Method and system for secured data storage and sharing over cloud based network

US 9,015,483 B2
Filed: 12/31/2012
Issued: 04/21/2015
Est. Priority Date: 12/31/2012
Status: Active Grant

First Claim

Patent Images

1. A method for content sharing over a cloud based storage network, said method comprising the following steps:

authenticating a content sender using an authentication mechanism provided by the cloud based storage network, thereby obviating the need for an identity management scheme at the content sender end;

selecting, from a content storage, the content to be transmitted to at least one content recipient;

encrypting the selected content and creating a wrapper file that encapsulates the selected content and the content usage policy corresponding to the selected content;

querying the cloud based storage network for a distribution list corresponding to the selected content, wherein the distribution list comprises the information corresponding to content recipient(s);

analyzing the content usage policy embedded in the wrapper file;

uploading the wrapper file onto the cloud storage based network and initiating the transfer of the wrapper file to the intended contended recipient(s);

authenticating the content recipient(s) using the authentication mechanism provided by the cloud based storage network, thereby obviating the need for an identity management scheme at the content recipient end, wherein the identity of the content recipient is verified using an identity resolution mechanism;

decrypting the wrapper file, subsequent to successful authentication of the content recipient(s), and enforcing the content usage policy on the decrypted wrapper file; and

providing the content recipient(s) with access to the decrypted wrapper hie, based on the content usage policy.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The various embodiments herein provide a method and system for secure data storage and sharing over a cloud based network. The method comprises installing a client application on a user device, authenticating a client application user, extracting content from a data source, obtaining content sharing information from a content storage provider, sending a content distribution list and a content usage policy to an application server, encrypting the content by the client application, creating and sharing a secure content file, decrypting the content file, finding the content usage policy and sharing information from the content file, obtaining an updated content usage policy from the application server, authenticating the content recipient using an authentication mechanism, verifying the identity of the content recipient using an identity resolution mechanism, rendering the secure content file to the recipient, enforcing the content usage policy and sending content usage logs to the application server.

18 Citations

View as Search Results

6 Claims

1. A method for content sharing over a cloud based storage network, said method comprising the following steps:
- authenticating a content sender using an authentication mechanism provided by the cloud based storage network, thereby obviating the need for an identity management scheme at the content sender end;
  
  selecting, from a content storage, the content to be transmitted to at least one content recipient;
  
  encrypting the selected content and creating a wrapper file that encapsulates the selected content and the content usage policy corresponding to the selected content;
  
  querying the cloud based storage network for a distribution list corresponding to the selected content, wherein the distribution list comprises the information corresponding to content recipient(s);
  
  analyzing the content usage policy embedded in the wrapper file;
  
  uploading the wrapper file onto the cloud storage based network and initiating the transfer of the wrapper file to the intended contended recipient(s);
  
  authenticating the content recipient(s) using the authentication mechanism provided by the cloud based storage network, thereby obviating the need for an identity management scheme at the content recipient end, wherein the identity of the content recipient is verified using an identity resolution mechanism;
  
  decrypting the wrapper file, subsequent to successful authentication of the content recipient(s), and enforcing the content usage policy on the decrypted wrapper file; and
  
  providing the content recipient(s) with access to the decrypted wrapper hie, based on the content usage policy.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising the following steps:
    - enforcing the content usage policy after the decrypted wrapper file is retrieved from the cloud based storage network; and
      
      selectively enforcing a modified content usage policy on the decrypted wrapper file after the decrypted wrapper file is retrieved from the cloud based storage network, in the event that the content usage policy has been modified.
  - 3. The method as claimed in claim 1, wherein the selected content is encrypted using at least one of an AES 256 encryption algorithm and an NSA Standard encryption algorithm.
  - 4. The method as claimed in claim 1, wherein the secure content file wraps digital content of any MIME type with layered encryption and with embedded policies controlling time, location and usage of the content.

5. A system for providing secured content sharing, said system comprising:
- a cloud based storage network accessible via an application server;
  
  a first communication device accessible to a content sender and a second communication device accessible to a content recipient, said first communication device and said second communication device in communication with the application server, said application server configured to authenticate the content sender using an authentication mechanism provided by the cloud based storage network, thereby obviating the need for a key management scheme at the content sender end;
  
  wherein, said first communication device is adapted to;
  
  select data from the content storage, for transmission and sharing;
  
  query the cloud based storage network for a distribution list comprising the information corresponding to content recipient(s);
  
  encrypt the content, and create a wrapper file that encapsulates the selected content and at least the content usage policy corresponding to the selected content;
  
  wherein, the second communication device is adapted to;
  
  authenticate the content recipient using the authentication mechanism provided, by the cloud based storage network, thereby obviating the need for a key management scheme at the content recipient end, said second communication device further adapted to verify the identity of the content recipient, using an identity resolution mechanism;
  
  decrypt the secure content file, post successful authentication of the content recipient;
  
  analyze the content usage policy embedded in the wrapper file;
  
  render the decrypted wrapper file onto the second communication device, based on the content usage policy.
- View Dependent Claims (6)
- - 6. The system as claimed in claim 5, wherein said second communication device is further configured to query said cloud based storage network to selectively obtain a modified content usage policy, said second communication device still further configured to selectively implement said modified content usage policy prior to rendering said secure content file.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Securelyshare Software Private Limited (Zscaler Incorporated)
Original Assignee
Pawaa Software Private Limited
Inventors
Baskaran, Prakash
Primary Examiner(s)
PYZOCHA, MICHAEL J

Application Number

US13/732,258
Publication Number

US 20140189352A1
Time in Patent Office

841 Days
Field of Search

713/168, 726/28, 726/1
US Class Current

713/168
CPC Class Codes

G06F 16/00   Information retrieval; Data...

G06F 21/6218   to a system of files or obj...

G06F 9/00   Arrangements for program co...

H04L 63/0428   wherein the data content is...

H04L 67/06   specially adapted for file ...

H04L 67/1097   for distributed storage of ...

Method and system for secured data storage and sharing over cloud based network

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

18 Citations

6 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for secured data storage and sharing over cloud based network

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

18 Citations

6 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links