Trusted and secure techniques, systems and methods for item delivery and execution
DCFirst Claim
1. A system including:
- a first apparatus including, user controls, a communications port, a processor, a memory storing;
a first secure container containing a governed item, the first secure container governed item being at least in part encrypted;
a first secure container rule at least in part governing an aspect of access to or use of said first secure container governed item; and
a second secure container, the second secure container containing audit information; and
hardware or software used for receiving and opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said protected processing environment including hardware or software used for applying said first secure container rule and a second secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item contained in a secure container; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses.
2 Assignments
Litigations
0 Petitions
Accused Products
Abstract
Documents and other items can be delivered electronically from sender to recipient with a level of trustedness approaching or exceeding that provided by a personal document courier. A trusted electronic go-between can validate, witness and/or archive transactions while, in some cases, actively participating in or directing the transaction. Printed or imaged documents can be marked using handwritten signature images, seal images, electronic fingerprinting, watermarking, and/or steganography. Electronic commercial transactions and transmissions take place in a reliable, “trusted” virtual distribution environment that provides significant efficiency and cost savings benefits to users in addition to providing an extremely high degree of confidence and trustedness. The systems and techniques have many uses including but not limited to secure document delivery, execution of legal documents, and electronic data interchange (EDI).
1769 Citations
131 Claims
-
1. A system including:
-
a first apparatus including, user controls, a communications port, a processor, a memory storing;
a first secure container containing a governed item, the first secure container governed item being at least in part encrypted;
a first secure container rule at least in part governing an aspect of access to or use of said first secure container governed item; and
a second secure container, the second secure container containing audit information; and
hardware or software used for receiving and opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said protected processing environment including hardware or software used for applying said first secure container rule and a second secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item contained in a secure container; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses.
-
-
2. A system including:
-
a first apparatus including, user controls, a communications port, a processor, a memory storing;
a first secure container containing a governed item, the first secure container governed item being at least in part encrypted;
the first secure container having been received from a second apparatus;
a first secure container rule at least in part governing an aspect of access to or use of said first secure container governed item, the first secure container rule, the first secure container rule having been received from a third apparatus different from said second apparatus; and
hardware or software used for receiving and opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said protected processing environment including hardware or software used for applying said first secure container rule and a second secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item contained in a secure container; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses.
-
-
3. A system including:
-
a first apparatus including, user controls, a communications port, a processor, a memory storing;
a first secure container containing a governed item, the first secure container governed item being at least in part encrypted;
a first secure container rule at least in part governing an aspect of access to or use of said first secure container governed item; and
a second secure container containing a digital certificate;
hardware or software used for receiving and opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said protected processing environment including hardware or software used for applying said first secure container rule and a second secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item contained in a secure container; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses. - View Dependent Claims (4)
-
-
5. A system including:
-
a first apparatus including, user controls, a communications port, a processor, a memory storing, a first secure container containing a governed item, the first secure container governed item being at least in part encrypted;
a first secure container rule at least in part governing an aspect of access to or use of said first secure container governed item; and
a second secure container containing a digital signature, the second secure container being different from said first secure container;
hardware or software used for receiving and opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said protected processing environment including hardware or software used for applying said first secure container rule and a second secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item contained in a secure container; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses. - View Dependent Claims (6)
-
-
7. A system including:
-
a first apparatus including, user controls, a communications port, a processor, a memory storing;
a first secure container containing a governed item, the first secure econainer governed item being at least in part encrypted;
a first secure container rule at least in part governing an aspect of access to or use of said first secure container governed item; and
an electronic seal including receipt information;
hardware or software used for receiving and opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said protected processing environment including hardware or software used for applying said first secure container rule and a second secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item contained in a secure container; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses.
