Controlling and tracking access to disseminated information

US 6,625,734 B1
Filed: 04/26/1999
Issued: 09/23/2003
Est. Priority Date: 04/26/1999
Status: Expired due to Term

First Claim

Patent Images

1. A method for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the method comprising the computer-implemented steps of:

receiving a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message;

generating, in response to the request, both the message identifier and the key;

providing both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message;

receiving a request from the second node for the key;

providing the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key; and

deleting the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded;

wherein the stored policy criteria includes an instruction to delete all messages that are generated before a specified expiration date.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for controlling and tracking access to disseminated information involves encrypting data using a key that is maintained in a key repository. A user requests a message ID and key from the key repository. The key repository issues a message ID and key to the user. The user generates an encrypted message using the key. The encrypted message is then distributed with the message ID to one or more recipients. To read the encrypted message, a particular recipient obtains the key for the message from the key repository by providing the message ID to the key repository. The particular recipient then decrypts the message using the key provided by the key repository. Messages are deleted, in the sense of becoming unusable, by deleting the corresponding key from the key repository. A log is provided to track key repository activity including the issuance of keys and key requests from message recipients. A policy manager is employed to control which recipients are granted keys to read messages and which messages are deleted.

Citations

98 Claims

1. A method for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the method comprising the computer-implemented steps of:
- receiving a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message;
  
  generating, in response to the request, both the message identifier and the key;
  
  providing both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message;
  
  receiving a request from the second node for the key;
  
  providing the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key; and
  
  deleting the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded;
  
  wherein the stored policy criteria includes an instruction to delete all messages that are generated before a specified expiration date.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14, 21, 22, 67, 68)
- - 2. A method as recited in claim 1, further comprising verifying whether the first node is authorized to obtain the key.
  - 3. A method as recited in claim 1, wherein the request from the second node for the key specifies the message identifier, and the method further comprises verifying whether the second node is authorized to receive the key.
  - 4. A method as recited in claim 1, further comprising generating and storing data that indicates that the key was provided to the first node.
  - 5. A method as recited in claim 1, further comprising generating and storing data that indicates that the key was provided to the second node.
  - 6. A method as recited in claim 1, further comprising generating and storing data that indicates that the encoded message was decoded at the second node using the key.
  - 7. A method as recited in claim 6, further comprising generating and storing data that indicates that the retrieved message was stored.
  - 8. A method as recited in claim 1, wherein the specified key policy criteria is determined at the first node.
  - 9. A method as recited in claim 1, wherein the specified key policy criteria is determined at a third node in the network.
  - 10. A method as recited in claim 1, wherein the key policy criteria include criteria selected from the group consisting of expiration date, subject matter and node identification.
  - 11. A method as recited in claim 1, further comprising generating meta data that specifies an attribute of the message, and wherein the step of deleting the key based upon specified key policy criteria includes deleting the key by applying the specified key policy criteria to the meta data.
  - 12. A method as recited in claim 1, further comprising:
14. A method as recited in claim 1, further comprising providing location data to the second node that uniquely identifies a location where the key is maintained.
21. A method as recited in claim 1, further comprising:
- designating the key as declassified to generate a declassified key, and granting the declassified key to any requesting node.
22. A method as recited in claim 1, further comprising:
- generating a digital signature of the message and storing the digital signature in association with the message, and providing the digital signature to the second node to enable the second mode to validate the message.
67. A method as recited in claim 1, wherein the stored policy criteria further includes an instruction to store, up to the specified expiration data, a copy of a message associated with the specified expiration date.
68. A method as recited in claim 1, wherein the stored policy criteria further includes an instruction to provide for the deletion of a message associated with the specified expiration date in response to a request from the first node.

13. A method for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the method comprising the computer-implemented steps of:
- receiving a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message;
  
  generating, in response to the request, both the message identifier and the key;
  
  providing both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message;
  
  receiving a request from the second node for the key;
  
  providing the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key;
  
  deleting the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded; and
  
  after the key is deleted and the next time the second node communicates with the network, instructing the second node to delete the message retrieved from the encoded message using the key.

