Method and system for providing secure EDI over an open network

US 5,812,669 A
Filed: 07/19/1995
Issued: 09/22/1998
Est. Priority Date: 07/19/1995
Status: Expired due to Term

- Alert
- Pin

First Claim

Patent Images

1. In a public key/private key secure communication system for selectively interconnecting a plurality of computers over an open public network, said plurality of computers comprising a sender computer and a recipient computer, said sender and recipient computers exchanging secure digital messages there between, said sender computer having a first associated public key and a first associated private key, said recipient computer having a second associated public key and a second associated private key, said digital messages comprising an EDI interchange communication between said sender computer and said recipient computer, said EDI interchange communication having an associated EDI acknowledgment message;

the improvement in said secure open network communication system comprisingmeans for computing a first hash for said EDI interchange communication from said sender computer;

means for inserting said first hash in a predetermined location in said associated EDI acknowledgment message;

means for computing a second hash of said associated EDI acknowledgment message;

means for digitally signing said associated EDI acknowledgment message, said message digitally signing means comprising means for encrypting said second hash with said sender computer'"'"'s private key;

means for inserting said second hash in a predetermined location in said associated EDI acknowledgment message;

means for transmitting said EDI interchange communication along with said digitally signed associated EDI acknowledgment message to said recipient computer over said open public network; and

means associated with said recipient computer for receiving and processing said received EDI interchange communication and said digitally signed EDI acknowledgment message for providing authentication and non-repudiation of said EDI interchange communication from said sender computer, said means comprising means for decrypting said encrypted second hash with said sender computer'"'"'s public key;

whereby secure private EDI interchange communications can occur over said open public network while providing authentication and non-repudiation of said EDI communications.

View all claims

6 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Reexaminations

Accused Products

Abstract

A method and system for selectively interconnecting a plurality of computers (112,114) over an open public network (120,102,122), such as the INTERNET, provides a private secure computer exchange of EDI interchange communications between a sender computer (112) and a recipient computer (114), each of which has an associated public key and an associated private key, such as in an RSA type cryptographic communication system (100). The associated EDI acknowledgement message, such as the AUTACK, is used to provide secure authentication and non-repudiation of both origin and receipt of the secure private EDI interchange communications transmitted over the open public network (120,102,122) with the AUTACK transmitted from the sender computer (112) being digitally signed with the sender'"'"'s private key, and with the reply AUTACK transmitted from the recipient computer (114) being digitally signed with the recipient'"'"'s private key. The respective digitally signed AUTACKs are decrypted after receipt by using the public key associated with the private key used to provide the digital signature. The transmitted AUTACK from the sender computer (112) includes an MD5 for the entire EDI interchange as well as an MD5 of the AUTACK, with the AUTACK, thus, being used to provide the digital signature. The reply AUTACK from the recipient computer (114) includes an MD5 of the reply AUTACK. The ability to conduct business over the network (120,102,122) is controlled by private trading partner agreement communications which provide key certification.

Citations

50 Claims

1. In a public key/private key secure communication system for selectively interconnecting a plurality of computers over an open public network, said plurality of computers comprising a sender computer and a recipient computer, said sender and recipient computers exchanging secure digital messages there between, said sender computer having a first associated public key and a first associated private key, said recipient computer having a second associated public key and a second associated private key, said digital messages comprising an EDI interchange communication between said sender computer and said recipient computer, said EDI interchange communication having an associated EDI acknowledgment message;
- the improvement in said secure open network communication system comprisingmeans for computing a first hash for said EDI interchange communication from said sender computer;
  
  means for inserting said first hash in a predetermined location in said associated EDI acknowledgment message;
  
  means for computing a second hash of said associated EDI acknowledgment message;
  
  means for digitally signing said associated EDI acknowledgment message, said message digitally signing means comprising means for encrypting said second hash with said sender computer'"'"'s private key;
  
  means for inserting said second hash in a predetermined location in said associated EDI acknowledgment message;
  
  means for transmitting said EDI interchange communication along with said digitally signed associated EDI acknowledgment message to said recipient computer over said open public network; and
  
  means associated with said recipient computer for receiving and processing said received EDI interchange communication and said digitally signed EDI acknowledgment message for providing authentication and non-repudiation of said EDI interchange communication from said sender computer, said means comprising means for decrypting said encrypted second hash with said sender computer'"'"'s public key;
  
