System for enterprise digital rights management
Abstract
The present subject matter relates to devices and methods for enterprise digital rights management. In one implementation, a device includes a security module configured to generate a security key. The security module encrypts at least one document of a user, using the security key, to generate a protected document. Further, the device includes an access control module configured to assign an access right to one or more users within an enterprise for accessing the protected document. The access control module is further configured to delegate the access right from the user to another user. The access control module is furthermore configured to lock at least one of the user and the protected document.
Claims
exact text as granted — not AI-modified1 . A device comprising:
a processor; and a memory coupled to the processor, the memory comprising: a security module configured to generate a security key, encrypt at least one document using the security key, and generate a protected document based on the encryption; and an access control module configured to: assign at least one access right to at least one user for accessing the protected document; delegate the access right from the user to an other user; and lock at least one of the user, the other user, and the protected document.
2 . The device as claimed in claim 1 , wherein the access control module is further configured to:
receive an access request from the user for accessing the protected document; compare the access request with the access right associated with the user; and restrict the user from accessing the protected document based on the comparison.
3 . The device as claimed in claim 1 , wherein the access control module is further configured to:
receive an access request from the user for accessing the protected document, wherein the access request is a request for opening the protected document; determine if at least one of the user and the protected document is locked; and restrict the user from accessing the protected document based on the determination.
4 . The device as claimed in claim 1 , wherein the access control module is further configured to ascertain at predefined time intervals whether at least one of the user and the protected document is locked.
5 . The device as claimed in claim 1 , wherein the access control module is further configured to assign temporary ownership of the protected document to the other user.
6 . The device as claimed in claim 1 , wherein the access control module is further configured to:
receive an access request from the user for accessing the protected document, wherein the access request is a request for opening the protected document; ascertain whether at least one of the user and the protected document is unlocked; determine whether the user is an owner, if at least one of the user and the protected document is unlocked; and decrypt the protected document and allow the user to access the protected document, based on the determination.
7 . The device as claimed in claim 1 , wherein the access control module is further configured to:
receive an access request from the user for accessing the protected document, wherein the access request is a request for opening the protected document; ascertain whether at least one of the user and the protected document is unlocked; determine whether the user has temporary ownership and a preset time period of the temporary ownership has expired, if at least one of the user and the protected document is unlocked; compare the access request with the access right associated with the user, based on the determination; and restrict the user from accessing the protected document based on the comparison.
8 . A method of controlling access to a protected document within an enterprise, the method comprising:
receiving an access request by a user for accessing the protected document, wherein the access request is a request for opening the protected document; determining whether at least one of the user and the protected document is locked; and rejecting the access request based on the determining, wherein the rejecting comprises restricting the user from accessing the protected document.
9 . The method as claimed in claim 8 further comprising:
ascertaining whether the user has temporary ownership;
further ascertaining whether a preset time period of the temporary ownership has expired, if the user has temporary ownership; and
determining whether the access request matches with at least one of an access right granted and delegated to the user, if the preset time period of the temporary ownership has expired.
10 . A computer-readable medium having embodied thereon a computer program for executing a method comprising:
receiving an access request by a user for accessing the protected document, wherein the access request is a request for opening the protected document; determining whether at least one of the user and the protected document is locked; and rejecting the access request based on the determining, wherein the rejecting comprises restricting the user from accessing the protected document.
11 . The computer-readable medium as claimed in claim 10 further comprising:
ascertaining whether the user has temporary ownership;
further ascertaining whether a preset time period of the temporary ownership has expired, if the user has temporary ownership; and
determining whether the access request matches with at least one of an access right granted and delegated to the user, if the preset time period of the temporary ownership has expired.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.