way of one or more graphical user interfaces;

providing, in response to said command initiated by said first user to encrypt said content instance, a key configured to facilitate decryption of said content instance;

creating, subsequent to said command initiated by said first user to encrypt said content instance and based on input provided by said first user by way of said one or more graphical user interfaces, at least one access rule corresponding to said content instance, said at least one access rule specifying an allowed level of access to said content instance for each of a plurality of different users and an allowed level of access to said content instance for each of a plurality of different types of access devices, wherein said allowed level of access to said content instance for each of said plurality of different types of access devices comprises a full access level to said content instance for a first type of access device included in the plurality of different types of access devices, a read-only access level to said content instance for a second type of access device included in the plurality of different types of access devices, and a no access level to said content instance for a third type of access device included in the plurality of different types of access devices;

transmitting data representative of said content instance to a requesting access device associated with a requesting user;

receiving, from said requesting access device, data representative of a request to access said key over said network; and

performing a predefined action related to said key in response to said request and in accordance with said at least one access rule.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An exemplary method includes receiving data representative of a content instance over a network from an access device associated with a user, storing the content instance, encrypting the content instance in response to a command initiated by the user, providing a key configured to facilitate decryption of the encrypted content instance, transmitting data representative of the encrypted content instance to a requesting access device, receiving data representative of a request to access the key from the requesting access device over the network, and performing a predefined action related to the key in response to the request and in accordance with at least one access rule, the at least one access rule based on at least one of a user profile and an access device profile.

Citations

24 Claims

1. A method comprising:
- receiving data representative of a content instance over a network from an access device associated with a first user;
  
  storing said content instance;
  
  encrypting said content instance in response to a command initiated by said first user by way of one or more graphical user interfaces;
  
  providing, in response to said command initiated by said first user to encrypt said content instance, a key configured to facilitate decryption of said content instance;
  
  creating, subsequent to said command initiated by said first user to encrypt said content instance and based on input provided by said first user by way of said one or more graphical user interfaces, at least one access rule corresponding to said content instance, said at least one access rule specifying an allowed level of access to said content instance for each of a plurality of different users and an allowed level of access to said content instance for each of a plurality of different types of access devices, wherein said allowed level of access to said content instance for each of said plurality of different types of access devices comprises a full access level to said content instance for a first type of access device included in the plurality of different types of access devices, a read-only access level to said content instance for a second type of access device included in the plurality of different types of access devices, and a no access level to said content instance for a third type of access device included in the plurality of different types of access devices;
  
  transmitting data representative of said content instance to a requesting access device associated with a requesting user;
  
  receiving, from said requesting access device, data representative of a request to access said key over said network; and
  
  performing a predefined action related to said key in response to said request and in accordance with said at least one access rule.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, further comprising providing an interface configured to allow said first user to specify said at least one access rule.
  - 3. The method of claim 1, wherein said predefined action comprises transmitting said key to said requesting access device.
  - 4. The method of claim 3, further comprising using said key to decrypt said content instance.
  - 5. The method of claim 4, further comprising deleting data representative of said key from said requesting access device after said content instance is decrypted.
  - 6. The method of claim 1, further comprising requiring said requesting access device to request said key over said network each time said requesting access device attempts to access said content instance.
  - 7. The method of claim 1, wherein said predefined action comprises denying said requesting access device access to said key.
  - 8. The method of claim 1, further comprising defining said at least one access rule to grant said requesting access device associated with an access device profile at least one type of access to said content instance.
  - 9. The method of claim 1, further comprising encrypting said key and providing another key configured to facilitate decryption of said key.
  - 10. The method of claim 1, further comprising modifying said at least one access rule in response to another command initiated by said first user.
  - 11. The method of claim 10, wherein said modifying of said at least one access rule comprises revoking access to said content instance for a user associated with said requesting access device.
  - 12. The method of claim 1, wherein said at least one access rule specifies a content formatting procedure for said content instance transmitted to said requesting access device associated with said requesting user.
  - 13. The method of claim 1, wherein said at least one access rule comprises restricting access to said content instance based on the network address of said requesting access device.
  - 14. The method of claim 1, wherein said at least one access rule is further based on a user profile of the requesting user.

