Seclore Protection

It allows the integrating application to define file-specific recipients and their permissions dynamically at the time of protection.

In this model, the application directly passes below during the protection request.

• Recipient user(s) and/or group(s)
• Their associated permissions (View, Edit, Print, Copy, etc.)
• Optional expiry

Seclore applies these rights immediately to the protected file without relying on predefined policies or Policy Federation. Changes to recipient access can be managed through the policy server.

It is commonly used in:

• One-to-one document sharing scenarios
• Transaction-specific document delivery
• Automated report generation for a specific recipient
• Invoice or statement distribution
• AI-generated personalized document output

In this protection model, the integrating application passes a predefined Policy ID during the protection request.

The referenced policy contains:

• Defined users and/or groups
• Associated permissions (View, Edit, Print, Copy, etc.)
• Optional controls such as expiry, or IP based restrictions

At the time of protection, Seclore encrypts the file and associates it with the specified policy.

Key Characteristics:

• Permissions are centrally managed within the policy
• Updating the policy updates permissions for all files protected using that Policy ID.
• No runtime query to the integrating application is required.
• Suitable for standardized access models.

Typical use cases

• Department-level document sharing
• Standard confidentiality categories
• Templates or recurring document types
• Scenarios where permissions are static and centrally administered

This approach provides centralized administrative control with minimal integration complexity.

In this model, the integrating application passes a Hot Folder ID (HF ID) during the protection request.

When a file is protected using a Hot Folder ID:

• The file is tied to that Hot Folder
• Policies mapped to the Hot Folder determine effective permissions
• Updating the policy mapped to the Hot Folder updates permissions for all associated files

Key Characteristics

• Centralized permission control at the Hot Folder level
• Ability to map multiple policies to a single Hot Folder
• Ensures consistent owner assignment for all protected files
• Does not require runtime permission querying

Typical Use Cases

• Project-based protection models
• Folder/library-level security alignment
• Multi-policy management under a single container
• Administrative bulk updates across related documents

This model provides structured grouping and simplified permission lifecycle management.

This protection model is primarily used in Policy Federation scenarios.

In this case, Seclore must be able to uniquely identify the file within the integrating application in order to query it at runtime for access permissions.

During protection, the integrating application passes:

• External File Reference ID (unique file identifier in the application)
• Hot Folder ID or External Hot Folder Reference ID

The Hot Folder is configured with:

• A designated owner
• Optional External Hot Folder Reference (e.g., folder/library/container ID)

At runtime, when a user attempts to open the protected file, Seclore Policy Server queries the integrating application and passes:

• External File Reference ID
• External Hot Folder Reference ID

The application computes effective permissions and returns them to Seclore dynamically.

Key Characteristics

• Permissions are determined at file-open time
• Enables real-time access control enforcement
• Supports dynamic revocation
• Requires implementation of federation endpoints in the application

Typical Configuration Models

• One Hot Folder for entire application (global unique file IDs)
• One Hot Folder per folder/library (file ID unique within container)
• Single Hot Folder with composite file identifiers

At least one Hot Folder is mandatory when protecting files for Policy Federation.

To know more about Policy Federation click here.