Encryption and decryption system and method with content analysis provision

US 6,393,568 B1
Filed: 10/23/1997
Issued: 05/21/2002
Est. Priority Date: 10/23/1997
Status: Expired due to Term

First Claim

Patent Images

1. A computer based encryption and decryption system comprising:

means for providing content analysis having means for determining whether digital input information that includes at least a part of one of a file, document and a body of a message is encrypted using a cryptographic key and for generating a decryption request to decrypt the encrypted digital input information prior to applying content analysis to facilitate content analysis within encrypted digital input information; and

means, responsive to the decryption request and the digital input information, for decrypting the encrypted digital input information prior to commence of the content analysis using a private decryption key of a public key pair, apart from within the content to facilitate controlled content analysis wherein content analysis includes performing virus detection to facilitate eradication of a detected virus, wherein decrypting is done without using decryption executables contained in a header corresponding to the digital input information, if a header is present.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer based encryption and decryption system and method provides content analysis through a content inspection mechanism, such as detection of a computer virus using a virus detection algorithm based on determining whether digital input information is encrypted. The content inspection mechanism analyzes decrypted content for such things as virus patterns, keywords, unknown program format, or any other content based criteria. The system generates a decryption request to decrypt encrypted digital input information prior to applying content analysis, such as virus detection. In response to the decryption request, the system decrypts the encrypted information prior to content analysis such as virus detection and applies a content analysis application, such as a virus detection algorithm, to the decrypted data If desired, when the decryption requires access to cryptographic keys which the decryptor does not have immediate access to, keys may be acquired from a controlled key repository through use of key release agent methods.

261 Citations

39 Claims

1. A computer based encryption and decryption system comprising:
- means for providing content analysis having means for determining whether digital input information that includes at least a part of one of a file, document and a body of a message is encrypted using a cryptographic key and for generating a decryption request to decrypt the encrypted digital input information prior to applying content analysis to facilitate content analysis within encrypted digital input information; and
  
  means, responsive to the decryption request and the digital input information, for decrypting the encrypted digital input information prior to commence of the content analysis using a private decryption key of a public key pair, apart from within the content to facilitate controlled content analysis wherein content analysis includes performing virus detection to facilitate eradication of a detected virus, wherein decrypting is done without using decryption executables contained in a header corresponding to the digital input information, if a header is present.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The encryption and decryption system of claim 1 wherein the means for providing content analysis facilitates commencement of content analysis upon completed launch of a decrypting operation of the encrypted digital input information to facilitate content analysis prior to allowing subsequent use of the decrypted digital input information on a computer system.
  - 3. The encryption and decryption system of claim 1 wherein the means for providing content analysis facilitates commencement of content analysis upon completed launch of a decrypting operation of the encrypted digital input information to facilitate content analysis prior to allowing subsequent transfer of the decrypted digital input information.
  - 4. The encryption and decryption system of claim 1 wherein the system is on a computer network having a file storage device containing digital information in files for at least one network user and the system includes means for periodically activating the means for providing content analysis in encrypted digital information to perform batch content analysis in encrypted files stored in the file storage device.
  - 5. The system of claim 1 wherein the means for decrypting receives released cryptographic keys for use in content analysis of data stored for a number of different users from a controlled cryptographic key repository.
  - 6. The system of claim 5 wherein the controlled cryptographic key repository releases a decryption key to the means for decrypting based on predetermined access control criteria.
  - 7. The system of claim 1 wherein the means for providing content analysis controls a perimeter guard computing device to perform real time content analysis of the digital input information passing through the perimeter before allowing the digital input information to be passed to a designated recipient.
  - 8. The system of claim 1 further including a repository within a perimeter controlled network, operatively coupled to the means for decrypting and to the means for providing content analysis, for storing decrypted information for content analysis prior to dissemination of the digital input information within the network.

