FAU Invention for Privacy of Sharing Files Online Gets U.S. PatentThursday, Jul 29, 2021
Senders who share documents online have little to no control over who views the information that is being sent and where it is being viewed. This is especially problematic for sharing pictures online or when organizations share confidential documents with employees and others.
A scientist from Florida Atlantic University’s College of Engineering and Computer Science is taking secure online file-sharing to the next level. Hari Kalva, Ph.D., inventor, associate chair and professor in the Department of Electrical Engineering and Computer Science, has received a patent from the United States Patent and Trademark Office for a novel invention that controls how and when shared documents are displayed.
This new technology offers new control mechanisms that limit opportunities for capturing information displayed on screens using an external capture device such as a camera. The system restricts individuals from viewing documents based on individual identity (e.g., face ID, a voice sample), their social network, and when and where the document is being viewed.
“While services such as Snapchat allow self-destructing messages or notify users when a recipient takes a screenshot of a message, there is no way to prevent someone from photographing or showing to others in the room the screen on which such limited access photos or documents are displayed,” said Kalva. “We have developed a system for ensuring maximum privacy for document sharing that overcomes these problems.”
With Kalva’s technology, messages are encrypted with viewing restrictions. The app on the receiver’s phone/device ensures viewing restrictions are satisfied before displaying a message. The app continues to monitor viewing restrictions while the message is displayed. When restrictions are not satisfied (e.g., viewing a picture with another person who is restricted from viewing), the receiver can request for permission to view with reduced restrictions. The system also monitors the location where the receiver is situated, detects the presence of recording devices such as cameras, and detects sounds to determine if usage is appropriate. Once the environment is deemed suitable, the receiver will have access to the decryption keys and the document will be displayed.
The technology links social media accounts to the software to identify who should be granted access. For example, a restriction on a message can allow a user to show the message to all of their Facebook or Instagram friends. The app will use a camera to verify that the people viewing the message are indeed the user’s friends on social networks as described in viewing restrictions. When a user attempts to open a message, the app activates the camera and takes a picture of the recipient, which is then used to verify the identity of authorized viewers. If the correct faces are detected, access is granted; if not, the picture may be sent to the sender for confirmation.
Senders also can choose the number of people who can view the message by using the receiver’s camera. If the correct number of people are present, automatic access is granted. If more people are present, the sender is asked for permission to grant access to those individuals. In addition, using GPS on the receiver’s device, the sender can select the location where the message can be accessed. The sender also can choose the type of environment that the receiver is located. For example, if the receiver is in a loud place, the message cannot be viewed. When a user attempts to open a message, the microphone of the receiver’s device is activated. A short 10-second clip is recorded. If the clip contains loud sounds, access will not be granted.
The application software also can use biometrics, such as fingerprints, to determine who is attempting to view the message. To determine location, the application software uses GPS, IP address or cell tower location to identify the receiver’s current location. The message is then shown only when the location matches the location specified in the sender’s restrictions.
“Many people may be reluctant to send sensitive information over the Internet due to lack of control. Fortunately, the cutting-edge technology developed by professor Kalva will enable users to protect sensitive information sent online and ensure that only the intended audience can view the information,” said Stella Batalama, Ph.D., dean, College of Engineering and Computer Science. “In addition to message exchange in social networks, this invention has many applications in document security. For example, defense and intelligence agencies will be able to place more precise restrictions on how documents are viewed.”
Neha Kommireddy worked with Kalva on the project as a high school student from Uganda conducting a remote research internship and is currently an undergraduate student at the University of Southern California.