1. Field of the Invention
The present invention generally relates to data file security and more particularly, the present invention relates to maintaining data security amongst shared data files such that files are shared only with remotely connected group members intended to be authorized to access the files.
2. Background Description
Generally what is known as the Internet or World Wide Web (WWW) is a large scale network of globally connected computers. The Internet places an almost limitless amount of information at the fingertips of each connected computer user. The information is located at various globally connected computers, each at what is typically referred to as a “Web Site.” Each web site may include multiple accessible web pages linked to each other. Each web page is a data file encoded in HyperText Markup Language (HTML) or a similar browser friendly code. A web page may include one or more Hypertext links or Hyperlinks, each to a Uniform Resource Locator (URL) that points to a file at an Internet location. The file may be any type of file including but not limited to another HTML document or web page, a word processing document, compressed or uncompressed data or simple text. To take advantage of available information, what are known as web search engines have been developed and used in what is commonly referred to as “crawling” to find and index web pages, and respond to user queries based on the indexed web pages.
Collaborative efforts or projects, wherein multiple parties participate toward a common goal, often require participants to share information, work results, files, etc. These parties may be located at remote locations and sharing their work through a central server. The stored material may be made available to participants as users of a group by providing group access to the material, such as by placing links to the material on a particular website or the workgroup's homepage. This work may be very sensitive, requiring security measures, e.g., password protection, to guard from having it fall into the hands of a competitor. By limiting password distribution to those having a need to know within the workgroup, direct access to files may be restricted to the members of the workgroup.
However, web pages may be accessible, randomly, through a search engine or, deliberately, to anybody with knowledge of the particular URL. Further, a web site with links to other sites, makes those other sites available to any visitors to the original site. Thus, sensitive material stored with a link on a private web site may be accessible through an indiscretely placed copy of that link on a public web site. Often, web page owners post links to some material that is intended for the general public, as well as private material that may not be intended for the general public, but for a restricted audience, e.g., a workgroup.
For example, a scholar may wish to post published scientific writings for access by any web viewer, while making yet unpublished articles available only to a select few editors or reviewers. The same scholar may wish to affect a limited distribution of some political writings to those belonging to a certain political group and distribute personal material, e.g., family pictures and links, to a circle of relatives and friends. One approach to directing access is to collect related links onto different secure web sites, one web site for each work group. Small business and organizations that cannot afford to maintain what is typically referred to as an intranet may wish to maintain web pages intended only for their members or employees. See, for example, www.intranets.com.
However, usually it is impractical to set up registration and passwords for members of such groups. Also, there is still a security concern with entities like www.intranets.com, concerning the storage location of the sensitive information, i.e., whether it is stored on a private server rather than on some service provider's machine with additional storage charges.
Hackers are a well known problem, continuously assaulting web pages, servers and other internet connected computers, looking for a way to invade a target site. Once a hacker gains access to a site, the site may be unprotected, especially if the hacker can determine which files are available at the site, e.g., by accessing the directory listing. Typically, Hyper Text Transfer Protocol (HTTP) allows web servers to block directory listings. However, while blocking directory listings may offer some protection to the contents of the files stored in that directory, it also is more difficult for someone with legitimate access to the site to determine what is stored there.
Accordingly, there is a need for secure methods of selectively making information available to those remotely connected group members that are authorized to have access to the information without inadvertently allowing unauthorized access.