9. A computer based encryption and decryption system comprising:
- means for determining whether digital input information that includes at least one of a file, document and at least part of a body of a message is encrypted using a cryptographic key and for generating a content analysis request, means, responsive to the means for determining, for decrypting detected encrypted digital input information using a private decryption key of a public key pair, apart from within the content to facilitate controlled content analysis; and
  
  means, responsive to the content analysis request, for applying content analysis to the decrypted digital input information wherein content analysis includes performing virus detection to facilitate eradication of a detected virus, wherein decrypting is done without using decryption executables contained in a header corresponding to the digital input information, if a header is present.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The encryption and decryption system of claim 9 wherein the means for determining facilitates commencement of content analysis upon completed launch of a decrypting operation of the encrypted digital input information to facilitate content analysis prior to allowing subsequent use of the decrypted digital input information on a computer system.
  - 11. The encryption and decryption system of claim 9 wherein the means for applying content analysis facilitates commencement of content analysis upon completed launch of a decrypting operation of the encrypted digital input information to facilitate content analysis prior to allowing subsequent transfer of the decrypted digital input information.
  - 12. The encryption and decryption system of claim 9 wherein the system is in a computer network having a file storage device containing digital information in files for multiple network users and the system includes means for periodically activating the means for generating the content analysis request to perform batch content analysis in encrypted files stored in the file storage device.
  - 13. The system of claim 9 wherein the means for decrypting receives released cryptographic keys for use in content analysis of data encrypted for a number of different users from a controlled cryptographic key repository.
  - 14. The system of claim 13 wherein the controlled cryptographic key repository releases a decryption key to the means for decrypting based on predetermined access control criteria.
  - 15. The system of claim 9 wherein the means for applying content analysis controls a perimeter guard computing device to perform real time content analysis of the digital input information passing through the perimeter before allowing the digital input information to be passed to a designated recipient.
  - 16. The system of claim 9 including a repository within a perimeter controlled network, operatively coupled to the means for decrypting and to the means for applying content analysis, for storing decrypted information prior to dissemination of the digital input information within the network.

17. An encryption and decryption method comprising:
- providing content analysis by determining whether digital input information that includes at least one of a file, document and at least part of a body of a message is encrypted and generating a decryption request to a decryptor to decrypt the encrypted digital input information prior to applying content analysis to facilitate content analysis within the encrypted digital input information; and
  
  decrypting the encrypted digital input information prior to completion of the content analysis wherein content analysis includes performing virus detection to facilitate eradication of a detected virus, wherein decrypting is done without using decryption executables contained in a header corresponding to the digital input information, if a header is present.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. The encryption and decryption method of claim 17 wherein the step of providing content analysis includes commencing content analysis upon completed launch of a decrypting operation of the encrypted digital input information to facilitate content analysis prior to allowing subsequent use of the decrypted digital input information on a computer system.
  - 19. The encryption and decryption method of claim 17 wherein the method is performed on a computer network having a file storage device containing digital information in files for multiple network users and the method includes periodically activating content analysis in encrypted digital information to perform batch content analysis in encrypted files stored in the file storage device.
  - 20. The encryption and decryption method of claim 17 wherein the step of providing content analysis includes commencing content analysis upon completed launch of a decrypting operation of the encrypted digital input information to facilitate content analysis prior to allowing subsequent transfer of the decrypted digital input information on a computer system.
  - 21. The method of claim 17 wherein decrypting includes receiving released cryptographic keys for use in content analysis of data stored for a number of different users from a controlled cryptographic key repository.
  - 22. The method of claim 21 wherein the controlled cryptographic key repository releases a decryption key for decrypting based on predetermined access control criteria.
  - 23. The method of claim 21 further including providing a repository within a perimeter controlled network for storing decrypted information prior to dissemination of the digital input information within the network.
  - 24. The method of claim 17 wherein the step of providing content analysis includes controlling a perimeter guard computing device to perform real time content analysis of the digital input information passing through a perimeter before allowing the digital input information to be passed to a designated recipient.

25. A computer based encryption and decryption method comprising:
- determining whether digital input information that includes at least one of a file, document and at least part of a body of a message is encrypted;
  
  generating a content analysis request based on the determination;
  
  decrypting detected encrypted digital input information, wherein decrypting is done without using decryption executables contained in a header corresponding to the digital input information, if a header is present; and
  
