Secure file transfer and notification server

US 9,473,506 B1
Filed: 11/07/2014
Issued: 10/18/2016
Est. Priority Date: 10/15/2013
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

determining that a file is a revised version of an existing file;

subsequent to determining that the file is the revised version of the existing file, encrypting, using one or more computing devices, the file and sending a notification of the existence of the file to a first requestor, the first requestor located behind a network separation device;

sending, using the one or more computing devices, via a secure channel, a packet to a group having one or more members including the first requestor, the group authorized to access the encrypted file, the packet associated with the encrypted file and including access information for the encrypted file;

receiving, using the one or more computing devices, a first request for the encrypted file from the first requestor; and

sending, using the one or more computing devices, the encrypted file to the first requestor via an unsecured channel that performs caching, wherein the first requestor is able to access the encrypted file using the packet when the first requestor is a member of the group authorized to access the encrypted file and received the packet via the secure channel and wherein the first requestor is unable to access the encrypted file when the first requestor is not a member of the group authorized to access the encrypted file.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method and computer readable medium for secure file transfer is disclosed. In one embodiment, the system encrypts a file; sends, via a secure channel, a packet to a group having one or more members, the group authorized to access the encrypted file, the packet associated with the encrypted file and including access information for the encrypted file; receives a first request for the encrypted file from a first requestor; and sends the encrypted file to the first requestor via an unsecured channel that performs caching, wherein the first requestor is able to access the encrypted file using the packet when the first requestor is a member of the group authorized to access the encrypted file and received the packet via the secure channel and unable to access the encrypted file when the first requestor is not a member of the group authorized to access the encrypted file.

31 Citations

View as Search Results

16 Claims

1. A method, comprising:
- determining that a file is a revised version of an existing file;
  
  subsequent to determining that the file is the revised version of the existing file, encrypting, using one or more computing devices, the file and sending a notification of the existence of the file to a first requestor, the first requestor located behind a network separation device;
  
  sending, using the one or more computing devices, via a secure channel, a packet to a group having one or more members including the first requestor, the group authorized to access the encrypted file, the packet associated with the encrypted file and including access information for the encrypted file;
  
  receiving, using the one or more computing devices, a first request for the encrypted file from the first requestor; and
  
  sending, using the one or more computing devices, the encrypted file to the first requestor via an unsecured channel that performs caching, wherein the first requestor is able to access the encrypted file using the packet when the first requestor is a member of the group authorized to access the encrypted file and received the packet via the secure channel and wherein the first requestor is unable to access the encrypted file when the first requestor is not a member of the group authorized to access the encrypted file.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising:
    - generating, before providing the packet to the group, the packet, the access information comprising identification of the encrypted file with which the packet is associated and a shared key for decrypting the encrypted file with which the packet is associated.
  - 3. The method of claim 1, the method including determining that a second file is newly created and, responsive to determining that the second file is a newly created file, automatically sending a notification of the existence of the second file and encrypting the second file.
  - 4. The method of claim 1, further comprising:
    - subsequent to sending the notification of the file, establishing the secure channel for providing the packet to the first requestor located behind the network separation device.
  - 5. The method of claim 1, wherein a copy of the encrypted file is obtained from a cache of the unsecured channel responsive to a second request for the encrypted file, the second request occurring subsequent to the first request for the encrypted file.
  - 6. The method of claim 1, wherein the group includes one or more of a persistent group and a file specific group.
  - 7. The method of claim 1, wherein the network separation device is one or more of a firewall and a network address translator.

8. A system, comprising:
- one or more servers, the one or more servers configured to determine that a file is a revised version of an existing file, the one or more servers including;
  
  a file encryption module configured to, subsequent to determining that the file is the revised version of an existing file, encrypt the file;
  
  a notification module, the notification module configured to send a notification of the existence of the file to a first requestor, the first requestor located behind a network separation device;
  
  a packet creation module configured to send, via a secure channel, a packet to a group having one or more members including the first requestor, the group authorized to access the encrypted file, the packet associated with the encrypted file and including access information for the encrypted file;
  
  the one or more servers configured to receive a first request for the encrypted file from the first requestor; and
  
  the one or more servers configured to send the encrypted file to the first requestor via an unsecured channel that performs caching, wherein the first requestor is able to access the encrypted file using the packet when the first requestor is a member of the group authorized to access the encrypted file and received the packet via the secure channel and unable to access the encrypted file when the first requestor is not a member of the group authorized to access the encrypted file.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the packet creation module generates the packet before providing the packet to the group, the access information comprising identification of the encrypted file with which the packet is associated and a shared key for decrypting the encrypted file with which the packet is associated.
  - 10. The system of claim 8, the one or more servers determining that a second file is newly created and, responsive to determining that the second file is a newly created file, automatically sending a notification of the existence of the second file and encrypting the second file.
  - 11. The system of claim 8, wherein the one or more servers establish the secure channel for providing the packet to the first requestor located behind the network separation device subsequent to sending the notification of the existence of the file.
  - 12. The system of claim 8, including a cache of the unsecured channel for caching content sent via the unsecured channel, and wherein a copy of the encrypted file is obtained from the cache of the unsecured channel responsive to a second request of the encrypted file, the second request occurring subsequent to the first request for the encrypted file.
  - 13. The system of claim 8, wherein the group includes one or more of a persistent group and a file specific group.
  - 14. The system of claim 8, wherein the network separation device is one or more of a firewall and a network address translator.

15. A computing device usable medium including instructions that when executed on a computing device causes the computing device to:
- determine that a file is a revised version of an existing file;
  
  subsequent to determining that the file is the revised version of the existing file, encrypt the file and send a notification of the existence of the file to a first requestor, the first requestor located behind a network separation device;
  
  send, via a secure channel, a packet to a group having one or more members including the first requestor, the group authorized to access the encrypted file, the packet associated with the encrypted file and including access information for the encrypted file;
  
  receive a first request for the encrypted file from the first requestor; and
  
  send the encrypted file to the first requestor via an unsecured channel that performs caching, wherein the first requestor is able to access the encrypted file using the packet when the first requestor is a member of the group authorized to access the encrypted file and received the packet via the secure channel and unable to access the encrypted file when the first requestor is not a member of the group authorized to access the encrypted file.
- View Dependent Claims (16)
- - 16. The computing device usable medium of claim 15, wherein the first requestor is located behind a network separation device, the computing device including instructions that when executed notify the first requestor located behind the network separation device of the existence of the file, receive a packet request from the first requestor and send the packet to the first requestor responsive to receiving the packet request and a determination that the first requestor is a member of the group.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Progress Software Corporation
Original Assignee
Progress Software Corporation
Inventors
Fischer, Robert, Hensley, John Alan
Primary Examiner(s)
Tabor, Amare F

Application Number

US14/536,468
Time in Patent Office

711 Days
Field of Search

713/165
US Class Current

1/1
CPC Class Codes

G06F 21/6218   to a system of files or obj...

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/104   Grouping of entities

H04L 67/02   based on web technology, e....

Secure file transfer and notification server

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

31 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Secure file transfer and notification server

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others