Abstract: A technique for extending security to a data object (e.g., a document, a file, a message, etc.) once it has been shared and during collaboration with others who have access rights to that data object. The approach advantageously combines group key-based client-side encryption to secure the data object as it travels from a user's computer, to the cloud, and to a chosen collaborator's computer, together with a digital rights management (DRM) layer that provides permission management that associates a set of permission rights that travel with the data object.

Abstract: A technique for extending security to a data object (e.g., a document, a file, a message, etc.) once it has been shared and during collaboration with others who have access rights to that data object. The approach advantageously combines group key-based client-side encryption to secure the data object as it travels from a user's computer, to the cloud, and to a chosen collaborator's computer, together with a digital rights management (DRM) layer that provides permission management that associates a set of permission rights that travel with the data object.