Secure and reliable document delivery
First Claim
Patent Images
1. A computer-implemented method for securely delivering a document from a sender to a recipient, the method comprising an operations center (OC) performing the steps of:
- registering the sender in a sender registration record and associating a sender public-private key pair for the sender with the sender;
receiving a communication encrypted by the sender using a sender private key selected from said sender public-private key pair;
recalling a sender public key selected from said sender public-private key pair from said sender registration record;
authenticating the sender by using the recalled sender public key to decrypt the communication sent from the sender;
establishing a first secure connection between the sender and the OC in response to authenticating the sender;
associating the recipient with a recipient public key from a recipient public-private key pair, wherein said recipient public-private key pair is distinct and separate from said sender public-private key;
storing an escrow encryption key separate from said recipient public key and from said sender public key for selectively encrypting communications to the recipient in place of the recipient escrow encryption key; and
encrypting a delivery to the recipient using the recipient public key if said recipient public key is stored in the OC and encrypting the delivery to the recipient using the escrow encryption key when said recipient public key is not stored in the OC, and subsequently sending the encrypted delivery to the recipient after encryption of the delivery by one from a group comprising a recipient public key and an escrow encryption key, the delivery comprising at least the document.
5 Assignments
0 Petitions
Accused Products
Abstract
An Operations Center (OC) (200) acts as a central key manager and intermediary in securely, reliably and non-repudiably delivering a document (3) from a sender (100) to a recipient (300). The OC (200) acts as a key manager to facilitate the process of strong authentication of the sender (100) and the recipient (300), encryption of the delivery (510), and setup of reliable connections (2A, 2B, 2C). In a preferred embodiment, the reliable connections (2A, 2B, 2C) are virtual private network connections.
272 Citations
67 Claims
-
1. A computer-implemented method for securely delivering a document from a sender to a recipient, the method comprising an operations center (OC) performing the steps of:
-
registering the sender in a sender registration record and associating a sender public-private key pair for the sender with the sender; receiving a communication encrypted by the sender using a sender private key selected from said sender public-private key pair; recalling a sender public key selected from said sender public-private key pair from said sender registration record; authenticating the sender by using the recalled sender public key to decrypt the communication sent from the sender; establishing a first secure connection between the sender and the OC in response to authenticating the sender; associating the recipient with a recipient public key from a recipient public-private key pair, wherein said recipient public-private key pair is distinct and separate from said sender public-private key; storing an escrow encryption key separate from said recipient public key and from said sender public key for selectively encrypting communications to the recipient in place of the recipient escrow encryption key; and encrypting a delivery to the recipient using the recipient public key if said recipient public key is stored in the OC and encrypting the delivery to the recipient using the escrow encryption key when said recipient public key is not stored in the OC, and subsequently sending the encrypted delivery to the recipient after encryption of the delivery by one from a group comprising a recipient public key and an escrow encryption key, the delivery comprising at least the document. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A system for securely delivering a document from a sender to a recipient, the system comprising an operations center (OC) comprising:
-
a key manager module for associating the sender with a first sender public key from a sender public-private key pair and for associating the recipient with a second recipient public key from a recipient public-private key pair, where said sender public key and said receiver public key are not the same key; a directory interface, coupled to the key manager module and to a public key database and an escrow key manager, for searching the public key database upon request from the sender for an encryption key and for returning one key, where said one key is said recipient public key when a recipient public key is stored in the public key database, and said one key is an escrow encryption key only when said recipient public key is not returned from the public key database; an authentication module, coupled to the key manager module, for using the sender public key, in conjunction with the sender using the sender private key, to authenticate the sender; a secure connection module, coupled to the authentication module, for establishing a first secure connection between the sender and the OC; and a messaging module, coupled to the secure connection module, for receiving a request from the sender for an encryption key to secure a delivery, the delivery comprising at least the document, and for transmitting to the sender one from a group comprising the recipient public key and the escrow encryption key, where said escrow encryption key is used only to encrypt documents to be sent to the recipient. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
-
-
45. In a computer-readable medium, a computer program product for an operations center (OC) facilitating secure delivery of a document from a sender to a recipient, the computer readable medium comprising program code adapted to perform the steps of:
-
associating the sender with a sender public key from a sender public-private key pair;
using the sender public key, in conjunction with the sender using the sender private key, to authenticate the sender;establishing a first secure connection between the sender and the OC; associating the recipient with a recipient public key from a recipient publicprivate key pair; and providing one from a group comprising a recipient public key and an escrow encryption key to the sender to secure a delivery, the delivery comprising at least the document. - View Dependent Claims (46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67)
-
Specification