The present invention is related to a method and system to automatically invoke functionality of an operating system during the encrypted transmission and encrypted storage of computer files and/or computer programs from one computing device to another computing device.
The secure transmission of computer files via communication means has increased in importance with the proliferation of the Internet for electronic distribution and electronic commerce. The fundamental shift from physical delivery of computer files and/or computer programs to digital based electronic transmission has commenced with the Internet emerging as a ubiquitous low cost network. As in previous technological advancements such as the transition from newspaper to radio and then to television, media companies of the time were forced to react to the emergence of these new mediums. However, unlike previous technological transitions, the Internet as a medium supports all of the functionality of the traditional print, radio and television industries while simultaneously supporting electronic commerce as well. Currently, many businesses utilize the Internet to sell or give away their computer files and/or computer programs via the Internet and in most cases, the computer files are not encrypted for protection against piracy or illegal use. Additionally, the current approach relating to the secure transmission and storage of computer files fails to leverage encryption functionality of a computing device""s operating system. The current approach calls for a computing device acting as a server (the xe2x80x9cServing Devicexe2x80x9d) to communicate with another computing device acting as a client (the xe2x80x9cClient Devicexe2x80x9d) to transfer encrypted files for decryption at the application level (such as, but not limited to, Win32 Application) of the Client Device. The Client Device utilizes a computer program running at the application level for decryption, which is assigned a unique decryption xe2x80x9ckey.xe2x80x9d During the transmission process, the Serving Device encrypts the computer file for storage using the decryption xe2x80x9ckeyxe2x80x9d of the Client Device. The encrypted computer file is then transmitted via the Internet and saved into storage within, or connected to, the Client Device. After decryption of the computer file, the decrypting computer program transmits a decrypted signal to the operating system for display or, in the case of an audio file, playback through the sound card. The decrypted signal can be vulnerable when transmitted from the decrypting application to the operating system, and the signal can be intercepted, possibly resulting in the illegal duplication of the computer file.
Addressing certain aspects of computer file and computer program encryption, the Microsoft Corporation published in 1998, a white paper titled xe2x80x9cMicrosoft Windows NT version 5.0, Public Key Infrastructurexe2x80x9d, incorporated by reference herein, (hereinafter the xe2x80x9cWindows 2000 PKI White Paperxe2x80x9d), detailing encryption functionality of a comprehensive public key infrastructure (PKI) in the Windows 2000 family of operating systems (formerly referred to as Windows NT 5.0). The Windows 2000 PKI White Paper stated on the cover page thereof, xe2x80x9cMicrosoft. Windows NT. version 5.0 introduces a comprehensive public key infrastructure (PKI) to the Windows. platform. This utilizes and extends the Windows-based public key (PK) cryptographic services introduced over the past few years, providing an integrated set of services and administrative tools for creating, deploying, and managing PK-based applications. This allows application developers to take advantage of the shared-secret security mechanisms or PK-based security mechanism in Windows NT as appropriate. At the same time, enterprises gain the advantage of being able to manage the environment and applications based on consistent tools and policy mechanisms.xe2x80x9d
Furthermore, and with special emphasis on the encryption functionality of the Public Key Infrastructure of the Windows 2000 family of operating systems, the Windows PKI White Paper stated, xe2x80x9cThe Web has rapidly become a key element in creating and deploying solutions for the effective exchange of information on a worldwide basis. In particular, growth in its use for business purposes has been dramatic. For many uses, security is a key consideration. Notably: Server authenticationxe2x80x94To enable clients to verify the server they are communicating with. Client authenticationxe2x80x94To allow servers to verify the client""s identity and use this as a basis for access control decisions. Confidentialityxe2x80x94Encryption of data between clients and servers to prevent its exposure over public Internet links.
The Secure Sockets Layer (SSL) and the emerging IETF standard Transport Layer Security (TLS) protocols play an important role in addressing these needs. SSL and TLS are flexible security protocols that can be layered on top of other transport protocols. They rely on PK-based authentication technology and use PK-based key negotiation to generate a unique encryption key for each client and/or server session. They are most commonly associated with Web-based applications and the HTTP protocol (referred to as HTTPS).
SSL and TLS are supported on the Windows platform by the secure channel (schannel) SSPI provider. Microsoft Internet Explorer and Internet Information Services both use schannel for this functionality. Because schannel is integrated with Microsoft""s SSPI architecture, it is available for use with multiple protocols to support authenticated and/or encrypted communications.
Taking full advantage of the SSL and TLS protocols requires both clients and servers to have identification certificates issued by mutually trusted CAs, allowing the parties to authenticate each other. In this mode, certificates are exchanged along with data that proves possession of the corresponding private key. Each side can then validate the certificate and verify possession of the private key using the certificate""s public key. The identifying information included in the certificate can then be used to make supplemental access control decisions. For example, the client can decide whether the server is someone it wishes to conduct business with and the server can decide what data the client will be allowed access.
