System and method of secure encryption for electronic data transfer

US 8,412,947 B2
Filed: 10/05/2006
Issued: 04/02/2013
Est. Priority Date: 10/05/2006
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable medium encoded with code segments for enabling a secure data transfer system, the computer-readable medium comprising:

a code segment for enabling a first computer to receive input from a first user identifying transfer data and a recipient identifier to initiate a transaction;

a code segment for enabling the first computer to create a key for encoding and decoding the transfer data, wherein the key is unique for the transaction, encode the transfer data using the key, and communicate the key and the recipient identifier to a second computer;

a code segment for enabling the first computer to receive sender authentication information from the first user and to communicate the sender authentication information to the second computer;

a code segment for enabling the second computer to create a secure package identifier that uniquely identifies the transfer data, is unique for the transaction, and is associated with the recipient identifier and the key, to compare the sender authentication information received from the first computer with sender authentication information stored in a database, and to communicate the secure package identifier to the first computer only if the sender authentication information received from the first computer matches the sender authentication information stored in the database;

a code segment for enabling the first computer to communicate the encoded transfer data and the secure package identifier to a third computer;

a code segment for enabling the third computer to receive from a second user a user identifier and to communicate the user identifier and the secure package identifier to the second computer; and

a code segment for enabling the second computer to communicate the key to the third computer only if the secure package identifier received from the third computer matches the secure package identifier created by the second computer and if the user identifier matches the recipient identifier.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for secure transfer of encrypted data involves a sender client (36), a recipient client (38), a main server (40), and a key server (42). The sender client (36) receives instructions from a first user identifying transfer data and a recipient identifier, creates an encoding key, encodes the transfer data using the key, and communicates the key and the recipient identifier to a main server (40). The main server (40) communicates the key and the recipient identifier to the key server (42), which associates the recipient identifier with a secure package identifier and communicates the secure package identifier to the main server (40), which communicates the secure package identifier to the sender client (36). The recipient client (38) receives and identifies the secure package identifier and the encoded transfer data, receives from a second user a user identifier, and communicates the user identifier and the secure package identifier to the main server (40), which communicates them to the key server (42). The key server (42) communicates the key to the main server (40) only if the secure package identifier received from the recipient client (38) matches the secure package identifier created by the main server (40) and if the user identifier matches the recipient identifier. The main server (40) communicates the key to the recipient client (38).

29 Citations

View as Search Results

33 Claims

1. A non-transitory computer-readable medium encoded with code segments for enabling a secure data transfer system, the computer-readable medium comprising:
- a code segment for enabling a first computer to receive input from a first user identifying transfer data and a recipient identifier to initiate a transaction;
  
  a code segment for enabling the first computer to create a key for encoding and decoding the transfer data, wherein the key is unique for the transaction, encode the transfer data using the key, and communicate the key and the recipient identifier to a second computer;
  
  a code segment for enabling the first computer to receive sender authentication information from the first user and to communicate the sender authentication information to the second computer;
  
  a code segment for enabling the second computer to create a secure package identifier that uniquely identifies the transfer data, is unique for the transaction, and is associated with the recipient identifier and the key, to compare the sender authentication information received from the first computer with sender authentication information stored in a database, and to communicate the secure package identifier to the first computer only if the sender authentication information received from the first computer matches the sender authentication information stored in the database;
  
  a code segment for enabling the first computer to communicate the encoded transfer data and the secure package identifier to a third computer;
  
  a code segment for enabling the third computer to receive from a second user a user identifier and to communicate the user identifier and the secure package identifier to the second computer; and
  
  a code segment for enabling the second computer to communicate the key to the third computer only if the secure package identifier received from the third computer matches the secure package identifier created by the second computer and if the user identifier matches the recipient identifier.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The non-transitory computer-readable medium as set forth in claim 1, further comprising a code segment for enabling the first computer to receive the transfer data and the recipient identifier from the first user.
  - 3. The non-transitory computer-readable medium as set forth in claim 1, further comprising:
    - a code segment for enabling the first computer to communicate the key and the recipient identifier to the second computer via a computer network using a secure communications protocol; and
      
      a code segment for enabling the second computer to communicate the secure package identifier to the first computer via a computer network using a secure communications protocol.
  - 4. The non-transitory computer-readable medium as set forth in claim 1, further comprising:
    - a code segment for enabling the third computer to communicate the user identifier and the secure package identifier to the second computer via a computer network using a secure communications protocol; and
      
