Verifiable chain of transfer for digital documents

US 7,660,981 B1
Filed: 11/30/2004
Issued: 02/09/2010
Est. Priority Date: 11/30/2004
Status: Active Grant

First Claim

Patent Images

1. A computer program product, tangibly stored on a computer-readable medium, comprising instructions to cause a programmable processor to:

generate a first entity certificate associated with a digital document;

encrypt the first entity certificate with a private key of a first entity;

select at least one entity from at least two entities for direct transmittal of the encrypted first entity certificate;

transmit the encrypted first entity certificate directly to a second entity;

receive a second entity certificate at the first entity, the second entity certificate including the encrypted first entity certificate and being encrypted with a private key of the second entity;

add the second entity to a chain of transfer of the digital document;

generate a transfer certificate from the second entity certificate;

encrypt the transfer certificate with the private key of the first entity; and

transmit the transfer certificate to the second entity,wherein the first entity certificate includes a unique identifier identifying the digital document.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and apparatus, including computer systems and program products, related to techniques for creating a chain of transfer for a digital document in which every transferor and transferee participates in the transfer. A first entity, e.g., an offeror with current control of the document, generates an offeror certificate associated with the digital document, and encrypts the offeror certificate with the offeror'"'"'s private key. The offeror transmits the encrypted offeror certificate to a second entity, e.g., an offeree that will be the subsequent controller of the document. The offeree generates an offeree certificate from the offeror certificate, encrypts the offeree certificate with the offeree'"'"'s private key, and transmits the encrypted offeree certificate to the offeror. When the offeror receives the offeree certificate, the offeror adds the offeree to a chain of transfer for the document and generates a transfer certificate for the offeree.

55 Citations

View as Search Results

62 Claims

1. A computer program product, tangibly stored on a computer-readable medium, comprising instructions to cause a programmable processor to:
- generate a first entity certificate associated with a digital document;
  
  encrypt the first entity certificate with a private key of a first entity;
  
  select at least one entity from at least two entities for direct transmittal of the encrypted first entity certificate;
  
  transmit the encrypted first entity certificate directly to a second entity;
  
  receive a second entity certificate at the first entity, the second entity certificate including the encrypted first entity certificate and being encrypted with a private key of the second entity;
  
  add the second entity to a chain of transfer of the digital document;
  
  generate a transfer certificate from the second entity certificate;
  
  encrypt the transfer certificate with the private key of the first entity; and
  
  transmit the transfer certificate to the second entity,wherein the first entity certificate includes a unique identifier identifying the digital document.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The computer program product of claim 1, wherein the first entity certificate identifies the chain of transfer to which the second entity is added.
  - 3. The computer program product of claim 1, wherein the instructions to add the second entity to the chain of transfer comprise instructions to include the encrypted second entity certificate in the transfer certificate, thereby making the transfer certificate verifiable with a public key associated with the private key of the first entity and a public key associated with a public key associated with the private key of the second entity.
  - 4. The computer program product of claim 1, wherein the chain of transfer identifies each of one or more previous controllers of the digital document.
  - 5. The computer program product of claim 4, wherein the first entity certificate includes information encrypted with the private key of each of the one or more previous controllers of the document.
  - 6. The computer program product of claim 5, wherein the chain of transfer is verifiable with public keys associated with the private keys of the first entity and each of the one or more previous controllers of the digital document.
  - 7. The computer program product of claim 1, wherein the unique identifier comprises an electronic tag.
  - 8. The computer program product of claim 7, wherein the unique identifier comprises a hash of the digital document.
  - 9. The computer program product of claim 1, wherein the first entity certificate includes conditions of an offer for transference of control of the digital document.
  - 10. The computer program product of claim 1, wherein the first entity certificate includes a previous transfer certificate encrypted with a private key of a previous controller of the document.
  - 11. The computer program product of claim 10, wherein the previous transfer certificate includes a previously approved offer encrypted with the private key of the first entity.

12. A computer program product, tangibly stored on a computer-readable medium, comprising instructions to cause a programmable processor at a second computer to:
- receive from a first computer a first entity certificate at a second entity at the second computer that is associated with a digital document from a first entity, the first entity certificate identifying a chain of transfer of the digital document, wherein if the chain of transfer includes a first preceding entity in the chain of transfer that immediately preceded the first entity and a second preceding entity that immediately preceded the first preceding entity, the first and second preceding entities and the first and second entities are all different entities from each other;
  
  generate at the second computer a second entity certificate from the first entity certificate;
  
  encrypt at the second computer the second entity certificate with a private key of the second entity;
  
  transmit the encrypted second entity certificate from the second computer to the first entity at the first computer; and
  