  whereby secure private EDI interchange communications can occur over said open public network while providing authentication and non-repudiation of said EDI communications.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 2. An improved secure open network communication system in accordance with claim 1 wherein said means associated with said recipient computer further comprises means for computing a third hash of said received EDI acknowledgement message;
    - and means for comparing said third hash with said decrypted second hash from said received EDI acknowledgement message, said comparing means comprising means for providing an indication of integrity of said EDI acknowledgement message and non-repudiation of origin when said decrypted second hash and said third hash match.
  - 3. An improved secure open network communication system in accordance with claim 2 wherein said means associated with said recipient computer further comprises means for computing a fourth hash of said received EDI interchange communication;
    - and means for comparing said fourth hash of said received EDI interchange communication with said first hash in said received EDI acknowledgement message, said comparing means comprising means for providing an indication of integrity and verification of authenticity of said EDI interchange communication and non-repudiation of origin when said first and fourth hash match.
  - 4. An improved secure open network communication system in accordance with claim 3 wherein said means associated with said recipient computer further comprises means for creating a reply EDI acknowledgement message and transmitting said reply EDI acknowledgement message to said sender computer over said open public network, said reply EDI acknowledgement message creating means comprising means for computing a fifth hash of said reply EDI acknowledgement message and for digitally signing said fifth hash by encrypting said fifth hash with said recipient computer'"'"'s private key;
    - and means for inserting said digitally signed fifth hash into a predetermined location in said transmitted reply EDI acknowledgement message.
  - 5. An improved secure open network communication system in accordance with claim 4 further comprising means associated with said sender computer for receiving said transmitted reply EDI acknowledgement message, and for decrypting said encrypted fifth hash with said recipient computer'"'"'s public key for verifying said digital signature of said reply EDI acknowledgement message;
    - and means for computing a sixth hash of said received reply reply EDI acknowledgement message; and
      
      means for comparing said sixth hash against said decrypted fifth hash, said comparing means comprising means for providing an indication of integrity of said received reply EDI acknowledgement message and non-repudiation of origin of said reply EDI acknowledgement message;
      
      whereby non-repudiation of receipt of said EDI interchange communication is established by said sender computer.
  - 6. An improved secure open network communication system in accordance with claim 5 wherein said means for creating said reply EDI acknowledgement message further comprises means for inserting said fourth hash in a predetermined location in said transmitted reply EDI acknowledgement message, and said means associated with said sender computer further comprises means for comparing said fourth hash in said received reply EDI acknowledgement message with said first hash, said comparing means providing an indication of integrity and authenticity of said EDI interchange when said first and fourth hash match.
  - 7. An improved secure open network communication system in accordance with claim 6 wherein said EDI acknowledgement message comprises an AUTACK message.
  - 8. An improved secure open network communication system in accordance with claim 7 wherein said reply EDI acknowledgement message comprises an AUTACK message.
  - 9. An improved secure open network communication system in accordance with claim 8 wherein each of said hashes comprise an MD5.
  - 10. An improved secure open network communication system in accordance with claim 9 wherein said public and private keys comprise an RSA type cryptographic communication system.
  - 11. An improved secure open network communication system in accordance with claim 10 wherein said open public network comprises the Internet.
  - 12. An improved secure open network communication system in accordance with claim 4 wherein said means for creating said reply EDI acknowledgement message further comprises means for inserting said fourth hash in a predetermined location in said transmitted reply EDI acknowledgement message, and said means associated with said sender computer further comprises means for comparing said fourth hash in said received reply EDI acknowledgement message with said first hash, said comparing means providing an indication of integrity and authenticity of said EDI interchange when said first and fourth hash match.
  - 13. An improved secure open network communication system in accordance with claim 1 wherein said open public network comprises the Internet.
  - 14. An improved secure open network communication system in accordance with claim 1 wherein said means associated with said recipient computer further comprises means for creating a reply EDI acknowledgement message and transmitting said reply EDI acknowledgement message to said sender computer over said open public network, said reply EDI acknowledgement message creating means comprising means for computing a third hash of said reply EDI acknowledgement message and for digitally signing said third hash by encrypting said third hash with said recipient computer'"'"'s private key;
    - and means for inserting said digitally signed third hash into a predetermined location in said transmitted reply EDI acknowledgement message.
  - 15. An improved secure open network communication system in accordance with claim 14 wherein said open public network comprises the Internet.
  - 16. An improved secure open network communication system in accordance with claim 15 further comprising means associated with said sender computer for receiving said transmitted reply EDI acknowledgement message, and for decrypting said encrypted third hash with said recipient computer'"'"'s public key for verifying said digital signature of said reply EDI acknowledgement message;
    - and means for computing a fourth hash of said received reply reply EDI acknowledgement message; and
      
