Method and system for managing security tiers

Method and system for managing security tiers
RE41546

Techniques for reorganizing security levels without implicating accessibility to secured files classified in accordance to one of the security levels are disclosed. In a case of adding a new security level, the controllability or restrictiveness of the new security level is determined with respect to the most restrictive security level or the least security level in a set of existing security levels. A set of proper security parameters are then generated for the new security level and subsequently the existing security levels are reorganized to accommodate the new security level. In a case of removing a security level from the existing security levels, the security parameters for the security level to be deleted are either folded up or down to an immediate next security level, depending on implementation. As a result, the security parameters for the immediate next security level are updated to include those for the security level to be deleted such that the secured files classified at the security level to be deleted can still be accessed by those with proper clearance levels. #1#

PTO Wrapper PDF
Dossier Espace Google

Patent RE41546
Priority Dec 12 2001
Filed May 02 2007
Issued Aug 17 2010
Expiry Feb 12 2022
Inventors Vainstein,…
Assg.orig SECRETSEAL…
Assg.curr Intellectu…
Entity Large
Referenced by 21
References 464
Maint.: all paid

CROSS-REFERENCE TO R…
BACKGROUND OF THE IN…
SUMMARY OF INVENTION
BRIEF DESCRIPTION OF…
DETAILED DESCRIPTION…

#1# 0. 20. A tangible computer-readable storage medium having stored thereon instructions that, if executed by a computing device, cause the computing device to perform a method comprising:

determining a new security level with respect to the N security levels, wherein a 1st security level is most restrictive and an nth security level is least restrictive among the N security levels;

generating security parameters accordingly for the new security level, the new security level being ith less restrictive with respect to the 1st security level; and

mapping an ith security level in the N security levels to an (i+1)th security level in the N security levels to accommodate the new security level such that there are (N+1) security levels in the system,

wherein both of the first key and the second key must be obtained by a user whose access privilege is satisfied by the rules before the contents of the each of the secured files can be accessed.

#1# 0. 27. A tangible computer-readable storage medium having stored thereon instructions that, if executed by a computing device, cause the computing device to perform a method comprising:

upon receiving a request to remove an ith security level out of the N security levels, determining if an (i−1)th security level is a 1st security level or if an (i+1)th security level is an nth security level, wherein the 1st security level is most restrictive and the nth security level is least restrictive among the N security levels;

if the (i−1)th security level is not the 1st security level and the (i+1)th security level is not the nth security level, merging the ith security level with either the (i−1)th security level or the (i+1)th security level such that there are (N−1) security levels in the system,

wherein both of the first key and the second key must be obtained by a user whose access privilege is satisfied by the rules before the contents of each of the secured files can be accessed.

#1# 1. In a system for providing restrictive access to contents in secured files, each of the secured files classified in accordance with one of N security levels, a A method for reorganizing the N security levels without implicating accessibilities to the secured files, each of the secured files classified in accordance with one of the N security levels, the method comprising:

determining, using a computing device, a new security level with respect to the N security levels, wherein a 1st security level is most restrictive and an nth security level is least restrictive in among the N security levels;

generating, using the computing device, security parameters accordingly for the new security level, the new security level being ith less restrictive with respect to the 1st security level; and

mapping, using the computing device, an ith security level in the N security levels to an (i+1)th security level in the N security levels to accommodate the new security level such that there are now (N+1) security levels in the system,

wherein both of the first key and the second key must be obtained by a user whose access privilege is satisfied by the rules before the contents of the each of the secured files can be accessed.

#1# 8. In a system for providing restrictive access to contents in secured files, at least some of the secured files classified in accordance with one of N security levels, a A method for reorganizing the N security levels without implicating accessibilities to the secured files, at least some of the secured files classified in accordance with one of the N security levels, the method comprising:

upon receiving a request to remove an ith security level out of the N security levels, determining, using a computing device, if an (i−1)th security level is a 1st security level or if an (i+1)th security level is an nth security levels , wherein the 1st security level is most restrictive and the nth security level is least restrictive in among the N security levels;

when if the (i−1)th security level is not the 1st security level and the (i+1)th security level is not the nth security levels , merging, using the computing device, the ith security level with either the (i−1)th security level or the (i+1)th security level such that there are now (N−1) security levels in the system,

wherein each of the secured files includes an encrypted data portion and a security portion that controls restrictive access to the encrypted data portion, the security portion including a file key encrypted by at least a first key and a second key and further protected by a set of rules, and wherein both of the first key and the second key must be obtained by a user whose access privilege is satisfied by the rules before the contents of the each of the secured files can be accessed.

#1# 17. In a A system for providing restrictive access to contents in secured files, each of the secured files classified in accordance with one of N security levels, the system comprising:

a first machine loaded with a software module to reorganize the N security levels without implicating accessibilities to the secured files, wherein the 1st security level is most restrictive and the nth security level is least restrictive in the N security levels, when and wherein, if the software module is executed, the first machine performs operations of:

if a request of for deleting an ith security level out of the N security levels is received,

determining if an (i−1)th security level is a 1 st security level or if an (i+1)th security level is an nth security levels , wherein the 1st security level is most restrictive and the nth security level is least restrictive in the N security levels; and

when if the (i−1)th security level is not the 1st security level and the (i+1)th security level is not the nth security levels , merging the ith security level with either the (i−1)th security level or the (i+1)th security level such that there are now (N−1) security levels in the system; and

if a request of adding a new security level into the N security is received,

determining a new security level with respect to the N security levels, wherein a 1 st security level is most restrictive and an nth security level is least restrictive in the N security levels;

generating security parameters accordingly for the new security level, the new security level being ith less restrictive with respect to the 1st security level; and

mapping an ith security level in the N security levels to an (i+1)th security level in the N security levels to accommodate the new security level such that there are now (N+1) security levels in the system; and

a second machine, coupled to the first machine over a network, associated with a user that is granted with at least two keys to access one of the secured files classified at one of the N security levels,

wherein both of the first key and the second key must be obtained by a user whose access privilege is satisfied by the rules before the contents of the each of the secured files can be accessed.

#1# 2. The method of claim 1, wherein the security parameters includes at least a clearance key and one or more of the parameters pertain to a designated group of users authorized to access the secured files classified at the new security level.

#1# 3. The method of claim 2, wherein the clearance key is associated with the designated group of users, and together with a user key associated with each of the users, allows access to files secured at the ith security level can now be accessed .

#1# 4. The method of claim 2, wherein, when if a user authorized to access secured files classified at the new security level logins logs into the system, the user is granted the clearance key, together with a user key authorized authorizing the user to access the secured files, those and secured files classified at the new security level can now be accessed by the users .

#1# 5. The method of claim 4, wherein, the clearance key is a private key in a pair of a public key and the private key, those and the secured files are classified at the new security level with the public key.

#1# 6. The method of claim 4, wherein, if the user is authorized at to access the ith security level in the original N security levels, the user is now granted a second user key and a second clearance key such that the contents in the secured files classified at the (i+1)th security level and below can be now accessed by the user.

#1# 7. The method of claim 6 1, wherein the first key determines if the user is authorized to access the secured files classified at one of the N security levels or one of the (N+1) security levels, and the second key is in accordance with the one of the N security levels or the one of the (N+1) security levels.

#1# 9. The method of claim 8, wherein users authorized to access secured files classified at the ith security level can now access secured files classified at the (i−1)th security level if the ith security level is has been merged with the (i−1)th security level.

#1# 10. The method of claim 8, wherein users authorized to access secured files classified at the ith security level can now access secured files classified at the (i+1)th security level if the ith security level is has been merged with the (i+1)th security level.

#1# 11. The method of claim 8, wherein at least two keys are needed to access secured files classified at the ith security level, and after the ith security level is has been merged with the (i−1)th or (i+1)th security level, the at lest two keys are incorporated into the (i−1)th or (i+1)th security level as such that users authorized to access the secured files classified at the ith security level can still access the secured files.

#1# 12. The method of claim 11, wherein, at the same time, the users can access secured files classified at the (i−1)th or (i+1)th security level.

#1# 13. The method of claim 11, wherein the at least two keys include a first key associated with a designated group of users and a second key being a clearance key in accordance with the ith security level.

#1# 14. The method of claim 13, wherein, when if the user logins logs into the system, the user is granted the at least two keys.

#1# 15. The method of claim 8, further comprising:

when if the (i−1)th security level is the 1st security level, denying the request to remove the ith security level out of the N security levels; or

always folding down the ith security level with (i−1)th security level.

#1# 16. The method of claim 8 further comprising:

when if the (i−1)th security level is the N security level,

denying the request to remove the ith security level out of the N security levels; or

always folding up the ith security level with (i−1)th security level.

#1# 18. The system of claim 17, wherein one of the two keys granted to the user is a clearance key in accordance with the one of the N security levels.

#1# 19. The system of claim 18, wherein the two keys granted to the user are folded to either the (i−1)th security level or the (i+1)th security level, when if the user is authorized to access secured files classified at the ith security level.

#1# 0. 21. The computer-readable storage medium according to

claim 20

, wherein the security parameters include at least a clearance key and one or more of the parameters pertain to a designated group of users authorized to access the secured files classified at the new security level.

#1# 0. 22. The computer-readable storage medium according to

claim 21

, wherein the clearance key is associated with the designated group of users, and together with a user key associated with each of the users, allows access to files secured at the ith security level.

#1# 0. 23. The computer-readable storage medium according to

claim 21

, wherein, if a user authorized to access secured files classified at the new security level logs into the system, the user is granted the clearance key, together with a user key authorizing the user to access the secured files, and secured files classified at the new security level can be accessed by the user.

#1# 0. 24. The computer-readable storage medium according to

claim 23

, wherein the clearance key is a private key in a pair of a public key and the private key, and the secured files are classified at the new security level with the public key.

#1# 0. 25. The computer-readable storage medium according to

claim 23

, wherein, if the user is authorized to access the ith security level in the N security levels, the user is granted a second user key and a second clearance key such that the contents in the secured files classified at the (i+1)th security level and below can be accessed by the user.

#1# 0. 26. The computer-readable storage medium according to

claim 25

, wherein the first key determines if the user is authorized to access the secured files classified at one of the N security levels or one of the (N+1) security levels, and the second key is in accordance with the one of the N security levels or the one of the (N+1) security levels.

#1# 0. 28. The computer-readable storage medium according to

claim 27

, wherein users authorized to access secured files classified at the ith security level can access secured files classified at the (i−1)th security level if the ith security level has been merged with the (i−1)th security level.

#1# 0. 29. The computer-readable storage medium according to

claim 27

, wherein users authorized to access secured files classified at the ith security level can access secured files classified at the (i+1)th security level if the ith security level has been merged with the (i+1)th security level.

#1# 0. 30. The computer-readable storage medium according to

claim 27

, wherein at least two keys are needed to access secured files classified at the ith security level, and after the ith security level has been merged with the (i−1)th or (i+1)th security level, the at lest two keys are incorporated into the (i−1)th or (i+1)th security level such that users authorized to access the secured files classified at the ith security level can access the secured files.

#1# 0. 31. The computer-readable storage medium according to

claim 30

, wherein the users can access secured files classified at the (i−1)th or (i+1)th security level.

#1# 0. 32. The computer-readable storage medium according to

claim 30

, wherein the at least two keys include a first key associated with a designated group of users and a second key being a clearance key in accordance with the ith security level.

#1# 0. 33. The computer-readable storage medium according to

claim 32

, wherein, if the user logs into the system, the user is granted the at least two keys.

#1# 0. 34. The computer-readable storage medium according to

claim 27

, further comprising computer code for: if the (i−1)th security level is the 1st security level, denying the request to remove the ith security level out of the N security levels; or always folding down the ith security level with (i−1)th security level.

#1# 0. 35. The computer-readable storage medium according to

claim 27

further comprising computer code for: if the (i−1)th security level is the N security level, denying the request to remove the ith security level out of the N security levels; or always folding up the ith security level with (i−1)th security level.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a continuation-in-part of co-pending U.S. patent application Ser. No. 10/076,254, filed Feb. 12, 2002, that claims the benefits of U.S. provisional application No. 60/339,634 filed Dec. 12, 2001. The application is also related to U.S. patent application Ser. No. 10/159,537 and entitled “Method and Apparatus for Securing Digital Assets”, which is hereby incorporated by reference.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to the area of protecting data in an enterprise environment, and more particularly, relates to a method and system for managing security tiers or levels without implicating accessibilities to secured files classified according to a security level.

2. Description of Related Art

The Internet is the fastest growing telecommunications medium in history. This growth and the easy access it affords have significantly enhanced the opportunity to use advanced information technology for both the public and private sectors. It provides unprecedented opportunities for interaction and data sharing among businesses and individuals. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality and integrity of information. The Internet is a widely open, public and international network of interconnected computers and electronic devices. Without proper security means, an unauthorized person or machine may intercept any information traveling across the Internet and even get access to proprietary information stored in computers that interconnect to the Internet, but are otherwise generally inaccessible by the public.

There are many efforts in progress aimed at protecting proprietary information traveling across the Internet and controlling access to computers carrying the proprietary information. Cryptography allows people to carry over the confidence found in the physical world to the electronic world, thus allowing people to do business electronically without worries of deceit and deception. Every day hundreds of thousands of people interact electronically, whether it is through e-mail, e-commerce (business conducted over the Internet), ATM machines, or cellular phones. The perpetual increase of information transmitted electronically has lead to an increase reliance on cryptography.

One of the ongoing efforts in protecting the proprietary information traveling across the Internet is to use one or more cryptographic techniques to secure a private communication session between two communicating computers on the Internet. The cryptographic techniques provides a way to transmit information across an insecure communication channel without disclosing the contents of the information to anyone eavesdropping on the communication channel. Using an encryption process in a cryptographic technique, one party can protect the contents of the data in transit from access by an unauthorized third party yet the intended party can read the data using a corresponding decryption process.

A firewall is another security measure that protects the resources of a private network from users of other networks. However, it has been reported that many unauthorized accesses to proprietary information occur from the inside, as opposed to from the outside. An example of someone gaining unauthorized access from the inside is when restricted or proprietary information is accessed by someone within an organization who is not supposed to do so. Due to the open nature of the Internet, contractual information, customer data, executive communications, product specifications, and a host of other confidential and proprietary intellectual property, remains available and vulnerable to improper access and usage by unauthorized users within or outside a supposedly protected perimeter.

In fact, many businesses and organizations have been looking for effective ways to protect their proprietary information. Typically, businesses and organizations have deployed firewalls, Virtual Private Networks (VPNs), and Intrusion Detection Systems (IDS) to provide protection. Unfortunately, these various security means have been proven insufficient to reliably protect proprietary information residing on private networks. For example, depending on passwords to access sensitive documents from within often causes security breaches when the password of a few characters long is leaked or detected. Therefore, there is a need to provide more effective ways to secure and protect digital assets at all times.

When a security system is employed to secure files, it is sometimes desirable to classify the secured files according to a security level, for example, “top secret”, “secret” or “confidential”. When there is a need to add or delete additional security levels, the secured files originally classified should be still accessible. Thus there is a need for solutions that can manage the security levels dynamically without implicating accessibility to the secured files.

SUMMARY OF INVENTION

This section is for the purpose of summarizing some aspects of the present invention and to briefly introduce some preferred embodiments. Simplifications or omissions in this section as well as in the abstract may be made to avoid obscuring the purpose therefor. Such simplifications or omissions are not intended to limit the scope of the present invention.

The present invention is related to processes, systems, architectures and software products for providing pervasive security to digital assets at all times and is particularly suitable in an inter/intra enterprise environment. In general, pervasive security means that digital assets are secured at all times and can only be accessed by authenticated users with appropriate access rights or privileges, and proper security clearance in some cases, wherein the digital assets may include, but not be limited to, various types of documents, multimedia files, data, executable code, images and texts. According to one aspect of the present invention, secured files are in a secured form that only those with granted access rights can access. Even with the proper access privilege, when a secured file is classified, at least a security clearance key is needed to ensure those who have the right security clearance can ultimately access the contents in the classified secured file.

According to one aspect of the present invention, a new security level is to be inserted into a set of existing security levels. For example, a security level “secret” is added between the existing security levels “top secret” and “confidential”, resulting in a new set of security levels, “top secret”, “secret” and “confidential”. Without implicating the accessibility to secured files classified at one of the existing security levels, the controllability or restrictiveness of the new security level is determined with respect to the most restrictive security level or the least security level in the existing security levels. A set of proper security parameters are generated for the new security level and subsequently the existing security levels are mapped to accommodate the new security level.

According to another aspect of the present invention, a security level is removed from a set of existing security levels. For example, a security level “secret” is removed from the existing security levels “top secret”, “secret” and “confidential”, resulting in a new set of security levels including only “top secret” and “confidential”. Without implicating the accessibility to secured files classified at one of the existing security levels, the security parameters for the security level to be deleted are either folded up or down to an immediate next security level, depending on implementation. As a result, the security parameters for the immediate next security level are augmented to include those for the security level to be deleted such that the secured files classified at the security level to be deleted can still be accessed by those with proper clearance levels.

Depending on implementation and application, the present invention may be implemented in software, hardware or both in combination, and employed in a client machine or a server machine. According to one embodiment, the present invention is implemented in an executable form loaded in a computing device and activated when the security tiers or levels are changed to provide particular needs of an organization or organizations.

The present invention can be implemented as a method, a system, a process, software medium or other form, each yielding one or more of the following features, benefits and advantages. One of the features, benefits and advantages is the management mechanism of security levels in a security system, the mechanism provides flexibility in reorganizing security levels without implicating accessibility to secured files originally classified. Another one of the features, benefits and advantages is that secured files originally classified at a security level to be deleted can still be accessed by properly folding the security level to a next immediate security level.

Other objects, features, and advantages of the present invention will become apparent upon examining the following detailed description of an embodiment thereof, taken in conjunction with the attached drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

These and other features, aspects, and advantages of the present invention will become better understood with regard to the following description, appended claims, and accompanying drawings where:

FIG. 1 shows a diagram of securing a created document according to one exemplary secured file form used in the present invention;

FIG. 2A shows a diagram of what is referred to herein as a two-pronged access scheme according to one embodiment of the present invention;

FIG. 2B shows a flowchart of a process for granting a proper security clearance level (i.e., a clearance key) according to one embodiment of the present invention;

FIG. 2C shows a diagram of generating a clearance key according to one embodiment of the present invention;

FIG. 2D shows a diagram of generating a clearance key according to another embodiment of the present invention;

FIG. 3A illustrates a set of security levels in a security system employed in an enterprise, a new security level being inserted to the existing security level;

FIG. 3B and FIG. 3C each illustrate a case in which a security level is folded into another security level;

FIG. 4A shows a flowchart or process of inserting a new security level into N security levels according to one embodiment of the present invention;

FIG. 4B shows a flowchart or process of deleting a security level out of N security levels according to one embodiment of the present invention;

FIG. 4C shows a flowchart or process of deleting a security level out of N security levels according to one embodiment of the present invention;

FIG. 5A shows an exemplary implementation of dropping an ith level out of N existing level by folding the ith level to (i—i)th level and may be understood in conjunction with FIG. 5B and FIG. 5C;

FIG. 5B shows a table listing identifiers, levels, clearance keys and corresponding literal meanings according to one embodiment; and

FIG. 5C shows a clearance mapping table being entered and updated.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

The present invention pertains to a process, a system, a method and a software product for securing electronic data or digital assets. According to one aspect of the present invention, a new security level is to be inserted into a set of existing security levels. Without implicating the accessibility to secured files classified at one of the existing security levels, the controllability or restrictiveness of the new security level is determined with respect to the most restrictive security level or the least security level in the existing security levels. A set of proper security parameters are generated for the new security level and subsequently the existing security levels are mapped to accommodate the new security level. According to another aspect of the present invention, a security level is removed from a set of existing security levels. The security parameters for the security level to be deleted are either folded up or down to an immediate next security level, depending on implementation. As a result, the security parameters for the immediate next security level are augmented to include those for the security level to be deleted such that the secured files classified at the security level to be deleted can still be accessed by those with proper clearance levels.

There are numerous advantages, benefits, and features in the present invention. One of them is the mechanism contemplated herein capable of providing pervasive security to digital assets sought to be protected at all times. Another one is that the digital assets are presented in such a way that only those with proper access privilege as well as sufficient security clearance level can access information in the digital assets. Other advantages, benefits, and features in the present invention can be readily appreciated by those skilled in the art from the detailed description of the invention provided herein.

In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. However, it will become obvious to those skilled in the art that the present invention may be practiced without these specific details. The description and representation herein are the common means used by those experienced or skilled in the art to most effectively convey the substance of their work to others skilled in the art. In other instances, well-known methods, procedures, components, and circuitry have not been described in detail to avoid unnecessarily obscuring aspects of the present invention.

Reference herein to “one embodiment” or “an embodiment” means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the invention. The appearances of the phrase “in one embodiment” in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. Further, the order of blocks in process flowcharts or diagrams representing one or more embodiments of the invention do not inherently indicate any particular order nor imply any limitations in the invention.

Embodiments of the present invention are discussed herein with reference to FIGS. 1-4B. However, those skilled in the art will readily appreciate that the detailed description given herein with respect to these figures is for explanatory purposes as the invention extends beyond these limited embodiments.

Generally, a content created by a creator for the purpose of an entity is an intellectual property belonging to the creator or the entity. In an enterprise, any kind of information or intellectual property can be content, though it is commonly referred to as “information” instead of “content”. In either case, content or information is independent of its format, it may be in a printout or an electronic document. As used herein, content or information exists in a type of electronic data that is also referred to as a digital asset. A representation of the electronic data may include, but not be limited to, various types of documents, multimedia files, streaming data, dynamic or static data, executable code, images and texts.

To prevent contents in electronic data from an unauthorized access, the electronic data is typically stored in a form that is as close to impossible as possible to read without a priori knowledge. Its purpose is to ensure privacy by keeping the content hidden from anyone for whom it is not intended, even those who have access to the electronic data. Example of a priori knowledge may include, but not be limited to, a password, a secret phase, biometric information or one or more keys.

FIG. 1 shows an illustration diagram of securing a created document 100 according to one embodiment of the present invention. One of the purposes of creating a secured file 108 is to ensure that the contents in the document 100 can be only accessed by or revealed to an authorized user with proper access privilege. As used herein, the user may mean a human user, a software agent, a group of users or a member thereof, a device and/or application(s). Besides a human user who needs to access a secured document, a software application or agent sometimes needs to access the secured document in order to proceed forward. Accordingly, unless specifically stated, the “user” as used herein does not necessarily pertain to a human being.

After the document 100 is created, edited or opened with an application or authoring tool (e.g., Microsoft WORD), upon an activation of a command, such as “Save,” “Save As” or “Close”, or automatic saving invoked by an operating system, the application itself, or an approved application, the created document 100 is caused to undergo a securing process 101. The securing process 101 starts with an encryption process 102, namely the document 100 that has been created or is being written into a store is encrypted by a cipher (e.g., an encryption process) with a file key (i.e., a cipher key). In other words, the encrypted data portion 112 could not be opened without the file key. For the purpose of controlling the access to the contents in the document 100 or the resultant secured file 108, the file key or keys may be the same or different keys for encryption and decryption and are included as part of security information contained in or pointed to by a header 106. The file key or keys, once obtained, can be used to decrypt the encrypted data portion 112 to reveal the contents therein.

To ensure that only authorized users or members of an authorized group can access the secured file 108, a set of access rules 104 (an example is shown in the figure) for the document 100 is received or created and associated with the header 106. In general, the access rules 104 determine or regulate who and/or how the document 100, once secured, can be accessed. In some cases, the access rules 104 also determine or regulate when or where the document 100 can be accessed. In addition, security clearance information 107 is added to the header 106 if the secured file 108 is classified. In general, the security clearance information 107 is used to determine a level of access privilege or security level of a user who is attempting to access the contents in the secured file 108. For example, a secured file may be classified as “Top secret”, “Secret”, “Confidential”, and “Unclassified”.

According to one embodiment, the security clearance information 107 includes another layer of encryption of the file key with another key referred to herein as a clearance key. An authorized user must have a clearance key of proper security level in addition to an authenticated user key and proper access privilege to retrieve the file key. As used herein, a user key or a group key is a cipher key assigned to an authenticated user and may be used to access a secured file or secure a file, or create a secured file. The detail of obtaining such a user key upon a user being authenticated is provided in U.S. patent application Ser. No. 10/074,804.

According to another embodiment, the security clearance information 107 includes a set of special access rules to guard the file key. The retrieval of the file key requires that the user passes an access rule measurement. Since access privilege of a user may be controlled via one or more system parameters (e.g., a policy), the access rule measurement can determine if the user has sufficient access privilege to retrieve the file key in conjunction with the corresponding user key. With the detailed description to follow, those skilled in the art can appreciate that other forms of the security clearance information 107 may be possible. Unless otherwise specified, the following description is based on the security clearance information 107 being another layer of encryption with one or more clearance keys.

In accordance with the security clearance information 107, a user may be assigned a hierarchical security clearance level based on, perhaps, a level of trust assigned to the user. A level of trust implies that one user may be more trusted than another and hence the more trusted user may access more classified files. Depending on implementation, a level of trust may be based on job responsibility of the user or a role of the user in a project or an organization background checks, psychological profiles, or length of service, etc. In any case, a level of trust assigned to the user augments additional aspect to the access privilege of the user such that the user must have proper security clearance to access a classified secured file even if the user is permitted by the access rules to access the file.

As will be further described in detail below, unless the level of security clearance of the user permits, a secured classified file (i.e., the file that is both secured and classified) may not be accessed even if the user has an authenticated user (or group) key and permitted by the access rules in the secured classified file. In one embodiment, the level of security clearance of the user is determined by one or more clearance keys assigned thereto. In general, a clearance key permits a user to access a secured file classified as “top secret”, the same clearance key may permit the user to access all secured files classified less secure, such as “secret” or “confidential”, where it has been assumed that the user has proper access privilege to be granted by the access rules in the file. In one embodiment, a clearance key is further secured by means of secondary authentication, such as re-login, biometric information verification and a second password. In other words, a clearance key may not be automatically released to or activated for a user upon an authenticated login, unless the user provides additional information.

In general, a header is a file structure, preferably small in size, and includes, or perhaps links to, security information about a resultant secured document. Depending on an exact implementation, the security information can be entirely included in a header or pointed to by a pointer that is included in the header. According to one embodiment, the access rules 104, as part of the security information, are included in the header 106. The security information further includes the file key and/or one or more clearance keys, in some cases, an off-line access permit (e.g. in the access rules) should such access be requested by an authorized user. The security information is then encrypted by a cipher (i.e., an en/decryption scheme) with a user key associated with an authorized user to produce encrypted security information 110. The encrypted header 106, if no other information is added thereto, is attached to or integrated with the encrypted data portion 112 to generate the resultant secured file 108. In a preferred embodiment, the header is placed at the beginning of the encrypted document (data portion) to facilitate an early detection of the secured nature of a secured file. One of the advantages of such placement is to enable an access application (i.e., an authoring or viewing tool) to immediately activate a document securing module (to be described where it deems appropriate) to decrypt the header if permitted. Nevertheless, there is no restriction as to where the encrypted header 106 is integrated with the encrypted data portion 112.

It is understood that a cipher may be implemented based on one of many available encryption/decryption schemes. Encryption and decryption generally require the use of some secret information, referred to as a key. For some encryption mechanisms, the same key is used for both encryption and decryption; for other mechanisms, the keys used for encryption and decryption are different. In any case, data can be encrypted with a key according to a predetermined cipher (i.e., encryption/decryption) scheme. Examples of such schemes may include, but not be limited to, Data Encryption Standard algorithm (DES), Blowfish block cipher and Twofish cipher. Therefore, the operations of the present invention are not limited to a choice of those commonly-used encryption/decryption schemes. Any cipher scheme that is effective and reliable may be used. Hence, the details of a particular scheme are not further discussed herein so as to avoid obscuring aspects of the present invention.

In essence, the secured document 108 includes two parts, the encrypted data portion 112 (i.e., encrypted version of the document itself) and the header 110 that may point to or include security information for the secured document 108. To access the contents in the encrypted data portion 112, one needs to obtain the file key to decrypt the encrypted data portion 112. To obtain the file key, one needs to be authenticated to get a user or group key and pass an access test in which at least the access rules in the security information are measured against the user's access privilege (i.e., access rights). If the secured file is classified, it further requires a security level clearance on the user. In general, the security clearance level of the user must be high enough before the file key can be retrieved. Alternatively, part of the access rules may be left non-encrypted for users authorized or non-authorized alike to view embedded access permissions of a secured file in a display application or markup language interpreter (e.g., a browser).

FIG. 2A shows a diagram 200 of what is referred to herein as a two-pronged access scheme according to one embodiment of the present invention. To access a secured file 201, a user needs to have access privilege based on a condition of “need to know” 202 that is to be measured against by the access rules 204 embedded in the secured file 201. If the secured file 201 is classified, the user must also have a higher security clearance level 206 that is measured against by the security clearance information 206 (e.g., one or more clearance keys. In other words, there are at least two key holes 210 that must be “inserted” with two proper keys before the secured classified file can be accessed.

FIG. 2B shows a flowchart 220 of process for granting a proper security clearance level (i.e., a clearance key) according to one embodiment of the present invention. The process 220 can be initiated with a request for a clearance key. Depending on implementation, the process 220 may be implemented in a machine (e.g., a central server, a local server or a client machine) that provides access control management to all secured files, perhaps, in an inter/intra enterprise environment, or a combination of a local client machine used by users and the machine.

At 222, the process 220 awaits a request for a clearance key. It is described that a secured file can be classified or unclassified. When it is determined that a user needs to access a secured file that is classified at a security level, such request is provided to activate the process 220. In general, the request pertains to a specific user or some members in a group. At 224, a corresponding account for the user is retrieved, provided there is the account for the user. If the account is not available, then the account shall be opened accordingly. Alternatively, the process 220 may be part of the process of opening an appropriate account for a user who has the need-to-know basis to access secured files at certain security or confidential level(s). Depending on implementation, the corresponding account information may include a username or identifier, membership information, designated access privilege, and a corresponding user key (which sometimes is a pair of a private key and a public key). At 226, a security level for the user is determined, which is usually done by the necessity. For example, an executive of an enterprise may be assigned the highest security clearance level and a front desk receptionist may be assigned the lowest security clearance level. Once the security level is determined, a clearance key is generated at 228.

Referring now to FIG. 2C, there is shown a diagram 240 of generating a clearance key according to one embodiment of the present invention. A key generator 244 receives one or more parameters 242 controlling the security level determined at 226 of FIG. 2B to generate a sequence of alpha-numeric characters or binary numbers as a key. Whether using a secret-key cryptosystem or a public-key cryptosystem, one needs a good source of random numbers for key generation. The main features of a good source are that it produces numbers that are unknown and unpredictable by potential adversaries. There are many ways to generate such numbers, for example, random numbers can be obtained from a physical process. Another approach is to use a pseudo-random number generator fed by a random seed. In any case, depending on the input 242, the generator 244 is configured to generate a clearance key of proper security level. In one embodiment, the key generator 244 generates keys 246 of different lengths or forms, each of the keys 246 corresponds to a security level, such as level 1 (highest security), level 2, . . . , level N (lowest security). In another embodiment, each of the keys 246 generated by the key generator 244 is embedded with a signature signifying a security level. Other methods of specifying a security level of a clearance key are possible. Although it is possible to implement in such a way that each clearance key with a certain security level can only access secured files classified in the same security level, it is preferable to permit a clearance key with a higher security level to access secured files classified in the lower security levels. In other words, a clearance key in level 1 (i.e., the highest security level primarily designated to secured files classified as “top secret”) can be used to access all secured classified files 248, while a clearance key in level 2 can be used to access all secured classified files 248 except for those classified as “top secret”. Likewise, a clearance key in level N can be only used to access secured files in security level N. One of the advantages for such arrangement is that a user needs only to have one clearance key, if the user has the need to access those secured classified files.

FIG. 2D shows a diagram of generating a clearance key according to another embodiment of the present invention. The key generator 244 receives one or more parameters 242 controlling the security level determined at 226 of FIG. 2B to generate a number of sets of alphanumeric or binary numbers as a primary key 246 and auxiliary keys 247. The primary key 246 is the one being requested, generated in accordance with the determined security level and can be used to facilitate the access to a secured file classified at a security or confidentiality level. The auxiliary keys are those keys generated to facilitate the access to secured files classified less than the security or confidentiality level. As shown in the figure, it is assumed that the primary key 246 is for accessing a secured file classified at level 2. Accordingly, the auxiliary keys 247 can be respectively used to access secured files classified level 3, level 4, . . . to level N, all less than level 2 in terms of security or confidentiality. To facilitate the description of the present invention, the following description is based on FIG. 2C and can be readily applied to FIGS. 2D.

Returning to FIG. 2B, after a proper clearance key is generated at 228, the clearance key is associated with the account at 230 so that the user will use the correct key to access a secured file that requires a clearance key. The process 220 now awaits any call for the clearance key at 232. Depending on implementation, the clearance key may be stored locally or remotely and retrievlable only when there is a need for it to access a classified secured file. In some cases, the clearance key can only be retrievlable when a user passes a secondary authentication means. For example, a user is entitled to access certain secured files classified at least at a security level. The clearance key associated with the user may be configured to be protected by means of secondary authentication, such as biometric information verification or a second password, to increase security level of the clearance key. When a non-secured classified file is accessed, the clearance key is not needed and therefore will not be released to or activated for the user. When a secured classified file is accessed, the process 220 goes to 234, wherein the clearance key is released to the user to facilitate the retrieval of the file key in the secured file, provided the user has furnished necessary information or passed secondary authentication if needed.

Clearance keys provide flexibilities for a security system to control access by authorized users to secured files that are classified accordingly. However, when levels of the security are fixed, the flexibilities are limited. As one of the features in the present invention, the levels of security can be added or adjusted up or down in a security system without compromising the security of the secured files that have been previously classified.

FIG. 3A illustrates security levels 302 in a security system employed in an enterprise. In general, there are N levels of security for secured files under the security system, where N is a finite integer, each level requires a set of security parameters to access secured files classified to the level or other levels below this level. For example, a secured file SF is classified at security level 2. To access the secured file, users in a designated group G2 shall posses at least two keys, a user key (e.g., UK2) and a clearance key (e.g., CK2) corresponding to the security level 2. The designated group includes a user or users authorized to access the secured files classified at this level or levels below this level. The user key for each of the users, if there are more than one users in the designated group, may not be necessary identical, as one user may be from one user group and another user may be from a different group. To facilitate the description of the present invention, the access relationship may be expressed as: SF ∀ (group, security-level, CK), which means a secured and classified file SF can be accessed with valid parameters of a designated group, a security-level, a clearance key. In particular, SF ∀ (G2, level2, C<) means that users in a group designated as G2 can access secured file classed at level 2 with a clearance key CK2, provided that each of the users in G2 has a valid user key. Alternatively, SF ∀ (G2, level1, level2, CK2) means that users in a group designated as G2 can access secured files classified at level 1 or level 2 with a clearance key CK2, provided that each of the users in G2 has a valid user key. The first access relationship indicates that the secured file SF can only be accessed by users in a group G2 authorized to access secured files classified at the security level 2. The second access relationship indicates that secured files classified at the security level 2 or one level below the security level 2 can be accessed by users authorized to access secured files classified at the security level 2. Depending on implementation, either one of the access relationships may be implemented.

For simplified illustration purpose, the first access relationship is shown in the figures and the following description is based on the first access relationship. Those skilled in the art can understand the implementation of the second access relationship given the detailed description herein. When an additional security level 304 is added between the security levels 1 and 2, the groups and corresponding keys have to be reassigned without affecting the accessibility to other secured files originally classified. According to one embodiment, the security level 1 is the most restrictive level. Since the added level 304 is less restrictive than the security level 1 but more restrictive than level 2, as shown in FIG. 3A, the added level 304 is thus classified as a new security level 2308. As a result, the rest of the original security levels, except for the security level 1, are reorganized, creating N+1 levels of security 310 and a new access relationship SF ∀ (GX, level 2, CKX), where GX is a newly authorized group to be permitted to access secured files at the security level 2 with a user key and the newly created clearance key CKX.

To maintain the accessibility of the originally authorized groups, the security levels are renumbered or remapped. If the original access relationship is SF ∀ (G2, level 2, CK2), there is now SF ∀ (G3, level 3, CK2), namely the original security level 2 is mapped to as security level 3.

FIG. 3B and FIG. 3C each illustrate a case in which a security level is folded into another security level. Originally, there are three security levels 320. Now the three security levels 320 are to be folded into two security levels 322 or 324. FIG. 3B shows the security levels 320 being folded up to an immediate next security level above, and FIG. 3C shows the security levels 322 being folded down to an immediate next security level below. In particular, in FIG. 3B, the security level 2 is to be folded into the security level 1, a higher security level. As a result of one security level being folded up, there are now two security levels 322. The authorization (i.e., security parameters) designated for the deleted security level (i.e., security level 2) need be merged with that for the security level 1. In other words, the original access relationships:

SF ∀ (G1, level 1, CK1);

SF ∀ (G2, level 2, CK2);

SF ∀ (G3, level 3, CK3);

are now correspondingly mapped to:

SF ∀ (G1, level 1, CK1, G2, level 2, CK2);

SF ∀ (G3, level 3, CK3).

In other words, those secured files classified at security level 2 can still be accessed by those with proper access privilege.

One the other hand, FIG. 3C shows the security level 2 is being folded to the security level 3. The authorization (i.e., security parameters) designated for the deleted security level (i.e., security level 2) need be merged with that for the security level 3. In other words, the original access relationships:

SF ∀ (G1, level 1, CK1);

SF ∀ (G2, level 2, CK2);

SF ∀ (G3, level 3, CK3);

are now correspondingly mapped to:

SF ∀ (G1, level 1, CK1);

SF ∀ (G3, level 3, CK3, G2, level 2, CK2).

In other words, those secured files classified at security level 2 can still be accessed by those with proper access privilege.

FIG. 4A shows a flowchart or process 400 of inserting a new security level into N security levels according to one embodiment of the present invention. The process 400 can be implemented in software, hardware or both of software and hardware. In a typical application, the process 400 is executed in a security system employed to manage secured files for an enterprise or a group of collaborative business entities.

At 402, the process 400 awaits a request to insert a new security level into N existing security levels. For example, a system was configured to manage secured files classified respectively in accordance with one of N security levels. In other words, there are N security levels in the system. For some reason, the system needs to be configured to manage N+1 security levels, namely a security level is to be added into the N security levels. Upon receiving a request to insert the new security level, the process 400 determines how restrictive the new security level is with respect to the N security level at 404. It is assumed that the 1 st security level in the N security levels is most restrictive while the Nth security level is least restrictive. The relative restrictiveness of the new security level is a relative position in the stack of the N security levels, indicating how less or more restrictive with respect to the 1 st security level or the Nth security level.

At 406, a set of security parameters is generated for the new security level. The security parameters include at least a clearance key and a relative security level (e.g., a tier rank). The clearance key may be respectively generated in accordance with FIG. 2C or FIG. 2D or other means known to those skilled in the art. The clearance key is associated with the new security level, and a group of users are then authorized to access secured files classified at this new security level.

At 408, the new security level is now created in the original N security levels, resulting N+1 security levels. Without implicating the accessibility to secured files classified at other security levels, the security levels below the new security level are mapped accordingly. For example, an ith security level in the original N security levels now becomes an (i+1) security level and the corresponding security parameters are also shifted accordingly. In another perspective, SF ∀ (Gi, level i, CKi) is now SF ∀ (G(i+1), level (i+1), CKi). At 410, a new set of security levels is created, which does not implicate the accessibility to secured files originally classified and the originally authenticated users are still able to access the secured files they are entitled to.

FIG. 4B is provided to further understand FIG. 4A with respect to one embodiment of the present invention and shows that a table 420 include clearance keys, each for a security level. A set of parameters 422 for a new security level X is generated. It is assumed that the new security level X is to be inserted between security levels 1 and 2. The table 424 shows the relative position of the new security level in the original N security levels in a system. The table 426 shows reordering of the security levels to accommodate the new level that is now with a tier rank being 2 and the corresponding clearance keys are respectively associated with their original ranks. As a result, the secured files classified per the original security levels are still accessible.

According to one embodiment, when an authorized user logins into the system, with the login information in reference to a group, the user is granted at least two keys (a corresponding clearance key and a user key) such that the user can access secured files classified at the granted security level or any levels below this security level. According to another embodiment, when an authorized user logins into the system, with the login information in reference to a group, the user is granted all keys pairs the user is entitled to such that the user can access secured files classified at this security level or any levels below this security level. It should be noted that “granting” herein does not necessarily means only that the user receives the keys from the system. Depending on implementation, one or more of the keys or part or whole of the keys may be stored in a local or remote machine and caused to be activated for use only after the user is authenticated.

FIG. 4C shows a flowchart or process 420 of deleting a security level out of N security levels according to one embodiment of the present invention. One of the features of the process 420 is to fold the deleted security level up or down to a next immediate security level so that users originally authorized to access secured files classified at the deleted security level can still access these secured files. The process 420 can be implemented in software, hardware or both of software and hardware. In a typical application, the process 420 is executed in a security system employed to manage secured files for an enterprise or a group of collaborative business entities.

At 422, the process 420 awaits a request to delete a security level out of N existing security levels. For example, a system was configured to manage secured files classified respectively in accordance with one of N security levels. In other words, there are N security levels in the system. For some reason, the system needs to be configured to manage N−1 security levels, namely one of the N security levels is to be deleted. Upon receiving the request to delete, for example, an ith security level, the process 420 determines at 424 whether the ith security level is the most restrictive. It is assumed that the 1st security level in the N security levels is most restrictive while the Nth security level is least restrictive. Accordingly, the process 420 determines at 424 whether the security level to be removed is the 1st security level. If it is indeed the 1st security level, the request is denied.

It should be noted that 424 is not a limitation in the present invention and it can be folded down to a next immediate level. According to one embodiment, it is designed to suit in a more practical situation. In general, it is just not desirable to have a most restrictive security level to be deleted. In some other case, it is also not desirable to have a least restrictive security level to be deleted as well. Optionally, another checking may be employed in the process 420 to determine at 424 whether the security level to be removed is the Nth security level.

Depending on implementation, at 426, the security level to be deleted is to be folded up or down to a next immediate security level. For example, an ith security level to be deleted can be merged with (i−1)th security level or (i+1)th security level. By merging the ith security level with its next immediate security level, it is possible to access those secured files classified at the ith security level even if this level is deleted.

To access those secured files classified at the ith security level, the security parameters, such as the keys and the group designations shall be retained. As a result, at 428, the security parameters for the ith security level are transferred or updated accordingly. In general, for the case of folding up, the security parameters for the ith security level are merged with those for the (i−1)th security level, for the case of folding down, the security parameters for the ith security level are merged with those for the (i+1)th security level. At 430, the security levels are reordered, for example from security levels 1 to N to 1 to (N−1).

FIG. 5A shows an exemplary implementation 500 of dropping an ith level out of N existing levels by folding the ith level to (i—i)th level and may be understood in conjunction with FIG. 5B and FIG. 5C. A table 510 in FIG. 5B shows that there are N security levels labeled as Level 1, 2, . . . , N, where Level 1 is most restricted and Level N is least restricted. A security clearance key is associated with one of the security levels. Each of the security levels may mean literally a type of security, such as “top secret”, “very secret”, . . . “insignificant”. Each of the N security levels is also identified by an identifier. According to one embodiment, the identifier is a sequence of digits (e.g. a hexadecimal number) generated in a system. For example in table 510, the identifier B5C indicates security level 1, and the identifier CD7 indicates security level 4. To facilitate the description of FIG. 5A, it is assumed that the ith security level to be dropped is the security level 4.

At 502, an identifier of the security level above the one being dropped is located, namely the identifier of the (i−1)th security level. According to the table 510, the identifier of the 3rd security level is FF5 (i.e., currentID=FF5). Given the two identifiers FF5 and C07, at 504, these two identifiers are entered in a mapping table at 504. FIG. 5C shows a corresponding mapping table 512 which may be referred to as clearance mapping table, in which two IDs (deletedID and currentD) now have two entries, each being one of the two identifiers.

At 506, the mapping table 512 is updated. There is no operation since there are any entries previously in the table 512. At 508, the user who is previously authorized to access secured files classified at CD7 is updated. According to one embodiment, a notification is sent to the user or users who may have been affected by dropping CD7 to cause the original clearance key (i.e., CK4) to be updated or exchanged with another clearance key (e.g., CD3 for FF5). According to another embodiment, when a secured file classified at CD7 is accessed, the original clearance key is used to access the file. At the time, the file is stored, saved or written back to a storage space, an updated clearance key (i.e., the key for FF5) is effectuated in accordance with CurrentID. In any case, the updating at 508 can be configured to be carried out transparently.

Next, it is assumed that another security level, Level 3, is to be dropped. Accordingly, at 502, the identifier (A92) of the security level above Level 3 is located. At 504, these two identifiers are entered, namely deletedID=FF5 and currentD=A92. At 506, the table 512 needs to be updated. Since there is are entries from a previous deletion of one security level, these entries are preferably updated, thus the CurrentID is assigned to be A92 as well as shown in FIG. 5C. The affected user or users are updated at 508 so that these users can still access the secured files classified at FF5.

FIGS. 5A, 5B and 5C show one exemplary implementation of folding up one deleted security level. Given the detailed description herein, other implementations including those to fold down a deleted security level can be readily developed by those skilled in art.

There are numerous features, advantages and benefits in the present invention. One of them is the mechanism provided to regroup security levels per a specific requirement without implicating the accessibility to secured files classified in accordance with the existing security levels. Another one of them is that a security level can be removed from a set of existing security levels while the security parameters for the security level to be deleted are either folded up or down to an immediate next security level. As a result, the security parameters for the immediate next security level are augmented to include those for the security level to be deleted such that the secured files classified at the security level to be deleted can still be accessed by those with proper clearance levels. Other features, advantages and benefits may be appreciated by those skilled in the art in the foregoing descriptions.

The present invention has been described in sufficient details with a certain degree of particularity. It is understood to those skilled in the art that the present disclosure of embodiments has been made by way of examples only and that numerous changes in the arrangement and combination of parts may be resorted without departing from the spirit and scope of the invention as claimed. Accordingly, the scope of the present invention is defined by the appended claims rather than the foregoing description of embodiments.

INVENTORS:

Vainstein, Klimenty

THIS PATENT IS REFERENCED BY THESE PATENTS:

Patent	Priority	Assignee	Title
10033700,	Dec 12 2001	Intellectual Ventures I LLC	Dynamic evaluation of access rights
10129244,	Jun 20 2016	PRINCETON SCITECH LLC	Securing computing resources
10229279,	Dec 12 2001	Intellectual Ventures I LLC	Methods and systems for providing access control to secured data
10360545,	Dec 12 2001	Intellectual Ventures I LLC	Method and apparatus for accessing secured electronic data off-line
10769288,	Dec 12 2001	INTELLECTUAL PROPERTY VENTURES I LLC	Methods and systems for providing access control to secured data
8068811,	May 18 2006	Godo Kaisha IP Bridge 1	Mobile communication terminal device
8219822,	Jul 15 2004	ANAKAM, INC	System and method for blocking unauthorized network log in using stolen password
8266674,	Dec 12 2001	Intellectual Ventures I LLC	Method and system for implementing changes to security policies in a distributed security system
8296562,	Jul 15 2004	ANAKAM, INC	Out of band system and method for authentication
8327138,	Sep 30 2003	Intellectual Ventures I LLC	Method and system for securing digital assets using process-driven security policies
8341406,	Dec 12 2001	Intellectual Ventures I LLC	System and method for providing different levels of key security for controlling access to secured items
8341407,	Dec 12 2001	Intellectual Ventures I LLC	Method and system for protecting electronic data in enterprise environment
8528078,	Jul 15 2004	Anakam, Inc.	System and method for blocking unauthorized network log in using stolen password
8533791,	Jul 15 2004	Anakam, Inc.	System and method for second factor authentication services
8543827,	Dec 12 2001	Intellectual Ventures I LLC	Methods and systems for providing access control to secured data
8918839,	Dec 12 2001	Intellectual Ventures I LLC	System and method for providing multi-location access management to secured items
9047473,	Jul 15 2004	Anakam, Inc.	System and method for second factor authentication services
9129120,	Dec 12 2001	Intellectual Ventures I LLC	Methods and systems for providing access control to secured data
9286484,	Mar 30 2004	Citrix Systems, Inc	Method and system for providing document retention using cryptography
9542560,	Dec 12 2001	Intellectual Ventures I LLC	Methods and systems for providing access control to secured data
RE47443,	Sep 30 2002	Intellectual Ventures I LLC	Document security system that permits external users to gain access to secured files

THIS PATENT REFERENCES THESE PATENTS:

Patent	Priority	Assignee	Title
4203166,	Dec 05 1977	International Business Machines Corporation	Cryptographic file security for multiple domain networks
4734568,	Jul 31 1985	Toppan Moore Company, Ltd.	IC card which can set security level for every memory area
4757533,	Sep 11 1985	SECURITY SOFTWARE AMERICA, INC , A CORP OF DE	Security system for microcomputers
4796220,	Dec 15 1986	Pride Software Development Corp.	Method of controlling the copying of software
4799258,	Feb 13 1984	British Technology Group Limited	Apparatus and methods for granting access to computers
4827508,	Oct 14 1985	ELECTRONIC PUBLISHING RESOURCES, INC	Database usage metering and protection system and method
4888800,	Mar 03 1987	Hewlett-Packard Company	Secure messaging systems
4972472,	Mar 15 1985	HEWLETT-PACKARD DEVELOPMENT COMPANY, L P	Method and apparatus for changing the master key in a cryptographic system
5032979,	Jun 22 1990	International Business Machines Corporation	Distributed security auditing subsystem for an operating system
5052040,	May 25 1990	FIFTH GENERATION SYSTEMS, INC ; Symantec Corporation	Multiple user stored data cryptographic labeling system and method
5058164,	May 03 1990	NATIONAL SEMICONDUCTOR CORPORATION, A CORP OF DE	Encryption of streams of addressed information to be used for program code protection
5144660,	Aug 31 1988		Securing a computer against undesired write operations to or read operations from a mass storage device
5204897,	Jun 28 1991	HEWLETT-PACKARD DEVELOPMENT COMPANY, L P	Management interface for license management system
5220657,	Dec 02 1987	Xerox Corporation	Updating local copy of shared data in a collaborative system
5235641,	Mar 13 1990	Hitachi, Ltd.	File encryption method and file cryptographic system
5247575,	Aug 16 1988	WAVE SYSTEMS, CORP GRANTEE	Information distribution system
5276735,	Apr 17 1992	Secure Computing Corporation	Data enclave and trusted path system
5301247,	Jul 23 1992	Crest Industries, Inc.	Method for ensuring secure communications
5319705,	Oct 21 1992	IBM Corporation	Method and system for multimedia access control enablement
5369702,	Oct 18 1993	TecSec Incorporated	Distributed cryptographic object method
5375169,	May 28 1993	CROWLEY, JOHN J	Cryptographic key management method and apparatus
5404404,	Jul 01 1993	Motorola Mobility LLC	Method for updating encryption key information in communication units
5406628,	Mar 04 1993	TTI Inventions C LLC	Public key authentication and key agreement for low-cost terminals
5414852,	Oct 30 1992	International Business Machines Corporation	Method for protecting data in a computer system
5495533,	Apr 29 1994	GOOGLE LLC	Personal key archive
5499297,	Apr 17 1992	McAfee, Inc	System and method for trusted path communications
5502766,	Apr 17 1992	McAfee, Inc	Data enclave and trusted path system
5535375,	Apr 20 1992	International Business Machines Corporation	File manager for files shared by heterogeneous clients
5557765,	Aug 11 1994	McAfee, Inc	System and method for data recovery
5570108,	Jun 27 1994	AUTODESK, Inc	Method and apparatus for display calibration and control
5584023,	Dec 27 1993	OMNISECURE, INC	Computer system including a transparent and secure file transform mechanism
5600722,	Oct 06 1993	Nippon Telegraph & Telephone Corp.	System and scheme of cipher communication
5606663,	Dec 24 1993	NEC Corporation	Password updating system to vary the password updating intervals according to access frequency
5655119,	Mar 06 1995	RAXCO SOFTWARE, INC	Method for moving an open file being accessed by at least one user
5661806,	Mar 29 1994	France Telecom	Process of combined authentication of a telecommunication terminal and of a user module
5671412,	Jul 28 1995	FLEXERA SOFTWARE, INC	License management system for software applications
5673316,	Mar 29 1996	International Business Machines Corporation	Creation and distribution of cryptographic envelope
5677953,	Sep 14 1993	SPEX TECHNOLOGIES, INC	System and method for access control for portable data storage media
5680452,	Sep 13 1994	TECSEC Inc.; TecSec Incorporated	Distributed cryptographic object method
5684987,	Dec 24 1993	Canon Kabushiki Kaisha	Management system of multimedia
5689718,	Dec 01 1992	Mitsubishi Denki Kabushiki Kaisha	System and method for processing document information using password protected icons that represent document content
5699428,	Jan 16 1996	Symantec Corporation	System for automatic decryption of file data on a per-use basis and automatic re-encryption within context of multi-threaded operating system under which applications run in real-time
5708709,	Dec 08 1995	Oracle America, Inc	System and method for managing try-and-buy usage of application programs
5715403,	Nov 23 1994	CONTENTGUARD HOLDINGS, INC	System for controlling the distribution and use of digital works having attached usage rights where the usage rights are defined by a usage rights grammar
5717755,	Oct 18 1993	TECSEC,Inc.; TECSEC, INC	Distributed cryptographic object method
5720033,	Jun 30 1994	THE CHASE MANHATTAN BANK, AS COLLATERAL AGENT	Security platform and method using object oriented rules for computer-based systems using UNIX-line operating systems
5729734,	Nov 03 1995	Apple Computer, Inc.; Apple Computer, Inc	File privilege administration apparatus and methods
5732265,	Nov 02 1995	Microsoft Technology Licensing, LLC	Storage optimizing encoder and method
5745573,	Aug 11 1994	McAfee, Inc	System and method for controlling access to a user secret
5748736,	Jun 14 1996		System and method for secure group communications via multicast or broadcast
5751287,	Nov 06 1995	ADVANCED MESSAGING TECHNOLOGIES, INC	System for organizing document icons with suggestions, folders, drawers, and cabinets
5757920,	Jul 18 1994	Microsoft Technology Licensing, LLC	Logon certification
5765152,	Oct 13 1995	DIGIMARC CORPORATION AN OREGON CORPORATION	System and method for managing copyrighted electronic media
5778065,	Feb 08 1996	International Business Machines Corporation	Method and system for changing an authorization password or key in a distributed communication network
5787169,	Dec 28 1995	International Business Machines Corp	Method and apparatus for controlling access to encrypted data files in a computer system
5787173,	May 28 1993	TecSec Incorporated	Cryptographic key management method and apparatus
5787175,	Oct 23 1995	JPMORGAN CHASE BANK, N A , AS SUCCESSOR AGENT	Method and apparatus for collaborative document control
5790789,	Aug 02 1996		Method and architecture for the creation, control and deployment of services within a distributed computer environment
5790790,	Oct 24 1996	AXWAY INC	Electronic document delivery system in which notification of said electronic document is sent to a recipient thereof
5813009,	Jul 28 1995	UNIVIRTUAL CORP	Computer based records management system method
5821933,	Sep 14 1995	International Business Machines Corporation	Visual access to restricted functions represented on a graphical user interface
5825876,	Dec 04 1995	RPX CLEARINGHOUSE LLC	Time based availability to content of a storage medium
5835592,	Jun 01 1995	CHANG, CHUNG NAN	Secure, swift cryptographic key exchange
5835601,	Mar 15 1994	Kabushiki Kaisha Toshiba	File editing system and shared file editing system with file content secrecy, file version management, and asynchronous editing
5857189,	May 08 1996	Apple Inc	File sharing in a teleconference application
5862325,	Feb 29 1996	Intermind Corporation	Computer-based communication system and method using metadata defining a control structure
5870468,	Mar 01 1996	International Business Machines Corporation; IBM Corporation	Enhanced data privacy for portable computers
5870477,	Sep 29 1993	Pumpkin House Incorporated	Enciphering/deciphering device and method, and encryption/decryption communication system
5881287,	Aug 12 1994	SOL LABS K G LIMITED LIABILITY COMPANY	Method and apparatus for copy protection of images in a computer system
5892900,	Aug 30 1996	INTERTRUST TECHNOLOGIES CORP	Systems and methods for secure transaction management and electronic rights protection
5893084,	Apr 07 1995	STARGATE, LTD , A TEXAS CORPORATION	Method for creating specific purpose rule-based n-bit virtual machines
5898781,	Oct 18 1993	TecSec Incorporated	Distributed cryptographic object method
5922073,	Jan 10 1996	Canon Kabushiki Kaisha	System and method for controlling access to subject data using location data associated with the subject data and a requesting device
5923754,	May 02 1997	Hewlett Packard Enterprise Development LP	Copy protection for recorded media
5933498,	Jan 11 1996	HANGER SOLUTIONS, LLC	System for controlling access and distribution of digital property
5944794,	Sep 30 1994	Kabushiki Kaisha Toshiba	User identification data management scheme for networking computer systems using wide area network
5953419,	May 06 1996	Symantec Corporation	Cryptographic file labeling system for supporting secured access by multiple users
5968177,	Oct 14 1997	Entrust Technologies Limited	Method and apparatus for processing administration of a secured community
5970502,	Apr 23 1996	RPX CLEARINGHOUSE LLC	Method and apparatus for synchronizing multiple copies of a database
5987440,	Jul 22 1996	CYVA RESEARCH HOLDINGS, LLC	Personal information security and exchange tool
5991879,	Oct 23 1997	Bull HN Information Systems Inc.	Method for gradual deployment of user-access security within a data processing system
5999907,	Dec 06 1993	CALLAHAN CELLULAR L L C	Intellectual property audit system
6014730,	Dec 26 1996	NEC Corporation	Dynamic adding system for memory files shared among hosts, dynamic adding method for memory files shared among hosts, and computer-readable medium recording dynamic adding program for memory files shared among hosts
6023506,	Oct 26 1995	Hitachi, Ltd.	Data encryption control apparatus and method
6032216,	Jul 11 1997	International Business Machines Corporation	Parallel file system with method using tokens for locking modes
6038322,	Oct 20 1998	Cisco Technology, Inc	Group key distribution
6044155,	Jun 30 1997	Microsoft Technology Licensing, LLC	Method and system for securely archiving core data secrets
6055314,	Mar 22 1996	Rovi Technologies Corporation	System and method for secure purchase and delivery of video content programs
6058424,	Nov 17 1997	SAP SE	System and method for transferring a session from one application server to another without losing existing resources
6061790,	Nov 20 1996	Intellisync Corporation	Network computer system with remote user data encipher methodology
6069957,	Mar 07 1997	Alcatel-Lucent USA Inc	Method and apparatus for providing hierarchical key system in restricted-access television system
6085323,	Apr 15 1996	Kabushiki Kaisha Toshiba	Information processing system having function of securely protecting confidential information
6088717,	Feb 29 1996	OneName Corporation	Computer-based communication system and method using metadata defining a control-structure
6088805,	Feb 13 1998	International Business Machines Corporation	Systems, methods and computer program products for authenticating client requests with client certificate information
6098056,	Nov 24 1997	ACTIVISION PUBLISHING, INC	System and method for controlling access rights to and security of digital content in a distributed information system, e.g., Internet
6101507,	Feb 11 1997	MICRO FOCUS LLC	File comparison for data backup and file synchronization
6105131,	Jun 13 1997	International Business Machines Corporation	Secure server and method of operation for a distributed information system
6122630,	Jun 08 1999	RPX Corporation	Bidirectional database replication scheme for controlling ping-ponging
6134327,	Oct 24 1997	Entrust Technologies Ltd.	Method and apparatus for creating communities of trust in a secure communication system
6134658,	Jun 09 1997	Microsoft Technology Licensing, LLC	Multi-server location-independent authentication certificate management system
6134660,	Jun 30 1997	TUMBLEWEED HOLDINGS LLC	Method for revoking computer backup files using cryptographic techniques
6134664,	Jul 06 1998	Northrop Grumman Systems Corporation	Method and system for reducing the volume of audit data and normalizing the audit data received from heterogeneous sources
6141754,	Nov 28 1997	UNILOC 2017 LLC	Integrated method and system for controlling information access and distribution
6145084,	Oct 08 1998	TUMBLEWEED HOLDINGS LLC	Adaptive communication system enabling dissimilar devices to exchange information over a network
6158010,	Oct 28 1998	Oracle International Corporation	System and method for maintaining security in a distributed computer network
6161139,	Jul 10 1998	ENTRUST, INC	Administrative roles that govern access to administrative functions
6182142,	Jul 10 1998	ENTRUST, INC	Distributed access management of information resources
6185684,	Aug 28 1998	Adobe Systems, Inc.; Adobe Systems, Inc; Adobe Systems Incorporated	Secured document access control using recipient lists
6192408,	Sep 26 1997	EMC IP HOLDING COMPANY LLC	Network file server sharing local caches of file access information in data processors assigned to respective file systems
6205549,	Aug 28 1998	Adobe Systems, Inc.; Adobe Systems, Inc; Adobe Systems Incorporated	Encapsulation of public key cryptography standard number 7 into a secured document
6212561,	Oct 08 1998	Cisco Technology, Inc	Forced sequential access to specified domains in a computer network
6223285,	Oct 24 1997	Sony Corporation	Method and system for transferring information using an encryption mode indicator
6226618,	Aug 13 1998	SANDPIPER CDN, LLC	Electronic content delivery system
6226745,	Mar 21 1997		Information sharing system and method with requester dependent sharing and security rules
6240188,	Jul 06 1999	Matsushita Electric Industrial Co., Ltd.	Distributed group key management scheme for secure many-to-many communication
6249873,	Feb 28 1997	EMC IP HOLDING COMPANY LLC	Method of and apparatus for providing secure distributed directory services and public key infrastructure
6253193,	Feb 13 1995	Intertrust Technologies Corporation	Systems and methods for the secure transaction management and electronic rights protection
6260040,	Jan 05 1998	International Business Machines Corporation	Shared file system for digital content
6260141,	Mar 01 2000		Software license control system based on independent software registration server
6263348,	Jun 19 1998	BARCLAYS BANK PLC, AS ADMINISTATIVE AGENT	Method and apparatus for identifying the existence of differences between two files
6272631,	Jun 30 1997	Microsoft Technology Licensing, LLC	Protected storage of core data secrets
6272632,	Feb 21 1995	McAfee, Inc	System and method for controlling access to a user secret using a key recovery field
6282649,	Sep 19 1997	International Business Machines Corporation	Method for controlling access to electronically provided services and system for implementing such method
6289450,	May 28 1999	EMC Corporation	Information security architecture for encrypting documents for remote access while maintaining access control
6292895,	Nov 25 1998	Hush Communication Corporation	Public key cryptosystem with roaming user capability
6292899,	Sep 23 1998	RPX Corporation	Volatile key apparatus for safeguarding confidential data stored in a computer system memory
6295361,	Jun 30 1998	Oracle America, Inc	Method and apparatus for multicast indication of group key change
6301614,	Nov 02 1999	R2 SOLUTIONS LLC	System and method for efficient representation of data set addresses in a web crawler
6308256,	Aug 18 1999	Oracle America, Inc	Secure execution of program instructions provided by network interactions with processor
6308273,	Jun 12 1998	Microsoft Technology Licensing, LLC	Method and system of security location discrimination
6314409,	Nov 05 1997	HANGER SOLUTIONS, LLC	System for controlling access and distribution of digital property
6317777,	Apr 26 1999	Intel Corporation	Method for web based storage and retrieval of documents
6332025,	Mar 10 1997	Kabushiki Kaisha Toshiba	Software distribution system and software utilization scheme for improving security and user convenience
6336114,	Sep 03 1998	Liberty Peak Ventures, LLC	System and method for restricting access to a data table within a database
6339423,	Oct 23 1999	Entrust Corporation	Multi-domain access control
6339825,	May 28 1999	EMC Corporation	Method of encrypting information for remote access while maintaining access control
6341164,	Jul 22 1998	Entrust Corporation	Method and apparatus for correcting improper encryption and/or for reducing memory storage
6343316,	Feb 13 1998	NEC Corporation	Cooperative work support system
6347374,	Jun 05 1998	INTRUSION INC	Event detection
6349337,	Jun 08 1998	Microsoft Technology Licensing, LLC	Maintaining a first session on a first computing device and subsequently connecting to the first session via different computing devices and adapting the first session to conform to the different computing devices system configurations
6351813,	Feb 09 1996	Digital Privacy, Inc.	Access control/crypto system
6356903,	Dec 30 1998	CGI TECHNOLOGIES AND SOLUTIONS INC	Content management system
6356941,	Feb 22 1999	Cyber-Ark Software Ltd	Network vaults
6357010,	Feb 17 1998	JPMORGAN CHASE BANK, N A ; MORGAN STANLEY SENIOR FUNDING, INC	System and method for controlling access to documents stored on an internal network
6363480,	Sep 14 1999	Oracle America, Inc	Ephemeral decryptability
6370249,	Jul 25 1997	Entrust Technologies, Ltd.	Method and apparatus for public key management
6381698,	May 21 1997	AT&T Corp	System and method for providing assurance to a host that a piece of software possesses a particular property
6389433,	Jul 16 1999	Microsoft Technology Licensing, LLC	Method and system for automatically merging files into a single instance store
6389538,	Aug 13 1998	SANDPIPER CDN, LLC	System for tracking end-user electronic content usage
6393420,	Jun 03 1999	Alibaba Group Holding Limited	Securing Web server source documents and executables
6405315,	Sep 11 1997	International Business Machines Corporation	Decentralized remotely encrypted file system
6421714,	Oct 14 1997	Lucent Technologies, INC	Efficient mobility management scheme for a wireless internet access system
6442688,	Aug 29 1997	Entrust Technologies Limited	Method and apparatus for obtaining status of public key certificate updates
6442695,	Dec 03 1998	LinkedIn Corporation	Establishment of user home directories in a heterogeneous network environment
6446090,	Oct 08 1999	Unisys Corporation	Tracker sensing method for regulating synchronization of audit files between primary and secondary hosts
6449721,	May 28 1999	EMC Corporation	Method of encrypting information for remote access while maintaining access control
6453353,	Jul 10 1998	Entrust Corporation	Role-based navigation of information resources
6466932,	Aug 14 1998	Microsoft Technology Licensing, LLC	System and method for implementing group policy
6477544,	Jul 16 1999	Microsoft Technology Licensing, LLC	Single instance store for file systems
6490680,	Dec 04 1997	TecSec Incorporated	Access control and authorization system
6505300,	Jun 12 1998	Microsoft Technology Licensing, LLC	Method and system for secure running of untrusted content
6510349,	Oct 28 1997	Georgia Tech Research Corporation	Adaptive data security system and method
6519700,	Oct 23 1998	CONTENTGUARD HOLDINGS, INC	Self-protecting documents
6529956,	Oct 24 1996	Tumbleweed Communications Corp.	Private, trackable URLs for directed document delivery
6530020,	Jun 20 1997	Fuji Xerox Co., Ltd.	Group oriented public key encryption and key management system
6530024,	Nov 20 1998	CHECK POINT SOFTWARE TECHNOLOGIES, INC	Adaptive feedback security system and method
6542608,	Feb 13 1997	TecSec Incorporated	Cryptographic key split combiner
6549623,	Feb 13 1997	TecSec, Incorporated	Cryptographic key split combiner
6550011,	Aug 05 1998	HEWLETT-PACKARD DEVELOPMENT COMPANY, L P	Media content protection utilizing public key cryptography
6557039,	Nov 13 1998	JPMORGAN CHASE BANK, N A	System and method for managing information retrievals from distributed archives
6567914,	Jul 22 1998	Entrust Corporation	Apparatus and method for reducing transmission bandwidth and storage requirements in a cryptographic security system
6571291,	May 01 2000	Advanced Micro Devices, Inc.	Apparatus and method for validating and updating an IP checksum in a network switching system
6584466,	Apr 07 1999	Microsoft Technology Licensing, LLC	Internet document management system and methods
6587946,	Dec 29 1998	WSOU Investments, LLC	Method and system for quorum controlled asymmetric proxy encryption
6588673,	Feb 08 2000	MIST INC	Method and system providing in-line pre-production data preparation and personalization solutions for smart cards
6594662,	Jul 01 1998	CPA GLOBAL FIP LLC	Method and system for gathering information resident on global computer networks
6598161,	Aug 09 1999	International Business Machines Corporation	Methods, systems and computer program products for multi-level encryption
6603857,	Jul 14 1997	Entrust Technologies Limited	Method and apparatus for controlling release of time sensitive information
6608636,	May 13 1992	NCR Voyix Corporation	Server based virtual conferencing
6611599,	Sep 29 1997	HEWLETT-PACKARD DEVELOPMENT COMPANY, L P	Watermarking of digital object
6611846,	Oct 30 1999	MEDTECH GLOBAL LIMITED	Method and system for medical patient data analysis
6615349,	Feb 23 1999	SIGHTSOUND TECHNOLOGIES, LLC	System and method for manipulating a computer file and/or program
6615350,	Mar 23 1998	EMC IP HOLDING COMPANY LLC	Module authentication and binding library extensions
6625650,	Jun 27 1998	U S BANK NATIONAL ASSOCIATION, AS COLLATERAL AGENT	System for multi-layer broadband provisioning in computer networks
6629243,	Oct 07 1998	Cisco Technology, Inc	Secure communications system
6633311,	Feb 18 2000	Meta Platforms, Inc	E-service to manage and export contact information
6640307,	Feb 17 1998	JPMORGAN CHASE BANK, N A ; MORGAN STANLEY SENIOR FUNDING, INC	System and method for controlling access to documents stored on an internal network
6646515,	Dec 14 2001	Electronics and Telecommunications Research Institute	Isolator/circulator having propeller resonator loaded with a plurality of symmetric magnetic walls
6647388,	Dec 16 1999	International Business Machines Corporation	Access control system, access control method, storage medium and program transmission apparatus
6678835,	Jun 10 1999	Alcatel Lucent	State transition protocol for high availability units
6687822,	Jun 11 1999	WSOU Investments, LLC	Method and system for providing translation certificates
6711683,	May 29 1998	Texas Instruments Incorporated	Compresses video decompression system with encryption of compressed data stored in video buffer
6718361,	Apr 07 2000	NetApp, Inc	Method and apparatus for reliable and scalable distribution of data files in distributed networks
6735701,	Jun 25 1998	LONGHORN HD LLC	Network policy management and effectiveness system
6738908,	May 06 1999	GOLDMAN SACHS SPECIALTY LENDING GROUP L P	Generalized network security policy templates for implementing similar network security policies across multiple networks
6775779,	Apr 06 1999	Microsoft Technology Licensing, LLC	Hierarchical trusted code for content protection in computers
6782403,	Nov 26 1999	Mitsubishi Denki Kabushiki Kaisha	Inter-application data transmitting system and method
6801999,	May 20 1999	Microsoft Technology Licensing, LLC	Passive and active software objects containing bore resistant watermarking
6807534,	Oct 13 1995	DIGIMARC CORPORATION AN OREGON CORPORATION	System and method for managing copyrighted electronic media
6807636,	Feb 13 2002	Hitachi Computer Products (America), Inc.	Methods and apparatus for facilitating security in a network
6810389,	Nov 08 2000	Synopsys, Inc	System and method for flexible packaging of software application licenses
6810479,	Mar 11 1996	Microsoft Technology Licensing, LLC	System and method for configuring and managing resources on a multi-purpose integrated circuit card using a personal computer
6816871,	Dec 22 2000	ORACLE, USA; Oracle International Corporation; Oracle Corporation	Delivering output XML with dynamically selectable processing
6826698,	Sep 15 2000	Musarubra US LLC	System, method and computer program product for rule based network security policies
6834333,	Oct 20 2000	Sony Corporation	Data processing device, data storage device, data processing method, and program providing medium for storing content protected under high security management
6834341,	Feb 22 2000	Microsoft Technology Licensing, LLC	Authentication methods and systems for accessing networks, authentication methods and systems for accessing the internet
6845452,	Mar 12 2002	Cisco Technology, Inc	Providing security for external access to a protected computer network
6851050,	Sep 08 2000	Reefedge Networks, LLC	Providing secure network access for short-range wireless computing devices
6865555,	Nov 21 2001	ARRIS ENTERPRISES LLC	System and method for providing conditional access to digital content
6874139,	May 15 2000	CONTROLGUARD SOFTWARE TECHNOLOGIES LTD	Method and system for seamless integration of preprocessing and postprocessing functions with an existing application program
6877136,	Oct 26 2001	UNITED SERVICES AUTOMOBILE ASSOCIATION, INC	System and method of providing electronic access to one or more documents
6889210,	Dec 12 2001	Guardian Data Storage, LLC	Method and system for managing security tiers
6891953,	Jun 27 2000	Microsoft Technology Licensing, LLC	Method and system for binding enhanced software features to a persona
6892201,	Sep 05 2001	International Business Machines Corporation	Apparatus and method for providing access rights information in a portion of a file
6892306,	Sep 24 1998	Samsung Electronics Co., Ltd.	Digital content cryptograph and process
6907034,	Apr 08 1999	Intel Corporation	Out-of-band signaling for network based computer session synchronization
6909708,	Nov 18 1996	Verizon Patent and Licensing Inc	System, method and article of manufacture for a communication system architecture including video conferencing
6915434,	Dec 18 1998	Fujitsu Limited	Electronic data storage apparatus with key management function and electronic data storage method
6920558,	Mar 20 2001	Musarubra US LLC	Method and apparatus for securely and dynamically modifying security policy configurations in a distributed system
6931450,	Dec 18 2000	Oracle America, Inc	Direct access from client to storage device
6931530,	Jul 22 2002	THALES DIS CPL USA, INC	Secure network file access controller implementing access control and auditing
6931597,	Apr 17 2002	GAMEHANCEMENT LLC	Indications of secured digital assets
6938042,	Apr 03 2002	Microsoft Technology Licensing, LLC	Peer-to-peer file sharing
6941355,	Sep 08 2000	Raytheon BBN Technologies Corp	System for selecting and disseminating active policies to peer device and discarding policy that is not being requested
6941456,	May 02 2001	Oracle America, Inc	Method, system, and program for encrypting files in a computer system
6941472,	Oct 28 1998	Oracle International Corporation	System and method for maintaining security in a distributed computer network
6944183,	Jun 10 1999	Alcatel-Lucent USA Inc	Object model for network policy management
6947556,	Aug 21 2000	International Business Machines Corporation	Secure data storage and retrieval with key management and user authentication
6950818,	Aug 14 1998	Microsoft Technology Licensing, LLC	System and method for implementing group policy
6950936,	Mar 16 1999	RPX Corporation	Secure intranet access
6950941,	Sep 24 1998	SAMSUNG ELECTRONICS CO , LTD	Copy protection system for portable storage media
6950943,	Dec 23 1998	International Business Machines Corporation	System for electronic repository of data enforcing access control on data search and retrieval
6952780,	Jan 28 2000	SAFECOM A S	System and method for ensuring secure transfer of a document from a client of a network to a printer
6957261,	Jul 17 2001	Intel Corporation	Resource policy management using a centralized policy data structure
6959308,	Feb 17 2000	International Business Machines Corporation	Archiving and retrieval method and apparatus
6961849,	Oct 21 1999	International Business Machines Corporation; IBM Corporation	Selective data encryption using style sheet processing for decryption by a group clerk
6968060,	Feb 11 1999	Bull, S.A.	Method for verifying the use of public keys generated by an on-board system
6971018,	Apr 28 2000	Microsoft Technology Licensing, LLC	File protection service for a computer system
6978376,	Dec 15 2000	EMC Corporation	Information security architecture for encrypting documents for remote access while maintaining access control
6978377,	Apr 16 1999	Sony Corporation	Copy protection using detailed copy control information
6988133,	Oct 31 2000	Cisco Technology, Inc	Method and apparatus for communicating network quality of service policy information to a plurality of policy enforcement points
6988199,	Jul 07 2000	BAE SYSTEMS APPLIED INTELLIGENCE US CORP	Secure and reliable document delivery
6993135,	Mar 13 2000	Kabushiki Kaisha Toshiba	Content processing system and content protecting method
6996718,	Apr 21 2000	AT&T Corp.	System and method for providing access to multiple user accounts via a common password
7003117,	Feb 05 2003	MICRO FOCUS LLC	Identity-based encryption system for secure data distribution
7003560,	Nov 03 1999	Accenture Global Services Limited	Data warehouse computing system
7003661,	Oct 12 2001	CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS SUCCESSOR AGENT	Methods and systems for automated authentication, processing and issuance of digital certificates
7013332,	Jan 09 2001	Microsoft Technology Licensing, LLC	Distributed policy model for access control
7013485,	Mar 06 2000	JDA SOFTWARE GROUP, INC	Computer security system
7020645,	Apr 19 2001	ALTO DYNAMICS, LLC	Systems and methods for state-less authentication
7024427,	Dec 19 2001	EMC IP HOLDING COMPANY LLC	Virtual file system
7035854,	Apr 23 2002	International Business Machines Corporation	Content management system and methodology employing non-transferable access tokens to control data access
7035910,	Jun 29 2000	Microsoft Technology Licensing, LLC	System and method for document isolation
7046807,	Nov 10 2000	Fujitsu Limited	Data administration method
7051213,	Mar 18 1998	Fujitsu Client Computing Limited	Storage medium and method and apparatus for separately protecting data in different areas of the storage medium
7058696,	Nov 22 1996	GOOGLE LLC	Internet-based shared file service with native PC client access and semantics
7058978,	Dec 27 2000	Microsoft Technology Licensing, LLC	Security component for a computing device
7073063,	Mar 27 1999	Microsoft Technology Licensing, LLC	Binding a digital license to a portable device or the like in a digital rights management (DRM) system and checking out/checking in the digital license to/from the portable device or the like
7073073,	Jul 06 1999	Sony Corporation	Data providing system, device, and method
7076067,	Feb 21 2001	RPK New Zealand Limited	Encrypted media key management
7076312,	Aug 02 2002	Fisher-Rosemount Systems, Inc	Integrated electronic signatures for approval of process control and safety system software objects
7076469,	May 17 1999	Kioba Processing, LLC	Copyright protection of digital images transmitted over networks
7076633,	Mar 28 2001	Virtuozzo International GmbH	Hosting service providing platform system and method
7080077,	Jul 10 2000	ORACLE, USA; Oracle International Corporation; Oracle Corporation	Localized access
7095853,	Feb 24 2000	RPX Corporation	System and method for preventing an illegal copy of contents
7096266,	Jan 08 2001	Akamai Technologies, Inc.; AKAMAI TECHNOLOGIES, INC	Extending an Internet content delivery network into an enterprise
7099926,	Jul 06 2000	International Business Machines Corporation	Object caching and update queuing technique to improve performance and resource utilization
7107269,	Jun 13 2000	Alcatel Lucent	Methods and apparatus for providing privacy-preserving global customization
7107416,	Sep 08 2003	GOOGLE LLC	Method, system, and program for implementing retention policies to archive records
7117322,	Sep 08 2003	GOOGLE LLC	Method, system, and program for retention management and protection of stored objects
7120635,	Dec 16 2002	LinkedIn Corporation	Event-based database access execution
7120757,	Feb 26 2002	Hitachi, LTD	Storage management integrated system and storage control method for storage management integrated system
7124164,	Apr 17 2001		Method and apparatus for providing group interaction via communications networks
7130964,	Jul 06 2000	International Business Machines Corporation	Object caching and update queuing technique to improve performance and resource utilization
7131071,	Mar 29 2002	Oracle America, Inc	Defining an approval process for requests for approval
7134041,	Sep 20 2001	OPEN TEXT INC	Systems and methods for data backup over a network
7136903,	Nov 22 1996	GOOGLE LLC	Internet-based shared file service with native PC client access and semantics and distributed access control
7145898,	Nov 18 1996	Verizon Patent and Licensing Inc	System, method and article of manufacture for selecting a gateway of a hybrid communication system architecture
7146388,	Oct 07 2003	GOOGLE LLC	Method, system, and program for archiving files
7146498,	Feb 22 1999	Godo Kaisha IP Bridge 1	Computer and program recording medium
7159036,	Dec 10 2001	JPMORGAN CHASE BANK, N A , AS ADMINISTRATIVE AGENT	Updating data from a source computer to groups of destination computers
7171557,	Oct 31 2001	HEWLETT-PACKARD DEVELOPMENT COMPANY L P	System for optimized key management with file groups
7174563,	Dec 08 1997	Entrust, Limited	Computer network security system and method having unilateral enforceable security policy provision
7177427,	Oct 24 1997	Sony Corporation; Sony Electronics, INC	Method and system for transferring information using an encryption mode indicator
7178033,	Dec 12 2001	KUEIBISHAN BIOMEDICINE SCIENCE TECHNOLOGY CO	Method and apparatus for securing digital assets
7181017,	Mar 23 2001	RPX Corporation	System and method for secure three-party communications
7185364,	Mar 21 2001	ORACLE, USA; Oracle International Corporation; Oracle Corporation	Access system interface
7187033,	Jul 14 2004	Texas Instruments Incorporated	Drain-extended MOS transistors with diode clamp and methods for making the same
7188181,	Jun 30 1999	Oracle America, Inc	Universal session sharing
7194764,	Jul 10 2000	ORACLE, USA; Oracle International Corporation; Oracle Corporation	User authentication
7200747,	Oct 31 2001	Hewlett Packard Enterprise Development LP	System for ensuring data privacy and user differentiation in a distributed file system
7203317,	Oct 31 2001	VALTRUS INNOVATIONS LIMITED	System for enabling lazy-revocation through recursive key generation
7203968,	Sep 07 2000	Sony Corporation	Method and apparatus for selectively executing information recording using a cognizant mode and a non-cognizant mode
7219230,	May 08 2002	VALTRUS INNOVATIONS LIMITED	Optimizing costs associated with managing encrypted data
7224795,	Oct 20 1999	Fujitsu Limited; Taishin, Nishida	Variable-length key cryptosystem
7225256,	Nov 30 2001	ORACLE, USA; Oracle International Corporation; Oracle Corporation	Impersonation in an access system
7227953,	Dec 21 2001	Mitsubishi Denki K.K.	MPEG data recorder having IEEE 1394 interface
7233948,	Mar 16 1998	Intertrust Technologies Corporation	Methods and apparatus for persistent control and protection of content
7237002,	Jan 04 2000	SNAP INC	System and method for dynamic browser management of web site
7249044,	Oct 05 2000	BLUE YONDER GROUP, INC	Fulfillment management system for managing ATP data in a distributed supply chain environment
7260555,	Dec 12 2001	Intellectual Ventures I LLC	Method and architecture for providing pervasive security to digital assets
7265764,	Aug 27 2002	Nvidia Corporation	System and method for providing a hardware icon with magnification and security
7266684,	Aug 08 2000	WELLS FARGO BANK, N A	Internet third-party authentication using electronic tickets
7280658,	Jun 01 2001	SNAP INC	Systems, methods, and computer program products for accelerated dynamic protection of data
7287055,	Oct 22 1997	Open Text SA ULC	Web-based groupware system
7290148,	Feb 21 2002	Renesas Electronics Corporation; NEC Electronics Corporation	Encryption and decryption communication semiconductor device and recording/reproducing apparatus
7308702,	Jan 14 2000	JPMORGAN CHASE BANK, N A ; MORGAN STANLEY SENIOR FUNDING, INC	Locally adaptable central security management in a heterogeneous network environment
7313824,	Jul 13 2001	Liquid Machines, Inc.	Method for protecting digital content from unauthorized use by automatically and dynamically integrating a content-protection agent
7319752,	Sep 07 2000	Sony Corporation	Information recording device, information playback device, information recording method, information playback method, and information recording medium and program providing medium used therewith
7340600,	Jan 14 2000	Hewlett Packard Enterprise Development LP	Authorization infrastructure based on public key cryptography
7362868,	Oct 20 2000	FARRUKH, ABDALLAH, DR ; CENTRAL VALLEY ADMINISTRATORS	Hidden link dynamic key manager for use in computer systems with database structure for storage of encrypted data and method for storage and retrieval of encrypted data
7380120,	Dec 12 2001	Intellectual Ventures I LLC	Secured data format for access control
7383586,	Jan 17 2003	Microsoft Technology Licensing, LLC	File system operation and digital rights management (DRM)
7386529,	Dec 19 2002	MATHON SYSTEMS, INC	System and method for managing content with event driven actions to facilitate workflow and other features
20010011254,
20010021926,
20010032181,
20010034839,
20010044903,
20010056550,
20020010679,
20020016922,
20020031230,
20020035624,
20020046350,
20020050098,
20020056042,
20020062240,
20020062245,
20020069077,
20020069272,
20020069363,
20020073320,
20020077986,
20020077988,
20020087479,
20020099947,
20020124180,
20020129235,
20020133699,
20020138762,
20020143710,
20020143906,
20020156726,
20020157016,
20020169963,
20020169965,
20020172367,
20020174109,
20020176572,
20020178271,
20020194484,
20020198798,
20030009685,
20030014391,
20030023559,
20030028610,
20030033528,
20030037133,
20030037237,
20030037253,
20030046238,
20030051039,
20030056139,
20030074580,
20030078959,
20030079175,
20030081784,
20030081787,
20030088517,
20030088783,
20030101072,
20030110169,
20030110266,
20030110397,
20030115146,
20030115570,
20030120601,
20030120684,
20030126434,
20030154381,
20030159066,
20030172280,
20030177070,
20030177378,
20030182579,
20030196096,
20030197729,
20030200202,
20030217264,
20030217281,
20030217333,
20030226013,
20030233650,
20040022390,
20040025037,
20040039781,
20040064710,
20040068524,
20040068664,
20040073660,
20040073718,
20040088548,
20040098580,
20040103202,
20040103280,
20040133544,
20040158586,
20040193602,
20040193905,
20040193912,
20040199514,
20040215956,
20040215962,
20040243853,
20050021467,
20050021629,
20050028006,
20050039034,
20050071275,
20050071657,
20050071658,
20050081029,
20050086531,
20050091484,
20050120199,
20050138371,
20050138383,
20050177716,
20050177858,
20050198326,
20050223242,
20050223414,
20050235154,
20050256909,
20050273600,
20050283610,
20050288961,
20060005021,
20060075465,
20060093150,
20060168147,
20060230437,
20070006214,
20070067837,
EP647253,
EP672991,
EP809170,
EP913966,
EP913967,
EP950941,
EP1107504,
EP1130492,
EP1154348,
EP1324565,
GB2328047,
JP2001036517,
JP2006244044,
WO161438,
WO163387,
WO177783,
WO178285,
WO184271,
WO9641288,

ASSIGNMENT RECORDS Assignment records on the USPTO

///////////////

Executed on	Assignor	Assignee	Conveyance	Frame	Reel	Doc
Feb 12 2002	HILDEBRAND, HAL	SECRETSEAL INC	ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS	020120	0817	pdf
Feb 12 2002	HUANG, WEIQING	SECRETSEAL INC	ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS	020120	0817	pdf
Feb 12 2002	SUPRAMANIAM, SENTHILVASAN	SECRETSEAL INC	ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS	020120	0817	pdf
Feb 12 2002	GARCIA, DENIS JACQUES PAUL	SECRETSEAL INC	ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS	020120	0817	pdf
Feb 12 2002	VAINSTEIN, KLIMENTY	SECRETSEAL INC	ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS	020120	0817	pdf
Feb 12 2002	LEE, CHANG-PING	SECRETSEAL INC	ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS	020120	0817	pdf
Feb 12 2002	OUYE, MICHAEL MICHIO	SECRETSEAL INC	ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS	020120	0817	pdf
Feb 12 2002	ZUILI, PATRICK	SECRETSEAL INC	ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS	020120	0817	pdf
Feb 12 2002	ROSSMANN, ALAIN	SECRETSEAL INC	ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS	020120	0817	pdf
Feb 12 2002	RYAN, NICHOLAS MICHAEL	SECRETSEAL INC	ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS	020120	0817	pdf
Mar 05 2002	HUMICH, SERGE	SECRETSEAL INC	ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS	020120	0817	pdf
Jun 03 2002	SECRETSEAL INC	PERVASIVE SECURITY SYSTEMS, INC	CHANGE OF NAME SEE DOCUMENT FOR DETAILS	020120	0883	pdf
Feb 28 2003	PERVASIVE SECURITY SYSTEMS, INC	PSS SYSTEMS, INC	CHANGE OF NAME SEE DOCUMENT FOR DETAILS	020123	0240	pdf
Jan 24 2007	PSS SYSTEMS, INC	Guardian Data Storage, LLC	ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS	020121	0848	pdf
Mar 04 2013	Guardian Data Storage, LLC	Intellectual Ventures I LLC	MERGER SEE DOCUMENT FOR DETAILS	030638	0219	pdf

MAINTENANCE FEES AND DATES: Maintenance records on the USPTO

Date	Maintenance Fee Events
Oct 04 2012	M1552: Payment of Maintenance Fee, 8th Year, Large Entity.
Oct 27 2016	M1553: Payment of Maintenance Fee, 12th Year, Large Entity.

Date	Maintenance Schedule
Aug 17 2013	4 years fee payment window open
Feb 17 2014	6 months grace period start (w surcharge)
Aug 17 2014	patent expiry (for year 4)
Aug 17 2016	2 years to revive unintentionally abandoned end. (for year 4)
Aug 17 2017	8 years fee payment window open
Feb 17 2018	6 months grace period start (w surcharge)
Aug 17 2018	patent expiry (for year 8)
Aug 17 2020	2 years to revive unintentionally abandoned end. (for year 8)
Aug 17 2021	12 years fee payment window open
Feb 17 2022	6 months grace period start (w surcharge)
Aug 17 2022	patent expiry (for year 12)
Aug 17 2024	2 years to revive unintentionally abandoned end. (for year 12)