Secure and reliable document delivery using routing lists

US 7,251,728 B2
Filed: 10/18/2001
Issued: 07/31/2007
Est. Priority Date: 07/07/2000
Status: Expired due to Fees

- Alert
- Pin

First Claim

Patent Images

1. A method for facilitating a secure delivery of a document from a sender to a next stage on a routing list, the method comprising the steps of:

receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document;

identifying a recipient from the next stage of the routing list;

sending an inquiry to a public key database to determine whether the recipient has a public key;

receiving a response to said inquiry, said response selected from the group of said recipient having a public key in said database and said recipient not having a public key in said database;

if said response is said recipient having a public key in said public key database, completing the steps of;

(a) retrieving said public key from said public key database and(b) setting a message encryption key for encrypting the document equal to said public key;

(c) encrypting the document prior to sending said document using the message encryption key;

if said response is said recipient not having a public key in said public key database, completing the steps of;

(a) providing an escrow encryption key not equal to the recipient'"'"'s public key and not equal to the sender'"'"'s private key, wherein an escrow unencryption key for unlocking said escrow encryption key is not made available to said recipient and(b) encrypting the document using the generated escrow encryption key, and storing the escrow key encrypted document until a new public encryption key is assigned to the recipient;

(c) assigning a new public encryption key not equal to the generated escrow encryption key and private encryption key to the recipient;

(d) unencrypting the escrow encryption key encrypted document using an escrow unencryption key and re-encrypting the document using the new public encryption key prior to sending said document using the message encryption key;

and providing the public key encrypted document to the recipient.

View all claims

6 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

An operations center (OC) (200) acts as an intermediary for securely and reliably transmitting a document (3) from a sender (100) to a next recipient (300) on a routing list. The OC (200) identifies (464) a recipient (300) from the next stage of the routing list and provides either the recipient'"'"'s public key (404) or an escrow encryption key (406). The OC (200) optionally can authenticate the sender (100) and/or the recipient (300), thus increasing security.

127 Citations

View as Search Results

57 Claims

1. A method for facilitating a secure delivery of a document from a sender to a next stage on a routing list, the method comprising the steps of:
- receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document;
  
  identifying a recipient from the next stage of the routing list;
  
  sending an inquiry to a public key database to determine whether the recipient has a public key;
  
  receiving a response to said inquiry, said response selected from the group of said recipient having a public key in said database and said recipient not having a public key in said database;
  
  if said response is said recipient having a public key in said public key database, completing the steps of;
  
  (a) retrieving said public key from said public key database and(b) setting a message encryption key for encrypting the document equal to said public key;
  
  (c) encrypting the document prior to sending said document using the message encryption key;
  
  if said response is said recipient not having a public key in said public key database, completing the steps of;
  
  (a) providing an escrow encryption key not equal to the recipient'"'"'s public key and not equal to the sender'"'"'s private key, wherein an escrow unencryption key for unlocking said escrow encryption key is not made available to said recipient and(b) encrypting the document using the generated escrow encryption key, and storing the escrow key encrypted document until a new public encryption key is assigned to the recipient;
  
  (c) assigning a new public encryption key not equal to the generated escrow encryption key and private encryption key to the recipient;
  
  (d) unencrypting the escrow encryption key encrypted document using an escrow unencryption key and re-encrypting the document using the new public encryption key prior to sending said document using the message encryption key;
  
  and providing the public key encrypted document to the recipient.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 2. The method of claim 1 further comprising:
    - defining and storing the routing list before an originating sender indicates a desire to deliver the document to the routing list.
  - 3. The method of claim 1 further comprising:
    - receiving the routing list together with an indication that an originating sender desires to deliver the document to the routing list; and
      
      storing the routing list.
  - 4. The method of claim 1 further comprising:
    - sending the message encryption key to the sender.
  - 5. The method of claim 4 wherein the step of sending the message encryption key to the sender comprises:
    - sending to the sender a digital certificate containing the recipient'"'"'s public key.
  - 6. The method of claim 4 further comprising:
    - the sender encrypting the document using the message encryption key; and
      
      the sender delivering the encrypted document to the recipient.
  - 7. The method of claim 1 further comprising:
    - the sender delivering the document to the recipient.
  - 8. The method of claim 1 wherein:
    - the routing list is identified by a routing list identifier; and
      
      the step of receiving an indication that a sender desires to deliver a document to a next stage on the routing list includes receiving the routing list identifier.
  - 9. The method of claim 8 wherein the routing list identifier includes an email address of said routing list.
  - 10. The method of claim 8 wherein the routing list identifier includes an address at a domain name of a web page for routing lists.
  - 11. The method of claim 1 wherein:
    - the next stage in the routing list comprises a group of recipients; and
      
      the step of identifying a recipient from the next stage comprises identifying at least one of the recipients in the group.
  - 12. The method of claim 1 wherein the step of receiving an indication that a sender desires to deliver a document to a next stage on the routing list comprises:
    - receiving a query from the sender for an identity of a recipient from the next stage of the routing list.
  - 13. The method of claim 12 further comprising:
    - tracking a current recipient of the document from the routing list; and
      
      in response to the query;
      
      returning an error message, if the routing list cannot be located or the querying sender is not the current recipient; and
      
      returning the identity of at least one recipient from the next stage of the routing list, if the querying sender is the current recipient.
  - 14. The method of claim 1 further comprising:
    - tracking a current recipient of the document from the routing list.
  - 15. The method of claim 14 further comprising:
    - receiving confirmation that the recipient has received the document; and
      
      updating the current recipient of the document to reflect the received confirmation.
  - 16. The method of claim 1 wherein the routing list includes rules.
  - 17. The method of claim 16 wherein the rules are encapsulated in forms.
  - 18. The method of claim 16 wherein the rules embody a business process.
  - 19. The method of claim 1 wherein the routing list includes conditional recipients.
  - 20. The method of claim 19 wherein the step of receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document comprises:
    - receiving a parameter from the sender, wherein the recipient depends on the parameter received.
  - 21. The method of claim 1 wherein the step of receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document comprises:
    - receiving a form containing rules for the routing list.
  - 22. The method of claim 1 wherein the step of receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document comprises:
    - receiving a routing parameter for the routing list.
  - 23. The method of claim 1 wherein the step of receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document comprises:
    - receiving the document together with the indication.
  - 24. The method of claim 23 further comprising:
    - delivering the document to the recipient.
  - 25. The method of claim 23 further comprising:
    - delivering the document in read-only mode to the recipient.
  - 26. The method of claim 23 further comprising:
    - encrypting the document using the message encryption key before delivering the document to the recipient.
  - 27. The method of claim 1 further comprising:
    - authenticating the sender using the sender'"'"'s public key;
      
      establishing a first secure connection with the sender; and
      
      receiving the document from the sender via the first secure connection.
  - 28. The method of claim 27 further comprising:
    - authenticating the recipient using the recipient'"'"'s public key;
      
      establishing a second secure connection with the recipient; and
      
      transmitting the document to the recipient via the second secure connection.

29. A computer program product for facilitating a secure delivery of a document from a sender to a next recipient on a routing list, the computer program product comprising program code adapted to perform the steps of:
- receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document;
  
  identifying a recipient from the next stage of the routing list;
  
  searching for a public key for the recipient and setting a search-dependent key for encrypting the document depending on the parameter of whether a recipient'"'"'s public key was found;
  
  wherein said key is set equal to a public key of the recipient when the recipient'"'"'s public key is found; and
  
  wherein said key is set equal to a generated escrow encryption key not equal to the recipient'"'"'s public key when the recipient'"'"'s public key cannot be located;
  
  encrypting the document using the search dependent key;
  
  if the search dependent key is equal to the generated escrow encryption key, performing the additional steps of assigning a new encryption key and a private encryption key to the recipient not equal to the generated escrow encryption key;
  
  unencrypting the escrow encryption key encrypted document using an escrow unencryption key; and
  
  re-encrypting the document using the new public encryption key;
  
  providing the encrypted document to the recipient.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
- - 30. The computer program product of claim 29 wherein said escrow unencryption key is not provided to the recipient.
  - 31. The computer program product of claim 29 wherein:
    - the routing list is identified by an email address; and
      
      the step of receiving an indication that a sender desires to deliver a document to a next stage on the routing list includes receiving the email address.
  - 32. The computer program product of claim 29 wherein:
    - the routing list is identified by an address at a domain name for routing lists; and
      
      the step of receiving an indication that a sender desires to deliver a document to a next stage on the routing list includes receiving the address.
  - 33. The computer program product of claim 29 wherein the step of receiving an indication that a sender desires to deliver a document to a next stage on the routing list comprises:
    - receiving a query from the sender for an identity of a recipient from the next stage of the routing list.
  - 34. The computer program product of claim 29 wherein the program code is further adapted to perform the step of:
    - tracking a current recipient of the document from the routing list.
  - 35. The computer program product of claim 29 wherein the routing list includes rules.
  - 36. The computer program product of claim 35 wherein the rules are encapsulated in forms.
  - 37. The computer program product of claim 35 wherein the rules embody a business process.
  - 38. The computer program product of claim 29 wherein the routing list includes conditional recipients.
  - 39. The computer program product of claim 38 wherein the step of receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document comprises:
    - receiving a parameter from the sender, wherein the recipient depends on the parameter received.
  - 40. The computer program product of claim 29 wherein the step of receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document comprises:
    - receiving the document together with the indication.
  - 41. The computer program product of claim 29 wherein the step of receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document comprises:
    - receiving a form containing rules for the routing list.
  - 42. The computer program product of claim 29 wherein the step of receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document comprises:
    - receiving a routing parameter for the routing list.
  - 43. The computer program product of claim 29 wherein the program code is further adapted to perform the steps of:
    - authenticating the sender using the sender'"'"'s public key;
      
      establishing a first secure connection with the sender; and
      
      receiving the document from the sender via the first secure connection.
  - 44. The computer program product of claim 43 wherein the program code is further adapted to perform the steps of:
    - authenticating the recipient using the recipient'"'"'s public key;
      
      establishing a second secure connection with the recipient;
      
      and transmitting the document to the recipient via the second secure connection.