      a code segment for enabling the second computer to communicate the key to the third computer via a computer network using a secure communications protocol.
  - 5. The non-transitory computer-readable medium as set forth in claim 1, wherein the sender authentication information received from the first computer and the sender authentication information stored in the database includes biometric information.
  - 6. The non-transitory computer-readable medium as set forth in claim 1, further comprising:
    - a code segment for enabling the third computer to receive recipient authentication information from the second user and communicate the recipient authentication information to the second computer;
      
      a code segment for enabling the second computer to compare the recipient authentication information received from the third computer with recipient authentication information stored in a database; and
      
      a code segment for enabling the second computer to communicate the key to the third computer only if the recipient authentication information received from the third computer matches the recipient authentication information stored in the database and if the recipient identifier received from the third computer matches the recipient identifier associated with the secure package identifier.
  - 7. The non-transitory computer-readable medium as set forth in claim 6, wherein the recipient authentication information received from the third computer and the recipient authentication information stored in the database includes biometric information.
  - 8. The non-transitory computer-readable medium as set forth in claim 1, further comprising a code segment for enabling the third computer to decode the encoded transfer data using the key.
  - 9. The non-transitory computer-readable medium as set forth in claim 1, further comprising:
    - a code segment for enabling the first computer to collect the transfer data from a data buffer; and
      
      a code segment for enabling the first computer to place the encoded transfer data and the secure package identifier in the buffer as a single data file.
  - 10. The non-transitory computer-readable medium as set forth in claim 1, further comprising a code segment for enabling the first computer to encode the transfer data by encrypting the data.
  - 11. The non-transitory computer-readable medium as set forth in claim 1, further comprising:
    - a code segment for enabling the first computer to encode the transfer data by combining the transfer data with a user-selected data file using the key; and
      
      a code segment for enabling the third computer to decode the transfer data by removing the transfer data from the user-selected data file using the key.

12. A non-transitory computer-readable medium encoded with code segments for enabling a secure data transfer system, the computer-readable medium comprising:
- a code segment for enabling a first computer to receive transfer data and a plurality of recipient identifiers from a first user to initiate a transaction;
  
  a code segment for enabling the first computer to create a key for encrypting and decrypting the transfer data, wherein the key is unique to the transaction, encrypt the transfer data, and communicate the key and the recipient identifiers to a second computer;
  
  a code segment for enabling the second computer to communicate the key and the plurality of recipient identifiers to a third computer;
  
  a code segment for enabling the third computer to associate each of the recipient identifiers with a secure package identifier that uniquely identifies the transfer data and is unique for the transaction, and to communicate the secure package identifier to the second computer;
  
  a code segment for enabling the second computer to communicate the secure package identifier to the first computer;
  
  a code segment for enabling the first computer to communicate the secure package identifier and the encrypted transfer data to a fourth computer;
  
  a code segment for enabling the fourth computer to communicate a user identifier and the secure package identifier to the second computer;
  
  a code segment for enabling the second computer to communicate the user identifier and the secure package identifier to the third computer;
  
  a code segment for enabling the third computer to communicate the key to the second computer only if the secure package identifier received from the second computer matches the secure package identifier created by the third computer and if the user identifier received from the third computer matches one of the plurality of recipient identifiers associated with the secure package identifier; and
  
  a code segment for enabling the second computer to communicate the key to the fourth computer.
- View Dependent Claims (13, 14, 15)
- - 13. The non-transitory computer-readable medium as set forth in claim 12, further comprising:
    - a code segment for enabling the first computer to receive sender authentication information from the first user and to communicate the sender authentication information to the second computer; and
      
      a code segment for enabling the second computer to compare the sender authentication information received from the first computer with sender authentication information stored in a database, and to communicate the key and the recipient identifier to the third computer only if the sender authentication information received from the first computer matches the sender authentication information stored in the database.
  - 14. The non-transitory computer-readable medium as set forth in claim 12, further comprising:
    - a code segment for enabling the fourth computer to receive recipient authentication information from the second user and communicate the recipient authentication information to the second computer;
      
      a code segment for enabling the second computer to authenticate the second user by comparing the recipient authentication information received from the fourth computer with recipient authentication information stored in a database; and
      
      a code segment for enabling the second computer to communicate the user identifier and the secure package identifier to the third computer only if the recipient authentication information received from the fourth computer matches the recipient authentication information stored in the database.
  - 15. The non-transitory computer-readable medium as set forth in claim 12, further comprising:
    - a code segment for enabling the first computer to destroy the key upon communicating the key to the second computer; and
      
      a code segment for enabling the second computer to destroy the key upon communicating the key to the third computer and upon communicating the key to the fourth computer.

