System for electronic repository of data enforcing access control on data retrieval

Assignee

• International Business Machines Corporation · US

Inventors

• Hanid Bacha · Great Falls, US
• Robert B. Carroll · Mount Kisco, US
• Lev Nirlas · Thornhill, CA
• Sung Wei Tchao · Toronto, CA

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/10
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

When an electronic document is made available for review by other entities, it is often convenient to store the document in a repository or database managed by a third party. A system is provided in which the originator of the document is able to ensure the integrity and security of its document filed with a third party repository without having to trust the administrator of the repository. Both the document originator and the repository administrator have vault environments which are secure extensions of their respective work spaces. The vault of the document originator encrypts a document that it receives from the originator, prior to forwarding it on to the vault of the repository. On receipt of the encrypted document, the repository's vault signs the encrypted document itself before storing the document in the electronic repository and returns to the originator's vault proof of deposit of the encrypted document in the form of a copy of the signed encrypted document. An access control list identifying access ownership privileges for the document are also stored in the repository. Updates to the access control list are under the control of document originator, or another computer…