Verifiable chain of transfer for digital documents
First Claim
1. A computer program product, tangibly stored on a computer-readable medium, comprising instructions to cause a programmable processor to:
- generate a first entity certificate associated with a digital document;
encrypt the first entity certificate with a private key of a first entity;
select at least one entity from at least two entities for direct transmittal of the encrypted first entity certificate;
transmit the encrypted first entity certificate directly to a second entity;
receive a second entity certificate at the first entity, the second entity certificate including the encrypted first entity certificate and being encrypted with a private key of the second entity;
add the second entity to a chain of transfer of the digital document;
generate a transfer certificate from the second entity certificate;
encrypt the transfer certificate with the private key of the first entity; and
transmit the transfer certificate to the second entity,wherein the first entity certificate includes a unique identifier identifying the digital document.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus, including computer systems and program products, related to techniques for creating a chain of transfer for a digital document in which every transferor and transferee participates in the transfer. A first entity, e.g., an offeror with current control of the document, generates an offeror certificate associated with the digital document, and encrypts the offeror certificate with the offeror'"'"'s private key. The offeror transmits the encrypted offeror certificate to a second entity, e.g., an offeree that will be the subsequent controller of the document. The offeree generates an offeree certificate from the offeror certificate, encrypts the offeree certificate with the offeree'"'"'s private key, and transmits the encrypted offeree certificate to the offeror. When the offeror receives the offeree certificate, the offeror adds the offeree to a chain of transfer for the document and generates a transfer certificate for the offeree.
55 Citations
62 Claims
-
1. A computer program product, tangibly stored on a computer-readable medium, comprising instructions to cause a programmable processor to:
-
generate a first entity certificate associated with a digital document; encrypt the first entity certificate with a private key of a first entity; select at least one entity from at least two entities for direct transmittal of the encrypted first entity certificate; transmit the encrypted first entity certificate directly to a second entity; receive a second entity certificate at the first entity, the second entity certificate including the encrypted first entity certificate and being encrypted with a private key of the second entity; add the second entity to a chain of transfer of the digital document; generate a transfer certificate from the second entity certificate; encrypt the transfer certificate with the private key of the first entity; and transmit the transfer certificate to the second entity, wherein the first entity certificate includes a unique identifier identifying the digital document. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer program product, tangibly stored on a computer-readable medium, comprising instructions to cause a programmable processor at a second computer to:
-
receive from a first computer a first entity certificate at a second entity at the second computer that is associated with a digital document from a first entity, the first entity certificate identifying a chain of transfer of the digital document, wherein if the chain of transfer includes a first preceding entity in the chain of transfer that immediately preceded the first entity and a second preceding entity that immediately preceded the first preceding entity, the first and second preceding entities and the first and second entities are all different entities from each other; generate at the second computer a second entity certificate from the first entity certificate; encrypt at the second computer the second entity certificate with a private key of the second entity; transmit the encrypted second entity certificate from the second computer to the first entity at the first computer; and receive from the first computer a transfer certificate from the first entity, the transfer certificate adding the second entity to the chain of transfer, wherein the first entity certificate includes a unique identifier identifying the digital document. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A system comprising:
-
a first computer including a first programmable processor and a first computer program product, tangibly stored on a computer-readable medium, comprising instructions to cause the first programmable processor to; generate a first entity certificate associated with a digital document, encrypt the first entity certificate with a private key of a first entity, select at least one entity from at least two entities for direct transmittal of the encrypted first entity certificate, transmit the encrypted first entity certificate directly to a second entity at a second computer; receive a second entity certificate, the second entity certificate including the encrypted first entity certificate and being encrypted with a private key of the second entity; add the second entity to a chain of transfer of the digital document, generate a transfer certificate from the second entity certificate, encrypt the transfer certificate with the private key of the first entity, and transmit the transfer certificate to the second computer; and the second computer, including a second programmable processor and a second computer program product, tangibly stored on a computer-readable medium, comprising instructions to cause the second programmable processor to; receive the first entity certificate from the first computer, generate the second entity certificate from the first entity certificate, encrypt the second entity certificate with the private key of the second entity, transmit the encrypted second entity certificate to the first computer, and receive the transfer certificate from the first computer, wherein the first entity certificate includes a unique identifier identifying the digital document.
-
-
22. A system comprising:
-
means for generating a first entity certificate associated with a digital document; means for encrypting the first entity certificate with a private key of a first entity; means for selecting at least one entity from at least two entities for direct transmittal of the encrypted first entity certificate; means for transmitting the encrypted first entity certificate directly to a second entity; means for receiving a second entity certificate at the first entity, the second entity certificate including the encrypted first entity certificate and being encrypted with a private key of the second entity; means for adding the second entity to a chain of transfer of the digital document; means for generating a transfer certificate from the second entity certificate; means for encrypting the transfer certificate with the private key of the first entity; and means for transmitting the transfer certificate to the second entity, wherein the first entity certificate includes a unique identifier identifying the digital document. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A system comprising:
-
means for receiving a first entity certificate at a second entity that is associated with a digital document from a first entity, the first entity certificate identifying a chain of transfer of the digital document, wherein if the chain of transfer includes another entity in the chain of transfer that immediately preceded the first entity, the other entity in the chain differs from the second entity; means for generating a second entity certificate from the first entity certificate; means for encrypting the second entity certificate with a private key of the second entity; means for transmitting the encrypted second entity certificate to the first entity; and means for receiving a transfer certificate from the first entity, the transfer certificate adding the second entity to the chain of transfer, wherein the first entity certificate includes a unique identifier identifying the digital document. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41)
-
-
42. A method implemented in a computer program application, the method comprising:
-
with a first computer, generating a first entity certificate associated with a digital document; encrypting the first entity certificate with a private key of a first entity; selecting at least one entity from at least two entities for direct transmittal of the encrypted another second entity certificate; transmitting the encrypted first entity certificate directly to a second entity at a second computer; receiving a second entity certificate from the second computer, the second entity certificate including the encrypted first entity certificate and being encrypted with a private key of the second entity; adding the second entity to a chain of transfer of the digital document; generating a transfer certificate from the second entity certificate; encrypting the transfer certificate with the private key of the first entity; and
transmitting the transfer certificate to the second entity,wherein the first entity certificate includes a unique identifier identifying the digital document. - View Dependent Claims (43, 44, 45, 46, 47, 48, 49, 50, 51, 52)
-
-
53. A method implemented in a computer program application, the method comprising:
-
receiving from a first computer a first entity certificate at a second entity at a second computer that is associated with a digital document from a first entity, the first entity certificate identifying a chain of transfer of the digital document, wherein if the chain of transfer includes another entity in the chain of transfer that immediately preceded the first entity, the other entity in the chain differs from the second entity; generating at the second computer a second entity certificate from the first entity certificate; encrypting at the second computer the second entity certificate with a private key of the second entity; transmitting the encrypted second entity certificate from the second computer to the first entity at the first computer; and receiving from the first computer a transfer certificate from the first entity, the transfer certificate adding the second entity to the chain of transfer, wherein the first entity certificate includes a unique identifier identifying the digital document. - View Dependent Claims (54, 55, 56, 57, 58, 59, 60, 61)
-
-
62. A method comprising:
-
with a first computer, generating a first entity certificate associated with a digital document, encrypting the first entity certificate with a private key of a first entity, selecting at least one entity from at least two entities for direct transmittal of the encrypted first entity certificate; transmitting the encrypted first entity certificate directly to a second entity at a second computer, receiving a second entity certificate, the second entity certificate including the encrypted first entity certificate and being encrypted with a private key of the second entity; adding the second entity to a chain of transfer of the digital document, generating a transfer certificate from the second entity certificate, encrypting the transfer certificate with the private key of the first entity, and transmitting the transfer certificate to the second computer; and
with a second computer,receiving the first entity certificate from the first computer, generating the second entity certificate from the first entity certificate, encrypting the second entity certificate with the private key of the second entity, transmitting the encrypted second entity certificate to the first computer, and receiving the transfer certificate from the first computers wherein the first entity certificate includes a unique identifier identifying the digital document.
-
Specification