METHODS AND SYSTEMS FOR PROVIDING ACCESS CONTROL TO SECURED DATA
First Claim
1. A storage device, comprising:
- a memory storing a secured file; and
a processor configured to execute modules comprising;
a verification module configured to send a file access request to an access control management module and receive a response to the file access request from the access control management module, the file access request being based on a request to access the secured file; and
a document securing module configured to decrypt the secured file when the response indicates that the access control management module grants access to the secured file, wherein the access grant to the secured file is based on permissions for a user associated with the request to access the secured file,wherein the processor is further configured to provide the decrypted file in response to the file access request.
0 Assignments
0 Petitions
Accused Products
Abstract
In a system for providing access control management to electronic data, techniques to secure the electronic data and keep the electronic data secured at all times are disclosed. According to one embodiment, a secured file or secured document includes two parts: an attachment, referred to as a header, and an encrypted document or data portion. The header includes security information that points to or includes the access rules and a file key. The access rules facilitate restrictive access to the secured document and essentially determine who/when/how/where the secured document can be accessed. The file key is used to encrypt/decrypt the encrypted data portion. Only those who have the proper access privileges are permitted to retrieve the file key to encrypt/decrypt the encrypted data portion.
26 Citations
28 Claims
-
1. A storage device, comprising:
-
a memory storing a secured file; and a processor configured to execute modules comprising; a verification module configured to send a file access request to an access control management module and receive a response to the file access request from the access control management module, the file access request being based on a request to access the secured file; and a document securing module configured to decrypt the secured file when the response indicates that the access control management module grants access to the secured file, wherein the access grant to the secured file is based on permissions for a user associated with the request to access the secured file, wherein the processor is further configured to provide the decrypted file in response to the file access request. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An access control management module, comprising:
-
a key management module configured to store a file key that enables access to a secured file stored in a storage device; a network interface configured to receive a file access request from the storage device to access the secured file; a rules management module configured to retrieve an access rule corresponding to the secured file, wherein the access rule is based upon the secured file and a user that caused the file access request; and a processor configured to determine whether to permit the file access request based upon the access rule and transmit the determination, wherein the processor is further configured to execute the key management module. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-readable storage medium having control logic recorded thereon that, when executed by a processor in an access control management module, causes the processor to perform a method, comprising:
-
receiving a file access request from a storage device to access a secured file stored in the storage device; retrieving an access rule corresponding to the secured file, the access rule being based upon the secured file and a user that caused the file access request; determining whether to permit the file access request based upon the access rule; and transmitting the determination to the storage device. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A storage system, comprising:
-
a server configured to send a file access request to a central access control server and receive a response to the file access request from the central access control server, the file access request being based on a request to access a secured file; and a document securing module, in the server, configured to decrypt the secured file when the response indicates that the central access control server grants access to the secured file, wherein the access grant to the secured file is based on permissions for a requestor associated with the request to access the secured file, and wherein the server is further configured to provide the decrypted file in response to the file access request. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
-
Specification