SYSTEM AND METHOD OF SECURE ENCRYPTION FOR ELECTRONIC DATA TRANSFER

US 20080086646A1
Filed: 10/05/2006
Published: 04/10/2008
Est. Priority Date: 10/05/2006
Status: Active Grant

First Claim

Patent Images

1. A computer program for enabling a secure data transfer system, at least a portion of the program being stored on a computer-readable medium, the computer program comprising:

a code segment for enabling a first computer to receive input from a first user identifying transfer data and a recipient identifier;

a code segment for enabling the first computer to create an encoding key, encode the transfer data using the key, and communicate the key and the recipient identifier to a second computer;

a code segment for enabling the second computer to associate the recipient identifier with a secure package identifier, and to communicate the secure package identifier to the first computer;

a code segment for enabling a third computer to identify the secure package identifier and the encoded transfer data;

a code segment for enabling the third computer to receive from a second user a user identifier and to communicate the user identifier and the secure package identifier to the second computer; and

a code segment for enabling the second computer to communicate the key to the third computer only if the secure package identifier received from the third computer matches the secure package identifier created by the second computer and if the user identifier matches the recipient identifier.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for secure transfer of encrypted data involves a sender client (36), a recipient client (38), a main server (40), and a key server (42). The sender client (36) receives instructions from a first user identifying transfer data and a recipient identifier, creates an encoding key, encodes the transfer data using the key, and communicates the key and the recipient identifier to a main server (40). The main server (40) communicates the key and the recipient identifier to the key server (42), which associates the recipient identifier with a secure package identifier and communicates the secure package identifier to the main server (40), which communicates the secure package identifier to the sender client (36). The recipient client (38) receives and identifies the secure package identifier and the encoded transfer data, receives from a second user a user identifier, and communicates the user identifier and the secure package identifier to the main server (40), which communicates them to the key server (42). The key server (42) communicates the key to the main server (40) only if the secure package identifier received from the recipient client (38) matches the secure package identifier created by the main server (40) and if the user identifier matches the recipient identifier. The main server (40) communicates the key to the recipient client (38).

Citations

39 Claims

1. A computer program for enabling a secure data transfer system, at least a portion of the program being stored on a computer-readable medium, the computer program comprising:
- a code segment for enabling a first computer to receive input from a first user identifying transfer data and a recipient identifier;
  
  a code segment for enabling the first computer to create an encoding key, encode the transfer data using the key, and communicate the key and the recipient identifier to a second computer;
  
  a code segment for enabling the second computer to associate the recipient identifier with a secure package identifier, and to communicate the secure package identifier to the first computer;
  
  a code segment for enabling a third computer to identify the secure package identifier and the encoded transfer data;
  
  a code segment for enabling the third computer to receive from a second user a user identifier and to communicate the user identifier and the secure package identifier to the second computer; and
  
  a code segment for enabling the second computer to communicate the key to the third computer only if the secure package identifier received from the third computer matches the secure package identifier created by the second computer and if the user identifier matches the recipient identifier.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The computer program as set forth in claim 1, further comprising:
    - a code segment for enabling the first computer to communicate the secure package identifier and the encoded transfer data to the third computer; and
      
      a code segment for enabling the third computer to receive the secure package identifier and the encoded transfer data.
  - 3. The computer program as set forth in claim 1, further comprising a code segment for enabling a first computer to receive the transfer data and the recipient identifier from the first user.
  - 4. The computer program as set forth in claim 1, further comprising:
    - a code segment for enabling the first computer to communicate the key and the recipient identifier to the second computer via a computer network using a secure communications protocol; and
      
      a code segment for enabling the second computer to communicate the secure package identifier to the first computer via a computer network using a secure communications protocol.
  - 5. The computer program as set forth in claim 1, further comprising:
    - a code segment for enabling the third computer to communicate the user identifier and the secure package identifier to the second computer via a computer network using a secure communications protocol; and
      
      a code segment for enabling the second computer to communicate the key to the third computer via a computer network using a secure communications protocol.
  - 6. The computer program as set forth in claim 1, further comprising:
    - a code segment for enabling the first computer to receive sender authentication information from the first user and to communicate the sender authentication information to the second computer; and
      
