Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

System and Method for Encryption and Access Control of Sensitive Data from Submission through Completion of a Lifecycle Management System Workflow Item

IP.com Disclosure Number: IPCOM000241193D
Publication Date: 2015-Apr-02
Document File: 2 page(s) / 80K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a method and system to automate the encryption of a comment entry to a work item in a workflow management system, ensuring that encryption and protected access to sensitive data is permeated throughout the workflow.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

Page 01 of 2

System and Method for Encryption and Access Control of Sensitive Data from Submission through Completion of a Lifecycle Management System Workflow Item

A lifecycle management system repository stores information for change requests, defects, etc. Depending on the type of workflow item submitted, data might be published to the web for public consumption or for internal access. The problem occurs

when unauthorized users consume sensitive data. For some users of the system, it is beneficial to store sensitive information within the workflow item; however, a method is needed to protect the sensitive data entries and control access to such entries within the lifecycle management system.

The problem is that there is no generation of an individually encrypted data set and associated pass phrase integrated in the workflow of the repository system, allowing access to all required participants with confirmation from the user.

The core idea of this solution is to automate the encryption of a comment entry in a

work item and ensure that encryption and access to the sensitive data is permeated

throughout the work item workflow. The method ensures that the user authorizes all participants with expected access to the content to receive a specifically generated pass phrase. With this approach, each entry in a work item is associated with an identifying pass phrase, which is automatically generated, emailed, and tracked when decrypted by a user. Further, once logged in, a user can pull all the pass phrases associated with a work item and enter said phrases to view all encrypted entries of a

work item.

The novel solution allows the author of a workflow item to encrypt individual sensitive data entries within a lifecycle management system, which in turn generates an

automated email to the author with an individual passphrase to access the entry. The method also allows the author to select interested parties and provide role based subscriptions to members who can also receive an individual passphrase to access the sensitive data entries. For example, if the author added a second comment with sensitive data, the author can grant subscriber access to a specific user based on that user's role. Thus, the subscriber receives an automated email with an individual passphrase to access the entry.

The solution enables the assignment of an ID to comments with sensitive content, encrypts data within a workflow item, and controls access to sensitive data entries that may be useful to act on the...