Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Method for Content-Based Document Encryption

IP.com Disclosure Number: IPCOM000197599D
Publication Date: 2010-Jul-15
Document File: 5 page(s) / 72K

Publishing Venue

The IP.com Prior Art Database

Abstract

This idea proposes a system to automatically encrypt certain documents based on content, metadata, or predefined templates. The proposed system would exist as software running on user devices, or connected to existing content management systems. The software would scan the user's system or document repositories and encrypt documents based on content, metadata, or standard templates. The content and metadata would be used to determine what encryption keys to use to encrypt the document, as well as which encryption program to use.

This text was extracted from a Microsoft Word document.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 31% of the total text.

Method for Content-Based Document Encryption

This idea proposes a system to automatically encrypt certain documents based on content, metadata, or predefined templates. The proposed system would exist as software running on user devices, or connected to existing content management systems. The software would scan the user's system or document repositories and encrypt documents based on content, metadata, or standard templates. The content and metadata would be used to determine what encryption keys to use to encrypt the document, as well as which encryption program to use.

Although electronic documents can be encrypted in transmission through HTTPS connections or IPSec tunnels, encrypting documents in storage/at rest is more difficult.   Current methods of document encryption require user interaction. Since most users do not understand encryption technologies or when to utilize encryption, documents are often left unsecured in storage.  One solution to this problem is whole-disk encryption, especially with portable computing devices. However, an issue exists with whole-disk encryption mechanisms. If a user can log into the system, they have access to the encrypted content.   Secondary encryption on confidential documents is required to further secure them.   The proposed idea would provide automated methods of encrypting documents, based on document content, metadata or defined templates.

First application: Client on the local system:

One application of the proposed idea is as a client running on the user’s system. The client would search the user’s device (desktop/laptop/mobile device) for documents (common file formats, saved email messages, plain text documents) that contain specified keywords or formatting. For example, documents containing the phrase “Internal Use Only” or “Protect Until: Forever,” or common data formats like Social Security Numbers or credit card numbers. To perform the search, the client can use its own search and index algorithms, or integrate with existing solutions.  The search interval should be configurable in the client.

When matching documents are found, the client would encrypt them. It can be pre-configured with rules to call the encryption routines of the default application for the document’s extension, call a common third party tool (ex. PGP), or use its own encryption algorithms. The encryption keys used for the encryption process can be selected by pre-configured rules, and be based off of the document content. For example, if the document contains the phrase “Marketing Department” in a header located at the top of the document, the client can be configured to use a specified public key. It could also be configured to encrypt all documents using the local user’s public key. Another option would be to scan for keywords in the document, like “To: John Smith” in which case the client would use John Smith’s public key to encrypt the document. The client should be open with it...