Does any one have references or sources on how to approach developing a web appl

Question

Does any one have references or sources on how to approach developing a web application in which the content is encrypted and unreadable for the developers or company owners; I'm referring to content such as legal docs, in which there is a need to keep information confidential for third parties.

The protected data should be the content say of Word docs, some metadata such as author (Lawyer), involved parties and maybe trial type would be searchable and not encrypted but the details and content of the document will be.

It would be visible/decrypt-able by the person (lawyer) who wrote it, by its associates if given permission and by the client (one of the parties in the document).

Ideally the metadata would be extracted and the the content encrypted for subsequent upload and storage

Explanation / Answer

Have a look at identity based encryption. Basically you could just use asymmetric encryption to achieve what you want. For example: encrypt everything you put on Facebook. Proof of concept: develop a plugin for Chrome which encrypts everything before it is uploaded to facebook with your private key. You spread your public key to your users. They use the plugin too and use your public key to decrypt your info on facebook. This way the FB servers only get encrypted useless data and your friends can still see the info you put on FB using the plugin and your public key.

Related Questions

Navigate

• Browse (All)
• Browse D
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.