主权项 |
1. A method comprising:
providing a document management system managing a plurality of documents wherein the document management system comprises clients and servers; at a first client, executing a first policy enforcer program; at the first client, trapping by the first policy enforcer program a request by an e-mail application to send an e-mail with a document attachment, managed by the document management system, to a second client; at the first policy enforcer program, evaluating at least one policy associated with the document attachment; as a result of the evaluating, determining that the send request is allowed, but before allowing the e-mail application to send the document attachment, encrypting the document attachment; allowing the e-mail application to send the encrypted document attachment to the second client; sending a notification from a second policy enforcer regarding an attempt at the second client to open the encrypted document; determining the attempt at the second client is allowed according to a first policy; at the second client, determining that the encrypted document is encrypted; providing an encryption module executing at the second client; with the second policy enforcer program, requesting a key that will allow decryption of the encrypted document; passing the key to the encryption module; and at the encryption module, using the key to unencrypt the encrypted document attachment and obtaining the unencrypted document attachment. |