Abstract: A system is disclosed for automatically distributing secured versions (*Sys.sub.-- D.sub.-- key*) of a file decryption key (Sys.sub.-- D.sub.-- key) to a plurality of file users by way of the file's security label. The label is defined to contain a plurality of Access-Control-Entries Records (ACER's) where each ACER includes a respective secured version (*Sys.sub.-- D.sub.-- key*) of the file decryption key. Each such secured version (*Sys.sub.-- D.sub.-- key*) is decipherable by a respective ACER private key. Each ACER may include respective other data such as:(a) ACER-unique identifying data for uniquely identifying the ACER or an associated user;(b) decryption algorithm identifying data for identifying the decryption process to be used to decrypt the encrypted *DATA* portion of the file; and(c) special handling code for specifying special handling for the code-containing ACER.

Abstract: A machine system for automatic decryption of confidential file data on a per-use basis and automatic later elimination of the decrypted data by scorching and/or re-encrypting is disclosed. The system can operate within a multi-threaded environment. The following features are provided for secure and automatic recryption: (1) use of file-exclusion lists; (2) use of application-program exclusion lists; (3) decrypting as needed in response to intercepted file-OPEN requests; (4) encrypting as needed in response to intercepted file-CLOSE requests; (5) delaying post-CLOSE encryption in special cases; (6) delaying retry of failed encryption; (7) keeping track of the number of application programs that are using each piece of decrypted plaintext; (8) identifying non-confidential files according to the directories they are contained within; (9) including encryption and decryption rules within directories that contain confidential files; and (10) avoiding unnecessary encryption of non-modified plaintext.

Abstract: A machine system for automatic decryption of confidential file data on a per-use basis and automatic later elimination of the decrypted data by scorching and/or re-encrypting is disclosed. The system can operate within a multi-threaded environment. The following features are provided for secure and automatic recryption: (1) use of file-exclusion lists; (2) use of application-program exclusion lists; (3) decrypting as needed in response to intercepted file-OPEN requests; (4) encrypting as needed in response to intercepted file-CLOSE requests; (5) delaying post-CLOSE encryption in special cases; (6) delaying retry of failed encryption; (7) keeping track of the number of application programs that are using each piece of decrypted plaintext; (8) identifying non-confidential files according to the directories they are contained within; (9) including encryption and decryption rules within directories that contain confidential files; and (10) avoiding unnecessary encryption of non-modified plaintext.