Parallel and hierarchical password protection on specific document sections
First Claim
1. A computerized method performed by one or more processors, the method comprising:
- receiving a request to provide access to an electronic file to a user, the electronic file having a plurality of sections, wherein at least two of the sections of the electronic file are encrypted using at least two different hierarchical cryptographic keys, wherein a higher level section is associated with a first level of security clearance and is encrypted using a first hierarchical cryptographic key, wherein a lower level section is associated with a second level of security clearance and is encrypted using a second hierarchical cryptographic key different than the first hierarchical cryptographic key, the second level of security clearance is lower than the first level of security clearance, wherein the second hierarchical cryptographic key is encrypted by the first hierarchical cryptographic key, wherein the first hierarchical cryptographic key is generated based on a first password using a first key generation mechanism, wherein the second hierarchical cryptographic key is generated based on a second password using the first key generation mechanism, and wherein the electronic file is associated with a set of security metadata, the set of security metadata including a set of section definitions and a description of the encryption applied to one or more sections, wherein the set of security metadata is embedded within the electronic file;
generating a third hierarchical cryptographic key in response to receiving a third password from a user requesting access to the electronic file, wherein the third hierarchical cryptographic key is generated based on the third password using the first key generation mechanism;
comparing the third hierarchical cryptographic key to the first hierarchical cryptographic key and the second hierarchical cryptographic key to determine whether the third hierarchical cryptographic key is identical to the first hierarchical cryptographic key or the second hierarchical cryptographic key;
in response to determining the third hierarchical cryptographic key is identical to the first hierarchical cryptographic key, decrypting the higher level section encrypted using the first hierarchical cryptographic key with the third hierarchical cryptographic key;
in response to determining that the second hierarchical cryptographic key is encrypted using the first hierarchical cryptographic key, decrypting the second hierarchical cryptographic key using the third hierarchical cryptographic key;
decrypting the lower level section encrypted using the second cryptographic key with the decrypted second hierarchical cryptographic key; and
in response to decrypting the lower level section, presenting the electronic file at a user interface, the presented electronic file making visible the higher level section and the lower level section.
1 Assignment
0 Petitions
Accused Products
Abstract
The present disclosure involves systems and computer implemented methods for protecting portions of electronic documents. An example method includes receiving a request for access to an electronic file having sections, at least one section encrypted using a first key based on a first password. A second key is generated in response to receiving a second password, wherein the second key is generated based on the second password. The second key is compared to the first key. If the second key is identical to the first key, the least one section of the electronic file encrypted using the first key is decrypted using the second key. The electronic file is then presented such that the section(s) previously encrypted using the first cryptographic key is made visible. If the second key is not identical to the first, the electronic file is presented with the encrypted section(s) obscured.
43 Citations
5 Claims
-
1. A computerized method performed by one or more processors, the method comprising:
-
receiving a request to provide access to an electronic file to a user, the electronic file having a plurality of sections, wherein at least two of the sections of the electronic file are encrypted using at least two different hierarchical cryptographic keys, wherein a higher level section is associated with a first level of security clearance and is encrypted using a first hierarchical cryptographic key, wherein a lower level section is associated with a second level of security clearance and is encrypted using a second hierarchical cryptographic key different than the first hierarchical cryptographic key, the second level of security clearance is lower than the first level of security clearance, wherein the second hierarchical cryptographic key is encrypted by the first hierarchical cryptographic key, wherein the first hierarchical cryptographic key is generated based on a first password using a first key generation mechanism, wherein the second hierarchical cryptographic key is generated based on a second password using the first key generation mechanism, and wherein the electronic file is associated with a set of security metadata, the set of security metadata including a set of section definitions and a description of the encryption applied to one or more sections, wherein the set of security metadata is embedded within the electronic file; generating a third hierarchical cryptographic key in response to receiving a third password from a user requesting access to the electronic file, wherein the third hierarchical cryptographic key is generated based on the third password using the first key generation mechanism; comparing the third hierarchical cryptographic key to the first hierarchical cryptographic key and the second hierarchical cryptographic key to determine whether the third hierarchical cryptographic key is identical to the first hierarchical cryptographic key or the second hierarchical cryptographic key; in response to determining the third hierarchical cryptographic key is identical to the first hierarchical cryptographic key, decrypting the higher level section encrypted using the first hierarchical cryptographic key with the third hierarchical cryptographic key; in response to determining that the second hierarchical cryptographic key is encrypted using the first hierarchical cryptographic key, decrypting the second hierarchical cryptographic key using the third hierarchical cryptographic key; decrypting the lower level section encrypted using the second cryptographic key with the decrypted second hierarchical cryptographic key; and in response to decrypting the lower level section, presenting the electronic file at a user interface, the presented electronic file making visible the higher level section and the lower level section. - View Dependent Claims (2)
