The present invention relates generally to data security and more specifically to limiting access to sensitive data.
Security of stored electronic data has become an important issue. The unauthorized access of sensitive (e.g., proprietary or confidential) data can often result in a reduction or loss in value of the data.
Ensuring data security is complicated when the owner of the data is forced to share its data with an untrusted party. Providing an untrusted party access to sensitive data, even for a very brief period of time, is a significant risk.
This problem can arise in a variety of situations. For example, in a litigation or negotiation, an owner of data may need to disclose sensitive data to an untrusted party. This may be the result of the requirements of the negotiation, or may result from a court order during a litigation. The data owner is reticent to release its data to the untrusted party, fearing unauthorized disclosure or use of the sensitive data. This may be especially problematic when the data owner and the untrusted party are business competitors.
This presents a sensitive data sharing dilemma. Specifically, the untrusted party requires adequate access to the data. The data owner, on the other hand, wants to prevent unauthorized use or disclosure of the data. One existing solution is to provide only hard copy versions of the data to the untrusted party. The hard copy versions may be locked up (e.g., in a safe) for security when not being accessed. Further, only providing hard copies of the data makes duplication or transfer of the data more difficult, as compared to electronic copies of the data.
For large electronic data sources, such as source code repositories or databases, however, hard copies are often unmanageable. Electronic data is typically easier to review and manipulate. Electronic data, however, is also often easier to misuse, as it often can be copied and/or shared easily. As a result, there is a tradeoff between the ease of review of electronic data with the ease of misuse of electronic data.
There is a need to alleviate many of the concerns associated with sharing sensitive data electronically.