      a code segment for enabling the second computer to compare the sender authentication information received from the first computer with authentication information stored in a database, and to communicate the secure package identifier to the first computer only if the sender authentication information matches authentication information stored in the database.
  - 7. The computer program as set forth in claim 6, wherein the authentication information includes biometric information.
  - 8. The computer program as set forth in claim 1, further comprising:
    - a code segment for enabling the third computer to receive recipient authentication information from the second user and communicate the recipient authentication information and the secure package identifier to the second computer;
      
      a code segment for enabling the second computer to compare the recipient authentication information with authentication information stored in a database; and
      
      a code segment for enabling the second computer to communicate the key to the third computer only if the recipient authentication information received from the third computer matches authentication information stored in the database and if the recipient identifier received from the third computer matches the recipient identifier associated with the secure package identifier.
  - 9. The computer program as set forth in claim 8, wherein the authentication information includes biometric information.
  - 10. The computer program as set forth in claim 1, further comprising a code segment for enabling the third computer to decode the encoded transfer data using the key.
  - 11. The computer program as set forth in claim 1, further comprising:
    - a code segment for enabling the first computer to collect the transfer data from a data buffer; and
      
      a code segment for enabling the first computer to place the encoded transfer data and the secure package identifier in the buffer as a single data file.
  - 12. The computer program as set forth in claim 1, further comprising a code segment for enabling the first computer to encode the transfer data by encrypting the data.
  - 13. The computer program as set forth in claim 1, further comprising:
    - a code segment for enabling the first computer to encode the transfer data by combining the transfer data with a user-selected data file using the key; and
      
      a code segment for enabling the third computer to decode the transfer data by removing the transfer data from the user-selected data file using the key.

14. A computer program for enabling a secure data transfer system, wherein at least a portion of the program is stored on a computer-readable medium, the computer program comprising:
- a code segment for enabling a first computer to receive transfer data and a plurality of recipient identifiers from a first user;
  
  a code segment for enabling the first computer to create an encryption key, encrypt the transfer data, and communicate the key and the recipient identifiers to a second computer;
  
  a code segment for enabling the second computer to communicate the key and the plurality of recipient identifiers to a third computer;
  
  a code segment for enabling the third computer to associate each of the recipient identifiers with a secure package identifier, and to communicate the secure package identifier to the second computer;
  
  a code segment for enabling the second computer to communicate the secure package identifier to the first computer;
  
  a code segment for enabling the first computer to communicate the secure package identifier and the encrypted transfer data to a fourth computer;
  
  a code segment for enabling the fourth computer to communicate a user identifier and the secure package identifier to the second computer;
  
  a code segment for enabling the second computer to communicate the user identifier and the secure package identifier to the third computer;
  
  a code segment for enabling the third computer to communicate the key to the second computer only if the secure package identifier received from the second computer matches the secure package identifier created by the third computer and if the user identifier received from the third computer matches one of the plurality of recipient identifiers associated with the secure package identifier; and
  
  a code segment for enabling the second computer to communicate the key to the fourth computer.
- View Dependent Claims (15, 16, 17)
- - 15. The computer program as set forth in claim 14, further comprising:
    - a code segment for enabling the first computer to receive sender authentication information from the first user and to communicate the sender authentication information to the second computer; and
      
      a code segment for enabling the second computer to compare the sender authentication information received from the first computer with authentication information stored in a database, and to communicate the key and the recipient identifier to the third computer only if the sender authentication information matches authentication information stored in a database
  - 16. The computer program as set forth in claim 14, further comprising:
    - a code segment for enabling the fourth computer to receive recipient authentication information from the second user and communicate the recipient authentication information to the second computer;
      
      a code segment for enabling the second computer to authenticate the second user by comparing the recipient authentication information with authentication information stored in a database; and
      
      a code segment for enabling the second computer to communicate the user identifier and the secure package identifier to the third computer only if the recipient authentication information received from the fourth computer matches authentication information stored in the database.
  - 17. The computer program as set forth in claim 14, further comprising:
    - a code segment for enabling the first computer to destroy the encryption key upon communicating the key to the second computer; and
      
      a code segment for enabling the second computer to destroy the encryption key upon communicating the key to the third computer and upon communicating the key to the fourth computer.

18. A computer program for enabling a secure data transfer system, wherein at least a portion of the program is stored on a computer-readable medium, the computer program comprising:
- a code segment for enabling a first computer to receive from a first user transfer data, sender identification information, sender authentication information, and recipient identification information, to create an encryption key, to encrypt the transfer data using the encryption key, and to communicate the sender identification information, sender authentication information, recipient identification information, and key to a second computer;
  
  a code segment for enabling the second computer to authenticate the first user by verifying that the sender identification information and sender authentication information match identification and authentication information stored in a database, to generate a recipient anonymous indicator corresponding to the recipient identification information and communicate the recipient anonymous indicator and the key to a third computer only if the first user is authenticated;
  
  a code segment for enabling the third computer to create a secure package identifier and to associate the recipient anonymous indicator and the key with the secure package identifier, and to communicate the secure package identifier to the second computer;
  
  a code segment for enabling the second computer to communicate the secure package identifier to the first computer;
  
  a code segment for enabling the first computer to communicate the secure package identifier and the encrypted transfer data to a fourth computer;
  
  a code segment for enabling the fourth computer to receive user identification and authentication information from a second user , to communicate the secure package identifier, the user identification and authentication information to a fifth computer;
  
  a code segment for enabling the fifth computer to create a user anonymous indicator corresponding to the user identification information, and to communicate the user anonymous identifier and the secure package identifier to the third computer;
  
  a code segment for enabling the third computer to match the secure package identifier received from the fifth computer with the secure package identifier created by the third computer, to compare the user anonymous identifier with the recipient anonymous identifier associated with the secure package identifier, and to communicate the key to the fifth computer only if the secure package identifier received from the fifth computer is the same as the secure package identifier created by the third computer and the user anonymous identifier is the same as the first recipient anonymous identifier associated with the secure package identifier;
  
  a code segment for enabling the fifth computer to communicate the key to the fourth computer; and
  
  a code segment for enabling the fourth computer to decrypt the encrypted transfer data using the key.
- View Dependent Claims (19, 20, 21, 22, 23)
- - 19. The computer program as set forth in claim 18, further comprising a code segment for enabling the third computer to create an encryption record, to associate the encryption record with the secure package identifier, and for including in the encryption record information indicating each time the key was communicated to another computer and one or more hashed values associated with each communication of the key.
  - 20. The computer program as set forth in claim 18, further comprising:
    - a code segment for enabling the second computer to generate the recipient anonymous indicator by applying a hashing algorithm to the recipient identification information; and
      
      a code segment for enabling the fifth computer to generate the user anonymous indicator by applying the hashing algorithm to the user identification information.
  - 21. The computer program as set forth in claim 18, further comprising:
    - a code segment for enabling the first computer to destroy the key upon communicating the key to the second computer;
      
      a code segment for enabling the second computer to destroy the key upon communication of the key to the third computer;
      
      a code segment for enabling the fifth computer to destroy the key upon communicating the key to the fourth computer; and
      
      a code segment for enabling the fourth computer to destroy the key after decrypting the encrypted message data.
  - 22. The computer program as set forth in claim 18, wherein the sender authentication information includes biometric information and the user authentication information includes biometric information.
  - 23. The computer program as set forth in claim 22, wherein the biometric information is chosen from the group consisting of fingerprint data, voice print data, retinal scan data, facial characteristics, and signature data.

24. A method of secure data transfer, the method comprising:
- using a first computer to receive from a first user transfer data and a recipient identifier;
  
  using the first computer to creating an encoding key, encode the transfer data using the key, and communicate the key and the recipient identifier to a second computer;
  
  using the second computer to associate the recipient identifier with a secure package identifier, and to communicate the secure package identifier to the first computer;
  
  transferring the secure package identifier and the encoded transfer data to a third computer;
  
  using the third computer to receive from a second user a user identifier and to communicate the user identifier and the secure package identifier to the second computer; and
  
