Secure data transfer system and method
First Claim
1. For securely transferring confidential electronic records from a first computer system at a source facility to a second computer system at a destination facility, a method comprising:
- (a) employing the first computer system to select confidential electronic records to be sent from the source facility to the destination facility and select parameters to be employed to secure and control the transfer of the selected confidential electronic records;
(b) creating a copy of the selected confidential electronic records and storing the copy on a local storage device;
(c) compressing the copy into a single encrypted binary file using a one-time random transaction password having a password bit size, splitting the single binary file into a plurality of encrypted chunked files using a one-time random transaction password and performing a checksum for each of said plurality of encrypted chunked files;
(d) creating an encrypted sector file using the one-time random transaction password, the encrypted sector file comprising the password bit size, a transaction protocol, a transaction type, an address of the first computer, the name of each chunked file and the checksum of each chunked file;
(e) storing the one-time random transaction password in a password file and encrypting the password file using a public certificate associated with the destination facility; and
(g) sending the encrypted chunked files, the encrypted password file and the encrypted sector file from the first computer system to a second computer system at a destination facility.
1 Assignment
0 Petitions
Accused Products
Abstract
Secure transfer of electronic files containing confidential information is achieved by selecting and copying files to be transferred to an intended recipient and, prior to transfer, subjecting the copies to consolidation, compression, chunking and encryption. Decryption, unchunking and decompression of the transferred files can only be performed by a recipient who has also received a verification code, an encrypted and password protected sector file, and an encrypted password file. Decryption of the password file requires a private certificate available only to the intended recipient. Decryption of the other files requires a one-time random transaction password contained in the password file.
35 Citations
12 Claims
-
1. For securely transferring confidential electronic records from a first computer system at a source facility to a second computer system at a destination facility, a method comprising:
-
(a) employing the first computer system to select confidential electronic records to be sent from the source facility to the destination facility and select parameters to be employed to secure and control the transfer of the selected confidential electronic records; (b) creating a copy of the selected confidential electronic records and storing the copy on a local storage device; (c) compressing the copy into a single encrypted binary file using a one-time random transaction password having a password bit size, splitting the single binary file into a plurality of encrypted chunked files using a one-time random transaction password and performing a checksum for each of said plurality of encrypted chunked files; (d) creating an encrypted sector file using the one-time random transaction password, the encrypted sector file comprising the password bit size, a transaction protocol, a transaction type, an address of the first computer, the name of each chunked file and the checksum of each chunked file; (e) storing the one-time random transaction password in a password file and encrypting the password file using a public certificate associated with the destination facility; and (g) sending the encrypted chunked files, the encrypted password file and the encrypted sector file from the first computer system to a second computer system at a destination facility. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An apparatus for securely transferring confidential electronic records from a source facility to a destination facility comprising:
-
(a) a first computer system located at a source facility and comprising a console, a first local storage device adapted to store in a searchable fashion confidential files, a second local storage device, and a portal able to transmit and receive data via the internet, said console adapted to (i) restrict access to the confidential files to authorized personnel, (ii) select confidential files to be sent from the source facility to a destination facility, (iii) select parameters to be employed to secure and control the transfer of selected confidential files, (iv) create a first copy of selected confidential files and store the first copy on the second local storage device, said first computer system further adapted to (i) compress the first copy into a single binary file and encrypt the file using a one-time random transaction password having a password bit size, (ii) split the single encrypted binary file into a plurality of chunked files, encrypt the file using a one-time random transaction password and performing a checksum for each of said plurality of chunked files, (iii) create a sector file and encrypt the sector file using a one-time random transaction password, the encrypted sector file comprising the password bit size, a transaction protocol, a transaction type, an address of at least one of the portal and the console, the name of each encrypted chunked file, and the checksum of each encrypted chunked file, and (iv) create a password file containing the one-time random transaction password and encrypt the password file using a public certificate associated with the destination facility, said portal further adapted to transmit the encrypted chunk files, the encrypted sector files, and the encrypted password file over a secure transport mechanism; (b) a second computer system located at a destination facility adapted to receive the encrypted chunked files, the encrypted sector file and the encrypted password file, decrypt the password file using a private certificate, decrypt the sector file and encrypted chunked files using the one-time random transaction password, secure a verification required to further process the encrypted chunked files, perform a checksum on the chunked files and compare the checksums for the chunked files to the checksums in the sector file, combine the chunked files into a single encrypted binary file, decrypt the single encrypted binary file using the one-time random transaction password, and decompress the decrypted binary file back to the same format as the copy to create and store a second copy on the second computer system; and (c) a cloud-based apparatus adapted to provide the first computer system with the public certificate used to encrypt the password file, and the verification.
-
Specification