-
公开(公告)号:USRE43906E1
公开(公告)日:2013-01-01
申请号:US12331083
申请日:2008-12-09
CPC分类号: H04L63/04 , G06F21/6209 , G06F21/6227 , G06F2221/2107 , G06F2221/2111 , G06F2221/2113 , G06F2221/2137 , G06F2221/2141 , H04L63/08 , H04L63/101 , H04L63/102 , H04L63/105 , H04L63/12 , H04L63/20 , H04L67/42
摘要: Digital assets are in a secured form that only those with granted access rights can access. Even with the proper access privilege, when a secured file is classified, at least a security clearance key is needed to ensure those who have the right security clearance can ultimately access the contents in the classified secured file. According to one embodiment, a secured file or secured document includes two parts: a header, and an encrypted data portion. The header includes security information that points to or includes access rules, a protection key and a file key. The access rules facilitate restrictive access to the encrypted data portion and essentially determine who the secured document can be accessed. The file key is used to encrypt/decrypt the encrypted data portion and protected by the protection key. If the contents in the secured file are classified, the file key is jointly protected by the protection key as well as a security clearance key associated with a user attempting to access the secured file.
摘要翻译: 数字资产是一种安全的形式,只有具有授权访问权限的用户才能访问。 即使具有正确的访问权限,当安全文件被分类时,至少需要一个安全许可密钥,以确保那些具有正确安全许可的用户可以最终访问分类的安全文件中的内容。 根据一个实施例,安全文件或安全文档包括两部分:头部和加密数据部分。 标题包括指向或包括访问规则的安全信息,保护密钥和文件密钥。 访问规则有助于对加密数据部分的限制性访问,并且基本上确定可以访问安全文档的身份。 文件密钥用于加密/解密加密数据部分并受保护密钥保护。 如果安全文件中的内容被分类,则文件密钥由保护密钥以及与尝试访问安全文件的用户相关联的安全许可密钥共同保护。
-
2.发明授权System and method for providing different levels of key security for controlling access to secured items 有权用于提供不同级别的关键安全性以控制对安全项目的访问的系统和方法公开(公告)号:US08341406B2
公开(公告)日:2012-12-25
申请号:US13079583
申请日:2011-04-04
申请人: Hal S. Hildebrand
发明人: Hal S. Hildebrand
IPC分类号: H04L29/06
摘要: With files secured by encryption techniques, keys are often required to gain access to the secured files. Techniques for providing and using multiple levels of keystores for securing the keys are disclosed. The keystores store keys that are needed by users in order to access secured files. The different levels of keystores offer compromises between security and flexibility/ease of use.
摘要翻译: 对于通过加密技术保护的文件,通常需要密钥才能访问受保护的文件。 公开了用于提供和使用多级密钥库来保护密钥的技术。 密钥库存储用户需要的密钥以访问安全文件。 不同级别的密钥库在安全性和灵活性/易用性之间提供了妥协。
-
公开(公告)号:US08307067B2
公开(公告)日:2012-11-06
申请号:US12389076
申请日:2009-02-19
申请人: Nicholas M. Ryan
发明人: Nicholas M. Ryan
IPC分类号: G06F15/173
CPC分类号: H04L63/20 , Y10S707/99939
摘要: An improved system and approaches for protecting secured files when being used by an application (e.g., network browser) that potentially transmits the files over a network to unknown external locations are disclosed. According to one aspect, access to secured files is restricted so that unsecured versions of the secured files are not able to be transmitted over a network (e.g., the Internet) to unauthorized destinations. In one embodiment, processes operating on a computer system are monitored to determine destination locations, if any, of said processes, and then using such destination locations to determine whether to permit the processes to open files in a secure or unsecured manner.
摘要翻译: 公开了一种用于在由可能通过网络将文件传输到未知外部位置的应用(例如,网络浏览器)使用时保护安全文件的改进的系统和方法。 根据一个方面,对安全文件的访问受到限制,使得安全文件的不安全版本不能够通过网络(例如,因特网)传输到未经授权的目的地。 在一个实施例中,监视在计算机系统上运行的进程以确定所述进程的目的地位置(如果有的话),然后使用这样的目的地位置来确定是否允许进程以安全或非安全的方式打开文件。
-
4.发明申请Document Security System that Permits External Users to Gain Access to Secured Files 有权允许外部用户获取安全文件的文档安全系统公开(公告)号:US20120198230A1
公开(公告)日:2012-08-02
申请号:US13439485
申请日:2012-04-04
申请人: Klimenty VAINSTEIN
发明人: Klimenty VAINSTEIN
IPC分类号: H04L9/14
CPC分类号: G06F21/6209 , G06F21/6218
摘要: A system includes a server with an access manager configured to restrict access to files of an organization and maintain at least encryption keys for internal and external users and an external access server connected to the server and coupled between the server and a data network. The data network is configured to allow the external users use of the external access server. The external access server is also configured to permit file exchange between the internal users and the external users via the server.
