Document modification detection and prevention
First Claim
Patent Images
1. A computer-implemented method comprising:
- receiving, by a computing device processor, an electronic document including content items, a rule and a digital signature, wherein the rule specifies what parts of the electronic document are allowed to change based on user interaction with the electronic document;
generating a digest for the electronic document by digesting all of the content items, using multiple functions based upon complexity of the content items, except for at least a first content item that is ignored in the digestion based on the rule;
comparing the generated digest with a stored digest that is associated with the electronic document; and
invalidating the digital signature if the generated digest indicates a difference in any of the digested content items,wherein if the generated digest indicates no difference in any of the digested content items, the method further comprises;
subsequently receiving a user input attempting to create a new state of the received electronic document;
determining whether the user input is allowed by the rule; and
invalidating the digital signature if the user input is not allowed by the rule, andwherein the rule applies differently to a first author and a second author, such that the user input causes a first digital signature of the first author to be invalidated but does not cause a second digital signature of the second author to be invalidated.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus, including computer program products, implementing and using techniques for document authentication. An electronic document is presented to a user. The electronic document has data representing a signed state and a current state. A disallowed difference between the signed state and the current state is detected, based on one or more rules that are associated with the electronic document. A digital signature associated with the electronic document is invalidated in response to the detecting.
-
Citations
15 Claims
-
1. A computer-implemented method comprising:
-
receiving, by a computing device processor, an electronic document including content items, a rule and a digital signature, wherein the rule specifies what parts of the electronic document are allowed to change based on user interaction with the electronic document; generating a digest for the electronic document by digesting all of the content items, using multiple functions based upon complexity of the content items, except for at least a first content item that is ignored in the digestion based on the rule; comparing the generated digest with a stored digest that is associated with the electronic document; and invalidating the digital signature if the generated digest indicates a difference in any of the digested content items, wherein if the generated digest indicates no difference in any of the digested content items, the method further comprises; subsequently receiving a user input attempting to create a new state of the received electronic document; determining whether the user input is allowed by the rule; and invalidating the digital signature if the user input is not allowed by the rule, and wherein the rule applies differently to a first author and a second author, such that the user input causes a first digital signature of the first author to be invalidated but does not cause a second digital signature of the second author to be invalidated. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer readable storage device storing a computer program which when executed by a processor causes the processor to perform a method comprising:
-
receiving an electronic document including content items, a rule and a digital signature, wherein the rule specifies what parts of the electronic document are allowed to change based on user interaction with the electronic document; generating a digest for the electronic document by digesting all of the content items, using multiple functions based upon complexity of the content items, except for at least a first content item that is ignored in the digestion based on the rule; comparing the generated digest with a stored digest that is associated with the electronic document; and invalidating the digital signature if the generated digest indicates a difference in any of the digested content items, wherein if the generated digest indicates no difference in any of the digested content items, the method further comprises; subsequently receiving a user input attempting to create a new state of the received electronic document; determining whether the user input is allowed by the rule; and invalidating the digital signature if the user input is not allowed by the rule, and wherein the rule applies differently to a first author and a second author, such that the user input causes a first digital signature of the first author to be invalidated but does not cause a second digital signature of the second author to be invalidated. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A system comprising:
-
a processor; and a computer readable storage device storing a computer program which when executed by the processor causes the processor to perform a method comprising; receiving an electronic document including content items, a rule and a digital signature, wherein the rule specifies what parts of the electronic document are allowed to change based on user interaction with the electronic document; generating a digest for the electronic document by digesting all of the content items, using multiple functions based upon complexity of the content items, except for at least a first content item that is ignored in the digestion based on the rule; comparing the generated digest with a stored digest that is associated with the electronic document; and invalidating the digital signature if the generated digest indicates a difference in any of the digested content items, wherein if the generated digest indicates no difference in any of the digested content items, the method further comprises; subsequently receiving a user input attempting to create a new state of the received electronic document; determining whether the user input is allowed by the rule; and invalidating the digital signature if the user input is not allowed by the rule, and wherein the rule applies differently to a first author and a second author, such that the user input causes a first digital signature of the first author to be invalidated but does not cause a second digital signature of the second author to be invalidated. - View Dependent Claims (12, 13, 14, 15)
-
Specification