Abstract
Methods, systems and apparatuses for providing trustworthy workflow across trust boundaries are disclosed. One method includes a curator generating a first public key (PKC1) and a second public key (PKC2), publishing the first public key (PKC1) and the second public key (PKC2), and generating a first proxy reencryption key (RKC1C2) and a second proxy reencryption key (RKC2B). Further, a first party encrypts data having a key k, wherein k is encrypted according to the first public key (PKC1). A custodian proxy reencrypts k from the first public key (PKC1) to the second public key (PKC2) using the first proxy reencryption key (RK C1C2), and the custodian proxy reencrypts k from the second public key (PKC2) to a public key (PKB) of the second party B using the second proxy reencryption key (RKC2B). The second party B receiving the data and decrypting the data with the key k.
Claims

A method of providing trustworthy workflow across trust boundaries between a first party A and a second party B, comprising:
one or more curators generating a first public key (PK_{C1}) and a second public key (PK_{C}), and the one or more curators generating and maintaining a first secret key (SK_{C1}) and a second secret key (SK_{C});
the one or more curators publishing the first public key (PK_{C1}) and the second public key (PK_{C2});
the one or more curators generating a first proxy reencryption key RK_{C1C2}) and a second proxy reencryption key (RK_{C2B});
the first party A encrypting data having a key k, wherein k is encrypted according to the first public key (PK_{C1});
one or more custodians proxy reencrypting k from the first public key (PK_{C}) to the second public key (PK_{C2}) using the first proxy reenctyption key (RK_{C1C2}) herein the proxy reencryption is oneway;
the one or more custodians proxy reencrypting k from the second public key (PK_{C2}) to a public key (PK_{B}) of the second party B using the second proxy reencryption key (RK_{C2}), wherein the proxy reencryption is oneway; and
the second party B receiving the data and decrypting the data with the key k, decrypted from a secret key SK_{B},

The method of claim 1, wherein the proxy reencryption being oneway comprises:
the one or more curators generating the proxy reencryption key utilizing a cryptographic oneway function., wherein the cryptographic oneway function comprises a cryptographic pairing, and wherein the proxy reencryption is restricted to be oneway.

The method of claim 1, wherein the one or more curators generate the second proxy reencryption key (RK_{C2B}) without knowledge of the secret key SK_{B }comprising:
obtaining a public key of the second party B;
generating the second proxy reencryption key (RK_{C2B}) by applying a cryptographic function to the public key of the second party B.
 The method of claim 1, further comprising preventing collusion between the one or more custodians, the one or more curators or any other party to obtain a curator secret key or any other parties' secret key, comprising utilizing a oneway pairing function.
 The method of claim 1, further comprising preventing the ability for party B or one or more curators or one or more custodians, or in any combination to generate a proxy reencryption that is not the intention of party A
 The method of claim 1, wherein the one or more curators comprises a plurality of curators, acting as one or more Policy Administration Points (PAP) and one or more Policy Decision Points (PDP) for one or more enterprises across trust boundaries, and further comprising preventing the one or more custodians, acting as one or more Policy Enforcement Points (PEP), from accessing or tampering content of policies of the plurality of curators while enforcing the policies across the plurality of curators.
 The method of claim 6, wherein policy enforcement actions performed by one or more custodians are nonrepudiable and tamper proof.
 The method of claim 6, further comprising the plurality of curators translating the policies into the generation of the first public key (PK_{C1}), the second public key (PK_{C2}), the first secret key (SK_{C1}), the second secret key (SK_{C2}).
 The method of claim 8, wherein publishing the first public key (PK_{C1}) and the second public key (PK_{C2}) comprises the plurality of curators sending the first public key (PK_{C1}) and the second public key (PK_{C2}) to the one or more custodians.
 The method of claim 9, further comprising the plurality of curators requesting for policy enforcement comprising publishing the first proxy reencryption key (RK_{c1c2}) and the second proxy reencryption key (RK_{c2B}) to the one or more custodians, and sending requests to perform one or more proxy reencryption operations to the one or more custodians.
 The method of claim 9, further comprising the one or more custodians enforcing the policies by performing the proxy reencrypting of k from the first public key (PK_{C1}) to the second public key (PK_{C2}) and proxy reencrypting k from the second public key (PK_{C2}) to a public key (PK_{a}).
 The method of claim 1, wherein the one or more curators, comprising an enterprise, and the one or more custodians provide the trustworthy workflow within a cloud network, wherein the one or more custodians comprise one or more cloud service providers.
 The method of claim 12, wherein Party A is a resource provider in an enterprise and the curator is an identity provider.
 The method of claim 1, wherein the party A or the party B is the curator.
 The method of claim 1, wherein proxy reencryption keys generated by the one or more curators have a timeout period in which the proxy reencryption keys expire.
 The method of claim 1, wherein at least one of party A and party B are within a hierarchical group, and further comprising proxy reencrypting the k more than twice, wherein sharing of the data from one party of the hierarchical group to another party of the hierarchical group includes a proxy reencrypting.

