Distributed cryptographic object method
DC CAFCFirst Claim
Patent Images
1. A method for providing multi-level multimedia security in a data network, comprising:
- A) accessing an object-oriented key manager;
B) selecting a first object to encrypt;
C) selecting a first label for the first object;
D) selecting an encryption algorithm;
E) encrypting the first object according to the encryption algorithm;
F) labelling the encrypted first object wherein the labelling comprises creating a display header;
G) reading the first object label;
H) determining access authorization based on the first object label; and
I) allowing access to the first object only if access authorization is granted.
5 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A system for increasing the security of a computer system, while giving an individual user a large amount of flexibility and power. To give users the most power and flexibility, a standard object that has the capability to embed objects is used. To allow users even more flexibility, a standard object tracking mechanism is used that allows users to distribute multiple encrypted embedded objects to other individuals in a single encrypted object. By effecting compartmentalization of every object by label attributes and algorithm attributes, multi-level multimedia security is achieved.
126 Citations
20 Claims
-
1. A method for providing multi-level multimedia security in a data network, comprising:
-
A) accessing an object-oriented key manager; B) selecting a first object to encrypt; C) selecting a first label for the first object; D) selecting an encryption algorithm; E) encrypting the first object according to the encryption algorithm; F) labelling the encrypted first object wherein the labelling comprises creating a display header; G) reading the first object label; H) determining access authorization based on the first object label; and I) allowing access to the first object only if access authorization is granted. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for providing multi-level multimedia security in a data network, comprising:
-
A) a data processor, the data processor comprising; 1)a system memory, comprising stored data; 2)an encryption algorithm module, comprising logic for converting unencrypted objects into encrypted objects, the encryption algorithm module being disposed to access data stored in the system memory; 3)an object labelling subsystem, comprising logic means for limiting object access, subject to label conditions, the object labelling subsystem being disposed to access data stored in the system memory and the object labelling subsystem being further disposed to accept inputs from the encryption algorithm module; 4)a decryption algorithm module, comprising logic for converting encrypted objects into unencrypted objects, the decryption algorithm module being disposed to access data stored in the system memory means; and 5)an object label identification subsystem, comprising logic for limiting object access, subject to label conditions, the object label identification subsystem being disposed to access data stored in the system memory and the object label identification subsystem being further disposed to accept inputs from the decryption algorithm module; B) the encryption algorithm module working in conjunction with the object labelling subsystem to create an encrypted object such that the object label identification subsystem limits access to an encrypted object. - View Dependent Claims (15, 16, 17)
-
-
18. A system for providing multi-level multimedia security in a data network, comprising:
-
A) means for accessing an object-oriented key manager; B) means for selecting a first object to encrypt; C) means for selecting a label for the first object; D) means for selecting an encryption algorithm; E) means for encrypting the first object; F) means for embedding the first object within a second object; G) means for labelling the encrypted first object; H) means for reading the label; I) means for determining access authorization based on the label; and J) means for accessing the first object only if access authorization is granted; K) the means for embedding the first object within a second object including means for covering the first object with a second object. - View Dependent Claims (19, 20)
-
Specification