Method and system for providing secure EDI over an open network
DCFirst Claim
1. In a public key/private key secure communication system for selectively interconnecting a plurality of computers over an open public network, said plurality of computers comprising a sender computer and a recipient computer, said sender and recipient computers exchanging secure digital messages there between, said sender computer having a first associated public key and a first associated private key, said recipient computer having a second associated public key and a second associated private key, said digital messages comprising an EDI interchange communication between said sender computer and said recipient computer, said EDI interchange communication having an associated EDI acknowledgment message;
- the improvement in said secure open network communication system comprisingmeans for computing a first hash for said EDI interchange communication from said sender computer;
means for inserting said first hash in a predetermined location in said associated EDI acknowledgment message;
means for computing a second hash of said associated EDI acknowledgment message;
means for digitally signing said associated EDI acknowledgment message, said message digitally signing means comprising means for encrypting said second hash with said sender computer'"'"'s private key;
means for inserting said second hash in a predetermined location in said associated EDI acknowledgment message;
means for transmitting said EDI interchange communication along with said digitally signed associated EDI acknowledgment message to said recipient computer over said open public network; and
means associated with said recipient computer for receiving and processing said received EDI interchange communication and said digitally signed EDI acknowledgment message for providing authentication and non-repudiation of said EDI interchange communication from said sender computer, said means comprising means for decrypting said encrypted second hash with said sender computer'"'"'s public key;
whereby secure private EDI interchange communications can occur over said open public network while providing authentication and non-repudiation of said EDI communications.
6 Assignments
Litigations
0 Petitions
Reexaminations
Accused Products
Abstract
A method and system for selectively interconnecting a plurality of computers (112,114) over an open public network (120,102,122), such as the INTERNET, provides a private secure computer exchange of EDI interchange communications between a sender computer (112) and a recipient computer (114), each of which has an associated public key and an associated private key, such as in an RSA type cryptographic communication system (100). The associated EDI acknowledgement message, such as the AUTACK, is used to provide secure authentication and non-repudiation of both origin and receipt of the secure private EDI interchange communications transmitted over the open public network (120,102,122) with the AUTACK transmitted from the sender computer (112) being digitally signed with the sender'"'"'s private key, and with the reply AUTACK transmitted from the recipient computer (114) being digitally signed with the recipient'"'"'s private key. The respective digitally signed AUTACKs are decrypted after receipt by using the public key associated with the private key used to provide the digital signature. The transmitted AUTACK from the sender computer (112) includes an MD5 for the entire EDI interchange as well as an MD5 of the AUTACK, with the AUTACK, thus, being used to provide the digital signature. The reply AUTACK from the recipient computer (114) includes an MD5 of the reply AUTACK. The ability to conduct business over the network (120,102,122) is controlled by private trading partner agreement communications which provide key certification.
-
Citations
50 Claims
-
1. In a public key/private key secure communication system for selectively interconnecting a plurality of computers over an open public network, said plurality of computers comprising a sender computer and a recipient computer, said sender and recipient computers exchanging secure digital messages there between, said sender computer having a first associated public key and a first associated private key, said recipient computer having a second associated public key and a second associated private key, said digital messages comprising an EDI interchange communication between said sender computer and said recipient computer, said EDI interchange communication having an associated EDI acknowledgment message;
- the improvement in said secure open network communication system comprising
means for computing a first hash for said EDI interchange communication from said sender computer; means for inserting said first hash in a predetermined location in said associated EDI acknowledgment message; means for computing a second hash of said associated EDI acknowledgment message; means for digitally signing said associated EDI acknowledgment message, said message digitally signing means comprising means for encrypting said second hash with said sender computer'"'"'s private key; means for inserting said second hash in a predetermined location in said associated EDI acknowledgment message; means for transmitting said EDI interchange communication along with said digitally signed associated EDI acknowledgment message to said recipient computer over said open public network; and means associated with said recipient computer for receiving and processing said received EDI interchange communication and said digitally signed EDI acknowledgment message for providing authentication and non-repudiation of said EDI interchange communication from said sender computer, said means comprising means for decrypting said encrypted second hash with said sender computer'"'"'s public key;
whereby secure private EDI interchange communications can occur over said open public network while providing authentication and non-repudiation of said EDI communications. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- the improvement in said secure open network communication system comprising
-
35. A method for selectively interconnecting a plurality of computers over an open public network for providing a computer exchange of private secure digital messages between a sender computer and a recipient computer in said plurality of computers, said sender computer having a first associated public key and a first associated private key, said recipient computer having a second associated public key and a second associated private key, said digital messages comprising an EDI interchange communication between said sender computer and said recipient computer, said EDI interchange communication having an associated EDI acknowledgment message, said method comprising the steps of digitally signing said associated EDI acknowledgement message with said sender computer'"'"'s private key;
- transmitting said EDI interchange communication along with said digitally signed associated EDI acknowledgement message to said recipient computer over said open public network; and
processing said received digitally signed EDI acknowledgement message for providing authentication and non-repudiation of said EDI interchange communication from said sender computer, said processing step comprising the step of processing said received digitally signed associated EDI acknowledgement message with said sender'"'"'s public key;
whereby secure private EDI interchange communications can occur over an open public network while providing authentication and non-repudiation of said EDI communications using said associated EDI acknowledgement message. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50)
- transmitting said EDI interchange communication along with said digitally signed associated EDI acknowledgement message to said recipient computer over said open public network; and
Specification