The Windows NT 5.0 PKI integrates support for the latter decisions as a standard feature of Windows NT Server. User certificates can be mapped on a one-to-one or many-to-one basis against security principals (User objects) in the Active Directory. Schannel can take advantage of this information to automatically synthesize a security token for the client such that the Windows NT ACL mechanisms are used to enforce access control to resources. This is advantageous for services in that they can utilize the identical access control mechanism independent of the client authentication mechanism used (PK or Kerberos).
Once the client and server have authenticated each other, they can proceed to negotiate a session key and begin communicating securely. SSL and TLS are also often employed in a mode that doesn""t require client authentication. Use of mutual authentication is recommended in the enterprise environment, however, because it allows you to make use of the Windows-based access control mechanisms. Also, the PKI significantly simplifies certificate enrollment and management, reducing the burden on the client.xe2x80x9d
In another white paper published by the Microsoft Corporation in September 1998, titled xe2x80x9cWindows NT Workstation 5.0 Key Benefits and Capabilities Whitepaperxe2x80x9d, incorporated by reference herein, (the xe2x80x9cWindows 2000 Workstation White Paperxe2x80x9d) Microsoft provides additional detail on encryption functionality of the Windows 2000 family of operating systems. The Windows 2000 Workstation White Paper stated on page 30 thereof, xe2x80x9cWindows NT Workstation 5.0 provides support for Public Key security, an industry-standard authentication protocol used over public networks, such as the Internet. The most important use of Public Keys is for digital signatures, which assure authenticity of components, including that: E-mail came from the sender; E-mail cannot be viewed or edited by other users; Applications and drivers come from known sources; Software is protected from tampering after installation; The identity of a remote computer is guaranteed; Secure Internet communication is allowed; Strong encryption is allowed, such as that needed for secure transactions.
While other platforms, such as any Windows platform running Internet Explorer 4.0, support the use of Public Keys, Windows NT Workstation 5.0 goes further by providing a more robust infrastructure for creating certificates, xe2x80x9ctrustsxe2x80x9d with other systems, and secure storage for certificates.xe2x80x9d
The Windows 2000 Workstation White Paper expands on secure virtual private network services, stating on page 31 thereof, xe2x80x9cIn addition to PPTP, today""s most common method, Windows NT Workstation 5.0 supports several new, more secure methods of creating Virtual Private Networks, including: L2TP (Layer 2 Tunneling Protocol), a more secure version of PPTP, for tunneling, address assignment, and authentication; IPSEC (IP Security Protocol), a standard-based protocol that provides the highest levels of VPN security. With IPSEC, virtually everything above the networking layer can be encrypted. This provides end-to-end privacy, integrity, and authenticity over public networks. The IPSEC method is transparent to applications and protocols. Microsoft is working closely with vendors to support hardware acceleration for IPSEC through NDIS interfaces.
Windows NT Workstation 5.0 also provides an enhanced Network Connections dialog that makes it easier for users to create VPNs (see the xe2x80x9cSimplicityxe2x80x9d section).xe2x80x9d
Additionally, Microsoft discusses storage encryption functionality within the Windows 2000 family of operating systems in the Windows 2000 PKI White Paper, describing an encrypting file system (EFS) which resides in the Windows 2000 kernel. Microsoft states in the Windows 2000 PKI White Paper on pages 21 and 22 thereof, xe2x80x9cThe Windows NT 5.0 Encrypting File System (EFS) supports transparent encryption and decryption of files stored on a disk in the Windows NT file system (NTFS). The user can designate individual files to encrypt, or folders whose contents are to be maintained in encrypted form. Applications have access to a user""s encrypted files in the same manner as unencrypted files. However, they will be unable to decrypt any other user""s encrypted files.
EFS makes extensive use of PK-based technology to provide mechanisms for encrypting files to multiple users and well as supporting file recovery. To do this, it utilizes the ability of PK to support bulk encryption without prior shared secrets. In operation, each EFS user generates a public key pair and obtains an EFS certificate. The certificate will be issued by an enterprise CA in the Windows NT 5.0 domain, although EFS will generate a self-signed certificate for stand-alone operation where data sharing is not an issue. In addition, Windows NT 5.0 supports an EFS recovery policy in which trusted recovery agents can be designated. These agents generate an EFS recovery public key pair and will be issued an EFS recovery certificate by the enterprise CA. The certificates of the EFS recovery agents are published to domain clients with the Group Policy Object.
