×

Secure, auditable file exchange system and method

  • US 8,543,816 B2
  • Filed: 08/15/2011
  • Issued: 09/24/2013
  • Est. Priority Date: 08/18/2010
  • Status: Expired due to Fees
0
Associated Cases
0
Associated Defendants
0
Product Citations
0
Petitions
12
Forward Citations
1
Assignment
First Claim
Patent Images

1. A computer-implemented method for providing a secure file-exchange service, the method comprising:

  • obtaining, by a file-exchange server from a remote member device, new member information including identity information and a professional credential associated with a new member;

    verifying, by said file-exchange server according to said identity information, that said new member has a personal identity as indicated by said identity information, and that said new member has a professional designation as indicated by said professional credential;

    when said new member'"'"'s personal identity and professional designation have been verified, designating said new member as a verified-professional member and obtaining, by said file-exchange server, a member public key of a public/private key pair for said verified-professional member;

    generating, by said file-exchange server, a member widget indicating said verified-professional member'"'"'s status as a verified professional and being configured to accept files submitted for secure transfer to said verified-professional member;

    providing, by said file-exchange server, said member widget for publication by said new member;

    receiving an indication, by said file-exchange server via said published member widget, to provide a file from a remote sender device to said verified-professional member;

    obtaining, by said file-exchange server from said remote sender device via said published member widget, metadata associated with said file;

    obtaining, by said file-exchange server, a reference cryptographic integrity code derived from said file;

    obtaining, by said file-exchange server from said remote sender device via said published member widget, an encrypted copy of said file, said encrypted copy being encrypted with said member public key;

    storing said metadata, said reference cryptographic integrity code, and said encrypted copy in a non-transient data store;

    receiving, from said remote member device, a request for said file; and

    in response to said request;

    retrieving said encrypted copy from said data store;

    sending said encrypted copy to said remote member device for decryption, according to said private key, into an unconfirmed unencrypted file;

    receiving, from said remote member device, an unconfirmed cryptographic integrity code derived from said unconfirmed unencrypted file;

    determining whether said unconfirmed cryptographic integrity code matches said reference cryptographic integrity code; and

    when said unconfirmed cryptographic integrity code is determined to match said reference cryptographic integrity code, confirming to said remote member device that said unconfirmed unencrypted file is a correct copy of said file.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×