Electronic signature framework with enhanced security

US 10,361,871 B2
Filed: 09/18/2017
Issued: 07/23/2019
Est. Priority Date: 08/31/2015
Status: Active Grant

First Claim

Patent Images

1. An electronic signature system comprising a memory device and a processor that is operatively coupled to the memory device, wherein the processor is configured to execute instructions stored in the memory device that, when executed, cause the processor to carry out an electronic signature analysis process that comprises:

receiving, by an electronic signature server, a document verification inquiry from an authorized inquiring party, wherein the document verification inquiry includes one or more properties characterizing a document of interest;

querying document audit data stored in a storage resource managed by the electronic signature server, wherein the document audit data characterizes a plurality of documents processed by the electronic signature server;

generating query results that include document audit data characterizing at least one document having the one or more properties received with the document verification query, wherein the at least one document includes the document of interest; and

sending, to the authorized inquiring party, document audit data characterizing the document of interest, wherein the document audit data comprises a transmission report that provides a timestamp and a recipient for a transmission of the document of interest to a signatory to the document of interest;

wherein the electronic signature server does not retain the document of interest when the document verification inquiry is received.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Improved document processing workflows provide a secure electronic signature framework by reducing attack vectors that could be used to gain unauthorized access to digital assets. In one embodiment an electronically signed document is removed from an electronic signature server after signed copies of the document are distributed to all signatories. The electronic signature server optionally retains an encrypted copy of the signed document, but does not retain the decryption password. This limits the amount of data retained by the electronic signature server, making it a less attractive target for hackers. However, the electronic signature server still maintains audit data that can be used to identify a signed document and validate an electronic signature. For example, a hash of the document (or other document metadata) can be used to validate the authenticity of an electronically signed document based on a logical association between an electronic signature and the signed document.

Citations

18 Claims

1. An electronic signature system comprising a memory device and a processor that is operatively coupled to the memory device, wherein the processor is configured to execute instructions stored in the memory device that, when executed, cause the processor to carry out an electronic signature analysis process that comprises:
- receiving, by an electronic signature server, a document verification inquiry from an authorized inquiring party, wherein the document verification inquiry includes one or more properties characterizing a document of interest;
  
  querying document audit data stored in a storage resource managed by the electronic signature server, wherein the document audit data characterizes a plurality of documents processed by the electronic signature server;
  
  generating query results that include document audit data characterizing at least one document having the one or more properties received with the document verification query, wherein the at least one document includes the document of interest; and
  
  sending, to the authorized inquiring party, document audit data characterizing the document of interest, wherein the document audit data comprises a transmission report that provides a timestamp and a recipient for a transmission of the document of interest to a signatory to the document of interest;
  
  wherein the electronic signature server does not retain the document of interest when the document verification inquiry is received.
- View Dependent Claims (2, 3, 4)
- - 2. The electronic signature server of claim 1, wherein the authorized inquiring party is authenticated based on receipt of a trusted credential selected from a group consisting of a password, a digital certificate, and a token from a trusted authentication provider.
  - 3. The electronic signature server of claim 1, wherein the authorized inquiring party is the signatory to the document of interest.
  - 4. The electronic signature server of claim 1, wherein the electronic signature server does not retain a password for decrypting an encrypted version of the document of interest when the document verification inquiry is received.

5. A non-transitory computer readable medium comprising one or more computer-executable instructions that, when executed by one or more processors, cause a document workflow process to be carried out, the process comprising:
- receiving, by an electronic signature server, an electronically signed document;
  
  generating a hash of the electronically signed document that is received by the electronic signature server;
  
  storing the hash of the electronically signed document in a long-term storage resource managed by the electronic signature server;
  
  removing the received electronically signed document from the electronic signature server;
  
  after removing the electronically signed document from the electronic signature server, receiving, by the electronic signature server, a document verification inquiry from an authorized inquiring party, wherein the document verification inquiry identifies a document of unknown authenticity;
  
  generating a hash of the document of unknown authenticity;
  
  matching the hash of the document of unknown authenticity with the hash of the electronically signed document; and
  
  sending, to the authorized inquiring party, document audit data characterizing an electronic signature that was applied to the electronically signed document, wherein the document audit data includes a transmission report that provides a timestamp and a recipient for an electronic mail containing the electronically signed document.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13)
- - 6. The non-transitory computer readable medium of claim 5, wherein the document workflow process further comprises:
    - generating an encrypted copy of the electronically signed document and a password necessary to decrypt the encrypted copy; and
      
      removing the password from the electronic signature server.
  - 7. The non-transitory computer readable medium of claim 5, wherein:
    - the document workflow process further comprises receiving, from a document originator, a data retention policy definition that establishes a maximum period of time the electronically signed document should be retained by the electronic signature server; and
      
      the electronically signed document is not retained by the electronic signature server for more than the maximum period of time established by the data retention policy definition.
  - 8. The non-transitory computer readable medium of claim 5, wherein removing the electronically signed document from the electronic signature server comprises removing an encrypted copy of the electronically signed document from the electronic signature server.
  - 9. The non-transitory computer readable medium of claim 5, wherein the document audit data includes a signatory timestamp.
  - 10. The non-transitory computer readable medium of claim 5, wherein the document workflow process further comprises matching a size of the document having unknown authenticity with a size of a document indexed in the long-term storage resource.
  - 11. The non-transitory computer readable medium of claim 5, wherein receiving the document verification inquiry further comprises receiving a network address corresponding to a location where the document of unknown authenticity is stored.
  - 12. The non-transitory computer readable medium of claim 5, wherein receiving the document verification inquiry further comprises receiving a network address corresponding to a location where the document of unknown authenticity is stored.
  - 13. The non-transitory computer readable medium of claim 5, wherein the document workflow process further comprises matching (a) a size of the document having unknown authenticity when it was digitally signed with (b) a size of a document indexed in the long-term storage resource.

14. A computer-implemented electronic signature acquisition method comprising:
- receiving, by an electronic signature server, an electronically signed document;
  
  generating a hash of the electronically signed document that is received by the electronic signature server;
  
  storing the hash of the electronically signed document in a long-term storage resource managed by the electronic signature server;
  
  removing the received electronically signed document from the electronic signature server;
  
  after removing the electronically signed document from the electronic signature server, receiving, by the electronic signature server, a document verification inquiry from an authorized inquiring party, wherein the document verification inquiry identifies a document of unknown authenticity;
  
  generating a hash of the document of unknown authenticity;
  
  matching the hash of the document of unknown authenticity with the hash of the electronically signed document; and
  
  sending, to the authorized inquiring party, document audit data characterizing an electronic signature that was applied to the electronically signed document, wherein the document audit data includes a transmission report that provides a timestamp and a recipient for a transmission of the electronically signed document to a signatory to the electronically signed document.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The computer-implemented electronic signature acquisition method of claim 14, further comprising saving the document audit data in the long-term storage resource.
  - 16. The computer-implemented electronic signature acquisition method of claim 14, wherein:
    - the method further comprises receiving, from a document originator, a data retention policy definition that establishes a maximum period of time the electronically signed document should be retained by the electronic signature server; and
      
      the electronically signed document is not retained by the electronic signature server for more than the maximum period of time established by the data retention policy definition.
  - 17. The computer-implemented electronic signature acquisition method of claim 14, further comprising:
    - generating an encrypted copy of the electronically signed document and a password necessary to decrypt the encrypted copy; and
      
      removing the password from the electronic signature server.
  - 18. The computer-implemented electronic signature acquisition method of claim 14, further comprising:
    - receiving, from a document originator, a data retention policy definition that establishes a maximum period of time the electronically signed document should be retained by the electronic signature server; and
      
      displaying a user interface that allows the document originator to define one or more parameters that establish the data retention policy definition.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Adobe Inc.
Original Assignee
Adobe Inc.
Inventors
Saxena, Neha, Kumar, Divij, Pandey, Aditya Kumar
Primary Examiner(s)
Le, Khoi V

Application Number

US15/707,538
Publication Number

US 20180006825A1
Time in Patent Office

673 Days
Field of Search
US Class Current
CPC Class Codes

H04L 9/3226   using a predetermined code,...

H04L 9/3236   using cryptographic hash fu...

H04L 9/3247   involving digital signatures

Electronic signature framework with enhanced security

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Electronic signature framework with enhanced security

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links