Transaction architecture utilizing transaction policy statements

US 7,698,230 B1
Filed: 02/13/2003
Issued: 04/13/2010
Est. Priority Date: 02/15/2002
Status: Active Grant

First Claim

Patent Images

1. A transaction processing system comprising:

a processor, a memory, computer readable instructions stored in the memory that when executed by the processor perform the process of;

receiving a plurality of transaction packets, each transaction packet comprising a document and a transaction policy statement, and wherein each transaction policy statement includes a set of rules specific to its respective transaction packet and not the other transaction packets in the plurality of transaction packets;

accessing by a rule parser each of the plurality of transaction packets the transaction policy statements and the set of rules specific to each of said packets, wherein the set of rules in at least one of the transaction policy statements includes one or more signature rules that define requirements for electronically signing its respective document;

retrieving role verification rules from a server;

determining by a verification agent whether the signature rules are met,verifying a role of a signatory based on role verification rules retrieved from said server; and

preventing by a signature inhibitor the respective document from being electronically signed based on the verifying of a role of a signatory.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A transaction receiver obtains a transaction packet comprising at least one document and instructions for processing the at least one document to complete a transaction. Thereafter, a rule parser accesses a transaction policy statement associated with the transaction packet including one or more rules for allowing the at least one document to be electronically signed. A verification agent then determines whether the rules of the transaction policy statement are met, after which a signature inhibitor prevents the at least one document from being electronically signed unless each rule of the transaction policy statement is met.

161 Citations

66 Claims

1. A transaction processing system comprising:
- a processor, a memory, computer readable instructions stored in the memory that when executed by the processor perform the process of;
  
  receiving a plurality of transaction packets, each transaction packet comprising a document and a transaction policy statement, and wherein each transaction policy statement includes a set of rules specific to its respective transaction packet and not the other transaction packets in the plurality of transaction packets;
  
  accessing by a rule parser each of the plurality of transaction packets the transaction policy statements and the set of rules specific to each of said packets, wherein the set of rules in at least one of the transaction policy statements includes one or more signature rules that define requirements for electronically signing its respective document;
  
  retrieving role verification rules from a server;
  
  determining by a verification agent whether the signature rules are met,verifying a role of a signatory based on role verification rules retrieved from said server; and
  
  preventing by a signature inhibitor the respective document from being electronically signed based on the verifying of a role of a signatory.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The system of claim 1, wherein the at least one transaction policy statement includes a host security rule specifying a minimum level of security for a receiving computer system to host the respective transaction packet.
  - 3. The system of claim 2, wherein the host security rule specifies that the receiving computer system is to provide restricted physical access, a firewall, a power backup, and redundant network access.
  - 4. The system of claim 2, wherein the host security rule specifies that the receiving computer system is to provide monitored physical access, multiple firewalls, a redundant power backup, offsite storage, and redundant network access.
  - 5. The system of claim 2, wherein the signature inhibitor is to return the respective transaction packet in response to the receiving computer system not having the requisite minimum level of security.
  - 6. The system of claim 1, wherein the one or more signature rules include an authentication method rule specifying a minimum method for authenticating a signatory.
  - 7. The system of claim 6, wherein the authentication method rule specifies a minimum authentication method based on a signatory'"'"'s role in the respective transaction.
  - 8. The system of claim 6, wherein the authentication method is selected from the group consisting of a pass code, a digital certificate, a token, and a biometric scan.
  - 9. The system of claim 6, wherein the signature inhibitor is to block a signatory'"'"'s access to the respective document in response to the authentication method rule not being met for the signatory.
  - 10. The system of claim 9, wherein the signature inhibitor is to apply a style sheet that prevents the signatory from viewing or modifying the respective document.
  - 11. The system of claim 1, wherein the at least one transaction policy statement comprises a document standard rule specifying a particular industry format to which the respective document is to conform.
  - 12. The system of claim 11, wherein the industry format is specified in a schema, and wherein the verification agent is to parse the respective document using the schema.
  - 13. The system of claim 1, wherein the at least one transaction policy statement comprises a packet integrity rule specifying that any digital signatures associated with the respective transaction packet are to be validated to ensure that the respective transaction packet is free from tampering before allowing the respective document to be signed.
  - 14. The system of claim 13, wherein the at least one transaction policy statement includes an enforceability rule specifying that a participant is to consent to the respective transaction being carried out in electronic form.
  - 15. The system of claim 14, wherein the signature inhibitor is to prevent the user from signing the respective document unless the user consents.
  - 16. The system of claim 1, wherein the at least one transaction policy statement comprises a host security rule and an authentication method rule.
  - 17. The system of claim 1, wherein the at least one transaction policy statement comprises a host security rule, an authentication method rule, a document standard rule, and an enforceability rule.

