Method and system for providing document retention using cryptography

US 9,286,484 B2
Filed: 12/13/2013
Issued: 03/15/2016
Est. Priority Date: 04/22/2002
Status: Active Grant

First Claim

Patent Images

1. A method for restricting access to an electronic document, comprising:

identifying an electronic document to be secured, the electronic document having at least a data portion that contains data;

encrypting the data portion of the electronic document using a document key to produce an encrypted data portion;

encrypting the document key using a retention access key to produce an encrypted document key, the retention access key being used to enforce a document retention policy on the electronic document; and

forming a secured electronic document based on at least the encrypted data portion and the encrypted document key,wherein the document retention policy is dependent on a future event that is presently unscheduled, wherein the document retention policy expires at a determined time after the future event occurs, and wherein the future event is scheduled after the document retention policy is associated with the electronic document.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for utilizing security criteria to implement document retention for electronic documents are disclosed. The security criteria can also limit when, how and where access to the electronic documents is permitted. The security criteria can pertain to keys (or ciphers) used to secure (e.g., encrypt) electronic files (namely, electronic documents), or to unsecure (e.g., decrypt) electronic files already secured. At least a portion of the security criteria can be used to implement document retention, namely, a document retention policy. After a secured electronic document has been retained for the duration of the document retention policy, the associated security criteria becomes no longer available, thus preventing subsequent access to the secured electronic document. In other words, access restrictions on electronic documents can be used to prevent access to electronic documents which are no longer to be retained.

439 Citations

15 Claims

1. A method for restricting access to an electronic document, comprising:
- identifying an electronic document to be secured, the electronic document having at least a data portion that contains data;
  
  encrypting the data portion of the electronic document using a document key to produce an encrypted data portion;
  
  encrypting the document key using a retention access key to produce an encrypted document key, the retention access key being used to enforce a document retention policy on the electronic document; and
  
  forming a secured electronic document based on at least the encrypted data portion and the encrypted document key,wherein the document retention policy is dependent on a future event that is presently unscheduled, wherein the document retention policy expires at a determined time after the future event occurs, and wherein the future event is scheduled after the document retention policy is associated with the electronic document.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the retention access key is a public retention access key.
  - 3. The method of claim 1, further comprising:
    - maintaining accessibility to the retention access key from a remote key store while a document retention period of the document retention policy has not been exceeded.
  - 4. The method of claim 3, further comprising:
    - receiving, by a client machine, the retention access key from the remote key store over a network.
  - 5. The method of claim 3, further comprising:
    - receiving, by a server, the retention access key from the remote key store over a network.
  - 6. The method of claim 1, further comprising:
    - extending the determined time of expiration after the future event has occurred.

7. A method for accessing a secured electronic document by a requestor, the secured electronic document having at least a header portion and an encrypted data portion, comprising:
- obtaining a retention access key, the retention access key being used to enforce a document retention policy on the secured electronic document;
  
  obtaining an encrypted document key from the header portion of the secured electronic document;
  
  decrypting the encrypted document key using the retention access key to produce a document key; and
  
  decrypting the encrypted data portion of the secured electronic document using the document key to produce a data portion,wherein the document retention policy is dependent on a future event that is presently unscheduled, wherein the document retention policy expires at a determined time after the future event occurs, and wherein the future event is scheduled after the document retention policy is associated with the electronic document.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The method of claim 7, further comprising:
    - supplying the data portion to the requestor, wherein the retention access key is identified by an indicator within a header portion of the secured electronic document.
  - 9. The method of claim 7, wherein the retention access key is a private retention access key.
  - 10. The method of claim 7, wherein the obtaining a retention access key comprises obtaining the retention access key from a server, wherein the server determines whether the retention access key is permitted to be provided to the requestor based on the document retention policy.
  - 11. The method of claim 7, wherein the retention access key is available from a remote key store only so long as a document retention period of the document retention policy has not been exceeded.
  - 12. The method of claim 7, wherein:
    - the retention access key is available only so long as a document retention period of the document retention policy has not been exceeded, andthe document retention period can be extended to permit extended access to the electronic document.
  - 13. The method of claim 7, wherein the retention access key is available while a document retention period of the document retention policy has not been exceeded.

14. A non-transitory computer-readable storage medium having control logic recorded thereon that, in response to execution by a processor in a computing system, causes the processor to perform operations to restrict access to an electronic document, the operations comprising:
- identifying an electronic document to be secured, the electronic document having at least a data portion that contains data;
  
  encrypting the data portion of the electronic document using a document key to produce an encrypted data portion;
  
  encrypting the document key using a retention access key to produce an encrypted document key, the retention access key being used to enforce a document retention policy on the electronic document; and
  
  forming a secured electronic document based on at least the encrypted data portion and the encrypted document key,wherein the document retention policy is dependent on a future event that is presently unscheduled, wherein the document retention policy expires at a determined time after the future event occurs, and wherein the future event is scheduled after the document retention policy is associated with the electronic document.
- View Dependent Claims (15)
- - 15. The non-transitory computer-readable storage medium of claim 14, the operations further comprising:
    - providing the retention access key to a requesting device if the document retention policy has not expired; and
      
      denying, access to the retention access key if the document retention policy has expired.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Intellectual Ventures I LLC (Intellectual Ventures LLC)
Inventors
Nath, Satyajit
Primary Examiner(s)
Abrishamkar, Kaveh

Application Number

US14/106,223
Publication Number

US 20140101457A1
Time in Patent Office

823 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/6209 to a single file or object,...

G06F 2221/2137 Time limited access, e.g. t...

Method and system for providing document retention using cryptography

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

439 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for providing document retention using cryptography

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

439 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links