Method and system for securely sharing files

US 7,549,047 B2
Filed: 11/21/2002
Issued: 06/16/2009
Est. Priority Date: 11/21/2002
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

preauthorizing a first device to communicate with at least one of a second device and a plurality of other devices by exchanging credentialing information via a secure network; and

accessing at the first device at least one file accessible to the first device through a first file system, access to the at least one file is provided to the first file system via a secure channel over an unsecure network by at least one of the second device and the other devices upon the first file system authenticating itself using the credentialing information to a second file system on the second device or the other devices which store the at least one file being accessed,wherein the first device provides a list of devices it has received or provided preauthorization information to over the secure network to at least one of the second device and the other devices, at least one of the second device and the other devices that receive the list providing the list to at least one of the second device and the other devices that do not receive the list, and the list is associated with a list sequence number and each member on the list is associated with a member sequence number that is incremented as a member is added or deleted from the list, the list sequence number and each member sequence number used by at least one of the first device, the second device and the other devices to keep another list of member devices stored at the first device, the second device or the other devices substantially current.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for sharing files securely includes server software on a first device configured to communicate with server software operating on one or more other preauthorized devices, such as a second device. The servers communicate with each other securely using cryptographic information exchanged during a preauthorization phase using a range-limited communication channel. The server on the first device obtains file information from the other preauthorized device(s) and combines the information with local file information from the first device. This combined file information is sent to client software operating on the machine, which presents the combined file information to users.

42 Citations

View as Search Results

21 Claims

1. A method comprising:
- preauthorizing a first device to communicate with at least one of a second device and a plurality of other devices by exchanging credentialing information via a secure network; and
  
  accessing at the first device at least one file accessible to the first device through a first file system, access to the at least one file is provided to the first file system via a secure channel over an unsecure network by at least one of the second device and the other devices upon the first file system authenticating itself using the credentialing information to a second file system on the second device or the other devices which store the at least one file being accessed,wherein the first device provides a list of devices it has received or provided preauthorization information to over the secure network to at least one of the second device and the other devices, at least one of the second device and the other devices that receive the list providing the list to at least one of the second device and the other devices that do not receive the list, and the list is associated with a list sequence number and each member on the list is associated with a member sequence number that is incremented as a member is added or deleted from the list, the list sequence number and each member sequence number used by at least one of the first device, the second device and the other devices to keep another list of member devices stored at the first device, the second device or the other devices substantially current.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method as set forth in claim 1 wherein preauthorizing further comprises receiving the credentialing information encoded in a range limited signal at the first device from at least one of the second device and the other devices.
  - 3. The method as set forth in claim 2 wherein the credentialing information comprises a commitment to a public key.
  - 4. The method as set forth in claim 1 wherein preauthorizing further comprises sending a first set of the credentialing information from the second device to at least one of the first device and the other devices, the at least one of the first device and the other devices that receive the first set of credentialing information which match a corresponding second of credentialing information stored at the receiving device permitting the second device to access another file stored at the device receiving the first set of credentialing information.
  - 5. The method as set forth in claim 1 further comprising receiving at the first device information describing the at least one file accessible to the first device from at least one of the second device and the other devices which store at least one accessible file.
  - 6. The method as set forth in claim 1 further comprising providing a user interface at the first device for enabling a user to access the at least one file, for enabling the user to associate at least one first device local file with the first file system to provide at least one of the second device and the other devices with access to the at least one first device local file, for disassociating at least one of the first device, the second device and the other devices from the first file system, for associating a third device with the first file system.
  - 7. The method as set forth in claim 1 wherein the at least one file comprises a first file stored on at least one of the first device, the second device and one of the other devices, and the at least one file further comprises a second file stored on at least one of the first device, the second device and the one other device that does not store the first file, the first file and the second file having an identical file name, the first device renaming at least one of the first file and the second file to resolve a file name conflict.

8. A computer-readable medium having stored thereon instructions, which when executed by at least one processor, causes the at least one processor to perform:
- preauthorizing a first device to communicate with at least one of a second device and a plurality of other devices by exchanging credentialing information via a secure network; and
  