18. A transaction processing system in a computer network, comprising:
- a processor, a memory, computer readable instructions stored in the memory that when executed by the processor perform the process of;
  
  obtaining by a transaction receiver a plurality of transaction packets through the computer network, each transaction packet including a document and a transaction policy statement, and wherein each transaction policy statement includes a set of rules specific to its respective transaction packet and not the other transaction packets in the plurality of transaction packets;
  
  accessing by a rule parser each of the plurality of transaction packets the transaction policy statements, and the set of rules specific to each of said packets, wherein the set of rules in at least one of the transaction policy statements includes one or more rules for allowing the respective transaction to proceed;
  
  retrieving role verification rules from a server;
  
  determining by a verification agent whether the set of rules of the at least one transaction policy statement are met, verifying a role of a user based on role verification rules retrieved from said server; and
  
  preventing by a signature inhibitor the respective document from being electronically signed based on the verifying of a role of a user.

19. A transaction processing system in a computer network, comprising:
- a processor, a memory, computer readable instructions stored in the memory that when executed by the processor perform the process of;
  
  obtaining by a transaction receiver a plurality of transaction packets through the computer network, each transaction packet including a document and a transaction policy statement, and wherein each transaction policy statement includes a set of rules specific to its respective transaction packet and not the other transaction packets in the plurality of transaction packets;
  
  accessing by a rule parser each of the plurality of transaction packets the transaction policy statements, and the set of rules specific to each of said packets, wherein the set of rules in at least one of the transaction policy statements includes one or more rules to be complied with during the respective transaction;
  
  retrieving role verification rules from a server; and
  
  executing by a compliance agent a compliance action for each rule in the set of rules of the at least one transaction policy statementverifying a role of a viewer based on the role verification rules stored on the server and preventing by a signature inhibitor the respective document from being electronically signed based on the verifying of a role of a viewer.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 20. The system of claim 19, wherein the at least one transaction policy statement includes an auditing rule specifying one or more particular actions of the transaction processing system to be audited.
  - 21. The system of claim 19, wherein the compliance agent is to create an audit record in the respective transaction packet for each specified action that occurs within the transaction processing system.
  - 22. The system of claim 20, wherein the actions to be audited are selected from the group consisting of adding documents to a transaction, authenticating an individual, transferring a transaction between systems, viewing a document, editing a document, signing a document, and extracting data from a document.
  - 23. The system of claim 19, wherein the at least one transaction policy statement includes a privacy rule specifying viewing limitations for one or more portions of respective document.
  - 24. The system of claim 23, wherein the compliance agent is to determine a role of a viewer and conceal the one or more portions of the respective document based on the viewer'"'"'s role and the privacy rule.
  - 25. The system of claim 24, wherein the compliance agent is to apply a style sheet to the respective document to conceal the one or more portions.
  - 26. The system of claim 25, wherein the compliance agent is to store in the respective transaction packet an indication of the style sheet applied to the respective document.
  - 27. The system of claim 24, wherein the compliance agent is to store in the respective transaction packet an indication of the viewer and what was viewed.
  - 28. The system of claim 19, wherein the at least one transaction policy statement includes an enforceability rule specifying that an indication of a signer'"'"'s intent be stored with a corresponding signature.
  - 29. The system of claim 19, wherein the at least one transaction policy statement includes an encryption export rule specifying a maximum encryption level for the respective transaction under applicable regulations.
  - 30. The system of claim 29, wherein the compliance agent is to deny a request to use an encryption level for the respective transaction that exceeds the maximum specified in the encryption export rule.

31. The system of claim, wherein the at least one transaction policy statement includes a packet integrity rule specifying that the respective transaction packet is to be verified to be free from tampering.
- View Dependent Claims (32)
- - 32. The system of claim 31, wherein the compliance agent is to validate each digital signature associated with the respective transaction packet to ensure that the respective transaction packet is free from tampering.

