Encapsulation of public key cryptography standard number 7 into a secured document
First Claim
1. A method for providing secured access to data comprising:
- embedding an access information into a Public Key Cryptography Standard number 7 (PKCS#7) object having a recipient list, said access information encrypted by a symmetric key, said access information being configured to provide access to data in a file, said symmetric key encrypted once for each recipient listed in said recipient list using a public key of each recipient;
encapsulating said PKCS#7 object into said file; and
decrypting said access information using said symmetric key, said symmetric key decrypted using a private key of a predetermined one of a plurality of recipients listed in said recipient list, said decrypting being controlled by a viewer application to access said access information to provide said predetermined one of a plurality of recipients access to said data in said file.
2 Assignments
0 Petitions
Accused Products
Abstract
A secured access to data in a portable document format (PDF) file is provided by encapsulating a Public Key Cryptography Standard number 7 (PKCS#7) object having a recipient list into data. ‘Enveloped data’ encapsulated in the PKCS#7 object contains access information that is used to access the remainder of the document into which the PKCS#7 object is encapsulated. The access information can be decrypted by all recipients in the PKCS#7 recipient list. If a recipient listed in the recipient list attempts to access data in the document, the access information is decrypted using the recipient'"'"'s private key. The access information is used to obtain an access key that is used to decrypt data in the document.
100 Citations
34 Claims
-
1. A method for providing secured access to data comprising:
-
embedding an access information into a Public Key Cryptography Standard number 7 (PKCS#7) object having a recipient list, said access information encrypted by a symmetric key, said access information being configured to provide access to data in a file, said symmetric key encrypted once for each recipient listed in said recipient list using a public key of each recipient;
encapsulating said PKCS#7 object into said file; and
decrypting said access information using said symmetric key, said symmetric key decrypted using a private key of a predetermined one of a plurality of recipients listed in said recipient list, said decrypting being controlled by a viewer application to access said access information to provide said predetermined one of a plurality of recipients access to said data in said file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An apparatus for providing secured access to data comprising:
-
a Public Key Cryptography Standard number 7 (PKCS#7) object having, a recipient list listing a plurality of recipients designated to receive access to data, an encrypted access information configured to provide each said plurality of recipients access to said data, said encrypted access information embedded in said recipient list; and
a file encapsulating said PKCS#7 object and said data. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A system for providing secured access to data stored in a computer-readable medium and executable by a computer, comprising:
-
a Public Key Cryptography Standard number 7 (PKCS#7) object having, a recipient list configured to list a plurality of recipients designated to receive access to data, an encrypted access information configured to provide each said plurality of recipients access to said data, said encrypted access information embedded in said recipient list; and
a file encapsulating said PKCS#7 object and said data. - View Dependent Claims (18, 19, 20, 21)
-
-
22. A computer readable media containing executable computer program instructions which when executed on a digital processing system causes the system to perform a method comprising:
-
embedding an access information into a Public Key Cryptography Standard number 7 (PKCS#7) object having a recipient list, said access information encrypted by a symmetric key, said access information being configured to provide access to data in a file, said symmetric key encrypted once for each recipient listed in said recipient list using a public key of each recipient;
encapsulating said PKCS#7 object into said file; and
decrypting said access information using said symmetric key, said symmetric key decrypted using a private key of a predetermined one of a plurality of recipients listed in said recipient list, said decrypting being controlled by a viewer application to access said access information to provide said predetermined one of a plurality of recipients access to said data in said file. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A method for providing secured access to a portable document format (PDF) data comprising:
-
embedding an access information into a data encapsulating and encrypting object having a recipient list, said access information encrypted by a symmetric key, said access information being configured to provide access to data in a PDF file, said symmetric key encrypted once for each recipient listed in said recipient list using a public key of each recipient;
encapsulating said data encapsulating and encrypting object into said PDF file; and
decrypting said access information using said symmetric key, said symmetric key decrypted using a private key of a predetermined one of a plurality of recipients listed in said recipient list, said decrypting being controlled by a viewer application to access said access information to provide said predetermined one of a plurality of recipients access to said data in said PDF file.
-
-
34. A computer readable media containing executable computer program instructions which when executed on a digital processing system causes the system to perform a method comprising:
-
embedding an access information into a data encapsulating and encrypting object having a recipient list, said access information encrypted by a symmetric key, said access information being configured to provide access to a portable document format data in a PDF file, said symmetric key encrypted once for each recipient listed in said recipient list using a public key of each recipient;
encapsulating said data encapsulating and encrypting object into said PDF file; and
decrypting said access information using said symmetric key, said symmetric key decrypted using a private key of a predetermined one of a plurality of recipients listed in said recipient list, said decrypting being controlled by a viewer application to access said access information to provide said predetermined one of a plurality of recipients access to said data in said PDF file.
-
Specification