Document image authenticating server

US 9,081,987 B2
Filed: 03/28/2007
Issued: 07/14/2015
Est. Priority Date: 03/28/2007
Status: Active Grant

First Claim

Patent Images

1. A server system comprising:

a first memory;

a second memory; and

a processor coupled with the first memory and the second memory thatcaptures images of documents associated with one or more workflows and tag the collected document images with workflow information indicative of an associated workflow, wherein for each tagged document image, the workflow information comprises a metadata triplet that includes a workflow type, a workflow instance, and a control point, wherein the workflow type differentiates between different workflow processes, each of the different workflow processes comprising a control point execution sequence associated with a corresponding workflow process, the workflow instance differentiates between different instances of the same workflow type, and the control point indicates a stage in an instance of a workflow process for which the tagged document serves as a visual record of execution of the control point,stores the captured images of documents and metadata in the first memory, the first memory being accessible for verification operations performed with respect to the workflow,stores a log that includes entries with one or more media identifiers corresponding to the captured images in the second memory, the second memory being accessible for verification operations performed with respect to the workflow,generates log data corresponding to the images associated with workflows captured at the document receiving interface and store the log data in the log, andprovides information about the log to another application, store entanglement information into the log, and use the entanglement information to verify compliance with a regulation for execution of a workflow during a selected time period comprising, further compromising the processorselecting a set of instances of the workflow, wherein each instance in the set is randomly selected from among all instances of the workflow created during the selected time period, instances selected for the set being based on a total number of instances created during the selected time period,for each instance of the work flow in the set of instances, auditing a control point execution sequence in said each instance of the workflow by determining that one or more entries corresponding to document images associated with control points in the workflow existed in the log at specific times corresponding to an order of the sequence of control points, wherein an existing entry in the log is verified to have existed at the specific time by utilizing entanglement information in the log stored after the entry in the log, the entanglement information indicative of a peer server that supplies a clock value when hash values are verified, a first index and a first hash value from the log that are verifiable by the peer server, and a second index and a second hash value stored by the peer server that verify the existing entry, andverifying compliant execution of the workflow during the selected time period based on a determination that the control point execution sequence for all instances of the workflow in the selected set of instances has been successfully audited.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A document image authenticating server and method for using the same are described. In one embodiment, the method comprises a document receiving interface to capture images of documents associated with one or more workflows and tag the collected document with workflow information indicative of its associated workflow; a first memory to store images of documents captured by the document receiving interface and metadata, the first memory being accessible for verification operations performed with respect to the workflow; a second memory to store a log that includes entries with one or more media identifiers corresponding to the captured images, the second memory being accessible for verification operations performed with respect to the workflow; a first unit to generate log data corresponding to the images associated with workflows captured at the document receiving interface and to store the log data in the log; and a second unit to provide information about the log to another application.

14 Citations

View as Search Results

21 Claims

1. A server system comprising:
- a first memory;
  
  a second memory; and
  
  a processor coupled with the first memory and the second memory thatcaptures images of documents associated with one or more workflows and tag the collected document images with workflow information indicative of an associated workflow, wherein for each tagged document image, the workflow information comprises a metadata triplet that includes a workflow type, a workflow instance, and a control point, wherein the workflow type differentiates between different workflow processes, each of the different workflow processes comprising a control point execution sequence associated with a corresponding workflow process, the workflow instance differentiates between different instances of the same workflow type, and the control point indicates a stage in an instance of a workflow process for which the tagged document serves as a visual record of execution of the control point,stores the captured images of documents and metadata in the first memory, the first memory being accessible for verification operations performed with respect to the workflow,stores a log that includes entries with one or more media identifiers corresponding to the captured images in the second memory, the second memory being accessible for verification operations performed with respect to the workflow,generates log data corresponding to the images associated with workflows captured at the document receiving interface and store the log data in the log, andprovides information about the log to another application, store entanglement information into the log, and use the entanglement information to verify compliance with a regulation for execution of a workflow during a selected time period comprising, further compromising the processorselecting a set of instances of the workflow, wherein each instance in the set is randomly selected from among all instances of the workflow created during the selected time period, instances selected for the set being based on a total number of instances created during the selected time period,for each instance of the work flow in the set of instances, auditing a control point execution sequence in said each instance of the workflow by determining that one or more entries corresponding to document images associated with control points in the workflow existed in the log at specific times corresponding to an order of the sequence of control points, wherein an existing entry in the log is verified to have existed at the specific time by utilizing entanglement information in the log stored after the entry in the log, the entanglement information indicative of a peer server that supplies a clock value when hash values are verified, a first index and a first hash value from the log that are verifiable by the peer server, and a second index and a second hash value stored by the peer server that verify the existing entry, andverifying compliant execution of the workflow during the selected time period based on a determination that the control point execution sequence for all instances of the workflow in the selected set of instances has been successfully audited.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The server system defined in claim 1, further comprising the processor logging data by generating a media identifier for each captured document and storing each media identifier in the log.
  - 3. The server defined in claim 2 wherein the media identifier comprises a hash value generated by applying a hashing function to said each captured document.
  - 4. The server defined in claim 3, further comprising the processor adding the hash value to the log with a rolling checksum.
  - 5. The server defined in claim 4, further comprising the processor adding workflow tags and checksums from other servers into the log.
  - 6. The server defined in claim 1 wherein the log stores entries that comprise a log entry type, a message hash, and a rolling hash.
  - 7. The server defined in claim 6 wherein the log entry type is determined from content of the captured image.
  - 8. The server defined in claim 1, further comprising the processor exchanging cryptographic checksum information with the peer server.
  - 9. The server defined in claim 1, further comprising the processor capturing information associated with the document being captured.
  - 10. The server defined in claim 1 wherein each workflow includes a plurality of control points, where each control point is associated with at least one visual record.
  - 11. The server defined in claim 1, further comprising the processor generating a time of initial storage and one or more data associated with images that are associate with a control point.
  - 12. The server defined in claim 1, further comprising the processor supporting interactions by adding tagged media images to the log and the image store and provides access to media to verify compliance of the regulation.
  - 13. The server defined in claim 1 wherein the first memory and the second memory are on the same device.
  - 14. The server defined in claim 1 wherein the second memory stores authentication information associated with one or more documents stored in the first memory.
  - 15. The server defined in claim 1 wherein the first memory stores authentication information.
  - 16. The server defined in claim 1 wherein the first memory stores a certificate validating a first document.
  - 17. The server defined in claim 1 wherein each of the plurality of workflows represents a business process, and further wherein each of the plurality of workflows has a plurality of control points, wherein the control points are items examined in an audit and each control point has one or more documents with it to verify that the control was implemented based at least in part on the utilization of the entanglement information to verify the one or more documents existed at the specific time.
  - 18. The server system defined in claim 1, further comprising the processor exchanging information with at least one other device to receive the entanglement information.

19. A method comprising:
- receiving images of documents associated with control points of one or more workflows, wherein each of the plurality of workflows represents a business process, and further wherein each of the plurality of workflows has a plurality of control points, wherein the control points are a sequence of items examined in an audit and each control point has one or more documents associated with it that serve as a visual record that verify that the control point was implemented;
  
  tagging the collected document images with workflow information indicative of an associated workflow, wherein for each tagged document image, the workflow information comprises a metadata triplet that includes a workflow type, a workflow instance, and a control point, wherein the workflow type differentiates between different workflow processes, each of the different workflow processes comprising a control point execution sequence in a workflow process, the workflow instance differentiates between different instances of the same workflow type, and the control point indicates a stage in an instance of a workflow process for which the tagged document serves as a visual record of execution of the control point;
  
  storing received images of documents with metadata in a memory accessible for verification operations performed with respect to the workflow;
  
  storing a log that includes, generating log information in a log, the log information corresponding to the received images associated with workflows, the log including entries with one or more media identifiers corresponding to the received images; and
  
  interacting with one or more other devices to provide log information, wherein interacting with one or more devices to exchange log information comprises entangling the log with a log of each of the one or more other devices, wherein the entangling allows verification of compliance with a regulation for execution of a workflow during a selected time period comprisingselecting a set of instances of the workflow, wherein each instance in the set is randomly selected from among all instances of the workflow created during the selected time period, instances selected for the set being based on a total number of instances created during the selected time period,for each instance of the work flow in the set of instances, auditing the control point execution sequence in said each instance of the workflow by determining that one or more entries corresponding to document images associated with control points in the workflow existed in the log at specific times corresponding to an order of the sequence of control points, wherein an existing entry in the log is verified to have existed at the specific time by utilizing entanglement information in the log stored after the entry in the log, the entanglement information indicative of a peer server that supplies a clock value when hash values are verified, a first index and a first hash value from the log that are verifiable by the peer server, and a second index and a second hash value stored by the peer server that verify the existing entry, andverifying the compliant execution of the workflow during the selected time period based on a determination that the control point execution sequence for all instances of the workflow in the selected set of instances has been successfully audited.
- View Dependent Claims (20, 21)
- - 20. The method defined in claim 19 further comprising:
    - generating a hash value for each captured document by applying a hashing function to each received document; and
      
      storing each media identifier in the log with a rolling checksum.
  - 21. The method defined in claim 19 wherein interacting with one or more devices to exchange log information comprises actively posting a hash of the log to one or more other logs, recording information in the log about the one or more other logs that interacted with the log to facilitate subsequent verification of log information stored in the log.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ricoh Company Limited
Original Assignee
Ricoh Company Limited
Inventors
Gormish, Michael, Ridout, Kevin
Primary Examiner(s)
Smith, Brannon W

Application Number

US11/692,834
Publication Number

US 20080243898A1
Time in Patent Office

3,030 Days
Field of Search

707/758
US Class Current

1/1
CPC Class Codes

G06F 21/64   Protecting data integrity, ...

G06F 2221/2101   Auditing as a secondary aspect

G06Q 10/10   Office automation; Time man...

Document image authenticating server

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

14 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Document image authenticating server

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links