1. Field of the Invention
The invention relates generally to the field of securing stored digital data from unauthorized use.
The invention relates more specifically to the problem of providing an easily usable computer system that provides features such as automatic data decryption and automatic data re-encryption while operating within the context of a multi-user operating system.
The invention relates even more particularly to the problem of providing securely labeled files each with encrypted data that is intelligibly accessible to a plurality of authorized users.
2a. Cross Reference to Related Pending Applications
The following copending U.S. patent application(s) is/are assigned to the assignee of the present application, is/are related to the present application and its/their disclosures is/are incorporated herein by reference:
(A) Ser. No. 08/586,511 Attorney Docket No. SYMA1015! filed Jan. 16, 1996 by W. D. McDonnal et al Cohen and entitled, SYSTEM FOR AUTOMATIC DECRYPTION OF FILE DATA ON A PER-USE BASIS AND AUTOMATIC RE-ENCRYPTION WITHIN CONTEXT OF MULTI-THREADED OPERATING SYSTEM UNDER WHICH APPLICATIONS RUN IN REAL-TIME. PA1 (A) U.S. Pat. No. 4,864,616 issued Sep. 5, 1989 to E. W. Pond et al and entitled, CRYPTOGRAPHIC LABELING OF ELECTRONICALLY STORED DATA; and PA1 (B) U.S. Pat. No. 5,052,040 issued Sep. 24, 1991 to H. W. Preston et al and entitled, MULTIPLE USER STORED DATA CRYPTOGRAPHIC LABELING SYSTEM AND METHOD; and PA1 (C) U.S. Pat. No. 5,481,701 issued Jan. 2, 1996 to Lloyd. L. Chambers IV, and entitled, METHOD AND APPARATUS FOR PERFORMING DIRECT READ OF COMPRESSED DATA FILE.
2b. Cross Reference to Related Patents
The disclosures of the following U.S. patent(s) is/are incorporated herein by reference:
3. Description of the Related Art
As knowledge of computers; and as use of computers and of digital data proliferates throughout society, the threat grows that unauthorized persons will gain useful (intelligent) access to confidential, digitized information.
A wide variety of materials may be stored in the form of digitized data and there may be many legitimate reasons for keeping in confidence, the information represented by such stored data.
By way of example, stored digital data may represent medical records of private patients. The latter records may be stored as digital data in a hospital's database computer. Each patient may wish to have his or her medical records kept in confidence by a selected one or more doctors. However, the hospital's database computer may be connected to a local or wide area communications network (LAN or WAN) so that a remotely located physician or another authorized person can quickly access the medical record of a particular patient when needed, such as in the case of a medical emergency.
For the above example, one or more security measures should be taken to maintain the expected confidentiality of the medical records by blocking unauthorized persons from gaining useful access to these medical records.
There are many other instances where security is desired. By way of further example, the to-be-kept confidential information may include private business, and/or private financial, data and plans that are digitally recorded internally within a portable (e.g., laptop) computer or on a portable disk or tape. The to-be-kept confidential information may constitute legitimate trade secrets of a company, including proprietary vendor and customer lists, technical drawings and other expressions of technology know-how digitally recorded on a computer-readable medium (e.g., on a magnetically and/or optically encoded digital tape or digital disk and/or in nonvolatile random access memory).
Unauthorized access to the media that stores the data representing such digitized information or to the data itself may come about in many ways.
A floppy diskette having the confidential information digitally recorded thereon may fall into the hands of a person who is not authorized to have such information. Such physical possession of the floppy diskette may come about either through deliberate misappropriation or by accident.
An unauthorized person may alternatively gain physical entry, either lawfully or unlawfully, into a room in which a computer terminal has been inadvertently left turned on with the last user still being `logged-on` or otherwise having access rights as far as the operating system (OS) is concerned. If appropriate security measures are not invoked in such circumstances, the unauthorized intruder may be able to gain access to confidential data through the left-on terminal.
Unauthorized access may be otherwise achieved through a local or wide area network (LAN or WAN) by someone who chances upon a password.
In each of these or like cases, where an outer ring of security can be breached, it is desirable to maintain at least one more barrier to useful acquisition of the digitized information. To this end, many data security systems rely in part or in whole on file data encryption.
The idea is to keep confidential information in an exclusively encrypted format as much as possible so that, even if the digitized data falls into the wrong hands, it is still secured by a private encryption key.
Unfortunately, useful information is rarely kept in the encrypted state forever.
Sooner or later, one or more authorized users need to decrypt the encrypted file data in order to use its data.
Authentication of authorized users and management of passwords or keys becomes a problem when multiple users need to be given intelligent access to the information of one or more encrypted files.
If one password (and/or decryption key) is handed out to multiple users, the risk of compromise increases additively.
With each additional authorized user, there comes an additional non-zero probability of leakage of the file access password (and/or decryption key) directly or indirectly through the activities of that added user. The more authorized users there are, the higher the probability of leakage of the one password/key to an unauthorized user.
One previously-known security system (U.S. Pat. No. 4,854,616 of Pond et al) relies on a mixture of keys to reduce the risk of compromise. A label is prefixed to each file and encrypted separately from the file using a `mandatory key` (and a checksum). The encryption algorithm is a symmetrical one, such as exclusive ORring with a key stream. The same key is used for both encryption and decryption.
The label contains auxiliary information needed for decrypting the separately encrypted file.
At the time of attempted access to the file, the label must first be symmetrically decrypted with the `mandatory key` (and the label's checksum). The accessing user must then present a label-specified mixture of user/machine identifiers. The latter act as `seeds` that produce secondary keys. The seed-produced secondary keys are needed to decrypt the attached file.
The secondary key-generating `seeds` can include a Primary User ID (PID), a Secondary User ID (SID), a machine configuration (CID), and a Machine ID (MID). Failure to supply all the label-specified mixture of secondary key-generating `seeds` during a so-called Access Check phase results in the user being denied access to the requested file.
A drawback of the Pond security system is that the same `mandatory key` is given to all authorized users for decrypting the file label. A compromise of the `mandatory key` unlocks the whole of the file label for examination by unauthorized entities and thereby reduces the security of the overall system.
Another drawback of the Pond security system arises when a labelled file is moved from one machine to another with proper authorization, and/or the file-holding machine is reconfigured. If the file label calls for presentation of a specific MID (machine identification code) and/or a specific CID (machine configuration specifier), the file label has to be altered to reflect the new machine or configuration each time a legitimate move is made and/or a machine configuration is altered. This can be difficult to manage in a large networked system where files and/or users are routinely moved from one machine to another and machines are routinely reconfigured.
An improvement over the Pond system is provided in U.S. Pat. No. 5,052,040 to Preston. The Preston system uses the same file labelling approach as that of Pond but extends the file label to include a user permissions area. Some users are granted full read/write access to the file contents while other users are granted only read access. The once-encrypted Pond label and the non-encrypted, user permissions extension are both symmetrically (or `reversibly`) encrypted with a DAC-seeded key stream after the Pond label has been encrypted with the mandatory key stream. The DAC seed (Discretionary Access Control seed) is generated during machine bootup.
While the Preston system is more secure in one sense--because one needs the bootup-generated DAC seed to decrypt the Preston extended-label before being able to use the mandatory key to further unlock the Pond label--the same feature is also a drawback. A file generated under the Preston system cannot be used in an off-enterprise machine that does not have access to the bootup-generated DAC seed. Thus files are not easily exchanged between different machines of an authorized user. This can be an inconvenience in an age where users likely to want to seamlessly move from one machine to another and still access the same files.