15. A system comprising:
- a content management subsystem configured to maintain data representative of a plurality of content instances associated with a first user; and
  
  an access subsystem associated with said first user and selectively and communicatively coupled to said content management subsystem over a network;
  
  wherein said content management subsystem is configured toencrypt said content instance in response to a command initiated by said first user by way of one or more graphical user interfaces, andprovide, in response to said command initiated by said first user to encrypt said content instance, a key configured to facilitate decryption of said content instance;
  
  wherein said access subsystem is configured totransmit data representative of a content instance to said content management subsystem, andcreate, subsequent to said command initiated by said first user to encrypt said content instance and based on input provided by said first user by way of said one or more graphical user interfaces, at least one access rule corresponding to said content instance, said at least one access rule specifying an allowed level of access to said content instance for each of a plurality of different users and an allowed level of access to said content instance for each of a plurality of different types of access devices, wherein said allowed level of access to said content instance for each of said plurality of different types of access devices comprises a full access level to said content instance for a first type of access device included in the plurality of different types of access devices, a read-only access level to said content instance for a second type of access device included in the plurality of different types of access devices, and a no access level to said content instance for a third type of access device included in the plurality of different types of access devices; and
  
  wherein said content management subsystem is further configured toreceive, from a requesting access device associated with a requesting user, data representative of a request to access said key, andperform a predefined action related to said key in response to said request and in accordance with said at least one access rule.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, wherein said predefined action comprises transmitting said key to said requesting access device.
  - 17. The system of claim 15, wherein said predefined action comprises denying said requesting access device access to said key.
  - 18. The system of claim 15, wherein said at least one access rule is configured to grant said requesting access device associated with said requesting user at least one type of access to said content instance.
  - 19. The system of claim 15, wherein said content management subsystem is further configured to encrypt said key and provide another key configured to facilitate decryption of said key.
  - 20. The system of claim 15, wherein said content management subsystem is further configured to modify said at least one access rule in response to another command initiated by said first user.

21. A system comprising:
- a communication facility configured to receive data representative of a content instance over a network from an access device associated with a first user;
  
  a data store configured to store said data representative of said content instance; and
  
  a processing facility configured to;
  
  encrypt said content instance in response to a command initiated by said first user by way of one or more graphical user interfaces and provide, in response to said command initiated by said first user to encrypt said content instance, a key configured to facilitate decryption of said content instance, andcreate, subsequent to said command initiated by said first user to encrypt said content instance and based on input provided by said first user by way of said one or more graphical user interfaces, at least one access rule corresponding to said content instance, said at least one access rule specifying an allowed level of access to said content instance for each of a plurality of different users and an allowed level of access to said content instance for each of a plurality of different types of access devices, wherein said allowed level of access to said content instance for each of said plurality of different types of access devices comprises a full access level to said content instance for a first type of access device included in the plurality of different types of access devices, a read-only access level to said content instance for a second type of access device included in the plurality of different types of access devices, and a no access level to said content instance for a third type of access device included in the plurality of different types of access devices;
  
  wherein said communication facility is further configured to transmit data representative of said content instance to a requesting access device and receive, from said requesting access device, data representative of a request to access said key over said network; and
  
  wherein said processing facility is further configured to perform a predefined action related to said key in response to said request and in accordance with said at least one access rule.
- View Dependent Claims (22, 23, 24)
- - 22. The system of claim 21, wherein said predefined action comprises directing said communication facility to transmit said key to said requesting access device.
  - 23. The system of claim 21, wherein said predefined action comprises denying said requesting access device access to said key.
  - 24. The system of claim 21, wherein said at least one access rule is configured to grant said requesting access device associated with said requesting user at least one type of access to said content instance.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Inventors
Relyea, Don, Roberts, Brian, Felt, Michelle
Primary Examiner(s)
Davis, Zachary A

Application Number

US12/164,364
Publication Number

US 20090327739A1
Time in Patent Office

2,213 Days
Field of Search

726 2- 4, 726/16, 726/17, 726/21, 726 27- 29, 713/150, 713/164, 713/168, 713/171, 713/178, 713/182, 380/247, 380/251, 380/255, 380/277, 380/278, 380/44, 380/288, 709/229, 705/51, 705/57, 705/59
US Class Current

380/278
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 2221/2141   Access rights, e.g. capabil...

G11B 20/0021   involving encryption or dec...

G11B 20/00731   involving a digital rights ...

H04L 2463/101   applying security measures ...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0876   based on the identity of th...

H04L 63/10   for controlling access to d...

H04L 63/102   Entity profiles

H04L 9/0819   Key transport or distributi...

Key-based content management and access systems and methods

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Key-based content management and access systems and methods

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links