System and method of applying adaptive privacy controls to lossy file types
First Claim
1. A non-transitory computer readable medium comprising computer executable instructions stored thereon that when executed cause one or more processing units to:
- receive an indication of a first protected portion of a file of a lossy file type, wherein the first protected portion comprises a sub-portion of the file;
generate first and second versions of the first protected portion of the file, wherein at least a part of the first version and the second version are identical, and wherein at least a part of the first version and the second version differ from each other;
receive a first access permission setting for the first version of the first protected portion of the file;
receive a second access permission setting for the second version of the first protected portion of the file;
receive an indication of a first recipient for the first version of the first protected portion;
receive an indication of a second recipient for the second version of the first protected portion;
generate an edited copy of the file that is obfuscated at a code level by generating modified pixel values corresponding to a location of the first protected portion to create an edited lossy file, wherein the obfuscation further comprises masking an original content of the file at the location of the first protected portion;
encrypt the first version of the first protected portion based, at least in part, on the first access permission settings and the first recipient;
encrypt the second version of the first protected portion based, at least in part, on the second access permission settings and the second recipient;
add the encrypted first and second versions of the first protected portion, associated with their respective access permission settings, back into the edited lossy file as hidden data within a data structure of the edited lossy file, wherein at least a part of the first version also masks the original content of the file at at least part of the location of the first protected portion; and
transmit the edited lossy file to the first and the second recipients.
1 Assignment
0 Petitions
Accused Products
Abstract
The proliferation of personal computing devices in recent years, especially mobile personal computing devices, combined with a growth in the number of widely-used communications formats has led to increased concerns regarding the safety and security of documents and messages that are sent over networks. Users desire a system that provides for the setting of custom access permissions at a file-level or sub-file-level. Such a system may allow the user to apply customized privacy settings (and, optionally, encryption keys) differently to particular portions of a document—even if the document is of a ‘lossy’ file type, e.g., a JPEG image. According to some embodiments, the custom access permission settings may be implemented by obfuscating portions of the original file and then embedding “secret,” e.g., hidden and/or encrypted, versions of the obfuscated portions in parts of the data structure of the original lossy file before transmitting the file to the desired recipients.
-
Citations
16 Claims
-
1. A non-transitory computer readable medium comprising computer executable instructions stored thereon that when executed cause one or more processing units to:
-
receive an indication of a first protected portion of a file of a lossy file type, wherein the first protected portion comprises a sub-portion of the file; generate first and second versions of the first protected portion of the file, wherein at least a part of the first version and the second version are identical, and wherein at least a part of the first version and the second version differ from each other; receive a first access permission setting for the first version of the first protected portion of the file; receive a second access permission setting for the second version of the first protected portion of the file; receive an indication of a first recipient for the first version of the first protected portion; receive an indication of a second recipient for the second version of the first protected portion; generate an edited copy of the file that is obfuscated at a code level by generating modified pixel values corresponding to a location of the first protected portion to create an edited lossy file, wherein the obfuscation further comprises masking an original content of the file at the location of the first protected portion; encrypt the first version of the first protected portion based, at least in part, on the first access permission settings and the first recipient; encrypt the second version of the first protected portion based, at least in part, on the second access permission settings and the second recipient; add the encrypted first and second versions of the first protected portion, associated with their respective access permission settings, back into the edited lossy file as hidden data within a data structure of the edited lossy file, wherein at least a part of the first version also masks the original content of the file at at least part of the location of the first protected portion; and transmit the edited lossy file to the first and the second recipients. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system, comprising:
-
a memory; and one or more processing units, communicatively coupled to the memory, wherein the memory stores instructions to configure the one or more processing units to; receive an indication of a first protected portion of a file of a lossy file type, wherein the first protected portion comprises a sub-portion of the file; generate first and second versions of the first protected portion of the file, wherein at least a part of the first version and the second version are identical, and wherein at least a part of the first version and the second version differ from each other; receive a first access permission setting for the first version of the first protected portion; receive an indication of a first recipient for the first version of the protected portion; receive a second access permission setting for the second version of the first protected portion; receive an indication of a second recipient for the second version of the protected portion; generate an edited copy of the file that is obfuscated at a code level by generating modified pixel values corresponding to a location of the first protected portion to create an edited lossy file, wherein the obfuscation further comprises masking an original content of the file at the location of the first protected portion; encrypt the first version of the first protected portion based, at least in part, on the first access permission settings and the first recipient; encrypt the second version of the first protected portion based, at least in part, on the second access permission settings and the second recipient; add the encrypted first and second versions of the first protected portion, associated with their respective access permission settings, back into the edited lossy file as hidden data within a data structure of the edited lossy file, wherein at least a part of the first version also masks the original content of the file at at least part of the location of the first protected portion; and transmit the edited lossy file to the first recipient and the second recipients. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer-implemented method, comprising:
-
receiving, by one or more hardware processor, an indication of a first protected portion of a file of a lossy file type, wherein the first protected portion comprises a sub-portion of the file; generate, by the one or more hardware processor, first and second versions of the first protected portion of the file, wherein at least a part of the first version and the second version are identical, and wherein at least a part of the first version and the second version differ from each other; receiving, by the one or more hardware processor, a first access permission setting for the first version of the first protected portion; receiving, by the one or more hardware processor, an indication of a first recipient for the first version of the first protected portion; receiving, by the one or more hardware processor, a second access permission setting for the second version of the first protected portion; receiving, by the one or more hardware processor, an indication of a second recipient for the second version of the first protected portion; generating, by the one or more hardware processor, an edited copy of the file that is obfuscated at a code level by generating modified pixel values corresponding to a location of the first protected portion to create an edited lossy file, wherein the obfuscation further comprises masking an original content of the file at the location of the first protected portion; encrypting, by the one or more hardware processor, the first version of the first protected portion based, at least in part, on the first access permission setting and the first recipient; encrypting, by the one or more hardware processor, the second version of the first protected portion based, at least in part, on the second access permission setting and the second recipient; adding, by the one or more hardware processor, the encrypted first and second versions of the first protected portion, associated with their respective access permission settings, back into the edited lossy file as hidden data within a data structure of the edited lossy file, wherein at least a part of the first version also masks the original content of the file at at least part of the location of the first protected portion; and transmitting, by the one or more hardware processor, the edited lossy file to the first recipient and the second recipient. - View Dependent Claims (16)
-
Specification