CA2524577A1 - System and method for restricting user access to a network document - Google Patents

System and method for restricting user access to a network document Download PDF

Info

Publication number
CA2524577A1
CA2524577A1 CA002524577A CA2524577A CA2524577A1 CA 2524577 A1 CA2524577 A1 CA 2524577A1 CA 002524577 A CA002524577 A CA 002524577A CA 2524577 A CA2524577 A CA 2524577A CA 2524577 A1 CA2524577 A1 CA 2524577A1
Authority
CA
Canada
Prior art keywords
document
computer
request
access
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002524577A
Other languages
French (fr)
Other versions
CA2524577C (en
Inventor
Daniel C. Battagin
Ira Levin
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Corp
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of CA2524577A1 publication Critical patent/CA2524577A1/en
Application granted granted Critical
Publication of CA2524577C publication Critical patent/CA2524577C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Abstract

A system and method for restricting a client's access to sensitive material in a network document. The system includes a document storage component for storing documents having an associated level of access. The system also includes a server component for receiving a document request from a user, associating the document request with the level of access of the requested document, and sending a server request if the level of access is limited. The system further includes a document governor component for receiving the server request, sending a governor request to the document storage component, receiving an unrestricted document from the document storage component, processing the unrestricted document to limit rights according to the level of access, and sending a limited document to the server in order to allow a user accessibility to the restricted document.

Claims (26)

1. A computer-implemented method for restricting a level of access to a network document, comprising:
receiving a document request;
determining a level of access to the document;
receiving the document, wherein data associated with the document is unrestricted; and restricting the document according to the determined level of access so that at least a portion of the data associated with the document is unavailable for access.
2. The computer-implemented method of claim 1, wherein receiving a document request, further comprises:
receiving a document request from a client, wherein the document request includes a Uniform Resource Locator and a client identification.
3. The computer-implemented method of claim 2, further comprising:
providing a document storage for storing the document; and associating the Uniform Resource Locator and client identification with an access control list to determine the level of access.
4. The computer-implemented method of claim 1, wherein determining a level of access to the requested document, further comprises:
associating the document request with a document located in a document storage.
5. The computer-implemented method of claim 4, wherein associating the document request with a document located in a document storage, further comprises:
associating the document request with one of: a document header, a document footer and an access control list.
6. The computer-implemented method of claim 1, further comprising:
determining if a configuration is adequate to restrict the document according to the determined level of access; and when the configuration is not adequate, restricting all data associated with the document.
7. The computer-implemented method of claim 1, wherein receiving the requested document, further comprises:
receiving the requested document in response to a request from a document governor.
8. The computer-implemented method of claim 7, wherein receiving the requested document in response to a request from a document governor, further comprises:
sending a governor request from a document governor to a document storage; and receiving the document, wherein data associated with the document is unrestricted.
9. The computer-implemented method of claim 8, further comprising:
restricting at least a portion of the data associated with the document after the document governor receives the document from the document storage.
10. The computer-implemented method of claim 9, further comprising:
sending the document from the document governor to a server, wherein the server receives the document having at least a portion of the data restricted.
11. The computer-implemented method of claim 1, wherein the document is a spreadsheet document and the restricted portion of the data includes formula data.
12. The computer-implemented method of claim 1, further comprising:

sending a document request to a server, wherein the document request includes a Uniform Resource Locator and a client identification;
associating the Uniform Resource Locator and client identification with a document located in a storage that is associated with the server in order to determine a level of access;
determining when a configuration is adequate to restrict the document according to the determined level of access;
sending a governor request from a document governor to the storage when configuration is adequate;
receiving the document from the storage, wherein data associated with the document is unrestricted;
restricting at least a portion of the data associated with the document;
sending the document from the document governor to a server, wherein the server receives the document having at least a portion of the data restricted; and processing the document so that the client may access the document via the Internet.
13. A computer-readable medium having computer-executable instructions for performing steps, comprising;
receiving a document request on behalf of a client having limited access rights;
retrieving an unrestricted requested document on behalf of the client;
processing the unrestricted requested document to restrict at least a portion of the document according to the limited access rights; and making the restricted document accessible to the client.
14. The computer-executable instructions of claim 13, wherein the document request includes a server request.
15. The computer-executable instructions of claim 13, wherein retrieving an unrestricted requested document, further comprises:

sending a governor request to a storage associated with a server; and receiving the unrestricted requested document from the storage in accordance with the governor request.
16. The computer-executable instructions of claim 13, wherein the unrestricted requested document includes a spreadsheet document and the restricted portion includes formula data associated with a spreadsheet value.
17. The computer-executable instructions of claim 13, wherein making the restricted document accessible to the client, further comprises:

converting the document to a HyperText Markup Language.
18. The computer-executable instructions of claim 13, wherein making the restricted document accessible to the client, further comprises:
converting the document from an Extensible Markup Language to a HyperText Markup Language.
19. A computer-readable medium having computer-executable components, comprising:
a document storage component for storing documents having an associated level of access;
a server component for receiving a document request, associating the document request with the level of access, and sending a server request if the level of access is limited; and a document governor component for receiving the server request, sending a governor request to the document storage component, receiving an unrestricted document from the document storage component, processing the unrestricted document to limit rights according to the level of access, and sending a limited document to the server.
20. The computer-executable components of claim 19, wherein the document storage component is associated with the server component.
21. The computer-executable components of claim 19, wherein the server includes a file share server.
22. The computer-executable components of claim 19, wherein the document governor component includes a computer-executable program associated with the server.
23. The computer-executable components of claim 19, wherein the document governor component includes a document governor server.
24. The computer-executable components of claim 23, wherein the document governor server includes a spreadsheet calculation server.
25. A computer-readable medium, having computer-executable components, comprising:
a means for document storage;
a means for receiving a document request;
a means for associating the document request with a level of access; and a means for receiving an unrestricted document from the means for document storage and processing the unrestricted document to restrict rights according to the level of access.
26. The computer-executable components of claim 25, further including:
a means for converting the document to a HyperText Markup Language.
CA2524577A 2004-12-09 2005-10-27 System and method for restricting user access to a network document Expired - Fee Related CA2524577C (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/007,862 2004-12-09
US11/007,862 US7533420B2 (en) 2004-12-09 2004-12-09 System and method for restricting user access to a network document

Publications (2)

Publication Number Publication Date
CA2524577A1 true CA2524577A1 (en) 2006-06-09
CA2524577C CA2524577C (en) 2014-12-02

Family

ID=35597658

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2524577A Expired - Fee Related CA2524577C (en) 2004-12-09 2005-10-27 System and method for restricting user access to a network document

Country Status (10)

Country Link
US (1) US7533420B2 (en)
EP (1) EP1669905B1 (en)
JP (1) JP5059318B2 (en)
KR (1) KR101159343B1 (en)
CN (1) CN1786975B (en)
AU (1) AU2005220261B2 (en)
BR (1) BRPI0504992A (en)
CA (1) CA2524577C (en)
MX (1) MXPA05012066A (en)
RU (1) RU2400811C2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111639482A (en) * 2020-04-27 2020-09-08 平安普惠企业管理有限公司 Document modification method and device, electronic equipment and medium