  accessing at the first device at least one file accessible to the first device through a first file system, access to the at least one file is provided to the first file system via a secure channel over an unsecure network by at least one of the second device and the other devices upon the first file system authenticating itself using the credentialing information to a second file system on the second device or the other devices which store the at least one file being accessed,wherein the first device provides a list of devices it has received or provided preauthorization information to over the secure network to at least one of the second device and the other devices, at least one of the second device and the other devices that receive the list providing the list to at least one of the second device and the other devices that do not receive the list, and the list is associated with a list sequence number and each member on the list is associated with a member sequence number that is incremented as a member is added or deleted from the list, the list sequence number and each member sequence number used by at least one of the first device, the second device and the other devices to keep another list of member devices stored at the first device, the second device or the other devices substantially current.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The medium as set forth in claim 8 wherein preauthorizing further comprises receiving the credentialing information encoded in a range limited signal at the first device from at least one of the second device and the other devices.
  - 10. The medium as set forth in claim 9 wherein the credentialing information comprises a commitment to a public key.
  - 11. The medium as set forth in claim 8 wherein preauthorizing further comprises sending a first set of the credentialing information from the second device to at least one of the first device and the other devices, the at least one of the first device and the other devices that receive the first set of credentialing information which match a corresponding second of credentialing information stored at the receiving device permitting the second device to access another file stored at the device receiving the first set of credentialing information.
  - 12. The medium as set forth in claim 8 further comprising receiving at the first device information describing the at least one file accessible to the first device from at least one of the second device and the other devices which store at least one accessible file.
  - 13. The medium as set forth in claim 8 further comprising providing a user interface at the first device for enabling a user to access the at least one file, for enabling the user to associate at least one first device local file with the first file system to provide at least one of the second device and the other devices with access to the at least one first device local file, for disassociating at least one of the first device, the second device and the other devices from the first file system, for associating a third device with the first file system.
  - 14. The medium as set forth in claim 8 wherein the at least one file comprises a first file stored on at least one of the first device, the second device and one of the other devices, and the at least one file further comprises a second file stored on at least one of the first device, the second device and the one other device that does not store the first file, the first file and the second file having an identical file name, the first device renaming at least one of the first file and the second file to resolve a file name conflict.

15. A system comprising:
- a preauthorization system that preauthorizes a first device to communicate with at least one of a second device and a plurality of other devices by exchanging credentialing information via a secure network; and
  
  an access system that enables the first device to access at least one file accessible to the first device through a first file system, the first file system being provided access to the at least one file by at least one of the second device and the other devices upon the first file system authenticating itself using the credentialing information via a secure channel over an unsecure network to a second file system on the second device or the other devices which store the at least one file being accessed,wherein the first device provides a list of devices it has received or provided preauthorization information to over the secure network to at least one of the second device and the other devices, at least one of the second device and the other devices that receive the list providing the list to at least one of the second device and the other devices that do not receive the list, the list is associated with a list sequence number and each member on the list is associated with a member sequence number that is incremented as a member is added or deleted from the list, the list sequence number and each member sequence number used by at least one of the first device, the second device and the other devices to keep another list of member devices stored at the first device, the second device or the other devices substantially current.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The system as set forth in claim 15 wherein the preauthorization system receives the credentialing information encoded in a range limited signal at the first device from at least one of the second device and the other devices.
  - 17. The system as set forth in claim 16 wherein the credentialing information comprises a commitment to a public key.
  - 18. The system as set forth in claim 15 wherein the preauthorization system sends a first set of the credentialing information from the second device to at least one of the first device and the other devices, the at least one of the first device and the other devices that receive the first set of credentialing information which match a corresponding second of credentialing information stored at the receiving device permitting the second device to access another file stored at the device receiving the first set of credentialing information.
  - 19. The system as set forth in claim 15 wherein the access system receives at the first device information describing the at least one file accessible to the first device from at least one of the second device and the other devices which store at least one accessible file.
  - 20. The system as set forth in claim 15 wherein the access system provides a user interface at the first device for enabling a user to access the at least one file, for enabling the user to associate at least one first device local file with the first file system to provide at least one of the second device and the other devices with access to the at least one first device local file, for disassociating at least one of the first device, the second device and the other devices from the first file system, for associating a third device with the first file system.
  - 21. The system as set forth in claim 15 wherein the at least one file comprises a first file stored on at least one of the first device, the second device and one of the other devices, and the at least one file further comprises a second file stored on at least one of the first device, the second device and the one other device that does not store the first file, the first file and the second file having an identical file name, the first device renaming at least one of the first file and the second file to resolve a file name conflict.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Xerox Corporation (Xerox Holdings Corp.)
Inventors
Smetters, Diana, Lunt, Teresa, Conley, Ken, Stewart, Paul, Balfanz, Dirk, Cousins, Steve, Pendleton, Bryan
Primary Examiner(s)
Moazzami; Nasser G
Assistant Examiner(s)
Yalew; Fikremariam

Application Number

US10/301,931
Publication Number

US 20040103280A1
Time in Patent Office

2,399 Days
Field of Search

713/173, 713/169, 713/165, 713/170
US Class Current

713/169
CPC Class Codes

H04L 63/065 for group communications cr...

H04L 63/18 using different networks or...

Method and system for securely sharing files

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

42 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for securely sharing files

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

42 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links