-
-
8. A system including:
-
a first apparatus including, user controls, a communications port, a processor, a memory storing;
a first secure container containing a governed item, the first secure container governed item being at least in part encrypted;
a first secure container rule at least in part governing an aspect of access to or use of said first secure container governed item; and
an electronic seal including usage information;
hardware or software used for receiving and opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said protected processing environment including hardware or software used for applying said first rule and a second secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item contained in secure container; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses. - View Dependent Claims (9)
-
-
10. A system including:
-
a first apparatus including, user controls, a communications port, a processor, a memory storing;
a first secure container containing a governed item, the first secure container governed item being at least in part encrypted;
a first secure container rule at least in part governing an aspect of access to or use of said first secure container governed item; and
an electronic seal including an image designed to allow for visual recognition of said seal;
hardware or software used for receiving and opening secure containers, and secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said firs apparatus, said protected processing environment including hardware or software used for applying said first rule and a second secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item contained in a secure container; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses.
-
-
11. A system including:
-
a first apparatus including, user controls, a communications port, a processor, a memory storing;
a first secure container containing a governed item, the first secure container governed item being at least in part encrypted;
a first secure container rule at least in part governing an aspect of access to or use of said first secure container governed item; and
an electronic seal including encoded information;
hardware or software used for receiving an opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said protected processing environment including hardware or software used for applying said first secure container rule and a second secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item contained in a secure container; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses. - View Dependent Claims (12)
-
-
13. A system including:
-
a first apparatus including, user controls, a communications port, a processor, a memory storing;
a first secure container containing a governed item, the first secure container governed item being at least in part encrypted;
a first secure container rule at least in part governing an aspect of access to or use of said first secure container governed item; and
an electronic seal including (a) a representation of an aspect of said governed item, said representation including a hash of at least a portion of said governed item after normalization of said portion, and (b) a item value;
hardware or software used for receiving and opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said protected processing environment including hardware or software used for applying said first secure container rule and a second secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item contained in a secure container; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses.
-
-
14. A system including:
-
a first apparatus including, user controls, a communications port, a processor, a memory storing;
a first secure container containing a governed item, the first secure container governed item being at least in part encrypted;
a first secure container rule at least in part governing an aspect of access to or use of said first secure container governed item; and
an electronic seal including encrypted information;
hardware or software used for receiving and opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said protected processing environment including hardware or software used for applying said first secure container rule and a second secure econatiner rule in combination to at least in part govern at least one aspect of access or to use of a governed item contained in a secure container; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses. - View Dependent Claims (15, 16)
-
-
17. A system including:
-
a first apparatus including, user controls, a communications port, a processor, a memory storing;
a first secure container containing a governed item, the first secure container governed item being at least in part encrypted;
a first secure container rule at least in part governing an aspect of access to or use of said first secure container governed item; and
an electronic seal including an error correction code derived from at least a portion of said first secure container governed item;
hardware or software used for receiving and opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said protected processing environment including hardware or software used for applying said first secure container rule and a second secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item contained in a secure container; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses.
-
-
18. A system including:
-
a first apparatus including, user controls, a communications port, a processor, a memory storing;
a first secure container containing a governed item, the first secure container governed item being at least in part encrypted;
a first secure container rule at least in part governing an aspect of access to or use of said first secure container governed item; and
an electronic seal stored in a secure container;
hardware or software used for receiving and opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said protected processing environment including hardware or software used for applying said first secure container rule and a second secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item contained in a secure container; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses. - View Dependent Claims (19, 20)
-
-
21. A system including:
-
a first apparatus including, user controls, a communications port, a processor, a memory storing;
a first secure container containing a governed item, the first secure container governed item being at least in part encrypted;
a first secure container rule at least in part governing an aspect of access to or use of said first secure container governed item; and
an electronic fingerprint stored in a second secure container, different from said first secure container;
hardware or software used for receiving and opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said protected processing environment including hardware or software used for applying said first secure container rule and a second secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item contained in a secure container; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses.
-
-
22. A system including:
-
a first apparatus including, user controls, a communications port, a processor, a memory storing;
a first secure container containing a governed item, the first secure container governed item being at least in part encrypted, the first secure container governed item including steganographically encoded information including a first portion encoded using a first steganographic encoding technique and a second portion encoded using a second steganographic encoding technique;
a first secure container rule at least in part governing an aspect of access to or use of said first secure container governed item;
hardware or software used for receiving and opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said protected processing environment including hardware or software used for applying said first secure container rule and a second secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item contained in a secure container; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses. - View Dependent Claims (23, 24, 25, 26, 27)
-
-
28. A system including;
-
a first apparatus including;
user controls, a communications port, a processor, a memory containing a first rule, hardware or software used for receiving and opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said protected processing environment including hardware or software used for applying said first rule and a secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item; and
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses; and
a second apparatus including;
user controls, a communications port, a processor, a memory containing a second rule, hardware or software used for receiving and opening secure containers, said secure containers each including the capacity to contain a governed item, a secure container rule being associated with each of said secure containers;
a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said apparatus, said protected processing environment including hardware or software used for applying said second rule and a secure container rule in combination to at least in part govern at least one aspect of access to or use of a governed item;
hardware or software used for transmission of secure containers to other apparatuses or for the receipt of secure containers from other apparatuses; and
an electronic intermediary, said intermediary including a user rights authority clearinghouse. - View Dependent Claims (29)
-
-
30. A method of securely delivery an item, including the following steps:
-
(a) initializing a first apparatus, said first apparatus including a protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said initialization including;
registering a first rule associated with said first apparatus or a user of said first apparatus;
establishing the identity of a user of said first apparatus; and
at least partially integrating a rule with a user application, including altering the user interface of said user application;
(b) specifying information to be used in said delivery, said information including;
an address of a recipient of said item, delivery information, receipt information, authentication information, a rule to at least in part govern at least one access to or use of said item once delivered;
(c) at least in part using said protected processing environment of said first apparatus, storing said item in a secure electronic container, including encrypting at least a portion of said item, and associating a second rule with said secure electronic container, said step of storing and associating being governed at least in part by said first rule; and
(d) transmitting said secure electronic container to a second apparatus. - View Dependent Claims (31, 32)
-
-
33. A method of securely delivering an item, including the following steps:
-
(a) initializing a first apparatus, said first apparatus including a protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said initializing including;
registering a first rule associated with said first apparatus or a user of said first apparatus; and
establishing the identity of a user of said first apparatus;
(b) specifying information to be used in said delivery, said information including;
an address of a recipient of said item, delivery information, receipt information, authentication information, and a rule to at least in part govern at least one access to or use of said item once delivered, (c) at least in part using said protected processing environment of said first apparatus, storing said item in a secure electronic container, including encrypting at least a porting of said item, and associating a second rule with said secure electronic container, said step of storing and associating being governed at least in part by said first rule;
(d) transmitting said secure electronic container to a second apparatus;
(e) receiving said secure electronic container at the second apparatus;
(f) said second apparatus generating a receipt following reception of said secure container; and
(g) using said second rule to at least in part govern at least one aspect of access to or use of said item at said second apparatus. - View Dependent Claims (34, 35, 36, 37)
-
-
38. A method of securely delivering an item, including the following steps:
-
(a) initializing a first apparatus, said first apparatus including a protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said initialization including;
registering a first rule associated with said first apparatus or a user of said first apparatus; and
establishing the identity of a user of said first apparatus;
(b) specifying information to be used in said delivery and providing a key associated with an intended recipient, said information including;
an address of a recipient of said item, information at least in part identifying at least one intended recipient, delivery information, receipt information, authentication information, and a rule to at least in part govern at least one access to or use of said item once delivered;
(c) at least in part using said protected processing environment of said first apparatus, storing said item in a secure electronic container, including encrypting at least a portion of said item, and associating a second rule with said secure electronic container, said step of storing and associating being governed at least in part by said first rule;
(d) transmitting said secure electronic container to a second apparatus;
(e) receiving said secure electronic container at the second apparatus; and
(f) using said second rule to at least in part govern at least one aspect of access to or use of said item at said second apparatus.
-
-
39. A method of securely delivering an item, including the following steps:
-
(a) initializing a first apparatus, said first apparatus including a protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said initialization including;
registering a first rule associated with said first apparatus or a user of said first apparatus; and
establishing the identity of a suer of said first apparatus;
(b) specifying information to be used in said delivery, said information including an address of a recipient of said item, delivery information, receipt information, authentication information, and a rule to at least in part govern at least one access to or use of said item once delivered;
(c) at least in part using said protected processing environment of said first apparatus, storing said item in a secure electronic container, including encrypting at least a portion of said item, and associating a second rule with said secure electronic container, said step of storing and associating being governed at least in part by said first rule;
(d) transmitting said secure electonic container to a second apparatus;
(e) receiving said secure electronic container at the second apparatus;
(f) using said second rule to at least in part govern at least on aspect of access to or use of said item at said second apparatus; and
(g) determining the identity of a party required to make a payment relating to said delivery.
-
-
40. A method of securely delivering an item, including the following steps:
-
(a) initializing a first apparatus, said first apparatus including a protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said initialization including;
registering a first rule associated with said first apparatus or a user of said first apparatus; and
establishing the identity of a user of said first apparatus;
(b) specifying information to be used in said delivery, said information including an address of a receipt of said item, delivery information, receipt information, authentication information, and a rule to at least in part govern at least one access to or use of said item once delivered;
(c) at least in part using said protected processing environment of said first apparatus, storing said item in secure electronic container, including encrypting at least a portion of said item, and associating a second rule with said secure electronic container, said step of storing and associating being governed at least in part by said first rule;
(d) said first apparatus receiving a rule, said first apparatus using said received rule to govern an aspect of said method;
(e) following said receipt in said step (d), transmitting said secure electronic container to a second apparatus;
(f) receiving said secure electronic container at the second apparatus; and
(g) using said second rule to at least in part govern an aspect of access to or use of said item at said second apparatus. - View Dependent Claims (41, 42)
-
-
43. A method of securely delivering an item, including the following steps:
-
(a) initializing a first apparatus, said first apparatus including a protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said first apparatus, said initialization including;
registering a first rule associated with said first apparatus or a user of said first apparatus; and
establishing the identity of a user of said first apparatus;
(b) specifying information to be used in said delivery, including obtaining an address of a recipient of said item information from a third apparatus, said information including;
said recipient address, delivery information, receipt information, authentication information, and a rule to at least in part govern at least one access to or use of said item once delivered;
(c) at least in part using said protected processing environment of said first apparatus, storing said item in a secure electronic container, including encrypting at least a portion of said item, and associating a second rule with said secure electronic container, said step of storing and associating being governed at least in part under control of said first rule;
(d) transmitting said secure electronic container to a second apparatus;
(e) receiving said secure electronic container at the second apparatus; and
(f) using at least said second rule to at least in part govern at least one aspect of access to or use of said item at said second apparatus. - View Dependent Claims (44)
-
-
45. A method of securely delivering an item, including the following steps:
-
steganographically encoding information in an electronic seal, using a first steganographic technique to encode a first portion of said encoded information, and using a second steganographic technique to encode a second portion of said encoded information;
associating said electronic seal with said item;
incorporating said item into a first secure electronic container, said item being at least in part encrypted while in said container, said incorporation occurring in an apparatus containing a first protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing enviormnment from tampering by a user of said apparatus;
in said protected processing environment, associating a first rule with said first secure electronic container, said first rule at least in part governing at least one aspect of access to or use of said item;
authenticating an intended recipient of said item;
transmitting said first secure electronic container and said first rule to said intended recipient; and
using a second protected processing environment, providing said intended recipient access to at least a portion of said item, said access being governed at least in part by said rule and by a second rule present at said intended recipient'"'"'s site. - View Dependent Claims (46, 47)
-
-
48. A method of securely delivering an item, including the following steps:
-
incorporating said item into a first secure electronic container, said item being at least in part encrypted while in said container, said incorporation occurring in an apparatus containing a first protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said apparatus;
in said protected processing environment, associating a first rule with said first secure electronic container, said first rule at least in part governing at least one aspect of access to or use of said item;
steganographically encoding information in an electronic seal, at least a portion of said steganographically encoded information being encrypted;
associating said electronic seal with said item;
authenticating an intended recipient of said item;
transmitting said first secure electronic container and said first rule to said intended recipient; and
using a second protected processing environment, providing said intended recipient access to at least a portion of said item, said access being governed at least in part by said first rule and by a second rule present at said intended recipient'"'"'s site.
-
-
49. A method of securely delivering an item, including the following steps:
-
creating a hash value representing an aspect of said item;
encrypting said hash value;
associating said hash value with an electronic seal;
associating said electronic seal with said item;
incorporating said item into a first secure electronic container, said item being at least in part encrypted while in said container, said incorporation occurring in an apparatus containing a first protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said apparatus;
in said protected processing environment, associating a first rule with said first secure electronic container, said first rule at least in part governing at least one aspect of access to or use of said item;
authenticating an intended recipient of said item;
transmitting said first secure electronic container and said first rule to said intended recipient; and
using a second protected processing environment, providing said intended recipient access to at least a portion of said item, said access being governed at least in part by said first rule and by a second rule present at said intended recipient'"'"'s site. - View Dependent Claims (50)
-
-
51. A method of securely delivering an item, including the following steps:
-
associating a digital signature with said item, said digital signature having associated a rule, said digital signature rule requiring connection to a remote server prior to a use of said digital signature;
incorporating said item into a first secure electronic container, said item being at least in part encrypted while in said container, said incorporation occurring in an apparatus containing a first protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said apparatus;
in said protected processing environment, associating a first rule with said first secure electronic container, said first rule at least in part governing at least one aspect of access to or use of said item;
authenticating an intended recipient of said item;
transmitting said first secure electronic container and said first rule to said intended recipient; and
using a second protected processing environment, providing said intended recipient access to at least a portion of said item, said access being governed at least in part by said first rule and by a second rule present at said intended recipient'"'"'s site.
-
-
52. A method of securely delivering an item, including the following steps:
-
receiving a digital signature from a remote site, said remote site including a secure director;
embedding said digital signature in said item, incorporating said item into a first secure electronic container, said item being at least in part encrypted while in said container, said incorporation occurring in an apparatus containing a first protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said apparatus;
in said protected processing environment, associating a first rule with said first secure electronic container, said first rule at least in part governing at least one aspect of access to or use of said item;
authenticating an intended recipient of said item;
transmitting said first secure electronic container and said first rule to said intended recipient; and
using a second protected processing environment, providing said intended recipient access to at least a portion of said item, said access being governed at least in part by said first rule and by a second rule present at said intended recipient'"'"'s site.
-
-
53. A method of securely delivering an item, including the following steps:
-
receiving a digital signature in a secure electronic container;
embedding said digital signature in said item;
incorporating said item into a secure electronic container, said item being at least in part encrypted while in said container, said incorporation occurring in an apparatus containing a first protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said apparatus;
in said protected processing environment, associating a first rule with said secure electronic container, said first rule at least in part governing at least one aspect of access to or use of said item;
authenticating an intended recipient of said item;
transmitting said secure electronic container and said first rule to said intended recipient; and
using a second protected processing environment, providing said intended recipient access to at least a portion of said item, said access being governed at least in part by said first rule and by a second rule present at said intended recipient'"'"'s site.
-
-
54. A method of securely delivering an item, including the following steps:
-
associating a digital signature with said item, said digital signature including a digital image representation of a handwritten signature of a user associated with said digital signature;
incorporating said item into a first secure electronic container, said item being at least in part encrypted while in said container, said incorporation occurring in an apparatus containing a first protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said apparatus;
in said protected processing environment, associating a first rule with said first secure electronic container, said first rule at least in part governing at least one aspect of access to or use of said item;
authenticating an intended recipient of said item;
transmitting said first secure electronic container and said first rule to said intended recipient; and
using a second protected processing environment, providing said intended recipient access to at least a portion of said item, said access being governed at least in part by said first rule and by a second rule present at said intended recipient'"'"'s site. - View Dependent Claims (55)
-
-
56. A method of securely delivering an item, including the following steps:
-
performing an authentication step;
associating a digital signature with said item;
incorporating said item into a first secure electronic container, said item being at least in part encrypted while in said container, said incorporation occurring in an apparatus containing a first protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said apparatus;
in said protected processing environment, associating a first rule with said first secure electronic container, said first rule at least in part governing at least one aspect of access to or use of said item;
authenticating an intended recipient of said item;
transmitting said first secure electronic container and said first rule to said intended recipient; and
using a second protected processing environment, providing said intended recipient access to at least a portion of said item, said access being governed at least in part by said first rule and by a second rule present at said intended recipient'"'"'s site. - View Dependent Claims (57, 58)
-
-
59. A method of securely delivering an item, including the following step:
-
associating an electronic fingerprint with said item, said electronic fingerprint containing a cryptographic key;
incorporating said item into a first secure electronic container, said item being at least in part encrypted while in said container, said incorporation occurring in an apparatus containing a first protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said apparatus;
in said protected processing environment, associating a first rule with said first secure electronic container, said first rule at least in part governing at least one aspect of access to or use of said item;
authenticating an intended recipient of said item;
transmitting said first secure electronic container and said first rule to said intended recipient; and
using a second protected processing environment, providing said intended recipient access to at least a portion of said item, said access being governed at least in part by said first rule and by a second rule present at said intended recipient'"'"'s site. - View Dependent Claims (60, 61)
-
-
62. A method of securely delivering an item, including the following steps:
-
associating an electronic fingerprint with said item, said electronic fingerprint container the date of transmission of said item;
incorporating said item into a first secure electronic container, said item being at least in part encrypted while in said container, said incorporation occurring in an apparatus containing a first protected processing environment, said protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said apparatus;
in said first protected processing environment, associating a first rule with said first secure electronic container, said first rule at least in part governing at least one aspect of access to or use of said item;
authenticating an intended recipient of said item;
transmitting said first secure electronic container and said first rule to said intended recipient; and
using a second protected processing environment, providing said intended recipient access to at least a portion of said item, said access being governed at least in part by said first rule and by a second rule present at said intended recipient'"'"'s site.
-
-
63. A method of securely delivering an item, including the following steps:
-
incorporating said item into a first secure electronic container;
associated a first rule with said first secure electronic container, said first rule at least in part governing at least one aspect of access to or use of said item;
providing an address for at least one intended recipient of said item;
transmitting said first secure electronic container and said first rule to an apparatus associated with said intended recipient, said apparatus already storing a second rule, said apparatus including a protected processing environment at least in part protecting information contained in said protected processing environment from tampering by a user of said apparatus;
providing said intended recipient access to at least a portion of said item, said access being governed at least in part by said first rule, said governance at least in part using said protected processing environment; and
generating a first digital receipt documenting at least one aspect of said transmission, said generation being governed at least in part by said first rule and by said second rule, said generation occurring at least in part in said protected processing environment. - View Dependent Claims (64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106)
said recipient entering a password; and
said password being compared to an expected value.
-
-
84. A method as in claim 81, in which said recipient authentication step includes the presentation and evaluation of biometric information associated with said recipient.
-
85. A method as in claim 84, in which said recipient authentication step includes:
-
presenting at least one smart card;
accessing information from said smart card; and
comparing said accessed information to expected information.
-
-
86. A method as in claim 85, in which said information accessed from said smart card includes information from at least one digital certificate.
-
87. A method as in claim 81, in which said recipient authentication step includes:
-
receiving a digital certificate associated with an intended recipient of said item;
comparing said digital certificate to an expected value;
receiving biometric information associated with an intended recipient of said item; and
comparing said biometric information with an expected value.
-
-
88. A method as in claim 63, further including calculation of at least one price associated with delivery of said item.
-
90. A method as in claim 88, in which said price is calculated at least in part based on the number of items delivered.
-
91. A method as in claim 88, further including providing at least one payment.
-
92. A method as in claim 63, in which said first rule is transmitted to said recipient apparatus separately from said transmission of said first secure container containing said item.
-
93. A method as in claim 63, further including said recipient apparatus obtaining and registering said first rule.
-
94. A method as in claim 63, further including said recipient apparatus authenticating said received item.
-
95. A method as in claim 94, in which said recipient apparatus authentication of said received item includes checking at least one digital signature.
-
96. A method as in claim 94, in which said recipient apparatus authentication of said received item includes checking at least one electronic seal.
-
97. A method as in claim 96, in which said electronic seal checking step includes decrypting information contained in or associated with said electronic seal.
-
98. A method as in claim 94, in which said recipient apparatus authentication of said received item includes comparing at least one value to a value received from a trusted intermediary.
-
99. A method as in claim 95, further including said recipient apparatus associating certain information with said item following said item authentication step.
-
100. A method as in claim 99, in which said certain information includes a electronic fingerprint.
-
101. A method as in claim 100, in which said electronic fingerprint includes information at least in part identifying said intended recipient and/or said recipient apparatus.
-
102. A method as in claim 101, in which said electronic fingerprint includes information at least in part identifying at least one access to or use of said item at said recipient apparatus.
-
103. A method as in claim 63, further including:
-
said recipient apparatus transmitting said first digital receipt to another apparatus, and said intended recipient retransmitting at least a portion of said item to a second recipient, said retransmission being governed at least in part by said first rule.
-
-
104. A method as in claim 103, in which said first rule requires the transmission of a second digital receipt in connection with said retransmission.
-
105. A method as in claim 104, further including transmitting said second digital receipt to at least one apparatus to which said first receipt was transmitted.
-
106. A method as in claim 63, further including:
generating audit information relating to said transmission, and reporting said audit information.
-
89. A method as in clam 88, in which said price is calculated at least in part based on the size of said item.
-
107. A method of providing trusted intermediary services including the following steps:
-
providing a secure communications node on a first network, said secure communications node being connected to said first network and to a second network;
receiving a first item from a node on said first network;
incorporating said first item into a first secure digital container;
associated at least one rule with said first secure digital container, said first rule at least in part governing at least one aspect of access to or use of said first item;
associating authentication information with said first item, transmitting said first secure digital container to an intended recipient of said first item, said intended recipient being located at a node on said second network, receiving a second secure digital container and a second rule from said second network node, removing a second item from said second secure digital container, said removal at least in part occurring under the control of said second rule, and transmitting said second item to said first network node. - View Dependent Claims (108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125)
said second network node receiving said transmitted first item;
said second network node generating a digital receipt;
said second network node transmitting said digital receipt to said secure communications node; and
said secure communications node storing said digital receipt in said archive.
-
-
118. A method as in claim 116, further including:
-
using a hashing algorithm to create a hash value representative of at least a portion of said first item; and
storing said hash value in said archive.
-
-
119. A method as in claim 116, in which said information relating to said first item includes information relating to the transmission of said first item to said intended recipient.
-
120. A method as in claim 107, further including storing at least one rule in a secure archive.
-
121. A method as in claim 120, in which said step of association of at least one rule with said first secure digital container further includes obtaining at least one rule from said secure archive.
-
122. A method as in claim 107, further including:
-
said secure communications node generating receipt information; and
said secure communications node transmitting said receipt information to said first network node.
-
-
123. A method as in claim 122, further including:
-
following said transmission of said first secure digital container to said intended recipient, said second network node generating information relating to said transmission;
said second network node transmitting said information relating to said transmission to said secure communications node;
said secure communications node using at least some of said information relating to said transmission in the process of preparing said receipt information.
-
-
124. A method as in claim 107, further including:
performing at least one transaction.
-
125. A method as in claim 124, in which the participants to said transaction include a user of said first network node and said intended recipient, and said performance step includes:
-
said secure communications node receiving information regarding transaction requirements of a first participant to said transaction;
said secure communications node comparing said first participant transaction requirement information to information regarding transaction requirements of a second participant to said transaction; and
said secure communications node communicating the results of said comparison to at least one of said participants.
-
-
126. A method of providing trusted intermediary services including the following steps:
-
at a first apparatus, receiving an item from a second apparatus;
associating authentication information with said item;
incorporating said item into a secure digital container;
associating a first rule with said secure digital container, said first rule at least in part governing at least one aspect of access to or use of said item;
transmitting said secure digital container and said first rule to a third apparatus, said third apparatus including a protected processing environment at least in part protecting information stored in said protected processing environment from tampering by a user of said third apparatus;
said third apparatus receiving said secure digital container and said first rule;
said third apparatus checking said authentication information; and
said third apparatus performing at least one action on said item, said at least one action being governed, at least in part, by said first rule and by a second rule resident at said third apparatus prior to said receipt of said secure digital container and said first rule, said action governance occurring at least in part in said protected processing environment. - View Dependent Claims (127, 128, 129, 130, 131)
-
Specification