Families Citing this family (55)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4717464B2 (en) * 2005-02-18 2011-07-06 キヤノン株式会社 Information processing apparatus, information processing method, and program
FR2895611B1 (en) * 2005-12-23 2008-02-22 Thales Sa ARCHITECTURE AND METHOD FOR CONTROLLING INFORMATION TRANSFER BETWEEN USERS
US9654456B2 (en) * 2006-02-16 2017-05-16 Oracle International Corporation Service level digital rights management support in a multi-content aggregation and delivery system
US9514117B2 (en) 2007-02-28 2016-12-06 Docusign, Inc. System and method for document tagging templates
US8370424B2 (en) * 2007-06-22 2013-02-05 Aol Inc. Systems and methods for caching and serving dynamic content
US8655961B2 (en) 2007-07-18 2014-02-18 Docusign, Inc. Systems and methods for distributed electronic signature documents
US8949706B2 (en) 2007-07-18 2015-02-03 Docusign, Inc. Systems and methods for distributed electronic signature documents
US10540651B1 (en) * 2007-07-31 2020-01-21 Intuit Inc. Technique for restricting access to information
US9020913B2 (en) * 2007-10-25 2015-04-28 International Business Machines Corporation Real-time interactive authorization for enterprise search
KR100938559B1 (en) * 2007-11-20 2010-01-22 고려대학교 산학협력단 System of access control for XML node and Method thereof
US8862979B2 (en) 2008-01-15 2014-10-14 Microsoft Corporation Multi-client collaboration to access and update structured data elements
US9147080B2 (en) 2008-02-06 2015-09-29 International Business Machines Corporation System and methods for granular access control
JP5006817B2 (en) * 2008-03-04 2012-08-22 日本電信電話株式会社 Authentication information generation system, authentication information generation method, client device, and program
US8613108B1 (en) * 2009-03-26 2013-12-17 Adobe Systems Incorporated Method and apparatus for location-based digital rights management
US9251131B2 (en) 2010-05-04 2016-02-02 Docusign, Inc. Systems and methods for distributed electronic signature documents including version control
EP2580705B1 (en) 2010-06-11 2018-08-08 DocuSign, Inc. Web-based electronically signed documents
US8566654B2 (en) * 2010-08-13 2013-10-22 Salesforce.Com, Inc. Debugging site errors by an admin as a guest user in a multi-tenant database environment
US10911550B2 (en) 2010-11-09 2021-02-02 Microsoft Technology Licensing, Llc Partial loading and editing of documents from a server
US9721030B2 (en) * 2010-12-09 2017-08-01 Microsoft Technology Licensing, Llc Codeless sharing of spreadsheet objects
CN103329140B (en) * 2010-12-22 2017-03-29 皇家飞利浦电子股份有限公司 Access control policy is created based on privacy of user preference
US8898742B2 (en) * 2011-10-11 2014-11-25 Paramount Pictures Corporation Systems and methods for controlling access to content distributed over a network
CA2875847A1 (en) 2011-06-08 2012-12-13 Sgrouples, Inc. Group authorization method and software
AU2012283810A1 (en) 2011-07-14 2014-02-06 Docusign, Inc. Online signature identity and verification in community
US9268758B2 (en) 2011-07-14 2016-02-23 Docusign, Inc. Method for associating third party content with online document signing
US9824198B2 (en) 2011-07-14 2017-11-21 Docusign, Inc. System and method for identity and reputation score based on transaction history
US10511732B2 (en) 2011-08-25 2019-12-17 Docusign, Inc. Mobile solution for importing and signing third-party electronic signature documents
EP2748721B1 (en) 2011-08-25 2022-10-05 DocuSign, Inc. Mobile solution for signing and retaining third-party documents
WO2013101084A1 (en) * 2011-12-29 2013-07-04 Intel Corporation Method of restricting corporate digital information within corporate boundary
US8880989B2 (en) 2012-01-30 2014-11-04 Microsoft Corporation Educating users and enforcing data dissemination policies
US9087039B2 (en) 2012-02-07 2015-07-21 Microsoft Technology Licensing, Llc Language independent probabilistic content matching
US9230130B2 (en) 2012-03-22 2016-01-05 Docusign, Inc. System and method for rules-based control of custody of electronic signature transactions
US10160674B2 (en) 2012-03-30 2018-12-25 Premier Magnesia, Llc Improving wastewater pumping and conveying efficiency
EP2819342B1 (en) * 2012-10-30 2017-03-01 LG Electronics Inc. Method and apparatus for authenticating access authority for specific resource in wireless communication system
US9836585B2 (en) * 2013-03-15 2017-12-05 Konica Minolta Laboratory U.S.A., Inc. User centric method and adaptor for digital rights management system
JP6376734B2 (en) * 2013-08-12 2018-08-22 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation Database management apparatus, database control method and program
US10013412B2 (en) * 2014-08-25 2018-07-03 Purple Robot Software, Inc. Peer to peer spreadsheet processing
CN107004094B (en) * 2014-12-09 2021-01-15 佳能株式会社 Information processing apparatus, control method for information processing apparatus, information processing system, and computer program
CN107851276A (en) * 2015-06-12 2018-03-27 比尔交易私人有限公司 The computer implemented more collection of currency invoice, transaction, access and payment systems
US10387669B1 (en) 2015-09-17 2019-08-20 Nextlabs, Inc. Protecting documents with centralized and discretionary policies
US10097557B2 (en) * 2015-10-01 2018-10-09 Lam Research Corporation Virtual collaboration systems and methods
CN105721425B (en) * 2015-12-31 2020-01-31 联想(北京)有限公司 information processing method and electronic equipment
US10140434B2 (en) 2016-05-03 2018-11-27 Microsoft Technology Licensing, Llc Group-based external sharing of electronic data
US10409779B2 (en) * 2016-08-31 2019-09-10 Microsoft Technology Licensing, Llc. Document sharing via logical tagging
US10540153B2 (en) 2016-12-03 2020-01-21 Thomas STACHURA Spreadsheet-based software application development
US11726753B2 (en) 2016-12-03 2023-08-15 Thomas STACHURA Spreadsheet-based software application development
US10216494B2 (en) * 2016-12-03 2019-02-26 Thomas STACHURA Spreadsheet-based software application development
US10713390B2 (en) 2017-07-17 2020-07-14 Microsoft Technology Licensing, Llc Removing sensitive content from documents while preserving their usefulness for subsequent processing
US11036929B2 (en) * 2017-11-15 2021-06-15 Adaptam Inc. Methods and systems for connecting a spreadsheet to external data sources with ordered formulaic use of data retrieved
US11429557B2 (en) 2018-10-11 2022-08-30 Dealvector, Inc. Templatization of spreadsheets in browser environments
US11429558B2 (en) 2018-10-11 2022-08-30 Dealvector, Inc. Mapping tests of spreadsheets in server-browser environments
EP3864557A4 (en) * 2018-10-11 2022-07-27 Dealvector, Inc. Effective deployment of spreadsheets in browser environments
RU2718970C1 (en) * 2019-01-09 2020-04-15 Кэнон Кабусики Кайся Information processing device, control method for information processing device, information processing system and computer program
CN112788091B (en) * 2020-05-09 2023-05-26 珠海金山办公软件有限公司 Document content providing system, document content collecting method, device and equipment
US11657217B2 (en) 2020-06-26 2023-05-23 Adaptam Inc. Methods and systems for presenting drop-down, pop-up or other presentation of a multi-value data set in a spreadsheet cell
US20220188447A1 (en) * 2020-12-14 2022-06-16 International Business Machines Corporation Policy-driven views of datasets

