IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0707190
(2003-11-25)
|
등록번호 |
US-7277549
(2007-10-02)
|
발명자
/ 주소 |
- Olkin,Terry M.
- Moreh,Jahanshah
|
출원인 / 주소 |
- Secure Data In Motion, Inc.
|
대리인 / 주소 |
Intellectual Property Law Offices
|
인용정보 |
피인용 횟수 :
15 인용 특허 :
16 |
초록
▼
A key server (320) based communication system (310) wherewith communicating parties, originators (312) and recipients (314), exchange encrypted communications (324). An originator requests or provides a key (330) to the key server, optionally with an assertion (322) from an authentication authority
A key server (320) based communication system (310) wherewith communicating parties, originators (312) and recipients (314), exchange encrypted communications (324). An originator requests or provides a key (330) to the key server, optionally with an assertion (322) from an authentication authority (318). Based on attributes (326) from the originator or elsewhere, the key server sets controlling events (340) for the communication. The originator encrypts and sends the communication to one or more recipients. A recipient may or may not request the key to decrypt the message. Positive events (342) are determined based on the controlling events and when and how many such requests occur. Negative events (344) are determined based on the absence of any requests or all requests being untimely.
대표청구항
▼
The invention claimed is: 1. A system for determining communications events, comprising: a key server to release keys to communicating parties, wherein said keys are encryption keys to encrypt or decryption keys to decrypt the communications and said communicating parties include originators seekin
The invention claimed is: 1. A system for determining communications events, comprising: a key server to release keys to communicating parties, wherein said keys are encryption keys to encrypt or decryption keys to decrypt the communications and said communicating parties include originators seeking to create and recipients seeking to view the communications; and for each of the communications, said key server also to: assign an identifier; store a record in a database that includes said identifier, a respective said decryption key, and respective controlling events; receive zero, one, or more requests for said decryption key, wherein said requests include said identifier; and determine at least one member of the set consisting of positive events and negative events based on said controlling events and how many said requests are received or when any said requests are received. 2. The system of claim 1, wherein said encryption key and said decryption key are the same. 3. The system of claim 1, wherein said encryption key and said decryption key are different. 4. The system of claim 1, wherein said key server is able to generate said keys. 5. The system of claim 1, wherein said key server is able to receive said keys from an outside source. 6. The system of claim 5, wherein said outside source is a said originator. 7. The system of claim 1, wherein said key server requires an assertion before releasing said keys. 8. The system of claim 1, wherein at least some of said controlling events are defined based on attributes provided by said originator. 9. The system of claim 1, wherein at least some of said controlling events are pre-stored in said database in anticipation of use in later said communications. 10. The system of claim 9, wherein at least some of said controlling events are determined based on attributes received from a party other than a said originator. 11. The system of claim 1, wherein a said controlling event specifies a time after which a said decryption key is made releasable, thereby specifying a delay before a said recipient can decrypt a said communication. 12. The system of claim 1, wherein a said controlling event specifies a time after which a said decryption key is made un-releasable, thereby specifying an expiration after which a said recipient can no longer decrypt a said communication. 13. The system of claim 1, wherein a said controlling event specifies how many times a said decryption key should be released to a said recipient, thereby limiting the times said recipient can decrypt a said communication. 14. The system of claim 1, wherein: said key server requires an assertion for a said recipient; and said controlling events specify at least one condition that must be met before releasing a said decryption key to said recipient. 15. The system of claim 1, wherein said key server communicates data about at least one of said positive events or said negative events to at least one of said originator and another entity. 16. The system of claim 15, wherein said another entity is a notification server. 17. A method for determining communication events, the method comprising: (a) receiving a first request for a resource ID to identify the communication, wherein said first request includes at least one identity of an intended recipient of the communication; (b) defining at least one controlling event, wherein said controlling events include said at least one identity; (c) providing said resource ID in reply to said first request; (d) storing said resource ID, said controlling events, and a decryption key to decrypt the communication; (e) monitoring for a second request for said decryption key, wherein said second request includes said resource ID and identifying information for a putative said intended recipient; (f) if a said second request is received, then determining whether it conforms with said controlling events, and (1) if so: (i) providing said decryption key in reply to said second request; and (ii) storing said identifying information and a positive event in association with said resource ID; (2) else, storing a negative event in association with said resource ID; and (g) alternately, if no said second request is received for a said intended recipient, then storing a negative event in association with said resource ID. 18. The method of claim 17, wherein said step (c) includes providing an encryption key. 19. The method of claim 18, wherein said encryption key and said decryption key are the same. 20. The method of claim 18, wherein said encryption key and said decryption key are different. 21. The method of claim 17, wherein said first request includes an authentication assertion and said step (a) includes verifying said authentication assertion before providing said resource ID in said step (c). 22. The method of claim 17, wherein at least some of said controlling events are defined based on attributes provided by an originator of the communication. 23. The method of claim 17, wherein at least some of said controlling events are pre-stored before said step (a) in anticipation of later use in the communication. 24. The method of claim 23, wherein at least some of said controlling events are determined based on attributes received from a party other than said originator. 25. The method of claim 17, wherein a said controlling event specifies a time after which said decryption key is made releasable to a said recipient. 26. The method of claim 17, wherein a said controlling event specifies a time after which said decryption key is made un-releasable to a said recipient. 27. The method of claim 17, wherein a said controlling event specifies how many times said decryption key should be released to a said recipient. 28. The method of claim 17, wherein said second request includes an authentication assertion including said identifying information and step (f) includes verifying said authentication assertion before providing said decryption key. 29. The method of claim 17, further comprising a step (h) communicating data about at least one of said positive events or said negative events to at least one of an originator of the communication and another entity. 30. The method of claim 29, wherein said another entity is a notification server.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.