Network-based service content protection
First Claim
Patent Images
1. A method comprising:
- obtaining a runtime routine from a service provider responsive to a service access request configured to permit editing performed locally at a computing device;
receiving content on the computing device;
editing the content locally by the computing device through execution of the runtime routine obtained from the service provider;
automatically encrypting the edited content without any user intervention by the computing device using an encryption credential through execution of the runtime routine and responsive to a request to store the content at the service provider such that the encrypted content can only be decrypted and accessed with the encryption credential at the computing device;
converting a filename of the content to an associated file identifier to protect the filename and to limit the service provider awareness to only the associated file identifier and the corresponding encrypted content;
storing locally, on the computing device, the filename of the content and the associated file identifier; and
uploading the encrypted content and the associated file identifier to the service provider.
1 Assignment
0 Petitions
Accused Products
Abstract
Network-based service content protection techniques are described. In one or more implementations, content is edited locally by a computing device. The edited content is automatically encrypted without any user intervention by the computing device using an encryption credential, e.g., encryption key or other secret. The automatic encryption is performed responsive to a request to store the content at a network-based service provider such that the encrypted content can only be decrypted and accessed with the encryption credential and the encrypted content is uploaded to the network-based service provider.
28 Citations
20 Claims
-
1. A method comprising:
-
obtaining a runtime routine from a service provider responsive to a service access request configured to permit editing performed locally at a computing device; receiving content on the computing device; editing the content locally by the computing device through execution of the runtime routine obtained from the service provider; automatically encrypting the edited content without any user intervention by the computing device using an encryption credential through execution of the runtime routine and responsive to a request to store the content at the service provider such that the encrypted content can only be decrypted and accessed with the encryption credential at the computing device; converting a filename of the content to an associated file identifier to protect the filename and to limit the service provider awareness to only the associated file identifier and the corresponding encrypted content; storing locally, on the computing device, the filename of the content and the associated file identifier; and uploading the encrypted content and the associated file identifier to the service provider. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method comprising:
-
obtaining a runtime routine from a service provider responsive to a service access request; obtaining encrypted content via a network by a computing device, the encrypted content made available by the service provider; decrypting the encrypted content for access and editing locally at the computing device through execution of the obtained runtime routine; responsive to a request to communicate the decrypted content outside of the computing device, automatically encrypting the decrypted content without user intervention through execution of the obtained runtime routine; converting a filename of the decrypted content to an associated file identifier to protect the filename to limit the service provider awareness to only the associated file identifier and the corresponding encrypted content; and storing locally, on the computing device, the filename of the content and the associated file identifier. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A system comprising:
-
a communication module of a computing device configured to receive content and a runtime routine from a service provider; one or more modules implemented at least partially in hardware, the one or more modules configured to; obtain the runtime routine from the service provider responsive to a service access request configured to permit the content being encrypted locally at the computing device; encrypt the content locally by the computing device through execution of the runtime routine that is configured to protect the content automatically and without user intervention from access by the service provider; store the content encrypted by the runtime routine automatically and without user intervention such that the content is not accessible by the service provider; convert a filename of the content to an associated file identifier to protect the filename and to limit the service provider awareness to only the associated file identifier and the corresponding encrypted content; and store locally, on the computing device, the filename of the content and the associated file identifier. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification