Method and system for protecting electronic data in enterprise environment

Description

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to the area of protecting data in an enterprise environment, and more particularly, relates to method, apparatus, software products and systems for securing digital assets (e.g. electronic data) in an inter/intra enterprise environment.

2. Description of Related Art

The Internet is the fastest growing telecommunications medium in history. This growth and the easy access it affords have significantly enhanced the opportunity to use advanced information technology for both the public and private sectors. It provides unprecedented opportunities for interaction and data sharing among businesses and individuals. However, the advantages provided by the Internet come with a significantly greater element of risk to the confidentiality and integrity of information. The Internet is a widely open, public and international network of interconnected computers and electronic devices. Without proper security means, an unauthorized person or machine may intercept any information traveling across the Internet and even get access to proprietary information stored in computers that interconnect to the Internet, but are otherwise generally inaccessible by the public.

There are many efforts in progress aimed at protecting proprietary information traveling across the Internet and controlling access to computers carrying the proprietary information. Cryptography allows people to carry over the confidence found in the physical world to the electronic world, thus allowing people to do business electronically without worries of deceit and deception. Every day hundreds of thousands of people interact electronically, whether it is through e-mail, e-commerce (business conducted over the Internet), ATM machines, or cellular phones. The perpetual increase of information transmitted electronically has lead to an increased reliance on cryptography.

One of the ongoing efforts in protecting the proprietary information traveling across the Internet is to use one or more cryptographic techniques to secure a private communication session between two communicating computers on the Internet. The cryptographic techniques provide a way to transmit information across an insecure communication channel without disclosing the contents of the information to anyone eavesdropping on the communication channel. Using an encryption process in a cryptographic technique, one party can protect the contents of the data in transit from access by an unauthorized third party, yet the intended party can read the data using a corresponding decryption process.

A firewall is another security measure that protects the resources of a private network from users of other networks. However, it has been reported that many unauthorized accesses to proprietary information occur from the inside, as opposed to from the outside. An example of someone gaining unauthorized access from the inside is when restricted or proprietary information is accessed by someone within an organization who is not supposed to do so. Due to the open nature of the Internet, contractual information, customer data, executive communications, product specifications, and a host of other confidential and proprietary intellectual property remains available and vulnerable to improper access and usage by unauthorized users within or outside a supposedly protected perimeter.

A governmental report from General Accounting Office (GAO) details “significant and pervasive computer security weaknesses at seven organizations within the U.S. Department of Commerce, the widespread computer security weaknesses throughout the organizations have seriously jeopardized the integrity of some of the agency's most sensitive systems.” Further it states: using readily available software and common techniques, we demonstrated the ability to penetrate sensitive Commerce systems from both inside Commerce and remotely, such as through the Internet,” and “Individuals, both within and outside Commerce, could gain unauthorized access to these systems and read, copy, modify, and delete sensitive economic, financial, personnel, and confidential business data . . . ” The report further concludes “[i]ntruders could disrupt the operations of systems that are critical to the mission of the department.”

In fact, many businesses and organizations have been looking for effective ways to protect their proprietary information. Typically, businesses and organizations have deployed firewalls, Virtual Private Networks (VPNs), and Intrusion Detection Systems (IDS) to provide protection. Unfortunately, these various security means have been proven insufficient to reliably protect proprietary Information residing on private networks. For example, depending on passwords to access sensitive documents from within often causes security breaches when the password of a few characters long is leaked or detected. Therefore, there is a need to provide more effective ways to secure and protect digital assets at all times.

SUMMARY OF INVENTION

This section is for the purpose of summarizing some aspects of the present invention and to briefly introduce some preferred embodiments. Simplifications or omissions may be made to avoid obscuring the purpose of the section. Such simplifications or omissions are not intended to limit the scope of the present invention.

The present invention is related to processes, systems, architectures and software products for providing pervasive security to digital assets at all times and is particularly suitable in an inter/intra enterprise environment. In general, pervasive security means that digital assets are secured at all times and can only be accessed by authenticated users with appropriate access rights or privileges, wherein the digital assets may include, but not be limited to, various types of documents, multimedia files, data, executable code, images and texts. According to one aspect of the present invention, the digital assets are in a secured form that only those with granted access rights can access. Even with the proper access privilege, when a secured file is classified, at least a security clearance key is needed to ensure those who have the right security clearance can ultimately access the contents in the classified secured file.

In another aspect of the present invention, the format of the secured file is so designed that the security information stays with the file being secured at all times or at least readily retrievable. According to one embodiment, a secured file or secured document includes two parts: an attachment referred to as a header, and an encrypted document or data portion. The header includes security information that points to or Includes access rules, a protection key and a file key. The access rules facilitate restrictive access to the encrypted data portion and essentially determine who/how and/or when/where the secured document can be accessed. The file key is used to encrypt/decrypt the encrypted data portion and protected by the protection key. If the contents in the secured file are classified, the file key is jointly protected by the protection key as well as a security clearance key associated with a user attempting to access the secured file. As a result, only those who have the proper access privileges are permitted to obtain the protection key, jointly with the security clearance key, to retrieve the file key to encrypt the encrypted data portion.

In still another aspect of the present invention, the security clearance key is generated and assigned in accordance with a user's security access level. A security clearance key may range from most classified to non-classified. If a user has the need to access a secured file classified with a certain security or confidential level, a corresponding security clearance key with that security level is assigned therefor. In one embodiment, a security clearance key with a security level is so configured that the key can be used to access secured files classified at or lower than the security level. As a result, a user needs to have only one security clearance key. In still another aspect of the present invention, multiple auxiliary keys are provided when a corresponding security Clearance key is being requested. The security clearance key is the one being requested, generated in accordance with the determined security level and can be used to facilitate the access to a secured file classified at a corresponding security or confidentiality level. The auxiliary keys are those keys generated to facilitate access to secured files classified respectively less than the corresponding security or confidentiality level.

Depending on implementation and application, the present invention may be implemented or employed in a client machine and a server machine. Typically, if a user's access privilege (i.e., access rights) to a secured file is locally determined in a client machine, the present invention may be implemented as an executable module configured to operate locally, preferably, in an operating system running in the client machine. If a user's access right to a secured file is remotely determined in a server machine, the present invention may be implemented as an executable module configured to operate in the server machine as well as in the client machine.

Objects, features, and advantages of the present invention will become apparent upon examining the following detailed description of an embodiment thereof, taken in conjunction with the attached drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

These and other features, aspects, and advantages of the present invention will become better understood with regard to the following description, appended claims, and accompanying drawings where:

FIG. 1 shows a diagram of securing a created document according to one exemplary secured file form used in the present invention;

FIG. 2A shows a diagram of what is referred to herein as a two-pronged access scheme according to one embodiment of the present invention;

FIG. 2B shows a flowchart of a process for granting a proper security clearance level (i.e., a clearance key) according to one embodiment of the present invention;

FIG. 2C shows a diagram of generating a clearance key according to one embodiment of the present invention;

FIG. 2D shows a diagram of generating a clearance key according to another embodiment of the present invention;

FIG. 3A illustrates, an exemplary structure of a secured file including a header and an encrypted data, portion;

FIG. 3B shows an exemplary header structure of a secured file according to one embodiment of the present invention;

FIG. 4 shows a flowchart of a process for accessing a secured document according to one embodiment of the present invention and may be understood in conjunction with FIG. 3A and FIG. 3B;

FIG. 5 shows a flowchart of a process for securing a file or document being created according to one embodiment of the present invention; and

FIG. 6 shows an exemplary implementation of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

The present invention pertains to a process, a system, a method and a software product for securing electronic data or digital assets. According to one aspect of the present invention, secured files may be classified in several hierarchical security levels. To access the secured classified files, in addition to a user key, a user is assigned a clearance key that is based on at least two complementary concepts, “Need to Know” and “Sensitivity level” of the information in a secured classified file. According to another aspect of the present invention, the digital assets are in a form that includes two parts, one being an encrypted data portion and the other being a header including security information controlling restrictive access to the encrypted data portion. The security information employs access rules together with various cipher keys to ensure that only those with proper access privilege or rights can access the encrypted data portion.

There are numerous advantageous, benefits, and features in the present invention. One of them is the mechanism contemplated herein capable of providing pervasive security to digital assets sought to be protected at all times. Another one is that the digital assets are presented in such a way that only those with proper access privilege as well as sufficient security clearance level can access information in the digital assets. Other advantageous, benefits, and features in the present invention can be readily appreciated by those skilled in the art from the detailed description of the invention provided herein.

In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. However, it will become obvious to those skilled in the art that the present invention may be practiced without these specific details. The description and representation herein are the common means used by those experienced or skilled in the art to most effectively convey the substance of their work to others skilled in the art. In other instances, well-known methods, procedures, components, and circuitry have not been described in detail to avoid unnecessarily obscuring aspects of the present invention.

Reference herein to “one embodiment” or “an embodiment” means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the invention. The appearances of the phrase “in one embodiment” in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. Further, the order of blocks in process flowcharts or diagrams representing one or more embodiments of the invention do not inherently indicate any particular order nor imply any limitations in the invention.

Embodiments of the present invention are discussed herein with reference to FIGS. 1-6. However, those skilled in the art will readily appreciate that the detailed description given herein with respect to these figures is for explanatory purposes as the invention extends beyond these limited embodiments.

Generally, a content created by a creator for the purpose of an entity is an intellectual property belonging to the creator or the entity. In an enterprise, any kind of information or intellectual property can be content, though it is commonly referred to as “information” instead of “content”. In either case, content or information is independent of its format, it may be in a printout or an electronic document. As used herein, content or information exists in a type of electronic data that is also referred to as a digital asset. A representation of the electronic data may include, but not be limited to, various types of documents, multimedia files, streaming data, dynamic or static data, executable code, images and texts.

To prevent contents in electronic data from an unauthorized access, the electronic data is typically stored in a form that is as close to impossible as possible to read without a priori knowledge. Its purpose is to ensure privacy by keeping the content hidden from anyone for whom it is not intended, even those who have access to the electronic data. Example of a priori knowledge may include, but not be limited to, a password, a secret phrase, biometric information or one or more keys.

FIG. 1 shows an illustration diagram of securing a created document 100 according to one embodiment of the present invention. One of the purposes of creating a secured file 108 is to ensure that the contents in the document 100 can be only accessed by or revealed to an authorized user with proper access privilege. As used herein, the user may mean a human user, a software agent, a group of users or a member thereof, a device and/or application(s). Besides a human user who needs to access a secured document, a software application or agent sometimes needs to access the secured document in order to proceed forward. Accordingly, unless specifically stated, the “user” as used herein does not necessarily pertain to a human being.

After the document 100 is created, edited or opened with an application or authoring tool (e.g., Microsoft WORD), upon an activation of a command, such as “Save,” “Save As” or “Close”, or automatic saving invoked by an operating system, the application itself, or an approved application, the created document 100 is caused to undergo a securing process 101. The securing process 101 starts with an encryption process 102, namely the document 100 that has been created or is being written into a store is encrypted by a cipher (e.g., an encryption process) with a file key (i.e., a cipher key). In other words, the encrypted data portion 112 could not be opened without the file key. For the purpose of controlling the access to the contents in the document 100 or the resultant secured file 108, the file key or keys may be the same or different keys for encryption and decryption and are included as part of security information contained in or pointed to by a header 106. The file key or keys, once obtained, can be used to decrypt the encrypted data portion 112 to reveal the contents therein.

To ensure that only authorized users or members of an authorized group can access the secured file 108, a set of access rules 104 for the document 100 is received or created and associated with the header 106. In general, the access rules 104 determine or regulate who and/or how the document 100, once secured, can be accessed. In some cases, the access rules 104 also determine or regulate when or where the document 100 can be accessed. In addition, security clearance information 107 is added to the header 106 if the secured file 108 is classified. In general, the security clearance information 107 is used to determine a level of access privilege or security level of a user who is attempting to access the contents in the secured file 108. For example, a secured file may be classified as “Top secret”, “Secret”, “Confidential”, and “Unclassified”. Accordingly, access to the contents in a secured file classified as “top secret” requires more than just the file key, while the access to the same in a secured file classified as “unclassified” requires no more than the me key.

According to one embodiment, the security clearance information 107 includes another layer of encryption of the file key with another key referred to herein as a clearance key. An authorized user must have a clearance key of proper security level in addition to an authenticated user key and proper access privilege to retrieve the file key. As used herein, a user key or a group key is a cipher key assigned to an authenticated user and may be used to access a secured file or secure a file, or create a secured file. The detail of obtaining such a user key upon a user being authenticated is provided in U.S. patent application Ser. No. 10/074,804.

According to another embodiment, the security clearance information 107 includes a set of special access rules to guard the file key. The retrieval of the file key requires that the user passes an access rule measurement. Since access privilege of a user may be controlled via one or more system parameters (e.g., a policy), the access rule measurement can determine if the user has sufficient access privilege to retrieve the file key in conjunction with the corresponding user key. With the detailed description to follow, those skilled in the art can appreciate that other forms of the security clearance information 107 may be possible. Unless otherwise specified, the following description is based on the security clearance information 107 being another layer of encryption with one or more clearance keys.

In accordance with the security clearance information 107, a user may be assigned a hierarchical security clearance level based on, perhaps, a level of trust assigned to the user. A level of trust implies that one user may be more trusted than another and hence the more trusted user may access more classified files. Depending on implementation, a level of trust may be based on job responsibility of the user or a role of the user in a project or an organization background checks, psychological profiles, length of service, etc. In any case, a level of trust assigned to the user augments additional aspect to the access privilege of the user such that the user must have proper security clearance to access a classified secured file even if the user is permitted by the access rules to access the file.

As will be further described in detail below, unless the level of security clearance of the user permits, a secured classified file (i.e., the file that is both secured and classified) may not be accessed even if the user has an authenticated user (or group) key and permitted by the access rules in the secured classified file. In one embodiment, the level of security clearance of the user is determined by one or more clearance keys assigned thereto. In general, a clearance key permits a user to access a secured file classified as “top secret”, the same clearance key may permit the user to access all secured files classified less secure, such as “confidential”, where it has been assumed that the user has proper access privilege to be granted by the access rules in the file.

In general, a header is a file structure, preferably small in size, and includes, or perhaps links to, security information about a resultant secured document. Depending on an exact implementation, the security information can be entirely included in a header or pointed to by a pointer that is included in the header. According to one embodiment, the access rules 104, as part of the security information, are included in the header 106. The security information further includes the file key and/or one or more clearance keys, in some cases, an off-line access permit (e.g. in the access rules) should such access be requested by an authorized user. The security information is then encrypted by a cipher (i.e., an en/decryption scheme) with a user key associated with an authorized user to produce encrypted security information 110. The encrypted header 106, if no other information is added thereto, is attached to or integrated with the encrypted data portion 112 to generate the resultant secured file 108. In a preferred embodiment, the header is placed at the beginning of the encrypted document (data portion) to facilitate an early detection of the secured nature of a secured file. One of the advantages of such placement is to enable an access application (i.e., an authoring or viewing tool) to immediately activate a document securing module (to be described where it deems appropriate) to decrypt the header if permitted. Nevertheless, there is no restriction as to where the encrypted header 106 is integrated with the encrypted data portion 112.

It is understood that a cipher may be implemented based on one of many available encryption/decryption schemes. Encryption and decryption generally require the use of some secret information, referred to as a key. For some encryption mechanisms, the same key is used for both encryption and decryption; for other mechanisms, the keys used for encryption and decryption are different. In any case, data can be encrypted with a key according to a predetermined cipher (i.e., encryption/decryption) scheme. Examples of such schemes may include, but not be limited to, Data Encryption Standard algorithm (DES), Blowfish block cipher and Twofish cipher. Therefore, the operations of the present invention are not limited to a choice of those commonly-used encryption/decryption schemes. Any cipher scheme that is effective and reliable may be used. Hence, the details of a particular scheme are not further discussed herein so as to avoid obscuring aspects of the present invention.

In essence, the secured document 108 includes two parts) the encrypted data portion 112 (i.e., encrypted version of the document itself) and the header 110 that may point to or include encrypted security information for the secured document 108. To access the contents in the encrypted data portion 112, one needs to obtain the file key to decrypt the encrypted data portion 112. To obtain the file key, one needs to be authenticated to get a user or group key and pass an access test in which at least the access rules in the security information are measured against the user's access privilege (i.e., access rights). If the secured file is classified, it further requires a security level clearance on the user. In general, the security clearance level of the user must be high enough before the file key can be retrieved.

FIG. 2A shows a diagram 200 of what is referred to herein as a two-pronged access scheme according to one embodiment of the present invention. To access a secured file 201, a user needs to have access privilege based on a condition of “need to know” 202 that is to be measured against by the access rules 204 embedded in the secured file 201. If the secured file 201 is classified, the user must also have a higher security clearance level 206 that is measured against by the security clearance information 208 (e.g., one or more clearance keys. In other words, there are at least two key holes 210 that must be “inserted” with two proper keys before the secured classified file can be accessed.

FIG. 2B shows a flowchart 220 of process for granting a proper security clearance level (i.e., a clearance key) according to one embodiment of the present invention. The process 220 can be initiated with a request for a clearance key. Depending on implementation, the process 220 may be implemented in a machine (e.g., a central server, a local server or a client machine) that provides access control management to all secured files, perhaps, in an inter/intra enterprise environment, or a combination of a local client machine used by users and the machine.

At 222, the process 220 awaits a request for a clearance key. It is described that a secured file can be classified or unclassified. When it is determined that a user needs to access a secured file that is classified, such request is provided to activate the process 220. In general, the request pertains to a specific user or some members in a group. At 224, a corresponding account for the user is retrieved, provided there is the account for the user. If the account is not available, then the account shall be opened accordingly. Alternatively, the process 220 may be part of the process of opening an appropriate account for a user who has the need to-know basis to access secured files at certain security or confidential level(s). Depending on implementations the corresponding account information may include a username or identifier, membership information, designated access privilege, and a corresponding user key (which sometimes is a pair of a private key and a public key). At 226, a security level for the user is determined, which is usually done by the necessity. For example, an executive of an enterprise may be assigned the highest security clearance level and a front desk receptionist may be assigned the lowest security clearance level. Once the security level is determined, a clearance key is generated at 228.

Referring now to FIG. 2C there is shown a diagram of generating a clearance key according to one embodiment of the present invention. A key generator 244 receives one or more parameters 242 controlling the security level determined at 226 of FIG. 2B to generate a sequence of alphanumeric or binary numbers as a key. Whether using a secret-key cryptosystem or a public-key cryptosystem, one needs a good source of random numbers for key generation. The main features of a good source are that it produces numbers that are unknown and unpredictable by potential adversaries. There are many ways to generate such numbers, for example, random numbers can be obtained from a physical process. Another approach is to use a pseudo-random number generator fed by a random seed. In any case, depending on the input 242, the generator 244 is configured to generate a clearance key of proper security level 1n one embodiment, the key generator 244 generates keys 246 of different lengths, each of the keys 246 corresponds to a security level 236. In another embodiment, the keys 246 generated by the key generator 244 is embedded with a signature signifying a security level. Other methods of specifying a security level of a clearance key are possible. Although it is possible to implement in such a way that each clearance key with a certain security level can only access secured files classified in the same security level, it is preferable to permit a clearance key with a higher security level to access secured files classified in the lower security levels. In other words, a clearance key in level 1 (i.e., the highest security level primarily designated to secured files classified as “top secret”) can be used to access all secured classified files 248, while a clearance key in level 2 can be used to access all secured classified files 248 except for those classified as “top secret”. Likewise, a clearance key in level N can be only used to access secured files in security level N. One of the advantages for such arrangement is that a user needs only to have one clearance key, if the user has the need to access those secured classified files.

FIG. 2D shows a diagram of generating a clearance key according to another embodiment of the present invention. The key generator 244 receives one or more parameters 242 controlling the security level determined at 226 of FIG. 2B to generate a number of sets of alphanumeric or binary numbers as a primary key 246 and auxiliary keys 247. The primary key 246 is the one being requested, generated in accordance with the determined security level and can be used to facilitate the access to a secured file classified at a security or confidentiality level. The auxiliary keys 247 are those keys generated to facilitate the access to secured files classified less than the security or confidentiality level. As shown in the figure, it is assumed that the primary key 246 is for accessing a secured file classified at level 2. Accordingly, the auxiliary keys 247 can be respectively used to access secured files classified level 3, level 4, . . . to level N, all less than level 2 in terms of security or confidentiality. To facilitate the description of the present invention, the following description is based on FIG. 2C.

Returning to FIG. 2B, after a proper clearance key is generated at 228, the clearance key is associated with the account at 230 so that the user will use the correct key to access a secured file that requires a clearance key. The process 220 now awaits any call for the clearance key at 232. Depending on implementation, the clearance key may be stored locally or remotely and retrievable only when there is a need for it to access a classified secured file. When a non-secured classified file is accessed, the clearance key is not needed and therefore will not be released to or activated for the user. When a secured classified file is accessed, the process 220 goes to 234, wherein the clearance key is released to the user to facilitate the retrieval of the file key in the secured file.

FIG. 3A illustrates an exemplary structure of a secured file 300 including a header 302 and an encrypted data portion 304. Depending on implementation, the header 302 may or may not include a flag or signature 306. In one case, the signature 306 is used to facilitate the detection of the security nature of a secured file among other files. The header 302 includes a file key block 308, a key block 310 and a rule block 312. The file key block 308 includes a file key 309 that is encrypted by a cipher with a protection key 320 (i.e., a doc-key key sometimes) and further with the clearance key 322 associated with a user who attempts to access the secured file 300. Alternatively, the file 309 is encrypted with the clearance key 322 and then the protection key 320. The protection key 320 is encrypted and stored in the key block 310. In general, the key block 310 has an encrypted version of the protection key 320 and can be only accessible by designated user(s) or group(s). There may be more than one key blocks in a header, wherein three key blocks are shown in FIG. 3A. To recover or retrieve the protection key 320, a designated user must have proper access privilege to pass an access rule test with the embedded access rules in the rule block 312.

All access rules are encrypted with a user key (e.g., a public user key) and stored in the rule block 312. A user attempting to access the secured file uses must have a proper user key (e.g., a private user key) to decrypt the access rules in the rule block 312. The access rules are then applied to measure the access privilege of the user. If the user is permitted to access the secured file in view of the access rules, the protection key 320 in the key block 310 is retrieved to retrieve the file key 309 so as to access the encrypted data portion 304. However, when it is detected that the secured file is classified, which means that the file key cannot be retrieved with only the protection key, the user must possess a clearance key. Only does the user have the clearance key, together with the retrieved protection key 320, the file key 309 may be retrieved to proceed with the decryption of the encrypted data portion 304.

According to one embodiment, the encrypted data portion 304 is produced by encrypting a file that is non-secured. For example, a non-secured document can be created by an authoring tool (e.g., Microsoft Word). The non-secured document is encrypted by a cipher with the file key. The encryption information and the file key are then stored in the security information.

According to another embodiment, the non-secured document (data) is encrypted using the following aspects, a strong encryption using a CBC mode, a fast random access to the encrypted data, and an integrity check. To this end, the data is encrypted in blocks. The size of each block may be a predetermined number or specific to the document. For example, the predetermined number may be a multiple of an actual encryption block size used in an encryption scheme. One of the examples is a block cipher (i.e., a type of symmetric-key encryption algorithm that transforms a fixed-length block of plaintext (unencrypted text) data into a block of ciphertext (encrypted text) data of the same length. This transformation takes place under the action of a cipher key (i.e., a file key). Decryption is performed by applying the reverse transformation to the ciphertext block using another cipher key or the same cipher key used for encryption. The fixed length is called the block size, such as 64 bits or 128. Each block is encrypted using a CBC mode. A unique initiation vector (IV) is generated for each block.

Other encryption of the non-secured data can be designed in view of the description herein. In any case, the encryption information and the file key are then stored in the security information. One of the important features in the present invention is that the integration of a header and the encrypted data portion will not alter the original meaning of the data that is otherwise not secured. In other words, a designated application may still be activated when a secured the is selected or “clicked”. For example, a document “xyz.doc”, when selected, will activate an authoring tool, Microsoft Word, commonly seen in a client machine. After the document “xyz.doc” is secured in accordance with the present invention, the resultant secured file is made to appear the same, “xyz.doc” that still can activate the same authorizing tool, except now the secured file must go through a process to verify that a user is authenticated, the user has the proper access privilege and sufficient security clearance.

Another one of the important features in the present invention is the use of the protection key. With the protection key, the file key can be updated without having to modify the key blocks. For example, the file key in the file key block 308 can be updated without having to modify the key-blocks. This feature helps improve security of the secured files and make file copy operations work faster.

FIG. 3B shows an exemplary header structure 350 of a secured file according to one embodiment of the present invention. In general, a header of a secured file is a point of entry to the secured file. The header structure 350 includes various security information to ensure that only an authorized user with sufficient access privilege can access the encrypted data in the secured file. The security information is cryptographically protected or secured. In one embodiment, a good part of the header or the security information therein is protected by a Message Authentication Code (MAC) that can detect any tempering with the header by an unauthorized user without a valid decryption key or CRC 316 of FIG. 3A.

The header structure 350 is preferably structured in a descriptive language such as a markup language. Examples of such a markup language include HTML, WML, and SGML. In a preferred embodiment, the markup language is Extensible Access Control Markup Language (XACML) that is essentially an XML specification for expressing policies for information access. In general, XACML can address fine grained control of authorized activities, the effect of characteristics of the access requestor, the protocol over which the request is made, authorization based on classes of activities, and content introspection (i.e., authorization based on both the requestor and attribute values within the target where the values of the attributes may not be known to the policy writer). In addition, XACML can suggest a policy authorization model to guide implementers of the authorization mechanism.

One portion in the header structure 350 is referred to as a key block list 352 that may contain one or more key blocks. A key block 354 contains an encrypted protection key that is sometimes referred to as document/file-encryption-key key, namely a key to the file key. To ensure that the protection key is indeed protected, it is encrypted and can only be retrieved by a designated entity. For example, a secured file is created by a member of engineering group and permitted for full access by every member in the engineering group. The same secured file meanwhile is also permitted for limited access (e.g., only read and print) by every member in the marketing group. Accordingly, the key block list 352 may include two key blocks, one for the engineering group and the other for the marketing group. In other words, each of the two key blocks has an encrypted protection key that can be only accessed by a member of the corresponding group (via a group or individual private key).

The key block version value 356 provides necessary details of the encryption algorithm used to protect the protection key 340. In one embodiment, the RSA-OAEP (RSA—Optimal Asymmetric Encryption Padding) which is a public-key encryption scheme combining the RSA algorithm with the OAEP method is used. In particular, the druid of the key pair 358 identifies a certificate and a private key (the details thereof are not shown) that are used to decrypt this value. In addition, attributes of the key pair, such as whether the key is 1024 or 2048 bits long, are also included to facilitate the protection of the protection key 340.

The block 342 of the header structure 350 includes at least three segments 344, 346 and 348. The segment 344 includes an encrypted file key that must be retrieved in clear to decrypt the encrypted data portion. The segment 346 includes security level information to indicate what security level the secured file is at, for example, “top secret”, “secret”, “confidential” or “unclassified” or “none”. The segment 348 includes information about the size of the encryption block for the encrypted data portion in the secured file. According to one embodiment, this is a multiple of the algorithm encryption block size. The encrypted data portion is created by an encryption with a symmetric key that is called the document/file-encryption-key or file key herein.

There is another portion 360 of the header structure 350 that is encrypted by a user or group key. The portion 360 (the details thereof are not shown) contains essentially the access rules embedded with the secured file to govern who/where the secured file can be accessed. Various conditions of accessing the file can be placed or realized in the access rules. Additional details of the access rules can be references in U.S. patent application Ser. No. 10/074,804.

The above description is based on one embodiment in which the access rules are encrypted with a user's public key. Those skilled in the art can appreciate that the access rules may be also encrypted with a file encryption key (i.e., the file key) or the protection key. In this case, the protection key is encrypted with a user's public key or together with a clearance key associated with the user if a subject secured file is secured. Now instead of retrieving the protection key after the access rules are successfully measured against access privilege of the user attempting to access a secured file, the protection key is retrieved first with a user's private key. The protection key can be used to retrieve the access rules that are subsequently used to measure against the access privilege of the user if the protection key was used to encrypt the access rules. If the user is permitted to access the contents in the file, the file key is then retrieved with the protection key (or together with the clearance key). Alternatively, right after the protection key is retrieved, the protection key (or together with the clearance key) is used to retrieve the file key. The file key is then to retrieve the access rules that are subsequently used to measure against the access privilege of the user. In any case, if the user is determined that the user has sufficient access privilege in view of all access policies, if there are any, the retrieved file key can be used to continue the description of the encrypted data portion.

FIG. 4 there is shown a flowchart of process 400 for accessing a secured document according to one embodiment of the present invention and may be understood in conjunction with FIG. 3A or FIG. 3B. The process 400 may be implemented in an executable module (e.g., document securing module) that can be activated when a user intends to access a secured document for example, a user is using a client machine running a Microsoft Windows operating system to access a secured document stored in a folder, a local, or remote store. By activating a Window Explorer or Internet Explorer, the user may display a list of files, some are non-secured and others are secured. Among the secured files, some of them are classified and secured in the manner in accordance with FIG. 3A. Within the display of the list of tiles, a desired one can be selected. Alternatively, a desired file may be selected from an application, for example, using “open” command under File of Microsoft Word application.

In any case, at 402, such desired document is identified to be accessed. Before proceeding with the selected document, the process 400 needs to determine whether the selected file is secured or non-secured. At 404, the selected document is examined. In general, there are at least two ways to examine the secure nature of the selected document. A first possible way is to look for a flag or signature at the beginning of the document As described above, in some secured documents, a flag, such as a set of predetermined data, is placed in the header of a secured document to indicate that the document being accessed is secured. If no such flag is found, the process 400 goes to 420, namely, the selected documented is assumed non-secured and thus allowed to pass and load to a selected application or place desired by the user. A second possible way is to look for a header in a selected document. Being a secured document, there is a header attached to an encrypted data portion. The data format of the header shall be irregular in comparison with the selected document if it is non-secured. If it is determined that the selected document has no irregular data format as required by a selected application, the process 400 goes to 420, namely, the selected document is assumed to be non-secured and thus allowed to pass and load to a selected application or place desired by the user.

Now if it is determined at 404 that the selected document is indeed secured, the process 400 goes to 406, wherein the user and/or the client machine being used by the user are checked to determine if the user and/or the client machine are authenticated. The details of the user authenticating himself/herself/itself may be provided in U.S. patent application Ser. No. 10/074,804. In the case that the user and/or the client machine are not authenticated, the process 400 goes to 418 that may display an appropriate error message to the user. It is now assumed that the user and/or the client machine are authenticated, the header or security information therein is decrypted with the authenticated user key.

At 408, the access rules in the decrypted security information are retrieved. As described above, there may be sets of access rules, each set designated for a particular user or members of a particular group. With the authenticated user key and/or a corresponding user identifier, a corresponding set of access rules is retrieved. At 410, the retrieved access rules are compared to (or measured against) the access privileges associated with the user. If the measurement fails, which means that the user is not permitted to access this particular document, a notification or alert message may be generated to be displayed to the user at 418. If the measurement passes successfully, which means that the user is permitted to access this particular document, the process 400 moves on to decrypt and retrieve the protection key at 411 and then determine if the secured document is classified at 412. When it is determined that the secured document is not classified or there is no security clearance requirement in the security information, the process 400 goes to 416, wherein a file key is retrieved and, subsequently, used to decrypt the encrypted data portion in the selected (secured) document. When it is determined that the secured document is classified, the process 400 goes to 414 that checks if the authenticated user possesses a clearance key matching the security clearance requirement in general, the security level of the clearance key must be equal to or higher than the security clearance requirement in the secured classified document. If the security level of the clearance key is not sufficient enough, the process 400 goes to 418 that can be configured to display an appropriate error message to the user. If the security level of the clearance key is sufficient enough, the process 400 goes to 416.

In any case, a file key is retrieved with the protection key alone if the secured document is not classified or the protection key together with the clearance key if the secured document is classified. As a result, the decrypted document or clear contents of the selected document is provided at 420.

FIG. 5 shows a flowchart of a process 500 for securing a file or document being created according to one embodiment of the present invention. The process 500 may be understood in conjunction with a client machine running a Microsoft Windows operating system. However, it is clear to those skilled in the art that the description herein or the invention does not imply such limitations.

At 502, a blank document is opened or created by an authoring application chosen and activated by a user. The authoring application may be Microsoft Word, Microsoft PowerPoint or WordPerfect in a preferred procedure, the user may save the document into a folder or a protected store that has already setup with a set of access rules. If not, one or more sets of access rules may be created. Optionally, the access rules may be received by importation of a previously created file including desirable access rules, defaults of the user access privileges or individually created user access privileges. At 504, the set of predetermined access rules is received, preferably, in a descriptive language such as a plain test or a markup language (e.g., XACML).

At 506, a secret cipher key (i.e., a file key) is generated from a cipher module for the document and typically stored in a temp file that is generally not accessible by an ordinary user. The temp file will be erased automatically when the secured document is done (e.g., at a “Close” command from the application). At 508, the document is checked to see if a request to write the document into a local store is made. If such request is detected (which could be made manually by the user or periodically by the authoring tool or an OS procedure), the document is encrypted with the file key at 510. One of the features in the present invention is that the stored document is always encrypted in storage even if it is still being processed (e.g., authored, edited or revised). When the user is done with the document, a “Close” request is activated to close the document. At 512, such a request is detected. As soon as such request is received, it means that a secured version of the document needs to be written into the store. At 514, it is assumed that the document is classified and that that user who is working with the document has been previously assigned a clearance key. The generated file key is then encrypted with a protection/clearance key and further with a clearance/protection key. The protection key may be generated from a cipher module. At 516, the protection key is encrypted with the authenticated user key.

To protect the encrypted protection key, at 518, appropriate access rules are applied and inserted along with the encrypted protection key in the security information that may be further encrypted with the authenticated user key. The encrypted version of the security information is then packed in the header. Depending on implementation, a flag or signature can be further included in the header. Alternatively, the header could include the security information without a flag. At 520, the header is attached to or integrated with the encrypted document from 510 and subsequently the secured document is placed into the store at 524.

As described above, the secured document includes two encrypted portions, the header with encrypted security information and the encrypted data portion (i.e., the encrypted document). The two parts in the secured documents are encrypted respectively with two different keys, the file key and the user key. Alternatively, the two encrypted portions may be encrypted again with another key (or use the same user key) at 522.

In the case that there are a number of sets of access rules, each for a particular user or a group of users, it can be understood that the encrypted access rules at 518 are integrated with other sets of the encrypted access rules in a rules block as illustrated in FIG. 3A. As such, an access from one user or group will not affect other users or groups but the other users or groups will see perhaps an updated version of the encrypted document.

FIG. 6 shows an exemplary implementation 600 of the present invention. A client machine used by a user to access a secured file or secure a created file executes an operating system (e.g., WINDOWS 2000/NT/XP) and may be viewed to have two working modes, one being the user mode and the other being the OS mode. A client module 602 representing an executable version of the present invention is configured to interact with and operate within an operating system 604 to ensure that a document is made secured and a secured document can be accessed only by an authorized user. One of the features of the client module 604 is that the operations thereof are transparent to the user. In other words, the user is not made aware of the operations of the client module 604 when accessing a secured document or securing a document.

An application 606 (e.g. a registered application, such as Microsoft Word) operates in the user mode or the OS 604 and may be activated to access a document stored in a store 608. The store 608 may be a local storage place (e.g., hard disk) or remotely located (e.g., another device). Depending on the security nature (secured vs. non-secured) of the document being accessed, the client module 602 may activate a key store 609 (or an interface thereto) and a cipher module 610. The key store 609 retains an authenticated user key after the user is authenticated. If the user has the need to access soma secured classified files, the key store 609 may retain a corresponding clearance key. Depending on implementation, the key store 609 may be configured to retrieve a clearance key from another location or activate a clearance key from an encrypted version thereof. The cipher module 610 implements one or more an/decryption schemes and is, preferably, modular so that a different cipher module implementing alternative en/decryption schemes may be readily used, if desired.

According to one embodiment, the client module 202 is analogous in many ways to a device driver that essentially converts more general Input/output instructions of an operating system to messages that a device/module being supported can understand. Depending on the OS in which the present invention is implemented, the client module 602 may be implemented as a VxD (virtual device driver), a kernel or other applicable format.

In operation, the user selects a document that is associated with an application 606 (e.g., MS WORD, PowerPoint, or printing). The application 606 acts on the document and calls an API (e.g., createFile, a Common Dialog File Open Dialog with Win32 API in MS Windows) to access the installable file system (IFS) manger 612. If it Is detected that an “Open” request is made from the application 206, the request is passed to an appropriate file system driver (FSD) 614 to access the requested document. When it is detected that the requested document is secured, the key store 209 and the cipher module 610 are activated and an authenticated user (private) key is retrieved. The encrypted security information in the header of the requested secure document is decrypted with the user key. Now the access rules in the secured document are available, a rules measurement is carried out in the client module 602 to determine if the user is permitted to access the selected secured document. If the measurement is successful, that means the user is permitted to access the secured document, a file key is retrieved from the security information with a retrieved protection key as well as the clearance key and, subsequently, the cipher module 610 proceeds to decrypt the encrypted document (i.e., the encrypted data portion) in the client module 602. The clear contents are then returned to the application 606 through the IFS manager 612. For example, if the application 606 is an authoring tool, the clear contents are displayed. If the application 606 is a printing tool, the clear contents are sent to a designated printer.

In another embodiment, an operating system (OS) access, known as the ProcessID property, can be used to activate an application (as an argument to the AppActivate method). The parameter ProcessID identifies the application and an event handler thereof takes necessary parameters to continue the OS access to the Installable File System (IFS) Manager 612 that is responsible for arbitrating access to different file system components. In particular, the IFS Manager 612 acts as an entry point to perform various operations such as opening, closing, reading, writing files and etc. With one or more flags or parameters passed along, the access activates the client module 602. If the document being accessed by the application is regular (non-secured), the document will be fetched from one of the File System Driver (FSD) (e.g., FSD 614) and passed through the client module 602 and subsequently loaded into the application through the IFS Manager 612. On the other hand, if the document being accessed by the application is secured, the client module 602 activates the key store 609 and the cipher module 610 and proceeds to obtain an authenticated user key to retrieve the access rules therein. Pending the outcome from the access test module 609, a file key may be retrieved to decrypt the encrypted data portion of the secured document by the cipher in the cipher module 610. As a result, the data portion or the document in clear mode will be loaded into the application through the IFS Manager 612.

The present Invention has been described in sufficient details with a certain degree of particularity. It is understood to those skilled in the art that the present disclosure of embodiments has been made by way of examples only and that numerous changes in the arrangement and combination of parts may be resorted without departing from the spirit and scope of the invention as claimed. Accordingly, the scope of the present invention is defined by the appended claims rather than the foregoing description of embodiments.

Claims

1. A method comprising: reading a classification level of a secured file from a header portion of the secured file; anddecrypting, by a computing machine, a file key using a clearance key, in response to a security clearance level of the clearance key being greater than or equal to the classification level of the secured file,wherein the file key is encrypted in a portion of the secured file, andwherein at least two user identifiers are assigned a security clearance level corresponding to the security clearance level of the clearance key, the at least two user identifiers are thereby granted access to use the clearance key, and represent members of a group of users assigned to the security clearance level, and access to use the clearance key is granted to members in the group, such that members in the group can access the secured file with the clearance key.
2. The method of claim 1, wherein reading the classification level comprises reading the classification level from a set of a plurality of classification levels.
3. The method of claim 1, wherein the at least two user identifiers are assigned to the security clearance level based on a level of trust of users associated with the at least two user identifiers in an organization.
4. The method of claim 3, wherein the level of trust pertains to job responsibility of the users associated with the at least two user identifiers in the organization or a role of the users associated with the at least two user identifiers in a task.
5. The method of claim 3, wherein at least one of the users associated with the at least two user identifiers is a human user, a group of users or a member thereof, a software agent, a device, or an application.
6. The method of claim 1, wherein at least one of the at least two user identifiers is additionally associated with a user key.
7. The method of claim 6, wherein the header portion of the secured file is encrypted, further comprising decrypting the header portion with the user key after authentication by the at least one of the at least two user identifiers associated with the user key.
8. The method of claim 7, wherein decrypting the header portion of the secured file comprises accessing an encrypted version of the file key.
9. The method of claim 1, further comprising: releasing or activating the clearance key for a corresponding user identifier of the at least two user identifiers when the corresponding user identifier is accessing the secured file.
10. A non-transitory computer-readable storage medium having instructions stored thereon, execution of which, by a computing device, causes the computing device to perform operations comprising: reading a classification level of a secured file from a header portion of the secured file; anddecrypting a file key using a clearance key, in response to a security clearance level of the clearance key being greater than or equal to the classification level of the secured file,wherein the file key is encrypted in a portion of the secured file, andwherein at least two user identifiers are assigned a security clearance level corresponding to the security clearance level of the clearance key, the at least two user identifiers are thereby granted access to use the clearance key, and represent members of a group of users assigned to the security clearance level, and access to use the clearance key is granted to members in the group, such that members in the group can access the secured file with the clearance key.
11. The non-transitory computer-readable storage medium of claim 10, wherein reading the classification level comprises reading the classification level from a set of a plurality of classification levels.
12. The non-transitory computer-readable storage medium of claim 10, wherein the at least two user identifiers are assigned to the security clearance level based on a level of trust of users associated with the at least two user identifiers in an organization.
13. The non-transitory computer-readable storage medium of claim 12, wherein the level of trust pertains to job responsibility of the users associated with the at least two user identifiers in the organization or a role of the users associated with the at least two user identifiers in a task.
14. The non-transitory computer-readable storage medium of claim 12, wherein at least one of the users associated with the at least two user identifiers is a human user, a group of users or a member thereof, a software agent, a device, or an application.
15. The non-transitory computer-readable storage medium of claim 10, wherein at least one of the at least two user identifiers is additionally associated with a user key.
16. The non-transitory computer-readable storage medium of claim 15, wherein the header portion of the secured file is encrypted, further comprising decrypting the header portion with the user key after authentication by the at least one of the at least two user identifiers associated with the user key.
17. The non-transitory computer-readable storage medium of claim 16, wherein decrypting the header portion of the secured file comprises accessing an encrypted version of the file key.
18. The non-transitory computer-readable storage medium of claim 10, the operations further comprising: releasing or activating the clearance key for a corresponding user identifier of the at least two user identifiers when the corresponding user identifier is accessing the secured file.
19. A system comprising: one or more processors; anda memory storing software modules executed by the one or more processors comprising:a reading module configured to read a classification level of a secured file from a header portion of the secured file, anda decrypting module configured to decrypt a file key using a clearance key, in response to a security clearance level of the clearance key being greater than or equal to the classification level of the secured file,wherein the file key is encrypted in a portion of the secured file, andwherein at least two user identifiers are assigned a security clearance level corresponding to the security clearance level of the clearance key, the at least two user identifiers are thereby granted access to use the clearance key, and represent members of a group of users assigned to the security clearance level, and access to use the clearance key is granted to members in the group, such that members in the group can access the secured file with the clearance key.
20. The system of claim 19, wherein reading the classification level comprises reading the classification level from a set of a plurality of classification levels.
21. The system of claim 19, wherein the at least two user identifiers are assigned to the security clearance level based on a level of trust of users associated with the at least two user identifiers in an organization.
22. The system of claim 21, wherein the level of trust pertains to job responsibility of the users associated with the at least two user identifiers in the organization or a role of the users associated with the at least two user identifiers in a task.
23. The system of claim 21, wherein at least one of the users associated with the at least two user identifiers is a human user, a group of users or a member thereof, a software agent, a device, or an application.
24. The system of claim 19, wherein at least one of the at least two user identifiers is additionally associated with a user key.
25. The system of claim 24, wherein the header portion of the secured file is encrypted, further comprising decrypting the header portion with the user key after authentication by the at least one of the at least two user identifiers associated with the user key.
26. The system of claim 25, wherein decrypting the header portion of the secured file comprises accessing an encrypted version of the file key.
27. The system of claim 19, further comprising: a releasing or activating module configured to release or activate the clearance key for a corresponding user identifier of the at least two user identifiers when the corresponding user identifier is accessing the secured file.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a continuation of U.S. patent application Ser. No. 10/159,220, filed May 31, 2002, issued as U.S. Pat. No. 7,921,284 on Apr. 5, 2011, which is a continuation-in-part of U.S. patent application Ser. No. 10/074,804, filed Feb. 12, 2002, issued as U.S. Pat. No. 7,380,120 on May 27, 2008, and entitled “Secured Data Format for Access Control,” which are hereby incorporated by reference for all purposes. This application also claims the benefits of U.S. Provisional Application No. 60/339,634, filed Dec. 12, 2001, and entitled “PERVASIVE SECURITY SYSTEMS,” which is hereby incorporated by reference for all purposes. This application is also related to U.S. patent application Ser. No. 10/127,109 and entitled “Evaluation of Access Rights to Secured Digital Assets”, which is hereby incorporated by reference.

US Referenced Citations (710)

Number	Name	Date	Kind
4203166	Ehrsam et al.	May 1980	A
4238854	Ehrsam et al.	Dec 1980	A
4423287	Zeidler	Dec 1983	A
4423387	Sempel	Dec 1983	A
4734568	Watanabe	Mar 1988	A
4757533	Allen et al.	Jul 1988	A
4796220	Wolfe	Jan 1989	A
4799258	Davies	Jan 1989	A
4827508	Shear	May 1989	A
4887204	Johnson et al.	Dec 1989	A
4888800	Marshall et al.	Dec 1989	A
4912552	Allison et al.	Mar 1990	A
4972472	Brown et al.	Nov 1990	A
5032979	Hecht et al.	Jul 1991	A
5052040	Preston et al.	Sep 1991	A
5058164	Elmer et al.	Oct 1991	A
5144660	Rose	Sep 1992	A
5204897	Wyman	Apr 1993	A
5212788	Lomet et al.	May 1993	A
5220657	Bly et al.	Jun 1993	A
5235641	Nozawa et al.	Aug 1993	A
5247575	Sprague et al.	Sep 1993	A
5267313	Hirata	Nov 1993	A
5276735	Boebert et al.	Jan 1994	A
5301247	Rasmussen et al.	Apr 1994	A
5319705	Halter et al.	Jun 1994	A
5369702	Shanton	Nov 1994	A
5375169	Seheidt et al.	Dec 1994	A
5404404	Novorita	Apr 1995	A
5406628	Beller et al.	Apr 1995	A
5414852	Kramer et al.	May 1995	A
5434918	Kung et al.	Jul 1995	A
5461710	Bloomfield et al.	Oct 1995	A
5467342	Logston et al.	Nov 1995	A
5495533	Linehan et al.	Feb 1996	A
5497422	Tysen et al.	Mar 1996	A
5499297	Boebert	Mar 1996	A
5502766	Boebert et al.	Mar 1996	A
5535375	Eshel et al.	Jul 1996	A
5557765	Lipner et al.	Sep 1996	A
5570108	McLaughlin et al.	Oct 1996	A
5584023	Hsu	Dec 1996	A
5600722	Yamaguchi et al.	Feb 1997	A
5606663	Kadooka	Feb 1997	A
5619576	Shaw	Apr 1997	A
5638501	Gough et al.	Jun 1997	A
5640388	Woodhead et al.	Jun 1997	A
5655119	Davy	Aug 1997	A
5661668	Yemini et al.	Aug 1997	A
5661806	Nevoux et al.	Aug 1997	A
5671412	Christiano	Sep 1997	A
5673316	Auerbach et al.	Sep 1997	A
5677953	Dolphin	Oct 1997	A
5680452	Shanton	Oct 1997	A
5682537	Davies et al.	Oct 1997	A
5684987	Mamiya et al.	Nov 1997	A
5689688	Strong et al.	Nov 1997	A
5689718	Sakurai et al.	Nov 1997	A
5693652	Takase et al.	Dec 1997	A
5699428	McDonnal et al.	Dec 1997	A
5708709	Rose	Jan 1998	A
5715314	Payne et al.	Feb 1998	A
5715403	Stefik	Feb 1998	A
5717755	Shanton	Feb 1998	A
5719941	Swift et al.	Feb 1998	A
5720033	Deo	Feb 1998	A
5729734	Parker et al.	Mar 1998	A
5732265	Dewitt et al.	Mar 1998	A
5745573	Lipner et al.	Apr 1998	A
5745750	Porcaro	Apr 1998	A
5748736	Mittra	May 1998	A
5751287	Hahn et al.	May 1998	A
5757920	Misra et al.	May 1998	A
5765152	Ericson	Jun 1998	A
5768381	Hawthorne	Jun 1998	A
5778065	Hauser et al.	Jul 1998	A
5778350	Adams et al.	Jul 1998	A
5781711	Austin et al.	Jul 1998	A
5787169	Eldridge et al.	Jul 1998	A
5787173	Seheidt et al.	Jul 1998	A
5787175	Carter	Jul 1998	A
5790789	Suarez	Aug 1998	A
5790790	Smith et al.	Aug 1998	A
5813009	Johnson et al.	Sep 1998	A
5821933	Keller et al.	Oct 1998	A
5825876	Peterson	Oct 1998	A
5835592	Chang et al.	Nov 1998	A
5835601	Shimbo et al.	Nov 1998	A
5850443	Van Oorschot et al.	Dec 1998	A
5857189	Riddle	Jan 1999	A
5862325	Reed et al.	Jan 1999	A
5870468	Harrison	Feb 1999	A
5870477	Sasaki et al.	Feb 1999	A
5881287	Mast	Mar 1999	A
5892900	Ginter et al.	Apr 1999	A
5893084	Morgan et al.	Apr 1999	A
5898781	Shanton	Apr 1999	A
5912754	Koga et al.	Jun 1999	A
5922073	Shimada	Jul 1999	A
5933498	Schneck et al.	Aug 1999	A
5944794	Okamoto et al.	Aug 1999	A
5953419	Lohstroh et al.	Sep 1999	A
5968177	Batten-Carew et al.	Oct 1999	A
5970502	Salkewicz et al.	Oct 1999	A
5978802	Hurvig	Nov 1999	A
5987440	O'Neil et al.	Nov 1999	A
5991879	Still	Nov 1999	A
5999907	Donner	Dec 1999	A
6011847	Follendore, III	Jan 2000	A
6012044	Maggioncalda et al.	Jan 2000	A
6014730	Ohtsu	Jan 2000	A
6023506	Ote et al.	Feb 2000	A
6031584	Gray	Feb 2000	A
6032216	Schmuck et al.	Feb 2000	A
6035404	Zhao	Mar 2000	A
6038322	Harkins	Mar 2000	A
6044155	Thomlinson et al.	Mar 2000	A
6055314	Spies et al.	Apr 2000	A
6058424	Dixon et al.	May 2000	A
6061790	Bodnar	May 2000	A
6061797	Jade et al.	May 2000	A
6069057	Wu	May 2000	A
6069957	Richards	May 2000	A
6070244	Orchier et al.	May 2000	A
6085323	Shimizu et al.	Jul 2000	A
6088717	Reed et al.	Jul 2000	A
6088805	Davis et al.	Jul 2000	A
6098056	Rusnak et al.	Aug 2000	A
6101507	Cane et al.	Aug 2000	A
6105131	Carroll	Aug 2000	A
6122630	Strickler et al.	Sep 2000	A
6134327	Van Oorschot	Oct 2000	A
6134658	Multerer et al.	Oct 2000	A
6134660	Boneh et al.	Oct 2000	A
6134664	Walker	Oct 2000	A
6141754	Choy	Oct 2000	A
6145084	Zuili	Nov 2000	A
6148338	Lachelt et al.	Nov 2000	A
6158010	Moriconi et al.	Dec 2000	A
6161139	Win et al.	Dec 2000	A
6170060	Mott et al.	Jan 2001	B1
6182142	Win et al.	Jan 2001	B1
6185612	Jensen et al.	Feb 2001	B1
6185684	Pravetz et al.	Feb 2001	B1
6192408	Vahalia et al.	Feb 2001	B1
6199070	Polo-Wood et al.	Mar 2001	B1
6205549	Pravetz et al.	Mar 2001	B1
6212561	Sitaraman et al.	Apr 2001	B1
6223285	Komuro et al.	Apr 2001	B1
6226618	Downs et al.	May 2001	B1
6226745	Wiederhold et al.	May 2001	B1
6240188	Dondeti et al.	May 2001	B1
6249755	Yemini et al.	Jun 2001	B1
6249873	Richard et al.	Jun 2001	B1
6253193	Ginter et al.	Jun 2001	B1
6260040	Kauffman et al.	Jul 2001	B1
6260141	Park	Jul 2001	B1
6263348	Kathrow et al.	Jul 2001	B1
6266420	Langford et al.	Jul 2001	B1
6272631	Thomlinson et al.	Aug 2001	B1
6272632	Carman et al.	Aug 2001	B1
6282649	Lambert et al.	Aug 2001	B1
6289450	Pensak et al.	Sep 2001	B1
6289458	Garg et al.	Sep 2001	B1
6292895	Baltzley	Sep 2001	B1
6292899	McBride	Sep 2001	B1
6295361	Kadansky et al.	Sep 2001	B1
6299069	Shona	Oct 2001	B1
6301614	Najork et al.	Oct 2001	B1
6308256	Folmsbee	Oct 2001	B1
6308273	Goertzel et al.	Oct 2001	B1
6314408	Salas et al.	Nov 2001	B1
6314409	Schneck et al.	Nov 2001	B2
6317777	Skarbo et al.	Nov 2001	B1
6332025	Takahashi et al.	Dec 2001	B2
6336114	Garrison	Jan 2002	B1
6339423	Sampson et al.	Jan 2002	B1
6339825	Pensak et al.	Jan 2002	B2
6341164	Dilkie et al.	Jan 2002	B1
6343316	Sakata	Jan 2002	B1
6347374	Drake et al.	Feb 2002	B1
6349337	Parsons et al.	Feb 2002	B1
6351813	Mooney et al.	Feb 2002	B1
6353859	McKeehan et al.	Mar 2002	B1
6356903	Baxter et al.	Mar 2002	B1
6356941	Cohen	Mar 2002	B1
6357010	Viets et al.	Mar 2002	B1
6363480	Perlman	Mar 2002	B1
6366298	Haitsuka et al.	Apr 2002	B1
6370249	Van Oorschot	Apr 2002	B1
6381698	Devanbu et al.	Apr 2002	B1
6385644	Devine et al.	May 2002	B1
6389433	Bolosky et al.	May 2002	B1
6389538	Gruse et al.	May 2002	B1
6393420	Peters	May 2002	B1
6405315	Burns et al.	Jun 2002	B1
6405318	Rowland	Jun 2002	B1
6408404	Ladwig	Jun 2002	B1
6421714	Rai et al.	Jul 2002	B1
6442688	Moses et al.	Aug 2002	B1
6442695	Dutcher et al.	Aug 2002	B1
6446090	Hart	Sep 2002	B1
6449721	Pensak et al.	Sep 2002	B1
6453353	Win et al.	Sep 2002	B1
6453419	Flint et al.	Sep 2002	B1
6466476	Wong et al.	Oct 2002	B1
6466932	Dennis et al.	Oct 2002	B1
6477544	Bolosky et al.	Nov 2002	B1
6487662	Kharon et al.	Nov 2002	B1
6490680	Scheidt et al.	Dec 2002	B1
6505300	Chan et al.	Jan 2003	B2
6510349	Schneck et al.	Jan 2003	B1
6519700	Ram et al.	Feb 2003	B1
6529956	Smith et al.	Mar 2003	B1
6530020	Aoki	Mar 2003	B1
6530024	Proctor	Mar 2003	B1
6542608	Scheidt et al.	Apr 2003	B2
6549623	Scheidt et al.	Apr 2003	B1
6550011	Sims	Apr 2003	B1
6557039	Leong et al.	Apr 2003	B1
6567914	Just et al.	May 2003	B1
6571291	Chow	May 2003	B1
6574733	Langford	Jun 2003	B1
6584466	Serbinis et al.	Jun 2003	B1
6587878	Merriam	Jul 2003	B1
6587946	Jakobsson	Jul 2003	B1
6588673	Chan et al.	Jul 2003	B1
6591295	Diamond et al.	Jul 2003	B1
6594662	Sieffert et al.	Jul 2003	B1
6598161	Kluttz et al.	Jul 2003	B1
6601170	Wallace, Jr.	Jul 2003	B1
6603857	Batten-Carew et al.	Aug 2003	B1
6608636	Roseman	Aug 2003	B1
6609115	Mehring et al.	Aug 2003	B1
6611599	Natarajan	Aug 2003	B2
6611846	Stoodley	Aug 2003	B1
6615349	Hair	Sep 2003	B1
6615350	Schell et al.	Sep 2003	B1
6625650	Stelliga	Sep 2003	B2
6625734	Marvit et al.	Sep 2003	B1
6629140	Fertell et al.	Sep 2003	B1
6629243	Kleinman et al.	Sep 2003	B1
6633311	Douvikas et al.	Oct 2003	B1
6640307	Viets et al.	Oct 2003	B2
6646515	Jun et al.	Nov 2003	B2
6647388	Numao et al.	Nov 2003	B2
6678835	Shah et al.	Jan 2004	B1
6683954	Searle et al.	Jan 2004	B1
6687822	Jakobsson	Feb 2004	B1
6693652	Barrus et al.	Feb 2004	B1
6698022	Wu	Feb 2004	B1
6711683	Laczko et al.	Mar 2004	B1
6718361	Basani et al.	Apr 2004	B1
6735701	Jacobson	May 2004	B1
6738908	Bonn et al.	May 2004	B1
6751573	Burch	Jun 2004	B1
6754657	Lomet	Jun 2004	B2
6754665	Futagami et al.	Jun 2004	B1
6775779	England et al.	Aug 2004	B1
6779031	Picher-Dempsey	Aug 2004	B1
6782403	Kino et al.	Aug 2004	B1
6801999	Venkatesan et al.	Oct 2004	B1
6807534	Erickson	Oct 2004	B1
6807636	Hartman et al.	Oct 2004	B2
6810389	Meyer	Oct 2004	B1
6810479	Barlow et al.	Oct 2004	B1
6816871	Lee	Nov 2004	B2
6816969	Miyazaki et al.	Nov 2004	B2
6826698	Minkin et al.	Nov 2004	B1
6834333	Yoshino et al.	Dec 2004	B2
6834341	Bahl et al.	Dec 2004	B1
6842825	Geiner et al.	Jan 2005	B2
6845452	Roddy et al.	Jan 2005	B1
6851050	Singhal et al.	Feb 2005	B2
6862103	Miura et al.	Mar 2005	B1
6865555	Novak	Mar 2005	B2
6870920	Henits	Mar 2005	B2
6874139	Krueger et al.	Mar 2005	B2
6877010	Smith-Semedo et al.	Apr 2005	B2
6877136	Bess et al.	Apr 2005	B2
6882994	Yoshimura et al.	Apr 2005	B2
6889210	Vainstein	May 2005	B1
6891953	DeMello et al.	May 2005	B1
6892201	Brown et al.	May 2005	B2
6892306	En-Seung et al.	May 2005	B1
6898627	Sekiguchi	May 2005	B1
6907034	Begis	Jun 2005	B1
6909708	Krishnaswamy et al.	Jun 2005	B1
6915425	Xu et al.	Jul 2005	B2
6915434	Kuroda et al.	Jul 2005	B1
6915435	Merriam	Jul 2005	B1
6920558	Sames et al.	Jul 2005	B2
6922785	Brewer et al.	Jul 2005	B1
6924425	Naples et al.	Aug 2005	B2
6931450	Howard et al.	Aug 2005	B2
6931530	Pham et al.	Aug 2005	B2
6931597	Prakash	Aug 2005	B1
6938042	Aboulhosn et al.	Aug 2005	B2
6938156	Wheeler et al.	Aug 2005	B2
6941355	Donaghey et al.	Sep 2005	B1
6941456	Wilson	Sep 2005	B2
6941472	Moriconi et al.	Sep 2005	B2
6944183	Iyer et al.	Sep 2005	B1
6947556	Matyas, Jr. et al.	Sep 2005	B1
6950818	Dennis et al.	Sep 2005	B2
6950943	Bacha et al.	Sep 2005	B1
9505941	Lee et al.	Sep 2005
9507936	Subramaniam et al.	Sep 2005
6952780	Olsen et al.	Oct 2005	B2
6954753	Jeran et al.	Oct 2005	B1
6957261	Lortz	Oct 2005	B2
6959308	Gramsamer et al.	Oct 2005	B2
6961849	Davis et al.	Nov 2005	B1
6961855	Rich et al.	Nov 2005	B1
6968060	Pinkas	Nov 2005	B1
6968456	Tripathi et al.	Nov 2005	B1
6971018	Witt et al.	Nov 2005	B1
6976259	Dutta et al.	Dec 2005	B1
6978366	Ignatchenko et al.	Dec 2005	B1
6978376	Giroux et al.	Dec 2005	B2
6978377	Asano et al.	Dec 2005	B1
6987752	Sarraf et al.	Jan 2006	B1
6988133	Zavalkovsky et al.	Jan 2006	B1
6988199	Toh et al.	Jan 2006	B2
6990441	Bolme et al.	Jan 2006	B1
6993135	Ishibashi	Jan 2006	B2
6996718	Henry et al.	Feb 2006	B1
7000150	Zunino et al.	Feb 2006	B1
7003116	Riedel et al.	Feb 2006	B2
7003117	Kacker et al.	Feb 2006	B2
7003560	Mullen et al.	Feb 2006	B1
7003661	Beattie et al.	Feb 2006	B2
7010689	Matyas et al.	Mar 2006	B1
7010809	Hori et al.	Mar 2006	B2
7013332	Friedel et al.	Mar 2006	B2
7013485	Brown et al.	Mar 2006	B2
7020645	Bisbee et al.	Mar 2006	B2
7024427	Bobbitt et al.	Apr 2006	B2
7035854	Hsiao et al.	Apr 2006	B2
7035910	Dutta et al.	Apr 2006	B1
7043637	Bolosky et al.	May 2006	B2
7046807	Hirano et al.	May 2006	B2
7047404	Doonan et al.	May 2006	B1
7051213	Kobayashi et al.	May 2006	B1
7058696	Phillips et al.	Jun 2006	B1
7058978	Feuerstein et al.	Jun 2006	B2
7062642	Langrind et al.	Jun 2006	B1
7073063	Peinado	Jul 2006	B2
7073073	Nonaka et al.	Jul 2006	B1
7076063	Kuroiwa	Jul 2006	B2
7076067	Raike et al.	Jul 2006	B2
7076312	Law et al.	Jul 2006	B2
7076469	Schreiber et al.	Jul 2006	B2
7076633	Tormasov et al.	Jul 2006	B2
7080077	Ramamurthy et al.	Jul 2006	B2
7095853	Morishita	Aug 2006	B2
7096266	Lewin et al.	Aug 2006	B2
7099926	Ims et al.	Aug 2006	B1
7103911	Spies et al.	Sep 2006	B2
7107185	Yemini et al.	Sep 2006	B1
7107269	Arlein et al.	Sep 2006	B2
7107416	Stuart et al.	Sep 2006	B2
7113594	Boneh et al.	Sep 2006	B2
7116785	Okaue	Oct 2006	B2
7117322	Hochberg et al.	Oct 2006	B2
7120635	Bhide et al.	Oct 2006	B2
7120757	Tsuge	Oct 2006	B2
7124164	Chemtob	Oct 2006	B1
7126957	Isukapalli et al.	Oct 2006	B1
7130964	Ims et al.	Oct 2006	B2
7131071	Gune et al.	Oct 2006	B2
7134041	Murray et al.	Nov 2006	B2
7136903	Phillips et al.	Nov 2006	B1
7139399	Zimmermann	Nov 2006	B1
7140044	Redlich et al.	Nov 2006	B2
7145898	Elliott	Dec 2006	B1
7146388	Stakutis et al.	Dec 2006	B2
7146498	Takechi et al.	Dec 2006	B1
7159036	Hinchliffe et al.	Jan 2007	B2
7165179	Maruyama et al.	Jan 2007	B2
7168094	Fredell	Jan 2007	B1
7171557	Kallahalla et al.	Jan 2007	B2
7174563	Brownlie et al.	Feb 2007	B1
7177426	Dube	Feb 2007	B1
7177427	Komuro et al.	Feb 2007	B1
7177839	Claxton et al.	Feb 2007	B1
7178033	Garcia	Feb 2007	B1
7181017	Nagel et al.	Feb 2007	B1
7185196	Kuskin et al.	Feb 2007	B1
7185364	Knouse et al.	Feb 2007	B2
7187033	Pendharkar	Mar 2007	B2
7188181	Squier et al.	Mar 2007	B1
7194764	Martherus et al.	Mar 2007	B2
7197638	Grawrock et al.	Mar 2007	B1
7200747	Riedel et al.	Apr 2007	B2
7203317	Kallahalla et al.	Apr 2007	B2
7203968	Asano et al.	Apr 2007	B2
7219230	Riedel et al.	May 2007	B2
7224795	Takada et al.	May 2007	B2
7225256	Villavicencio	May 2007	B2
7227953	Shida	Jun 2007	B2
7233948	Shamoon et al.	Jun 2007	B1
7237002	Estrada et al.	Jun 2007	B1
7249044	Kumar et al.	Jul 2007	B2
7249251	Todd et al.	Jul 2007	B2
7260555	Rossmann et al.	Aug 2007	B2
7265764	Alben et al.	Sep 2007	B2
7266684	Jancula	Sep 2007	B2
7280658	Amini et al.	Oct 2007	B2
7281272	Rubin et al.	Oct 2007	B1
7287055	Cannata et al.	Oct 2007	B2
7287058	Loveland et al.	Oct 2007	B2
7287620	Thomas et al.	Oct 2007	B2
7290148	Tozawa et al.	Oct 2007	B2
7308702	Thomsen et al.	Dec 2007	B1
7313824	Bala et al.	Dec 2007	B1
7319752	Asano et al.	Jan 2008	B2
7340600	Corella	Mar 2008	B1
7343488	Yadav	Mar 2008	B2
7359517	Rowe	Apr 2008	B1
7362868	Madoukh et al.	Apr 2008	B2
7380120	Garcia	May 2008	B1
7383586	Cross et al.	Jun 2008	B2
7386529	Kiessig et al.	Jun 2008	B2
7386599	Piersol et al.	Jun 2008	B1
7401220	Bolosky et al.	Jul 2008	B2
7406596	Tararukhin et al.	Jul 2008	B2
7415608	Bolosky et al.	Aug 2008	B2
7434048	Shapiro et al.	Oct 2008	B1
7454612	Bolosky et al.	Nov 2008	B2
7461157	Ahlard et al.	Dec 2008	B2
7461405	Boudreault et al.	Dec 2008	B2
7478243	Bolosky et al.	Jan 2009	B2
7478418	Supramaniam et al.	Jan 2009	B2
7484245	Friedman et al.	Jan 2009	B1
7496959	Adelstein et al.	Feb 2009	B2
7509492	Boyen et al.	Mar 2009	B2
7512810	Ryan	Mar 2009	B1
7526657	Saneto et al.	Apr 2009	B2
7539867	Bolosky et al.	May 2009	B2
7555558	Kenrich et al.	Jun 2009	B1
7562232	Zuili et al.	Jul 2009	B2
7565683	Huang et al.	Jul 2009	B1
7577838	Rossmann et al.	Aug 2009	B1
7631184	Ryan	Dec 2009	B2
7681034	Lee et al.	Mar 2010	B1
7698230	Brown et al.	Apr 2010	B1
7702909	Vainstein	Apr 2010	B2
7703140	Nath et al.	Apr 2010	B2
7707427	Kenrich et al.	Apr 2010	B1
7729995	Alain et al.	Jun 2010	B1
7730543	Nath et al.	Jun 2010	B1
7748045	Kenrich et al.	Jun 2010	B2
RE41546	Vainstein	Aug 2010	E
7783765	Hildebrand et al.	Aug 2010	B2
7836310	Gutnik	Nov 2010	B1
7890990	Vainstein et al.	Feb 2011	B1
7913311	Alain et al.	Mar 2011	B2
7917938	Jacobson	Mar 2011	B2
7921284	Kinghorn et al.	Apr 2011	B1
7921288	Hildebrand	Apr 2011	B1
7921450	Vainstein et al.	Apr 2011	B1
7930756	Crocker et al.	Apr 2011	B1
7950066	Zuili	May 2011	B1
8006280	Hildebrand et al.	Aug 2011	B1
8065713	Vainstein et al.	Nov 2011	B1
20010000265	Schreiber et al.	Apr 2001	A1
20010011254	Clark	Aug 2001	A1
20010014882	Stefik et al.	Aug 2001	A1
20010018743	Morishita	Aug 2001	A1
20010021255	Ishibashi	Sep 2001	A1
20010021926	Schneck et al.	Sep 2001	A1
20010023421	Numao et al.	Sep 2001	A1
20010032181	Jakstadt et al.	Oct 2001	A1
20010033611	Grimwood et al.	Oct 2001	A1
20010034839	Karjoth et al.	Oct 2001	A1
20010042110	Furusawa et al.	Nov 2001	A1
20010044903	Yamamoto et al.	Nov 2001	A1
20010056541	Matsuzaki et al.	Dec 2001	A1
20010056550	Lee	Dec 2001	A1
20020003886	Hillegass et al.	Jan 2002	A1
20020007335	Millard et al.	Jan 2002	A1
20020010679	Felsher	Jan 2002	A1
20020013772	Peinado	Jan 2002	A1
20020016921	Olsen et al.	Feb 2002	A1
20020016922	Richards et al.	Feb 2002	A1
20020023208	Jancula	Feb 2002	A1
20020026321	Faris et al.	Feb 2002	A1
20020027886	Fischer et al.	Mar 2002	A1
20020029340	Pensak et al.	Mar 2002	A1
20020031230	Sweet et al.	Mar 2002	A1
20020035624	Kim	Mar 2002	A1
20020036984	Chiussi et al.	Mar 2002	A1
20020041391	Bannai	Apr 2002	A1
20020042756	Kumar et al.	Apr 2002	A1
20020046350	Lordemann et al.	Apr 2002	A1
20020050098	Chan	May 2002	A1
20020052981	Yasuda	May 2002	A1
20020056042	Van Der Kaay et al.	May 2002	A1
20020062240	Morinville	May 2002	A1
20020062245	Niu et al.	May 2002	A1
20020062451	Scheidt et al.	May 2002	A1
20020069077	Brophy et al.	Jun 2002	A1
20020069272	Kim et al.	Jun 2002	A1
20020069363	Winburn	Jun 2002	A1
20020073320	Rinkevich et al.	Jun 2002	A1
20020077986	Kobata et al.	Jun 2002	A1
20020077988	Sasaki et al.	Jun 2002	A1
20020078239	Howard et al.	Jun 2002	A1
20020078361	Giroux et al.	Jun 2002	A1
20020087479	Malcolm	Jul 2002	A1
20020089602	Sullivan	Jul 2002	A1
20020091532	Viets et al.	Jul 2002	A1
20020091745	Ramamurthy et al.	Jul 2002	A1
20020091928	Bouchard et al.	Jul 2002	A1
20020093527	Sherlock et al.	Jul 2002	A1
20020099947	Evans	Jul 2002	A1
20020112035	Carey et al.	Aug 2002	A1
20020112048	Gruyer et al.	Aug 2002	A1
20020120851	Clarke	Aug 2002	A1
20020124180	Hagman	Sep 2002	A1
20020129158	Zhang et al.	Sep 2002	A1
20020129235	Okamoto et al.	Sep 2002	A1
20020133500	Arlein et al.	Sep 2002	A1
20020133699	Pueschel	Sep 2002	A1
20020138571	Trinon et al.	Sep 2002	A1
20020138726	Sames et al.	Sep 2002	A1
20020138762	Horne	Sep 2002	A1
20010150239	Carny et al.	Oct 2002
20020143710	Liu	Oct 2002	A1
20020143906	Tormasov et al.	Oct 2002	A1
20020147746	Lee	Oct 2002	A1
20020150239	Carny et al.	Oct 2002	A1
20020152302	Motoyama et al.	Oct 2002	A1
20020156726	Kleckner et al.	Oct 2002	A1
20020157016	Russell et al.	Oct 2002	A1
20020162104	Raike et al.	Oct 2002	A1
20020165870	Chakraborty et al.	Nov 2002	A1
20020166053	Wilson	Nov 2002	A1
20020169963	Seder et al.	Nov 2002	A1
20020169965	Hale et al.	Nov 2002	A1
20020172367	Mulder et al.	Nov 2002	A1
20020174030	Praisner et al.	Nov 2002	A1
20020174109	Chandy et al.	Nov 2002	A1
20020174415	Hines	Nov 2002	A1
20020176572	Ananth	Nov 2002	A1
20020178271	Graham et al.	Nov 2002	A1
20020184217	Bisbee et al.	Dec 2002	A1
20020184488	Amini et al.	Dec 2002	A1
20020194484	Bolosky et al.	Dec 2002	A1
20020198798	Ludwig et al.	Dec 2002	A1
20030005168	Leerssen et al.	Jan 2003	A1
20030009685	Choo et al.	Jan 2003	A1
20030014391	Evans et al.	Jan 2003	A1
20030023559	Choi et al.	Jan 2003	A1
20030026431	Hammersmith	Feb 2003	A1
20030028610	Pearson	Feb 2003	A1
20030033528	Ozog et al.	Feb 2003	A1
20030037029	Holenstein et al.	Feb 2003	A1
20030037133	Owens	Feb 2003	A1
20030037237	Abgrall et al.	Feb 2003	A1
20030037253	Blank et al.	Feb 2003	A1
20030046176	Hynes	Mar 2003	A1
20030046238	Nonaka et al.	Mar 2003	A1
20030046270	Leung et al.	Mar 2003	A1
20030050919	Brown et al.	Mar 2003	A1
20030051039	Brown et al.	Mar 2003	A1
20030056139	Murray et al.	Mar 2003	A1
20030061482	Emmerichs	Mar 2003	A1
20030061506	Cooper et al.	Mar 2003	A1
20030074580	Knouse et al.	Apr 2003	A1
20030078959	Yeung et al.	Apr 2003	A1
20030079175	Limantsev	Apr 2003	A1
20030081784	Kallahalla et al.	May 2003	A1
20030081785	Boneh et al.	May 2003	A1
20030081787	Kallahalla et al.	May 2003	A1
20030081790	Kallahalla et al.	May 2003	A1
20030088517	Medoff	May 2003	A1
20030088783	DiPierro	May 2003	A1
20030093457	Goldick	May 2003	A1
20030095552	Bernhard et al.	May 2003	A1
20030099248	Speciner	May 2003	A1
20030101072	Dick et al.	May 2003	A1
20030108883	Rondinone	Jun 2003	A1
20030110131	Alain et al.	Jun 2003	A1
20030110169	Zuili	Jun 2003	A1
20030110266	Rollins et al.	Jun 2003	A1
20030110280	Hinchliffe et al.	Jun 2003	A1
20030110397	Supramaniam et al.	Jun 2003	A1
20030115146	Lee et al.	Jun 2003	A1
20030115218	Bobbitt et al.	Jun 2003	A1
20030115570	Bisceglia	Jun 2003	A1
20030120601	Ouye	Jun 2003	A1
20030120684	Zuili et al.	Jun 2003	A1
20030126434	Lim et al.	Jul 2003	A1
20030132949	Fallon et al.	Jul 2003	A1
20030154296	Noguchi et al.	Aug 2003	A1
20030154381	Ouye	Aug 2003	A1
20030154396	Godwin et al.	Aug 2003	A1
20030154401	Hartman et al.	Aug 2003	A1
20030159048	Matsumoto et al.	Aug 2003	A1
20030159066	Staw et al.	Aug 2003	A1
20030163704	Dick et al.	Aug 2003	A1
20030165117	Garcia-Luna-Aceves et al.	Sep 2003	A1
20030172280	Scheidt et al.	Sep 2003	A1
20030177070	Viswanath et al.	Sep 2003	A1
20030177378	Wittkotter	Sep 2003	A1
20030182310	Charnock et al.	Sep 2003	A1
20030182579	Leporini et al.	Sep 2003	A1
20030182584	Banes et al.	Sep 2003	A1
20030191938	Woods et al.	Oct 2003	A1
20030196096	Sutton	Oct 2003	A1
20030197729	Denoue et al.	Oct 2003	A1
20030200202	Hsiao et al.	Oct 2003	A1
20030204692	Tamer et al.	Oct 2003	A1
20030208485	Castellanos	Nov 2003	A1
20030217264	Martin et al.	Nov 2003	A1
20030217281	Ryan	Nov 2003	A1
20030217282	Henry	Nov 2003	A1
20030217333	Smith et al.	Nov 2003	A1
20030220999	Emerson	Nov 2003	A1
20030222141	Vogler et al.	Dec 2003	A1
20030226013	Dutertre	Dec 2003	A1
20030229795	Kunigkeit et al.	Dec 2003	A1
20030233650	Zaner et al.	Dec 2003	A1
20040022390	McDonald et al.	Feb 2004	A1
20040025037	Hair	Feb 2004	A1
20040039781	LaVallee et al.	Feb 2004	A1
20040041845	Alben et al.	Mar 2004	A1
20040049702	Subramaniam et al.	Mar 2004	A1
20040064507	Sakata et al.	Apr 2004	A1
20040064710	Vainstein	Apr 2004	A1
20040068524	Aboulhosn et al.	Apr 2004	A1
20040068664	Nachenberg et al.	Apr 2004	A1
20040073660	Toomey	Apr 2004	A1
20040073718	Johannessen et al.	Apr 2004	A1
20040088548	Smetters et al.	May 2004	A1
20040098580	DeTreville	May 2004	A1
20040103202	Hildebrand et al.	May 2004	A1
20040103280	Balfanz et al.	May 2004	A1
20040117371	Bhide et al.	Jun 2004	A1
20040131191	Chen et al.	Jul 2004	A1
20040133544	Kiessig et al.	Jul 2004	A1
20040158586	Tsai	Aug 2004	A1
20040186845	Fukui	Sep 2004	A1
20040193602	Liu et al.	Sep 2004	A1
20040193905	Lirov et al.	Sep 2004	A1
20040193912	Li et al.	Sep 2004	A1
20040199514	Rosenblatt et al.	Oct 2004	A1
20040205576	Chikirivao et al.	Oct 2004	A1
20040215956	Venkatachary et al.	Oct 2004	A1
20040215962	Douceur et al.	Oct 2004	A1
20040243853	Swander et al.	Dec 2004	A1
20040254884	Haber et al.	Dec 2004	A1
20050021467	Franzdonk	Jan 2005	A1
20050021629	Cannata et al.	Jan 2005	A1
20050028006	Leser et al.	Feb 2005	A1
20050039034	Doyle et al.	Feb 2005	A1
20050050098	Barnett	Mar 2005	A1
20050071275	Vainstein et al.	Mar 2005	A1
20050071657	Ryan	Mar 2005	A1
20050071658	Nath et al.	Mar 2005	A1
20050081029	Thornton et al.	Apr 2005	A1
20050086531	Kenrich	Apr 2005	A1
20050091289	Shappell et al.	Apr 2005	A1
20050091484	Thornton et al.	Apr 2005	A1
20050097061	Shapiro et al.	May 2005	A1
20050120199	Carter	Jun 2005	A1
20050138371	Supramaniam	Jun 2005	A1
20050138383	Vainstein	Jun 2005	A1
20050168766	Troyansky et al.	Aug 2005	A1
20050177716	Ginter et al.	Aug 2005	A1
20050177858	Ueda	Aug 2005	A1
20050193397	Corenthin et al.	Sep 2005	A1
20050198326	Schlimmer et al.	Sep 2005	A1
20050223242	Nath	Oct 2005	A1
20050223414	Kenrich et al.	Oct 2005	A1
20050235154	Serret-Avila	Oct 2005	A1
20050256909	Aboulhosn et al.	Nov 2005	A1
20050268033	Ogasawara et al.	Dec 2005	A1
20050273600	Seeman	Dec 2005	A1
20050283610	Serret-Avila et al.	Dec 2005	A1
20050288961	Tabrizi	Dec 2005	A1
20060005021	Torrubia-Saez	Jan 2006	A1
20060011400	Thomas	Jan 2006	A1
20060075258	Adamson et al.	Apr 2006	A1
20060075465	Ramanathan et al.	Apr 2006	A1
20060093150	Reddy et al.	May 2006	A1
20060101285	Chen et al.	May 2006	A1
20060149407	Markham et al.	Jul 2006	A1
20060168147	Inoue et al.	Jul 2006	A1
20060184637	Hultgren et al.	Aug 2006	A1
20060230437	Boyer et al.	Oct 2006	A1
20060277316	Wang et al.	Dec 2006	A1
20070006214	Dubal et al.	Jan 2007	A1
20070067837	Schuster	Mar 2007	A1
20070083575	Leung et al.	Apr 2007	A1
20070192478	Louie et al.	Aug 2007	A1
20070193397	Hwan	Aug 2007	A1
20070294368	Bomgaars et al.	Dec 2007	A1
20080034205	Alain et al.	Feb 2008	A1
20080075126	Yang	Mar 2008	A1
20090100268	Garcia et al.	Apr 2009	A1
20090254843	Van Wie et al.	Oct 2009	A1
20090254972	Huang et al.	Oct 2009	A1
20100047757	McCurry et al.	Feb 2010	A1
20100199088	Nath	Aug 2010	A1
20110258438	Hildebrand	Oct 2011	A1
20110307937	Hildebrand et al.	Dec 2011	A1
20120137130	Vainstein et al.	May 2012	A1

