Computerized method and system for managing secure content sharing in a networked secure collaborative exchange environment

US 9,253,176 B2
Filed: 08/06/2013
Issued: 02/02/2016
Est. Priority Date: 04/27/2012
Status: Active Grant

First Claim

Patent Images

1. A method for managing a networked secure collaborative computer data exchange environment, the method comprising:

establishing, by a secure exchange server managed by an intermediate business entity, a user login data authentication procedure that allows a user through at least one client computing device to access the secure exchange server, wherein the user is one of a plurality of users of a plurality of other business entities and communications between the secure exchange server and the plurality of users is through a communications network;

storing, by the secure exchange server, at least one user login authentication data for at least one of the plurality of users;

receiving a computer data content from a first user of the plurality of users, wherein the first user permits a sharing access to the computer data content to a subset of the plurality of users, and wherein management for access to the computer data content is through an exchange content access facility managed by the intermediate business entity;

granting, by the secure exchange server, sharing access to the computer data content to at least a second user of the plurality of users when the secure exchange server receives from the second user its client login authentication data provided that the second user is one of the subset of the plurality of users to which sharing access is permitted;

receiving a copy access request from the second user to access a copy of the computer data content;

granting, by the secure exchange server in response to the copy access request, copy access by the second user, wherein a copy of the computer data content is made and stored on a client computing device second user;

receiving from the first user a request to revoke sharing and copy access to the computer data content to the second user;

revoking, by the secure exchange server in response to the received request from the first user to revoke sharing and copy access, sharing access to the computer data content and copy access to the copy of the computer data content by the second user, wherein revoking copy access to the copy of the computer data content is a change in the digital rights management of the computer data content, and wherein access to the computer data content is revocable at any time at the request of the first user.

View all claims

13 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In embodiments of the present invention improved capabilities are described for securely sharing computer data content that allows for the secure un-sharing of the content. The facility to un-share content may be implemented through a secure exchange server, where the content is being shared along with a secure protection feature that when altered results in the un-sharing of the content. This secure un-sharing facility may be used to securely share content beyond the secure protective facilities of an enterprise, out to users in other companies, into the public space, to users not intended to get the content, and the like, where the sender maintains control to access of the content no matter where or to who the content has been distributed. In this way, the secure sharing of content is made to be easy across corporate boundaries at the user level and at the individual document level.

194 Citations

32 Claims

1. A method for managing a networked secure collaborative computer data exchange environment, the method comprising:
- establishing, by a secure exchange server managed by an intermediate business entity, a user login data authentication procedure that allows a user through at least one client computing device to access the secure exchange server, wherein the user is one of a plurality of users of a plurality of other business entities and communications between the secure exchange server and the plurality of users is through a communications network;
  
  storing, by the secure exchange server, at least one user login authentication data for at least one of the plurality of users;
  
  receiving a computer data content from a first user of the plurality of users, wherein the first user permits a sharing access to the computer data content to a subset of the plurality of users, and wherein management for access to the computer data content is through an exchange content access facility managed by the intermediate business entity;
  
  granting, by the secure exchange server, sharing access to the computer data content to at least a second user of the plurality of users when the secure exchange server receives from the second user its client login authentication data provided that the second user is one of the subset of the plurality of users to which sharing access is permitted;
  
  receiving a copy access request from the second user to access a copy of the computer data content;
  
  granting, by the secure exchange server in response to the copy access request, copy access by the second user, wherein a copy of the computer data content is made and stored on a client computing device second user;
  
  receiving from the first user a request to revoke sharing and copy access to the computer data content to the second user;
  
  revoking, by the secure exchange server in response to the received request from the first user to revoke sharing and copy access, sharing access to the computer data content and copy access to the copy of the computer data content by the second user, wherein revoking copy access to the copy of the computer data content is a change in the digital rights management of the computer data content, and wherein access to the computer data content is revocable at any time at the request of the first user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 22, 23, 24, 25, 26, 27)
- - 2. The method of claim 1, further comprising additional sharing of the computer data content with others of the plurality of users, wherein the revoking of sharing access and copy access revokes access to all instances of the shared computer data content and all copies of the computer data content made by any of the others of the plurality of users.
  - 3. The method of claim 1, wherein the copy of the computer data content is deleted from the client computing device.
  - 4. The method of claim 1, wherein revoking sharing access to the computer data content makes the computer data content inaccessible to the second user.
  - 5. The method of claim 1, wherein the computer data content is at least one of a word processor document, a spreadsheet document, and a presentation document.
  - 6. The method of claim 1, wherein the computer data content is at least one of an email, a text, and a blog entry.
  - 7. The method of claim 1, wherein the computer data content is a multimedia file.
  - 8. The method of claim 1, wherein the computer data content is a secure encrypted computer data content.
  - 9. The method of claim 1, wherein the computer data content is viewed by the second user through a secure viewing facility.
  - 10. The method of claim 1, wherein the second user is connected to a public network that is outside of a firewall for the business entity that manages the first user or the second user.
  - 11. The method of claim 1, wherein the second user accesses the computer data content through a personal computing device that is not owned by the business entity that manages the second user.
  - 12. The method of claim 1, wherein the second user accesses the computer data content through a mobile computing device.
  - 13. The method of claim 1, wherein the exchange content access facility is interfaced through a dashboard facility accessible though at least the first user.
  - 14. The method of claim 13, wherein the dashboard facility provides reports showing activity related to the sharing of computer data content.
  - 15. The method of claim 13, wherein the dashboard facility is accessible through third-party environments.
  - 16. The method of claim 13, wherein the dashboard facility tracks the location and version of the shared computer data content on computing devices accessible by the second user.
  - 17. The method of claim 1, wherein the communications network is the Internet.
  - 22. The method of claim 1, further comprising allowing use of customer managed encryption keys.
  - 23. The method of claim 1, further comprising using customer managed encryption keys.
  - 24. The method of claim 2, further comprising allowing use of customer managed encryption keys.
  - 25. The method of claim 2, further comprising using customer managed encryption keys.
  - 26. The method of claim 4, further comprising allowing use of customer managed encryption keys.
  - 27. The method of claim 4, further comprising using customer managed encryption keys.

