Smart card system and methods for proving dates in digital files
DCFirst Claim
1. A system for maintaining trust in the content of a digital data file, comprising:
- a trusted time source to provide a certifiable time for an unalterable time stamp, wherein said certifiable time confirms at least one of said file'"'"'s access creation, modification, receipt, or transmission;
means for receiving a request to save the file from a user;
first means for saving the file at a moment in time;
means for retrieving from said trusted time source a date and a time corresponding to said moment in time, wherein said moment in time is substantially the current time at said trusted time source corresponding to receipt of said request;
first means for appending said date and said time retrieved from said trusted time source to said saved file;
first means for signing said saved file with said date and said time retrieved from said trusted time source appended thereto;
means for hashing said signed file to produce a digest;
second means for signing said digest with a key to produce a certificate;
second means for appending said certificate to said saved file; and
second means for saving said saved file with said certificate appended thereto.
1 Assignment
Litigations
0 Petitions
Accused Products
Abstract
A smart card system and methods for proving dates of digital data files includes a trusted time source, a first subsystem for saving the file at a moment in time, a second subsystem for retrieving from the trusted time source a date and a time corresponding to the moment in time, a third subsystem for appending the date and the time retrieved from the trusted time source to the saved file, a fourth subsystem for signing the saved file with the date and the time retrieved from the trusted time source appended thereto, a fifth subsystem for hashing the signed file to produce a digest, a sixth subsystem for signing the digest with a key to produce a certificate, a seventh subsystem for appending the certificate to the saved file, and an eighth subsystem for saving the file with the certificate appended thereto. All of the subsystems are preferably sealed together within a smart card.
262 Citations
20 Claims
-
1. A system for maintaining trust in the content of a digital data file, comprising:
-
a trusted time source to provide a certifiable time for an unalterable time stamp, wherein said certifiable time confirms at least one of said file'"'"'s access creation, modification, receipt, or transmission;
means for receiving a request to save the file from a user;
first means for saving the file at a moment in time;
means for retrieving from said trusted time source a date and a time corresponding to said moment in time, wherein said moment in time is substantially the current time at said trusted time source corresponding to receipt of said request;
first means for appending said date and said time retrieved from said trusted time source to said saved file;
first means for signing said saved file with said date and said time retrieved from said trusted time source appended thereto;
means for hashing said signed file to produce a digest;
second means for signing said digest with a key to produce a certificate;
second means for appending said certificate to said saved file; and
second means for saving said saved file with said certificate appended thereto. - View Dependent Claims (2, 3, 4, 5)
first means for signing said saved file with said date and said time retrieved from said trusted time source appended thereto with a user identifier; and
second means for signing said saved file with said date and said time retrieved from said trusted time source appended thereto with a system identifier.
-
-
5. The system according to claim 1, wherein said hashing function comprises a cryptographic key.
-
6. A method of maintaining trust in the content of a digital data file, comprising:
-
providing a trusted time source to provide a certifiable time for an unalterable time stamp, wherein said certifiable time confirms at least one of said file'"'"'s access, creation, modification, receipt, or transmission;
receiving a request to save the file from a user;
saving the file at a moment in time;
retrieving from said trusted time source a date and a time corresponding to said moment in time, wherein said moment in time is substantially the current time at said trusted time source corresponding to receipt of said request;
appending said date and said time retrieved from said trusted time source to said saved file;
signing said saved file with said date and said time retrieved from said trusted time source appended thereto;
hashing said signed file to produce a digest;
signing said digest with a key to produce a certificate;
appending said certificate to said saved file; and
saving said file with said certificate appended thereto. - View Dependent Claims (7, 8, 9, 10)
signing said saved file with said date and said time retrieved from said trusted time source appended thereto with a user identifier; and
signing said saved file with said date and said time retrieved from said trusted time source appended thereto with a system identifier.
-
-
10. The method according to claim 6, wherein said hashing function comprises a cryptographic key.
-
11. Apparatus for maintaining trust in the content of a digital data file, comprising:
-
computing means, including a central processing unit (CPU), means for storing an operating system that is adapted to control the CPU, the plurality of digital data files, one or more applications programs for accessing, creating, modifying, and transmitting the plurality of digital data files, and means for controlling storage and retrieval of the plurality of digital data files to and from said storage means; and
fraud prevention means, operatively coupled to said computing means, said fraud prevention module including;
a trusted time source to provide a certifiable time for an unalterable time stamD wherein said certifiable time confirms at least one of said file'"'"'s access, creation, modification, receipt, or transmission;
means for receiving a request to save the file from a user;
first means for saving the file at a moment in time;
means for retrieving from said trusted time source a date and a time corresponding to said moment in time, wherein said moment in time is substantially the current time at said trusted time source corresponding to receipt of said request;
first means for appending said date and said time retrieved from said trusted time source to said saved file;
first means for signing said saved file with said date and said time retrieved from said trusted time source appended thereto;
means for hashing said signed file to produce a digest;
second means for signing said digest with a key to produce a certificate;
second means for appending said certificate to said saved file; and
second means for saving said file with said certificate appended thereto. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
first means for signing said saved file with said date and said time retrieved from said trusted time source appended thereto with a user identifier; and
second means for signing said saved file with said date and said time retrieved from said trusted time source appended thereto with a system identifier.
-
-
15. The apparatus according to claim 11, wherein said fraud prevention means comprises a smart card.
-
16. The apparatus according to claim 15, wherein said smart card comprises a contact-type smart card.
-
17. The apparatus according to claim 15, wherein said smart card comprises a contactless-type smart card.
-
18. The apparatus according to claim 17, further comprising a removable medium coupled to said smart card and adapted to store the plurality of digital data files thereon.
-
19. The apparatus according to claim 18, wherein said removable medium is selected from the group consisting of a floppy disk, an optical disk, a CD-ROM, a CD-R, a CD-RW, a DVD disk, a magneto-optical disk, a magnetic tape, a memory chip, and a carrier wave used to carry computer-readable electronic data used in transmitting and receiving e-mail or in accessing a network, including the Internet, intranets, extranets, virtual private networks (VPN), local area networks (LAN), and wide area networks (WAN).
-
20. The apparatus according to claim 15, further comprising a smart card reader which includes means for verifying the authenticity of said file with said certificate appended thereto.
Specification