SG11201901737TA - Access control through data structures - Google Patents

Access control through data structures

Info

Publication number
SG11201901737TA
SG11201901737TA SG11201901737TA SG11201901737TA SG11201901737TA SG 11201901737T A SG11201901737T A SG 11201901737TA SG 11201901737T A SG11201901737T A SG 11201901737TA SG 11201901737T A SG11201901737T A SG 11201901737TA SG 11201901737T A SG11201901737T A SG 11201901737TA
Authority
SG
Singapore
Prior art keywords
data
node
user
access
data structure
Prior art date
Application number
SG11201901737TA
Inventor
Andrew Rasmussen
Original Assignee
Peernova Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Peernova Inc filed Critical Peernova Inc
Publication of SG11201901737TA publication Critical patent/SG11201901737TA/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Computing Systems (AREA)
  • Automation & Control Theory (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) -., (19) World Intellectual Property 111111101111 0 1110101011111 011101 0 10111IIIIIIIIIIII1H11100111111111011110111111 Organization International Bureau (10) International Publication Number (43) International Publication Date ......'\"' WO 2018/052754 Al 22 March 2018 (22.03.2018) W I PO I PC T (51) International Patent Classification: (72) Inventor: RASMUSSEN, Andrew, James; Peemova, GOOF 12/14 (2006.01) HO4L 29/06 (2006.01) Inc., 100 Century Center Court, Suite 700, San Jose, CA G06Q 99/00 (2006.01) 95112 (US). (21) International Application Number: (74) Agent: SONG, Jae, Won et al.; Fenwick & West LLP, 801 PCT/US2017/050048 California Street, Mountain View, CA 94041 (US). (22) International Filing Date: (81) Designated States (unless otherwise indicated, for every 05 September 2017 (05.09.2017) kind of national protection available): AE, AG, AL, AM, AO, AT, AU, AZ, BA, BB, BG, BH, BN, BR, BW, BY, BZ, (25) Filing Language: English CA, CH, CL, CN, CO, CR, CU, CZ, DE, DJ, DK, DM, DO, (26) Publication Language: English DZ, EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, GT, HN, (30) Priority Data: HR, HU, ID, IL, IN, IR, IS, JO, JP, KE, KG, KH, KN, KP, 15/267,116 15 September 2016 (15.09.2016) US KR, MG, KW, KZ, LA, LC, LK, LR, LS, LU, LY, MA, MD, ME, MK, MN, MW, MX, MY, MZ, NA, NG, NI, NO, NZ, (71) Applicant: PEERNOVA, INC. [US/US]; 100 Century OM, Center Court, Suite 700, San Jose, CA 95112 (US). SC, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW. PA, PE, PG, PH, PL, PT, QA, RO, RS, RU, RW, SA, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, TN, (54) Title: ACCESS CONTROL THROUGH DATA STRUCTURES Access Node 214 Input Hash of 204 200 Output Administrator Public Key Data: First User No Access Node 20 Record Node 210 ccess Node 20. • cord Input: Hash of 202 Input Hash of 202 Input: Hash of 208 Output: First User Output: First User Output Second User Public Key Public Key Public Key Data: First User Data: First Version Data: Second Version Access 'f a First Data he of First Data Item Root Node 202 Administrator Public Key 'ccess Node 20. Record Node 212 - Input: Hash of 202 Input: Hash of 202 Output: Second Output: Second User User Public Key Public Key Data: Second User Data: First Version of Access a Second Data Re FIG. 2E ,-1 .4 ; „ i; (57) : A data structure includes data that allows specific users to access data items that are part of the data structure and allows IN the users to store data items in association with the data structure. The data structure includes a root node which is the genesis of the N data structure. The data structure further includes an access node for each user granted access rights to the data structure. An access 1 4') node granting a user access rights to the data structure is directly connected to the root node. For a user whose access rights to the data 0 --.... structure are revoked, the data structure includes an additional access node directly connected to the access node that gave the user GC access rights. The data structure also includes a record node for each data item that is part of the data structure. Each record node is 1-1 © connected to the root node directly or indirectly. ei C [Continued on next page] WO 2018/052754 Al 111111111111110111011111111111111111111100111111111110101111100111111111011110111111 (84) Designated States (unless otherwise indicated, for every kind of regional protection available): ARIPO (BW, GH, GM, KE, LR, LS, MW, MZ, NA, RW, SD, SL, ST, SZ, TZ, UG, ZM, ZW), Eurasian (AM, AZ, BY, KG, KZ, RU, TJ, TM), European (AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR), OAPI (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, KM, ML, MR, NE, SN, TD, TG). Published: — with international search report (Art. 21(3))
SG11201901737TA 2016-09-15 2017-09-05 Access control through data structures SG11201901737TA (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US15/267,116 US10607025B2 (en) 2016-09-15 2016-09-15 Access control through data structures
PCT/US2017/050048 WO2018052754A1 (en) 2016-09-15 2017-09-05 Access control through data structures

