Method and system for securing documents on a remote shared storage resource
First Claim
Patent Images
1. A method executed by a shared computer system that is comprised of data storage of securing a content file associated with a folder data structure stored on the shared computer system, said folder data structure being associated with a public/private encryption key pair and a folder originator, said folder originator being associated with a public/private encryption key pair, the method comprising:
- by a computer, receiving and storing the content file;
generating a public/private encryption key pair associated with the content file;
encrypting the content file with the public key associated with the content file;
retrieving from data storage the public key of the public/private encryption key pair associated with the folder data structure;
encrypting the private key associated with the content file using the public key of the folder data structure;
encrypting the private key associated with the folder data structure using the public key associated with the folder originator associated with the folder data structure; and
preventing access to an unencrypted version of the folder data structure private key and an unencrypted version of the private key associated with the content file.
4 Assignments
0 Petitions
Accused Products
Abstract
This invention discloses a novel system and method for displaying electronic documents on remote devices and enabling collaborative editing in conjunction with a content management system where the documents that are shared are securely encrypted on the system in a manner that avoids a single point of failure in the security.
30 Citations
12 Claims
-
1. A method executed by a shared computer system that is comprised of data storage of securing a content file associated with a folder data structure stored on the shared computer system, said folder data structure being associated with a public/private encryption key pair and a folder originator, said folder originator being associated with a public/private encryption key pair, the method comprising:
-
by a computer, receiving and storing the content file; generating a public/private encryption key pair associated with the content file; encrypting the content file with the public key associated with the content file; retrieving from data storage the public key of the public/private encryption key pair associated with the folder data structure; encrypting the private key associated with the content file using the public key of the folder data structure; encrypting the private key associated with the folder data structure using the public key associated with the folder originator associated with the folder data structure; and preventing access to an unencrypted version of the folder data structure private key and an unencrypted version of the private key associated with the content file. - View Dependent Claims (2, 3, 4)
-
-
5. A computer system for securing a content file comprising:
-
at least one central processing unit connected using a data channel to at least one data storage device; a folder data structure stored on the shared computer system, said folder data structure being associated with a public/private encryption key pair and a folder originator, said folder originator being associated with a public/private encryption key pair; said system being adapted to execute a method comprising; receiving and storing the content file; generating a public/private encryption key pair associated with the content file; encrypting the content file with the public key associated with the content file; retrieving from data storage the public key of the public/private encryption key pair associated with the folder data structure; encrypting the private key associated with the content file using the public key of the folder data structure; encrypting the private key associated with the folder data structure using the public key associated with the folder originator associated with the folder data structure; and preventing access to an unencrypted version of the folder data structure private key and an unencrypted version of the unencrypted private key associated with the content file. - View Dependent Claims (6, 7, 8)
-
-
9. A non-transitory computer storage medium containing program code that, when executed by a shared computer system, causes the shared computer system to execute a method of securing a content file associated with a folder data structure stored on the shared computer system, said folder data structure being associated with a public/private encryption key pair and a folder originator, said folder originator being associated with a public/private encryption key pair, the method comprising:
-
receiving and storing the content file; generating a public/private encryption key pair associated with the content file; encrypting the content file with the public key associated with the content file; retrieving from data storage the public key of the public/private encryption key pair associated with the folder data structure; encrypting the private key associated with the content file using the public key of the folder data structure; encrypting the private key associated with the folder data structure using the public key associated with the folder originator associated with the folder data structure; and
preventing access to an unencrypted version of the folder data structure private key and an unencrypted version of the unencrypted private key associated with the content file. - View Dependent Claims (10, 11, 12)
-
Specification