Document modification detection and prevention
First Claim
Patent Images
1. A computer implemented method, comprising:
- reading an electronic document, the electronic document comprising content rules, an existing signed state, and existing content items;
authenticating the electronic document one or more times, each authenticating comprising;
classifying the existing content items of the electronic document into existing invariant content items and existing modifiable content items according to the content rules;
receiving one or more user actions for one or more of the existing content items;
determining whether the one or more user actions are permitted by the content rules;
reclassifying one or more existing modifiable content items into new invariant content items in response to the one or more user actions;
generating an object digest for an aggregation of the existing invariant content items and the new invariant content items by digesting the existing invariant content items and the new invariant content items, wherein the aggregation includes a simple content item, a semi-complex content item and a complex content item, the object digest is generated according to their complexity and generating the object digest includes ignoring one or more existing modifiable content items in the electronic document that are not reclassified into new invariant content items;
generating a saved state of the electronic document; and
adding a new signed state to the electronic document, the new signed state comprising the object digest, the saved state, and an electronic signaturewherein generating an object digest is preformed by a processor of an electronic document reader.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus, including computer program products, implementing and using techniques for document authentication. An electronic document is presented to a user. The electronic document has data representing a signed state and a current state. A disallowed difference between the signed state and the current state is detected, based on one or more rules that are associated with the electronic document. A digital signature associated with the electronic document is invalidated in response to the detecting.
108 Citations
36 Claims
-
1. A computer implemented method, comprising:
-
reading an electronic document, the electronic document comprising content rules, an existing signed state, and existing content items; authenticating the electronic document one or more times, each authenticating comprising; classifying the existing content items of the electronic document into existing invariant content items and existing modifiable content items according to the content rules; receiving one or more user actions for one or more of the existing content items; determining whether the one or more user actions are permitted by the content rules; reclassifying one or more existing modifiable content items into new invariant content items in response to the one or more user actions; generating an object digest for an aggregation of the existing invariant content items and the new invariant content items by digesting the existing invariant content items and the new invariant content items, wherein the aggregation includes a simple content item, a semi-complex content item and a complex content item, the object digest is generated according to their complexity and generating the object digest includes ignoring one or more existing modifiable content items in the electronic document that are not reclassified into new invariant content items; generating a saved state of the electronic document; and adding a new signed state to the electronic document, the new signed state comprising the object digest, the saved state, and an electronic signature wherein generating an object digest is preformed by a processor of an electronic document reader. - View Dependent Claims (2, 3, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
4. The method of 3, wherein the object digest contains the type identifier and the length of each content item.
-
13. A computer readable storage device storing a computer program which, when executed by a computer processor, causes the computer processor to perform operations comprising:
-
reading an electronic document, the electronic document comprising content rules, an existing signed state, and existing content items; authenticating the electronic document one or more times, each authenticating comprising; classifying the existing content items of the electronic document into existing invariant content items and existing modifiable content items, according to the content rules; receiving one or more user actions for one or more of the existing content items; determining whether the one or more user actions are permitted by the content rules; reclassifying one or more existing modifiable content items into new invariant content items in response to the one or more user actions; generating an object digest for an aggregation of the existing invariant content items and the new invariant content items, wherein the aggregation includes a simple content item, a semi-complex content item and a complex content item, and the object digest is generated by digesting the existing invariant content items and the new invariant content items according to their complexity and generating the object digest includes ignoring one or more existing modifiable content items in the electronic document that are not reclassified into new invariant content items; generating a saved state of the electronic document; and adding a new signed state to the electronic document, the new signed state comprising the object digest, the saved state, and an electronic signature. - View Dependent Claims (14, 15, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
16. The storage device of 15, wherein the object digest contains the type identifier and the length of each content item.
-
25. A system comprising a computer readable storage device storing a computer program, a display device, and one or more processors operable to interact with the display device and to execute the computer program and perform operations comprising:
-
reading an electronic document, the electronic document comprising content rules, an existing signed state, and existing content items; authenticating the electronic document one or more times, each authenticating comprising; classifying the existing content items of the electronic document into existing invariant content items and existing modifiable content items, according to the content rules; receiving one or more user actions for one or more of the existing one or more content items; determining whether the one or more user actions are permitted by the content rules; reclassifying one or more existing modifiable content items into new invariant content items in response to the one or more user actions; generating an object digest for an aggregation of the existing invariant content items and the new invariant content items by digesting the existing invariant content items and the new invariant content items, wherein the aggregation includes a simple content item, a semi-complex content item and a complex content item, the object digest is generated according to their complexity and generating the object digest includes ignoring one or more existing modifiable content items in the electronic document that are not reclassified into new invariant content items; generating a saved state of the electronic document; and adding a new signed state to the electronic document, the new signed state comprising the object digest, the saved state, and an electronic signature. - View Dependent Claims (26, 27, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
28. The system of 27, wherein the object digest contains the type identifier and the length of each content item.
Specification