System and method for providing a secure environment during the use of electronic documents and data

US 20030217264A1
Filed: 05/14/2002
Published: 11/20/2003
Est. Priority Date: 05/14/2002
Status: Abandoned Application

First Claim

Patent Images

1. In a network interfaced with an electronic device, a method, comprising the steps of:

providing a document on said electronic device, said document associated with a workflow, said workflow being a sequence of steps required to accomplish a task;

allowing access to said document in response to a request from a remotely located device interfaced with said electronic device via said network, said access being allowed after authenticating the user of said remote electronic device;

updating said workflow to indicate the completion of a task listed in said workflow, said task performed using said document; and

storing said document on said electronic device, said document including an electronic signature from the user of said remote electronic device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The illustrative embodiment of the present discloses a method of providing a secure environment during the use of electronic documents and data. Authenticated users are able to access, act upon and sign, via a secure connection, a workflow object that is stored on a remote server. The workflow object includes a sequence of action items, the steps in a workflow, and includes documents or references to documents required by the workflow. Also included in the workflow object is an Access Control List ( ACL ) which specifies which users can access which documents at which times. Each document has its own ACL which allows the access of each document to be specified independently from other documents at a given time. The documents may be encrypted and decrypted using a variety of methods designed to enhance security, including the use of digital signatures. Once a document is decrypted ( if encrypted), the user performs a task specified in the workflow using the decrypted document. The workflow is updated to reflect completed tasks, the document may be electronically signed, and the altered document is then re-encrypted.

180 Citations

31 Claims

1. In a network interfaced with an electronic device, a method, comprising the steps of:
- providing a document on said electronic device, said document associated with a workflow, said workflow being a sequence of steps required to accomplish a task;
  
  allowing access to said document in response to a request from a remotely located device interfaced with said electronic device via said network, said access being allowed after authenticating the user of said remote electronic device;
  
  updating said workflow to indicate the completion of a task listed in said workflow, said task performed using said document; and
  
  storing said document on said electronic device, said document including an electronic signature from the user of said remote electronic device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1 wherein said electronic signature is a digital signature.
  - 3. The method of claim 1 wherein said user authentication is done over a Secure Socket Layers connection between said remotely located device and said electronic device.
  - 4. The method of claim 1 wherein said document is an encrypted document referenced by a certificate holding encryption data, said certificate associating a public encryption key and a user with a private encryption key.
  - 5. The method of claim 4 wherein said electronic device is interfaced with a Certificate Authority, said Certificate Authority issuing said certificate.
  - 6. The method of claim 5 wherein said Certificate Authority includes a list of invalid certificates.
  - 7. The method of claim 6, comprising the further step of:
    - validating the certificate associated with said encrypted document by comparing the certificate with said list of invalid certificates prior to decrypting said encrypted document.
  - 8. The method of claim 1 wherein said workflow restricts access to said document to a particular sequence of users.
  - 9. The method of claim 1, comprising the further step of:
    - indicating that said document has been reviewed by a user pursuant to said workflow and the user is intentionally not signing said document.
  - 10. The method of claim 9 wherein the indication that the user is not signing said document invalidates the document.

11. In a network interfaced with an electronic device, a method, comprising the steps of:
- providing a document encrypted using Public Key Infrastructure ( PKI ) on said electronic device, said encrypted document associated with a workflow;
  
  providing a server interfaced with said network, said server interfaced with a certificate authority, said certificate authority issuing certificates binding user identities with public and private encryption keys;
  
  storing at least one encrypted document and an accompanying certificate issued by said certificate authority on said server, said encrypted document associated with a workflow;
  
  decrypting the encrypted document using the information in said certificate in response to a request from a remotely located device interfaced with said network;
  
  updating said workflow to indicate the completion of a task listed in said workflow, said task performed using said document; and
  
  storing said previously encrypted document on said electronic device, said previously encrypted document being re-encrypted prior to being stored.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The method of claim 11 comprising the further steps of:
    - calculating a hash function of the reencrypted document to produce a hashed document; and
      
      storing the hashed document with a digital signature.
  - 13. The method of claim 11, comprising the further steps of:
    - encrypting said encrypted document using a private encryption key; and
      
      decrypting said encrypted document using a public encryption key.
  - 14. The method of claim 11, comprising the further steps of:
    - encrypting said encrypted document using a public encryption key; and
      
      decrypting said encrypted document using a private encryption key.
  - 15. The method of claim 11 wherein said workflow associated with said encrypted document restricts access to said document to a specific sequence of users.
  - 16. The method of claim 11, comprising the further step of:
    - indicating that the encrypted document has been reviewed pursuant to said workflow by a user and that the user is intentionally not signing said encrypted document.
  - 17. The method of claim 16 wherein the indication that the user is not signing the encrypted document invalidates the document.

