System for transmitting secure data between a sender and a recipient over a computer network using a virtual envelope and method for using the same

US 7,117,370 B2
Filed: 02/20/2002
Issued: 10/03/2006
Est. Priority Date: 02/20/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A system for transmitting secure data between a sender and a recipient over a computer network using a virtual envelope, said system comprising:

a. a sender work station comprising a first computer connected to a first keyboard, a first monitor, sender biometric capture means, a first software program residing in said first computer for converting said sender biometric into a sender biometric template, a first server connected to said computer network, said first server comprising a first database of biometric templates of authorized senders and a second software program residing in said first server for authenticating the identity of said sender by comparing said sender biometric template with said first database of biometric templates of authorized senders, displaying an image of the biometric of the closest match on said first monitor and displaying the confidence level of said closest match on the first monitor;

b. a recipient work station in communication with said first sender work station over the computer network, said recipient work station comprising a second computer connected to a second keyboard, second monitor and recipient biometric capture means, said first software program residing on said second computer for converting said recipient biometric into a recipient biometric template, a second server connected to the computer network, said second server comprising a second database of biometric templates of authorized recipients and said second software program residing on the second server for authenticating the identity of said recipient by comparing said recipient biometric template with said database of biometric templates of authorized recipients, displaying an image of the biometric of the closest match on said second monitor and displaying the confidence level of said closest match on the second monitor;

c. a visible authentication icon adapted to confirm the identity of the sender and of the recipient as authorized sender and recipient respectively, wherein said authentication icon displays an image of the biometric of the authorized sender and recipient respectively, and wherein the authentication icon is generated by the second software application, and further wherein the sender and recipient are granted access to the system only upon generation of their respective authentication icons;

d. an invisible digital watermark embedded in said image of the biometric to prevent electronic counterfeiting, wherein said invisible digital water mark is generated by the second software application; and

,e. a visible virtual envelope to which said secure data to be sent over the computer network is attached, wherein said visible virtual envelope is created, electronically sealed and sent from said sender workstation only upon authentication of the identity of the authorized sender otherwise not created and opened electronically at said recipient workstation only upon the authentication of the identity of the authorized recipient otherwise not opened, and wherein the visible virtual envelope is created by the second software application; and

further wherein the visible virtual envelope is marked with the visible authentication icon of the sender prior to being sent so that the recipient knows the sender is an authorized sender, and wherein the visible virtual envelope is marked with the visible authentication icon of the recipient prior to being returned to the sender so that the sender knows the recipient was an authorized recipient.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for secure transmission of data, like e-mail and other secure documents, over a computer network includes the use of biometrics to verify that the sender of the data is confirmed as an individual authorized for secure access transmission of data over the network and by verifying that the recipient of the data is also an individual authorized to receive data by secure access transmission over the network. The methodology comprises creating a database containing the biometric templates of all individuals authorized for secure access transmission of data over the network and connecting the database to a data processor. The transmission of counterfeit messages is prevented by confirming the identity of the sender as an individual authorized for secure access transmission over the network by scanning a predetermined biometric of the sender, and comparing the biometric of the sender with the predetermined biometric of all individuals who are authorized for secure access transmission over the network. The recipient of a secure access message is not permitted to access the message until recipient'"'"'s identity has been similarly confirmed as an individual authorized to receive messages secure access transmitted over the network. Once the recipient'"'"'s identity is confirmed the message may be opened. The sender will receive confirmation by return electronic mail that the message has been opened by the authorized recipient.

138 Citations

22 Claims

1. A system for transmitting secure data between a sender and a recipient over a computer network using a virtual envelope, said system comprising:
- a. a sender work station comprising a first computer connected to a first keyboard, a first monitor, sender biometric capture means, a first software program residing in said first computer for converting said sender biometric into a sender biometric template, a first server connected to said computer network, said first server comprising a first database of biometric templates of authorized senders and a second software program residing in said first server for authenticating the identity of said sender by comparing said sender biometric template with said first database of biometric templates of authorized senders, displaying an image of the biometric of the closest match on said first monitor and displaying the confidence level of said closest match on the first monitor;
  
  b. a recipient work station in communication with said first sender work station over the computer network, said recipient work station comprising a second computer connected to a second keyboard, second monitor and recipient biometric capture means, said first software program residing on said second computer for converting said recipient biometric into a recipient biometric template, a second server connected to the computer network, said second server comprising a second database of biometric templates of authorized recipients and said second software program residing on the second server for authenticating the identity of said recipient by comparing said recipient biometric template with said database of biometric templates of authorized recipients, displaying an image of the biometric of the closest match on said second monitor and displaying the confidence level of said closest match on the second monitor;
  
  c. a visible authentication icon adapted to confirm the identity of the sender and of the recipient as authorized sender and recipient respectively, wherein said authentication icon displays an image of the biometric of the authorized sender and recipient respectively, and wherein the authentication icon is generated by the second software application, and further wherein the sender and recipient are granted access to the system only upon generation of their respective authentication icons;
  
  d. an invisible digital watermark embedded in said image of the biometric to prevent electronic counterfeiting, wherein said invisible digital water mark is generated by the second software application; and
  
  ,e. a visible virtual envelope to which said secure data to be sent over the computer network is attached, wherein said visible virtual envelope is created, electronically sealed and sent from said sender workstation only upon authentication of the identity of the authorized sender otherwise not created and opened electronically at said recipient workstation only upon the authentication of the identity of the authorized recipient otherwise not opened, and wherein the visible virtual envelope is created by the second software application; and
  
  further wherein the visible virtual envelope is marked with the visible authentication icon of the sender prior to being sent so that the recipient knows the sender is an authorized sender, and wherein the visible virtual envelope is marked with the visible authentication icon of the recipient prior to being returned to the sender so that the sender knows the recipient was an authorized recipient.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system as claimed in claim 1 wherein the image of the biometric of the authorized sender arid recipient is a facial image.
  - 3. The system as claimed in claim 1 wherein the visible virtual envelope is encrypted automatically using encryption means only upon authentication of the sender as an authorized sender and decrypted automatically using decryption means only upon authentication of the recipient as an authorized recipient.
  - 4. The system as claimed in claim 3 in which the visible virtual envelope and the secure data attached thereto are encrypted separately.
  - 5. The system as claimed in claim 3 wherein said encryption means and said decryption means are based upon public key infrastructure encryption and decryption.
  - 6. The system as claimed in claim 1 wherein the visible virtual envelope displays the following data fields at the sender'"'"'s work station prior to sending to the recipient:
    - a. the authentication icon of the authorized sender;
      
      b. the name of the sender;
      
      c. the name of the recipient;
      
      d. the e-mail address of the recipient;
      
      e. a subject line;
      
      f. a document tracking number;
      
      g. the date the message was sent; and
      
      ,h. an indication of the number of attachments with the message.
  - 7. The system as claimed in claim 6 wherein the visible virtual envelope displays the following information at the recipient'"'"'s work station:
    - a. the authentication icon of the authorized sender and authorized recipient;
      
      b. the date and time the envelope was opened;
      
      c. a visible watermark over the virtual envelope so that the virtual envelope cannot be copied and reused; and
      
      ,d. a visible water mark over the authentication icons of the authorized sender and the authorized recipient so that the icons cannot be copied and reused.
  - 8. The system as claimed in claim 7 wherein the visible virtual envelope is returned automatically to the authorized sender once it is opened by the authorized recipient.
  - 9. The system as claimed in claim 1, wherein the sender is an authorized sender and the recipient is an unauthorized recipient, and wherein said unauthorized recipient may open the visible virtual envelope and access the secure data contained therein without biometric authentication of the recipient'"'"'s identity by using an authorized software program permitting access to the secure data without authentication of the recipient'"'"'s identity.

10. A method for creating a system for transmitting secure data over a computer network using biometric templates for authenticating the identity of a sender as an authorized sender of said secure data and a recipient as an authorized recipient of the secure data, said method comprising the steps of:
- a. providing a sender work station comprising a first computer connected to a first keyboard and a first monitor, wherein said first computer is in communication with a first server, and wherein said first server is in communication with said computer network;
  
  b. providing a recipient work station comprising a second computer connected to a second keyboard and a second monitor, wherein said second computer is in communication with a second server, and wherein said second server is in communication with the computer network;
  
  c. selecting a biometric for authenticating the identity of said sender and said recipient;
  
  d. obtaining said biometric from all authorized senders and authorized recipients and creating a database of biometrics of all authorized senders and authorized recipients;
  
  e. converting said database of biometrics into a database of biometric templates;
  
  f. storing said database of biometric templates in said first and said second servers;
  
  g. providing biometric capture means for capturing the biometric of the sender and recipient and attaching said biometric capture means to said first and said second computers;
  
  h. providing a first software application for converting said sender and said recipient biometric into a sender and recipient biometric template, wherein said first software application resides within the first and second computers; and
  
  ,i. providing a second software application for comparing said sender and recipient biometric template with the database of biometric templates, wherein said second software application is adapted to match the sender and recipient biometric templates with the biometric template of an authorized sender and authorized recipient respectively within a predetermined confidence interval, and wherein the second software application resides within the first and second servers, and further wherein the second software application is further adapted to generate a virtual envelope for containing and transmitting said secure data over the computer network only upon the authentication of the identity of the sender as an authorized sender, and wherein the second software application permits opening of the virtual envelope by the recipient only upon authentication of the recipient as an authorized recipient.

11. A method using biometric templates for transmitting secure data over a computer network between a sender using a first networked computer at a first workstation and a recipient using a second networked at a second workstation wherein authentication of the identity of said sender as an authorized sender is a condition precedent to transmission of said secure data, and further wherein authentication of the identity of said recipient as an authorized recipient is a condition precedent to accessing the secure data, said method comprising the following steps:
- a. a step for authenticating the identity of the sender as an authorized sender;
  
  b. a step for creating a visible virtual envelope for attaching the secure data thereto, wherein said visible virtual envelope may be opened only by an authorized recipient;
  
  c. a step for sealing and sending the visible virtual envelope to the recipient;
  
  d. a step for authenticating the identity of the recipient as an authorized recipient; and
  
  ,e. a step for opening the visible virtual envelope to gain access to the secure data attached thereto.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 12. The method of claim 11 further comprising a step for encrypting said visible virtual envelope by encryption means after said step for authenticating the identity of said sender.
  - 13. The method of claim 12 further comprising a step for decrypting the visible virtual envelope by decryption means after said step for authenticating the identity of the recipient.
  - 14. The method of claim 11, wherein said step for authenticating the identity of the sender as an authorized sender comprises the steps of:
    - a. obtaining a predetermined biometric of the sender using biometric capture means;
      
      b. converting said predetermined biometric into a biometric template using a first software application;
      
      c. comparing said biometric template with a database of biometric templates representative of all authorized senders using a second software application;
      
      d. confirming that the biometric template of the sender is contained within the database of biometric templates of authorized senders within a predetermined confidence interval using said second software application; and
      
      ,e. creating an authentication icon displaying the predetermined biometric of the sender using the second software application, wherein said authentication icon includes an invisible digital watermark to prevent copying thereof.
  - 15. The method of claim 14, wherein said step for creating the visible virtual envelope includes the electronic attachment of the secure data thereto and displaying said authentication icon thereupon.
  - 16. The method of claim 15 wherein the step for creating the visible virtual envelope further includes placing upon the virtual envelope the name and electronic address of the recipient, a subject line, the date and time the envelope was transmitted and the number of attachments included.
  - 17. The method of claim 16 wherein said step for authenticating the identity of the recipient as an authorized recipient comprises the steps of:
    - a. obtaining the predetermined biometric of the recipient using said biometric capture means;
      
      b. converting the predetermined biometric into a biometric template using the first software application;
      
      c. comparing said biometric template with a database of biometric templates representative of all authorized recipients using the second software application;
      
      d. confirming that the biometric template of the recipient is contained within the database of biometric templates of authorized recipients within said predetermined confidence interval using the second software application; and
      
