Method and system for enforcing access control policies on data
US9735959B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 24, 2014 |
| Grant date | Aug 15, 2017 |
| Priority date | — |
| Expiry date | Apr 24, 2034 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method for enforcing access control policies on data owned by a plurality of users includes evaluating the access control policies of users, applying a collusion resistant sharing scheme for generating key shares of an encryption key and delegating the key shares to one or more designated users based on a result of the evaluation. The data is securely dispersed by applying an encryption scheme on all parts of the data to be encrypted to produce encrypted data shares. The encryption scheme is provided such that for decryption of the encrypted data, the encryption key and at least a predetermined number of data shares are provided. Each data share is delegated to one or more designated users, and the data shares and the key shares are distributed to the respective designated users.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.