-
-
3. A non-transitory, computer-readable medium storing computer-readable instructions, the instructions executable by at least one processor and operable when executed to:
-
receive a request to provide access to an electronic file to a user, the electronic file having a plurality of sections, wherein at least two of the sections of the electronic file are encrypted using at least two different hierarchical cryptographic keys, wherein a higher level section is associated with a first level in an organizational hierarchy and is encrypted using a first hierarchical cryptographic key, wherein a lower level section is associated with a second level in an organizational hierarchy and is encrypted using a second hierarchical cryptographic key different than the first hierarchical cryptographic key, wherein the second hierarchical cryptographic key is encrypted by the first hierarchical cryptographic key, the second level in the organizational hierarchy is lower than the first level in the organizational hierarchy, wherein the first hierarchical cryptographic key is generated based on a first password using a first key generation mechanism, wherein the second hierarchical cryptographic key is generated based on a second password using the first key generation mechanism, and wherein the electronic file is associated with a set of security metadata, the set of security metadata including a set of section definitions and a description of the encryption applied to one or more sections, wherein the set of security metadata is embedded within the electronic file; generate a third hierarchical cryptographic key in response to receiving a third password from a user requesting access to the electronic file, wherein the third hierarchical cryptographic key is generated based on the third password using the first key generation mechanism; compare the third hierarchical cryptographic key to the first hierarchical cryptographic key and the second hierarchical cryptographic key to determine whether the third hierarchical cryptographic key is identical to the first hierarchical cryptographic key or the second hierarchical cryptographic key; in response to determining the third hierarchical cryptographic key is identical to the first hierarchical cryptographic key, decrypt the higher level section encrypted using the first hierarchical cryptographic key with the third hierarchical cryptographic key; in response to determining that the second hierarchical cryptographic key is encrypted using the first hierarchical cryptographic key, decrypt the second hierarchical cryptographic key using the third hierarchical cryptographic key; decrypt the lower level section encrypted using the second cryptographic key with the decrypted second hierarchical cryptographic key; and in response to decrypting the lower level section, present the electronic file at a user interface, the presented electronic file making visible the higher level section and the lower level section. - View Dependent Claims (4)
-
-
5. A system comprising:
-
at least one processor; and a memory communicatively coupled to the at least one processor, the memory storing instructions which, when executed by the at least one processor, cause the at least one processor to perform operations comprising; receiving a request to provide access to an electronic file to a user, the electronic file having a plurality of sections, wherein at least two of the sections of the electronic file are encrypted using at least two different hierarchical cryptographic keys, wherein a higher level section is associated with a first level of security clearance and is encrypted using a first hierarchical cryptographic key, wherein a lower level section is associated with a second level of security clearance and is encrypted using a second hierarchical cryptographic key different than the first hierarchical cryptographic key, the second level of security clearance is lower than the first level of security clearance, wherein the second hierarchical cryptographic key is encrypted by the first hierarchical cryptographic key, wherein the first hierarchical cryptographic key is generated based on a first password using a first key generation mechanism, wherein the second hierarchical cryptographic key is generated based on a second password using the first key generation mechanism, and wherein the electronic file is associated with a set of security metadata, the set of security metadata including a set of section definitions and a description of the encryption applied to one or more sections, wherein the set of security metadata is embedded within the electronic file; generating a third hierarchical cryptographic key in response to receiving a third password from a user requesting access to the electronic file, wherein the third hierarchical cryptographic key is generated based on the third password using the first key generation mechanism; comparing the third hierarchical cryptographic key to the first hierarchical cryptographic key and the second hierarchical cryptographic key to determine whether the third hierarchical cryptographic key is identical to the first hierarchical cryptographic key or the second hierarchical cryptographic key; in response to determining the third hierarchical cryptographic key is identical to the first hierarchical cryptographic key, decrypting the higher level section encrypted using the first hierarchical cryptographic key with the third hierarchical cryptographic key; in response to determining that the second hierarchical cryptographic key is encrypted using the first hierarchical cryptographic key, decrypting the second hierarchical cryptographic key using the third hierarchical cryptographic key; decrypting the lower level section encrypted using the second cryptographic key with the decrypted second hierarchical cryptographic key; and in response to decrypting the lower level section, presenting the electronic file at a user interface, the presented electronic file making visible the higher level section and the lower level section.
-
Specification