SYSTEMS AND METHOD FOR THE TRANSPARENT MANAGEMENT OF DOCUMENT RIGHTS
First Claim
1. ) A method comprising the steps of:
- a) composing an e-mail to a recipient at an e-mail composer;
b) querying a registry to an entry corresponding to the recipient;
c) if no entry corresponding to the recipient is registered in the registry, generating a first key pair corresponding to the recipient, the first key pair including a first public encryption key and a first private encryption key;
d) encrypting the e-mail using the first public key;
e) encrypting the first key pair using a second public key to create an encrypted first key pair;
f) forwarding the e-mail to the recipient, forwarding the e-mail message further including sending a URL to the recipient;
g) selecting the URL;
h) forwarding an invitation to the recipient, the invitation comprising the second public key;
i) sending the encrypted first key pair to the e-mail reader;
j) decrypting the encrypted first key pair using the second public key at the e-mail reader;
k) installing the first private key at the e-mail reader wherein the first private key stored at the e-mail reader may be used to decrypt subsequent e-mails without querying the registry; and
l) decrypting the e-mail with the first private key at the e-mail reader.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are described for enabling documents to be controlled by a sender, in a manner which is transparent to any end recipients. The invention include mechanisms enabling a sender to control documents sent to recipient, in a manner that (1) encrypts the message to ensure its security, and (2) restricts operations the recipient may perform on the received message. The recipient and sender need not agree on a control protocol in advance of the communication. Wide distribution of a Digital Rights Management System may be facilitated by use of self-installing modules, which integrate with existing software used for document publishing and retrieval. The modules are forwarded to unregistered recipients upon authentication of the recipient, and install automatically on the recipient'"'"'s computer. The modules authenticate instructions from a sender, and, per instructions from the sender, may pre-empt certain types of operations on the e-mail by the recipient
-
Citations
21 Claims
-
1. ) A method comprising the steps of:
-
a) composing an e-mail to a recipient at an e-mail composer; b) querying a registry to an entry corresponding to the recipient; c) if no entry corresponding to the recipient is registered in the registry, generating a first key pair corresponding to the recipient, the first key pair including a first public encryption key and a first private encryption key; d) encrypting the e-mail using the first public key; e) encrypting the first key pair using a second public key to create an encrypted first key pair; f) forwarding the e-mail to the recipient, forwarding the e-mail message further including sending a URL to the recipient; g) selecting the URL; h) forwarding an invitation to the recipient, the invitation comprising the second public key; i) sending the encrypted first key pair to the e-mail reader; j) decrypting the encrypted first key pair using the second public key at the e-mail reader; k) installing the first private key at the e-mail reader wherein the first private key stored at the e-mail reader may be used to decrypt subsequent e-mails without querying the registry; and l) decrypting the e-mail with the first private key at the e-mail reader. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. ) A secure e-mail system, comprising:
-
i) a first key pair comprising a first public key and a first private key; ii) a second key pair comprising a second public key and a second private key; iii) a client e-mail reader, the client e-mail reader executing on a first terminal in communication with an internetwork; iv) a source e-mail composer, the source e-mail composer executing on a second terminal in communication with the internetwork, the source e-mail composer operable to send a message to the client e-mail reader, the message comprising an encrypted portion encrypted with the first public key and a key portion comprising the second public key; and v) a server in communication with the internetwork and operative to respond to a URL request received from the first terminal, to encrypt the first key pair with the second private key, and to send the resulting encrypted first key pair to the client e-mail reader; vi) whereby the client e-mail reader may decrypt the encrypted first key pair with the second public key and decrypt the encrypted portion using the first private key. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
Specification