15. A method for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the method comprising the computer-implemented steps of:
- receiving a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message;
  
  generating, in response to the request, both the message identifier and the key;
  
  providing both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message;
  
  receiving a request from the second node for the key;
  
  providing the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key;
  
  deleting the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded;
  
  receiving a request for a second message identifier and a second key, encoding the encoded message using the second key to generate a twice-encoded message, and communicating the twice-encoded message to a third node in the network.
- View Dependent Claims (16, 73)
- - 16. A method as recited in claim 15, wherein
- 73. A method as recited in claim 15, further comprising:
  - decoding the encoded message with the first key to recover the message;
    
    adding additional content to the message to create a modified message;
    
    encoding the modified message with the key to create an encoded modified message; and
    
    encoding the encoded modified message with a second key to create a twice-encoded modified message.

17. A method for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the method comprising the computer-implemented steps of:
- receiving a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message;
  
  generating, in response to the request, both the message identifier and the key;
  
  providing both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message;
  
  receiving a request from the second node for the key;
  
  providing the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key;
  
  deleting the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded;
  
  extracting a second message identifier from a twice-encoded message, receiving a request for a second key for the twice-encoded message, providing the second key for the twice-encoded message, decoding the twice-encoded message using the second key to recover the encoded message, extracting the first message identifier from the encoded message, receiving a request for the first key to decode the encoded message, providing the first key to allow decoding of the encoded message, and decoding the encoded message using the first key to recover the message.

18. A method for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the method comprising the computer-implemented steps of:
- receiving a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message;
  
  generating, in response to the request, both the message identifier and the key;
  
  providing both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message;
  
  receiving a request from the second node for the key;
  
  providing the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key;
  
  deleting the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded;
  
  extracting a first message identifier and a second message identifier from a twice-encoded message, receiving a request for the first key and a second key for the twice-encoded message, providing the first key and the second key to allow decoding of the twice-encoded message, decoding the twice-encoded message using the second key to recover the encoded message, and decoding the encoded message using the first key to recover the message.

19. A method for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the method comprising the computer-implemented steps of:
- receiving a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message;
  
  generating, in response to the request, both the message identifier and the key;
  
  providing both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message;
  
  receiving a request from the second node for the key;
  
  providing the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key;
  
  deleting the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded;
  
  receiving an encoded message;
  
  receiving a request for a first key to allow decoding of the encoded message, decoding the encoded message using the first key to recover the message, receiving a request for a second key to encode the message, re-encoding the message using the second key to generate a re-encoded message, and communicating re-encoded message to another node.
- View Dependent Claims (75, 76, 77, 78, 79)
- - 75. A method as recited in claim 19, wherein:
76. A method as recited in claim 19, further comprising associating policy criteria associated with the encoded message with the re-encoded message.
77. A method as recited in claim 19, further comprising modifying policy criteria associated with the encoded message to create modified policy criteria;
- and associating the modified policy criteria with the re-encoded.message.
78. A method as recited in claim 19, further comprising causing the re-encoded message to be stored in a repository.
79. A method as recited in claim 19, further comprising causing the second key to be stored in a repository.

20. A method for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the method comprising the computer-implemented steps of:
- receiving a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message;
  
  generating, in response to the request, both the message identifier and the key;
  
  providing both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message;
  
  receiving a request from the second node for the key;
  
  providing the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key;
  
  deleting the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded;
  
  receiving and storing one or more encoded messages at the second node, requesting, receiving, and storing at the second node, one or more keys, wherein each of the keys is associated with one of the encoded messages that are stored at the second node, decoupling the second node from the network, and decoding the encoded messages based on the keys.
- View Dependent Claims (85, 86)
- - 85. A method as recited in claim 20, further comprising re-coupling the second node to the network, and in response thereto, causing the deletion of the keys store at the second node.
  - 86. A method as recited in claim 20, further comprising storing the keys in a secure manner.

23. A computer-readable medium carrying one or more sequences of one or more instructions for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the one or more sequences of one or more instructions including instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
- receiving a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message;
  
  generating, in response to the request, both the message identifier and the key;
  
  providing both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message;
  
  receiving a request from the second node for the key;
  
  providing the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key; and
  
  deleting the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded;
  
  wherein the stored policy criteria includes an instruction to delete all messages that are generated before a specified expiration date.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 36, 43, 44, 69, 70)
- - 24. A computer-readable medium as recited in claim 23, wherein the computer-readable medium further includes instructions which, when executed by the one or more processors, cause the one or more processors to verify whether the first node is authorized to obtain the key.
  - 25. A computer-readable medium as recited in claim 23, wherein the request from the second node for the key specifies the message identifier, and the computer-readable medium further includes instructions which, when executed by the one or more processors, cause the one or more processors to verify whether the second node is authorized to receive the key.
  - 26. A computer-readable medium as recited in claim 23, wherein the computer-readable medium further includes instructions which, when executed by the one or more processors, cause the one or more processors to generate and store data that indicates that the key was provided to the first node.
  - 27. A computer-readable medium as recited in claim 23, wherein the computer-readable medium further includes instructions which, when executed by the one or more processors, cause the one or more processors to generate and store data that indicates that the key was provided to the second node.
  - 28. A computer-readable medium as recited in claim 23, wherein the computer-readable medium further includes instructions which, when executed by the one or more processors, cause the one or more processors to generate and store data that indicates that the encoded message was decoded at the second node using the key.
  - 29. A computer-readable medium as recited in claim 23, wherein the computer-readable medium further includes instructions which, when executed by the one or more processors, cause the one or more processors to generate and store data that indicates that the retrieved message was stored.
  - 30. A computer-readable medium as recited in claim 23, wherein the specified key policy criteria is determined at the first node.
  - 31. A computer-readable medium as recited in claim 23, wherein the specified key policy criteria is determined at a third node in the network.
  - 32. A computer-readable medium as recited in claim 23, wherein the key policy criteria include criteria selected from the group consisting of expiration date, subject matter and node identification.
  - 33. A computer-readable medium as recited in claim 23, wherein the computer-readable medium further includes instructions which, when executed by the one or more processors, cause the one or more processors to generate meta data that specifies an attribute of the message, and wherein the step of deleting the key based upon specified key policy criteria includes deleting the key by applying the specified key policy criteria to the meta data.
  - 34. A computer-readable medium as recited in claim 23, wherein the computer-readable medium further includes instructions which, when executed by the one or more processors, cause the one or more processors to:
36. A computer-readable medium as recited in claim 23, wherein the computer-readable medium further includes instructions which, when executed by the one or more processors, cause the one or more processors to provide location data to the second node that uniquely identifies a location where the key is maintained.
43. A computer-readable medium as recited in claim 23, wherein the computer-readable medium further includes instructions which, when executed by the one or more processors, cause the one or more processors to:
- designate the key as declassified to generate a declassified key, and grant the declassified key to any requesting node.
44. A computer-readable medium as recited in claim 23, wherein the computer-readable medium further includes instructions which, when executed by the one or more processors, cause the one or more processors to:
- generate a digital signature of the message and storing the digital signature in association with the message, and provide the digital signature to the second node to enable the second mode to validate the message.
69. A computer-readable medium as recited in claim 23, wherein the stored policy criteria further includes an instruction to store, up to the specified expiration data, a copy of a message associated with the specified expiration date.
70. A computer-readable medium as recited in claim 23, wherein the stored policy criteria further includes an instruction to provide for the deletion of a message associated with the specified expiration date in response to a request from the first node.

35. A computer-readable medium carrying one or more sequences of one or more instructions for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the one or more sequences of one or more instructions including instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
- receiving a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message;
  
  generating, in response to the request, both the message identifier and the key;
  
  providing both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message;
  
  receiving a request from the second node for the key;
  
  providing the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key;
  
  deleting the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded; and
  
  after the key is deleted and the next time the second node communicates with the network, instruct the second node to delete the message retrieved from the encoded message using the key.

37. A computer-readable medium carrying one or more sequences of one or more instructions for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the one or more sequences of one or more instructions including instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
- receiving a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message;
  
  generating, in response to the request, both the message identifier and the key;
  
  providing both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message;
  
  receiving a request from the second node for the key;
  
  providing the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key;
  
  deleting the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded;
  
  receive a request for a second message identifier and a second key, encode the encoded message using the second key to generate a twice-encoded message, and communicate the twice-encoded message to a third node in the network.
- View Dependent Claims (38, 74)
- - 38. A computer-readable medium as recited in claim 37, wherein
- 74. A computer-readable medium as recited in claim 37, further comprising:
  - decoding the encoded message with the first key to recover the message;
    
    adding additional content to the message to create a modified message;
    
    encoding the modified message with the key to create an encoded modified message; and
    
    encoding the encoded modified message with a second key to create a twice-encoded modified message.

39. A computer-readable medium carrying one or more sequences of one or more instructions for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the one or more sequences of one or more instructions including instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
- receiving a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message;
  
  generating, in response to the request, both the message identifier and the key;
  
  providing both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message;
  
  receiving a request from the second node for the key;
  
  providing the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key;
  
  deleting the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded;
  
  extract a second message identifier from a twice-encoded message, receive a request for a second key for the twice-encoded message, provide the second key for the twice-encoded message, decode the twice-encoded message using the second key to recover the encoded message, extract the first message identifier from the encoded message, receive a request for the first key to decode the encoded message, provide the first key to allow decoding of the encoded message, and decode the encoded message using the first key to recover the message.

40. A computer-readable medium carrying one or more sequences of one or more instructions for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the one or more sequences of one or more instructions including instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
- receiving a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message;
  
  generating, in response to the request, both the message identifier and the key;
  
  providing both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message;
  
  receiving a request from the second node for the key;
  
  providing the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key;
  
  deleting the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded;
  
  extract a first message identifier and a second message identifier from a twice-encoded message, receive a request for a first key and the second key for the twice-encoded message, provide the first key and the second key to allow decoding of the twice-encoded message, decode the twice-encoded message using the second key to recover the encoded message, and decode the encoded message using the first key to recover the message.

41. A computer-readable medium carrying one or more sequences of one or more instructions for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the one or more sequences of one or more instructions including instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
- receiving a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message;
  
  generating, in response to the request, both the message identifier and the key;
  
  providing both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message;
  
  receiving a request from the second node for the key;
  
  providing the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key;
  
  deleting the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded;
  
  receive an encoded message;
  
  receive a request for a first key to allow decoding of the encoded message, decode the encoded message using the first key to recover the message, receive a request for a second key to encode the message, re-encode the message using the second key to generate a re-encoded message, and communicate re-encoded message to another node.
- View Dependent Claims (80, 81, 82, 83, 84)
- - 80. A computer-readable medium as recited in claim 41, wherein:
81. A computer-readable medium as recited in claim 41, further comprising additional instructions which, when executed by the one or more processors, cause the one or more processors to associate policy criteria associated with the encoded message with the re-encoded message.
82. A computer-readable medium as recited in claim 41, further comprising additional instructions which, when executed by the one or more processors, cause the one or more processors to modify policy criteria associated with the encoded message to create modified policy criteria;
- and associate the modified policy criteria with the re-encoded message.
83. A computer-readable medium as recited in claim 41, further comprising additional instructions which, when executed by the one or more processors, cause the one or more processors to cause the re-encoded message to be stored in a repository.
84. A computer-readable medium as recited in claim 41, further comprising additional instructions which, when executed by the one or more processors, cause the one or more processors to cause the second key to be stored in a repository.

42. A computer-readable medium carrying one or more sequences of one or more instructions for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the one or more sequences of one or more instructions including instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
- receiving a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message;
  
  generating, in response to the request, both the message identifier and the key;
  
  providing both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message;
  
  receiving a request from the second node for the key;
  
  providing the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key;
  
  deleting the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded;
  
  receive and storing one or more encoded messages at the second node, request, receiving, and storing at the second node, one or more keys, wherein each of the keys is associated with one of the encoded messages that are stored at the second node, decouple the second node from the network, and decode the encoded messages.based on the keys.
- View Dependent Claims (87, 88)
- - 87. A computer-readable medium as recited in claim 42, further comprising additional instructions which, when executed by the one or more processors, cause the one or more processors to cause the second node to be re-coupled to the network, and in response thereto, cause the deletion of the keys store at the second node.
  - 88. A computer-readable medium as recited in claim 42, further comprising additional instructions which, when executed by the one or more processors, cause the one or more processors to cause the keys to be stored in a secure manner.