45. An operations center for facilitating a secure delivery of a document from a sender to a next recipient on a routing list, the operations center comprising:
- means for receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document;
  
  means for identifying a recipient from the next stage of the routing list; and
  
  means for generating an escrow encryption key;
  
  means for searching for a public key for the recipient, and if found, for encrypting the document using the recipient'"'"'s public encryption key, wherein the recipient'"'"'s public key is not equal to said escrow encryption key;
  
  means for encrypting the document using the escrow encryption key if the means for searching does not return a public encryption key for the recipient;
  
  for requesting the recipient'"'"'s public key from the recipient;
  
  for storing said document in escrow until receipt of the recipient'"'"'s public key;
  
  for unencrypting the document using an escrow decryption key; and
  
  for re-encrypting the document using the recipient'"'"'s encryption key prior to sending the document to the recipient, andmeans for providing the recipient'"'"'s encryption key encrypted document to the recipient.
- View Dependent Claims (46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57)
- - 46. The operations center of claim 45 further comprising:
    - means for sending the escrow encryption key to the sender.
  - 47. The operations center of claim 45 wherein:
    - the routing list is identified by an email address; and
      
      the means for receiving an indication that a sender desires to deliver a document to a next stage on the routing list includes means for receiving the email address.
  - 48. The operations center of claim 45 wherein:
    - the routing list is identified by an address at a domain name for routing lists; and
      
      the means for receiving an indication that a sender desires to deliver a document to a next stage on the routing list includes means for receiving the address.
  - 49. The operations center of claim 45 wherein the means for receiving an indication that a sender desires to deliver a document to a next stage on the routing list comprises:
    - means for receiving a query from the sender for an identity of a recipient from the next stage of the routing list.
  - 50. The operations center of claim 45 further comprising:
    - means for tracking a current recipient of the document from the routing list.
  - 51. The operations center of claim 45 wherein the routing list includes rules.
  - 52. The operations center of claim 45 wherein the routing list includes conditional recipients.
  - 53. The operations center of claim 45 wherein the means for receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document comprises:
    - means for receiving the document together with the indication.
  - 54. The operations center of claim 45 wherein the means for receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document comprises:
    - means for receiving a form containing rules for the routing list.
  - 55. The operations center of claim 45 wherein the means for receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document comprises:
    - means for receiving a routing parameter for the routing list.
  - 56. The operations center of claim 45 further comprising:
    - means for authenticating the sender using the sender'"'"'s public key;
      
      means for establishing a first secure connection with the sender; and
      
      means for receiving the document from the sender via the first secure connection.
  - 57. The operations center of claim 56 further comprising:
    - means for authenticating the recipient using the recipient'"'"'s public key;
      
      means for establishing a second secure connection with the recipient; and
      
      means for transmitting the document to the recipient via the second secure connection.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Perimeter Internetworking Corporation (BAE Systems Plc)
Original Assignee
Message Secure Corp. (BAE Systems Plc)
Inventors
Toh, Eng-Whatt, Teo, Kok-Hoon
Primary Examiner(s)
Sheikh; Ayaz
Assistant Examiner(s)
CHEN, SHIN HON

Application Number

US10/004,019
Publication Number

US 20020129238A1
Time in Patent Office

2,112 Days
Field of Search

703/156, 709/206, 380/30, 713/168, 713/178
US Class Current

713/156
CPC Class Codes

G06F 21/64   Protecting data integrity, ...

G06F 2221/2141   Access rights, e.g. capabil...

G06F 2221/2151   Time stamp

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 51/00   User-to-user messaging in p...

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0823   using certificates cryptogr...

H04L 63/0869   for achieving mutual authen...

H04L 63/12   Applying verification of th...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/3247   involving digital signatures

H04L 9/50   using hash chains, e.g. blo...

Secure and reliable document delivery using routing lists

First Claim

6 Assignments

Litigations

0 Petitions

Accused Products

Abstract

127 Citations

57 Claims

Specification

Solutions

Use Cases

Quick Links

Secure and reliable document delivery using routing lists

First Claim

6 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

127 Citations

57 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links