  receive from the first computer a transfer certificate from the first entity, the transfer certificate adding the second entity to the chain of transfer,wherein the first entity certificate includes a unique identifier identifying the digital document.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The computer program product of claim 12, wherein the transfer certificate is encrypted with a private key of the first entity, thereby making the transfer certificate verifiable with a public key associated with the private key of the first entity and a public key associated with a public key associated with the private key of the second entity.
  - 14. The computer program product of claim 12, wherein the chain of transfer identifies each of one or more previous controllers of the digital document.
  - 15. The computer program product of claim 14 wherein the first entity certificate is encrypted with the private key of the first entity and includes information encrypted with the private key of each of the one or more previous controllers of the document.
  - 16. The computer program product of claim 15, wherein the chain of transfer is verifiable with public keys associated with the private keys of the first entity and each of the one or more previous controllers of the digital document.
  - 17. The computer program product of claim 12, wherein the unique identifier comprises an electronic tag.
  - 18. The computer program product of claim 17, wherein the unique identifier comprises a hash of the digital document.
  - 19. The computer program product of claim 12, wherein the first entity certificate includes conditions of an offer for transference of control of the digital document.
  - 20. The computer program product of claim 12, further comprising instructions to cause the programmable processor at the second computer to:
    - generate at the second computer another second entity certificate associated with the digital document, said another second entity certificate identifying the chain of transfer of the digital document;
      
      encrypt at the second computer said another second entity certificate with the private key of the second entity;
      
      select at the second computer at least one entity from at least two entities for direct transmittal of the encrypted another second entity certificate;
      
      transmit from the second computer said encrypted another second entity certificate directly to a third entity at a third computer;
      
      receive from the third computer a third entity certificate, the third entity certificate including the encrypted said another second entity certificate and being encrypted with a private key of the third entity;
      
      add at the second computer the third entity to the chain of transfer;
      
      generate at the second computer a second transfer certificate from the third entity certificate;
      
      encrypt at the second computer the second transfer certificate with the private key of the second entity; and
      
      transfer from the second computer the second transfer certificate to the third entity at the third computer.

21. A system comprising:
- a first computer including a first programmable processor and a first computer program product, tangibly stored on a computer-readable medium, comprising instructions to cause the first programmable processor to;
  
  generate a first entity certificate associated with a digital document,encrypt the first entity certificate with a private key of a first entity,select at least one entity from at least two entities for direct transmittal of the encrypted first entity certificate,transmit the encrypted first entity certificate directly to a second entity at a second computer;
  
  receive a second entity certificate, the second entity certificate including the encrypted first entity certificate and being encrypted with a private key of the second entity;
  
  add the second entity to a chain of transfer of the digital document,generate a transfer certificate from the second entity certificate,encrypt the transfer certificate with the private key of the first entity, andtransmit the transfer certificate to the second computer; and
  
  the second computer, including a second programmable processor and a second computer program product, tangibly stored on a computer-readable medium, comprising instructions to cause the second programmable processor to;
  
  receive the first entity certificate from the first computer,generate the second entity certificate from the first entity certificate,encrypt the second entity certificate with the private key of the second entity,transmit the encrypted second entity certificate to the first computer, andreceive the transfer certificate from the first computer,wherein the first entity certificate includes a unique identifier identifying the digital document.

22. A system comprising:
- means for generating a first entity certificate associated with a digital document;
  
  means for encrypting the first entity certificate with a private key of a first entity;
  
  means for selecting at least one entity from at least two entities for direct transmittal of the encrypted first entity certificate;
  
  means for transmitting the encrypted first entity certificate directly to a second entity;
  
  means for receiving a second entity certificate at the first entity, the second entity certificate including the encrypted first entity certificate and being encrypted with a private key of the second entity;
  
  means for adding the second entity to a chain of transfer of the digital document;
  
  means for generating a transfer certificate from the second entity certificate;
  
  means for encrypting the transfer certificate with the private key of the first entity; and
  
  means for transmitting the transfer certificate to the second entity,wherein the first entity certificate includes a unique identifier identifying the digital document.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 23. The system of claim 22, wherein the first entity certificate identifies the chain of transfer of the digital document to which the second entity is added.
  - 24. The system of claim 22, further comprising means for including the encrypted second entity certificate in the transfer certificate, thereby making the transfer certificate verifiable with a public key associated with the private key of the first entity and a public key associated with a public key associated with the private key of the second entity.
  - 25. The system of claim 22, wherein the chain of transfer identifies each of one or more previous controllers of the digital document.
  - 26. The system of claim 25, wherein the first entity certificate includes information encrypted with the private key of each of the one or more previous controllers of the document.
  - 27. The system of claim 26, wherein the chain of transfer is verifiable with public keys associated with the private keys of the first entity and each of the one or more previous controllers of the digital document.
  - 28. The system of claim 22, wherein the unique identifier comprises an electronic tag.
  - 29. The system of claim 28, wherein the unique identifier comprises a hash of the digital document.
  - 30. The system of claim 22, wherein the first entity certificate includes conditions of an offer for transference of control of the digital document.
  - 31. The system of claim 22, wherein the first entity certificate includes a previous transfer certificate encrypted with a private key of a previous controller of the document.
  - 32. The system of claim 31, wherein the previous transfer certificate includes a previously approved offer encrypted with the private key of the first entity.