      means for comparing said fourth hash against said decrypted third hash, said comparing means comprising means for providing an indication of integrity of said received reply EDI acknowledgement message and non-repudiation of origin of said reply EDI acknowledgement message;
      
      whereby non-repudiation of receipt of said EDI interchange communication is established by said sender computer.
  - 17. An improved secure open network communication system in accordance with claim 14 further comprising means associated with said sender computer for receiving said transmitted reply EDI acknowledgement message, and for decrypting said encrypted third hash with said recipient computer'"'"'s public key for verifying said digital signature of said reply EDI acknowledgement message;
    - and means for computing a fourth hash of said received reply reply EDI acknowledgement message; and
      
      means for comparing said fourth hash against said decrypted third hash, said comparing means comprising means for providing an indication of integrity of said received reply EDI acknowledgement message and non-repudiation of origin of said reply EDI acknowledgement message;
      
      whereby non-repudiation of receipt of said EDI interchange communication is established by said sender computer.
  - 18. An improved secure open network communication system in accordance with claim 14 wherein said EDI acknowledgement message comprises an AUTACK message.
  - 19. An improved secure open network communication system in accordance with claim 18 wherein said reply EDI acknowledgement message comprises an AUTACK message.
  - 20. An improved secure open network communication system in accordance with claim 14 wherein said reply EDI acknowledgement message comprises an AUTACK message.
  - 21. An improved secure open network communication system in accordance with claim 1 wherein said EDI acknowledgement message comprises an AUTACK message.
  - 22. An improved secure open network communication system in accordance with claim 21 wherein said open public network comprises the Internet.
  - 23. An improved secure open network communication system in accordance with claim 22 wherein each of said hashes comprise an MD5.
  - 24. An improved secure open network communication system in accordance with claim 1 wherein each of said hashes comprise an MD5.
  - 25. An improved secure open network communication system in accordance with claim 24 wherein said open public network comprises the Internet.
  - 26. An improved secure open network communication system in accordance with claim 24 where said EDI acknowledgement message comprises an AUTACK message.
  - 27. An improved secure open network communication system in accordance with claim 26 wherein said public and private keys comprise an RSA type cryptographic communication system.
  - 28. An improved secure open network communication system in accordance with claim 27 wherein said open public network comprises the Internet.
  - 29. An improved secure open network communication system in accordance with claim 1 wherein said public and private keys comprise an RSA type cryptographic communication system.
  - 30. An improved secure open network communication system in accordance with claim 29 wherein said open public network comprises the Internet.
  - 31. An improved secure open network communication system in accordance with claim 1 further comprising means for generating a trading partner agreement communication between said sender computer and said recipient computer, said sender computer and said recipient computer comprising trading partners, said trading partner agreement communication comprising said public keys in said EDI interchange communication for enabling said ttrading partners to provide certification to each other.
  - 32. An improved secure open network communication system in accordance with claim 31 wherein said open public network comprises the Internet.
  - 33. An improved secure open network communication system in accordance with claim 32 wherein said EDI acknowledgement message comprises an AUTACK message.
  - 34. An improved secure open network communication system in accordance with claim 31 wherein said EDI acknowledgement message comprises an AUTACK message.

35. A method for selectively interconnecting a plurality of computers over an open public network for providing a computer exchange of private secure digital messages between a sender computer and a recipient computer in said plurality of computers, said sender computer having a first associated public key and a first associated private key, said recipient computer having a second associated public key and a second associated private key, said digital messages comprising an EDI interchange communication between said sender computer and said recipient computer, said EDI interchange communication having an associated EDI acknowledgment message, said method comprising the steps of digitally signing said associated EDI acknowledgement message with said sender computer'"'"'s private key;
- transmitting said EDI interchange communication along with said digitally signed associated EDI acknowledgement message to said recipient computer over said open public network; and
  
  processing said received digitally signed EDI acknowledgement message for providing authentication and non-repudiation of said EDI interchange communication from said sender computer, said processing step comprising the step of processing said received digitally signed associated EDI acknowledgement message with said sender'"'"'s public key;
  
  whereby secure private EDI interchange communications can occur over an open public network while providing authentication and non-repudiation of said EDI communications using said associated EDI acknowledgement message.
- View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50)
- - 36. A method for providing secure private communications over an open public network in accordance with claim 35 wherein said open public network comprises the Internet.
  - 37. A method for providing secure private communications over an open public network in accordance with claim 36 further comprising the steps of creating a reply EDI acknowledgement message from said recipient computer;
    - digitally signing said reply EDI acknowledgement message with said recipient computer'"'"'s private key;
      
      transmitting said digitally signed reply EDI acknowledgement message to said sender computer over said open public network, said sender computer receiving said digitally signed reply EDI acknowledgement message; and
      