18. A method for managing a networked secure collaborative computer data exchange environment, the method comprising:
- establishing, by a secure exchange server managed by an intermediate business entity, a user login data authentication procedure that allows a user through at least one client computing device to access the secure exchange server, wherein the user is one of a plurality of users of a plurality of other business entities and communications between the secure exchange server and the plurality of users is through a communications network;
  
  storing, by the secure exchange server, at least one user login authentication data for each of the plurality of users;
  
  receiving a computer data content from a first user of the plurality of users, wherein the first user permits a sharing access to the computer data content to a subset of the plurality of users, and wherein management for access to the computer data content is through an exchange content access facility managed by the intermediate business entity;
  
  granting, by the secure exchange server, sharing access to the computer data content to individuals within the subset of the plurality of users when the secure exchange server receives from the individuals their client login authentication data;
  
  receiving a copy access request from at least a second user of the plurality of users to access a copy of the computer data content;
  
  granting, by the secure exchange server in response to the copy access request, copy access to the second user, wherein a copy of the computer data content is made and stored on the client computing device of the second user;
  
  receiving from the first user a request to revoke sharing access to the computer data content to the subset of the plurality of users; and
  
  revoking, by the secure exchange server, sharing access to all instances of the computer data content to the subset of the plurality of users and deleting, by the secure exchange server, the copy of the computer data content from the client computing device.
- View Dependent Claims (19, 20, 21, 28, 29, 30, 31)
- - 19. The method of claim 18, wherein the revoking of sharing access to all instances of the computer data content is revoking sharing and copy access to all instances of the computer data content on all computer devices on which the subset of the plurality of users have stored the computer data content or copies of the computer data content.
  - 20. The method of claim 19, wherein the stored computer data content includes copies of the computer data content.
  - 21. The method of claim 19, wherein the stored computer data content includes an annotated version of the computer data content.
  - 28. The method of claim 18, further comprising allowing use of customer managed encryption keys.
  - 29. The method of claim 18, further comprising using customer managed encryption keys.
  - 30. The method of claim 19, further comprising allowing use of customer managed encryption keys.
  - 31. The method of claim 19, further comprising using customer managed encryption keys.

32. A method for managing a networked secure collaborative computer data exchange environment, the method comprising:
- establishing, by a secure exchange server managed by an intermediate business entity, a user login data authentication procedure that allows a user through at least one client computing device to access the secure exchange server, wherein the user is one of a plurality of users of a plurality of other business entities and communications between the secure exchange server and the plurality of users is through a communications network;
  
  storing, by the secure exchange server, at least one user login authentication data for at least one of the plurality of users;
  
  receiving a computer data content from a first user of the plurality of users, wherein the first user permits a sharing access to the computer data content to a subset of the plurality of users, and wherein management for access to the computer data content is through an exchange content access facility managed by the intermediate business entity;
  
  granting, by the secure exchange server, sharing access to the computer data content to a second user of the plurality of users when the secure exchange server receives from the second user its client login authentication data provided that the second of the plurality of users is one of the subset of the plurality of users to which sharing access is permitted;
  
  receiving a copy access request from the second user to access a copy of the computer data content;
  
  granting, by the secure exchange server in response to the copy access request, copy access to the second user, wherein a copy of the computer data content is made and stored on a client computing device of the second user;
  
  providing an application executing on the client computing device that detects login failures that occur after an application lease expiration date and time; and
  
  deleting the copy of the computer data content made by the second user after a predetermined number of login attempt failures.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
IntraLinks Incorporated (SS&C Technologies Holdings Incorporated)
Original Assignee
IntraLinks Incorporated (SS&C Technologies Holdings Incorporated)
Inventors
Ford, Christopher, Callison, Wade, Siddiqui, Fahim, Hakhinian, Mushegh
Primary Examiner(s)
Tabor, Amare F

Application Number

US13/960,324
Publication Number

US 20130318589A1
Time in Patent Office

910 Days
Field of Search

726/7
US Class Current

1/1
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 65/403   Arrangements for multi-part...

H04L 9/08   Key distribution or managem...

Computerized method and system for managing secure content sharing in a networked secure collaborative exchange environment

First Claim

13 Assignments

0 Petitions

Accused Products

Abstract

194 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Computerized method and system for managing secure content sharing in a networked secure collaborative exchange environment

First Claim

13 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

194 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links