摘要翻译: 系统包括具有访问管理器的服务器,其被配置为限制对组织的文件的访问,并且至少保持用于内部和外部用户的加密密钥以及连接到服务器并且耦合在服务器与数据网络之间的外部访问服务器。 数据网络被配置为允许外部用户使用外部访问服务器。 外部访问服务器还被配置为允许内部用户和外部用户之间通过服务器进行文件交换。
-
5.发明申请公开(公告)号:US20110296199A1
公开(公告)日:2011-12-01
申请号:US13078109
申请日:2011-04-01
IPC分类号: G06F12/14
CPC分类号: G06F21/6227 , G06F21/6209 , G06F2221/2107 , G06F2221/2111 , G06F2221/2113 , G06F2221/2137 , G06F2221/2141 , H04L63/0428 , H04L63/06 , H04L63/08 , H04L63/102 , H04L63/105 , H04L63/12 , H04L63/20 , H04L67/42
摘要: Even with proper access privilege, when a secured file is classified, at least security clearance (e.g. a clearance key) is needed to ensure those who have the right security clearance can ultimately access the contents in the classified secured file. According to one embodiment, referred to as a two-Opronged access scheme, a security clearance key is generated and assigned in accordance with a user's security access level. A security clearance key may range from most classified to non-classified. Depending on implementation, a security clearance key with a security level may be so configured that the key can be used to access secured files classified at or lower than the security level or multiple auxiliary keys are provided when a corresponding security clearance key is being requested. The auxiliary keys are those keys generated to facilitate access to secured files classified respectively less than the corresponding security or confidentiality level.
摘要翻译: 即使具有适当的访问权限,当安全文件被分类时,至少需要安全许可(例如清除密钥),以确保那些具有正确安全许可的用户能够最终访问分类的安全文件中的内容。 根据一个实施例,被称为双管理访问方案,根据用户的安全访问级别生成并分配安全许可密钥。 安全许可密钥可以从大多数分类到非分类。 根据实施方式,具有安全级别的安全许可密钥可以被配置为使得密钥可以用于访问分类为或低于安全级别的安全文件,或者当正在请求相应的安全许可密钥时提供多个辅助密钥。 辅助键是生成的那些键,以便于访问分类小于相应的安全或机密级别的安全文件。
-
公开(公告)号:US07950066B1
公开(公告)日:2011-05-24
申请号:US10028397
申请日:2001-12-21
申请人: Patrick Zuili
发明人: Patrick Zuili
CPC分类号: G06F21/6281
摘要: Techniques and mechanisms for controlling copying of content from a secured file or secured document are disclosed. In one embodiment, the techniques or mechanisms operate to control clipboard usage such that content from a secured document of one application is not able to be copied to another application or a different document of another application by way of a clipboard. According to another embodiment, alternate content is copied to another application or a different document of another application instead of the content from the secured document.
摘要翻译: 公开了用于控制从安全文件或安全文档复制内容的技术和机制。 在一个实施例中,这些技术或机制操作以控制剪贴板使用,使得来自一个应用的安全文档的内容不能通过剪贴板复制到另一应用或另一应用的不同文档。 根据另一个实施例,替代内容被复制到另一个应用程序或其他应用程序的不同文档,而不是来自安全文档的内容。
-
7.发明申请Method and System For Securing Digital Assets Using Process-Driven Security Policies 有权使用过程驱动的安全策略来保护数字资产的方法和系统公开(公告)号:US20100199088A1
公开(公告)日:2010-08-05
申请号:US12762028
申请日:2010-04-16
IPC分类号: G06F21/24
CPC分类号: H04L63/0428 , G06F21/6218 , H04L9/0833 , H04L63/06 , H04L2209/60 , H04L2463/101
摘要: Techniques for dynamically altering security criteria used in a file security system are disclosed. The security criteria pertains to keys (or ciphers) used by the file security system to encrypt electronic files to be secured or to decrypt electronic files already secured. The security criteria can, among other things, include keys that are required to gain access to electronic files. Here, the keys can be changed automatically as electronic files transition between different states of a process-driven security policy. The dynamic alteration of security criteria enhances the flexibility and robustness of the security system. In other words, access restrictions on electronic files can be dependent on the state of the process-driven security policy.