      processing said received digitally signed reply EDI acknowledgement message for providing non-repudiation of receipt of said EDI interchange communication by said sender computer, said processing step comprising the step of processing said received digitally signed reply EDI acknowledgement message with said recipient computer'"'"'s public key;
      
      whereby non-repudiation of receipt of said EDI interchange communication is established by said sender computer.
  - 38. A method for providing secure private communications over an open public network in accordance with claim 35 further comprising the steps of creating a reply EDI acknowledgement message from said recipient computer;
    - digitally signing said reply EDI acknowledgement message with said recipient computer'"'"'s private key;
      
      transmitting said digitally signed reply EDI acknowledgement message to said sender computer over said open public network, said sender computer receiving said digitally signed reply EDI acknowledgement message; and
      
      processing said received digitally signed reply EDI acknowledgement message for providing non-repudiation of receipt of said EDI interchange communication by said sender computer, said processing step comprising the step of processing said received digitally signed reply EDI acknowledgement message with said recipient computer'"'"'s public key;
      
      whereby non-repudiation of receipt of said EDI interchange communication is established by said sender computer.
  - 39. A method for providing secure private communications over an open public network in accordance with claim 38 wherein said processing step further comprises the step of providing non-repudiation of origin at said recipient computer from said received EDI aknowledgement message.
  - 40. A method for providing secure private communications over an open public network in accordance with claim 39 wherein said open public network comprises the Internet.
  - 41. A method for providing secure private communications over an open public network in accordance with claim 38 wherein said reply EDI acknowledgement message comprises an AUTACK message.
  - 42. A method for providing secure private communications over an open public network in accordance with claim 41 wherein said EDI acknowledgement message comprises an AUTACK message.
  - 43. A method for providing secure private communications over an open public network in accordance with claim 35 wherein said processing step further comprises the step of providing non-repudiation of origin at said recipient computer from said received EDI aknowledgement message.
  - 44. A method for providing secure private communications over an open public network in accordance with claim 35 wherein said EDI acknowledgement message comprises an AUTACK message.
  - 45. A method for providing secure private communications over an open public network in accordance with claim 35 wherein said public and private keys comprise an RSA type cryptographic communication system.
  - 46. A method for providing secure private communications over an open public network in accordance with claim 45 wherein said open public network comprises the Internet.
  - 47. A method for providing secure private communications over an open public network in accordance with claim 45 wherein said EDI acknowledgement message comprises an AUTACK message.
  - 48. A method for providing secure private communications over an open public network in accordance with claim 47 further comprising the steps of creating a reply EDI acknowledgement message from said recipient computer;
    - digitally signing said reply EDI acknowledgement message with said recipient computer'"'"'s private key;
      
      transmitting said digitally signed reply EDI acknowledgement message to said sender computer over said open public network, said sender computer receiving said digitally signed reply EDI acknowledgement message; and
      
      processing said received digitally signed reply EDI acknowledgement message for providing non-repudiation of receipt of said EDI interchange communication by said sender computer, said processing step comprising the step of processing said received digitally signed reply EDI acknowledgement message with said recipient computer'"'"'s public key;
      
      whereby non-repudiation of receipt of said EDI interchange communication is established by said sender computer.
  - 49. A method for providing secure private communications over an open public network in accordance with claim 48 wherein said reply EDI acknowledgement message comprises an an AUTACK message.
  - 50. A method for providing secure private communications over an open public network in accordance with claim 49 wherein said open public network comprises the Internet.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Classified Information Incorporated (NewMarket Technology, Inc.)
Original Assignee
Harbinger OM LLC (Spectrum Brands Holdings, Inc.)
Inventors
Jenkins, Lew, Pasetes, Jr., Emmanuel K.
Primary Examiner(s)
Gregory, Bernarr E.

Application Number

US08/503,984
Time in Patent Office

1,161 Days
Field of Search

380/9, 380/21, 380/23, 380/25, 380/30, 380/44, 380/46, 380/49, 380/50
US Class Current

713/161
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 63/0442   wherein the sending and rec...

H04L 63/0869   for achieving mutual authen...

H04L 63/126   the source of the received ...

H04L 9/3239   involving non-keyed hash fu...

H04L 9/3249   using RSA or related signat...

Method and system for providing secure EDI over an open network

First Claim

6 Assignments

Litigations

0 Petitions

Reexaminations

Accused Products

Abstract

Citations

50 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for providing secure EDI over an open network

First Claim

6 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Reexaminations

Accused Products

Subscription Required

Abstract

Citations

50 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links