| CPC H04L 63/0435 (2013.01) [H04L 9/0631 (2013.01); H04L 9/0866 (2013.01); H04L 9/3073 (2013.01)] | 15 Claims |
|
1. A method for sharing data with at least one user, wherein the data is owned by a data owner and to be published by a data publisher, the method comprising:
deriving, by the data owner, a publisher key based on an owner key held by the data owner and providing the publisher key to the data publisher;
deriving, by the data publisher, a symmetric access key based on the publisher key and at least one attribute of a subset of the data and encrypting the subset with the symmetric access key;
deriving, by the data owner, the symmetric access key based on the owner key and the at least one attribute, and providing the symmetric access key to the user to enable the user to decrypt using the symmetric access key the subset encrypted by the data publisher;
encrypting the symmetric access key using a public key of a key pair of the user and providing the encrypted symmetric access key to the user before the subset is generated to enable the user to decrypt the encrypted symmetric access key using a secret key of the key pair and decrypt using the symmetric access key the subset encrypted by the data publisher; and
transmitting, by the data publisher, the encrypted subset to the user to enable the user to access the subset using the symmetric access key; and
wherein the at least one attribute is content-specific information about the subset of data that is predefined prior to generation of the subset of data based on an expected content of the subset.
|