The assignee for this patent application is
Reporters obtained the following quote from the background information supplied by the inventors: "The present invention relates to a technique for managing data files using cloud storages.
"In recent years, it has become discussed to utilize in business public cloud storage services which have been provided for consumers. The file sharing function provided by public cloud storage services is one of advantages in using cloud storages. However, a lot of users are anxious in terms of security when using public cloud storages in business. Thus public cloud storages are generally used for personal use only so far. Therefore, as one of security measures, a scheme has been developed in which files stored in cloud storages are encrypted before operation. In association with this scheme, software products that implement encrypting files stored in cloud storages are available in the market. However, only few products achieve both the file sharing function of public cloud storage services and the encryption.
"JP Patent Publication (Kokai) No. 2007-11511 A describes, in a case where a plurality of users shares encrypted files without using cloud storages, a system in which the encrypted files are stored in a removable medium and the encrypted files can be decrypted only on computers that are used by user groups permitted in advance."
In addition to obtaining background information on this patent application, VerticalNews editors also obtained the inventors' summary information for this patent application: "In the file exchange using removable media as described in JP Patent Publication (Kokai) No. 2007-11511 A, it is necessary to carry the removable medium storing the encrypted files when the stored information is to be carried to outside of the user group. Therefore, if the removable medium is lost, broken, or the like, the data itself cannot be restored. In addition, when sharing the encrypted files among a plurality of users simultaneously, it is necessary to prepare and distribute removable media for each of users and is also necessary to notify the users of information for decryption such as encrypting password in advance. Therefore, it has problems in terms of immediacy, convenience, or safety. Further, it is possible to decrypt the encrypted files as long as the encrypted files and information for decryption such as password are available. Thus it has problems in terms of security.
"Next, it is assumed that cloud storages are used as alternative measures instead of file sharing using removable media. It is possible to share files between users inside and outside of users' own groups by utilizing the file sharing function provided by public cloud storage services. However, security risks such as information leakage due to operational mistakes by service operators managing the cloud storages or hackings to the cloud storages may arise. Thus more advanced security measures are required.
"Encrypting files stored on cloud storages may be conceivable as security measures for cloud storages. However, encrypting files using password requires disclosing the password to a plurality of users in order to share the files, which has problems in terms of safety. Encrypting whole of the cloud storages may be conceivable as another measure. However, it may easily lead to information leakage if the user providing the shared file mistakes in setting access privileges.
"The present invention is made in the light of above-described problems, and it is an objective of the present invention to ensure security of the file sharing function provided by cloud storages without significantly decreasing the convenience of cloud storages.
"The encryption key management program according to the present invention encrypts, using authentication information of a user, a group shared key shared in a user group and stores it as an encrypted group shared key. The encryption key management program, upon receiving a request from a user, sends the encrypted group shared key corresponding to the requesting user.
"With the encryption key management program according to the present invention, it is possible to enhance safety without significantly decreasing the convenience of cloud storages.
BRIEF DESCRIPTION OF THE DRAWINGS
"FIG. 1 is a configuration diagram of a data management system 1000.
"FIG. 2 is a functional block diagram showing details of a management server 100.
"FIG. 3 is diagram showing a user authentication process performed by the management server 100.
"FIG. 4 is a diagram explaining a process in which a client terminal 200 encrypts a data file 212 and stores it in a cloud storage 300.
"FIG. 5 is a diagram explaining a process in which the client terminal 200 retrieves the data file 212 from the cloud storage 300 and decrypts it.
"FIG. 6 is a configuration diagram of a file system on an OS of the client terminal 200.
"FIG. 7 is a flowchart explaining a process in which the client terminal 200 sends, to the cloud storage 300, a new data file that is stored in an encryption folder 230.
"FIG. 8 is a flowchart explaining a process in which the client terminal 200 downloads an encrypted data file from the cloud storage 300."
For more information, see this patent application:
Keywords for this news article include:
Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC
Most Popular Stories
- Criminal Investigation Opened Into James Foley's Death
- Swiss Suicide Tourism Doubled Since 2009
- Florida's Largest Insurer Says 'Bailout' Attacks Unfair
- Wealth Gap Widened in Past Decade: Census
- Gap Reports Higher Profits, India Plans
- International Revulsion Grows Over James Foley Death
- James Foley Beheading Sparks Anger, Little Action
- Beyonce, Jay-Z Cuba Trip Was Legal After All
- Chinese Stock Funds Are a Late-summer Bloomer
- Sears Holdings Loses $573 Million