Field of the Invention
The present invention relates to a method of operating a computing device, a computing device and a computer program.
Description of the Related Technology
There are many situations where it is desirable or necessary to encrypt data when the data is stored and/or transmitted, principally in order to prevent unauthorized access to the data. A number of different methods and techniques for encrypting data are known. Some of these make use of a “container” concept: the data is encrypted and “wrapped” in a (digital) container for which various access policies can be applied to control which users can access the (encrypted) data within the container and under what circumstances. A container is a meta-file format whose specification describes how different data elements and metadata coexist in a computer file. The encryption key which is used to encrypt (and, correspondingly, decrypt) the data may itself be encrypted for secure storage purposes, typically in the prior art by using a user-entered password as an encryption key for that encryption.
However, one problem with encrypting data is how to generate encryption keys that are to be used to encrypt and decrypt data. This is a particular issue where there are several applications running on a computing device that require access to or store data in encrypted form. A particular example is enabling users to have a secure way of viewing and/or editing data or files in general, or carrying out other actions in respect of the data or files, including for example other manipulation, transformation, processing, storage, transmission and other computing operations. Such files may have been downloaded or received at the user device as an attachment to an email or by some other file transfer protocol or method. Since a container may contain many files, this can give rise to problems as many different types of files are typically stored and each different type of file requires different application code to view/edit/manipulate/etc., so the container application becomes larger the more different types of files it supports. It is desirable to make the encrypted file available to third party applications on the user device, such as viewers/editors/etc., though this availability must be achieved in a secure manner which does not compromise the security of the encrypted file. It is inconvenient for a user to have to enter a password each time that a particular application accesses data on a user device, but it is also preferred not to use the same encryption key for each application for security reasons.