| 发明名称 | Privacy-protective data transfer | ||
| 摘要 | A method receives authentication credentials for a user from a client device and receives a request from the user for content stored on a remote storage system. A portion of the content is encrypted and a corresponding decryption key is available only at the computer system. The remaining portion of the content is unencrypted. The method retrieves the content from the remote storage system and uses the received credentials to determine whether the user is authorized to view the encrypted portion. When the user is not authorized, the method forms alternative content by replacing the encrypted portion with a substitute element and transmits the alternative content to the client device. When the user is authorized, the method decrypts the encrypted portion of the content using the decryption key, and combines the decrypted portion with the unencrypted portion to form updated content. The updated content is transmitted to the client device. | ||
| 申请公布号 | US9536102(B2) | 申请公布日期 | 2017.01.03 |
| 申请号 | US201615047581 | 申请日期 | 2016.02.18 |
| 申请人 | GOOGLE INC. | 发明人 | Margolin Ben |
| 分类号 | G06F7/04;H04N7/16;G06F17/30;G06F21/62;G06F21/10;H04L29/06;G06F21/60;H04L9/28;H04L9/08;G06F21/12;H04N21/2347;H04N21/2743 | 主分类号 | G06F7/04 |
| 代理机构 | Morgan, Lewis & Bockius LLP | 代理人 | Morgan, Lewis & Bockius LLP |
| 主权项 | 1. A method, comprising: at a computer system having one or more processors and memory storing one or more programs configured for execution by the one or more processors: receiving authentication credentials for a user from a client device; receiving a request from the user at the client device for content stored on a remote storage system, wherein a portion of the content is encrypted and a corresponding decryption key is available only at the computer system and accessible only by the computer system, and wherein a remaining portion of the content is unencrypted; retrieving the content from the remote storage system, including the encrypted portion and the unencrypted portion; using the received authentication credentials to determine whether the user is authorized to view the encrypted portion of the content; when it is determined that the user is not authorized to view the encrypted portion of the content: forming alternative content by replacing the encrypted portion of the content with a substitute element; andtransmitting the alternative content to the client device; and when it is determined that the user is authorized to view the encrypted portion of the content: decrypting the encrypted portion of the content using the decryption key, and combining the decrypted portion with the remaining unencrypted portion to form updated content; andtransmitting the updated content to the client device. | ||
| 地址 | Mountain View CA US | ||