45. An apparatus for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the apparatus comprising:
- a storage medium; and
  
  a key repository communicatively coupled to the storage medium, wherein the key repository is configured to receive a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message, generate, in response to the request, both the message identifier and the key, provide both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message, receive a request from the second node for the key, provide the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key, and delete the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded;
  
  wherein the stored policy criteria includes an instruction to delete all messages that are generated before a specified expiration date.
- View Dependent Claims (46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 58, 59, 60, 71, 72)
- - 46. An apparatus as recited in claim 45, wherein the key repository is further configured to verify whether the first node is authorized to obtain the key from the key repository.
  - 47. An apparatus as recited in claim 45, wherein the request from the second node for the key specifies the message identifier, and the key repository is further configured to verify whether the second node is authorized to receive the key.
  - 48. An apparatus as recited in claim 45, wherein the key repository is further configured to generate and store data that indicates that the key was provided to the first node.
  - 49. An apparatus as recited in claim 45, wherein the key repository is further configured to generate and store data that indicates that the key was provided to the second node.
  - 50. An apparatus as recited in claim 45, wherein the key repository is further configured to generate and store data that indicates that the encoded message was decoded at the second node using the key.
  - 51. An apparatus as recited in claim 50, wherein the key repository is further configured to generate and store data that indicates that the retrieved message was stored.
  - 52. An apparatus as recited in claim 45, wherein the specified key policy criteria is determined at the first node.
  - 53. An apparatus as recited in claim 45, wherein the specified key policy criteria is determined at a third node in the network.
  - 54. An apparatus as recited in claim 45, wherein the key policy criteria include criteria selected from the group consisting of expiration date, subject matter and node identification.
  - 55. An apparatus as recited in claim 45, wherein the key repository is further configured to generate meta data that specifies an attribute of the message, and wherein the step of deleting the key from the key repository based upon specified key policy criteria includes deleting the key from the key repository by applying the specified key policy criteria to the meta data.
  - 56. An apparatus as recited in claim 45, wherein the key repository is further configured to store the message identifier and the key on the storage medium.
  - 58. An apparatus as recited in claim 45, wherein the key repository is further configured to provide location data to the second node that uniquely identifies a location where the key is maintained.
  - 59. An apparatus as recited in claim 45, wherein the key repository is further configured to:
60. An apparatus as recited in claim 45, wherein the key repository is further configured to:
- generate a digital signature of the message and storing the digital signature in association with the message, and provide the digital signature to the second node to enable the second mode to validate the message.
71. An apparatus as recited in claim 45, wherein the stored policy criteria further includes an instruction to store, up to the specified expiration data, a copy of a message associated with the specified expiration date.
72. An apparatus as recited in claim 45, wherein the stored policy criteria further includes an instruction to provide for the deletion of a message associated with the specified expiration date in response to a request from the first node.

57. An apparatus for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the apparatus comprising:
- a storage medium; and
  
  a key repository communicatively coupled to the storage medium, wherein the key repository is configured to receive a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message, generate, in response to the request, both the message identifier and the key, provide both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message, receive a request from the second node for the key, provide the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key, delete the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded; and
  
  after the key is deleted and the next time the second node communicates with the key repository, instruct the second node to delete the message retrieved from the encoded message using the key.

61. A method for transmitting a message from a first node to a second node in a network, the method comprising the computer-implemented steps of:
- receiving and storing a message from the first node that is to be provided to the second node;
  
  receiving a request for the message from the second node, wherein the request is generated in response to the second node being notified by the first node that the message is available for the second node;
  
  providing, in response to the request for the message from the second node, access to the message by the second node; and
  
  deleting the message based upon specified policy criteria.
- View Dependent Claims (62, 63, 64, 65)
- - 62. A method as recited in claim 61, further comprising
- 63. A method as recited in claim 61, further comprising generating meta data that specifies an attribute of the message, and wherein the step of deleting the message based upon specified policy criteria includes deleting the message by applying the specified policy criteria to the meta data.
- 64. A method as recited in claim 61, wherein the first and second nodes are communicatively coupled via the Internet and the notification that the message is available for the second node includes a uniform resource locator (URL).
- 65. A method as recited in claim 61, wherein:
  - the message is Internet email, the network is the Internet, and the notification provided by the first node to the second node specifies a uniform resource locator (URL) associated with a location from which the Internet email can be retrieved.

