WO2009132046A3 - Method and system for security requiring authorization by multiple users - Google Patents

Method and system for security requiring authorization by multiple users Download PDF

Info

Publication number
WO2009132046A3
WO2009132046A3 PCT/US2009/041314 US2009041314W WO2009132046A3 WO 2009132046 A3 WO2009132046 A3 WO 2009132046A3 US 2009041314 W US2009041314 W US 2009041314W WO 2009132046 A3 WO2009132046 A3 WO 2009132046A3
Authority
WO
WIPO (PCT)
Prior art keywords
authorization
file
encrypted
multiple users
group
Prior art date
Application number
PCT/US2009/041314
Other languages
French (fr)
Other versions
WO2009132046A2 (en
Inventor
Landon Curt Noll
Christopher Norman Winter
Original Assignee
Ncipher Corporation Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ncipher Corporation Ltd. filed Critical Ncipher Corporation Ltd.
Publication of WO2009132046A2 publication Critical patent/WO2009132046A2/en
Publication of WO2009132046A3 publication Critical patent/WO2009132046A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/104Grouping of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

Methods, systems, and apparatus, including computer program products, for security requiring authorization by multiple users. In one embodiment, one or more data files are encrypted by specifying an encryption policy, including an authorization group and a number of authorizations within the authorization group being required for accessing the output file. The authorization group is defined. The data files are encrypted in accordance with the policy. In another embodiment, a file is decrypted by receiving a file encrypted in accordance with an encryption policy including a first number of authorizations within an authorization group required for accessing the file, receiving authorization codes from members of the authorization group, determining a second number of correct authorization codes received, and decrypting the file if the second number is equal to or greater than the first number.
PCT/US2009/041314 2008-04-21 2009-04-21 Method and system for security requiring authorization by multiple users WO2009132046A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US4675108P 2008-04-21 2008-04-21
US61/046,751 2008-04-21

Publications (2)

Publication Number Publication Date
WO2009132046A2 WO2009132046A2 (en) 2009-10-29
WO2009132046A3 true WO2009132046A3 (en) 2009-12-17

Family

ID=41217394

Family Applications (2)

Application Number Title Priority Date Filing Date
PCT/US2009/041289 WO2010042248A1 (en) 2008-04-21 2009-04-21 Method and system for security requiring authorization by multiple users
PCT/US2009/041314 WO2009132046A2 (en) 2008-04-21 2009-04-21 Method and system for security requiring authorization by multiple users

Family Applications Before (1)

Application Number Title Priority Date Filing Date
PCT/US2009/041289 WO2010042248A1 (en) 2008-04-21 2009-04-21 Method and system for security requiring authorization by multiple users

Country Status (1)

Country Link
WO (2) WO2010042248A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9026787B2 (en) 2012-12-09 2015-05-05 International Business Machines Corporation Secure access using location-based encrypted authorization
JP5892123B2 (en) * 2013-08-20 2016-03-23 富士ゼロックス株式会社 Information processing apparatus and information processing program
CN113779511A (en) * 2021-09-14 2021-12-10 湖南麒麟信安科技股份有限公司 Software authorization method, device, server and readable storage medium
CN113949625A (en) * 2021-12-03 2022-01-18 湖北科技学院 Message transmission verification algorithm based on GPS and timestamp verification

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5659614A (en) * 1994-11-28 1997-08-19 Bailey, Iii; John E. Method and system for creating and storing a backup copy of file data stored on a computer
US6598161B1 (en) * 1999-08-09 2003-07-22 International Business Machines Corporation Methods, systems and computer program products for multi-level encryption
US6675261B2 (en) * 2000-12-22 2004-01-06 Oblix, Inc. Request based caching of data store data
US20050235148A1 (en) * 1998-02-13 2005-10-20 Scheidt Edward M Access system utilizing multiple factor identification and authentication

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040086117A1 (en) * 2002-06-06 2004-05-06 Petersen Mette Vesterager Methods for improving unpredictability of output of pseudo-random number generators
US7519826B2 (en) * 2003-10-01 2009-04-14 Engedi Technologies, Inc. Near real-time multi-party task authorization access control
US20050125357A1 (en) * 2003-12-09 2005-06-09 Saadat Abbas S. Secure integrated media center
GB2437558B (en) * 2006-04-19 2010-12-15 Thales Holdings Uk Plc Privacy protection system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5659614A (en) * 1994-11-28 1997-08-19 Bailey, Iii; John E. Method and system for creating and storing a backup copy of file data stored on a computer
US20050235148A1 (en) * 1998-02-13 2005-10-20 Scheidt Edward M Access system utilizing multiple factor identification and authentication
US6598161B1 (en) * 1999-08-09 2003-07-22 International Business Machines Corporation Methods, systems and computer program products for multi-level encryption
US6675261B2 (en) * 2000-12-22 2004-01-06 Oblix, Inc. Request based caching of data store data

Also Published As

Publication number Publication date
WO2010042248A1 (en) 2010-04-15
WO2009132046A2 (en) 2009-10-29

Similar Documents

Publication Publication Date Title
KR101509377B1 (en) Device and method for a backup of rights objects
US9647834B2 (en) Systems and methods with cryptography and tamper resistance software security
CN100338905C (en) Method of binding digital contents and hardware with hardward adaptive
KR101284676B1 (en) Cryptography-based copy protection system and method for android apps
US9124424B2 (en) System, apparatus and method for license key permutation
EP3035641A1 (en) Method for file upload to cloud storage system, download method and device
KR20100133953A (en) System and method for securing data
RU2010114241A (en) MULTIFACTOR CONTENT PROTECTION
WO2012096791A8 (en) Methods and systems for distributing cryptographic data to authenticated recipients
TW200701728A (en) Data-encrypting/decrypting method, data-saving media using the method, and data-encrypting/decrypting module
CN102938036A (en) Section double encryption and safe loading method of Windows dynamic link library
CN103236930A (en) Data encryption method and system
EP2874344A1 (en) User terminal device and encryption method for encrypting in cloud computing environment
WO2012122117A3 (en) Content playback apis using encrypted streams
CN104361291B (en) Data processing method and device
US9734346B2 (en) Device and method for providing security in remote digital forensic environment
WO2009132046A3 (en) Method and system for security requiring authorization by multiple users
CN104426849A (en) Method and system for realizing data security protection
CA2708000A1 (en) System, apparatus and method for license key permutation
CN110489978A (en) A kind of file encryption-decryption method
US20120284522A1 (en) Method and System for Securing Multimedia Data Streamed Over a Network
KR101630462B1 (en) Apparatus and Method for Securing a Keyboard
CN101692266A (en) Method of intensively encrypting and protecting files by using hidden partition (HPA) and CPU ID
CN104463003A (en) File encryption protecting method
CN101951471A (en) Fingerprint locking technology based on display system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09734996

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09734996

Country of ref document: EP

Kind code of ref document: A2