Foreign Referenced Citations (25)

Number	Date	Country
0 672 991	Sep 1995	EP
0 674 253	Sep 1995	EP
0 809 170	Nov 1997	EP
0 913 966	May 1999	EP
0 913 967	May 1999	EP
0 950 941	Oct 1999	EP
0 950 941	Oct 1999	EP
1 107 504	Jun 2001	EP
1 107 504	Jun 2001	EP
1 130 492	Sep 2001	EP
1 154 348	Nov 2001	EP
1 320 012	Jun 2003	EP
1 324 565	Jul 2003	EP
2 328 047	Feb 1999	GB
2001-036517	Feb 2001	GB
2006-244044	Sep 2006	JP
2009-020720	Jan 2009	JP
WO 9641288	Dec 1996	WO
WO 0056028	Sep 2000	WO
WO 0161438	Aug 2001	WO
WO 0163387	Aug 2001	WO
WO 0177783	Oct 2001	WO
WO 0178285	Oct 2001	WO
WO 0184271	Nov 2001	WO
WO 0163387	Aug 2007	WO

Related Publications (1)

	Number	Date	Country
	20110296199 A1	Dec 2011	US

Provisional Applications (1)

	Number	Date	Country
	60339634	Dec 2001	US

Continuations (1)

	Number	Date	Country
Parent	10159220	May 2002	US
Child	13078109		US

Continuation in Parts (1)

	Number	Date	Country
Parent	10074804	Feb 2002	US
Child	10159220		US

Method and system for protecting electronic data in enterprise environment

Information

Patent Number

Date Filed

Date Issued

Inventors

Original Assignees

Examiners

Agents

CPC

US Classifications

Field of Search

US

International Classifications

Disclaimer

Abstract