| CPC G06F 21/6227 (2013.01) [G06F 16/38 (2019.01); G06F 21/31 (2013.01); G06F 21/602 (2013.01); G06F 2221/2141 (2013.01)] | 17 Claims |
|
1. A computer implemented method for protecting individual data elements within an unstructured dataset, the method comprising:
identifying a data element containing confidential information within the unstructured dataset requiring access control;
encrypting the data element within the unstructured dataset comprising generating a trusted data element encrypted using a specific key, the trusted data element corresponding to the data element containing confidential information,
wherein the trusted data element is encapsulated and cryptographically bound to metadata to determine an entitlement based on a user;
storing a decryption key and access control information corresponding to the dataset at an access controller;
cryptographically binding the encrypted data element to metadata that identifies the access controller,
wherein the encrypted data element and the metadata are cryptographically bound using data encryption keys that are user defined, and the metadata comprises required instructions on how to open and identify the trusted data element; and
receiving, by the access controller, an access request to access the encrypted data element.
|