18. In a network interfaced with an electronic device, a method, comprising the steps of:
- providing an encrypted document on said electronic device, said encrypted document associated with a workflow;
  
  said workflow being a sequence of steps required to accomplish a task;
  
  decrypting said encrypted document in response to a request from a remotely located device interfaced with said electronic device via said network;
  
  performing a task with said document indicated by said workflow; and
  
  updating said workflow to indicate the completion of a task listed in said workflow, said task performed using said document.

19. In a network interfaced with an electronic device, a method, comprising the steps of:
- providing an encrypted document on said electronic device, said encrypted document associated with a workflow, said workflow being a sequence of steps required to accomplish a task;
  
  decrypting said encrypted document in response to a request from a remotely located device interfaced with said electronic device via said network;
  
  updating said workflow to indicate the completion of a task listed in said workflow, said task performed using said document; and
  
  storing said previously encrypted document on said electronic device, said previously encrypted document being re-encrypted prior to being stored.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 20. The method of claim 19 comprising the further steps of:
    - calculating a hash function of the reencrypted document to produce a hashed document; and
      
      storing the hashed document with a digital signature.
  - 21. The method of claim 19 wherein said decrypting is done over a Secure Socket Layers connection between said remotely located device and said electronic device.
  - 22. The method of claim 19 wherein said encrypted document references a certificate holding encryption data, said certificate associating a public encryption key and a user with a private encryption key.
  - 23. The method of claim 22 wherein said electronic device is interfaced with a Certificate Authority, said Certificate Authority issuing said certificate.
  - 24. The method of claim 23 wherein said Certificate Authority includes a list of invalid certificates.
  - 25. The method of claim 24, comprising the further step of:
    - validating the certificate associated with said encrypted document by comparing the certificate with said list of invalid certificates prior to decrypting said encrypted document.
  - 26. The method of claim 19 wherein said workflow restricts access to said encrypted document to a particular sequence of users.
  - 27. The method of claim 19, comprising the further step of:
    - indicating that the encrypted document has been reviewed by a user pursuant to said workflow and the user is intentionally not signing said encrypted document.
  - 28. The method of claim 27 wherein the indication that the user is not signing the encrypted document invalidates the document.

29. In a network with an electronic device, said electronic device holding at least one encrypted document associated with a workflow, a medium holding computer-executable steps for a method, said method comprising the steps of:
- decrypting said encrypted document in response to a request from a remotely located device interfaced with said network over a secure connection;
  
  updating said workflow to indicate the completion of a task listed in said workflow, said task performed using said document; and
  
  storing said previously encrypted document, said previously encrypted document being re-encrypted prior to being stored.
- View Dependent Claims (30, 31)
- - 30. The medium of claim 29 wherein said workflow associated with said encrypted document restricts access to said document to a specific sequence of users.
  - 31. The medium of claim 30 wherein said method, comprises the further step of:
    - indicating that the encrypted document has been reviewed pursuant to said workflow by a user and that the user is intentionally not signing said encrypted document.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Signitas Corporation
Original Assignee
Signitas Corporation
Inventors
Martin, Andrew K., Tramontozzi, Bruno

Application Number

US10/145,491
Publication Number

US 20030217264A1
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

G06F 21/6209   to a single file or object,...

G06F 21/64   Protecting data integrity, ...

G06F 2221/2115   Third party

G06F 2221/2141   Access rights, e.g. capabil...

H04L 2209/80   Wireless network architectu...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

System and method for providing a secure environment during the use of electronic documents and data

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

180 Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for providing a secure environment during the use of electronic documents and data

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

180 Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links