Security system

US 9,356,926 B1
Filed: 02/18/2014
Issued: 05/31/2016
Est. Priority Date: 04/29/2005
Status: Active Grant

First Claim

Patent Images

1. A method for processing an electronic signature, comprising:

receiving a request at a server computer for a document that requires an electronic signature of a user at a client computer remote from the server computer;

signing the document by the server computer with an organizational key;

transmitting a hyperlink to the client computer that specifies the location of the document signed with the organizational key;

receiving, at the server computer from the client computer, data that indicates that the user electronically signed the document; and

signing the document by the server computer with a key assigned to the user of the client computer in response to the validation of the user'"'"'s electronic signature;

where neither the organizational key nor the key assigned to the user are accessible to the client computer.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security system includes an interface, a main computer, and an application server. The interface enables a user to access a remote document related to a product. The main computer stores documents related to the product and generates a pair of localized encryption keys. The encryption keys include a first key that encrypts data and second key that decrypts the data. An application server that is remote from the interface transmits and receives the document from the interface. The main computer authenticates the integrity of the document in a local operation by signing the document with the first key before it is transmitted to the interface and by signing the document with the second key after it is received from the interface. A method of authenticating the integrity of information related to a selected product stored on a main computer includes generating the localized pair of encryption keys; signing the document with the first key at the main computer; transmitting the signed document to an interface or a Web browser; and signing the document with the second key at the main computer when the document is received from the interface or the Web browser.

20 Citations

21 Claims

1. A method for processing an electronic signature, comprising:
- receiving a request at a server computer for a document that requires an electronic signature of a user at a client computer remote from the server computer;
  
  signing the document by the server computer with an organizational key;
  
  transmitting a hyperlink to the client computer that specifies the location of the document signed with the organizational key;
  
  receiving, at the server computer from the client computer, data that indicates that the user electronically signed the document; and
  
  signing the document by the server computer with a key assigned to the user of the client computer in response to the validation of the user'"'"'s electronic signature;
  
  where neither the organizational key nor the key assigned to the user are accessible to the client computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1 further comprising generating the organizational key at the server computer.
  - 3. The method of claim 1 further comprising hashing the document to render a value that verifies the integrity of the document.
  - 4. The method of claim 1 further comprising generating a journal key that identifies the document signed by the server computer with an organizational key.
  - 5. The method of claim 1 further comprising signing the user'"'"'s electronic signature of the document with the user key.
  - 6. The method of claim 1 further comprising archiving the signed document in response to a server initiated event.
  - 7. The method of claim 1 further comprising archiving the signed document in response to an asynchronous event.
  - 8. The method of claim 1 further comprising dynamically generating the document by combining variable data received from the client computer with constant data stored at the server computer.
  - 9. The method of claim 8 where the variable data received from the client computer is combined with constant data stored at the server computer in response to receipt of a journal key at the server computer.
  - 10. The method of claim 1 further comprising streaming the document signed with the organizational key to the client computer.
  - 11. The method of claim 1 further comprising streaming the document signed with the organizational key to the client computer from the server computer.
  - 12. The method of claim 1 further comprising dynamically generating the user key and a digital certificate message at a cryptography server.
  - 13. The method of claim 1 where the validation of the of the user'"'"'s electronic signature occurs at a system remote from the server computer and remote from the client computer.
  - 14. The method of claim 13 where the validation of the user'"'"'s electronic signature occurs through a public key infrastructure.
  - 15. The method of claim 1 where the validation of the user'"'"'s electronic signature occurs through a public key infrastructure.
  - 16. The method of claim 1 where the communication between the client computer and the server computer utilizes a secure socket layer or a transport layer security.
  - 17. The method of claim 1 further comprising signing the document with an electronic signature comprising an asymmetric key generated in a public key infrastructure process.
  - 18. The method of claim 1 further comprising redirecting the user to a Web page.

19. A method for processing an electronic signature, comprising:
- receiving a request at a server computer for a document that requires an electronic signature of user at a client computer remote from the server computer through a uniform resource locator comprising an address for the server computer on a computer network;
  
  signing the document by the server computer with an organizational key;
  
  streaming the document signed with the organizational key to the client computer;
  
  receiving, at the server computer from the client computer, data that indicates that the user electronically signed the document; and
  
  signing the document by the server computer in response to the validation of the user'"'"'s electronic signature with a key assigned to the user of the client computer;
  
  where neither the organizational key nor the key assigned to the user are accessible to the client computer.

20. A method for processing an electronic signature, comprising:
- receiving a request at a server computer for a document that requires an electronic signature of user at a client computer remote from the server computer;
  
  generating an organizational key at the server computer;
  
  signing the document by the server computer with the organizational key;
  
  streaming a hyperlink to the client computer that specifies the location of the document signed with the organizational key;
  
  streaming the document signed with the organizational key to the client computer;
  
  receiving, at the server computer from the client computer, data that indicates that the user electronically signed the document; and
  
  signing the document by the server computer in response to the validation of the user'"'"'s electronic signature with a key assigned to the user of the client computer;
  
  where neither the organizational key nor the key assigned to the user are accessible to the client computer.

21. A method for processing an electronic signature, comprising:
- receiving a request at a server computer, through a uniform resource locator comprising an address for the server computer on a computer network, for a document that requires an electronic signature of user at a client computer remote from the server computer;
  
  generating an organizational key at the server computer;
  
  signing the document by the server computer with the organizational key;
  
  transmitting to the client computer the document signed with the organizational key;
  
  receiving, at the server computer from the client computer, data that indicates that the user electronically signed the document; and
  
  signing the document by the server computer in response to the validation of the user'"'"'s electronic signature with a key assigned to the user of the client computer;
  
  where neither the organizational key nor the key assigned to the user are accessible to the client computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Progressive Casualty Insurance Company (Progressive Corporation)
Original Assignee
Progressive Casualty Insurance Company (Progressive Corporation)
Inventors
Thomas, Michael F., Polak, Martin R., Kunc, Dennis C., Stanich, Frank N. Jr., Ling, Raymond S.
Primary Examiner(s)
Tolentino, Roderick

Application Number

US14/183,126
Time in Patent Office

833 Days
Field of Search

713165-167
US Class Current

1/1
CPC Class Codes

H04L 63/0478   applying multiple layers of...

H04L 63/08   for authentication of entit...

H04L 63/0823   using certificates cryptogr...

Security system

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Security system

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links