摘要翻译: 公开了用于动态改变文件安全系统中使用的安全标准的技术。 安全标准涉及文件安全系统用于加密要保护的电子文件或解密已经保护的电子文件的密钥(或密码)。 安全标准可以包括访问电子文件所需的密钥。 这里,随着电子文件在进程驱动的安全策略的不同状态之间转换,密钥可以自动更改。 安全标准的动态改变增强了安全系统的灵活性和鲁棒性。 换句话说,对电子文件的访问限制可以取决于进程驱动的安全策略的状态。
-
公开(公告)号:US20080034205A1
公开(公告)日:2008-02-07
申请号:US11889310
申请日:2007-08-10
申请人: Rossmann Alain , Patrick Zuili , Michael Ouye , Serge Humpich , Chang-Ping Lee , Klimenty Vainstein , Hal Hilderbrand , Denis Jacques Garcia , Senthilvasan Supramaniam , Weiqing Huang , Nicholas Ryan
发明人: Rossmann Alain , Patrick Zuili , Michael Ouye , Serge Humpich , Chang-Ping Lee , Klimenty Vainstein , Hal Hilderbrand , Denis Jacques Garcia , Senthilvasan Supramaniam , Weiqing Huang , Nicholas Ryan
CPC分类号: H04L63/04 , G06F21/00 , G06F21/6209 , G06F21/6227 , G06F2221/2111 , G06F2221/2137 , G06F2221/2141 , G06Q20/3674 , G06Q20/382 , G06Q20/3829 , H04L29/06 , H04L63/08 , H04L63/102 , H04L63/105 , H04L63/12 , H04L67/42
摘要: Techniques for providing pervasive security to digital assets are disclosed. According to one aspect of the techniques, a server is configured to provide access control (AC) management for a user (e.g., a single user, a group of users, software agents or devices) with a need to access secured data. Within the server module, various access rules for the secured data and/or access privileges for the user can be created, updated, and managed so that the user with the proper access privileges can access the secured documents if granted by the corresponding access rules in the secured data.
摘要翻译: 公开了向数字资产提供无处不在的安全性的技术。 根据技术的一个方面,服务器被配置为为需要访问安全数据的用户(例如,单个用户,一组用户,软件代理或设备)提供访问控制(AC)管理。 在服务器模块内,可以创建,更新和管理用户的安全数据和/或访问权限的各种访问规则,以便具有适当访问权限的用户可以访问受保护文档,如果被相应的访问规则授予 安全数据。
-
公开(公告)号:US10360545B2
公开(公告)日:2019-07-23
申请号:US10074825
申请日:2002-02-12
摘要: Method and Apparatus for access secured electronic data are disclosed. According to one aspect, an off-line access mechanism in a client machine is activated to facilitate those users on the go to access secured electronic data. When a user decides to be away from a network premises or on a business trip, an off-line access request may be generated by the off-line access mechanism and forwarded to a server. In response, the server may grant the off-line access request to the user as well as the client machine from which the user will access the secured electronic data off-line. Depending on implementation, the AC may provide amended or tentative access rules, access privileges or user keys that will automatically expire when a predetermined time ends or become invalid the next time the client machine is connected to the server.
-
10.发明授权公开(公告)号:US08341407B2
公开(公告)日:2012-12-25
申请号:US13078109
申请日:2011-04-01
IPC分类号: H04L29/06
CPC分类号: G06F21/6227 , G06F21/6209 , G06F2221/2107 , G06F2221/2111 , G06F2221/2113 , G06F2221/2137 , G06F2221/2141 , H04L63/0428 , H04L63/06 , H04L63/08 , H04L63/102 , H04L63/105 , H04L63/12 , H04L63/20 , H04L67/42
摘要: Even with proper access privilege, when a secured file is classified, at least security clearance (e.g. a clearance key) is needed to ensure those who have the right security clearance can ultimately access the contents in the classified secured file. According to one embodiment, referred to as a two-0pronged access scheme, a security clearance key is generated and assigned in accordance with a user's security access level. A security clearance key may range from most classified to non-classified. Depending on implementation, a security clearance key with a security level may be so configured that the key can be used to access secured files classified at or lower than the security level or multiple auxiliary keys are provided when a corresponding security clearance key is being requested. The auxiliary keys are those keys generated to facilitate access to secured files classified respectively less than the corresponding security or confidentiality level.
摘要翻译: 即使具有适当的访问权限,当安全文件被分类时,至少需要安全许可(例如清除密钥),以确保那些具有正确安全许可的用户能够最终访问分类的安全文件中的内容。 根据一个实施例,被称为双管理访问方案,根据用户的安全访问级别生成并分配安全许可密钥。 安全许可密钥可以从大多数分类到非分类。 根据实施方式,具有安全级别的安全许可密钥可以被配置为使得密钥可以用于访问分类为或低于安全级别的安全文件,或者当正在请求相应的安全许可密钥时提供多个辅助密钥。 辅助键是生成的那些键,以便于访问分类小于相应的安全或机密级别的安全文件。
-
-
-
-
-
-
-
-
-
搜索结果
28 条记录 (耗时 0.034 秒)