Selective encryption of electronic messages and data

US 7,469,340 B2
Filed: 03/20/2003
Issued: 12/23/2008
Est. Priority Date: 08/07/2002
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

requesting a server, by a client, to securely store a first portion of a message on the server, the message comprising at least the first portion and a second portion;

receiving by the client, from the server, a message-specific token associated with accessing the first portion of the message, the message-specific token being generated by the server and comprising one or more encryption keys used by the server to encrypt the first portion of the message prior to storing the first portion of the message;

combining by the client, a second portion of the message with the message-specific token to form a partially secured copy of the message, and inserting one or more markup language based form elements within a body portion of the partially secured copy of the message to solicit responsive pre-delivery information input from a recipient of the partially secured copy of the message to facilitate determining whether or not the first portion of the message will be delivered to the recipient of the partially secured copy of the message; and

transmitting the partially secured copy of the message to a recipient, wherein the first portion of the message is subsequently delivered to the recipient by the server, on presentation of the message-specific token to the server, and wherein the message-specific token is conditionally presented to the server based at least in part on the recipient'"'"'s response to the solicitation by the markup language based form elements.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system includes a server to store a first portion of a message, and a client to store a complementary second portion of the message. The first portion of the message is encrypted and a message specific token comprising one or more encryption keys used to encrypt the first portion of the message is generated. The second portion of the message stored on the client is subsequently combined with the message-specific token to form a partially secured message at the client. Furthermore, the partially secured message including the message-specific token is delivered from the client to a recipient to facilitate access to both the first and second portions of the message by the recipient.

Citations

43 Claims

1. A method comprising:
- requesting a server, by a client, to securely store a first portion of a message on the server, the message comprising at least the first portion and a second portion;
  
  receiving by the client, from the server, a message-specific token associated with accessing the first portion of the message, the message-specific token being generated by the server and comprising one or more encryption keys used by the server to encrypt the first portion of the message prior to storing the first portion of the message;
  
  combining by the client, a second portion of the message with the message-specific token to form a partially secured copy of the message, and inserting one or more markup language based form elements within a body portion of the partially secured copy of the message to solicit responsive pre-delivery information input from a recipient of the partially secured copy of the message to facilitate determining whether or not the first portion of the message will be delivered to the recipient of the partially secured copy of the message; and
  
  transmitting the partially secured copy of the message to a recipient, wherein the first portion of the message is subsequently delivered to the recipient by the server, on presentation of the message-specific token to the server, and wherein the message-specific token is conditionally presented to the server based at least in part on the recipient'"'"'s response to the solicitation by the markup language based form elements.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the first portion of the message is identified via a graphical user interface.
  - 3. The method of claim 1, wherein the first portion of the message is dynamically generated based at least in part upon one or more characteristics of the message.
  - 4. The method of claim 1, wherein at least one of the first portion of the message and the second portion of the message comprises an email attachment.
  - 5. The method of claim 1, further comprising:
    - generating a split encryption key based at least in part upon a randomized seed value, the split encryption key having at least a first key portion and a second key portion; and
      
      utilizing the split encryption key to encrypt the first portion of the email message on the server, wherein the message-specific token comprises the first key portion.
  - 6. The method of claim 5, further comprising:
    - generating a unique message identifier associated with the message and based at least in part upon the randomized seed value;
      
      generating a recipient-individualized identifier based at least in part upon the randomized seed value;
      
      associating the message identifier with the recipient-individualized identifier;
      
      generating an obfuscated combination of the first key portion and the recipient individualized identifier; and
      
      discarding the randomized seed value and the first key portion from the server.
  - 7. The method of claim 6, further comprising:
    - providing the message-specific token to the client.
  - 8. The method of claim 6, wherein the split encryption key comprises a bifurcated encryption key.
  - 9. The method of claim 1, wherein the secure storing by the server is opaque and wherein the one or more encryption keys included in the message-specific token are not retained by the server to effectuate the opaque secure storing.
  - 10. The method of claim 1, wherein the one or more encryption keys in the message-specific token comprise part but not all of the key or keys used by the server to encrypt the first portion of the message.

11. A method comprising:
- a server securely storing a first portion of a message, the message comprising at least the first portion and a second portion;
  
  the server generating a token associated with accessing the first portion of the message, the token including one or more encryption keys used to encrypt the first portion of the message;
  
  the server combining the token with the second portion of the message and a message notification to form an integrated message notification, wherein the message notification solicits responsive pre-delivery information input from a recipient to determine whether or not the first portion of the message will be delivered to the recipient; and
  
  the server providing the integrated message notification to a sending client to facilitate the sending client in sending the integrated message notification to one or more recipients to facilitate recipient access to the first portion of the message, wherein access is granted based at least in part on the responsive pre-delivery information input from the recipient.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The method of claim 11, wherein the message is received from the sending client and stored by the server.
  - 13. The method of claim 11, wherein the message notification is generated by the server.
  - 14. The method of claim 13, wherein the message notification is dynamically generated by the server based upon one or more characteristics of the message.
  - 15. The method of claim 11, wherein the message notification is selected by the sending client from amongst a plurality of predefined message notifications.
  - 16. The method of claim 11, further comprising:
    - generating a split encryption key based at least in part upon a randomized seed value, the split encryption key having at least a first key portion and a second key portion; and
      
      utilizing the split encryption key to encrypt the message on the server, wherein the token includes at least the first key portion of the split encryption key.
  - 17. The method of claim 16, further comprising:
    - generating a unique message associated with the message and based at least in part upon the randomized seed value;
      
      generating a recipient-individualized identifier based at least in part upon the randomized seed value;
      
      associating the message identifier with the recipient-individualized identifier;
      
      generating an obfuscated combination of the first key portion and the recipient individualized identifier; and
      
      discarding the randomized seed value and the first key portion from the server after the integrated message notification is provided to the sending client.
  - 18. The method of claim 11, wherein the integrated message notification comprises recipient input form elements to solicit pre-delivery information from a first of the one or more recipients.
  - 19. The method of claim 18, further comprising:
    - the server receiving pre-delivery information from the first recipient as solicited by the message notification;
      
      the server dynamically generating at least a portion of the content of the message to be delivered to the first recipient based at least in part upon the pre-delivery information received from the first recipient; and
      
      the server delivering the message to the first recipient.

20. A method comprising:
- a server securely storing a first portion of a message, the message comprising at least the first portion and a second portion;
  
  the server generating a token associated with accessing the first portion of the message, the token including one or more encryption keys used to encrypt the first portion of the message;
  
  the server transmitting the token and the second portion of the message to a sending client;
  
  the sending client combining the token with the second portion of the message and a message notification to form an integrated message notification, wherein the message notification solicits responsive pre-delivery information input from a recipient to determine whether or not the first portion of the message will be delivered to the recipient; and
  
  the sending client delivering the integrated message notification to one or more recipients to facilitate recipient access to the first portion of the message, wherein access is granted based at least in part on the responsive pre-delivery information input from the recipient.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27)
- - 21. The method of claim 20, wherein the message is received from the sending client and stored by the server.
  - 22. The method of claim 20, wherein at least part of the message notification is generated by the server.
  - 23. The method of claim 22, wherein the message notification is selected by the sending client from amongst a plurality of predefined message notifications.
  - 24. The method of claim 20, further comprising:
    - generating a split encryption key based at least in part upon a randomized seed value, the split encryption key having at least a first key portion and a second key portion; and
      
      utilizing the split encryption key to encrypt the message on the server, wherein the token includes at least the first key portion of the split encryption key.
  - 25. The method of claim 24, further comprising:
    - generating a unique message identifier associated with the message and based at least in part upon the randomized seed value;
      
      generating a recipient-individualized identifier based at least in part upon the randomized seed value;
      
      associating the message identifier with the recipient-individualized identifier;
      
      generating an obfuscated combination of the first key portion and the recipient individualized identifier; and
      
      discarding the randomized seed value and the first key portion from the server after the token is transmitted to the sending client.
  - 26. The method of claim 20, wherein the integrated message notification comprises recipient input form elements to solicit pre-delivery information from a first of the one or more recipients.
  - 27. The method of claim 26, further comprising:
    - the server receiving pre-delivery information from the first recipient as solicited by the message notification;
      
      the server dynamically generating at least a portion of the content of the message to be delivered to the first recipient based at least in part upon the pre-delivery information received from the first recipient; and
      
      the server delivering the message to the first recipient.

28. In a server, a method comprising:
- receiving a request from a sending client identifying a message, the message comprising at least a first portion and a second portion;
  
  in response to the request, securely storing the first portion of the message;
  
  generating a token associated with accessing the first portion of the message, the token including one or more encryption keys used to encrypt the first portion of the message;
  
  combining the token with the second portion of the message and a message notification to form an integrated message notification, wherein the message notification solicits responsive pre-delivery information input from a recipient to determine whether or not the first portion of the message will be delivered to the recipient; and
  
  returning the integrated message notification to the sending client to be forwarded by the sending client to one or more recipients to facilitate recipient access to the first portion of the message, wherein access is granted based at least in part on the responsive pre-delivery information input from the recipient.
- View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36)
- - 29. The method of claim 28, wherein the message is received from the sending client and stored by the server.
  - 30. The method of claim 28, wherein the message notification is generated by the server.
  - 31. The method of claim 30, wherein the message notification is dynamically generated by the server based upon one or more characteristics of the message.
  - 32. The method of claim 28, wherein the message notification is selected by the sending client from amongst a plurality of predefined message notifications.
  - 33. The method of claim 28, further comprising:
    - generating a split encryption key based at least in part upon a randomized seed value, the split encryption key having at least a first key portion and a second key portion; and
      
      utilizing the split encryption key to encrypt the message on the server, wherein the token includes at least the first key portion of the split encryption key.
  - 34. The method of claim 33, further comprising:
    - generating a unique message identifier associated with the message and based at least in part upon the randomized seed value;
      
      generating a recipient-individualized identifier based at least in part upon the randomized seed value;
      
      associating the message identifier with the recipient-individualized identifier;
      
      generating an obfuscated combination of the first key portion and the recipient individualized identifier; and
      
      discarding the randomized seed value and the first key portion from the server after the integrated message notification is transmitted to the sending client.
  - 35. The method of claim 28, wherein the integrated message notification comprises recipient input form elements to solicit pre-delivery information from a first of the one or more recipients.
  - 36. The method of claim 35, further comprising:
    - receiving pre-delivery information from the first recipient as solicited by the message notification;
      
      dynamically generating at least a portion of the content of the message to be delivered to the first recipient based at least in part upon the pre-delivery information received from the first recipient; and
      
      delivering the message to the first recipient.

37. An apparatus comprising:
- a storage medium having stored therein programming instructions designed to enable the apparatus toreceive a request from a sending client identifying a message, the message comprising at least a first portion and a second portion;
  
  in response to the request, securely store the first portion of the message;
  
  generate a token associated with accessing the first portion of the message, the token including one or more encryption keys used to encrypt the first portion of the message;
  
  combine the token with the second portion of the message and a message notification to form an integrated message notification, wherein the message notification solicits responsive pre-delivery information input from a recipient to determine whether or not the first portion of the message will be delivered to the recipient; and
  
  return the integrated message notification to the sending client to be forwarded by the sending client to one or more recipients to facilitate recipient access to the first portion of the message, wherein access is granted based at least in part on the responsive pre-delivery information input from the recipient.
- View Dependent Claims (38, 39, 40, 41, 42, 43)
- - 38. The apparatus of claim 37, wherein the programming instructions are further designed to enable the apparatus to generate the message notification.
  - 39. The apparatus of claim 38, wherein the programming instructions are further designed to enable the apparatus to dynamically generate the message notification based upon one or more characteristics of the message.
  - 40. The apparatus of claim 37, wherein the programming instructions are further designed to enable the apparatus togenerate a split encryption key based at least in part upon a randomized seed value, the split encryption key having at least a first key portion and a second key portion;
    - andutilize the split encryption key to encrypt the message on the server, wherein the token includes at least the first key portion of the split encryption key.
  - 41. The apparatus of claim 40, wherein the programming instructions are further designed to enable the apparatus togenerate a unique message identifier associated with the message and based at least in part upon the randomized seed value;
    - generate a recipient-individualized identifier based at least in part upon the randomized seed value;
      
      associate the message identifier with the recipient-individualized identifier;
      
      generate an obfuscated combination of the first key portion and the recipient individualized identifier; and
      
      discarding the randomized seed value and the first key portion from the server after the integrated message notification is transmitted to the sending client.
  - 42. The apparatus of claim 37, wherein the integrated message notification comprises recipient input form elements to solicit pre-delivery information from a first of the one or more recipients.
  - 43. The apparatus of claim 42, wherein the programming instructions are further designed to enable the apparatus toreceive pre-delivery information from the first recipient as solicited by the message notification;
    - dynamically generate at least a portion of the content of the message to be delivered to the first recipient based at least in part upon the pre-delivery information received from the first recipient; and
      
      deliver the message to the first recipient.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Surescripts, LLC (SureScripts-RxHub LLC)
Original Assignee
Enli Health Intelligence Corp. (Cedar Gate Partners Holdings LLC)
Inventors
Karamchedu, Murali M., Sponaugle, Jeffrey B., Machuca, Luis Fernando
Primary Examiner(s)
Revak; Christopher A

Application Number

US10/394,410
Publication Number

US 20040030893A1
Time in Patent Office

2,105 Days
Field of Search

None
US Class Current

713/172
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06F 2221/2107   File encryption

G06Q 10/107   Computer-aided management o...

H04L 51/224   providing notification on i...

H04L 9/083   involving central third par...

H04L 9/0869   involving random numbers or...

Selective encryption of electronic messages and data

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

43 Claims

Specification

Solutions

Use Cases

Quick Links

Selective encryption of electronic messages and data

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

43 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links