Attribute-based encryption (ABE) of messages where a message is decrypted and checked prior to transmission

摘要

A method of secure information sharing between a first domain (Nation1) and plurality other domains (Nations 2-4), comprising processing a file at the first domain to establish a set of attributes of the file, the attributes comprising a destination attribute for determining permitted domains to which the file may be sent, encrypting the file at the first domain using the determined attributes, decrypting the file at a first egress data guard (EDG-21) having the attribute for the first destination domain, where decryption will be possible if the destination attribute of the data guard matches the destination attribute of the file, and if it has been possible to decrypt the file at step, determining whether the file may be communicated to the first destination domain, e.g. scanning the file for sensitive keywords.