33. A system comprising:
- means for receiving a first entity certificate at a second entity that is associated with a digital document from a first entity, the first entity certificate identifying a chain of transfer of the digital document, wherein if the chain of transfer includes another entity in the chain of transfer that immediately preceded the first entity, the other entity in the chain differs from the second entity;
  
  means for generating a second entity certificate from the first entity certificate;
  
  means for encrypting the second entity certificate with a private key of the second entity;
  
  means for transmitting the encrypted second entity certificate to the first entity; and
  
  means for receiving a transfer certificate from the first entity, the transfer certificate adding the second entity to the chain of transfer,wherein the first entity certificate includes a unique identifier identifying the digital document.
- View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41)
- - 34. The system of claim 33, wherein the transfer certificate is encrypted with a private key of the first entity, thereby making the transfer certificate verifiable with a public key associated with the private key of the first entity and a public key associated with a public key associated with the private key of the second entity.
  - 35. The system of claim 33, wherein the chain of transfer identifies each of one or more previous controllers of the digital document.
  - 36. The system of claim 35 wherein the first entity certificate is encrypted with the private key of the first entity and includes information encrypted with the private key of each of the one or more previous controllers of the document.
  - 37. The system of claim 36, wherein the chain of transfer is verifiable with public keys associated with the private keys of the first entity and each of the one or more previous controllers of the digital document.
  - 38. The system of claim 33, wherein the unique identifier comprises an electronic tag.
  - 39. The system of claim 38, wherein the unique identifier comprises a hash of the digital document.
  - 40. The system of claim 33, wherein the first entity certificate includes conditions of an offer for transference of control of the digital document.
  - 41. The system of claim 33, further comprising:
    - means for generating another second entity certificate associated with the digital document, said another second entity certificate identifying the chain of transfer of the digital document;
      
      means for encrypting said another entity certificate with the private key of the second entity;
      
      means for selecting at least one entity from at least two entities for direct transmittal of the encrypted another second entity certificate;
      
      means for transmitting the encrypted said encrypted another second entity certificate to a third entity;
      
      means for receiving a third entity certificate, the third entity certificate including the encrypted said another second entity certificate and being encrypted with a private key of the third entity;
      
      means for adding the third entity to the chain of transfer;
      
      means for generating a second transfer certificate from the third entity certificate;
      
      means for encrypting the second transfer certificate with the private key of the second entity; and
      
      means for transferring the second transfer certificate to the third entity.

42. A method implemented in a computer program application, the method comprising:
- with a first computer,generating a first entity certificate associated with a digital document;
  
  encrypting the first entity certificate with a private key of a first entity;
  
  selecting at least one entity from at least two entities for direct transmittal of the encrypted another second entity certificate;
  
  transmitting the encrypted first entity certificate directly to a second entity at a second computer;
  
  receiving a second entity certificate from the second computer, the second entity certificate including the encrypted first entity certificate and being encrypted with a private key of the second entity;
  
  adding the second entity to a chain of transfer of the digital document;
  
  generating a transfer certificate from the second entity certificate;
  
  encrypting the transfer certificate with the private key of the first entity; and
  
  transmitting the transfer certificate to the second entity,wherein the first entity certificate includes a unique identifier identifying the digital document.
- View Dependent Claims (43, 44, 45, 46, 47, 48, 49, 50, 51, 52)
- - 43. The method of claim 42, wherein the first entity certificate identifies the chain of transfer to which the second entity is added.
  - 44. The method of claim 42, wherein the addition of the second entity to the chain of transfer includes the encrypted second entity certificate in the transfer certificate, thereby making the transfer certificate verifiable with a public key associated with the private key of the first entity and a public key associated with a public key associated with the private key of the second entity.
  - 45. The method of claim 42, wherein the chain of transfer identifies each of one or more previous controllers of the digital document.
  - 46. The method of claim 45, wherein the offeror first entity certificate includes information encrypted with the private key of each of the one or more previous controllers of the document.
  - 47. The method of claim 46, wherein the chain of transfer is verifiable with public keys associated with the private keys of the first entity and each of the one or more previous controllers of the digital document.
  - 48. The method of claim 42, wherein the unique identifier comprises an electronic tag.
  - 49. The method of claim 48, wherein the unique identifier comprises a hash of the digital document.
  - 50. The method of claim 42, wherein the first entity certificate includes conditions of an offer for transference of control of the digital document.
  - 51. The method of claim 42, wherein the first entity certificate includes a previous transfer certificate encrypted with a private key of a previous controller of the document.
  - 52. The method of claim 51, wherein the previous transfer certificate includes a previously approved offer encrypted with the private key of the first entity.