16. A non-transitory computer-readable medium encoded with code segments for enabling a secure data transfer system, the computer-readable medium comprising:
- a code segment for enabling a first computer to receive from a first user, for initiating a transaction, transfer data, sender identification information, sender authentication information, and recipient identification information, to create a key for encrypting and decrypting the transfer data, wherein the key is unique for the transaction, to encrypt the transfer data using the key, and to communicate the sender identification information, sender authentication information, recipient identification information, and key to a second computer;
  
  a code segment for enabling the second computer to authenticate the first user by verifying that the sender identification information and sender authentication information received from the first computer match sender identification information and sender authentication information stored in a database, to generate a recipient anonymous indicator corresponding to the recipient identification information, and to communicate the recipient anonymous indicator and the key to a third computer only if the first user is authenticated;
  
  a code segment for enabling the third computer to create a secure package identifier that uniquely identifies the transfer data and is unique for the transaction, to associate the recipient anonymous indicator and the key with the secure package identifier, and to communicate the secure package identifier to the second computer;
  
  a code segment for enabling the second computer to communicate the secure package identifier to the first computer;
  
  a code segment for enabling the first computer to communicate the secure package identifier and the encrypted transfer data to a fourth computer;
  
  a code segment for enabling the fourth computer to receive user identification and authentication information from a second user, and to communicate the secure package identifier, the user identification, and the authentication information to a fifth computer;
  
  a code segment for enabling the fifth computer to create a user anonymous indicator corresponding to the user identification information, and to communicate the user anonymous identifier and the secure package identifier to the third computer;
  
  a code segment for enabling the third computer to match the secure package identifier received from the fifth computer with the secure package identifier created by the third computer, to compare the user anonymous identifier with the recipient anonymous identifier associated with the secure package identifier, and to communicate the key to the fifth computer only if the secure package identifier received from the fifth computer is the same as the secure package identifier created by the third computer and the user anonymous identifier is the same as the first recipient anonymous identifier associated with the secure package identifier;
  
  a code segment for enabling the fifth computer to communicate the key to the fourth computer; and
  
  a code segment for enabling the fourth computer to decrypt the encrypted transfer data using the key.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. The non-transitory computer-readable medium as set forth in claim 16, further comprising a code segment for enabling the third computer to create an encryption record, to associate the encryption record with the secure package identifier, and for including in the encryption record information indicating each time the key was communicated to another computer and one or more hashed values associated with each communication of the key.
  - 18. The non-transitory computer-readable medium as set forth in claim 16, further comprising:
    - a code segment for enabling the second computer to generate the recipient anonymous indicator by applying a hashing algorithm to the recipient identification information; and
      
      a code segment for enabling the fifth computer to generate the user anonymous indicator by applying the hashing algorithm to the user identification information.
  - 19. The non-transitory computer-readable medium as set forth in claim 16, further comprising:
    - a code segment for enabling the first computer to destroy the key upon communicating the key to the second computer;
      
      a code segment for enabling the second computer to destroy the key upon communication of the key to the third computer;
      
      a code segment for enabling the fifth computer to destroy the key upon communicating the key to the fourth computer; and
      
      a code segment for enabling the fourth computer to destroy the key after decrypting the encrypted data.
  - 20. The non-transitory computer-readable medium as set forth in claim 16, wherein the sender authentication information and the user authentication information received from the first computer and the sender authentication information and the user authentication information stored in a database includes biometric information.
  - 21. The non-transitory computer-readable medium as set forth in claim 20, wherein the biometric information is chosen from the group consisting of fingerprint data, voice print data, retinal scan data, facial characteristics, and signature data.

