Method and apparatus for communicating information between devices
First Claim
1. A method of an access point in a network of devices to permit data to be stored on the devices and to be searched for and accessed from any of the devices, the network including a definition of a plurality of virtual channels to which documents may be stored and users may be authorized, the method comprising:
- providing a mechanism for securely assigning authorizations to users to read or write data from or to specified ones of the channels, the authorizations checked by the access points;
in response to a request to write data into a particular channel, determining that a user making the request is authorized to write data onto the requested channel and associating the data with the requested channel, encrypting the data so that it is not readable except via the access point and sending the data to one of the devices connected to the network to store the data together with the association; and
in response to a request to search for data from a particular channel or group of channels, determining that the user making the request is authorized to read data from the requested channel or group of channels and issuing a corresponding search request or requests to a subset of the devices and, responsive to a determination that the devices store data satisfying the request, decrypting and transmitting the data to the requesting user, and responsive to a determination that the devices do not store data satisfying the request, forwarding the search request to another one or more of the devices.
1 Assignment
0 Petitions
Accused Products
Abstract
A network of devices permits data to be stored on the devices and subsequently searched and accessed from any other one of the devices. A plurality of channels are defined to distribute a plurality of access points throughout the network. A mechanism securely assigns authorizations to users to read or write from or to specified ones of the channels, which authorizations are capable of being checked by each of the access points. To write into a channel, a request is made to one of the access points which checks if the requesting user is authorized to write onto the requested channel. If appropriate, the data is associated with the requested channel. To search for data from a particular channel or group of channels, a search request is made to one of the access points which first checks the requesting user is authorized to read from the requested channel or group of channels. If appropriate it issues a corresponding search request or requests to a subset of the devices which checks to see if stored data satisfying the request exists there and, if so, the data is transmitted to the requesting user. Otherwise the search request is forwarded to another one or more of the devices.
-
Citations
11 Claims
-
1. A method of an access point in a network of devices to permit data to be stored on the devices and to be searched for and accessed from any of the devices, the network including a definition of a plurality of virtual channels to which documents may be stored and users may be authorized, the method comprising:
-
providing a mechanism for securely assigning authorizations to users to read or write data from or to specified ones of the channels, the authorizations checked by the access points; in response to a request to write data into a particular channel, determining that a user making the request is authorized to write data onto the requested channel and associating the data with the requested channel, encrypting the data so that it is not readable except via the access point and sending the data to one of the devices connected to the network to store the data together with the association; and in response to a request to search for data from a particular channel or group of channels, determining that the user making the request is authorized to read data from the requested channel or group of channels and issuing a corresponding search request or requests to a subset of the devices and, responsive to a determination that the devices store data satisfying the request, decrypting and transmitting the data to the requesting user, and responsive to a determination that the devices do not store data satisfying the request, forwarding the search request to another one or more of the devices. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A data storage system for permitting data to be stored and selectively accessed by users of the system, the system comprising:
-
a computer network including a plurality of data processing devices connected to the network, the network including a definition of a plurality of virtual channels to which documents may be stored and users may be authorized, wherein at least some of the devices, when in use, support access point software modules each of which controls access, by users of the system, to the system, such that prior to permitting a user to retrieve data from, or to write data to, the system it can check the identity of the user and determine from which channels of data the user can read data or to which channels of data the user can write data, and wherein each access point responds to a user request to write data to the data storage system, the request specifying a channel into which data is to be written and checks that the user is authorized to write data belonging to that channel to the system, and responsive to the check, generates an association with the requested channel, encrypting the data so that it is not readable except via the access point and sends the data to one of the devices connected to the network to store the data together with the association, and wherein each access point responds to a user request to access data from the data storage system, the request specifying a particular channel or group of channels to be searched, checks that the user is authorized to read data associated with the or each respective channel, and responsive to the check, searches for the requested data from the device on which the access point software module is operating and any other associated devices, and in response to a determination that the data can not be found, passes the request on to one or more other ones of the devices for them to search for the requested data. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory storage medium storing a computer program which causes a computer to execute an executable code for carrying out a method of an access point in a network of devices to permit data to be stored on the devices and to be searched for and accessed from any of the devices, the network including a definition of a plurality of virtual channels to which documents may be stored and users may be authorized, the method comprising:
-
providing a mechanism for securely assigning authorizations to users to read or write data from or to specified ones of the channels, the authorizations checked by the access points; in response to a request to write data into a particular channel, determining that a user making the request is authorized to write data onto the requested channel and associating the data with the requested channel, encrypting the data so that it is not readable except via the access point and sending the data to one of the devices connected to the network to store the data together with the association; and in response to a request to search for data from a particular channel or group of channels, determining that the user making the request is authorized to read data from the requested channel or group of channels and issuing a corresponding search request or requests to a subset of the devices and, responsive to a determination that the devices store data satisfying the request, decrypting and transmitting the data to the requesting user, and responsive to a determination that the devices do not store data satisfying the request, forwarding the search request to another one or more of the devices.
-
Specification