      ,e. creating an authentication icon displaying the predetermined biometric of the recipient using the second software application, wherein said authentication icon includes an invisible digital watermark to prevent copying thereof.
  - 18. The method of claim 17 wherein said step for opening the visible virtual envelope includes the step of placing said authentication icon displaying the predetermined biometric of the authorized recipient on the visible virtual envelope and automatically sending a copy of the opened visible virtual envelope to the authorized sender.
  - 19. The method of claim 18 wherein the step of opening the visible virtual envelope further includes the step of placing visible watermarks on the visible virtual envelope to signify that visible virtual envelope been opened by the authorized recipient and to prevent copying of the visible virtual envelope.
  - 20. The method of claim 19 wherein said visible watermarks take the form of a plurality of wavy lines superimposed over the authentication icon displaying the predetermined biometric of the authorized sender and the authorized recipient.
  - 21. The method as claimed in claim 20 wherein the watermarks further include the visible word “
    - opened”
      
      placed across the visible virtual envelope.

22. In a computer network comprising a plurality of computers wherein said network further comprises a sender'"'"'s secure access computer and a recipient'"'"'s non-secure access computer, a method using biometrics to create a secure access transmission mode between said sender'"'"'s secure access computer and said recipient'"'"'s non-secure access computer, said method comprising the following steps executable at the sender'"'"'s computer:
- a. creating a message for transmission over the network;
  
  b. selecting said secure access transmission mode;
  
  c. confirming by biometric means the identity of the sender as an individual authorized secure access to the network;
  
  d. attaching said message to an electronic template having a plurality of data fields for placing a plurality of information therein to be transmitted with said message;
  
  e. populating said data fields with;
  
  i. an image of the authenticated sender'"'"'s biometric;
  
  ii. an image of the sender'"'"'s corporate logo;
  
  iii. the name of the sender;
  
  iv. the name of the recipient;
  
  v. electronic address of the recipient;
  
  vi. the subject of the message;
  
  vii. the date and time the message was sent;
  
  viii. the number of files attached to the message;
  
  ix. instructions to obtain message reading means so that the recipient is directed to a location on the network where the recipient can obtain a software program permitting access to the message without recipient identity authentication;
  
  f. sealing said electronic template;
  
  g. transmitting the electronic template to the recipient computer;
  
  h. receiving the template at the recipient computer;
  
  i. alerting the recipient as to the receipt of a secured message;
  
  j. directing the recipient to follow said instructions;
  
  k. downloading said software program;
  
  l. opening the template using the software and accessing the messages contained therein;
  
  m. placing a confirming message to the sender on the template stating that the message has been opened by the recipient using the software;
  
  n. placing visible watermarks on the authenticated sender'"'"'s biometric image and the template indicating that the message has been opened; and
  
  ,o. transmitting a copy of the opened template to the sender.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SSK Virtualimage Corporation
Original Assignee
Martin Levine, Sal Khan
Inventors
Khan, Sal, Levine, Martin
Primary Examiner(s)
Louis-Jacques, Jacques H.
Assistant Examiner(s)
Tran, Ellen C

Application Number

US10/077,864
Publication Number

US 20020116508A1
Time in Patent Office

1,686 Days
Field of Search

726/28, 713/186, 713/170, 713/150
US Class Current

713/186
CPC Class Codes

H04L 51/224   providing notification on i...

H04L 63/0861   using biometrical features,...

H04L 63/101   Access control lists [ACL]

System for transmitting secure data between a sender and a recipient over a computer network using a virtual envelope and method for using the same

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

138 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

System for transmitting secure data between a sender and a recipient over a computer network using a virtual envelope and method for using the same

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

138 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links