22. A method of secure data transfer, the method comprising:
- using a first computer to receive from a first user transfer data and a recipient identifier to initiate a transaction;
  
  using the first computer to create a key for encoding and decoding the transfer data, wherein the key is unique for the transaction, encode the transfer data using the key, and communicate the key and the recipient identifier to a second computer;
  
  using the first computer to receive sender authentication information from the first user and to communicate the sender authentication information to the second computer;
  
  using the second computer to create a secure package identifier that uniquely identifies the transfer data, is unique for the transaction, and is associated with the recipient identifier and the key, to compare the sender authentication information received from the first computer with sender authentication information stored in a database, and to communicate the secure package identifier to the first computer only if the sender authentication information received from the first computer matches the sender authentication information stored in the database;
  
  transferring the secure package identifier and the encoded transfer data to a third computer;
  
  using the third computer to receive from a second user a user identifier and to communicate the user identifier and the secure package identifier to the second computer; and
  
  using the second computer to communicate the key to the third computer only if the secure package identifier received from the third computer matches the secure package identifier created by the second computer and if the user identifier matches the recipient identifier.
- View Dependent Claims (23, 24, 25, 26, 27)
- - 23. The method as set forth in claim 22, further comprising transferring the secure package identifier and the encoded transfer data to the third computer via a computer network.
  - 24. The method as set forth in claim 22, further comprising transferring the secure package identifier and the encoded transfer data to the third computer by storing the secure package identifier and the encoded transfer data on a physical medium, transporting the medium to the third computer, and using the third computer to read the secure package identifier and the encoded transfer data from the physical storage medium.
  - 25. The method as set forth in claim 22, wherein the sender authentication information received from the first computer and the sender authentication information stored in the database includes biometric information.
  - 26. The method as set forth in claim 22, further comprising:
    - using the third computer to receive recipient authentication information from the second user and communicate the recipient authentication information and the secure package identifier to the second computer;
      
      using the second computer to compare the recipient authentication information received from the third computer with recipient authentication information stored in a database; and
      
      using the second computer to communicate the key to the third computer only if the recipient authentication information received from the third computer matches the recipient authentication information stored in the database and if the recipient identifier received from the third computer matches the recipient identifier associated with the secure package identifier.
  - 27. The method as set forth in claim 26, wherein the recipient authentication information received from the third computer and the recipient authentication information stored in the database includes biometric information.

28. A method of secure data transfer, the method comprising:
- initiating a transaction by communicating sender identification information and sender authentication information, a key for encrypting and decrypting transfer data, wherein the key is unique for the transaction, and a list of recipient identifiers from a first client computer to a first server computer;
  
  authenticating a sender at the first server computer by comparing the sender authentication information from the first client computer to sender authentication information stored in a database;
  
  encoding each of the recipient identifiers using the first server computer;
  
  communicating the encoded recipient identifiers and the key to a second server computer;
  
  creating a secure package identifier that uniquely identifies the transfer data, is unique for the transaction, and is associated with the key and the encoded recipient identifiers;
  
  communicating the secure package identifier from the second server computer and to, directly or indirectly, the first client computer;
  
  encrypting the transfer data at the first client computer and transferring the encrypted transfer data and the secure package identifier from the first client computer to a second client computer;
  
  communicating the secure package identifier, a recipient identifier pertaining to a recipient, and recipient authentication information pertaining to the recipient, from the second client computer to a third server computer;
  
  authenticating the recipient at the third server computer by comparing the recipient authentication information from the second client computer to recipient authentication information stored in a database;
  
  encoding the recipient identifier at the third server computer;
  
  communicating the encoded recipient identifier and the key to the second server computer;
  
  matching the secure package identifier received from the third server computer with the secure package identifier created by the second server computer, and communicating the key from the second server computer to the third server computer only if the encoded recipient identifier from the third server computer matches one of the encoded recipient identifiers received from the second server computer; and
  
  communicating the key from the third server computer to the second client computer.

29. A non-transitory computer-readable medium encoded with code segments for enabling a secure data transfer system, the computer-readable medium comprising:
- a code segment for enabling a first computer to receive, from a second computer and at the start of a transaction, a key for encoding and decoding transfer data, wherein the key is unique for the transaction, sender authentication information, and a recipient identifier, and to communicate the recipient identifier and the key to a third computer only if the sender authentication information received by the first computer matches sender authentication information stored in a database;
  
  a code segment for enabling the third computer to create a first secure package identifier that uniquely identifies data to be transferred and is unique for the transaction, to associate the key and the recipient identifier with the first secure package identifier, and to communicate the first secure package identifier to the first computer;
  
  a code segment for enabling the first computer to communicate the first secure package identifier to the second computer;
  
  a code segment for enabling the first computer to receive a user identifier, user authentication information, and a second secure package identifier from a fourth computer, and to communicate the second secure package identifier and the user identifier to the third computer only if the user authentication information received by the first computer matches user authentication information stored in the database;
  
  a code segment for enabling the third computer to communicate the key to the first computer only if the second secure package identifier matches the first secure package identifier and if the user identifier received from the first computer matches the recipient identifier associated with the secure package identifier; and
  
