SECURE, AUDITABLE FILE EXCHANGE SYSTEM AND METHOD
First Claim
1. A computer-implemented method for providing a secure file-exchange service, the method comprising:
- obtaining, by a file-exchange server from a remote client device associated with a new member, new-member information including identity information and a professional credential associated with said new member;
verifying, by said file-exchange server according to said identity information, that said new member has a personal identity as indicated by said identity information, and that said new member has a professional designation as indicated by said professional credential;
when said new member'"'"'s personal identity and professional designation have been verified, designating said new member as a verified-professional member and obtaining, by said file-exchange server, a member public key of a public/private key pair for said verified-professional member;
generating, by said file-exchange server, a member widget indicating said verified-professional member'"'"'s status as a verified professional and being configured to accept files submitted for secure transfer to said verified-professional member;
providing, by said file-exchange server, said member widget for publication by said new member;
receiving an indication, by said file-exchange server via said published member widget, to provide a file from a remote sender device to said verified-professional member;
obtaining, by said file-exchange server from said remote sender device via said published member widget, metadata associated with said file;
obtaining, by said file-exchange server, a reference cryptographic integrity code derived from said file;
obtaining, by said file-exchange server from said remote sender device via said published member widget, an encrypted copy of said file, said encrypted copy being encrypted with said member public key; and
storing said metadata, said reference cryptographic integrity code, and said encrypted copy in a non-transient data store for subsequent secure, auditable transfer to said verified-professional member.
1 Assignment
0 Petitions
Accused Products
Abstract
Secure and auditable file exchange between a professional and a client, patient, colleague, or other associate of the professional may be achieved via a file exchange service that automatically verifies the professional'"'"'s professional status and identity and provides applications and/or tools to accept files for transfer to the verified professional. The files are stored in encrypted form, along with cryptographic integrity codes. After the files have been transferred to the professional, the cryptographic integrity codes may be used to verify that the professional received a correct copy of the file that was originally provided.
-
Citations
19 Claims
-
1. A computer-implemented method for providing a secure file-exchange service, the method comprising:
-
obtaining, by a file-exchange server from a remote client device associated with a new member, new-member information including identity information and a professional credential associated with said new member; verifying, by said file-exchange server according to said identity information, that said new member has a personal identity as indicated by said identity information, and that said new member has a professional designation as indicated by said professional credential; when said new member'"'"'s personal identity and professional designation have been verified, designating said new member as a verified-professional member and obtaining, by said file-exchange server, a member public key of a public/private key pair for said verified-professional member; generating, by said file-exchange server, a member widget indicating said verified-professional member'"'"'s status as a verified professional and being configured to accept files submitted for secure transfer to said verified-professional member; providing, by said file-exchange server, said member widget for publication by said new member; receiving an indication, by said file-exchange server via said published member widget, to provide a file from a remote sender device to said verified-professional member; obtaining, by said file-exchange server from said remote sender device via said published member widget, metadata associated with said file; obtaining, by said file-exchange server, a reference cryptographic integrity code derived from said file; obtaining, by said file-exchange server from said remote sender device via said published member widget, an encrypted copy of said file, said encrypted copy being encrypted with said member public key; and storing said metadata, said reference cryptographic integrity code, and said encrypted copy in a non-transient data store for subsequent secure, auditable transfer to said verified-professional member. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
Specification