33. A method in a transaction processing system comprising:
- receiving, by a receiving computer system, a plurality of transaction packets, each transaction packet comprising a document and a transaction policy statement, and wherein each transaction policy statement includes a set of rules specific to its respective transaction packet and not the other transaction packets in the plurality of transaction packets;
  
  accessing from each of the transaction packets the transaction policy statements, and the set of rules specific to each of said packets, wherein the set of rules in at least one of the transaction policy statements includes one or more signature rules that define requirements for electronically signing its respective document;
  
  retrieving role rules from a server;
  
  verifying a role associated with a signatory based on the role rules retrieved from said server;
  
  verifying, using the receiving computer system, whether the signature rules are met; and
  
  preventing by a signature inhibitor the respective document from being electronically signed based on the verifying of a role of a signatory and the verifying whether the signature rules are met.
- View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49)
- - 34. The method of claim 33, wherein the at least one transaction policy statement includes a host security rule specifying a minimum level of security for a receiving computer system to host the respective transaction packet.
  - 35. The method of claim 34, wherein the host security rule specifies that the receiving computer system is to provide restricted physical access, a firewall, a power backup, and redundant network access.
  - 36. The method of claim 34, wherein the host security rule specifies that the receiving computer system is to provide monitored physical access, multiple firewalls, a redundant power backup, offsite storage, and redundant network access.
  - 37. The method of claim 34, wherein preventing comprises:
    - returning the respective transaction packet in response to the receiving computer system not having the requisite minimum level of security.
  - 38. The method of claim 33, wherein the at least one transaction policy statement includes an authentication method rule specifying a minimum method for authenticating a signatory of the respective document.
  - 39. The method of claim 38, wherein the authentication method rule specifies a minimum authentication method based on a signatory'"'"'s role in the respective transaction.
  - 40. The method of claim 38, wherein the authentication method is selected from the group consisting of a pass code, a digital certificate, a token, and a biometric scan.
  - 41. The method of claim 38, wherein preventing comprises:
    - blocking a signatory'"'"'s access to the respective document in response to the authentication method rule not being met for the signatory.
  - 42. The method of claim 41, wherein blocking comprises:
    - applying a style sheet that prevents the signatory from viewing or modifying the respective document.
  - 43. The method of claim 33, wherein the at least one transaction policy statement comprises a document standard rule specifying a particular industry format to which the respective document is to conform.
  - 44. The method of claim 43, wherein the industry format is specified in a schema, and wherein verifying comprises:
    - parsing the respective document using the schema.
  - 45. The method of claim 33, wherein the at least one transaction policy statement comprises a packet integrity rule specifying that any digital signatures associated with the respective transaction packet are to be validated to ensure that the respective transaction packet is free from tampering.
  - 46. The method of claim 33, wherein the at least one transaction policy statement includes an enforceability rule specifying that a user is to consent to the respective transaction being carried out in electronic form.
  - 47. The method of claim 46, wherein preventing comprises:
    - preventing the user from signing the respective document unless the user consents to the respective transaction being carried out in electronic form.
  - 48. The method of claim 33, wherein the at least one transaction policy statement comprises a host security rule and an authentication method rule.
  - 49. The method of claim 33, wherein the at least one transaction policy statement comprises a host security rule, an authentication method rule, a document standard rule, a packet integrity rule, and an enforceability rule.

50. A method in a transaction processing system in a computer network comprising:
- receiving, by a processor, a plurality of transaction packets, each transaction packet including a document and a transaction policy statement, and wherein each transaction policy statement includes a set of rules specific to its respective transaction packet and not the other transaction packets in the plurality of transaction packets;
  
  accessing from each of the transaction packets the transaction packet and not the other transaction packets in the plurality of transaction packets;
  
  accessing from each of the transaction packets the transaction policy statements, and the set of rules specific to each of said packets, wherein the set of rules in at least one of the transaction policy statements includes one or more rules for allowing the respective transaction to proceed;
  
  retrieving role rules from a server,verifying a role associated with a user based on the role verification rules retrieved from said server,verifying, using the processor, whether the set of rules of the at least one transaction policy statement are met; and
  
  preventing by a signature inhibitor the respective document from being electronically signed based on the verifying of a role of a signatory and the verifying whether the set of rules of the at least one transaction policy statement are met.

51. A method in a transaction processing system in a computer network comprising:
- receiving, by a processor, a plurality of transaction packets, each transaction packet including a document and a transaction policy statement that processes the document to complete a transaction, wherein each transaction policy statement, and wherein each transaction policy statement includes a set of rules specific to its respective transaction packet and not the other transaction packets in the plurality of transaction packets;
  
  accessing from each of the transaction packets the transaction policy statements, and the set of rules specific to each of said packets, wherein the set of rules in at least one of the transaction policy statements includes one or more rules to be complied with during the respective transaction;
  
  retrieving role rules from a server;
  
  verifying a role associated with a viewer based on the role verification rules retrieved from said server; and
  