  using the second computer to communicate the key to the third computer only if the secure package identifier received from the third computer matches the secure package identifier created by the second computer and if the user identifier matches the recipient identifier.
- View Dependent Claims (25, 26, 27, 28, 29, 30)
- - 25. The method as set forth in claim 24, further comprising transferring the secure package identifier and the encoded transfer data to the third computer via a computer network.
  - 26. The method as set forth in claim 24, further comprising transferring the secure package identifier and the encoded transfer data to the third computer by storing the secure package identifier and the encoded transfer data on a physical medium, transporting the medium to the third computer, and using the third computer to read the secure package identifier and the encoded transfer data from the physical storage medium.
  - 27. The method as set forth in claim 24, further comprising:
    - using the first computer to receive sender authentication information from the first user and to communicate the sender authentication information to the second computer; and
      
      using the second computer to compare the sender authentication information received from the first computer with authentication information stored in a database, and to communicate the key and the recipient identifier to the second computer only if the sender authentication information matches authentication information stored in a database.
  - 28. The method as set forth in claim 24, wherein the authentication information includes biometric information.
  - 29. The method as set forth in claim 24, further comprising:
    - using the third computer to receive recipient authentication information from the second user and communicate the recipient authentication information and the secure package identifier to the second computer;
      
      using the second computer to compare the recipient authentication information with authentication information stored in a database; and
      
      using the second computer to communicate the key to the third computer only if the recipient authentication information received from the second computer matches authentication information stored in the database and if the recipient identifier received from the third computer matches the recipient identifier associated with the encryption package identifier.
  - 30. The method as set forth in claim 29, wherein the authentication information includes biometric information.

31. A method of secure data transfer, the method comprising:
- communicating sender identification and authentication information, an encryption key, and a list of recipient identifiers from a first client computer to a first server computer;
  
  authenticating the sender at the first server computer by comparing the sender authentication information to authentication information stored in a database;
  
  encoding each of the recipient identifiers using the first server computer;
  
  communicating the encoded recipient identifiers and the key to a second server computer;
  
  creating a secure package identifier at the key server and associating the secure package identifier with the key and the encoded recipient identifiers;
  
  communicating the secure package identifier from the second server computer to the first server computer, and from the first server computer to the first client computer;
  
  encrypting transfer data at the first client computer and transferring the encrypted transfer data and the secure package identifier from the first client computer to a second client computer;
  
  communicating the secure package identifier, a user identifier pertaining to a second user, and user authentication information pertaining to the second user, from the second client computer to a third server computer;
  
  authenticating the second user at the third server computer by comparing the user authentication information to authentication information stored in a database;
  
  encoding the user identifier at the third server computer;
  
  communicating the encoded user identifier and the key to the second server computer;
  
  matching the secure package identifier received from the third server computer with the secure package identifier created by the second server computer, and communicating the key from the second server computer to the third server computer only if the encoded user identifier matches one of the encoded recipient identifiers received from the second server computer; and
  
  communicating the key from the second third server computer to the second client computer.

32. A computer program for enabling a secure data transfer system, at least a portion of the program being stored on a computer-readable medium, the computer program comprising:
- a code segment for enabling a first computer to receive an encoding key and a recipient identifier from a second computer, to associate the recipient identifier and the key with a secure package identifier, and to communicate the secure package identifier to the second computer; and
  
  a code segment for enabling the first computer to receive a user identifier and a secure package identifier from a third computer, and to communicate the key to the third computer only if the secure package identifier received from the third computer matches the secure package identifier created by the second computer and if the user identifier matches the recipient identifier associated with the secure package identifier.
- View Dependent Claims (33, 34)
- - 33. The computer program as set forth in claim 32, further comprising a code segment for enabling the first computer to receive sender authentication information from the second computer, compare the sender authentication information received from the second computer with authentication information stored in a database, and to associate the recipient identifier with the secure package identifier and the key only if the sender authentication information matches information stored in the database.
  - 34. The computer program as set forth in claim 32, further comprising a code segment for enabling the first computer to receive user authentication information from the fourth computer, compare the user authentication information received from the fourth computer with authentication information stored in a database, and to communicate the key to the fourth computer only if the user authentication information matches information stored in the database.

