Method and system for authorizing and certifying electronic data transfers

US 20030088771A1
Filed: 04/18/2001
Published: 05/08/2003
Est. Priority Date: 04/18/2001
Status: Abandoned Application

First Claim

Patent Images

1. A method for authorizing an electronic data transfer comprising the steps of:

receiving an authentication request containing a digital certificate from a requesting device via a communication link;

determining whether the digital certificate is valid;

creating an authentication response denying the authentication request when the digital certificate is not valid, or approving the authentication request when the digital certificate is valid;

sending the authentication response to the requesting device via the communication link; and

storing information about the electronic data transfer, the digital certificate and at least a portion of the authentication response.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a method and system for creating non-repudiated digital receipts and electronic signatures for electronic transactions. More specifically, the present invention provides a method, computer program and system for authorizing an electronic data transfer. An authentication request containing a digital certificate is received from a requesting device via a communication link. The present invention then determines whether the digital certificate is valid, and creates an authentication response denying the authentication request when the digital certificate is not valid, or approving the authentication request when the digital certificate is valid. The authentication response is then sent to the requesting device via the communication link, and information about the electronic data transfer, the digital certificate and at least a portion of the authentication response are stored.

125 Citations

View as Search Results

48 Claims

1. A method for authorizing an electronic data transfer comprising the steps of:
- receiving an authentication request containing a digital certificate from a requesting device via a communication link;
  
  determining whether the digital certificate is valid;
  
  creating an authentication response denying the authentication request when the digital certificate is not valid, or approving the authentication request when the digital certificate is valid;
  
  sending the authentication response to the requesting device via the communication link; and
  
  storing information about the electronic data transfer, the digital certificate and at least a portion of the authentication response.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method as recited in claim 1 wherein the authentication request and the authentication response are transmitted via encrypted messages.
  - 3. The method as recited in claim 1 wherein the step of determining whether the digital certificate is valid comprises the steps of:
    - sending a validation request for the digital certificate to a validation authority; and
      
      receiving a validation response from the validation authority indicating whether or not the digital certificate is valid.
  - 4. The method as recited in claim 1 wherein the authentication response includes a date/time stamp.
  - 5. The method as recited in claim 1 wherein the authentication response includes a digital receipt.
  - 6. The method as recited in claim 5 wherein the digital receipt includes an identification of an originator of the electronic data transfer.
  - 7. The method as recited in claim 5 wherein the digital receipt includes an identification of a recipient of the electronic data transfer.
  - 8. The method as recited in claim 1 wherein the information about the electronic data transfer includes an electronic document.

9. A method for authorizing an electronic data transfer comprising the steps of:
- receiving an authentication request containing a digital certificate and information about the electronic data transfer from a requesting device via a communication link;
  
  determining whether the digital certificate is valid;
  
  creating an authentication response denying the authentication request when the digital certificate is not valid, or approving the authentication request when the digital certificate is valid;
  
  sending the authentication response to the requesting device via the communication link;
  
  creating a digital receipt for the electronic data transfer when the digital certificate is valid; and
  
  storing the information about the electronic data transfer, the digital certificate and at least a portion of the authentication response.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The method as recited in claim 9 wherein the authentication request, the authentication response and the information about the electronic data transfer are transmitted via encrypted messages.
  - 11. The method as recited in claim 9 wherein the step of determining whether the digital certificate is valid comprises the steps of:
    - sending a validation request for the digital certificate to a validation authority; and
      
      receiving a validation response from the validation authority indicating whether or not the digital certificate is valid.
  - 12. The method as recited in claim 9 wherein the digital receipt includes a date/time stamp.
  - 13. The method as recited in claim 9 wherein the digital receipt includes an identification of an originator of the electronic data transfer.
  - 14. The method as recited in claim 9 wherein the digital receipt includes an identification of a recipient of the electronic data transfer.
  - 15. The method as recited in claim 9 wherein the digital receipt includes an action taken relating to the electronic data transfer.
  - 16. The method as recited in claim 9 wherein the information about the electronic data transfer includes an electronic document.

17. A computer program embodied on a computer readable medium for authorizing an electronic data transfer comprising:
- a code segment for receiving an authentication request containing a digital certificate from a requesting device via a communication link;
  
  a code segment for determining whether the digital certificate is valid;
  
  a code segment for creating an authentication response denying the authentication request when the digital certificate is not valid, or approving the authentication request when the digital certificate is valid;
  
  a code segment for sending the authentication response to the requesting device via the communication link; and
  
  a code segment for storing information about the electronic data transfer, the digital certificate and at least a portion of the authentication response.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. The computer program as recited in claim 17 wherein the authentication request and the authentication response are transmitted via encrypted messages.
  - 19. The computer program as recited in claim 17 wherein the a code segment for determining whether the digital certificate is valid comprises:
    - a code segment for sending a validation request for the digital certificate to a validation authority; and
      
      a code segment for receiving a validation response from the validation authority indicating whether or not the digital certificate is valid.
  - 20. The computer program as recited in claim 17 wherein the authentication response includes a date/time stamp.
  - 21. The computer program as recited in claim 17 wherein the authentication response includes a digital receipt.
  - 22. The computer program as recited in claim 21 wherein the digital receipt includes an identification of an originator of the electronic data transfer.
  - 23. The computer program as recited in claim 21 wherein the digital receipt includes an identification of a recipient of the electronic data transfer.
  - 24. The computer program as recited in claim 17 wherein the information about the electronic data transfer includes an electronic document.

25. A computer program embodied on a computer readable medium for authorizing an electronic data transfer comprising:
- a code segment for receiving an authentication request containing a digital certificate and information about the electronic data transfer from a requesting device via a communication link;
  
  a code segment for determining whether the digital certificate is valid;
  
  a code segment for creating an authentication response denying the authentication request when the digital certificate is not valid, or approving the authentication request when the digital certificate is valid;
  
  a code segment for sending the authentication response to the requesting device via the communication link;
  
  a code segment for creating a digital receipt for the electronic data transfer when the digital certificate is valid; and
  
  a code segment for storing the information about the electronic data transfer, the digital certificate and at least a portion of the authentication response.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32)
- - 26. The computer program as recited in claim 25 wherein the authentication request, the authentication response and the information about the electronic data transfer are transmitted via encrypted messages.
  - 27. The computer program as recited in claim 25 wherein the a code segment for determining whether the digital certificate is valid comprises:
    - a code segment for sending a validation request for the digital certificate to a validation authority; and
      
      a code segment for receiving a validation response from the validation authority indicating whether or not the digital certificate is valid.
  - 28. The computer program as recited in claim 25 wherein the digital receipt includes a date/time stamp.
  - 29. The computer program as recited in claim 25 wherein the digital receipt includes an identification of an originator of the electronic data transfer.
  - 30. The computer program as recited in claim 25 wherein the digital receipt includes an identification of a recipient of the electronic data transfer.
  - 31. The computer program as recited in claim 25 wherein the digital receipt includes an action taken relating to the electronic data transfer.
  - 32. The computer program as recited in claim 25 wherein the information about the electronic data transfer includes an electronic document.

33. A system for authorizing an electronic data transfer comprising:
- a computer;
  
  a data storage device communicably linked to the computer;
  
  a requesting device communicably linked to the computer; and
  
  the computer receiving an authentication request containing a digital certificate from the requesting device, determining whether the digital certificate is valid, creating an authentication response denying the authentication request when the digital certificate is not valid, or approving the authentication request when the digital certificate is valid, sending the authentication response to the requesting device, and storing information about the electronic data transfer, the digital certificate and at least a portion of the authentication response on the data storage device.
- View Dependent Claims (34, 35, 36, 37, 38, 39, 40)
- - 34. The system as recited in claim 33 wherein the authentication request and the authentication response are transmitted via encrypted messages.
  - 35. The system as recited in claim 33 further comprising:
    - a validation authority communicably linked to the computer via a second communication link; and
      
      the computer determining whether the digital certificate is valid by sending a validation request for the digital certificate to a validation authority, and receiving a validation response from the validation authority indicating whether or not the digital certificate is valid.
  - 36. The system as recited in claim 33 wherein the authentication response includes a date/time stamp.
  - 37. The system as recited in claim 33 wherein the authentication response includes a digital receipt.
  - 38. The system as recited in claim 37 wherein the digital receipt includes an identification of an originator of the electronic data transfer.
  - 39. The system as recited in claim 37 wherein the digital receipt includes an identification of a recipient of the electronic data transfer.
  - 40. The system as recited in claim 33 wherein the information about the electronic data transfer includes an electronic document.

41. A system for authorizing an electronic data transfer comprising:
- a computer;
  
  a data storage device communicably linked to the computer;
  
  a requesting device communicably linked to the computer; and
  
  the computer receiving an authentication request containing a digital certificate and information about the electronic data transfer from the requesting device, determining whether the digital certificate is valid, creating an authentication response denying the authentication request when the digital certificate is not valid, or approving the authentication request and creating a digital receipt for the electronic data transfer when the digital certificate is valid, sending the authentication response to the requesting device, and storing the information about the electronic data transfer, the digital certificate and at least a portion of the authentication response on the data storage device.
- View Dependent Claims (42, 43, 44, 45, 46, 47, 48)
- - 42. The system as recited in claim 41 wherein the authentication request, the authentication response and the information about the electronic data transfer are transmitted via encrypted messages.
  - 43. The system as recited in claim 41 further comprising:
    - a validation authority communicably linked to the computer via a second communication link; and
      
      the computer determining whether the digital certificate is valid by sending a validation request for the digital certificate to a validation authority, and receiving a validation response from the validation authority indicating whether or not the digital certificate is valid.
  - 44. The system as recited in claim 41 wherein the digital receipt includes a date/time stamp.
  - 45. The system as recited in claim 41 wherein the digital receipt includes an identification of an originator of the electronic data transfer.
  - 46. The system as recited in claim 41 wherein the digital receipt includes an identification of a recipient of the electronic data transfer.
  - 47. The system as recited in claim 41 wherein the digital receipt includes an action taken relating to the electronic data transfer.
  - 48. The system as recited in claim 41 wherein the information about the electronic data transfer includes an electronic document.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Medport, Inc.
Original Assignee
Medport, Inc.
Inventors
Merchen, M. Russel

Application Number

US09/837,884
Publication Number

US 20030088771A1
Time in Patent Office

Days
Field of Search
US Class Current

713/175
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

H04L 63/0823   using certificates cryptogr...

H04L 63/101   Access control lists [ACL]

H04L 63/12   Applying verification of th...

Method and system for authorizing and certifying electronic data transfers

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

125 Citations

48 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for authorizing and certifying electronic data transfers

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

125 Citations

48 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links