  executing a compliance action for each rule in the set of rules of the at least one transaction policy statementand preventing by a signature inhibitor the respective document from being electronically signed based on the verifying of a role of a viewer.
- View Dependent Claims (52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64)
- - 52. The method of claim 51, wherein the at least one transaction policy statement includes an auditing rule specifying one or more particular actions of the transaction processing system to be audited.
  - 53. The method of claim 51, wherein executing comprises:
    - creating an audit record in the at least one transaction packet for each specified action that occurs within the transaction processing system.
  - 54. The method of claim 52, wherein the actions to be audited are selected from the group consisting of adding documents to a transaction, authenticating an individual, transferring a transaction between systems, viewing a document, editing a document, signing a document, and extracting data from a document.
  - 55. The method of claim 51, wherein the at least one transaction policy statement includes a privacy rule specifying viewing limitations for one or more portions of the respective document.
  - 56. The method of claim 55, wherein executing comprises:
    - determining a role of a viewer; and
      
      concealing the one or more portions of the respective document based on the viewer'"'"'s role and the privacy rule.
  - 57. The method of claim 56, wherein concealing comprises:
    - applying a style sheet to the respective document to conceal the one or more portions.
  - 58. The method of claim 57, further comprising:
    - storing in the respective transaction packet an indication of the style sheet applied to the respective document.
  - 59. The method of claim 56, further comprising:
    - storing in the respective transaction packet an indication of the viewer and what was viewed.
  - 60. The method of claim 51, wherein the at least one transaction policy statement includes an enforceability rule specifying that an indication of a signer'"'"'s intent be stored with a corresponding signature.
  - 61. The method of claim 51, wherein the at least one transaction policy statement includes an encryption export rule specifying a maximum encryption level for the respective transaction under applicable regulations.
  - 62. The method of claim 61, wherein executing comprises:
    - denying a request to use an encryption level for the respective transaction that exceeds the maximum specified in the encryption export rule.
  - 63. The method of claim 51, wherein the at least one transaction policy statement includes a packet integrity rule specifying that the respective transaction packet is to be verified to be free from tampering.
  - 64. The method of claim 63, wherein executing comprises:
    - validating each digital signature associated with the respective transaction packet to ensure that the respective transaction packet is free from tampering.

65. A transaction processing apparatus comprising:
- a processor, a memory, computer readable instructions stored in the memory that when executed by the processor perform the process of;
  
  receiving a plurality of transaction packets, each transaction packet comprising a document and a transaction policy statement, and wherein each transaction policy statement includes a set of rules specific to its respective transaction packet and not the other transaction packets in the plurality of transaction packets;
  
  accessing from each of the plurality of transaction packets the transaction policy statements and the set of rules specific to each of said packets, wherein the set of rules in at least one of the transaction policy statements includes one or more signature rules that define requirements for electronically signing its respective document;
  
  retrieving role verification rules from a server;
  
  verifying a role associated with a user based on the role verification rules retrieved from said server;
  
  verifying whether the signature rules are met;
  
  preventing by a signature inhibitor the respective document from being electronically signed based on the verifying step.

66. A computer program product comprising program code for performing a method in a transaction processing system, the method comprising:
- receiving, by a processor, a plurality of transaction packets, each transaction packet comprising a document and a transaction policy statement, and wherein each transaction policy statement includes a set of rules specific to its respective transaction packet and not the other transaction packets in the plurality of transaction packets;
  
  accessing from each of the transaction packets the transaction policy statements, and the set of rules specific to each of said packets, wherein the set of rules in at least one of the transaction policy statements includes one or more signature rules that define requirements for electronically signing the respective document;
  
  retrieving role rules from a server;
  
  verifying a role associated with a user based on the role verification rules retrieved from said server;
  
  verifying, using the processor, whether the signature rules are met; and
  
  preventing by a signature inhibitor the respective document from being electronically signed based on the verifying of the role and the verifying whether the signature rules are met.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ContractPal, Inc.
Original Assignee
ContractPal, Inc.
Inventors
Israelsen, D. Brent, Brown, Bruce E.
Primary Examiner(s)
Hewitt, II; Calvin L
Assistant Examiner(s)
Winter; John M

Application Number

US10/366,272
Time in Patent Office

2,616 Days
Field of Search

705/1, 705 50- 79
US Class Current

705/75
CPC Class Codes

G06F 21/64   Protecting data integrity, ...

G06Q 10/10   Office automation; Time man...

G06Q 30/018   Certifying business or prod...

Transaction architecture utilizing transaction policy statements

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

161 Citations

66 Claims

Specification

Solutions

Use Cases

Quick Links

Transaction architecture utilizing transaction policy statements

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

161 Citations

66 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links