  a code segment for enabling the first computer to communicate the key to the fourth computer.
- View Dependent Claims (30)
- - 30. The non-transitory computer-readable medium as set forth in claim 29, further comprising:
    - a code segment for enabling a fifth computer to receive a user identifier, user authentication information, and a third secure package identifier from the fourth computer, and to communicate the third secure package identifier and the user identifier to the third computer only if the user authentication information matches authentication information stored in the database;
      
      a code segment for enabling the third computer to communicate the key to the fifth computer only if the third secure package identifier matches the first secure package identifier and if the user identifier received from the fifth computer matches the recipient identifier associated with the first secure package identifier; and
      
      a code segment for enabling the fifth computer to communicate the key to a sixth computer.

31. A non-transitory computer-readable medium encoded with code segments for enabling a secure data transfer system, the computer-readable medium comprising:
- a code segment for receiving, at the start of a transaction, first user authentication information, a key for encoding and decoding transfer data, wherein the key is unique for the transaction, and a recipient identifier from a first external location;
  
  a code segment for communicating a first user identifier and the key to a second external location;
  
  a code segment for enabling the first external location to receive sender authentication information from a first user and to communicate the sender authentication information to the second external location;
  
  a code segment for creating a secure package identifier that is unique for the transaction and uniquely identifies data to be transferred from the first external location to at least a third external location;
  
  a code segment for comparing the sender authentication information received from the first external location with sender authentication information stored in a database and communicating the secure package identifier to the first external location only if the sender authentication information received from the first external location matches the sender authentication information stored in the database;
  
  a code segment for receiving a second secure package identifier and second user authentication information from the third external location;
  
  a code segment for communicating the second secure package identifier to the second external location;
  
  a code segment for receiving the key from the second external location; and
  
  a code segment for communicating the key to the third external location.

32. A non-transitory computer-readable storage medium with an executable program stored thereon for enabling a secure data transfer system to perform a transaction, wherein the program instructs one or more microprocessors to perform the following steps:
- enabling a sender client to receive input from a first user identifying transfer data and a recipient identifier to initiate the transaction;
  
  enabling the sender client to create a key for encoding and decoding the transfer data, wherein the key is unique for the transaction, encode the transfer data using the key, and communicate the key and the recipient identifier to a server;
  
  enabling the sender client to receive sender authentication information from the first user and to communicate the sender authentication information to the server;
  
  enabling the server to create a secure package identifier that is unique for the transaction, uniquely identifies the transfer data, and is associated with the recipient identifier and the key, to compare the sender authentication information received from the sender client with sender authentication information stored in a database, and to communicate the secure package identifier to the sender client only if the sender authentication information received from the sender client matches the sender authentication information stored in the database;
  
  enabling the sender client to communicate the encoded transfer data and the secure package identifier to a recipient client;
  
  enabling the recipient client to receive from a second user a user identifier and to communicate the user identifier and the secure package identifier to the server; and
  
  enabling the server to communicate the key to the recipient client only if the secure package identifier received from the recipient client matches the secure package identifier created by the server and if the user identifier matches the recipient identifier.
- View Dependent Claims (33)
- - 33. The non-transitory computer-readable storage medium of claim 32, further enabling the recipient client to decode the encoded transfer data using the key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CIP, LLC
Original Assignee
Ceelox Patents, LLC
Inventors
Pizano, Erix
Primary Examiner(s)
Arani, Taghi
Assistant Examiner(s)
LEE, JASON T

Application Number

US11/538,867
Publication Number

US 20080086646A1
Time in Patent Office

2,371 Days
Field of Search

713/189, 713/150, 713/165, 713/166, 713/167, 713/179, 726/2, 726/3, 726 13- 15, 380/201, 380/255, 380277-278, 705/57, 705/64, 717/120, 717/121
US Class Current

713/179
CPC Class Codes

H04L 2209/24   Key scheduling, i.e. genera...

H04L 2209/42   Anonymization, e.g. involvi...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/08   for authentication of entit...

H04L 63/0861   using biometrical features,...

H04L 63/0876   based on the identity of th...

H04L 9/0816   Key establishment, i.e. cry...

H04L 9/0819   Key transport or distributi...

H04L 9/321   involving a third party or ...

H04L 9/3231   Biological data, e.g. finge...

System and method of secure encryption for electronic data transfer

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

29 Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

System and method of secure encryption for electronic data transfer

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

29 Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links