Secure printing

US 6,378,070 B1
Filed: 01/08/1999
Issued: 04/23/2002
Est. Priority Date: 01/09/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method of printing a document in a distributed computer system having a client, a print server, printing apparatus and a network for interconnecting components of the distributed computer system, the method comprising the steps of:

a sender selecting a document to be printed, identifying an intended recipient for the document and causing the client to transmit to the print server the document accompanied by a first identifier for the intended recipient;

receiving and storing the document and the associated first identifier on the print server;

a recipient providing the printing apparatus with a second identifier, the printing apparatus receiving the second identifier and transmitting to the print server a request, including the second identifier, to receive documents from the print server;

the print server receiving the request, then comparing the second identifier with the stored first identifier and for only matching identifiers, forwarding the document associated with the first identifier to the printing apparatus; and

the printing apparatus receiving and printing the document.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a distributed computing environment, a user is able to send a document to a secure printer (140) in such a way that only a specified intended recipient can print the document.

When the user specifies that the document is to be printed securely, a special print job is created in which the document is encrypted using a session key and a bulk encryption algorithm, and the session key is encrypted using the intended recipient'"'"'s public key. Then, the encrypted session key, the encrypted document and an indication of the intended recipient'"'"'s identity is transmitted to a print server (130), where the print job is held.

When the recipient'"'"'s smart card (145) is inserted into a smart card reader of the secure printer (140), the recipient'"'"'s identity, taken from the smart card (145), is transmitted to the print server (130). The print server uses the identity to search for and retrieve documents intended for the recipient. If the recipient is the intended recipient, the encrypted document and encrypted session key are transmitted to the secure printer (140). The secure printer (140) then forward the encrypted session key to the smart card (145), which decrypts the session key using an embedded private key. Then secure printer (140) receives and uses the session key to decrypt the encrypted document and, finally, prints the document for the recipient.

363 Citations

25 Claims

1. A method of printing a document in a distributed computer system having a client, a print server, printing apparatus and a network for interconnecting components of the distributed computer system, the method comprising the steps of:
- a sender selecting a document to be printed, identifying an intended recipient for the document and causing the client to transmit to the print server the document accompanied by a first identifier for the intended recipient;
  
  receiving and storing the document and the associated first identifier on the print server;
  
  a recipient providing the printing apparatus with a second identifier, the printing apparatus receiving the second identifier and transmitting to the print server a request, including the second identifier, to receive documents from the print server;
  
  the print server receiving the request, then comparing the second identifier with the stored first identifier and for only matching identifiers, forwarding the document associated with the first identifier to the printing apparatus; and
  
  the printing apparatus receiving and printing the document.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. A method according to claim 1, wherein the client encrypts the document prior to transmitting it to the print server and the printing apparatus decrypts the encrypted document prior to printing it.
  - 3. A method according to claim 2, wherein the recipient provides the printing apparatus with means necessary for decrypting the encrypted document.
  - 4. A method according to claim 3, wherein the printing apparatus interacts with a smart card in order to retrieve and/or decrypt the document using information and/or functionality programmed into a smart card provided by the recipient.
  - 5. A method according to claim 4, wherein the smart card provided by the recipient stores data including said second identifier and the printing apparatus extracts the second identifier from the smart card.
  - 6. A method according to claim 4, wherein the smart card, which is programmed with a decryption algorithm and stores a secret, receives encrypted information from the printing apparatus, decrypts the encrypted information using the secret and returns the decrypted information to the printing apparatus.
  - 7. A method according to claim 6, further comprising the client:
8. A method according to claim 6, wherein the client obtains the second key from a key repository on the basis of the identity of the intended recipient.
9. A method according to claim 7, further comprising the printing apparatus:
- receiving the encrypted first key from the print server in response to the request;
  
  forwarding the encrypted first key to the smart card such that the smart card decrypts the encrypted first key using the secret and returns the first key tot he printing apparatus, the secret being the private key of the asymmetric encryption algorithm; and
  
  using the first key to decrypt the encrypted document.
10. Printing apparatus configured for operation according to the method of claim 1.
11. A client configured for operation according to the method of claim 1.
12. A print server configured for operation according to the method of claim 1.
13. A distributed computing system configured for operation according to the method of claim 1.

14. Printing apparatus for use in a distributed computer system responding to a client, and having (a) a print server, (b) the printing apparatus and (c) a network for interconnecting components of the distributed computer system, the system enabling (a) a sender to select a document to be printed, (b) an intended recipient for the document to be identified, (c) the client to transmit to the print server the document accompanied by a first identifier for the intended recipient, and (d) the print server to receive and store the document and the associated first identifier;
- the printing apparatus comprising a receiver for a second identifier and a transmitter for transmitting to the print server a request, including the second identifier, to receive documents from the print server;
  
  the print server being arranged for receiving the request, then comparing the second identifier with the stored first identifier and, for only matching identifiers, forwarding the document associated with the first identifier to the printing apparatus; and
  
  the printing apparatus receiver being arranged for receiving and printing the document forwarded to the print server.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 15. Printing apparatus according to claim 14, wherein the receiver is arranged for receiving and decrypting an encrypted document received from the print server.
  - 16. Printing apparatus according to claim 15, wherein receiver and transmitter are included in an input/output arrangement arranged to receive a removable processing arrangement from the user, the removable processing arrangement being able to decrypt the encrypted document.
  - 17. Printing apparatus according to claim 16, wherein the input/output arrangement comprises a smart card reading device for a receiving smart card from a user of the printing apparatus.
  - 18. Printing apparatus according to claim 17, wherein the smart card reading device is arranged to extract the identity of the user from the smart card.
  - 19. Printing apparatus according to claim 17, wherein the smart card reading device is arranged to forward encrypted information to the smart card and receive back from the smart card unencrypted information, the smart card being arranged to receive encrypted information, decrypt the encrypted information using a secret stored on the smart card and return the decrypted information.
  - 20. Printing apparatus according to claim 19, wherein:
21. Printing apparatus according to claim 17, further comprising a casing configured to contain the components of the printing apparatus including an integrated smart card reader, the casing having a slot therein for receiving a smart card through the casing into the smart card reader.
22. Printing apparatus according to claim 17, further including an interface and a smart card reading device connected to the printer via the printer interface.
23. Printing apparatus according to claim 22, wherein the smart card reading device comprises an interface for connecting the device to the smart card reading network.
24. Printing apparatus according to claim 23, wherein the smart card reading device comprises:
- an extractor of the user identity from the smart card;
  
  a generator and transmitter of the request via the network to the print server;
  
  a receiver from the print server of an encrypted document and an encrypted key;
  
  a transmitter of the encrypted key to the smart card, such that the smart card decrypts and returns the key;
  
  a decrypter of the encrypted key to the smart card, such that the smart card decrypts and returns the key; and
  
  a transmitter to the printer of the document to be printed.
25. A smart card reading device configured for operation with printing apparatus according to claim 22.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Original Assignee
Hewlett-Packard Company (HP Inc.)
Inventors
Chan, David, Van Wilder, Bruno Edgard, Gupta, Dipankar
Primary Examiner(s)
Peeso, Thomas R.

Application Number

US09/227,162
Time in Patent Office

1,201 Days
Field of Search

380/255, 380/281, 713/155, 713/161, 713/165, 713/166, 713/171, 713/172, 713/182, 713/185, 713/200, 713/201
US Class Current

713/155
CPC Class Codes

G06F 21/608   Secure printing

G06F 21/84   output devices, e.g. displa...

G06F 2211/008   Public Key, Asymmetric Key,...

Secure printing

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

363 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Secure printing

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

363 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links