US 12,470,548 B2
Policies and encryption to protect digital information
Keng Lim, Atherton, CA (US)
Assigned to NextLabs, Inc., San Mateo, CA (US)
Filed by NextLabs, Inc., San Mateo, CA (US)
Filed on Jun. 25, 2024, as Appl. No. 18/753,982.
Application 18/753,982 is a continuation of application No. 18/159,053, filed on Jan. 24, 2023, granted, now 12,021,859.
Application 18/159,053 is a continuation of application No. 17/131,653, filed on Dec. 22, 2020, granted, now 11,563,735, issued on Jan. 24, 2023.
Application 17/131,653 is a continuation of application No. 16/168,793, filed on Oct. 23, 2018, granted, now 10,873,574, issued on Dec. 22, 2020.
Application 16/168,793 is a continuation of application No. 15/421,358, filed on Jan. 31, 2017, granted, now 10,110,597, issued on Oct. 23, 2018.
Application 15/421,358 is a continuation of application No. 15/096,011, filed on Apr. 11, 2016, granted, now 9,558,360, issued on Jan. 31, 2017.
Application 15/096,011 is a continuation of application No. 14/494,525, filed on Sep. 23, 2014, granted, now 9,313,182, issued on Apr. 12, 2016.
Application 14/494,525 is a continuation of application No. 13/439,827, filed on Apr. 4, 2012, granted, now 8,843,734, issued on Sep. 23, 2014.
Claims priority of provisional application 61/471,682, filed on Apr. 4, 2011.
Prior Publication US 2025/0088500 A1, Mar. 13, 2025
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/00 (2013.01); G06F 21/60 (2013.01); H04L 9/00 (2022.01); H04L 9/40 (2022.01); H04L 51/08 (2022.01)
CPC H04L 63/083 (2013.01) [G06F 21/602 (2013.01); H04L 9/00 (2013.01); H04L 51/08 (2013.01); H04L 63/0471 (2013.01); H04L 63/06 (2013.01); H04L 63/12 (2013.01); H04L 63/20 (2013.01); G06F 21/00 (2013.01); G06F 21/60 (2013.01); H04L 63/0245 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
providing a document management system managing a plurality of documents wherein the document management system comprises clients and servers;
executing a first policy enforcer program installed on a first client;
at the first client, intercepting by an interceptor code component of the first policy enforcer program a request by an application that is attempting to send a selected document, managed by the document management system, to a second client;
after the interceptor code component intercepts the send request, not allowing the application to send the selected document to the second client, and using a policy engine code component of the first policy enforcer program, evaluating at least one policy associated with the selected document;
as a result of the evaluating, determining that the send request is allowed, and encrypting the selected document using an encryption key from an encryption key ring; and
allowing the application to send the encrypted document to the second client;
causing a second policy enforcer program installed on the second client to intercept a request for access to the encrypted document;
determining that the encrypted document is encrypted; and
with the second policy enforcer program, accessing the encryption key that will allow decryption of the encrypted document.