System and method for secure three-party communications

US 8,316,237 B1
Filed: 01/10/2011
Issued: 11/20/2012
Est. Priority Date: 03/23/2001
Status: Expired due to Fees

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A transcription device, comprising:

an automated communication port configured to receive a first message representing an encrypted communication associated with a first set of asymmetric keys, to receive a transcription key, and to transmit a second message representing the encrypted communication associated with a second set of asymmetric keys, the first and second sets of encryption keys being distinct;

a memory; and

an automated processor, configured to communicate through the automated communication port and with the memory, to receive the first message, receive the transcription key, automatically transcript the first message into the second message, and to transmit the second message, wherein the automated processor does not store as a part of the transcription any decrypted representation of the encrypted communication, and the transcription key is employed without revealing any secret cryptographic information usable for decrypting the first message or the second message.

View all claims

8 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

A system and method for communicating information between a first party and a second party, comprising the steps of receiving, by an intermediary, an identifier of desired information and accounting information for a transaction involving the information from the first party, transmitting an identifier of the first party to the second party, and negotiating, by the intermediary, a comprehension function for obscuring at least a portion of the information communicated between the first party and the second party. The data transmission may be made secure with respect to the intermediary by providing an asymmetric key or direct key exchange for encryption of the communication between the first and second party. The data transmission may be made secure with respect to the second party by maintaining the information in encrypted format at the second party, with the decryption key held only by the intermediary, and transmitting a secure composite of the decryption key and a new encryption key to the second party for transcoding of the data record, and providing the new decryption key to the first party, so that the information transmitted to the first party can be comprehended by it.

1076 Citations

20 Claims

1. A transcription device, comprising:
- an automated communication port configured to receive a first message representing an encrypted communication associated with a first set of asymmetric keys, to receive a transcription key, and to transmit a second message representing the encrypted communication associated with a second set of asymmetric keys, the first and second sets of encryption keys being distinct;
  
  a memory; and
  
  an automated processor, configured to communicate through the automated communication port and with the memory, to receive the first message, receive the transcription key, automatically transcript the first message into the second message, and to transmit the second message, wherein the automated processor does not store as a part of the transcription any decrypted representation of the encrypted communication, and the transcription key is employed without revealing any secret cryptographic information usable for decrypting the first message or the second message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The transcription device according to claim 1, wherein the transcription key is communicated through the automated communication port, encrypted with a session key, the session key being interactively negotiated for a communication session with a communication counterpart.
  - 3. The transcription device according to claim 1, wherein the transcription key is communicated through the automated communication port, encrypted with a first session key and a second session key, the first session key being negotiated for a communication session with a communication counterpart for the first message, the second session key being negotiated for a communication session with a communication counterpart for the second message.
  - 4. The transcription device according to claim 1, wherein the automated communication port interfaces with a public access network.
  - 5. The transcription device according to claim 1, wherein the automated communication port interfaces with a private network.
  - 6. The transcription device according to claim 1, wherein the automated communication port interfaces with a virtual private network.
  - 7. The transcription device according to claim 1, wherein the automated communication port is configured to communicate with an automated communication port of another transcription device.
  - 8. The transcription device according to claim 1, wherein the first message is received through the automated communication port from a distributed information hosting system.
  - 9. The transcription device according to claim 1, wherein the automated processor issues a request for information through the automated communication port, and receives a response to the request for information comprising at least one of the first message and the transcription key.
  - 10. The transcription device according to claim 1, wherein the first message comprises an electronic medical record.
  - 11. The transcription device according to claim 1, further comprising a digital rights management system, wherein the first message comprises a work subject to Copyright.
  - 12. The transcription device according to claim 1, wherein the automated communication port is configured to communicate with a plurality of file servers, together hosting the first message, wherein each storage device is configured to communicate with the automated processor through the automated communication port using first messages associated with different first sets of cryptographic keys, and the automated processor is configured to generate corresponding second messages associated with a common second cryptographic key.
  - 13. The transcription device according to claim 1, wherein the automated processor is configured to query an external server to find information on a network, and to receive a transfer of the responsive information from a selected storage device selected from a plurality of storage devices linked to the network.
  - 14. The transcription device according to claim 1, further comprising an external database configured to account for at least one of the transcription and the transmission of the second message through the automated communication port.
  - 15. The transcription device according to claim 1, wherein the transcription key comprises a first portion dependent on an identity of an intended recipient, and a second portion provided by or on behalf of a rights holder of information represented in the first message.
  - 16. The transcription device according to claim 1, wherein the transcription key comprises a function of a decryption key for decrypting the first message, and a complement of a decryption key for decrypting the second message.
  - 17. The transcription device according to claim 1, wherein the transcription device comprises a remote key handler.

18. A secure distributed information access control system, comprising:
- a communication interface device configured to communicate with a plurality of independently operating servers, each communicating server encrypted information, wherein the server encrypted information is in an encrypted form negotiated between a respective server and an intermediary;
  
  the intermediary having an automated processor configured to communicate with a network using network encrypted information, wherein the network encrypted information is in a form negotiated between a network endpoint and the intermediary, wherein for respective information, the automated processor transcripts between the server encrypted information and the network encrypted information, substantially without an intermediate representation of the information in a decrypted form; and
  
  an audit database configured to log usage of at least one of the plurality of independently operating servers and the activity of the intermediary.

19. A method of secure distributed information access control, comprising:
- communicating with a plurality of independently operating servers using server encrypted information, wherein the server encrypted information is in an encrypted form negotiated between a respective server and an intermediary;
  
  communicating with a network using network encrypted information, wherein the network encrypted information is in a form negotiated between a network endpoint and the intermediary;
  
  transcripting between the server encrypted information and the network encrypted information with an automated processor, substantially without an intermediate representation of the information in a decrypted form; and
  
  logging usage of at least one of the plurality of independently operating servers and the activity of the intermediary in a database.
- View Dependent Claims (20)
- - 20. The method according to claim 19, wherein the server encrypted information is associated with a first asymmetric key, the network encrypted information is associated with a second asymmetric key, and the transcription key comprises at least a portion of each of the first and second asymmetric keys.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
RPX Corporation
Original Assignee
David Felsher
Inventors
Nagel, Robert H., Hoffberg, Steven M., Felsher, David P.
Primary Examiner(s)
Barron, Jr., Gilberto
Assistant Examiner(s)
Le, David

Application Number

US12/987,926
Time in Patent Office

680 Days
Field of Search

380/44, 380/277, 380/282, 726/2, 726/7
US Class Current

713/171
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/608   Watermarking

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 2209/88   Medical equipments

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/302   involving the integer facto...

H04L 9/321   involving a third party or ...

H04L 9/3249   using RSA or related signat...

System and method for secure three-party communications

First Claim

8 Assignments

Litigations

0 Petitions

Accused Products

Abstract

1076 Citations

20 Claims

Specification

5 Family Members

Thank you for your feedback