-
公开(公告)号:US20150074398A1
公开(公告)日:2015-03-12
申请号:US14388444
申请日:2013-03-27
Applicant: BAE SYSTEMS plc
CPC classification number: H04L63/0428 , H04L9/088 , H04L67/06
Abstract: A method of secure information sharing between a first domain and a plurality of destination domains, the method comprising: a. Processing a file at the first domain to establish a set of attributes of the file, the attributes of the file comprising a destination attribute for determining permitted domains to which the file may be sent, b. Encrypting the file at the first domain using the attributes of the file, and thereby generating an encrypted file, c. providing the first domain with, for a first destination domain, a first egress data guard comprising a destination attribute associated with the first destination domain, d. identifying that the encrypted file is desired to be communicated to the first destination domain, e. attempting to decrypt the encrypted file at the first egress data guard using a decryption key derived from the destination attribute of the first egress data guard, where decryption will be possible if the destination attribute of the data guard matches the destination attribute of the file, f. if it has been possible to decrypt the encrypted file at step e, making a determination as to whether the file may be communicated to the first destination domain.
Abstract translation: 一种在第一域和多个目的地域之间的安全信息共享的方法,所述方法包括:a。 在第一域处理文件以建立该文件的一组属性,该文件的属性包括用于确定该文件可以发送到的允许域的目的地属性,b。 c。使用文件的属性在第一个域中加密该文件,从而生成一个加密的文件,c。 为第一目的地域提供包括与第一目的地域相关联的目的地属性的第一出口数据保护的第一域,d。 识别加密文件希望被传送到第一目的地域,例如, 尝试使用从第一出口数据保护的目的地属性导出的解密密钥来解密第一出口数据保护处的加密文件,如果数据保护的目的地属性与文件的目的地属性匹配,那么解密是可能的,f 。 如果可以在步骤e解密加密的文件,则确定文件是否可以被传送到第一目的地域。
Search Results
1
records
(took 0.012 seconds)