66. An apparatus for controlling and tracking access to a message that is communicated from a first node to a second node in a network, the apparatus comprising:
- a storage medium; and
  
  key management means communicatively coupled to the storage medium, wherein the key management means is configured to receive a request from the first node for a message identifier that uniquely identifies the message and a key that may be used to encode the message, generate, in response to the request, both the message identifier and the key, provide both the message identifier and the key to the first node to allow the message to be encoded with the key to generate an encoded message, receive a request from the second node for the key, provide the key to the second node to allow the encoded message to be decoded and the message to be retrieved using the key, and delete the key based upon specified key policy criteria to prevent copies of the encoded message from being decoded.

89. A computer-readable medium for transmitting a message from a first node to a second node in a network, the computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
- receiving and storing a message from the first node that is to be provided to the second node;
  
  receiving a request for the message from the second node, wherein the request is generated in response to the second node being notified by the first node that the message is available for the second node;
  
  providing, in response to the request for the message from the second node, access to the message by the second node; and
  
  deleting the message based upon specified policy criteria.
- View Dependent Claims (90, 91, 92, 93)
- - 90. A computer-readable medium as recited in claim 89, further comprising additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the steps of:
91. A computer-readable medium as recited in claim 89, further comprising additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the step of generating meta data that specifies an attribute of the message, and wherein the step of deleting the message based upon specified policy criteria includes deleting the message by applying the specified policy criteria to the meta data.
92. A computer-readable medium as recited in claim 89, wherein the first and second nodes are communicatively coupled via the Internet and the notification that the message is available for the second node includes a uniform resource locator (URL).
93. A computer-readable medium as recited in claim 89, wherein:
- the message is Internet email, the network is the Internet, and the notification provided by the first node to the second node specifies a uniform resource locator (URL) associated with a location from which the Internet email can be retrieved.

94. An apparatus for transmitting a message from a first node to a second node in a network, the apparatus comprising a memory with one or more sequences of instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
- receiving and storing a message from the first node that is to be provided to the second node;
  
  receiving a request for the message from the second node, wherein the request is generated in response to the second node being notified by the first node that the message is available for the second node;
  
  providing, in response to the request for the message from the second node, access to the message by the second node; and
  
  deleting the message based upon specified policy criteria.
- View Dependent Claims (95, 96, 97, 98)
- - 95. An apparatus as recited in claim 94, wherein the memory further comprises additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the steps of:
96. An apparatus as recited in claim 94, wherein the memory further comprises additional instructions which, when executed by the one or more processors, cause the one or more processors to perform the step of generating meta data that specifies an attribute of the message, and wherein the step of deleting the message based upon specified policy criteria includes deleting the message by applying the specified policy criteria to the meta data.
97. An apparatus as recited in claim 94, wherein the first and second nodes are communicatively coupled via the Internet and the notification that the message is available for the second node includes a uniform resource locator (URL).
98. An apparatus as recited in claim 94, wherein:
- the message is Internet email, the network is the Internet, and the notification provided by the first node to the second node specifies a uniform resource locator (URL) associated with a location from which the Internet email can be retrieved.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Check Point Software Technologies Incorporated (Check Point Software Technologies Limited)
Original Assignee
Disappearing, Inc. (Removery LLC)
Inventors
Marvit, David, Rosema, Keith David, Ubois, Jeffrey, Marvit, Maclen
Primary Examiner(s)
Hayes, Gail
Assistant Examiner(s)
Baum, Ronald

Application Number

US09/300,085
Time in Patent Office

1,611 Days
Field of Search

713/200-202, 380/277-279, 709/207
US Class Current

726/28
CPC Class Codes

H04L 2209/60   Digital content management,...

H04L 2209/80   Wireless

H04L 51/234   for tracking messages

H04L 63/0428   wherein the data content is...

H04L 63/0464   using hop-by-hop encryption...

H04L 63/062   for key distribution, e.g. ...

H04L 63/102   Entity profiles

H04L 9/083   involving central third par...

H04L 9/0891   Revocation or update of sec...

H04L 9/3247   involving digital signatures

Controlling and tracking access to disseminated information

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

98 Claims

Specification

Solutions

Use Cases

Quick Links

Controlling and tracking access to disseminated information

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

98 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links