Methods and systems for providing access control to secured data
First Claim
1. A method for securing an electronic document, the method comprising:
- obtaining an electronic document to be secured;
determining a particular electronic document data type corresponding to the electronic document, wherein the electronic document and the electronic document data type are associated with an application;
obtaining a data type key associated with the electronic document data type that has been determined;
encrypting at least a data portion of the electronic document using the data type key according to a public key encryption algorithm;
producing an encrypted document corresponding to the electronic document and storing the encrypted document in an existing database, wherein the encrypted document is associated with the application and is in a format accessible by the application;
wherein the data portion of the electronic document can be decrypted using the data type key upon determining that a requester has permission to access the particular electronic document data type of the electronic document.
1 Assignment
0 Petitions
Accused Products
Abstract
In a system for providing access control management to electronic data, techniques to secure the electronic data and keep the electronic data secured at all times are disclosed. According to one embodiment, a secured file or secured document includes two parts: an attachment, referred to as a header, and an encrypted document or data portion. The header includes security information that points to or includes the access rules and a file key. The access rules facilitate restrictive access to the secured document and essentially determine who/when/how/where the secured document can be accessed. The file key is used to encrypt/decrypt the encrypted data portion. Only those who have the proper access privileges are permitted to retrieve the file key to encrypt/decrypt the encrypted data portion.
-
Citations
28 Claims
-
1. A method for securing an electronic document, the method comprising:
-
obtaining an electronic document to be secured; determining a particular electronic document data type corresponding to the electronic document, wherein the electronic document and the electronic document data type are associated with an application; obtaining a data type key associated with the electronic document data type that has been determined; encrypting at least a data portion of the electronic document using the data type key according to a public key encryption algorithm; producing an encrypted document corresponding to the electronic document and storing the encrypted document in an existing database, wherein the encrypted document is associated with the application and is in a format accessible by the application; wherein the data portion of the electronic document can be decrypted using the data type key upon determining that a requester has permission to access the particular electronic document data type of the electronic document. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for decrypting a secure electronic document, the method comprising:
-
identifying an electronic document to be unsecured for access by a requestor; determining a particular electronic document data type of the electronic document, wherein the electronic document and the electronic document data type are associated with an application; determining whether the requestor has permission to access the particular electronic document data type of the electronic document; obtaining a data type key associated with the electronic document data type when the determining determines that the requestor has permission to access electronic documents having the particular electronic document data type, wherein at least a data portion of the electronic document has been encrypted using the data type key according to a public key encryption algorithm, and wherein the encrypted electronic document is in a format accessible by the application; decrypting at least the data portion of the electronic document using at least the data type key upon determining that the requester has permission to access the particular electronic document data type of the electronic document; and providing at least the unencrypted data portion to the requestor. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A computer program product embodied in a non-transitory computer-readable storage medium having computer program logic recorded thereon enabling a hardware processor to secure an electronic document, said computer program code comprising:
-
computer program code enabling a processor to obtain an electronic document to be secured; computer program code enabling the processor to determine a particular electronic document data type corresponding to the electronic document, wherein the electronic document and the electronic document data type are associated with an application; computer program code enabling the processor to obtain a data type key associated with the electronic document data type that has been determined; computer program code enabling the processor to encrypt at least a data portion of the electronic document using the data type key according to a public key encryption algorithm; computer program code enabling the processor to produce an encrypted document corresponding to the electronic document and store the encrypted document in an existing database, wherein the encrypted document is associated with the application and is in a format accessible by the application; wherein the data portion of the electronic document can be decrypted using the data type key upon determining that a requester has permission to access the particular electronic document data type of the electronic document.
-
Specification