There is often a need to control access to data. In some computing environments this goal has been achieved by virtue of limiting the physical access to a machine, to a data carrier, or to parts of a local area network. However such systems can be unnecessarily rigid and cumbersome, especially when the class of persons to whom access may be allowed or denied to a particular item of data is ill defined.
Another approach to security is the use of encryption. In a secure system, the identity of each person who should have access to a document or other item of encrypted data needs to be defined at the time of encryption. This can, once again, be difficult where the class of people who should receive the data is ill defined.
Neither of these themes works particularly well in a “generally trusted” environment where absolute security is not necessary. An example of a generally trusted environment is a company where a manager may be dealing with a commercially sensitive document, and may wish to share this with other managers and in turn recognizes that they may need to share the document with other individuals where they deem this to be necessary or desirable. Thus the document cannot be “open” such that everyone can view it, as it may be commercially sensitive, but neither can the recipient list be accurately defined right from the outset.
Therefore, there exists a need for an apparatus and method of controlling access to encrypted information.