  applying content analysis to the decrypted digital input information wherein content analysis includes performing virus detection to facilitate eradication of a detected virus.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32)
- - 26. The encryption and decryption method of claim 25 wherein the step of applying content analysis includes commencing content analysis upon completed launch of a decrypting operation of the encrypted digital input information to facilitate content analysis prior to allowing subsequent transfer of the decrypted digital input information on a computer system.
  - 27. The encryption and decryption method of claim 25 wherein the step of applying content analysis includes commencing content analysis upon completed launch of a decrypting operation of the encrypted digital input information to facilitate content analysis prior to allowing subsequent use of the decrypted digital input information on a computer system.
  - 28. The encryption and decryption method of claim 25 wherein the method is performed on a computer network having a file storage device containing digital information in files for multiple network users and the method includes periodically activating content analysis in encrypted digital information to perform batch content analysis in encrypted files stored in the file storage device.
  - 29. The method of claim 25 wherein decrypting includes receiving released cryptographic keys for use in content analysis of data stored for a number of different users from a controlled cryptographic key repository.
  - 30. The method of claim 29 wherein the controlled cryptographic key repository releases a decryption key for decrypting based on predetermined access control criteria.
  - 31. The method of claim 29 further including providing a repository within a perimeter controlled network for storing decrypted information prior to dissemination of the digital input information within the network.
  - 32. The method of claim 25 wherein the step of applying content analysis includes controlling a perimeter guard computing device to perform real time content analysis of the digital input information passing through a perimeter before allowing the digital input information to be passed to a designated recipient.

33. A storage medium comprising:
- a program executable by a computing mechanism that facilitates the following steps;
  
  determining whether digital input information that includes at least one of a file, document and at least part of a body of a message is encrypted;
  
  generating a request from the group of at least a content analysis request and a decryption request, based on the determination;
  
  decrypting detected encrypted digital input information based on the generated request, wherein decrypting is done without using decryption executables contained in a header corresponding to the digital input information, if a header is present; and
  
  applying content analysis to the decrypted digital input information prior to allowing use of the decrypted digital input information wherein content analysis includes performing virus detection to facilitate eradication of a detected virus.
- View Dependent Claims (34, 35, 36)
- - 34. The storage medium of claim 33 wherein decrypting includes receiving released cryptographic keys for use in content analysis of data stored for a number of different users from a controlled cryptographic key repository.
  - 35. The storage medium of claim 33 wherein the program also facilitates periodically activating content analysis in encrypted digital information to perform batch content analysis in encrypted files stored in the file storage device.
  - 36. The storage medium of claim 33 wherein the program also facilitates decryption operation on the encrypted digital input information prior to transferring of the digital input information for use by a target application.

37. A computer based encryption and decryption system comprising:
- means for providing content analysis having means for determining whether digital input information that includes at least a part of one of a file, document and a body of a message is encrypted using a cryptographic key and for generating a decryption request to decrypt the encrypted digital input information prior to applying content analysis to facilitate content analysis within encrypted digital input information; and
  
  means, responsive to the decryption request and the digital input information, for decrypting the encrypted digital input information prior to commence of the content analysis using a private decryption key of a public key pair, apart from within the content to facilitate controlled content analysis wherein the private decryption key is accessed from a repository containing stored private decryption keys of a number of different users.
- View Dependent Claims (38, 39)
- - 38. The encryption and decryption system of claim 37, wherein the means for providing content analysis facilitates commencement of content analysis upon completed launch of a decrypting operation of the encrypted digital input information to facilitate content analysis prior to allowing subsequent transfer of the decrypted digital input information.
  - 39. The encryption and decryption system of Claim 37, herein the system is on a computer network having a file storage device containing digital information in files for at least one network user and the system includes means for periodically activating the means for providing content analysis in encrypted information to perform batch content analysis in encrypted files stored in the file storage device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Axway Incorporated (Axway Software SA)
Original Assignee
Entrust Technologies Limited
Inventors
Ranger, Michel M., Van Oorschot, Paul C.
Primary Examiner(s)
Barron, Jr., Gilberto
Assistant Examiner(s)
SONG, HOSUK

Application Number

US08/956,563
Time in Patent Office

1,671 Days
Field of Search

380/4, 380/49, 380/25, 380/21, 380/30, 707/533, 713/200, 713/201, 713/188, 713/189, 709/206, 714/33, 714/38
US Class Current

713/188
CPC Class Codes

G06F 21/562 Static detection

H04L 63/145 the attack involving the pr...

Encryption and decryption system and method with content analysis provision

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

261 Citations

39 Claims

Specification

Use Cases

Quick Links

Others

Encryption and decryption system and method with content analysis provision

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

261 Citations

39 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others