Secure and reliable document delivery using routing lists

US 7,596,689 B2
Filed: 07/30/2007
Issued: 09/29/2009
Est. Priority Date: 07/07/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method for facilitating a secure delivery of a document over a network from a sender to a next stage on a routing list, the method comprising the steps of:

receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document;

identifying a recipient from the next stage of the routing list;

sending an inquiry to a public key database to determine whether the recipient has a public key listed in the public key database;

receiving a response to said inquiry, said response selected from the group of said recipient having a public key in said database and said recipient not having a public key in said database;

if said response is said recipient having a public key in said public key database, completing the steps of;

(a) retrieving said public key from said public key database;

(b) setting a message encryption key for encrypting the document equal to said public key;

(c) encrypting the document prior to sending said document using the message encryption key; and

(d) sending the encrypted document to the recipient;

if said response is said recipient not having a public key in said public key database, completing the steps of;

(a) providing an escrow encryption key not equal to the recipient'"'"'s public key and not equal to the sender'"'"'s private key, wherein an escrow unencryption key for unlocking said escrow encryption key is not made available to said recipient or to the sender and(b) encrypting the document using the generated escrow encryption key, and storing the escrow key encrypted document in escrow;

(c) notifying the recipient of the document stored in escrow; and

(d) only in response to receiving an acknowledgement from the recipient, unencrypting the escrow encryption key encrypted document using the escrow unencryption key and re-encrypting the document using a document encryption key prior to sending said document to the recipient, wherein neither the escrow encryption key or the escrow unencryption key is provided to the recipient.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An operations center (OC) (200) acts as an intermediary for securely and reliably transmitting a document (3) from a sender (100) to a next recipient (300) on a routing list. The OC (200) identifies (464) a recipient (300) from the next stage of the routing list and provides either the recipient'"'"'s public key (404) or an escrow encryption key (406). The OC (200) optionally can authenticate the sender (100) and/or the recipient (300), thus increasing security.

57 Citations

View as Search Results

19 Claims

1. A method for facilitating a secure delivery of a document over a network from a sender to a next stage on a routing list, the method comprising the steps of:
- receiving an indication that a sender desires to deliver a document to a next stage on a routing list for the document;
  
  identifying a recipient from the next stage of the routing list;
  
  sending an inquiry to a public key database to determine whether the recipient has a public key listed in the public key database;
  
  receiving a response to said inquiry, said response selected from the group of said recipient having a public key in said database and said recipient not having a public key in said database;
  
  if said response is said recipient having a public key in said public key database, completing the steps of;
  
  (a) retrieving said public key from said public key database;
  
  (b) setting a message encryption key for encrypting the document equal to said public key;
  
  (c) encrypting the document prior to sending said document using the message encryption key; and
  
  (d) sending the encrypted document to the recipient;
  
  if said response is said recipient not having a public key in said public key database, completing the steps of;
  
  (a) providing an escrow encryption key not equal to the recipient'"'"'s public key and not equal to the sender'"'"'s private key, wherein an escrow unencryption key for unlocking said escrow encryption key is not made available to said recipient or to the sender and(b) encrypting the document using the generated escrow encryption key, and storing the escrow key encrypted document in escrow;
  
  (c) notifying the recipient of the document stored in escrow; and
  
  (d) only in response to receiving an acknowledgement from the recipient, unencrypting the escrow encryption key encrypted document using the escrow unencryption key and re-encrypting the document using a document encryption key prior to sending said document to the recipient, wherein neither the escrow encryption key or the escrow unencryption key is provided to the recipient.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1 comprising the additional step of verifying the identity of the recipient after receiving the acknowledgement from the recipient and prior to unencrypting the document using the escrow unencryption key.
  - 3. The method of claim 1 wherein the document is unencrypted using the escrow unencryption key prior to sending the document over a network to the recipient.
  - 4. The method of claim 1 wherein the escrow encryption key is one of a public and private key not assigned to the recipient.
  - 5. The method of claim 4 wherein the escrow encryption key is one of a public and private key not assigned to the sender.

6. A method for facilitating a secure delivery of a document over a network from a sender to a recipient, the method comprising the steps of:
- receiving an indication that the sender desires to deliver a document to the recipient for the document;
  
  sending an inquiry to a public key database to determine whether the recipient has a public key listed in the public key database;
  
  receiving a response to said inquiry, said response selected from the group of said recipient having a public key in said database and said recipient not having a public key in said database;
  
  if said response is said recipient having a public key in said public key database, completing the steps of;
  
  (a) retrieving said public key from said public key database;
  
  (b) setting a message encryption key for encrypting the document equal to said public key;
  
  (c) encrypting the document prior to sending said document using the message encryption key; and
  
  (d) sending the encrypted document to the recipient;
  
  if said response is said recipient not having a public key in said public key database, completing the steps of;
  