Publications (1)

Publication Number Publication Date
SG11201901737TA true SG11201901737TA (en) 2019-04-29

Family

ID=61560639

Family Applications (1)

Application Number Title Priority Date Filing Date
SG11201901737TA SG11201901737TA (en) 2016-09-15 2017-09-05 Access control through data structures

Country Status (5)

Country Link
US (1) US10607025B2 (en)
EP (1) EP3513299A4 (en)
JP (1) JP2019530332A (en)
SG (1) SG11201901737TA (en)
WO (1) WO2018052754A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111310145B (en) * 2020-03-06 2023-02-21 抖音视界有限公司 User right verification method and device and electronic equipment
JP7388707B2 (en) * 2020-03-11 2023-11-29 Zerobillbank Japan株式会社 Information processing device, information processing system, information processing method, and program
US20220067194A1 (en) * 2020-09-02 2022-03-03 Cookie.AI, Inc. Generation of a privilege graph to represent data access authorizations
US11818276B1 (en) 2022-10-07 2023-11-14 Uab 360 It Optimized header information to enable access control

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU6620000A (en) 1999-08-06 2001-03-05 Frank W Sudia Blocked tree authorization and status systems
EP1784943A4 (en) 2004-08-31 2011-08-03 Ntt Docomo Inc Revocation of cryptographic digital certificates
EP1929423A2 (en) * 2005-09-16 2008-06-11 Koninklijke Philips Electronics N.V. Cryptographic role-based access control
CA2626244A1 (en) 2005-10-18 2007-04-26 Intertrust Technologies Corporation Methods for evaluating licenses containing control programs by a drm engine
US8832466B1 (en) 2006-01-27 2014-09-09 Trustwave Holdings, Inc. Methods for augmentation and interpretation of data objects
US8996863B2 (en) * 2010-12-03 2015-03-31 Yacov Yacobi Attribute-based access-controlled data-storage system
US9008303B1 (en) * 2011-12-22 2015-04-14 Emc Corporation Method and apparatus for generating forward secure pseudorandom numbers

Also Published As

Publication number Publication date
US10607025B2 (en) 2020-03-31
JP2019530332A (en) 2019-10-17
US20180075252A1 (en) 2018-03-15
EP3513299A4 (en) 2020-02-26
EP3513299A1 (en) 2019-07-24
WO2018052754A1 (en) 2018-03-22

Similar Documents

Publication Publication Date Title
SG11201808758TA (en) A method and system for controlling the performance of a contract using a distributed hash table and a peer-to-peer distributed ledger
SG11201901737TA (en) Access control through data structures
SG11201808990QA (en) Compositions for topical application of compounds
SG11201809874SA (en) Systems and methods for locating a wireless device
SG11201906753UA (en) Digital certificate management method and apparatus, and electronic device
SG11201809582PA (en) A method and system for verifying ownership of a digital asset using a distributed hash table and a peer-to-peer distributed ledger
SG11201909949XA (en) Targeted immunotolerance
SG11201906755VA (en) Digital certificate management method, apparatus, and system
SG11201908336XA (en) Smart plans
SG11201810288PA (en) Multi-level control, variable access, multi-user contextual intelligent communication platform
SG11201805390WA (en) System and methods for auditing a virtual machine
SG11201804132UA (en) Eif4-a-inhibiting compounds and methods related thereto
SG11201901834WA (en) Micrornas as biomarkers for endometriosis
SG11201903582UA (en) Settlement method, entrance control method, and apparatus
SG11201901572PA (en) System for distributed intelligent remote sensing systems
SG11201811424PA (en) Mirrored token vault
SG11201809024UA (en) Cancer immunotherapy by immune activation or immune modulation via globo series antigens
SG11201806712RA (en) A method and system for securing computer software using a distributed hash table and a blockchain
SG11201806704TA (en) Blockchain-based exchange with tokenisation
SG11201805266YA (en) Systems and methods for device push provisioning
SG11201811723QA (en) Using a mobile phone for monitoring a medical device
SG11201900554YA (en) Spiro-lactam nmda modulators and methods of using same
SG11201901996UA (en) Formulations of ( r)-2-amino-3-phenylpropyl carbamate
SG11201809395XA (en) Executable logic for processing keyed data in networks
SG11201811425TA (en) Techniques for in-memory key range searches