53. A method implemented in a computer program application, the method comprising:
- receiving from a first computer a first entity certificate at a second entity at a second computer that is associated with a digital document from a first entity, the first entity certificate identifying a chain of transfer of the digital document, wherein if the chain of transfer includes another entity in the chain of transfer that immediately preceded the first entity, the other entity in the chain differs from the second entity;
  
  generating at the second computer a second entity certificate from the first entity certificate;
  
  encrypting at the second computer the second entity certificate with a private key of the second entity;
  
  transmitting the encrypted second entity certificate from the second computer to the first entity at the first computer; and
  
  receiving from the first computer a transfer certificate from the first entity, the transfer certificate adding the second entity to the chain of transfer,wherein the first entity certificate includes a unique identifier identifying the digital document.
- View Dependent Claims (54, 55, 56, 57, 58, 59, 60, 61)
- - 54. The method of claim 53, wherein the transfer certificate is encrypted with a private key of the first entity, thereby making the transfer certificate verifiable with a public key associated with the private key of the first entity and a public key associated with a public key associated with the private key of the second entity.
  - 55. The method of claim 53, wherein the chain of transfer identifies each of one or more previous controllers of the digital document.
  - 56. The method of claim 55, wherein the first entity certificate is encrypted with the private key of the first entity and includes information encrypted with the private key of each of the one or more previous controllers of the document.
  - 57. The method of claim 56, wherein the chain of transfer is verifiable with public keys associated with the private keys of the first entity and each of the one or more previous controllers of the digital document.
  - 58. The method of claim 53, wherein the unique identifier comprises an electronic tag.
  - 59. The method of claim 58, wherein the unique identifier comprises a hash of the digital document.
  - 60. The method of claim 53, wherein the first entity certificate includes conditions of an offer for transference of control of the digital document.
  - 61. The method of claim 53, further comprising:
    - at the second computergenerating another second entity certificate associated with the digital document, said another second entity certificate identifying the chain of transfer of the digital document;
      
      encrypting said another second entity certificate with the private key of the second entity;
      
      selecting at least one entity from at least two entities for direct transmittal of the encrypted another second entity certificate;
      
      transmitting said encrypted another second entity certificate from the second computer directly to a third entity at a third computer;
      
      receiving a third entity certificate from the third computer, the third entity certificate including the encrypted another second entity certificate and being encrypted with a private key of the third entity;
      
      adding the third entity to the chain of transfer;
      
      generating a second transfer certificate from the third entity certificate;
      
      encrypting the second transfer certificate with the private key of the second entity; and
      
      transferring the second transfer certificate from the second computer to the third entity at the third computer.

62. A method comprising:
- with a first computer,generating a first entity certificate associated with a digital document,encrypting the first entity certificate with a private key of a first entity,selecting at least one entity from at least two entities for direct transmittal of the encrypted first entity certificate;
  
  transmitting the encrypted first entity certificate directly to a second entity at a second computer,receiving a second entity certificate, the second entity certificate including the encrypted first entity certificate and being encrypted with a private key of the second entity;
  
  adding the second entity to a chain of transfer of the digital document,generating a transfer certificate from the second entity certificate,encrypting the transfer certificate with the private key of the first entity, andtransmitting the transfer certificate to the second computer; and
  
  with a second computer,receiving the first entity certificate from the first computer,generating the second entity certificate from the first entity certificate,encrypting the second entity certificate with the private key of the second entity,transmitting the encrypted second entity certificate to the first computer, and receiving the transfer certificate from the first computerswherein the first entity certificate includes a unique identifier identifying the digital document.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Adobe Inc.
Original Assignee
Adobe Systems Incorporated (Adobe Inc.)
Inventors
Hunt, Bruce
Primary Examiner(s)
Korzuch; William R
Assistant Examiner(s)
AVERY, JEREMIAH L

Application Number

US11/001,711
Time in Patent Office

1,897 Days
Field of Search

726/10
US Class Current

713/156
CPC Class Codes

H04L 51/234   for tracking messages

H04L 63/0442   wherein the sending and rec...

H04L 63/0823   using certificates cryptogr...

H04L 63/123   received data contents, e.g...

H04L 9/3265   using certificate chains, t...

Verifiable chain of transfer for digital documents

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

55 Citations

62 Claims

Specification

Solutions

Use Cases

Quick Links

Verifiable chain of transfer for digital documents

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

55 Citations

62 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links