Computerized method and system for managing secure content sharing in a networked secure collaborative exchange environment with customer managed keys
First Claim
Patent Images
1. A method for managing a networked secure collaborative computer data exchange environment, the method comprising:
- establishing, by a secure exchange server managed by an intermediate business entity, a user login data authentication procedure that allows a user through at least one client computing device to access the secure exchange server, wherein the user is one of a plurality of users of a plurality of other business entities and communications between the secure exchange server and the plurality of users are through a communications network;
storing, by the secure exchange server, at least one user login authentication data for at least one of the plurality of users;
receiving and storing at the exchange server an encrypted computer data content from a first of the plurality of users of a first business entity wherein the encrypted computer data content is encrypted using a selected encryption protocol employing encryption keys managed by the first business entity, wherein the first of the plurality of users permits a sharing access to the encrypted computer data content to at least a second of the plurality of users of a second business entity, and wherein management for access to the computer data content is through an exchange content access facility managed by the intermediate business entity, wherein the first business entity manages its own encryption keys for use in encrypting computer data content; and
granting, by the secure exchange server, sharing access to the computer data content to the at least second of the plurality of users when the secure exchange server receives a client login authentication data from the second of the plurality of users.
9 Assignments
0 Petitions
Accused Products
Abstract
In embodiments of the present invention, improved capabilities are described for securely sharing computer data content between business entities as managed through an intermediate business entity, where the secure sharing process utilizes encryption provided by the intermediate business entity but where the encryption keys used in the encryption are at least in part managed through one of the business entities as customer managed keys.
-
Citations
10 Claims
-
1. A method for managing a networked secure collaborative computer data exchange environment, the method comprising:
-
establishing, by a secure exchange server managed by an intermediate business entity, a user login data authentication procedure that allows a user through at least one client computing device to access the secure exchange server, wherein the user is one of a plurality of users of a plurality of other business entities and communications between the secure exchange server and the plurality of users are through a communications network; storing, by the secure exchange server, at least one user login authentication data for at least one of the plurality of users; receiving and storing at the exchange server an encrypted computer data content from a first of the plurality of users of a first business entity wherein the encrypted computer data content is encrypted using a selected encryption protocol employing encryption keys managed by the first business entity, wherein the first of the plurality of users permits a sharing access to the encrypted computer data content to at least a second of the plurality of users of a second business entity, and wherein management for access to the computer data content is through an exchange content access facility managed by the intermediate business entity, wherein the first business entity manages its own encryption keys for use in encrypting computer data content; and granting, by the secure exchange server, sharing access to the computer data content to the at least second of the plurality of users when the secure exchange server receives a client login authentication data from the second of the plurality of users. - View Dependent Claims (2, 3)
-
-
4. A method for managing a networked secure collaborative computer data exchange environment, the method comprising:
-
establishing, by a secure exchange server managed by an intermediate business entity, a user login data authentication procedure that allows a user through at least one client computing device to access the secure exchange server, wherein the user is one of a plurality of users of a plurality of other business entities and communications between the secure exchange server and the plurality of users are through a communications network, wherein at least one of the plurality of other business entities manages its own encryption keys in association with encrypted computer data content provided by the at least one of the plurality of other business entities to the secure exchange server; storing, by the secure exchange server, at least one user login authentication data for at least one of the plurality of users; receiving and storing at the exchange server an encrypted computer data content from a first of the plurality of users of a first business entity wherein the encrypted computer data content is encrypted using a selected encryption protocol employing encryption keys managed by the first business entity, wherein the first of the plurality of users permits a sharing access to the encrypted computer data content to at least a second of the plurality of users of a second business entity, and wherein management for access to the computer data content is through an exchange content access facility managed by the intermediate business entity; and granting, by the secure exchange server, sharing access to the computer data content to the at least second of the plurality of users when the secure exchange server receives from the second of the plurality of users its client login authentication data. - View Dependent Claims (5, 6)
-
-
7. A method for managing a networked secure collaborative computer data exchange environment, the method comprising:
-
providing a user login data authentication procedure that allows a user through at least one client computing device to access a secure exchange server through an intermediate business entity, wherein the user is one of a plurality of users; storing in a storage device at least one user login authentication data for at least one of the plurality of users; by the secure exchange server, receiving and storing encrypted data content from a first user of the plurality of users wherein the encrypted computer data content is encrypted using a selected encryption protocol employing encryption keys managed by the first user, wherein the first user permits a sharing access to the encrypted data content to a subset of the plurality of users, and wherein management for access to the encrypted data content is through an exchange content access facility managed by the intermediate business entity; by the secure exchange server, granting sharing access to the encrypted data content to at least a second user of the plurality of users when the second user client login authentication data is one of the subset of data for the plurality of users to which sharing access is permitted; by the secure exchange server, receiving a copy access request from the second user to access a copy of the encrypted data content; granting, by the secure exchange server in response to the copy access request, copy access to the second user; by the secure exchange server, receiving from the first user a request to revoke sharing and copy access to the encrypted data content to the second user; and by the secure exchange server, revoking sharing access to the encrypted data content and copy access to the copy of the encrypted data content by the second user, wherein revoking copy access to the copy of the encrypted data content is a change in the digital rights management of the encrypted data content, and wherein access to the encrypted data content is revocable at any time at the request of the first user. - View Dependent Claims (8, 9, 10)
-
Specification