35. A computer program for enabling a secure data transfer system, at least a portion of the program being stored on a computer-readable medium, the computer program comprising:
- a code segment for enabling a first computer to receive an encoding key, sender authentication information, and a recipient identifier from a second computer, and to communicate the recipient identifier and the key to a third computer only if the sender authentication information matches authentication information stored in a database;
  
  a code segment for enabling the third computer to create a first secure package identifier and associate the key and the recipient identifier with the first secure package identifier, and to communicate the first secure package identifier to the first computer;
  
  a code segment for enabling the first computer to communicate the first secure package identifier to the second computer;
  
  a code segment for enabling the first computer to receive a user identifier, user authentication information, and a second secure package identifier from a fourth computer, and to communicate the second secure package identifier and the user identifier to the third computer only if the user authentication information matches authentication information stored in the database;
  
  a code segment for enabling the third computer to communicate the key to the first computer only if the second secure package identifier matches the first secure package identifier and if the user identifier received from the first computer matches the recipient identifier associated with the secure package identifier; and
  
  a code segment for enabling the first computer to communicate the key to the fourth computer.
- View Dependent Claims (36)
- - 36. The computer program as set forth in claim 35, further comprising:
    - a code segment for enabling a fifth computer to receive a user identifier, user authentication information, and a third secure package identifier from a fourth computer, and to communicate the third secure package identifier and the user identifier to the third computer only if the user authentication information matches authentication information stored in a database;
      
      a code segment for enabling the third computer to communicate the key to the fifth computer only if the third secure package identifier matches the first secure package identifier and if the user identifier received from the fifth computer matches the recipient identifier associated with the first secure package identifier; and
      
      a code segment for enabling the fifth computer to communicate the key to the sixth computer.

37. A computer program for enabling a secure data transfer system, at least a portion of the program being stored on a computer-readable medium, the computer program comprising:
- a code segment for receiving transfer data and authentication information from a user;
  
  a code segment for assembling a list of transfer data recipients;
  
  a code segment for generating an encoding key and encoding the transfer data using the key;
  
  a code segment for communicating the authentication information, the key, and the list to a first external location;
  
  a code segment for receiving an identifier; and
  
  a code segment for communicating the encoded transfer data and the identifier to a second external location.

38. A computer program for enabling a secure data transfer system, at least a portion of the program being stored on a computer-readable medium, the computer program comprising:
- a code segment for receiving authentication information from a user;
  
  a code segment for receiving encoded data and an identifier;
  
  a code segment for communicating the identification information, the authentication information, and the identifier to a first external location;
  
  a code segment for receiving an encoding key; and
  
  a code segment for decoding the encrypted data using the encoding key.

39. A computer program for enabling a secure data transfer system, at least a portion of the program being stored on a computer-readable medium, the computer program comprising:
- a code segment for receiving first user authentication information, an encoding key, and a recipient identifier from a first external location;
  
  a code segment for communicating a first user identifier and the key to a second external location;
  
  a code segment for receiving a secure package identifier from the second external location;
  
  a code segment for communicating the secure package identifier to the first external location;
  
  a code segment for receiving a second secure package identifier and second user authentication information from a third external location;
  
  a code segment for communicating the second secure package identifier to the second external location;
  
  a code segment for receiving the key from the second external location; and
  
  a code segment for communicating the key to the third external location.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CIP, LLC
Original Assignee
Ceelox, Inc.
Inventors
Pizano, Erix

Granted Patent

US 8,412,947 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/189
CPC Class Codes

H04L 2209/24   Key scheduling, i.e. genera...

H04L 2209/42   Anonymization, e.g. involvi...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/08   for authentication of entit...

H04L 63/0861   using biometrical features,...

H04L 63/0876   based on the identity of th...

H04L 9/0816   Key establishment, i.e. cry...

H04L 9/0819   Key transport or distributi...

H04L 9/321   involving a third party or ...

H04L 9/3231   Biological data, e.g. finge...

SYSTEM AND METHOD OF SECURE ENCRYPTION FOR ELECTRONIC DATA TRANSFER

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

39 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD OF SECURE ENCRYPTION FOR ELECTRONIC DATA TRANSFER

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

39 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links