Document security system that permits external users to gain access to secured files
First Claim
Patent Images
1. A system comprising:
- a server an access manager configured to restrict access to a file of an organization having an internal user responsive to a request for the file, the file comprising a header portion including an access rule that restricts access to the file, and a content portion encrypted by a file key;
a database coupled to the server and configured to store an encryption key for use between the internal user and an external partner comprising an external user, wherein the access manager is further configured to encrypt the file key, located within security information of the header portion of the file, with the encryption key in response to a partner relationship existing between the organization and the external partner and deny the request in response to a partner relationship not existing; and
an external access server operatively connected to the server and coupled between the server and a data network, the data network configured to allow the external user use of the external access server, wherein the external access server is configured to permit file exchange between the internal user and the external user via the server.
1 Assignment
0 Petitions
Accused Products
Abstract
A system includes a server with an access manager configured to restrict access to files of an organization and maintain at least encryption keys for internal and external users and an external access server connected to the server and coupled between the server and a data network. The data network is configured to allow the external users use of the external access server. The external access server is also configured to permit file exchange between the internal users and the external users via the server.
-
Citations
20 Claims
-
1. A system comprising:
-
a server an access manager configured to restrict access to a file of an organization having an internal user responsive to a request for the file, the file comprising a header portion including an access rule that restricts access to the file, and a content portion encrypted by a file key; a database coupled to the server and configured to store an encryption key for use between the internal user and an external partner comprising an external user, wherein the access manager is further configured to encrypt the file key, located within security information of the header portion of the file, with the encryption key in response to a partner relationship existing between the organization and the external partner and deny the request in response to a partner relationship not existing; and an external access server operatively connected to the server and coupled between the server and a data network, the data network configured to allow the external user use of the external access server, wherein the external access server is configured to permit file exchange between the internal user and the external user via the server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method comprising:
-
maintaining, in a database, an encryption key for use between an organization comprising an internal user and an external partner comprising an external user; receiving, by a server coupled to the database, a request to access a file, the file comprising a header portion including an access rule that restricts access to the filer and a content portion encrypted by a file key; encrypting the file key, located within security information of the header portion, with the encryption key in response to a partner relationship existing between the organization and the external partner; and denying the request in response to the partner relationship not existing. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-readable storage device having instructions stored thereon, execution of which, by a computing device associated with an organization, causes the computing device to perform operations comprising:
-
maintaining an encryption key for use between the organization comprising an internal user and an external partner comprising an external user; receiving a request to access a file at the computing device, the file comprising a header portion including an access rule that restricts access to the file and a content portion encrypted by a file key; encrypting the file key, located within security information of the header portion, with the encryption key in response to a partner relationship existing between the organization and the external partner; and denying the request in response to the partner relationship not existing. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification