Secure resource distribution through encrypted pointers

US 20040128535A1
Filed: 12/30/2002
Published: 07/01/2004
Est. Priority Date: 12/30/2002
Status: Active Grant

First Claim

Patent Images

1. A secure pointer article of manufacture comprising:

an encrypted pointer to a resource disposed in a communicatively coupled computing device;

a network address of a server computing device able to locate said resource based upon a decrypted form of said encrypted pointer; and

, an encrypted wrapper about said encrypted pointer and said network address.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure pointer. The secure pointer can include an encrypted pointer to a resource disposed in a communicatively coupled computing device. The secure pointer also can include a network address of a server computing device able to locate the resource based upon a decrypted form of the encrypted pointer. Finally, the secure pointer can include an encrypted wrapper about the encrypted pointer and the network address. Notably, the encrypted pointer can be encrypted and decrypted according to a local encryption/decryption key known to the server computing device. Yet, the encrypted wrapper can be encrypted according to a public encryption key while the encrypted wrapper can be decrypted according to a private encryption key corresponding to the public encryption key.

65 Citations

View as Search Results

21 Claims

1. A secure pointer article of manufacture comprising:
- an encrypted pointer to a resource disposed in a communicatively coupled computing device;
  
  a network address of a server computing device able to locate said resource based upon a decrypted form of said encrypted pointer; and
  
  , an encrypted wrapper about said encrypted pointer and said network address.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The secure pointer of claim 1, wherein said encrypted pointer is encrypted and can be decrypted according to a local encryption key known to said server computing device, and wherein said encrypted wrapper is encrypted according to a public encryption key and can be decrypted according to a private encryption key corresponding to said public encryption key.
  - 3. The secure pointer of claim 1, wherein said decrypted form of said encrypted pointer comprises:
    - a location of said resource; and
      
      , an identifier for a requestor of said resource.
  - 4. The secure pointer of claim 3, wherein said decrypted form of said encrypted pointer further comprises a usage policy for said resource.
  - 5. The secure pointer of claim 1, wherein said decrypted form of said encrypted pointer is encoded with markup tags specified according to the extensible markup language.

6. A method for securely distributing a requested resource to a requesting client over a computer communications network, the method comprising the steps of:
- identifying a public encryption key for the requesting client;
  
  locating the requested resource;
  
  composing a pointer based upon said location and encrypting said composed pointer using a local encryption/decryption key;
  
  combining said encrypted pointer with a network address of a server coupled to a decoding processor configured to decrypt said encrypted pointer with said local encryption/decryption key; and
  
  , encrypting said combination with said public encryption key and forwarding said encrypted combination to the requesting client;
  
  whereby the requesting client both can decrypt said encrypted combination using a private encryption key corresponding to said public encryption key, and also can access the requested resource by transmitting said combination to said server coupled to said decoding processor.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
- - 7. The method of claim 6, further comprising the steps of:
    - receiving said combination in said server coupled to said decoding processor;
      
      extracting said encrypted pointer from said combination and decrypting said encrypted pointer in said decoding processor using said local encryption/decryption key;
      
      locating the requested resource at a location specified by said pointer; and
      
      , retrieving the requested resource at said location and forwarding said retrieved requested resource to the requesting client.
  - 8. The method of claim 6, wherein said composing step further comprises the step of composing said pointer based upon an identity of the requestor.
  - 9. The method of claim 8, wherein said composing step further comprises the step of composing said pointer based upon a usage policy for the requested resource.
  - 10. The method of claim 8, wherein said composing step further comprises the step of composing said pointer with a cookie intended for disposition in the requesting client.
  - 11. The method of claim 6, wherein the requested resource is a multimedia resource selected from the group consisting of a music file, an image file and a video file.
  - 12. The method of claim 6, further comprising the step of encoding said pointer using extensible markup language markup language tags.
  - 13. The method of claim 6, wherein said forwarding step comprises the step of establishing a secured sockets layer session with the requesting client and transmitting said combination according to the hypertext transfer protocol.

14. A machine readable storage having stored thereon a computer program for securely distributing a requested resource to a requesting client over a computer communications network, the computer program comprising a routine set of instructions for causing the machine to perform the steps of:
- identifying a public encryption key for the requesting client;
  
  locating the requested resource;
  
  composing a pointer based upon said location and encrypting said composed pointer using a local encryption/decryption key;
  
  combining said encrypted pointer with a network address of a server coupled to a decoding processor configured to decrypt said encrypted pointer with said local encryption/decryption key; and
  
  , encrypting said combination with said public encryption key and forwarding said encrypted combination to the requesting client;
  
  whereby the requesting client both can decrypt said encrypted combination using a private encryption key corresponding to said public encryption key, and also can access the requested resource by transmitting said combination to said server coupled to said decoding processor.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
- - 15. The machine readable storage of claim 14, further comprising the steps of:
    - receiving said combination in said server coupled to said decoding processor;
      
      extracting said encrypted pointer from said combination and decrypting said encrypted pointer in said decoding processor using said local encryption/decryption key;
      
      locating the requested resource at a location specified by said pointer; and
      
      , retrieving the requested resource at said location and forwarding said retrieved requested resource to the requesting client.
  - 16. The machine readable storage of claim 14, wherein said composing step further comprises the step of composing said pointer based upon an identity of the requestor.
  - 17. The machine readable storage of claim 16, wherein said composing step further comprises the step of composing said pointer based upon a usage policy for the requested resource.
  - 18. The machine readable storage of claim 16, wherein said composing step further comprises the step of composing said pointer with a cookie intended for disposition in the requesting client.
  - 19. The machine readable storage of claim 14, wherein the requested resource is a multimedia resource selected from the group consisting of a music file, an image file and a video file.
  - 20. The machine readable storage of claim 14, further comprising the step of encoding said pointer using extensible markup language markup language tags.
  - 21. The machine readable storage of claim 14, wherein said forwarding step comprises the step of establishing a secured sockets layer session with the requesting client and transmitting said combination according to the hypertext transfer protocol.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Cheng, Li-Te

Granted Patent

US 7,441,116 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

G06F 21/6209 to a single file or object,...

G06Q 20/3821 Electronic credentials

Secure resource distribution through encrypted pointers

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

65 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Secure resource distribution through encrypted pointers

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

65 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links