Movatterモバイル変換

[0]ホーム
URL:

USRE41186E1 - Method of encrypting information for remote access while maintaining access control - Google Patents

Method of encrypting information for remote access while maintaining access controlDownload PDF

Info

Publication number
USRE41186E1
USRE41186E1US10/936,829US93682904AUSRE41186EUS RE41186 E1USRE41186 E1US RE41186E1US 93682904 AUS93682904 AUS 93682904AUS RE41186 EUSRE41186 EUS RE41186E
Authority
US
United States
Prior art keywords
decryption key
segment
user location
user
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
US10/936,829
Inventor
David A. Pensak
John J. Cristy
Steven J. Singles
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
EMC Corp
Original Assignee
EMC Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by EMC CorpfiledCriticalEMC Corp
Priority to US10/936,829priorityCriticalpatent/USRE41186E1/en
Priority to US11/129,746prioritypatent/USRE44364E1/en
Assigned to EMC CORPORATIONreassignmentEMC CORPORATIONASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS).Assignors: AUTHENTICA, INC.
Application grantedgrantedCritical
Publication of USRE41186E1publicationCriticalpatent/USRE41186E1/en
Assigned to CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENTreassignmentCREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENTSECURITY AGREEMENTAssignors: ASAP SOFTWARE EXPRESS, INC., AVENTAIL LLC, CREDANT TECHNOLOGIES, INC., DELL INTERNATIONAL L.L.C., DELL MARKETING L.P., DELL PRODUCTS L.P., DELL SOFTWARE INC., DELL SYSTEMS CORPORATION, DELL USA L.P., EMC CORPORATION, EMC IP Holding Company LLC, FORCE10 NETWORKS, INC., MAGINATICS LLC, MOZY, INC., SCALEIO LLC, SPANNING CLOUD APPS LLC, WYSE TECHNOLOGY L.L.C.
Assigned to THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENTreassignmentTHE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENTSECURITY AGREEMENTAssignors: ASAP SOFTWARE EXPRESS, INC., AVENTAIL LLC, CREDANT TECHNOLOGIES, INC., DELL INTERNATIONAL L.L.C., DELL MARKETING L.P., DELL PRODUCTS L.P., DELL SOFTWARE INC., DELL SYSTEMS CORPORATION, DELL USA L.P., EMC CORPORATION, EMC IP Holding Company LLC, FORCE10 NETWORKS, INC., MAGINATICS LLC, MOZY, INC., SCALEIO LLC, SPANNING CLOUD APPS LLC, WYSE TECHNOLOGY L.L.C.
Assigned to AUTHENTICA, INC.reassignmentAUTHENTICA, INC.CHANGE OF NAME (SEE DOCUMENT FOR DETAILS).Assignors: AUTHENTICA SECURITY TECHNOLOGIES, INC.
Assigned to AUTHENTICA SECURITY TECHNOLOGIES, INC.reassignmentAUTHENTICA SECURITY TECHNOLOGIES, INC.ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS).Assignors: CRISTY, JOHN J, PENSAK, DAVID A, SINGLES, STEVEN J
Assigned to AUTHENTICA, INC.reassignmentAUTHENTICA, INC.CHANGE OF NAME (SEE DOCUMENT FOR DETAILS).Assignors: AUTHENTICA SECURITY TECHNOLOGIES, INC.
Assigned to THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A.reassignmentTHE BANK OF NEW YORK MELLON TRUST COMPANY, N.A.SECURITY AGREEMENTAssignors: CREDANT TECHNOLOGIES, INC., DELL INTERNATIONAL L.L.C., DELL MARKETING L.P., DELL PRODUCTS L.P., DELL USA L.P., EMC CORPORATION, EMC IP Holding Company LLC, FORCE10 NETWORKS, INC., WYSE TECHNOLOGY L.L.C.
Anticipated expirationlegal-statusCritical
Assigned to THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A.reassignmentTHE BANK OF NEW YORK MELLON TRUST COMPANY, N.A.SECURITY AGREEMENTAssignors: CREDANT TECHNOLOGIES INC., DELL INTERNATIONAL L.L.C., DELL MARKETING L.P., DELL PRODUCTS L.P., DELL USA L.P., EMC CORPORATION, EMC IP Holding Company LLC, FORCE10 NETWORKS, INC., WYSE TECHNOLOGY L.L.C.
Assigned to WYSE TECHNOLOGY L.L.C., FORCE10 NETWORKS, INC., AVENTAIL LLC, ASAP SOFTWARE EXPRESS, INC., DELL PRODUCTS L.P., MOZY, INC., SCALEIO LLC, EMC CORPORATION, MAGINATICS LLC, DELL MARKETING L.P., CREDANT TECHNOLOGIES, INC., DELL SOFTWARE INC., EMC IP Holding Company LLC, DELL SYSTEMS CORPORATION, DELL USA L.P., DELL INTERNATIONAL, L.L.C.reassignmentWYSE TECHNOLOGY L.L.C.RELEASE BY SECURED PARTY (SEE DOCUMENT FOR DETAILS).Assignors: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH
Assigned to DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO ASAP SOFTWARE EXPRESS, INC.), EMC CORPORATION (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MAGINATICS LLC), DELL USA L.P., DELL PRODUCTS L.P., DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO FORCE10 NETWORKS, INC. AND WYSE TECHNOLOGY L.L.C.), EMC IP HOLDING COMPANY LLC (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MOZY, INC.), DELL MARKETING L.P. (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO CREDANT TECHNOLOGIES, INC.), SCALEIO LLC, DELL INTERNATIONAL L.L.C.reassignmentDELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO ASAP SOFTWARE EXPRESS, INC.)RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001)Assignors: THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT
Assigned to DELL MARKETING L.P. (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO CREDANT TECHNOLOGIES, INC.), DELL PRODUCTS L.P., EMC CORPORATION (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MAGINATICS LLC), DELL USA L.P., DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO ASAP SOFTWARE EXPRESS, INC.), DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO FORCE10 NETWORKS, INC. AND WYSE TECHNOLOGY L.L.C.), EMC IP HOLDING COMPANY LLC (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MOZY, INC.), SCALEIO LLC, DELL INTERNATIONAL L.L.C.reassignmentDELL MARKETING L.P. (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO CREDANT TECHNOLOGIES, INC.)RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001)Assignors: THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT
Assigned to EMC CORPORATION, DELL USA L.P., DELL PRODUCTS L.P., DELL INTERNATIONAL L.L.C., EMC IP Holding Company LLC, DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO FORCE10 NETWORKS, INC. AND WYSE TECHNOLOGY L.L.C.), DELL MARKETING L.P. (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO CREDANT TECHNOLOGIES, INC.)reassignmentEMC CORPORATIONRELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (053546/0001)Assignors: THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT
Expired - Lifetimelegal-statusCriticalCurrent

Links

Images

Classifications

Definitions

Landscapes

Abstract

The invention provides for encrypting electronic information such as a document so that only users with permission may access the document in decrypted form. The process of encrypting the information includes selecting a set of policies as to who may access the information and under what conditions. A remote server stores a unique identifier for the information and associates an encryption/decryption key pair and access policies with the information. Software components residing on the author's computer retrieve the encryption key from the remote server, encrypt the information, and store the encrypted information at a location chosen by the author. A user wishing to access the information acquires the encrypted information electronically. Software components residing on the viewing user's computer retrieve the associated decryption key and policies, decrypt the information to the extent authorized by the policies, and immediately delete the decryption key from the viewing user's computer upon decrypting the information and rendering the clear text to the viewing user's computer screen. The software components are also capable of prohibiting functional operations by the viewing user's computer while the clear text is being viewed.

Description

This application is a division of U.S. patent application Ser. No. 09/906,811, filed Jul. 18, 2001, which is a division of U.S. patent application Ser. No. 09/321,839, filed May 28, 1999, now U.S. Pat. No. 6,289,450.
This application is a reissue of application Ser. No.09/985,096, filed on Nov.1,2001, now U.S. Pat. No.6,449,721, which application is a division of application Ser. No.09/906,811, filed on Jul.18,2001, now U.S. Pat. No.6,339,825, which is a division of application Ser. No.09/321,839, filed on May28,1999, now U.S. Pat. No.6,289,450.
BACKGROUND
This invention relates to an electronic security system for electronic objects such as documents, video and audio clips and other objects that can be transmitted via a network.
Electronic security systems have been proposed for managing access to electronic information and electronic documents so that only authorized users may open protected information and documents. Several software tools have been developed to work with particular document readers such as Adobe Acrobat Exchange and Adobe Acrobat Reader.
A need still exists for improved systems for providing access to encrypted information by authorized users and which prevent unauthorized users from gaining access to the encrypted information. The present invention allows the authoring user or other controlling party to maintain access control over the electronic information.
SUMMARY
The preferred embodiment(s) of the invention are summarized here to highlight and introduce some aspects of the present invention. Simplifications and omissions may be made in this summary. Such simplifications and omissions are not intended to limit the scope of the invention.
The object of the present invention is to provide a system and method for encrypting electronic information so that access to the information can be controlled by the author or other controlling party.
A further object of the present invention is to provide an electronic encryption/decryption system and method in which a central server maintains control over the electronic encryption and decryption keys.
A further object of the present invention is to provide an electronic encryption/decryption system and method in which electronic encryption and decryption keys are not retained by an encrypting or decrypting party.
A further object of the present invention is to provide a system and method for encrypting electronic information so that access to the information can be dynamically changed from a single location without the necessity of collecting or redistributing the encrypted information.
A further object of the present invention is to provide an electronic encryption/decryption system and method in which access to electronic information can be permanently revoked by destroying the association of a decryption key to the electronic information.
These and other objects will become apparent from the figures and written description contained herein.
BRIEF DESCRIPTION OF THE DRAWINGS
Preferred embodiment(s) of the invention will be discussed below with reference to attached drawings in which:
FIG. 1 is a block diagram illustrating a system configuration of an authoring tool, a viewing tool, and a remote server of the electronic encryption system.
FIG. 2 is a block diagram illustrating a detailed system configuration and functions associated with each component of the electronic encryption system.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT(S)
Referring now to the Figures wherein like reference numerals indicate like elements, inFIG. 1, the system of the preferred embodiment can be broken down conceptually into three functional components: anauthoring tool102, aviewing tool104, and aremote server106. For convenience, the embodiments described herein are described with respect to a document in Adobe Acrobat Exchange, but other embodiments using other base software packages are possible. Other types of electronic information, as determined by the base software package chosen, can be encrypted using the present invention.
Theauthoring tool102 allows anauthoring user108 to convert atext document110 tounreadable form112 using a strong encryption algorithm and an encryption key, or set of encryption keys, provided by theremote server106. Theauthoring tool102 also registers the electronic document or information with theremote server106 and associates a set of access policies with the encryption key so that only selected viewingusers116 under selected circumstances may view the document in clear text. The document or information may also be broken down into segments using theauthoring tool102, so that certain segments within a document may have different access policies. For example, a set of users may be allowed to view pages 1-5 of a 10 page document in clear text, while a subset of those users may be allowed to view all 10 pages of the document. Theauthoring tool102 also allows the authoringuser108 to block certain functions normally accessible by theviewing user116. For example, the authoringuser108 may deny a viewinguser116 privileges such as printing and copying of the clear text.
Theviewing tool104 allows aviewing user116 to decrypt thedocument112 anauthoring user108 has encrypted, provided theauthoring user108 has associated an access policy with the decryption key which grants access to the clear text to theviewing user116. Theviewing tool104 retrieves the decryption key118 associated with thedocument segment112 from theremote server106, decrypts the document into clear text, renders the document segment, and destroys the decryption key and the clear text version of the document segment. Theviewing tool104 prevents the saving of the decryption key or the clear text version of the document. Theviewing tool104 also blocks the viewing user's machine from performing certain functions, such as printing or copying, as directed by the authoringuser108 during registration of thedocument110.
The secureremote server106 performs several functions. Theremote server106 generates encryption keys114 for each document segment, maintains decryption keys118 for registered encrypteddocuments112, authenticates requests for viewing a document segment, grants access to registereddocuments112 by providing decryption keys118 and associated access policies to authorized viewingusers116, and maintains an encrypted secure central database which provides association between registered authoring users, registered documents, associated decryption keys, associated policies for each document, options for each user and document, and associated registered viewing users. Theremote server106 does not store or receive the actual document, either encrypted or unencrypted.
Theauthoring tool102 and theviewing tool104 each use essentially the same suite of software tools. As shown inFIG. 2, the software tools reside on the authoring and viewing users'computers222,224, on a computer readable medium such as on the hard drive of a particular user's computer. Registration with the centralremote server206 determines which functions within the suite of software tools are available to a particular user. The software tools include aConfiguration Utility226, anAdministrator Utility228, and anApplication Interface230. In the embodiment using Adobe Acrobat Exchange, the Application Interface is a “Plug-In,” which uses SDK and Plug-In Standard Interface. The three software tools run in conjunction with base viewing orplayback software232, such as Adobe Acrobat Exchange, a web browser, a word processor, an audio or video playing application, a custom data processing, or a specialized low-level device driver, such as a hard disk driver, video driver, or audio driver. Thebase software package232 will depend on the type of data stream to be encrypted/decrypted.
THE SECURE REMOTE SERVER
The secureremote server206 is a server which is remote from an authoring or viewinguser208,216. Theserver206 maintains adatabase236 of encryption keys and associated decryption keys for distribution to registered or authorized users. Theremote server206 also maintains a database which associates registered document segments, which are identified by unique segment IDs, with authoring users, user access profiles, document access policies and options, and associated encryption/decryption keys. Theremote server206 does not actually store registered documents or segments, but instead relates identifying information about a document to the associated information.
Theremote server206 also tracks and maintains records of requests to view documents and to obtaindocument decryption keys238. The records may be used to monitor the system for suspicious activity. For example, a single user requesting the decryption key for a document several times during a specific time period might be an indication of suspicious activity. The server can then provide an alert message to a pager, e-mail or fax, thus allowing timely investigation of the activity. The request information may also be used for the purposes of non-repudiation or as a basis for billing in situations where access to the system or access to protected information is being sold.
All communication between theremote server206 and a user'scomputer222,224 is encrypted using Secure Socket Layer (SSL) protocols. Once an SSL tunnel has been negotiated between a user'smachine222,224 and thesecure server206, a session key is negotiated. Thus, communications to and from thesecure server206 and a user'scomputer222,224 are doubly encrypted.
Registration with theremote server206 of a user or automated system wishing to use the system is done separately from any communication for registering a document or viewing a document. A user wishing to register documents for viewing by other users, or viewing registered document registered by other users, must contact the server independently, possibly through a separatehuman Coordinator240 or separate network link which can collect payment for the authoring, viewing, and other services, can verify the identity of the user and provide the server with user identification information and user authorization profiles.
The server may be a single server, a set of synchronized servers, or dual servers with a shared database.
THE CONFIGURATION UTILITY
TheConfiguration Utility226 defines a local user (authoring or viewing) on the user'scomputer222,224. TheConfiguration Utility226 establishes the communication parameters for a local user and theremote server206. For example, theConfiguration Utility226 will query the user to define a local user profile, to include name, password and other identifying information. This local user profile must match the information provided by a user to theCoordinator240 at theremote server206.
TheConfiguration Utility226 is also responsible for maintaining information regarding the authentication and secure communication method used by the local user, for example, certificate, secret passphrase, smart card, etc. TheConfiguration Utility226 maintains information about the local user's secure communication method, for example, the certificate and certification authority for a certificate based secure communication system.
THE ADMINISTRATOR UTILITY
TheAdministrator Utility226 is a network client application used by thehuman Coordinator240 and other users to control access to documents selected for encryption by defining policies associated with a document. TheAdministrator Utility228 is a software program residing on the user'scomputer222,224. TheCoordinator240 orauthoring user208 uses theAdministrator Utility228 to define policies related to a particular user. For example, theCoordinator240 can use theAdministrator Utility228 to control the functions available to aparticular authoring user208, which might depend on the fees paid by theauthoring user208, or theCoordinator240 can control the amount of access anauthoring user208 can allow toviewing users216. Other policies that an individual can define using theAdministrator Utility228 are site policies, group policies, and default policies.
TheAdministrator Utility228 allows theCoordinator240 or authoring orviewing user208,216 to determine what documents have been registered by a particular user by accessing the registereduser database236. TheAdministrator Utility228 also allows an authoring user to permanently disable the viewing of documents by deleting the associated decryption key from the server. TheAdministrator Utility228 also allows anauthoring user208 to initially define the policies related to his documents and to change the policies after the documents have initially been registered.
TheAdministrator Utility228 allows anormal authoring user208 to create, edit, and delete time windows, network specifications and policy templates; view the list of registered documents; and view and edit the policies of documents that are registered. TheAdministrator Utility228 allows theCoordinator240 to create, edit, and delete users and user policies; create, edit, and delete groups of users and group polices; create, edit, and delete document groups and document group policies; define and modify the Site and Default polices; create, edit, and delete document override policies; and view the activity log and set up notification policies
THE APPLICATION INTERFACE
TheApplication Interface230 of the preferred embodiment is a standard “Plug-In” to Adobe Acrobat Exchange using SDK and Plug-In Standard Interface. The Plug-In230 provides a user screen interface to allow the user to access the particular functions associated with registering and viewing documents and communicating with the server. The Plug-In Screen may be integral to the Adobe User Interface Window or may be a separate window. In the preferred embodiment, the Plug-In230 modifies the Adobe User Interface Window by adding functional “buttons” such as register, create policies, tag, encrypt, view and decrypt.
The Plug-In230 allows encryption and decryption of PDF files using encryption keys from theremote server206. The Plug-In230 connects to theserver206, authenticates the user to the server, registers documents with the server, selects policies at the server as they have been defined -by theauthoring user208 using theAdministrator Utility228.
In addition, the Plug-In230 blocks certain functions at the viewing user'scomputer224 that are otherwise available in Adobe Acrobat Exchange. For example, if theauthoring user208 has limited access to a document so that aviewing user216 is prohibited from printing a viewed document, the Plug-In230 temporarily disables the print function of Adobe Acrobat Exchange. Among the functions that the Plug-In230 can disable are print, copy, cut, paste, save, and other functions. Other functions may be disabled or limited as appropriate for the type of file viewed and the access level. TheApplication Interface230 is designed in such a way that it does not disclose either the decryption key or the clear text or unencrypted representation of the protected information content in electronic form.
THE GRAPHICAL USER INTERFACE
The Graphical User Interface (“GUI”)supports standard user interface objects such as push buttons, text input fields, lists, menus, and message boxes. The GUI is controlled by the mouse and keypad. The GUI has multiple windows that allow real time setup of server configuration such as who may register a document, who may view a document, when a document may be viewed and on which host the document key and viewing information resides.
INITIAL USER SETUP
A user who wishes to register or to access information must first register and be recognized by theserver206, as represented by reference numeral1042,1044 in FIG.2. Theuser208,216 contacts theserver206 independently, possibly through a separatehuman Coordinator240 or separate network link which can collect payment for the authoring, viewing and other services; verify the identity of the user; and provide the server with user identification information and user authorization profiles. Once theuser208,216 is registered with theserver206, the suite of software tools is provided to the user.
The user must have installed thebase software230, such as Adobe Acrobat Exchange, on his computer. The user then installs theApplication Interface230 provided by theCoordinator240, as well as the Administrator andConfiguration Utilities228,226. In one embodiment, upon running theApplication Interface230, theApplication Interface230 will install the Administrator andConfiguration Utilities228,226 on the user's machine. There is no network activity involved in the installation of theApplication Interface230, Administrator, orConfiguration Utilities228,226.
CREATING POLICIES USING THE ADMINISTRATOR
Once auser208,216 is registered and theConfiguration Utility226 has set up identification and encryption information for theuser208,216, the user authorized to do so can use theAdministrator Utility228 to create policies associated with a specific document. Anauthoring user208 wishing to register a document creates policies to define who, when and how a document may be viewed or otherwise accessed.
Theauthoring user208 runs theAdministrator Utility228 which has been installed on hismachine222 and instructs theAdministrator Utility228 to create policies for a document. TheAdministrator Utility228 will request the information provided during set up to theConfiguration Utility226 such as username, passphrase, and method of authentication to verify the user's identity. TheAdministrator Utility228 will also ask on which server theauthoring user208 wishes to register his document. TheAdministrator Utility228 will then establish a connection to the remote server through theApplication Interface230.
Theremote server206 and the authoring or viewing user'scomputer222,224 communicating with theserver206 will negotiate a standard Secure Socket Layet (SSL) encryption tunnel, as represented inFIG. 2 byreference numerals1046,1056.
Once the SSL tunnel is established, the user'scomputer222,224 and theserver206 negotiate a secondary session key, as represented inFIG. 2 byreference numerals1048,1058. All subsequent communications is additionally encrypted using 128-bit RC4 and this secondary session key. All communication between the users'computers222,224 and theserver206 is thus doubly encrypted.
Once the doubly encrypted communication link is established between the authoring user'scomputer222 and theserver206, the authoring user'scomputer222 provides login and authentication information to theserver206,1050. Theserver206 authenticates the authoring user's208 identity and verifies that theauthoring user208 has authority to use the system by checking a database of registeredusers236 maintained on the server. The information provided by theauthoring user208 to theConfiguration Utility226 is compared to the information provided by the user to theCoordinator240 during the independent user registration process1042,1044. Thedatabase234 contains all of the access controls related to a particular user, so that if a user is only authorized to view documents, he will not be allowed to use the system to register or encrypt documents.
After theserver206 authenticates theauthoring user208 and verifies that theauthoring user208 is authorized to register documents, theAdministrator Utility228 allows theauthoring use208 to create policies applicable to aparticular viewing user216, a group of viewing users, or a default policy for all other users. The policies are then communicated to theserver206,1051. Policies define who may view a document, when, and under what conditions. Policies are created by combining a set of constraints including allowable or denied users and groups, time ranges, and Internet Protocol (IP) addresses. Access to a document by aviewing user216 is determined by combining the user policy, document policy, as well as possibly the group policy and document group policy. If theCoordinator240 has created a document override policy for a document, then the override takes precedence over the regular document policy defined by the authoring user. Policies include limiting who may view a document or portion of a document and the time frame during which a user may view the document.
TheAdministrator Utility228 also allows theauthoring user208 to create options. Options specify what functions of thebase software232 are temporarily disabled so that theviewing user216 is prohibited from accessing them while viewing the document. An option can also enforce a watermark on printing. For example, theauthoring user208 can prohibit aparticular viewing user216 from printing, saving, or copying a particular document or portion of a document. These Options are defined by theauthoring user208 using theAdministrator Utility228, but the options are enforced by theApplication Interface230.
ENCRYPTING DOCUMENTS AND DATA STREAMS
Anauthoring user208 wishing to encrypt a document will open the document on hiscomputer222. TheApplication Interface230 must also be loaded before the document or information can be encrypted. In the preferred embodiment, the Plug-In230 adds menu items to the menu bar in Adobe Acrobat Exchange such as “tag” and “encrypt” “Tag” allows theauthoring user208 to select segments of the document to be encrypted. Theauthoring user208 can assign different policies to different tagged segments of a single document, i.e., policies are associated with segments. A segment may consist of any subset of the entire document or the entire document. Once the document has been segmented or “tagged,” the authoring user selects “encrypt” from the menu bar. If theauthoring user208 has not already logged into theremote server206, the Plug-In230 will force a log in to theremote server206 through theAdministrator Utility228. A log-in screen is provided and theauthoring user208 must log-in to theserver206. Theserver206 authenticates theauthoring user208 and verifies that theauthoring user208 is authorized to register documents.
Once the authoring user has been authenticated, the authoring user is asked to associate the overall document with a policy, and this information is communicated to theremote server1052. This policy becomes the default policy for any portions of the document which are not tagged and associated with a specific policy. The Plug-In230 assigns a unique segment ID for each tagged segment after the authoring user has tagged all segments and has instructed the Plug-In230 to go ahead with the encryption. ThePlugIn230 transmits the segment IDs to theserver206. Theserver206 generates a random encryption key for each segment ID and communicates the encryption key to the authoring user'scomputer222,1054. Theserver206 stores the segment ID, the key associated with the particular segment ID, and the policy associated with a particular segment ID in thecentral database234, and then transmits the key to the Plug-In230 at the authoring user'scomputer222. The Plug-In230 at the authoring user'scomputer222 encrypts the segment, immediately destroys or removes the key from the authoring user'smachine222, and then deletes the clear text for the segment from the Plug-In230. Thus, key lifetime is very short on the authoring user's machine. The encryption key is never stored on the authoring user's machine where it is accessible, such as the hard disk. The key can even be obfuscated while in the memory of the authoring user's machine. The duration of the key's existence depends on the speed of the computer which actually performs the encryption, since the key is destroyed immediately after the encryption. In the preferred embodiment, 128-bit RC4 is used for document and segment encryption.
Once all segments have been encrypted, the Plug-In230 produces a hash of the entire document and sends the hash to the server as document identification,1055. Theserver206 stores the hash with the keys associated with the document. Thus, the document is never transmitted to theserver206, only the segment IDs and hash.
A pop-up window asks theauthoring user208 where he wishes to store the encrypted document. By default, the encrypted document overwrites the clear text document on the authoring user'smachine222.
VIEWING REPLAYING AND DECRYPTING
A user wishing to view a document must have installed theConfiguration Utility226,Administrator Utility228, and theApplication Interface230 on hiscomputer224. Theviewing user216 must be independently registered with theCoordinator240 as a user. Theviewing user216 must also have installed thebase software application232 for viewing the document, such as Adobe Acrobat Exchange. Theviewing user216 must enter theConfiguration Utility226 and provide user set up information.
If theviewing user216 has not opened theConfiguration Utility226, theAdministrator Utility228 and theApplication Interface230, these programs will automatically be opened once the information to be accessed has been selected, and the system has recognized that the information is encrypted.
Once theConfiguration Utility226 has opened, it will request the user to provide information defining both theviewing user216 and the viewing user'scomputer224. If theviewing user216 is a new user, theviewing user216 will select a button on the Configuration Utility's interface window indicating that a new user profile needs to be provided. TheConfiguration Utility226 will provide a query screen to the user and the user will input identification information, such as a user name. The identification information will be checked against the information provided to theserver206 orCoordinator240 during the independent user registration process.
TheApplication Interface230 will check to see if the user is logged onto theremote server206. If theviewing user216 has not logged onto the remote server, theApplication Interface230 provides a pop-up window so that the user can log in to the server. An SSL tunnel and session key are negotiated,1056,1058. The viewing user'scomputer224 provides login and authentication information to theserver206,1060. Once logged into theserver206, theApplication Interface230 requests access to the document orinformation1062 by asking theserver206 for the decryption key for the first segment of the document or information to be accessed. Theserver206 uses the segment ID to check the database to find the policies associated with the segment and thus to determine whether theviewing user216 is authorized to access this segment or the document as a whole.
If theviewing user216 is not authorized to access the segment, theviewing user216 is so informed. If theuser216 is authorized to access the segment, theserver206 sends the decryption key and options for that segment to theApplication Interface230 at the viewing user'scomputer224 and theApplication Interface230 decrypts the segment using the decryption key. After decrypting the segment, theApplication Interface230 immediately discards/destroys the key, renders the decrypted segment to the screen, and then destroys the decrypted version of the segment. When the viewing user moves to a different segment, the process is repeated.
TheApplication Interface230 enforces the options which were assigned by theauthoring user230 to the segment viewed by theviewing user216. For example, if theauthoring user208 assigned that theviewing user216 cannot print the clear text document or segment, then the Plug-In230 disables the print function of Adobe Acrobat Exchange while the clear text document or segment is available to theviewing user216. Other functions which can be controlled or disabled by the Plug-In230 are save, copy, paste, and print with watermark. For other base software packages such asaudio230, the functions controlled by theApplication Interface230 could be play, copy, and save unencrypted. Thus, using the options, theviewing user216 has no ability to permanently acquire the clear text document or data.
THE DATABASE
The securecentral database234 resides on theremote server206. It may be a distributed or shared database residing on multipleremote servers206. In the preferred embodiment thedatabase234 is maintained in Berkley DB software. All records maintained in thecentral database234 are encrypted and the database is password protected. TheCoordinator240 controls thedatabase234 and has access to thedatabase234 using the password.
All keys for encryption and decryption are maintained in thedatabase234. Thedatabase234 provides a structure for associating segment IDs with an associated decryption key, policies for accessing that segment, and options for accessing that segment. Theauthoring user208 may change a policy associated with a segment ID through theAdministrator Utility228 on his computer. The change in policy is communicated to theremote server206 and thedatabase234 is updated accordingly. The update policy function allows anauthoring user208 to revoke access to a segment or document by a user or group of users.
Theauthoring user208 can destroy the decryption key or the association of a decryption key to a segment or document on thedatabase234 using theAdministrator Utility228. By destroying the decryption key or the association of the decryption key with a Segment or Document, theauthoring user208 destroys the ability to decrypt the information, effectively shredding all copies of the information.
Regular backups of thedatabase234 are made without shutting down thewhole database234.
One or more preferred embodiments have been described to illustrate the invention(s). Additions, modifications, and/or omissions may be made to the preferred embodiment(s) without departing from the scope or spirit of the invention(s). It is the intent that the following claims encompass all such additions, modifications, and/or variations to the fullest extent permitted by law.

Claims (11)

1. A method of controlling distribution of a segment of encrypted electronic information, comprising:
receiving, at a user location, a user code and an identification of the segment;
transmitting the user code and the identification from the user location to a key server;
receiving, at a user location from a key server in response to the user code representing a user authorized to view the segment, a decryption key for the segment and at least one access policy associated with the segment;
decrypting the segment with the decryption key into clear text in response to said receiving;
destroying the decryption key in response to said decrypting;
rendering the clear text;
limiting access to the clear text consistent with the at least one access policy; and
defending the decryption key at the user location when the decryption key is resident at the user location;
wherein a processing between and including said receiving the decryption key and said destroying the decryption key occurs with sufficient speed such that the decryption key is only resident at the user location for a moment, and said defending resists capturing of the decryption key during the moment.
3. A method of controlling distribution of a segment of encrypted electronic information, comprising:
attempting to access the segment at a user location;
requesting from the user location to the key server a decryption key for the segment;
receiving, at a user location from a key server, a the decryption key for the segment;
decrypting the segment with the decryption key in response to said receiving;
destroying the decryption key in response to said decrypting; and defending the decryption key at the user location when the decryption key is resident at the user location; wherein processing between and including said receiving and said destroying occurs with sufficient speed such that the decryption key is only resident at the user location for a moment, and said defending resists capture of the decryption key during the moment.
4. A method of controlling distribution of a segment of encrypted electronic information, comprising:
receiving, at a user location from a key server, a decryption key for the segment;
immediately decrypting the segment into clear text with the decryption key after said receiving;
immediately rendering said clear text on a display;
immediately destroying the decryption key after one of said decrypting and said rendering; and
defending the decryption key at the user location when the decryption key is resident at the user location;
wherein said receiving, said immediately decrypting and said immediately destroying only permit the decryption key to be resident at the user location for a brief moment in time, and said defending resists capture of the decryption key during the brief moment in time, such that it is difficult to improperly capture the decryption key at the user location.
5. A method of controlling distribution of a segment of encrypted electronic information, comprising:
attempting to access the segment at a user location, including receiving, at athe user location, a user code and an identification of the segment;
transmitting, in response to the attempting to access, the user code and the identification to a server;
receiving, at a user location from a key server, a decryption key for the segment in response to the user code representing a user authorized to view the segment;
decrypting the segment with the decryption key in response to said receiving;
destroying the decryption key in response to said decrypting; and
defending the decryption key at the user location when the decryption key is resident at the user location; wherein a processing between and including said receiving the decryption key and said destroying the decryption key occurs with sufficient speed such that the decryption key is only resident at the user location for a moment, and said defending resists capturing of the decryption key during the moment.
6. A system for controlling access to a segment of encrypted electronic content, comprising:
a computer readable medium containing instructions designed to operate in conjunction with computer hardware and other computer software to:
receive, at a user location, a user code and an identification of the segment;
transmit the user code and the identification from the user location to a key server;
receive, at a user location from a key server in response to the user code representing a user authorized to view the segment, a decryption key for the segment and at least one access policy associated with the segment;
decrypt the segment with the decryption key into clear text in response to said receiving;
destroy the decryption key in response to said decrypting;
render the clear text;
limit access to the clear text consistent with the at least one access policy; and
defend the decryption key at the user location when the decryption key is resident at the user location;
wherein said instructions require that computer processing between and including said receive the decryption key and said destroy the decryption key occurs with sufficient speed such that the decryption key is only resident at the user location for a moment, and said defend the decryption key resists capture of the decryption key during the moment.
7. A system for controlling access to a segment of encrypted electronic content, comprising:
a computer readable medium containing instructions designed to operate in conjunction with computer hardware and other computer software to:
receive, at a user location from a key server, a decryption key for the segment;
immediately decrypt the segment with the decryption key after said receiving;
immediately destroy the decryption key after said decrypting; and
defend the decryption key at the user location when the decryption key is resident at the user location;
wherein the decryption key will only be resident at the user location for a brief moment in time, and said defend the key resists capture of the decryption key during the brief moment in time, such that it is difficult to improperly capture the decryption key at the user location.
8. A system for controlling access to a segment of encrypted electronic content, comprising:
a computer readable medium containing instructions designed to operate in conjunction with computer hardware and other computer software to:
attempt to access the segment at a user location;
request from the user location to the key server a decryption key for the segment;
receive, at a user location from a key server, a the decryption key for the segment;
decrypt the segment with the decryption key in response to said receiving;
destroy the decryption key in response to said decrypting; and
defend the decryption key at the user location when the decryption key is resident at the user location; wherein said instructions require computer processing between and including said receive and said destroy to occur with sufficient speed such that the decryption key is only resident at the user location for a moment, and said defend resists capture of the decryption key during the moment.
9. A system for controlling access to a segment of encrypted electronic content, comprising:
a computer readable medium containing instructions designed to operate in conjunction with computer hardware and other computer software to:
receive, at a user location from a key server, a decryption key for the segment;
immediately decrypt the segment into clear text with the decryption key after said receiving;
immediately render said clear text on a display;
immediately destroy the decryption key in response to one of said decrypting and said rendering; and
defend the decryption key at the user location when the decryption key is resident at the user location;
wherein the decryption key will only be resident at the user location for a brief moment in time, and said defend resists capture of the decryption key during the brief moment in time, such that it is difficult to improperly capture the decryption key at the user location.
10. A system for controlling access to a segment of encrypted electronic content, comprising:
a computer readable medium containing instructions designed to operate in conjunction with computer hardware and other computer software to:
receiveattempt to access the segment at a user location, including receiving, at a user location, a user code and an identification of the segment;
transmit, in response to the attempt to access, the user code and the identification to a server; receive, at a user location from a key server, a decryption key for the segment in response to the user code representing a user authorized to view the segment;
decrypt the segment with the decryption key in response to said receiving;
destroy the decryption key in response to said decrypting; and
defend the decryption key at the user location when the decryption key is resident at the user location; wherein said instructions require that computer processing between and including said receiving the decryption key and said destroying the decryption key occurs with sufficient speed such that the decryption key is only resident at the user location for a moment, and said defend resists capturing of the decryption key during the moment.
11. A system for controlling distribution of a segment of encrypted electronic information, comprising:
means for receiving, at a user location, a user code and an identification of the segment;
means for transmitting the user code and the identification of the segment from the user location to a key server;
means for receiving, at a user location from a key server in response to the user code representing a user authorized to view the segment, a decryption key for the segment and at least one access policy associated with the segment;
means for decrypting the segment with the decryption key into clear text in response to said receiving;
means for destroying the decryption key in response to said decrypting;
means for rendering the clear text;
means for limiting access to the clear text consistent with the at least one access policy; and
means for defending the decryption key at the user location when the decryption key is resident at the user location;
wherein a time between operations performed by and including said means for receiving the decryption key and said means for destroying the decryption key occurs with sufficient speed such that the decryption key is only resident at the user location for a moment, and said means for defending resists capturing of the decryption key during the moment.
US10/936,8291999-05-282004-09-09Method of encrypting information for remote access while maintaining access controlExpired - LifetimeUSRE41186E1 (en)

Priority Applications (2)

Application NumberPriority DateFiling DateTitle
US10/936,829USRE41186E1 (en)1999-05-282004-09-09Method of encrypting information for remote access while maintaining access control
US11/129,746USRE44364E1 (en)1999-05-282005-05-16Method of encrypting information for remote access while maintaining access control

Applications Claiming Priority (4)

Application NumberPriority DateFiling DateTitle
US09/321,839US6289450B1 (en)1999-05-281999-05-28Information security architecture for encrypting documents for remote access while maintaining access control
US09/906,811US6339825B2 (en)1999-05-282001-07-18Method of encrypting information for remote access while maintaining access control
US09/985,096US6449721B1 (en)1999-05-282001-11-01Method of encrypting information for remote access while maintaining access control
US10/936,829USRE41186E1 (en)1999-05-282004-09-09Method of encrypting information for remote access while maintaining access control

Related Parent Applications (2)

Application NumberTitlePriority DateFiling Date
US09/906,811DivisionUS6339825B2 (en)1999-05-282001-07-18Method of encrypting information for remote access while maintaining access control
US09/985,096ReissueUS6449721B1 (en)1999-05-282001-11-01Method of encrypting information for remote access while maintaining access control

Related Child Applications (1)

Application NumberTitlePriority DateFiling Date
US09/985,096ContinuationUS6449721B1 (en)1999-05-282001-11-01Method of encrypting information for remote access while maintaining access control

Publications (1)

Publication NumberPublication Date
USRE41186E1true USRE41186E1 (en)2010-03-30

Family

ID=23252254

Family Applications (5)

Application NumberTitlePriority DateFiling Date
US09/321,839Expired - LifetimeUS6289450B1 (en)1999-05-281999-05-28Information security architecture for encrypting documents for remote access while maintaining access control
US09/906,811Expired - LifetimeUS6339825B2 (en)1999-05-282001-07-18Method of encrypting information for remote access while maintaining access control
US09/985,096CeasedUS6449721B1 (en)1999-05-282001-11-01Method of encrypting information for remote access while maintaining access control
US10/936,829Expired - LifetimeUSRE41186E1 (en)1999-05-282004-09-09Method of encrypting information for remote access while maintaining access control
US11/129,746Expired - LifetimeUSRE44364E1 (en)1999-05-282005-05-16Method of encrypting information for remote access while maintaining access control

Family Applications Before (3)

Application NumberTitlePriority DateFiling Date
US09/321,839Expired - LifetimeUS6289450B1 (en)1999-05-281999-05-28Information security architecture for encrypting documents for remote access while maintaining access control
US09/906,811Expired - LifetimeUS6339825B2 (en)1999-05-282001-07-18Method of encrypting information for remote access while maintaining access control
US09/985,096CeasedUS6449721B1 (en)1999-05-282001-11-01Method of encrypting information for remote access while maintaining access control

Family Applications After (1)

Application NumberTitlePriority DateFiling Date
US11/129,746Expired - LifetimeUSRE44364E1 (en)1999-05-282005-05-16Method of encrypting information for remote access while maintaining access control

Country Status (3)

CountryLink
US (5)US6289450B1 (en)
AU (1)AU5280400A (en)
WO (1)WO2000074299A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US20080107271A1 (en)*2006-11-032008-05-08Verizon Services Organization Inc.Systems and Methods for Document Control Using Public Key Encryption
US8170213B1 (en)*2007-12-272012-05-01Emc CorporationMethodology for coordinating centralized key management and encryption keys cached through proxied elements
US8555342B1 (en)2009-12-232013-10-08Emc CorporationProviding secure access to a set of credentials within a data security mechanism of a data storage system
US20180268169A1 (en)*2011-11-142018-09-20Esw Holdings, Inc.Security Systems and Methods for Encoding and Decoding Digital Content
US10607029B2 (en)2011-11-142020-03-31Esw Holdings, Inc.Security systems and methods for encoding and decoding content
US11244074B2 (en)*2011-11-142022-02-08Esw Holdings, Inc.Security systems and methods for social networking

Families Citing this family (308)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US7912856B2 (en)*1998-06-292011-03-22Sonicwall, Inc.Adaptive encryption
US7821926B2 (en)1997-03-102010-10-26Sonicwall, Inc.Generalized policy server
US6408336B1 (en)1997-03-102002-06-18David S. SchneiderDistributed administration of access to information
US8914410B2 (en)1999-02-162014-12-16Sonicwall, Inc.Query interface to policy server
FI107859B (en)*1998-03-232001-10-15Nokia Networks Oy Ordering services in a mobile communication system
US6289450B1 (en)1999-05-282001-09-11Authentica, Inc.Information security architecture for encrypting documents for remote access while maintaining access control
US20030103079A1 (en)*1999-06-142003-06-05Lycos, Inc., A Virginia CorporationMedia resource manager/player
US6742176B1 (en)*1999-06-142004-05-25Lycos, Inc.Secure flexible plugin software architecture
US6449598B1 (en)*1999-09-022002-09-10Xware Compliance, Inc.Health care policy on-line maintenance dissemination and compliance testing system
JP4359974B2 (en)*1999-09-292009-11-11富士ゼロックス株式会社 Access authority delegation method
US7536561B2 (en)*1999-10-152009-05-19Ebrary, Inc.Method and apparatus for improved information transactions
US8311946B1 (en)*1999-10-152012-11-13EbraryMethod and apparatus for improved information transactions
SE9904094D0 (en)*1999-11-121999-11-12Protegrity Research & Dev Method for reencryption of a database
US6868405B1 (en)*1999-11-292005-03-15Microsoft CorporationCopy detection for digitally-formatted works
JP2003528398A (en)*2000-03-212003-09-24リットマスター,テッド・アール System and process for delivering information to a communication network
US7266681B1 (en)*2000-04-072007-09-04Intertrust Technologies Corp.Network communications security agent
US6816906B1 (en)*2000-05-082004-11-09International Business Machines CorporationMechanism for building access control structures for authoring systems
US7231418B2 (en)*2000-05-242007-06-12Canon Kabushiki KaishaInformation providing method, information providing system, terminal apparatus, and storage medium storing information providing program
JP2001338205A (en)2000-05-242001-12-07Canon Inc Information management system, information management device and control method thereof, computer readable memory
AU2001285161A1 (en)*2000-08-212002-03-04United States Postal ServicesDelivery point validation system
JP2004509398A (en)*2000-09-142004-03-25プロビックス・インコーポレイテッド System for establishing an audit trail for the protection of objects distributed over a network
EP1323258A1 (en)*2000-09-142003-07-02Probix, Inc.System for protecting objects distributed over a network
JP2002101087A (en)*2000-09-212002-04-05Hitachi Ltd Information storage system and information transfer system and storage medium used for them
US6925497B1 (en)*2000-09-262005-08-02Microsoft CorporationSystems and methods for controlling the number of clients that access a server
US7444587B1 (en)*2000-09-292008-10-28Microsoft CorporationSelection services component for an extensible editor
US7036078B1 (en)*2000-09-292006-04-25Microsoft CorporationHighlight rendering services component for an extensible editor
US7069507B1 (en)*2000-09-292006-06-27Microsoft CorporationEvent routing model for an extensible editor
US20030058274A1 (en)*2000-11-172003-03-27Jake HillInterface device
US20020071560A1 (en)*2000-12-122002-06-13Kurn David MichaelComputer system having an autonomous process for centralized cryptographic key administration
US6978376B2 (en)*2000-12-152005-12-20Authentica, Inc.Information security architecture for encrypting documents for remote access while maintaining access control
US6965683B2 (en)*2000-12-212005-11-15Digimarc CorporationRouting networks for use with watermark systems
US7496767B2 (en)*2001-01-192009-02-24Xerox CorporationSecure content objects
US20020199118A1 (en)*2001-02-022002-12-26Medinservice.Com, Inc.Internet training course system and methods
US7424747B2 (en)*2001-04-242008-09-09Microsoft CorporationMethod and system for detecting pirated content
US7003662B2 (en)*2001-05-242006-02-21International Business Machines CorporationSystem and method for dynamically determining CRL locations and access methods
US20020178240A1 (en)*2001-05-242002-11-28International Business Machines CorporationSystem and method for selectively confirming digital certificates in a virtual private network
US20020178366A1 (en)*2001-05-242002-11-28Amiran OfirMethod for performing on behalf of a registered user an operation on data stored on a publicly accessible data access server
US6938155B2 (en)*2001-05-242005-08-30International Business Machines CorporationSystem and method for multiple virtual private network authentication schemes
US7562146B2 (en)*2003-10-102009-07-14Citrix Systems, Inc.Encapsulating protocol for session persistence and reliability
US20050198379A1 (en)*2001-06-132005-09-08Citrix Systems, Inc.Automatically reconnecting a client across reliable and persistent communication sessions
US7100200B2 (en)2001-06-132006-08-29Citrix Systems, Inc.Method and apparatus for transmitting authentication credentials of a user across communication sessions
US20030061567A1 (en)*2001-09-052003-03-27International Business Machines CorporationApparatus and method for protecting entries in a form using access rights information
US7171562B2 (en)*2001-09-052007-01-30International Business Machines CorporationApparatus and method for providing a user interface based on access rights information
US20030051039A1 (en)*2001-09-052003-03-13International Business Machines CorporationApparatus and method for awarding a user for accessing content based on access rights information
US20030177248A1 (en)*2001-09-052003-09-18International Business Machines CorporationApparatus and method for providing access rights information on computer accessible content
US20030046578A1 (en)*2001-09-052003-03-06International Business Machines IncorporationApparatus and method for providing access rights information in metadata of a file
US20030051172A1 (en)*2001-09-132003-03-13Lordemann David A.Method and system for protecting digital objects distributed over a network
CA2358980A1 (en)*2001-10-122003-04-12Karthika Technologies Inc.Distributed security architecture for storage area networks (san)
US7725490B2 (en)*2001-11-162010-05-25Crucian Global Services, Inc.Collaborative file access management system
US7487233B2 (en)*2001-12-052009-02-03Canon Kabushiki KaishaDevice access based on centralized authentication
US8001052B2 (en)*2001-12-102011-08-16Dunkeld Bryan CSystem and method for unique digital asset identification and transaction management
US7631184B2 (en)2002-05-142009-12-08Nicholas RyanSystem and method for imposing security on copies of secured items
US8065713B1 (en)2001-12-122011-11-22Klimenty VainsteinSystem and method for providing multi-location access management to secured items
US7178033B1 (en)2001-12-122007-02-13Pss Systems, Inc.Method and apparatus for securing digital assets
US7921288B1 (en)2001-12-122011-04-05Hildebrand Hal SSystem and method for providing different levels of key security for controlling access to secured items
US7478418B2 (en)2001-12-122009-01-13Guardian Data Storage, LlcGuaranteed delivery of changes to security policies in a distributed system
US7921284B1 (en)2001-12-122011-04-05Gary Mark KinghornMethod and system for protecting electronic data in enterprise environment
US7921450B1 (en)2001-12-122011-04-05Klimenty VainsteinSecurity system using indirect key generation from access rules and methods therefor
US10033700B2 (en)2001-12-122018-07-24Intellectual Ventures I LlcDynamic evaluation of access rights
US7565683B1 (en)2001-12-122009-07-21Weiqing HuangMethod and system for implementing changes to security policies in a distributed security system
USRE41546E1 (en)2001-12-122010-08-17Klimenty VainsteinMethod and system for managing security tiers
US7681034B1 (en)2001-12-122010-03-16Chang-Ping LeeMethod and apparatus for securing electronic data
US7380120B1 (en)2001-12-122008-05-27Guardian Data Storage, LlcSecured data format for access control
US7783765B2 (en)2001-12-122010-08-24Hildebrand Hal SSystem and method for providing distributed access control to secured documents
US8006280B1 (en)*2001-12-122011-08-23Hildebrand Hal SSecurity system for generating keys from access rules in a decentralized manner and methods therefor
US7930756B1 (en)*2001-12-122011-04-19Crocker Steven ToyeMulti-level cryptographic transformations for securing digital assets
US7562232B2 (en)2001-12-122009-07-14Patrick ZuiliSystem and method for providing manageability to security information for secured items
US7260555B2 (en)2001-12-122007-08-21Guardian Data Storage, LlcMethod and architecture for providing pervasive security to digital assets
US10360545B2 (en)2001-12-122019-07-23Guardian Data Storage, LlcMethod and apparatus for accessing secured electronic data off-line
US7950066B1 (en)2001-12-212011-05-24Guardian Data Storage, LlcMethod and system for restricting use of a clipboard application
US8176334B2 (en)2002-09-302012-05-08Guardian Data Storage, LlcDocument security system that permits external users to gain access to secured files
US8245306B2 (en)*2002-02-152012-08-14Galo GimenezDigital rights management printing system
AU2003219823A1 (en)*2002-02-202003-09-09Bitpipe, Inc.Electronic document tracking
US7984157B2 (en)*2002-02-262011-07-19Citrix Systems, Inc.Persistent and reliable session securely traversing network components using an encapsulating protocol
US7661129B2 (en)*2002-02-262010-02-09Citrix Systems, Inc.Secure traversal of network components
WO2003081440A1 (en)*2002-03-212003-10-02Snapp Robert FMethod and system for storing and retrieving data using hash-accessed multiple data stores
US7664731B2 (en)2002-03-212010-02-16United States Postal ServiceMethod and system for storing and retrieving data using hash-accessed multiple data stores
US8688461B1 (en)*2002-03-292014-04-01Fannie MaeElectronic registry for authenticating transferable records
JP4265145B2 (en)*2002-04-082009-05-20株式会社日立製作所 Access control method and system
US7614077B2 (en)*2002-04-102009-11-03International Business Machines CorporationPersistent access control of protected content
US7748045B2 (en)*2004-03-302010-06-29Michael Frederick KenrichMethod and system for providing cryptographic document retention with off-line access
US8613102B2 (en)*2004-03-302013-12-17Intellectual Ventures I LlcMethod and system for providing document retention using cryptography
US7089424B1 (en)*2002-05-102006-08-083Com CorporationPeripheral device for protecting data stored on host device and method and system using the same
FR2840708A1 (en)*2002-06-072003-12-12Netfinances ServicesSystem for secure data exchange in a computer network managing transfer of goods and financial counterflows between separate computerized sites, includes verification and creation of a certificate based on user identification
FR2841070B1 (en)*2002-06-172005-02-04Cryptolog INTERFACE METHOD AND DEVICE FOR PROTECTED EXCHANGING ONLINE CONTENT DATA
US20030237005A1 (en)*2002-06-212003-12-25Yuval Bar-OrMethod and system for protecting digital objects distributed over a network by electronic mail
US7159119B2 (en)*2002-09-062007-01-02United States Postal ServiceMethod and system for efficiently retrieving secured data by securely pre-processing provided access information
US7512810B1 (en)2002-09-112009-03-31Guardian Data Storage LlcMethod and system for protecting encrypted files transmitted over a network
US20040125402A1 (en)*2002-09-132004-07-01Yoichi KanaiDocument printing program, document protecting program, document protecting system, document printing apparatus for printing out a document based on security policy
JP2004164604A (en)*2002-10-112004-06-10Ricoh Co Ltd Electronic file management device and program, and file access control method
TWI303764B (en)*2002-10-252008-12-01Digital information protecting method and system
US7836310B1 (en)2002-11-012010-11-16Yevgeniy GutnikSecurity system that uses indirect password-based encryption
US7188245B2 (en)*2002-12-092007-03-06Kabushiki Kaisha ToshibaContents transmission/reception scheme with function for limiting recipients
US7367060B2 (en)2002-12-112008-04-29Ravi SomeshwarMethods and apparatus for secure document printing
US7577838B1 (en)2002-12-202009-08-18Alain RossmannHybrid systems for securing digital assets
US7890990B1 (en)2002-12-202011-02-15Klimenty VainsteinSecurity system with staging capabilities
US20040128259A1 (en)*2002-12-312004-07-01Blakeley Douglas BurnetteMethod for ensuring privacy in electronic transactions with session key blocks
US7509569B2 (en)*2003-03-312009-03-24Ricoh Co., Ltd.Action stickers for nested collections
US7703002B2 (en)*2003-03-312010-04-20Ricoh Company, Ltd.Method and apparatus for composing multimedia documents
US7536638B2 (en)*2003-03-312009-05-19Ricoh Co., Ltd.Action stickers for identifying and processing stored documents
US7739583B2 (en)2003-03-312010-06-15Ricoh Company, Ltd.Multimedia document sharing method and apparatus
US20070050696A1 (en)*2003-03-312007-03-01Piersol Kurt WPhysical key for accessing a securely stored digital document
US7757162B2 (en)*2003-03-312010-07-13Ricoh Co. Ltd.Document collection manipulation
US10275723B2 (en)*2005-09-142019-04-30Oracle International CorporationPolicy enforcement via attestations
US10063523B2 (en)*2005-09-142018-08-28Oracle International CorporationCrafted identities
US9781154B1 (en)2003-04-012017-10-03Oracle International CorporationSystems and methods for supporting information security and sub-system operational protocol conformance
US7493499B1 (en)2003-05-222009-02-17Copyright Clearance Center, Inc.Method and apparatus for secure delivery and rights management of digital content
WO2004107130A2 (en)*2003-05-282004-12-09Caymas Systems, Inc.Multilayer access control security system
US8707034B1 (en)2003-05-302014-04-22Intellectual Ventures I LlcMethod and system for using remote headers to secure electronic files
EP1629382A4 (en)*2003-06-022011-12-21Liquid Machines IncManaging data objects in dynamic, distributed and collaborative contexts
US20050021980A1 (en)*2003-06-232005-01-27Yoichi KanaiAccess control decision system, access control enforcing system, and security policy
US7730543B1 (en)2003-06-302010-06-01Satyajit NathMethod and system for enabling users of a group shared across multiple file security systems to access secured files
US8468330B1 (en)2003-06-302013-06-18Oracle International CorporationMethods, systems, and data structures for loading and authenticating a module
US7324648B1 (en)2003-07-082008-01-29Copyright Clearance Center, Inc.Method and apparatus for secure key delivery for decrypting bulk digital content files at an unsecure site
US7373330B1 (en)2003-07-082008-05-13Copyright Clearance Center, Inc.Method and apparatus for tracking and controlling e-mail forwarding of encrypted documents
US8006307B1 (en)2003-07-092011-08-23Imophaze Research Co., L.L.C.Method and apparatus for distributing secure digital content that can be indexed by third party search engines
US7299500B1 (en)*2003-07-172007-11-20Copyright Clearance Center, Inc.Method and apparatus for secure delivery and rights management of digital content at an unsecure site
US7555558B1 (en)2003-08-152009-06-30Michael Frederick KenrichMethod and system for fault-tolerant transfer of files across a network
US7380209B2 (en)*2003-09-022008-05-27International Business Machines CorporationManaging electronic documents utilizing a digital seal
US7434048B1 (en)2003-09-092008-10-07Adobe Systems IncorporatedControlling access to electronic documents
US20050069138A1 (en)*2003-09-252005-03-31Sun Microsystems, Inc., A Delaware CorporationApplication program obfuscation
US7363620B2 (en)*2003-09-252008-04-22Sun Microsystems, Inc.Non-linear execution of application program instructions for application program obfuscation
US7424620B2 (en)*2003-09-252008-09-09Sun Microsystems, Inc.Interleaved data and instruction streams for application program obfuscation
US7389273B2 (en)2003-09-252008-06-17Scott Andrew IrwinSystem and method for federated rights management
US8220058B2 (en)*2003-09-252012-07-10Oracle America, Inc.Rendering and encryption engine for application program obfuscation
US7415618B2 (en)*2003-09-252008-08-19Sun Microsystems, Inc.Permutation of opcode values for application program obfuscation
US7353499B2 (en)*2003-09-252008-04-01Sun Microsystems, Inc.Multiple instruction dispatch tables for application program obfuscation
US8127366B2 (en)2003-09-302012-02-28Guardian Data Storage, LlcMethod and apparatus for transitioning between states of security policies used to secure electronic documents
US7703140B2 (en)2003-09-302010-04-20Guardian Data Storage, LlcMethod and system for securing digital assets using process-driven security policies
US20050086531A1 (en)*2003-10-202005-04-21Pss Systems, Inc.Method and system for proxy approval of security changes for a file security system
US7346769B2 (en)*2003-10-232008-03-18International Business Machines CorporationMethod for selective encryption within documents
US7930757B2 (en)*2003-10-312011-04-19Adobe Systems IncorporatedOffline access in a document control system
US8108672B1 (en)2003-10-312012-01-31Adobe Systems IncorporatedTransparent authentication process integration
US20050108387A1 (en)*2003-10-312005-05-19Bingjun LiSystem and apparatus for a network management system using presence and instant message techniques
US8627489B2 (en)*2003-10-312014-01-07Adobe Systems IncorporatedDistributed document version control
US7978716B2 (en)2003-11-242011-07-12Citrix Systems, Inc.Systems and methods for providing a VPN solution
JP4070708B2 (en)*2003-11-142008-04-02株式会社リコー Security ensuring support program, server device for executing the program, and storage medium storing the program
JP4704010B2 (en)*2003-11-142011-06-15株式会社リコー Image forming apparatus, image forming system, security management apparatus, and security management method
JP2005151459A (en)*2003-11-192005-06-09Canon Inc Image processing system and image data processing method thereof
DE60321009D1 (en)*2003-11-192008-06-26Sony Deutschland Gmbh Copy protected digital data
US20050114672A1 (en)*2003-11-202005-05-26Encryptx CorporationData rights management of digital information in a portable software permission wrapper
JP4217146B2 (en)*2003-11-212009-01-28株式会社リコー Scanner device, viewer device, image protection method,
US20050138371A1 (en)*2003-12-192005-06-23Pss Systems, Inc.Method and system for distribution of notifications in file security systems
US7702909B2 (en)*2003-12-222010-04-20Klimenty VainsteinMethod and system for validating timestamps
EP1551146B1 (en)*2004-01-052011-08-24Ricoh Company, Ltd.Document security management for repeatedly reproduced hardcopy and electronic documents
US8583739B2 (en)2004-03-022013-11-12International Business Machines CorporationFacilitating the sending of mail from a restricted communications network
JP2005284985A (en)*2004-03-302005-10-13Ricoh Co Ltd Network-compatible device, maintenance method for maintaining network-compatible device, program, medium on which program is recorded, and maintenance system
US7426713B2 (en)*2004-03-312008-09-16International Business Machines CorporationControlling a GUI display for a plug-in
US9003548B2 (en)*2004-04-132015-04-07Nl Systems, LlcMethod and system for digital rights management of documents
US7484107B2 (en)*2004-04-152009-01-27International Business Machines CorporationMethod for selective encryption within documents
US7870386B2 (en)*2004-04-292011-01-11International Business Machines CorporationMethod for permanent decryption of selected sections of an encrypted document
WO2005119960A2 (en)*2004-06-012005-12-15Ben-Gurion University Of The Negev Research And Development AuthorityStructure preserving database encryption method and system
US20050289639A1 (en)*2004-06-232005-12-29Leung Wai KSystem and method of securing the management of documentation
US7757074B2 (en)2004-06-302010-07-13Citrix Application Networking, LlcSystem and method for establishing a virtual private network
US8739274B2 (en)2004-06-302014-05-27Citrix Systems, Inc.Method and device for performing integrated caching in a data communication network
US8495305B2 (en)2004-06-302013-07-23Citrix Systems, Inc.Method and device for performing caching of dynamically generated objects in a data communication network
US7707427B1 (en)2004-07-192010-04-27Michael Frederick KenrichMulti-level file digests
US7609721B2 (en)2004-07-232009-10-27Citrix Systems, Inc.Systems and methods for adjusting the maximum transmission unit for encrypted communications
US8363650B2 (en)2004-07-232013-01-29Citrix Systems, Inc.Method and systems for routing packets from a gateway to an endpoint
WO2006015182A2 (en)2004-07-292006-02-09Infoassure, Inc.Object access level
US7458102B2 (en)*2004-08-172008-11-25Emc CorporationInformation security architecture for remote access control using non-bidirectional protocols
JP2007026412A (en)*2004-08-252007-02-01Ricoh Co Ltd Maintenance intermediary device, maintenance method for maintenance target device, maintenance program, recording medium on which maintenance program is recorded, and maintenance system
US20060048224A1 (en)*2004-08-302006-03-02Encryptx CorporationMethod and apparatus for automatically detecting sensitive information, applying policies based on a structured taxonomy and dynamically enforcing and reporting on the protection of sensitive data through a software permission wrapper
US7707642B1 (en)2004-08-312010-04-27Adobe Systems IncorporatedDocument access auditing
US8099660B1 (en)2004-09-302012-01-17Google Inc.Tool for managing online content
US20060101028A1 (en)*2004-10-212006-05-11Banks Lanette EMethod and apparatus for efficient electronic document management
US20060117016A1 (en)*2004-10-212006-06-01International Business Machines CorporationMethod and apparatus for efficient electronic document management
EP1653349B1 (en)*2004-10-272008-07-09Sap AgMethod and system for generating a transport track through a software system landscape
EP1653317A1 (en)*2004-10-272006-05-03Sap AgMethod and system for setting change options of software systems
DE602004006630T2 (en)2004-10-272008-01-17Sap Ag Method for carrying out a software service in a system landscape
EP1653345B1 (en)*2004-10-272008-07-23Sap AgMethod and computer system for effecting software maintenance in a software system landscape
EP1653348A1 (en)*2004-10-272006-05-03Sap AgMethod for tracking transport requests and computer system with trackable transport requests
EP1653351B1 (en)*2004-10-272008-06-25Sap AgMethod and computer system for effecting changes in a software system landscape
ATE410729T1 (en)2004-10-272008-10-15Sap Ag COMPUTER SYSTEM AND METHOD FOR EFFECTING AN INTRODUCTORY SOFTWARE SERVICE IN A PRODUCTIVE SYSTEM OF A SOFTWARE SYSTEM LANDSCAPE
US7995758B1 (en)2004-11-302011-08-09Adobe Systems IncorporatedFamily of encryption keys
US20070168292A1 (en)*2004-12-212007-07-19Fabrice Jogand-CoulombMemory system with versatile content control
US8601283B2 (en)*2004-12-212013-12-03Sandisk Technologies Inc.Method for versatile content control with partitioning
US8504849B2 (en)*2004-12-212013-08-06Sandisk Technologies Inc.Method for versatile content control
TW200636554A (en)*2004-12-212006-10-16Sandisk CorpMemory ststem with versatile content control
US8051052B2 (en)*2004-12-212011-11-01Sandisk Technologies Inc.Method for creating control structure for versatile content control
US8954595B2 (en)2004-12-302015-02-10Citrix Systems, Inc.Systems and methods for providing client-side accelerated access to remote applications via TCP buffering
US8706877B2 (en)2004-12-302014-04-22Citrix Systems, Inc.Systems and methods for providing client-side dynamic redirection to bypass an intermediary
US8549149B2 (en)2004-12-302013-10-01Citrix Systems, Inc.Systems and methods for providing client-side accelerated access to remote applications via TCP multiplexing
US8700695B2 (en)2004-12-302014-04-15Citrix Systems, Inc.Systems and methods for providing client-side accelerated access to remote applications via TCP pooling
US7810089B2 (en)2004-12-302010-10-05Citrix Systems, Inc.Systems and methods for automatic installation and execution of a client-side acceleration program
US8255456B2 (en)2005-12-302012-08-28Citrix Systems, Inc.System and method for performing flash caching of dynamically generated objects in a data communication network
US7840564B2 (en)2005-02-162010-11-23EbrarySystem and method for automatic anthology creation using document aspects
WO2006109307A2 (en)*2005-04-132006-10-19Discretix Technologies Ltd.Method, device, and system of selectively accessing data
US7661146B2 (en)*2005-07-012010-02-09Privamed, Inc.Method and system for providing a secure multi-user portable database
US7433869B2 (en)2005-07-012008-10-07Ebrary, Inc.Method and apparatus for document clustering and document sketching
US7748031B2 (en)2005-07-082010-06-29Sandisk CorporationMass storage device with automated credentials loading
US8832047B2 (en)2005-07-272014-09-09Adobe Systems IncorporatedDistributed document version control
US9282081B2 (en)2005-07-282016-03-08Vaporstream IncorporatedReduced traceability electronic message system and method
US7610345B2 (en)2005-07-282009-10-27Vaporstream IncorporatedReduced traceability electronic message system and method
EP1924944A4 (en)*2005-09-122012-11-07Sand Box Technologies IncSystem and method for controlling distribution of electronic information
US8090945B2 (en)*2005-09-162012-01-03Tara Chand SinghalSystems and methods for multi-factor remote user authentication
US8239682B2 (en)2005-09-282012-08-07Nl Systems, LlcMethod and system for digital rights management of documents
US8250151B2 (en)*2005-10-122012-08-21Bloomberg Finance L.P.System and method for providing secure data transmission
US20070130289A1 (en)*2005-12-072007-06-07Christopher DefazioRemote access
US8456653B2 (en)*2005-12-122013-06-04Canon Kabushiki KaishaData processing apparatus for producing print job data whose authority is managed by external server, and image processing apparatus for printing a print job whose authority is managed by external server
TWI307593B (en)*2005-12-142009-03-11Chung Shan Inst Of ScienceSystem and method of protecting digital data
US8526666B1 (en)2005-12-152013-09-03Emc CorporationMethod and system for rendering watermarked content using a watermark window
US8321947B2 (en)*2005-12-152012-11-27Emc CorporationMethod and system for dynamically generating a watermarked document during a printing or display operation
US8312552B1 (en)2005-12-152012-11-13Emc CorporationMethod and system for rendering watermarked content
US7987494B1 (en)*2005-12-192011-07-26Adobe Systems IncorporatedMethod and apparatus providing end to end protection for a document
US10380568B1 (en)*2005-12-202019-08-13Emc CorporationAccessing rights-managed content from constrained connectivity devices
US20070143423A1 (en)*2005-12-212007-06-21Oliver KieselbachMethod and system for allowing a session initiating user to select one or more privacy settings to be applied to an instant messaging session from among multiple possible privacy controls
US8244745B2 (en)*2005-12-292012-08-14Nextlabs, Inc.Analyzing usage information of an information management system
US8150816B2 (en)*2005-12-292012-04-03Nextlabs, Inc.Techniques of optimizing policies in an information management system
US8301839B2 (en)2005-12-302012-10-30Citrix Systems, Inc.System and method for performing granular invalidation of cached dynamically generated objects in a data communication network
US7921184B2 (en)2005-12-302011-04-05Citrix Systems, Inc.System and method for performing flash crowd caching of dynamically generated objects in a data communication network
EP1999883A4 (en)*2006-03-142013-03-06Divx LlcFederated digital rights management scheme including trusted systems
US7552320B2 (en)*2006-03-312009-06-23Lenovo (Singapore) Pte. Ltd.Arrangement for initiating a re-imaging process for a computer system
US20070239998A1 (en)*2006-04-112007-10-11Medox Exchange, Inc.Dynamic binding of access and usage rights to computer-based resources
US20070261116A1 (en)*2006-04-132007-11-08Verisign, Inc.Method and apparatus to provide a user profile for use with a secure content service
US9288052B2 (en)*2006-04-132016-03-15Moreover Acquisition CorporationMethod and apparatus to provide an authoring tool to create content for a secure content service
US20070245230A1 (en)*2006-04-142007-10-18Cherkasov Aleksey GMethod, system, and computer-readable medium to uniformly render document annotations across multiple computer platforms
US8171523B2 (en)*2006-04-292012-05-01Lenovo (Singapore) Pte. Ltd.Embedded email receiver authentication
US20070283446A1 (en)*2006-06-052007-12-06Kabushiki Kaisha ToshibaSystem and method for secure handling of scanned documents
US7975143B2 (en)*2006-06-122011-07-05International Business Machines CorporationMethod, system, and program product for generating and validating digital signatures
US8572751B2 (en)*2006-06-122013-10-29International Business Machines CorporationMethod, system, and program product for preventing unauthorized changes to an electronic document
US7995568B2 (en)*2006-06-122011-08-09International Business Machines CorporationCapturing user interface switch states
US8855296B2 (en)2006-06-282014-10-07Voltage Security, Inc.Data processing systems with format-preserving encryption and decryption engines
US8639939B2 (en)*2006-07-072014-01-28Sandisk Technologies Inc.Control method using identity objects
US8245031B2 (en)*2006-07-072012-08-14Sandisk Technologies Inc.Content control method using certificate revocation lists
US20100138652A1 (en)*2006-07-072010-06-03Rotem SelaContent control method using certificate revocation lists
US8266711B2 (en)*2006-07-072012-09-11Sandisk Technologies Inc.Method for controlling information supplied from memory device
US8140843B2 (en)*2006-07-072012-03-20Sandisk Technologies Inc.Content control method using certificate chains
US8613103B2 (en)*2006-07-072013-12-17Sandisk Technologies Inc.Content control method using versatile control structure
US8776166B1 (en)*2006-07-172014-07-08Juniper Networks, Inc.Plug-in based policy evaluation
US20080043274A1 (en)*2006-08-162008-02-21Lida WangSecure printing system with privilege table referenced across different domains
US20080077704A1 (en)*2006-09-242008-03-27Void Communications, Inc.Variable Electronic Communication Ping Time System and Method
US8958562B2 (en)2007-01-162015-02-17Voltage Security, Inc.Format-preserving cryptographic systems
US20080201440A1 (en)*2007-02-152008-08-21Void Communications, Inc.Electronic Messaging Recordlessness Warning and Routing System and Method
KR100867130B1 (en)*2007-02-232008-11-06(주)코리아센터닷컴System and method of transmitting/receiving security data
WO2008103000A1 (en)*2007-02-232008-08-28Koreacenter Co., LtdSystem and method of transmitting/receiving security data
US8402278B2 (en)*2007-04-132013-03-19Ca, Inc.Method and system for protecting data
KR100932847B1 (en)*2007-06-262009-12-21엔에이치엔(주) Copy protection methods and systems
US8010779B2 (en)2007-09-192011-08-30Novell Inc.Techniques for secure network searching
US20090100060A1 (en)*2007-10-112009-04-16Noam LivnatDevice, system, and method of file-utilization management
US8997161B2 (en)2008-01-022015-03-31Sonic Ip, Inc.Application enhancement tracks
JP5356409B2 (en)*2008-01-212013-12-04テレフオンアクチーボラゲット エル エム エリクソン(パブル) Abstraction functions in mobile handsets
US8838554B2 (en)*2008-02-192014-09-16Bank Of America CorporationSystems and methods for providing content aware document analysis and modification
US11488134B2 (en)2008-05-022022-11-01Micro Focus LlcFormat-preserving cryptographic systems
US8099599B2 (en)*2008-08-292012-01-17Microsoft CorporationControlling access to data streams
US20100088364A1 (en)*2008-10-082010-04-08International Business Machines CorporationSocial networking architecture in which profile data hosting is provided by the profile owner
US20100127022A1 (en)*2008-11-212010-05-27Symyx Technologies, Inc.Dispensing valve
US9104618B2 (en)*2008-12-182015-08-11Sandisk Technologies Inc.Managing access to an address range in a storage device
JP4897782B2 (en)*2008-12-272012-03-14キヤノンマーケティングジャパン株式会社 Document management system, document management method, and program thereof
AU2010203605B2 (en)2009-01-072015-05-14Divx, LlcSingular, collective and automated creation of a media guide for online content
US9031876B2 (en)*2009-06-192015-05-12Hewlett-Packard Development Company, L.P.Managing keys for encrypted shared documents
US9542408B2 (en)2010-08-272017-01-10Pneuron Corp.Method and process for enabling distributing cache data sources for query processing and distributed disk caching of large data and analysis requests
SG178589A1 (en)*2009-08-282012-04-27Pneuron CorpSystem and method using neural networks for real-time business intelligence and automation control
US9311465B2 (en)*2009-09-212016-04-12James McNultySecure information storage and retrieval apparatus and method
US8781122B2 (en)2009-12-042014-07-15Sonic Ip, Inc.Elementary bitstream cryptographic material transport systems and methods
WO2011082489A1 (en)*2010-01-062011-07-14Vitrium Systems Inc.Method and system of providing a viewing experience with respect to a document having read-only content
GB201000288D0 (en)*2010-01-112010-02-24Scentrics Information SecuritySystem and method of enforcing a computer policy
US9104659B2 (en)*2010-01-202015-08-11Bank Of America CorporationSystems and methods for providing content aware document analysis and modification
US8539165B2 (en)2010-09-292013-09-17International Business Machines CorporationMethods for managing ownership of redundant data and systems thereof
US8612682B2 (en)2010-09-292013-12-17International Business Machines CorporationMethods for managing ownership of redundant data and systems thereof
US20120078931A1 (en)2010-09-292012-03-29International Business Machines CorporationMethods for managing ownership of redundant data and systems thereof
US8539154B2 (en)2010-09-292013-09-17International Business Machines CorporationMethods for managing ownership of redundant data and systems thereof
US8645636B2 (en)2010-09-292014-02-04International Business Machines CorporationMethods for managing ownership of redundant data and systems thereof
US9247312B2 (en)2011-01-052016-01-26Sonic Ip, Inc.Systems and methods for encoding source media in matroska container files for adaptive bitrate streaming using hypertext transfer protocol
US20120179904A1 (en)*2011-01-112012-07-12Safenet, Inc.Remote Pre-Boot Authentication
US9378379B1 (en)2011-01-192016-06-28Bank Of America CorporationMethod and apparatus for the protection of information in a device upon separation from a network
US8611544B1 (en)*2011-01-252013-12-17Adobe Systems IncorporatedSystems and methods for controlling electronic document use
US9137014B2 (en)2011-01-252015-09-15Adobe Systems IncorporatedSystems and methods for controlling electronic document use
EP2695050A4 (en)2011-04-072016-03-23Pneuron CorpLegacy application migration to real time, parallel performance cloud
US9467708B2 (en)2011-08-302016-10-11Sonic Ip, Inc.Selection of resolutions for seamless resolution switching of multimedia content
US8964977B2 (en)2011-09-012015-02-24Sonic Ip, Inc.Systems and methods for saving encoded media streamed using adaptive bitrate streaming
US8909922B2 (en)2011-09-012014-12-09Sonic Ip, Inc.Systems and methods for playing back alternative streams of protected content protected using common cryptographic information
US10630559B2 (en)2011-09-272020-04-21UST Global (Singapore) Pte. Ltd.Virtual machine (VM) realm integration and management
CA2855828C (en)*2011-11-142021-02-16Wave Systems Corp.Security systems and methods for encoding and decoding digital content
US10824698B2 (en)2011-11-292020-11-03CardlogixMultimode smart card system with embedded USB connectivity
US11132672B2 (en)*2011-11-292021-09-28CardlogixLayered security for age verification and transaction authorization
WO2013090555A1 (en)2011-12-132013-06-20Pneuron Corp.Pneuron distributed analytics
CN104662870B (en)*2012-09-102019-02-05云深系统有限公司data security management system
US9313510B2 (en)2012-12-312016-04-12Sonic Ip, Inc.Use of objective quality measures of streamed content to reduce streaming bandwidth
US9191457B2 (en)2012-12-312015-11-17Sonic Ip, Inc.Systems, methods, and media for controlling delivery of content
US11354623B2 (en)2013-02-152022-06-07Dav Acquisition Corp.Remotely diagnosing conditions and providing prescriptions using a multi-access health care provider portal
US9959385B2 (en)*2013-02-152018-05-01Davincian Healthcare, Inc.Messaging within a multi-access health care provider portal
US9906785B2 (en)2013-03-152018-02-27Sonic Ip, Inc.Systems, methods, and media for transcoding video data according to encoding parameters indicated by received metadata
US10397292B2 (en)2013-03-152019-08-27Divx, LlcSystems, methods, and media for delivery of content
US9058495B2 (en)2013-05-162015-06-16Airwatch LlcRights management services integration with mobile device management
US9094737B2 (en)2013-05-302015-07-28Sonic Ip, Inc.Network video streaming with trick play based on separate trick play files
US9247317B2 (en)2013-05-302016-01-26Sonic Ip, Inc.Content streaming with client device trick play index
US9967305B2 (en)2013-06-282018-05-08Divx, LlcSystems, methods, and media for streaming media content
US9866878B2 (en)2014-04-052018-01-09Sonic Ip, Inc.Systems and methods for encoding and playing back video at different frame rates using enhancement layers
US9129095B1 (en)*2014-12-192015-09-08Tresorit, KftClient-side encryption with DRM
GB2535183B (en)2015-02-112017-02-15Livedrive Internet LtdMethods and systems for virtual file storage and encryption
US10853502B1 (en)2015-03-042020-12-01Micro Focus LlcSystems and methods for reducing computational difficulty of cryptographic operations
US9954832B2 (en)2015-04-242018-04-24Encryptics, LlcSystem and method for enhanced data protection
GB201508872D0 (en)*2015-05-222015-07-01Exate Technology LtdEncryption and decryption system
US10083315B2 (en)*2015-06-292018-09-25Microsoft Technology Licensing, LlcPrivacy enhanced personal search index
US9674202B1 (en)2015-12-292017-06-06Imperva, Inc.Techniques for preventing large-scale data breaches utilizing differentiated protection layers
US9674201B1 (en)2015-12-292017-06-06Imperva, Inc.Unobtrusive protection for large-scale data breaches utilizing user-specific data object access budgets
US9596079B1 (en)2016-04-142017-03-14Wickr Inc.Secure telecommunications
WO2017189984A1 (en)*2016-04-282017-11-02Gilkey QuentinAudio watermarking system and processes
CN109496414B (en)*2016-07-282022-05-24皇家飞利浦有限公司Identifying a network node to which data is to be copied
US10498795B2 (en)2017-02-172019-12-03Divx, LlcSystems and methods for adaptive switching between multiple content delivery networks during adaptive bitrate streaming
US10749674B2 (en)2017-09-292020-08-18Micro Focus LlcFormat preserving encryption utilizing a key version
US11101999B2 (en)2017-11-082021-08-24Amazon Technologies, Inc.Two-way handshake for key establishment for secure communications
US10778432B2 (en)2017-11-082020-09-15Wickr Inc.End-to-end encryption during a secure communication session
US10855440B1 (en)2017-11-082020-12-01Wickr Inc.Generating new encryption keys during a secure communication session
US10541814B2 (en)2017-11-082020-01-21Wickr Inc.End-to-end encryption during a secure communication session
US11537724B2 (en)*2019-03-262022-12-27International Business Machines CorporationGenerating data migration plan for in-place encryption of data
EP4322470B1 (en)2022-08-082025-03-12Ostrean IT Technologies s.r.o.Data encryption system and method

Citations (47)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US4605820A (en)*1983-11-101986-08-12Visa U.S.A. Inc.Key management system for on-line communication
US4803108A (en)1987-05-011989-02-07Essex Specialty Products, Inc.Honeycomb reinforcing sheet for the reinforcement of panels and method of reinforcing panels
US4937863A (en)*1988-03-071990-06-26Digital Equipment CorporationSoftware licensing management system
US5058164A (en)*1990-05-031991-10-15National Semiconductor Corp.Encryption of streams of addressed information to be used for program code protection
US5098124A (en)1990-09-061992-03-24Automotive Technologies International Inc.Padding to reduce injuries in automobile accidents
US5263157A (en)*1990-02-151993-11-16International Business Machines CorporationMethod and system for providing user access control within a distributed data processing system by the exchange of access control profiles
US5349893A (en)1992-02-201994-09-27Dunn Eric SImpact absorbing armor
US5356177A (en)1993-06-251994-10-18Davidson Textron Inc.Side impact protection apparatus
US5410602A (en)*1993-09-271995-04-25Motorola, Inc.Method for key management of point-to-point communications
US5410598A (en)*1986-10-141995-04-25Electronic Publishing Resources, Inc.Database usage metering and protection system and method
US5432849A (en)*1990-08-221995-07-11International Business Machines CorporationSecure cryptographic operations using control vectors generated inside a cryptographic facility
US5438508A (en)*1991-06-281995-08-01Digital Equipment CorporationLicense document interchange format for license management system
US5440631A (en)*1992-04-241995-08-08Fijitsu LimitedInformation distribution system wherein storage medium storing ciphered information is distributed
US5509070A (en)*1992-12-151996-04-16Softlock Services Inc.Method for encouraging purchase of executable and non-executable software
US5586186A (en)*1994-07-151996-12-17Microsoft CorporationMethod and system for controlling unauthorized access to information distributed to users
US5604801A (en)*1995-02-031997-02-18International Business Machines CorporationPublic key data communications system under control of a portable security device
US5629980A (en)*1994-11-231997-05-13Xerox CorporationSystem for controlling the distribution and use of digital works
US5673316A (en)*1996-03-291997-09-30International Business Machines CorporationCreation and distribution of cryptographic envelope
US5689560A (en)*1994-04-251997-11-18International Business Machines CorporationMethod and apparatus for enabling trial period use of software products: method and apparatus for allowing a try-and-buy user interaction
US5708709A (en)*1995-12-081998-01-13Sun Microsystems, Inc.System and method for managing try-and-buy usage of application programs
US5727065A (en)*1994-11-141998-03-10Hughes ElectronicsDeferred billing, broadcast, electronic document distribution system and method
US5754646A (en)*1995-07-191998-05-19Cable Television Laboratories, Inc.Method for protecting publicly distributed software
US5765152A (en)*1995-10-131998-06-09Trustees Of Dartmouth CollegeSystem and method for managing copyrighted electronic media
US5796825A (en)*1996-01-161998-08-18Symantec CorporationSystem for automatic decryption of file data on a per-use basis and automatic re-encryption within context of multi-threaded operating system under which applications run in real-time
US5809145A (en)*1996-06-281998-09-15Paradata Systems Inc.System for distributing digital information
US5818936A (en)*1996-03-151998-10-06Novell, Inc.System and method for automically authenticating a user in a distributed network system
US5822524A (en)1995-07-211998-10-13Infovalue Computing, Inc.System for just-in-time retrieval of multimedia files over computer networks by transmitting data packets at transmission rate determined by frame size
US5883955A (en)*1995-06-071999-03-16Digital River, Inc.On-line try before you buy software distribution system
US5892900A (en)*1996-08-301999-04-06Intertrust Technologies Corp.Systems and methods for secure transaction management and electronic rights protection
US5933498A (en)*1996-01-111999-08-03Mrj, Inc.System for controlling access and distribution of digital property
US5956034A (en)*1996-08-131999-09-21Softbook Press, Inc.Method and apparatus for viewing electronic reading materials
US5978475A (en)*1997-07-181999-11-02Counterpane Internet Security, Inc.Event auditing system
US5997077A (en)1997-08-231999-12-07Volkswagen AgDeformable structure for protection of vehicle occupants
US6002772A (en)*1995-09-291999-12-14Mitsubishi CorporationData management system
US6064736A (en)1997-09-152000-05-16International Business Machines CorporationSystems, methods and computer program products that use an encrypted session for additional password verification
US6182220B1 (en)1998-03-302001-01-30International Business Machines CorporationSystem and method for building and exchanging encrypted passwords between a client and server
US6245408B1 (en)1999-05-192001-06-12Hexcel CorporationHoneycomb core with controlled crush properties
US6289450B1 (en)*1999-05-282001-09-11Authentica, Inc.Information security architecture for encrypting documents for remote access while maintaining access control
US6308256B1 (en)1999-08-182001-10-23Sun Microsystems, Inc.Secure execution of program instructions provided by network interactions with processor
US20010055396A1 (en)2000-02-242001-12-27David JevansMechanism for efficient private bulk messaging
US6401204B1 (en)*1996-06-052002-06-04Siemens AktiengesellschaftProcess for cryptographic code management between a first computer unit and a second computer unit
US6499106B1 (en)1999-01-152002-12-24Sony CorporationMethod and apparatus for secure distribution of information recorded of fixed media
US6547280B1 (en)1998-11-212003-04-15Cellbond LimitedEnergy-absorbing structures
US6658566B1 (en)*1997-03-132003-12-02Bull Cp8Process for storage and use of sensitive information in a security module and the associated security module
US6682128B2 (en)1998-02-042004-01-27Oakwood Energy Management, Inc.Composite energy absorber
US6711553B1 (en)2000-02-252004-03-23Kent Ridge Digital LabsMethod and apparatus for digital content copy protection
US6732106B2 (en)2000-12-082004-05-04Matsushita Electric Industrial Co., Ltd.Digital data distribution system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US5544161A (en)*1995-03-281996-08-06Bell Atlantic Network Services, Inc.ATM packet demultiplexer for use in full service network having distributed architecture
US5689565A (en)*1995-06-291997-11-18Microsoft CorporationCryptography system and method for providing cryptographic services for a computer application
US6134660A (en)*1997-06-302000-10-17Telcordia Technologies, Inc.Method for revoking computer backup files using cryptographic techniques

