System and method for enhanced data protection
First Claim
1. A method of secure network transmission comprising, by a computer system:
- encrypting a payload via a first symmetric key;
encrypting the first symmetric key via a second symmetric key;
encrypting an author header comprising the encrypted first symmetric key and a recipient list via a third symmetric key that is distinct from the first symmetric key and the second symmetric key, wherein the recipient list comprises at least one recipient;
encrypting the third symmetric key via a public asymmetric key associated with an authentication server;
generating an authentication header comprising the encrypted author header, the encrypted third symmetric key, and metadata sufficient to identify the authentication header;
transmitting the authentication header to the authentication server for use in recipient-initiated pre-access authentication;
generating a container comprising the encrypted payload and the second symmetric key; and
transmitting the container over a computer network to the at least one recipient.
2 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, a method of secure network transmission is performed by a computer system. The method includes encrypting a payload via a first symmetric key and encrypting the first symmetric key via a second symmetric key. The method further includes encrypting an author header comprising the encrypted first symmetric key and a recipient list via a third symmetric key, wherein the recipient list comprises at least one recipient. The method also includes encrypting the third symmetric key via a public asymmetric key associated with an authentication server. Furthermore, the method includes transmitting the encrypted author header and the encrypted third symmetric key to the authentication server for use in recipient-initiated pre-access authentication. In addition, the method includes transmitting the encrypted payload and the second symmetric key over a computer network to the at least one recipient.
-
Citations
18 Claims
-
1. A method of secure network transmission comprising, by a computer system:
-
encrypting a payload via a first symmetric key; encrypting the first symmetric key via a second symmetric key; encrypting an author header comprising the encrypted first symmetric key and a recipient list via a third symmetric key that is distinct from the first symmetric key and the second symmetric key, wherein the recipient list comprises at least one recipient; encrypting the third symmetric key via a public asymmetric key associated with an authentication server; generating an authentication header comprising the encrypted author header, the encrypted third symmetric key, and metadata sufficient to identify the authentication header; transmitting the authentication header to the authentication server for use in recipient-initiated pre-access authentication; generating a container comprising the encrypted payload and the second symmetric key; and transmitting the container over a computer network to the at least one recipient. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer system comprising a processor and memory, wherein the processor and memory in combination are operable to perform a method comprising:
-
encrypting a payload via a first symmetric key; encrypting the first symmetric key via a second symmetric key; encrypting an author header comprising the encrypted first symmetric key and a recipient list via a third symmetric key that is distinct from the first symmetric key and the second symmetric key, wherein the recipient list comprises at least one recipient; encrypting the third symmetric key via a public asymmetric key associated with an authentication server; generating an authentication header comprising the encrypted author header, the encrypted third symmetric key, and metadata sufficient to identify the authentication header; transmitting the authentication header to the authentication server for use in recipient-initiated pre-access authentication; generating a container comprising the encrypted payload and the second symmetric key; and transmitting the container over a computer network to the at least one recipient. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer-program product comprising a non-transitory computer-usable medium having computer-readable program code embodied therein, the computer-readable program code adapted to be executed to implement a method comprising:
-
encrypting a payload via a first symmetric key; encrypting the first symmetric key via a second symmetric key; encrypting an author header comprising the encrypted first symmetric key and a recipient list via a third symmetric key that is distinct from the first symmetric key and the second symmetric key, wherein the recipient list comprises at least one recipient; encrypting the third symmetric key via a public asymmetric key associated with an authentication server; generating an authentication header comprising the encrypted author header, the encrypted third symmetric key, and metadata sufficient to identify the authentication header; transmitting the authentication header to the authentication server for use in recipient-initiated pre-access authentication; generating a container comprising the encrypted payload and the second symmetric key; and transmitting the container over a computer network to the at least one recipient. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification