System and method for message encryption and signing in a transaction processing system
First Claim
1. A method for secure communication of a message from a first server process to a second server process in a transactional processing system, comprising the steps of:
- marking a message buffer for encryption;
marking said message buffer for attachment of a digital signature;
creating an encryption envelope by encrypting said message buffer, and signing the encrypted contents of said message buffer with a digital signature; and
, sending said encryption envelope from the sender process to the recipient process.
2 Assignments
0 Petitions
Accused Products
Abstract
The invention provides a system and a method which utilizes a combination of message-based encryption and message-based digital signing to ensure the security and authenticity of a message or message buffer sent from one party or process to another in a transaction processing system. In one embodiment the invention includes a method comprising the steps of: creating an encryption envelope by encrypting a message buffer, signing the encrypted contents of said message buffer with a digital signature, sending said encryption envelope from the sender process to the recipient process, receiving the encryption envelope at the recipient process, decrypting said encryption envelope to retrieve said message, and verifying the identity of the sender process by retrieving the digital signature from the encryption envelope. The invention allows intermediate recipients to inspect the message, and provides for reliable authentication, confidentiality, integrity, and non-repudiation, of communicated messages.
230 Citations
20 Claims
-
1. A method for secure communication of a message from a first server process to a second server process in a transactional processing system, comprising the steps of:
-
marking a message buffer for encryption;
marking said message buffer for attachment of a digital signature;
creating an encryption envelope by encrypting said message buffer, and signing the encrypted contents of said message buffer with a digital signature; and
,sending said encryption envelope from the sender process to the recipient process.
-
-
2. A method for verifying secure communication of a message from a first server process to a second server process in a transactional processing system, comprising the steps of:
-
receiving an encryption envelope from a sender process;
importing said encryption envelope into a message buffer content readable by said recipient process;
decrypting said encryption envelope to retrieve said message; and
,verifying the identity of the sender process by retrieving said digital signature from said encryption envelope.
-
-
3. A method for secure communication of a message from a first server process to a second server process in a transactional processing system, comprising the steps of:
-
storing as content in a message buffer, a message from a first server process or sender process, for delivery to a second server process or recipient process;
exporting the contents of said message buffer to an external representation of said message buffer, said step of exporting includes the substeps of marking said message buffer for encryption, marking said message buffer for attachment of a digital signature identifying the sender process, and, creating an encryption envelope by encrypting said message buffer, and signing the encrypted contents of said message buffer with a digital signature;
sending said encryption envelope from the sender process to the recipient process; and
,importing said encryption envelope into a message buffer content readable by said recipient process, said step of importing includes the substeps of decrypting said encryption envelope to retrieve said message; and
,verifying the identity of the sender process by retireiving said digital signature from said encryption envelope. - View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
12. A system for secure communication of a message from a first server process to a second server process in a transactional processing system, comprising computer-readable instructions for performing the steps of:
-
storing as content in a message buffer, a message from a first server process or sender process, for delivery to a second server process or recipient process;
exporting the contents of said message buffer to an external representation of said message buffer, via a tpexport( ) function, said step of exporting includes the substeps of marking, using a tpseal( ) function, said message buffer for encryption, marking, using a tpsign( ) function, said message buffer for attachment of a digital signature identifying the sender process, and, creating an encryption envelope by encrypting said message buffer, and signing the encrypted contents of said message buffer with a digital signature;
sending said encryption envelope from the sender process to the recipient process; and
,importing said encryption envelope, via a tpimport( ) function, into a message buffer content readable by said recipient process, said step of importing includes the substeps of decrypting said encryption envelope to retrieve said message; and
,verifying the identity of the sender process by retireiving said digital signature from said encryption envelope.
-
Specification