Patent Citations (49)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US4605820A (en)*1983-11-101986-08-12Visa U.S.A. Inc.Key management system for on-line communication
US5410598A (en)*1986-10-141995-04-25Electronic Publishing Resources, Inc.Database usage metering and protection system and method
US4803108A (en)1987-05-011989-02-07Essex Specialty Products, Inc.Honeycomb reinforcing sheet for the reinforcement of panels and method of reinforcing panels
US4937863A (en)*1988-03-071990-06-26Digital Equipment CorporationSoftware licensing management system
US5263157A (en)*1990-02-151993-11-16International Business Machines CorporationMethod and system for providing user access control within a distributed data processing system by the exchange of access control profiles
US5058164A (en)*1990-05-031991-10-15National Semiconductor Corp.Encryption of streams of addressed information to be used for program code protection
US5432849A (en)*1990-08-221995-07-11International Business Machines CorporationSecure cryptographic operations using control vectors generated inside a cryptographic facility
US5098124A (en)1990-09-061992-03-24Automotive Technologies International Inc.Padding to reduce injuries in automobile accidents
US5438508A (en)*1991-06-281995-08-01Digital Equipment CorporationLicense document interchange format for license management system
US5349893A (en)1992-02-201994-09-27Dunn Eric SImpact absorbing armor
US5440631A (en)*1992-04-241995-08-08Fijitsu LimitedInformation distribution system wherein storage medium storing ciphered information is distributed
US5509070A (en)*1992-12-151996-04-16Softlock Services Inc.Method for encouraging purchase of executable and non-executable software
US5356177A (en)1993-06-251994-10-18Davidson Textron Inc.Side impact protection apparatus
US5410602A (en)*1993-09-271995-04-25Motorola, Inc.Method for key management of point-to-point communications
US5689560A (en)*1994-04-251997-11-18International Business Machines CorporationMethod and apparatus for enabling trial period use of software products: method and apparatus for allowing a try-and-buy user interaction
US5586186A (en)*1994-07-151996-12-17Microsoft CorporationMethod and system for controlling unauthorized access to information distributed to users
US5727065A (en)*1994-11-141998-03-10Hughes ElectronicsDeferred billing, broadcast, electronic document distribution system and method
US5629980A (en)*1994-11-231997-05-13Xerox CorporationSystem for controlling the distribution and use of digital works
US5604801A (en)*1995-02-031997-02-18International Business Machines CorporationPublic key data communications system under control of a portable security device
US5883955A (en)*1995-06-071999-03-16Digital River, Inc.On-line try before you buy software distribution system
US5754646A (en)*1995-07-191998-05-19Cable Television Laboratories, Inc.Method for protecting publicly distributed software
US5822524A (en)1995-07-211998-10-13Infovalue Computing, Inc.System for just-in-time retrieval of multimedia files over computer networks by transmitting data packets at transmission rate determined by frame size
US6002772A (en)*1995-09-291999-12-14Mitsubishi CorporationData management system
US5765152A (en)*1995-10-131998-06-09Trustees Of Dartmouth CollegeSystem and method for managing copyrighted electronic media
US5708709A (en)*1995-12-081998-01-13Sun Microsystems, Inc.System and method for managing try-and-buy usage of application programs
US5933498A (en)*1996-01-111999-08-03Mrj, Inc.System for controlling access and distribution of digital property
US5796825A (en)*1996-01-161998-08-18Symantec CorporationSystem for automatic decryption of file data on a per-use basis and automatic re-encryption within context of multi-threaded operating system under which applications run in real-time
US5818936A (en)*1996-03-151998-10-06Novell, Inc.System and method for automically authenticating a user in a distributed network system
US5673316A (en)*1996-03-291997-09-30International Business Machines CorporationCreation and distribution of cryptographic envelope
US6401204B1 (en)*1996-06-052002-06-04Siemens AktiengesellschaftProcess for cryptographic code management between a first computer unit and a second computer unit
US5809145A (en)*1996-06-281998-09-15Paradata Systems Inc.System for distributing digital information
US5956034A (en)*1996-08-131999-09-21Softbook Press, Inc.Method and apparatus for viewing electronic reading materials
US5892900A (en)*1996-08-301999-04-06Intertrust Technologies Corp.Systems and methods for secure transaction management and electronic rights protection
US6658566B1 (en)*1997-03-132003-12-02Bull Cp8Process for storage and use of sensitive information in a security module and the associated security module
US5978475A (en)*1997-07-181999-11-02Counterpane Internet Security, Inc.Event auditing system
US5997077A (en)1997-08-231999-12-07Volkswagen AgDeformable structure for protection of vehicle occupants
US6064736A (en)1997-09-152000-05-16International Business Machines CorporationSystems, methods and computer program products that use an encrypted session for additional password verification
US6682128B2 (en)1998-02-042004-01-27Oakwood Energy Management, Inc.Composite energy absorber
US6182220B1 (en)1998-03-302001-01-30International Business Machines CorporationSystem and method for building and exchanging encrypted passwords between a client and server
US6547280B1 (en)1998-11-212003-04-15Cellbond LimitedEnergy-absorbing structures
US6499106B1 (en)1999-01-152002-12-24Sony CorporationMethod and apparatus for secure distribution of information recorded of fixed media
US6245408B1 (en)1999-05-192001-06-12Hexcel CorporationHoneycomb core with controlled crush properties
US6339825B2 (en)*1999-05-282002-01-15Authentica, Inc.Method of encrypting information for remote access while maintaining access control
US6449721B1 (en)*1999-05-282002-09-10Authentica Security Technologies, Inc.Method of encrypting information for remote access while maintaining access control
US6289450B1 (en)*1999-05-282001-09-11Authentica, Inc.Information security architecture for encrypting documents for remote access while maintaining access control
US6308256B1 (en)1999-08-182001-10-23Sun Microsystems, Inc.Secure execution of program instructions provided by network interactions with processor
US20010055396A1 (en)2000-02-242001-12-27David JevansMechanism for efficient private bulk messaging
US6711553B1 (en)2000-02-252004-03-23Kent Ridge Digital LabsMethod and apparatus for digital content copy protection
US6732106B2 (en)2000-12-082004-05-04Matsushita Electric Industrial Co., Ltd.Digital data distribution system

Cited By (17)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US20080107271A1 (en)*2006-11-032008-05-08Verizon Services Organization Inc.Systems and Methods for Document Control Using Public Key Encryption
US7916870B2 (en)*2006-11-032011-03-29Verizon Patent And Licensing Inc.Systems and methods for document control using public key encryption
US20110167266A1 (en)*2006-11-032011-07-07Verizon Patent And Licensing, Inc.Systems and methods for document control using public key encryption
US8681994B2 (en)*2006-11-032014-03-25Verizon Patent And Licensing Inc.Systems and methods for document control using public key encryption
US8170213B1 (en)*2007-12-272012-05-01Emc CorporationMethodology for coordinating centralized key management and encryption keys cached through proxied elements
US8555342B1 (en)2009-12-232013-10-08Emc CorporationProviding secure access to a set of credentials within a data security mechanism of a data storage system
US10607029B2 (en)2011-11-142020-03-31Esw Holdings, Inc.Security systems and methods for encoding and decoding content
US10552636B2 (en)*2011-11-142020-02-04Esw Holdings, Inc.Security systems and methods for encoding and decoding digital content
US20180268169A1 (en)*2011-11-142018-09-20Esw Holdings, Inc.Security Systems and Methods for Encoding and Decoding Digital Content
US20210383025A1 (en)*2011-11-142021-12-09Esw Holdings, Inc.Security Systems and Methods for Encoding and Decoding Content
US11244074B2 (en)*2011-11-142022-02-08Esw Holdings, Inc.Security systems and methods for social networking
US20220121780A1 (en)*2011-11-142022-04-21Esw Holdings, Inc.Security Systems and Methods for Social Networking
US11741264B2 (en)*2011-11-142023-08-29Esw Holdings, Inc.Security systems and methods for social networking
US11775686B2 (en)*2011-11-142023-10-03Esw Holdings, Inc.Security systems and methods for encoding and decoding content
US20230385452A1 (en)*2011-11-142023-11-30Esw Holdings, Inc.Security Systems and Methods for Encoding and Decoding Content
US20240020418A1 (en)*2011-11-142024-01-18Esw Holdings, Inc.Security Systems and Methods for Social Networking
US12333052B2 (en)*2011-11-142025-06-17Esw Holdings, Inc.Security systems and methods for social networking

Also Published As

Publication numberPublication date
US6339825B2 (en)2002-01-15
USRE44364E1 (en)2013-07-09
AU5280400A (en)2000-12-18
WO2000074299A1 (en)2000-12-07
US20020029340A1 (en)2002-03-07
US6449721B1 (en)2002-09-10
US6289450B1 (en)2001-09-11
US20010052074A1 (en)2001-12-13

Similar Documents

PublicationPublication DateTitle
USRE41186E1 (en)Method of encrypting information for remote access while maintaining access control
US6978376B2 (en)Information security architecture for encrypting documents for remote access while maintaining access control
US7458102B2 (en)Information security architecture for remote access control using non-bidirectional protocols
US7921450B1 (en)Security system using indirect key generation from access rules and methods therefor
US8006280B1 (en)Security system for generating keys from access rules in a decentralized manner and methods therefor
US9286484B2 (en)Method and system for providing document retention using cryptography
US10229279B2 (en)Methods and systems for providing access control to secured data
US8341406B2 (en)System and method for providing different levels of key security for controlling access to secured items
EP1320011B1 (en)Method and architecture for providing pervasive security to digital assets
US7748045B2 (en)Method and system for providing cryptographic document retention with off-line access
US10360545B2 (en)Method and apparatus for accessing secured electronic data off-line
KR100423797B1 (en)Method of protecting digital information and system thereof
EP1320012B1 (en)System and method for providing distributed access control to secured items
US20020046350A1 (en)Method and system for establishing an audit trail to protect objects distributed over a network
US20030051172A1 (en)Method and system for protecting digital objects distributed over a network
EP1323258A1 (en)System for protecting objects distributed over a network
US20030237005A1 (en)Method and system for protecting digital objects distributed over a network by electronic mail
JP3877388B2 (en) Information provision system

Legal Events

DateCodeTitleDescription
ASAssignment

Owner name:EMC CORPORATION, CALIFORNIA

Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:AUTHENTICA, INC.;REEL/FRAME:017821/0737

Effective date:20060227

Owner name:EMC CORPORATION,CALIFORNIA

Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:AUTHENTICA, INC.;REEL/FRAME:017821/0737

Effective date:20060227

FEPPFee payment procedure

Free format text:PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

ASAssignment

Owner name:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT, TEXAS

Free format text:SECURITY AGREEMENT;ASSIGNORS:ASAP SOFTWARE EXPRESS, INC.;AVENTAIL LLC;CREDANT TECHNOLOGIES, INC.;AND OTHERS;REEL/FRAME:040136/0001

Effective date:20160907

Owner name:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT, NORTH CAROLINA

Free format text:SECURITY AGREEMENT;ASSIGNORS:ASAP SOFTWARE EXPRESS, INC.;AVENTAIL LLC;CREDANT TECHNOLOGIES, INC.;AND OTHERS;REEL/FRAME:040134/0001

Effective date:20160907

Owner name:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLAT

Free format text:SECURITY AGREEMENT;ASSIGNORS:ASAP SOFTWARE EXPRESS, INC.;AVENTAIL LLC;CREDANT TECHNOLOGIES, INC.;AND OTHERS;REEL/FRAME:040134/0001

Effective date:20160907

Owner name:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., A

Free format text:SECURITY AGREEMENT;ASSIGNORS:ASAP SOFTWARE EXPRESS, INC.;AVENTAIL LLC;CREDANT TECHNOLOGIES, INC.;AND OTHERS;REEL/FRAME:040136/0001

Effective date:20160907

ASAssignment

Owner name:AUTHENTICA SECURITY TECHNOLOGIES, INC., MASSACHUSE

Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:PENSAK, DAVID A;CRISTY, JOHN J;SINGLES, STEVEN J;REEL/FRAME:039863/0152

Effective date:19990712

Owner name:AUTHENTICA, INC., MASSACHUSETTS

Free format text:CHANGE OF NAME;ASSIGNOR:AUTHENTICA SECURITY TECHNOLOGIES, INC.;REEL/FRAME:040164/0911

Effective date:19990721

ASAssignment

Owner name:AUTHENTICA, INC., MASSACHUSETTS

Free format text:CHANGE OF NAME;ASSIGNOR:AUTHENTICA SECURITY TECHNOLOGIES, INC.;REEL/FRAME:040337/0393

Effective date:19990729

ASAssignment

Owner name:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., T

Free format text:SECURITY AGREEMENT;ASSIGNORS:CREDANT TECHNOLOGIES, INC.;DELL INTERNATIONAL L.L.C.;DELL MARKETING L.P.;AND OTHERS;REEL/FRAME:049452/0223

Effective date:20190320

Owner name:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., TEXAS

Free format text:SECURITY AGREEMENT;ASSIGNORS:CREDANT TECHNOLOGIES, INC.;DELL INTERNATIONAL L.L.C.;DELL MARKETING L.P.;AND OTHERS;REEL/FRAME:049452/0223

Effective date:20190320

ASAssignment

Owner name:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., TEXAS

Free format text:SECURITY AGREEMENT;ASSIGNORS:CREDANT TECHNOLOGIES INC.;DELL INTERNATIONAL L.L.C.;DELL MARKETING L.P.;AND OTHERS;REEL/FRAME:053546/0001

Effective date:20200409

ASAssignment

Owner name:WYSE TECHNOLOGY L.L.C., CALIFORNIA

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

Owner name:SCALEIO LLC, MASSACHUSETTS

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

Owner name:MOZY, INC., WASHINGTON

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

Owner name:MAGINATICS LLC, CALIFORNIA

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

Owner name:FORCE10 NETWORKS, INC., CALIFORNIA

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

Owner name:EMC IP HOLDING COMPANY LLC, TEXAS

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

Owner name:EMC CORPORATION, MASSACHUSETTS

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

Owner name:DELL SYSTEMS CORPORATION, TEXAS

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

Owner name:DELL SOFTWARE INC., CALIFORNIA

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

Owner name:DELL PRODUCTS L.P., TEXAS

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

Owner name:DELL MARKETING L.P., TEXAS

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

Owner name:DELL INTERNATIONAL, L.L.C., TEXAS

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

Owner name:DELL USA L.P., TEXAS

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

Owner name:CREDANT TECHNOLOGIES, INC., TEXAS

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

Owner name:AVENTAIL LLC, CALIFORNIA

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

Owner name:ASAP SOFTWARE EXPRESS, INC., ILLINOIS

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date:20211101

ASAssignment

Owner name:SCALEIO LLC, MASSACHUSETTS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date:20220329

Owner name:EMC IP HOLDING COMPANY LLC (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MOZY, INC.), TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date:20220329

Owner name:EMC CORPORATION (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MAGINATICS LLC), MASSACHUSETTS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date:20220329

Owner name:DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO FORCE10 NETWORKS, INC. AND WYSE TECHNOLOGY L.L.C.), TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date:20220329

Owner name:DELL PRODUCTS L.P., TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date:20220329

Owner name:DELL INTERNATIONAL L.L.C., TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date:20220329

Owner name:DELL USA L.P., TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date:20220329

Owner name:DELL MARKETING L.P. (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO CREDANT TECHNOLOGIES, INC.), TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date:20220329

Owner name:DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO ASAP SOFTWARE EXPRESS, INC.), TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date:20220329

ASAssignment

Owner name:SCALEIO LLC, MASSACHUSETTS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date:20220329

Owner name:EMC IP HOLDING COMPANY LLC (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MOZY, INC.), TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date:20220329

Owner name:EMC CORPORATION (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MAGINATICS LLC), MASSACHUSETTS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date:20220329

Owner name:DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO FORCE10 NETWORKS, INC. AND WYSE TECHNOLOGY L.L.C.), TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date:20220329

Owner name:DELL PRODUCTS L.P., TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date:20220329

Owner name:DELL INTERNATIONAL L.L.C., TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date:20220329

Owner name:DELL USA L.P., TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date:20220329

Owner name:DELL MARKETING L.P. (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO CREDANT TECHNOLOGIES, INC.), TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date:20220329

Owner name:DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO ASAP SOFTWARE EXPRESS, INC.), TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date:20220329

ASAssignment

Owner name:DELL MARKETING L.P. (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO CREDANT TECHNOLOGIES, INC.), TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (053546/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:071642/0001

Effective date:20220329

Owner name:DELL INTERNATIONAL L.L.C., TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (053546/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:071642/0001

Effective date:20220329

Owner name:DELL PRODUCTS L.P., TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (053546/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:071642/0001

Effective date:20220329

Owner name:DELL USA L.P., TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (053546/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:071642/0001

Effective date:20220329

Owner name:EMC CORPORATION, MASSACHUSETTS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (053546/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:071642/0001

Effective date:20220329

Owner name:DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO FORCE10 NETWORKS, INC. AND WYSE TECHNOLOGY L.L.C.), TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (053546/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:071642/0001

Effective date:20220329

Owner name:EMC IP HOLDING COMPANY LLC, TEXAS

Free format text:RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (053546/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:071642/0001

Effective date:20220329
[8]ページ先頭
©2009-2025 Movatter.jp