  (a) providing an escrow encryption key not equal to the recipient'"'"'s public key and not equal to the sender'"'"'s private key, wherein a respective escrow unencryption key for unlocking said escrow encryption key is not made available to said recipient or to the sender;
  
  (b) encrypting the document using the generated escrow encryption key and storing the escrow key encrypted document in escrow;
  
  (c) notifying the recipient of the document stored in escrow; and
  
  (d) only in response to receiving an acknowledgement from the recipient, unencrypting the escrow encryption key encrypted document using the escrow unencryption key prior to sending said document; and
  
  (e) re-encrypting the escrow unencryption key unencrypted document using an encryption not equal to the escrow encryption key or a public or private encryption key of recipient;
  
  and wherein the escrow encryption key is not provided to the recipient.
- View Dependent Claims (7, 8, 9, 10, 11)
- - 7. The method of claim 6, including the step of sending the document to the recipient in a secured state by encrypting the document.
  - 8. The method of claim 6, including the step of sending the document to the recipient in a secured state by sending the document over a secure socket layer.
  - 9. The method of claim 6, including the step of sending the document to the recipient in a secured state by encrypting the document and by sending the document a virtual private network.
  - 10. The method of claim 6 wherein the recipient is on a next stage of a routing list for the document.
  - 11. The method of claim 6 wherein the document encryption does not utilize a public private key pair.

12. A method for facilitating a secure delivery of a document over a network from a sender to a recipient, the method comprising the steps of:
- receiving an indication that a sender desires to deliver a document to a recipient for the document;
  
  sending an inquiry to a public key database to determine whether the recipient has a public key listed in the public key database;
  
  receiving a response to said inquiry, said response selected from the group of said recipient having a public key in said database and said recipient not having a public key in said database;
  
  if said response is said recipient having a public key in said public key database, completing the steps of;
  
  (a) retrieving said public key from said public key database;
  
  (b) setting a message encryption key for encrypting the document equal to said public key;
  
  (c) encrypting the document prior to sending said document using the message encryption key; and
  
  (d) sending the message encryption key encrypted document to the recipient;
  
  if said response is said recipient not having a public key in said public key database, completing the steps of;
  
  (a) providing an escrow encryption key not equal to the recipient'"'"'s public key and not equal to the sender'"'"'s private key, wherein an escrow unencryption key for unlocking said escrow encryption key is not made available to said recipient and(b) encrypting the document using the generated escrow encryption key, and storing the escrow key encrypted document in escrow;
  
  (c) notifying the recipient of the document stored in escrow; and
  
  (d) only in response to receiving an acknowledgement from the recipient, unencrypting the escrow encryption key encrypted document using the escrow unencryption key prior to sending said document to the recipient; and
  
  (e) sending the document to the recipient in a secured state by encrypting the document or by sending the document over one of the group of a secure channel, a secure socket layer or a virtual private network.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The method of claim 12 wherein the recipient is listed on a stage of a routing list for the document.
  - 14. The method of claim 12 including encrypting the document with a document encryption key prior to sending the document to the recipient;
    - wherein the document encryption key is not equal to the escrow encryption key or a public or private recipient key.
  - 15. The method of claim 12 wherein the document encryption key is not a part of a public private key pair.
  - 16. The method of claim 12 wherein the document encryption key is a symmetric key.
  - 17. The method of claim 12, including the step of sending the document to the recipient in a secured state by encrypting the document.
  - 18. The method of claim 12, including the step of sending the document to the recipient in a secured state by encrypting the document and by sending the document over a secure socket layer.
  - 19. The method of claim 12, including the step of sending the document to the recipient in a secured state by encrypting the document and by sending the document over a virtual private network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
BAE Systems Applied Intelligence US Corp. (BAE Systems Plc)
Original Assignee
Perimeter eSecurity Inc.
Inventors
Toh, Eng-Whatt, Teo, Kok-Hoon
Primary Examiner(s)
CHEN, SHIN HON

Application Number

US11/878,964
Publication Number

US 20070294533A1
Time in Patent Office

792 Days
Field of Search

713/150, 713/168, 713/156, 380/286, 709/220, 709/223, 709/229
US Class Current

713/150
CPC Class Codes

G06F 21/64   Protecting data integrity, ...

G06F 2221/2141   Access rights, e.g. capabil...

G06F 2221/2151   Time stamp

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 51/00   User-to-user messaging in p...

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0823   using certificates cryptogr...

H04L 63/0869   for achieving mutual authen...

H04L 63/12   Applying verification of th...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/3247   involving digital signatures

H04L 9/50   using hash chains, e.g. blo...

Secure and reliable document delivery using routing lists

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

57 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Secure and reliable document delivery using routing lists

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

57 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links