System and method for providing multi-location access management to secured items
First Claim
1. A method for accessing a secured item including a header comprising a group of individually encrypted sub-headers and an encrypted data portion, comprising:
- selecting, by one or more computing devices, one of the individually encrypted sub-headers based on a correspondence of a user or group identifier associated with the sub-header to a user or to a group to which the user belongs; and
accessing the sub-header, by the one or more computing devices, wherein the sub-header comprises access rules applicable to the user or to the group to which the user belongs for the secured item and a file key for accessing the encrypted data portion,wherein others of the individually encrypted sub-headers correspond to other users or groups and comprise access rules applicable to the other users or groups and the file key, and wherein the access rules for the sub-header are encrypted separate from the access rules of the others of the individually encrypted sub-headers.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for providing access management to secured items through use of a plurality of server machines associated with different locations are disclosed. According to one embodiment, a local server can be dynamically reconfigured depending on a user'"'"'s current location. Upon detecting that a user has moved to a new location, the local server for the new location can be reconfigured to add support for the user, while simultaneously, the local server for the previous location is reconfigured to remove support for the user. As a result, security is enhanced while the access management can be efficiently carried out to ensure that only one access from the user is permitted at any time across an entire organization, regardless of how many locations the organization has or what access privileges the user may be granted.
-
Citations
57 Claims
-
1. A method for accessing a secured item including a header comprising a group of individually encrypted sub-headers and an encrypted data portion, comprising:
-
selecting, by one or more computing devices, one of the individually encrypted sub-headers based on a correspondence of a user or group identifier associated with the sub-header to a user or to a group to which the user belongs; and accessing the sub-header, by the one or more computing devices, wherein the sub-header comprises access rules applicable to the user or to the group to which the user belongs for the secured item and a file key for accessing the encrypted data portion, wherein others of the individually encrypted sub-headers correspond to other users or groups and comprise access rules applicable to the other users or groups and the file key, and wherein the access rules for the sub-header are encrypted separate from the access rules of the others of the individually encrypted sub-headers. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer-readable storage device having computer-executable instructions stored thereon for accessing a secured item including a header comprising a group of individually encrypted sub-headers and an encrypted data portion, execution of which, by a computing device, causes the computing device to perform operations comprising:
-
selecting one of the individually encrypted sub-headers based on a correspondence of a user or group identifier associated with the sub-header to a user or to a group to which the user belongs; and accessing the sub-header, wherein the sub-header comprises access rules applicable to the user or to the group to which the user belongs for the secured item and a file key for accessing the encrypted data portion, wherein others of the individually encrypted sub-headers correspond to other users or groups and comprise access rules applicable to the other users or groups and the file key, and wherein the access rules for the sub-header are encrypted separate from the access rules of the others of the individually encrypted sub-headers. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A system for accessing a secured item including a header comp sing a group of individually encrypted sub-headers and an encrypted data portion, said system comprising:
-
a memory configured to store modules comprising; a selecting module configured to select one of the individually encrypted sub-headers based on a correspondence of a user or group identifier associated with the sub-header to a user or to a group to which the user belongs, and an accessing module configured to access the sub-header, wherein the sub-header comprises access rules applicable to the user or to the group to which the user belongs for the secured item and a file key for accessing the encrypted data portion, wherein others of the individually encrypted sub-headers correspond to other users or groups and comprise access rules applicable to the other users or groups and the file key, and wherein the access rules for the sub-header are encrypted separate from the access rules of the others of the individually encrypted sub-headers; and one or more processors configured to process the modules. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57)
-
Specification