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH04347747A (en) * 1991-05-27 1992-12-02 Nec Software Kansai Ltd Security system for information retrieval system
US5495533A (en) * 1994-04-29 1996-02-27 International Business Machines Corporation Personal key archive
US5634012A (en) 1994-11-23 1997-05-27 Xerox Corporation System for controlling the distribution and use of digital works having a fee reporting mechanism
CN1127023C (en) * 1998-04-28 2003-11-05 株式会社山武 Information browsing system
US6931532B1 (en) 1999-10-21 2005-08-16 International Business Machines Corporation Selective data encryption using style sheet processing
US20020035568A1 (en) * 2000-04-28 2002-03-21 Benthin Mark Louis Method and apparatus supporting dynamically adaptive user interactions in a multimodal communication system
CN1471661A (en) 2000-06-29 2004-01-28 皇家菲利浦电子有限公司 Multiple encryption of a single document providing multiple level access privileges
EP1187035A1 (en) * 2000-09-07 2002-03-13 Siemens Aktiengesellschaft Method for the Automatic Protection of Data against Unintentional Overwriting in Electronic Forms
US7308717B2 (en) * 2001-02-23 2007-12-11 International Business Machines Corporation System and method for supporting digital rights management in an enhanced Java™ 2 runtime environment
KR100401935B1 (en) * 2001-06-07 2003-10-22 주식회사 파수닷컴 System and method for protecting of information in information offering system
KR20030005760A (en) * 2001-07-10 2003-01-23 주식회사 니츠 Method of access control according to access right of user in Personal Computer and apparatus thereof
AU2003219415A1 (en) 2002-03-21 2003-10-08 Sap Aktiengesellschaft Synchronizing users on shared data with locks
US7562215B2 (en) * 2003-05-21 2009-07-14 Hewlett-Packard Development Company, L.P. System and method for electronic document security
US9256753B2 (en) 2003-06-11 2016-02-09 Microsoft Technology Licensing, Llc Method and apparatus for protecting regions of an electronic document

