Computerized method and system for managing secure content sharing in a networked secure collaborative exchange environment with customer managed keys

US 9,654,450 B2
Filed: 06/10/2016
Issued: 05/16/2017
Est. Priority Date: 04/27/2012
Status: Active Grant

First Claim

Patent Images

1. A method for managing a networked secure collaborative computer data exchange environment, the method comprising:

establishing, by a secure exchange server managed by an intermediate business entity, a user login data authentication procedure that allows a user through at least one client computing device to access the secure exchange server, wherein the user is one of a plurality of users of a plurality of other business entities and communications between the secure exchange server and the plurality of users are through a communications network;

storing, by the secure exchange server, at least one user login authentication data for at least one of the plurality of users;

receiving and storing at the exchange server an encrypted computer data content from a first of the plurality of users of a first business entity wherein the encrypted computer data content is encrypted using a selected encryption protocol employing encryption keys managed by the first business entity, wherein the first of the plurality of users permits a sharing access to the encrypted computer data content to at least a second of the plurality of users of a second business entity, and wherein management for access to the computer data content is through an exchange content access facility managed by the intermediate business entity, wherein the first business entity manages its own encryption keys for use in encrypting computer data content; and

granting, by the secure exchange server, sharing access to the computer data content to the at least second of the plurality of users when the secure exchange server receives a client login authentication data from the second of the plurality of users.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In embodiments of the present invention, improved capabilities are described for securely sharing computer data content between business entities as managed through an intermediate business entity, where the secure sharing process utilizes encryption provided by the intermediate business entity but where the encryption keys used in the encryption are at least in part managed through one of the business entities as customer managed keys.

Citations

10 Claims

1. A method for managing a networked secure collaborative computer data exchange environment, the method comprising:
- establishing, by a secure exchange server managed by an intermediate business entity, a user login data authentication procedure that allows a user through at least one client computing device to access the secure exchange server, wherein the user is one of a plurality of users of a plurality of other business entities and communications between the secure exchange server and the plurality of users are through a communications network;
  
  storing, by the secure exchange server, at least one user login authentication data for at least one of the plurality of users;
  
  receiving and storing at the exchange server an encrypted computer data content from a first of the plurality of users of a first business entity wherein the encrypted computer data content is encrypted using a selected encryption protocol employing encryption keys managed by the first business entity, wherein the first of the plurality of users permits a sharing access to the encrypted computer data content to at least a second of the plurality of users of a second business entity, and wherein management for access to the computer data content is through an exchange content access facility managed by the intermediate business entity, wherein the first business entity manages its own encryption keys for use in encrypting computer data content; and
  
  granting, by the secure exchange server, sharing access to the computer data content to the at least second of the plurality of users when the secure exchange server receives a client login authentication data from the second of the plurality of users.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, wherein a second of the plurality of other business entities manages their own encryption keys for use in encrypting computer data content provided by the second of the plurality of other business entities.
  - 3. The method of claim 1, wherein the exchange content access facility managed by the intermediate business entity interfaces with a key management facility of the first business entity to facilitate the sharing access to the encrypted data content by the second of the plurality of users of the second business entity.

4. A method for managing a networked secure collaborative computer data exchange environment, the method comprising:
- establishing, by a secure exchange server managed by an intermediate business entity, a user login data authentication procedure that allows a user through at least one client computing device to access the secure exchange server, wherein the user is one of a plurality of users of a plurality of other business entities and communications between the secure exchange server and the plurality of users are through a communications network, wherein at least one of the plurality of other business entities manages its own encryption keys in association with encrypted computer data content provided by the at least one of the plurality of other business entities to the secure exchange server;
  
  storing, by the secure exchange server, at least one user login authentication data for at least one of the plurality of users;
  
  receiving and storing at the exchange server an encrypted computer data content from a first of the plurality of users of a first business entity wherein the encrypted computer data content is encrypted using a selected encryption protocol employing encryption keys managed by the first business entity, wherein the first of the plurality of users permits a sharing access to the encrypted computer data content to at least a second of the plurality of users of a second business entity, and wherein management for access to the computer data content is through an exchange content access facility managed by the intermediate business entity; and
  
  granting, by the secure exchange server, sharing access to the computer data content to the at least second of the plurality of users when the secure exchange server receives from the second of the plurality of users its client login authentication data.
- View Dependent Claims (5, 6)
- - 5. The method of claim 4, wherein a second of the plurality of other business entities manages their own encryption keys in association with encrypted computer data content provided by the second of the plurality of other business entities.
  - 6. The method of claim 4, wherein the exchange content access facility managed by the intermediate business entity interfaces with a key management facility of the first business entity to facilitate the sharing access to the encrypted data content by the second of the plurality of users of the second business entity.

7. A method for managing a networked secure collaborative computer data exchange environment, the method comprising:
- providing a user login data authentication procedure that allows a user through at least one client computing device to access a secure exchange server through an intermediate business entity, wherein the user is one of a plurality of users;
  
  storing in a storage device at least one user login authentication data for at least one of the plurality of users;
  
  by the secure exchange server, receiving and storing encrypted data content from a first user of the plurality of users wherein the encrypted computer data content is encrypted using a selected encryption protocol employing encryption keys managed by the first user, wherein the first user permits a sharing access to the encrypted data content to a subset of the plurality of users, and wherein management for access to the encrypted data content is through an exchange content access facility managed by the intermediate business entity;
  
  by the secure exchange server, granting sharing access to the encrypted data content to at least a second user of the plurality of users when the second user client login authentication data is one of the subset of data for the plurality of users to which sharing access is permitted;
  
  by the secure exchange server, receiving a copy access request from the second user to access a copy of the encrypted data content;
  
  granting, by the secure exchange server in response to the copy access request, copy access to the second user;
  
  by the secure exchange server, receiving from the first user a request to revoke sharing and copy access to the encrypted data content to the second user; and
  
  by the secure exchange server, revoking sharing access to the encrypted data content and copy access to the copy of the encrypted data content by the second user, wherein revoking copy access to the copy of the encrypted data content is a change in the digital rights management of the encrypted data content, and wherein access to the encrypted data content is revocable at any time at the request of the first user.
- View Dependent Claims (8, 9, 10)
- - 8. The method of claim 7, further comprising additional sharing of the encrypted data content with others of the plurality of users, wherein the revoking of sharing access and copy access revokes access to all instances of the shared encryption data content and all copies of the encrypted data content made by any of the others of the plurality of users.
  - 9. The method of claim 7, wherein the copy of the encrypted data content is deleted from the client computing device.
  - 10. The method of claim 7, wherein revoking sharing access to the copy of the encrypted data content makes the copy of the encrypted data content inaccessible to the second user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
IntraLinks Incorporated (SS&C Technologies Holdings Incorporated)
Original Assignee
Synchronoss Technologies Incorporated
Inventors
Callison, Wade, Ford, Christopher Todd, Siddiqui, Fahim, Hakhinian, Mushegh
Primary Examiner(s)
Tabor, Amare F

Application Number

US15/179,650
Publication Number

US 20160285838A1
Time in Patent Office

340 Days
Field of Search

726 4, 726 28, 726 7, 709209
US Class Current
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 65/403   Arrangements for multi-part...

H04L 9/08   Key distribution or managem...

Computerized method and system for managing secure content sharing in a networked secure collaborative exchange environment with customer managed keys

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Computerized method and system for managing secure content sharing in a networked secure collaborative exchange environment with customer managed keys

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links