A system for providing trustworthy workflow across trust boundaries between a first party A and a second party B, comprising:
one or more curator servers operative to generate a first public key (PK_{C1}) and a second public key (PK_{C2}), wherein the One or more curators maintain a first secret key (SK_{C1}) and a second secret key (SK_{C2});
the one or more curator servers operative to publish the first public key (PK_{C1}) and the second public key (PK_{C2});
the one or more curator servers operative to generate a first proxy reencryption key (RK_{C1C2}) and a second proxy reencryption key (RK_{C2B});
the first party server A operative to encrypt data having a key k, wherein k is encrypted according to the first public key (PK_{C1});
one or more custodian servers operative to proxy reencrypt k from the first public key (PK_{C1}) to the second public key (PK_{C2}) using the first proxy reencryption key (RK_{C1C2}) wherein the proxy reencryption is oneway;
the one or more custodians servers operative to proxy reencrypt k from the second public key (PK_{C2}) to a public key (RK_{C2B}) of the second party using the second proxy reencryption key (RK_{C2B}), wherein the proxy reencryption is oneway; and
the second party server B operative to receive the data and decrypting the data with the key k, decrypted from a secret key SK_{B}.
 The system of claim 17, wherein the one or more curators servers comprises a plurality of curator servers, and the plurality curator servers are operative to acti as one or more Policy Administration Points (PAP) and one or more Policy Decision Points (PDP) for one or more enterprises across trust boundaries, and are further operative to prevent the one or more custodian servers, acting as one or more Policy Enforcement Points (PEP), from accessing or tampering content of policies of the plurality of curator servers while enforcing the policies across the plurality of curator servers.

A method of enabling one or more custodians to provide trustworthy workflow across trust boundaries between a first party A and a second party B, comprising:
receiving, by the one or more custodians, a first public key (PK_{C1}) and a second public key (PK_{C2});
receiving, by the one or more custodians, a first proxy reencryption key (RK_{C1C2}) and a second proxy reencryption key (RK_{C2B});
receiving, by the one or more custodians, encrypted data having a key k, wherein k is encrypted according to the first public key (PK_{C1});
proxy reencrypting k from the first public key (PK_{C1}) to the second public key (PK_{C2}) using the first proxy reencryption key (RK_{C1C2}), wherein the proxy reencryption is oneway;
proxy reencrypting k from the second public key (PK_{C2}) to a public key (PK_{B}) of the second party B using the second proxy reencryption key (RK_{C2B}), wherein the proxy reencryption is oneway; and
sending, by the one or more custodians, the encrypted data to the second party B, thereby allowing the second party B to decrypt the data with key k, decrypted from a secret key SK_{B}.
 The method of claim 19, wherein a cloudbased cloud connect service aids the one or more custodians to proxy reencrypt k from the first public key (PK_{C1C2}) to the second public key (PK_{C2}) using the first proxy reencryption key (RK_{C1C2}), and to proxy reencrypt k from the second public key (PK_{C2}) to a public key (PK_{B}) of the second party B using the second proxy reencryption key (RK_{C2B}).
Owners (US)

Alephcloud Systems Inc
(Sep 10 2012)
Explore more patents:
Applicants

D Souza Roy Peter
Explore more patents:

Zhu Jieming
Explore more patents:

Alephcloud Systems Inc
Explore more patents:
Inventors

D Souza Roy Peter
Explore more patents:

Zhu Jieming
Explore more patents:
CPC Classifications

H04L9/0825
Explore more patents:

H04L2209/76
Explore more patents:
IPC Classifications

H04L9/32
Explore more patents:
US Classifications

713/168
Explore more patents:
Document Preview
 Publication: Aug 15, 2013

Application:
Sep 13, 2012
US 201213613080 A

Priority:
Sep 13, 2012
US 201213613080 A

Priority:
Feb 13, 2012
US 201261598071 P