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111639482A (en) * 2020-04-27 2020-09-08 平安普惠企业管理有限公司 Document modification method and device, electronic equipment and medium
CN111639482B (en) * 2020-04-27 2022-11-22 平安普惠企业管理有限公司 Document modification method and device, electronic equipment and medium

Also Published As

Publication number Publication date
MXPA05012066A (en) 2006-06-23
KR20060065480A (en) 2006-06-14
US20060129809A1 (en) 2006-06-15
KR101159343B1 (en) 2012-06-25
EP1669905A2 (en) 2006-06-14
JP5059318B2 (en) 2012-10-24
EP1669905A3 (en) 2007-08-01
EP1669905B1 (en) 2019-04-10
RU2005134203A (en) 2007-05-10
BRPI0504992A (en) 2006-09-12
US7533420B2 (en) 2009-05-12
AU2005220261A1 (en) 2006-06-29
CN1786975A (en) 2006-06-14
CA2524577C (en) 2014-12-02
CN1786975B (en) 2012-07-11
RU2400811C2 (en) 2010-09-27
AU2005220261B2 (en) 2010-07-29
JP2006164268A (en) 2006-06-22

Similar Documents

Publication Publication Date Title
CA2524577A1 (en) System and method for restricting user access to a network document
JP2006164268A5 (en)
US8458163B2 (en) System and method for enabling website owner to manage crawl rate in a website indexing system
US6381602B1 (en) Enforcing access control on resources at a location other than the source location
US6631451B2 (en) System and method for caching
US8370424B2 (en) Systems and methods for caching and serving dynamic content
US6742040B1 (en) Firewall for controlling data transfers between networks based on embedded tags in content description language
KR101458234B1 (en) Integrating enterprise search systems with custom access control application programming interfaces
US20080244738A1 (en) Access control
US7246119B2 (en) Method and implementation of session-based file locking for network applications
US20140068085A1 (en) Controlling access to resources by hosted entities
US6553461B1 (en) Client controlled pre-fetching of resources
US8051128B2 (en) Using feed usage data in an access controlled team project site environment
JP3791900B2 (en) Method and system for providing customized information in a computer processing system
US9787791B2 (en) Managing a data cache for a computer system
US8365069B1 (en) Web content management based on timeliness metadata
WO2012091652A1 (en) A system and method for using partial evaluation for efficient remote attribute retrieval
KR20180074774A (en) How to identify malicious websites, devices and computer storage media
US9355269B2 (en) Method and system for managing uniquely identifiable bookmarklets
US20060085423A1 (en) Rules of engagement for deterministic Web services
JP5131062B2 (en) Document management program, document management apparatus, and document management system
JP2003015939A (en) Information providing method and information providing device
US7930479B2 (en) System and method for caching and retrieving from cache transaction content elements
JP2007249481A (en) Update detection system for web site and update detection method for web site
US20050086228A1 (en) Conditionalized Access Control Based on Dynamic Content Analysis

Legal Events

Date Code Title Description
EEER Examination request
MKLA Lapsed

Effective date: 20201027