Method and system for linking certificates to signed files

US 7,644,280 B2
Filed: 03/02/2005
Issued: 01/05/2010
Est. Priority Date: 04/08/2004
Status: Active Grant

First Claim

Patent Images

1. A method for processing a file having an existing filename, said method comprising:

a sender sending a request to a certification authority (CA) for a digital certificate;

after said sending, said sender receiving from the certification authority (CA) who issued the digital certificate;

a private key and a certificate address from which the digital certificate may be accessed, said private key being associated with the digital certificate;

said sender generating a digital signature based on the file and the received private key, said digital certificate comprising a public key associated with the private key such that the generated digital signature can be verified through use of the public key;

said sender signing the file with the generated digital signature;

said sender encoding the received certificate address, said encoding generating an encoded address;

said sender merging the existing filename and the encoded address to generate a new filename; and

said sender renaming the file with the new filename.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for processing a file having an existing filename. A private key associated with a digital certificate and a certificate address from which the digital certificate may be accessed are received from a certification authority (CA) who issued the digital certificate. A digital signature is generated based on the file and the received private key. The digital certificate includes a public key associated with the private key such that the generated digital signature can be verified through use of the public key. The file is signed with the generated digital signature The received certificate address is encoded to generate an encoded address. The existing filename and the encoded address are merged to generate a new filename. The file is renamed with the new filename. The renamed file may be authenticated by verifying the digital signature via execution of an authentication algorithm in conjunction with the public key.

26 Citations

View as Search Results

18 Claims

1. A method for processing a file having an existing filename, said method comprising:
- a sender sending a request to a certification authority (CA) for a digital certificate;
  
  after said sending, said sender receiving from the certification authority (CA) who issued the digital certificate;
  
  a private key and a certificate address from which the digital certificate may be accessed, said private key being associated with the digital certificate;
  
  said sender generating a digital signature based on the file and the received private key, said digital certificate comprising a public key associated with the private key such that the generated digital signature can be verified through use of the public key;
  
  said sender signing the file with the generated digital signature;
  
  said sender encoding the received certificate address, said encoding generating an encoded address;
  
  said sender merging the existing filename and the encoded address to generate a new filename; and
  
  said sender renaming the file with the new filename.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein said encoding comprises replacing predetermined characters in the address with associated replacement characters, and wherein the predetermined characters are forbidden by the file system from being used in the new filename.
  - 3. The method of claim 1, wherein the encoded address is denoted as A, wherein the existing filename is structured as F.E such that F and E respectively represent a first and second sequence of characters, and wherein the new filename is structured as F(A).E.
  - 4. The method of claim 1, wherein the file comprises a document, wherein said signing the file comprises appending the generated digital signature to the file such that the generated digital signature is disposed between a beginning tag and an ending tag at the beginning of the file before the document.
  - 5. The method of claim 1, wherein the method further comprises sending the renamed file from the owner of the digital certificate to a user.
  - 6. The method of claim 1, wherein the certificate address is an address of a server of the certification authority such that the digital certificate is stored in the server.
  - 7. A computer readable medium comprising instructions therein, wherein the instructions are adapted to perform the method of claim 1.
  - 8. A system comprising:
    - a computer readable medium comprising instructions therein, wherein the instructions are adapted to perform the method of claim 1; and
      
      means for executing said instructions to perform the method of claim 1.
  - 9. The method of claim 1, wherein said receiving consists of said sender receiving the private key and the certificate address.

10. A method for authenticating a file having a filename that comprises an encoded address, said file comprising a digital signature that was generated based on the file and a private key, said method comprising:
- extracting the encoded address from the filename;
  
  decoding the extracted encoded address to generate a certificate address from which a digital certificate may be accessed, said digital certificate comprising a public key associated with the private key, said digital signature being verifiable through use of the public key;
  
  accessing the digital certificate from the generated certificate address,extracting the public key from the accessed digital certificate; and
  
  verifying the digital signature by executing an authentication algorithm in conjunction with the extracted public key.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method of claim 10, wherein the digital certificate indicates the owner of the digital certificate, and wherein the method further comprises checking the accessed digital certificate to determine the owner of the digital certificate.
  - 12. The method of claim 10, wherein the certificate address is an address of a server of certification authority (CA) who issued the digital certificate.
  - 13. The method of claim 10, wherein the filename is structured as F(A).E, wherein A denotes the encoded address, and wherein F and E respectively represent a first and second sequence of characters.
  - 14. The method of claim 10, wherein the file comprises a document, and wherein the digital signature is disposed between a beginning tag and an ending tag at the beginning of the file before the document.
  - 15. The method of claim 10, wherein the method further comprises:
    - prior to said extracting, receiving the file from the owner of the digital certificate.
  - 16. The method of claim 10, wherein the digital certificate identifies the authentication algorithm.
  - 17. A computer readable medium comprising instructions therein, wherein the instructions are adapted to perform the method of claim 10.
  - 18. A system comprising:
    - a computer readable medium comprising instructions therein, wherein the instructions are adapted to perform the method of claim 10; and
      
      means for executing said instructions to perform the method of claim 10.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kyndryl Incorporated
Original Assignee
International Business Machines Corporation
Inventors
Carro, Fernando Incertis
Primary Examiner(s)
Zia; Syed A.
Assistant Examiner(s)
Su; Sarah

Application Number

US10/596,244
Publication Number

US 20070168657A1
Time in Patent Office

1,770 Days
Field of Search

713/176, 713/160, 713/161, 713/155, 713/156, 713/168
US Class Current

713/176
CPC Class Codes

G06F 21/645 using a third party

Method and system for linking certificates to signed files

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

26 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for linking certificates to signed files

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links