Secure Transfer of Information

US 20110099366A1
Filed: 08/15/2008
Published: 04/28/2011
Est. Priority Date: 08/17/2007
Status: Active Grant

First Claim

Patent Images

1. A method for secure transfer of information through a centralized system, the method taking place in said centralized system and the method comprising:

maintaining (202-204) user account information, a user account of a certain user comprising at least a user id and associated public and private keys, the private key being retrievable by means of a password of said certain user,receiving (301, 411) identification information relating to a recipient,retrieving public key of said recipient from said user account information by means of said identification information,receiving (412) information content addressed to said recipient,storing (415, 464) said information content for said recipient in encrypted form, said retrieved public key having been used in connection with encrypting said information content, andnotifying said recipient of the stored information content.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed is a method for secure transfer of information through a centralized system. The method comprising: maintaining user account information, a user account of a certain user comprising at least a user id and associated public and private keys, the private key being retrievable by means of a password of said certain user; receiving (411) identification information relating to a recipient; retrieving public key of said recipient from said user account information by means of said identification information; receiving (412) information content addressed to said recipient; storing (415) said information content for said recipient in encrypted form, said retrieved public key having been used in connection with encrypting said information content; and notifying (416) said recipient of the stored information content.

26 Citations

View as Search Results

20 Claims

1. A method for secure transfer of information through a centralized system, the method taking place in said centralized system and the method comprising:
- maintaining (202-204) user account information, a user account of a certain user comprising at least a user id and associated public and private keys, the private key being retrievable by means of a password of said certain user,receiving (301, 411) identification information relating to a recipient,retrieving public key of said recipient from said user account information by means of said identification information,receiving (412) information content addressed to said recipient,storing (415, 464) said information content for said recipient in encrypted form, said retrieved public key having been used in connection with encrypting said information content, andnotifying said recipient of the stored information content.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 20)
- - 2. The method of claim 1, whereinsaid information content is symmetrically encrypted (462) with a random key, and the random key is asymmetrically encrypted (463) with said retrieved public key, the method further comprisingstoring (464) in the centralized system the random key in encrypted form.
  - 3. The method of claim 1, whereinsaid information content is asymmetrically encrypted (414) with said retrieved public key.
  - 4. The method of any one of claims 1-3, further comprisingreceiving said information content in unencrypted form, andencrypting said information content in said centralized system.
  - 5. The method of any one of claims 1-3, further comprisingproviding said retrieved public key to an external device, andreceiving said information content in encrypted form from said external device.
  - 6. The method of any one of claims 1-5, wherein the private key in the user account information is encrypted with said password, or wherein only part of the private key is stored in the user account information, combination of the stored part of the private key and the password forming a full private key.
  - 7. The method of any one of claims 1-6, wherein said identification information is an id stored in said user information, an email address of the recipient, phone number of the recipient, or some other address of the recipient.
  - 8. The method of any one of claims 1-7, further comprisingresponsive to being unable to find said user account information by means of said identification information, creating (302) a user account for said recipient, andinforming the recipient of the created user account.
  - 9. The method of any one of claims 1-8, further comprisingallowing a user to log in by means of login information comprising a user id and a password,verifying (401) validity of the login information,receiving (402) a pointer to encrypted information content and retrieving said encrypted information content,retrieving (422) private key associated with the user by means of the password,decrypting (423, 471, 472) said encrypted information content by means of the decrypted private key, andproviding (424) to the user the information content in decrypted form.
  - 10. The method of claim 9, further comprisingconfirming that the login information is valid, if the password can be used for retrieving the private key relating to the user id.
  - 20. A memory medium embodying a computer executable program code adapted to enable an apparatus to perform the method of any one of claims 1-10.

11. An apparatus (104, 500), comprising:
- a storage area (504) configured to store user account information, a user account of a certain user comprising at least a user id and associated public and private keys, the private key being retrievable by means of a password of said certain user,an input (505) configured to receive identification information relating to a recipient and information content addressed to said recipient,a processing unit (501) configured to retrieve public key of said recipient from said user account information by means of said identification information, anda storage area (504) configured to store said information content for said recipient in encrypted form, said retrieved public key having been used in connection with encrypting said information content, whereinthe processing unit (501) is further configured to notify said recipient of the stored information content.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The apparatus of claim 11, whereinsaid information content is symmetrically encrypted with a random key, and the random key is asymmetrically encrypted with said retrieved public key, and wherein the apparatus further comprisesa storage area (504) configured to store the random key in encrypted form.
  - 13. The apparatus of claim 11, whereinsaid information content is asymmetrically encrypted with said retrieved public key.
  - 14. The apparatus of any one of claims 11-13, wherein the processing unit (501) is further configuredto receive said information content in unencrypted form, andto encrypt said information content in said apparatus.
  - 15. The apparatus of any one of claims 11-13, wherein the processing unit (501) is further configuredto provide said retrieved public key to an external device, andto receive said information content in encrypted form from said external device.
  - 16. The apparatus of any one of claims 11-15, wherein the storage area (504) is configured to store the private key encrypted with said password, or wherein the storage area is configured to only part of the private key, combination of the stored part of the private key and the password forming a full private key.
  - 17. The apparatus of any one of claims 11-16, wherein the processing unit (501) is further configuredto create a user account for said recipient responsive to being unable to find said user account information by means of said identification information, andto inform the recipient of the created user account.
  - 18. The apparatus of any one of claims 11-17, wherein the processing unit (501) is further configuredto allow a user to log in by means of login information comprising a user id and a password,to verify validity of the login information,to receive a pointer to encrypted information content and retrieving said encrypted information content,to retrieve private key associated with the user by means of the password,to decrypt said encrypted information content by means of the decrypted private key, andto provide to the user the information content in decrypted form.
  - 19. The apparatus of claim 18, wherein the processing unit (501) is further configuredto confirm that the login information is valid, if the password can be used for retrieving the private key relating to the user id.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Exove OY
Original Assignee
Exove OY
Inventors
Kalliola, Janne, Kaikkonen, Erno, Pundamale, Sundeep, Virta, Kalle, Salo, Janne

Granted Patent

US 8,484,459 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/153
CPC Class Codes

G06F 21/606   by securing the transmissio...

H04L 2209/60   Digital content management,...

H04L 51/00   User-to-user messaging in p...

H04L 63/0442   wherein the sending and rec...

H04L 63/06   for supporting key manageme...

H04L 9/0869   involving random numbers or...

H04L 9/321   involving a third party or ...

H04L 9/3226   using a predetermined code,...

Secure Transfer of Information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

26 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure Transfer of Information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links