In operation, for each file to be encrypted EFS creates a random key that is used to encrypt the file. The user""s EFS public key is then used to encrypt this secret key and associate it with the file. In addition, a copy of the secret key, encrypted with each recovery agent""s EFS public key, is associated with the file. No plaintext copy of the secret key is stored in the system.
When retrieving the file, EFS transparently unwraps the copy of the secret key encrypted with the user""s public key using the user""s private key. This is then used to decrypt the file in real time during file read and write operations. Similarly, a recovery agent may decrypt the file by using the private key to access the secret key.xe2x80x9d
Providing additional detail on the level of security of Microsoft""s Encrypting File System, the Windows 2000 Workstation White Paper states on page 28 thereof, xe2x80x9cAn Encrypted File System (EFS) encrypts files on a hard disk. Each file is encrypted using a randomly generated key, which is independent of the users"" public and/or private key pair. EFS resides in the Windows NT kernel and uses the non-paged pool to store file encryption keys, ensuring that they never reach the paging file. EFS is supported on a file or directory basis. Encryption and decryption is transparent to the user.xe2x80x9d
The instability of computing functions (such as, but not limited to, functions resulting in computing system crashes) is generally regarded as greater at the application level than at the operating system level. The closer the computing functions are to the core of the operating system, the more stable they are generally. If an application level decryption program becomes damaged or corrupted and reinstallation of another decryption program is required, a new xe2x80x9cdecryption keyxe2x80x9d is generated and the previously encrypted computer files, being encrypted to the old xe2x80x9cdecryption key,xe2x80x9d can not be decrypted by the newly installed decryption program. Avoiding the encryption and/or decryption weaknesses inherent in application level programs, Microsoft has taken steps to protect lost xe2x80x9cencryption and/or decryption keysxe2x80x9d in the Windows 2000 PKI. Microsoft stated in the Windows 2000 PKI White Paper on page 14 thereof, xe2x80x9cPublic key pairs and certificates tend to have high value. If they are lost due to system failure, their replacement may be time consuming and result in monetary loss. To-address these issues, the Windows NT 5.0 PKI supports the ability to back up and restore both certificates and associated key pairs through the certificate-management administrative tools.xe2x80x9d
The present invention offers a new and improved method and system to automatically invoke certain functionality of a public key infrastructure and encrypting file system of operating systems to encrypt computer files or computer programs for electronic transmission between computing devices and encrypt those computer files or computer programs for subsequent storage, and restrict usage permissions and/or rights. The present invention instructs the operating systems of the computing devices to temporarily suspend user intervention until completion of the encrypted transmission and encrypted storage process to prevent unauthorized use of replication of the computer files or computer programs. The present invention instructs the public key infrastructure of a serving device to encrypt for transmission a computer file or computer program (and any accompanying permissions and/or rights established by the serving device) stored within, or connected to, the serving device then transmit said computer file or computer program to the client device. Upon receipt by the client device of said computer file or computer program (and any accompanying permissions and/or rights established by the serving device), the present invention automatically instructs the public key infrastructure of the client device to decrypt from transmission said computer file or computer program (and any accompanying permissions and/or rights established by the serving device) transmitted by the serving device. The present invention then instructs the encrypting file system of the client device to encrypt for storage, based on any permissions and/or rights as established by the serving device and which accompanied the computer file or computer program, and store the computer file or computer program. The present invention separates the storage encryption process from the transmission encryption process to enable encrypted transmission between computing devices running different operating systems, using industry standard communication protocols, then having the different operating systems execute their unique or proprietary storage encryption process. Furthermore, the most widely used operating systems support the encrypted transmission standards of the Internet, however, standards do not exist for operating system based encrypted storage. A unique benefit of the present invention is that it utilizes multiple encryption and/or decryption processes to provide an end-to-end solution for the encrypted transfer and storage of computer files and/or programs between computers running different operating systems. Instead of permanently encrypting a computer file and/or program for use on one specific decrypting device or computer, the present invention assigns permissions and/or rights to the computer file and/or program then tasks the encryption functionality of operating system possessing the computer file and/or program to enforce the permissions and/or rights. In this way, flexible permissions and/or rights can be assigned to the computer file and/or program which follow it from computer to computer, from operating system to operating system, while being encrypted and decrypted, as necessary, along the way.
The present invention also offers a new and improved method and system to activate certain functionality of a public key infrastructure and encrypting file system of the client device to execute any permissions and/or rights which accompanied a given computer file or computer program. Permissions and/or rights (such as but not limited to number of plays, print outs, views, uses, copies, moves, relocations, time duration of use, number of users, etc.) will then be enforced by the encrypting file system in conjunction with the present invention. As example, a computer file or computer program received by a client device could be accompanied with the permission or rights, as established by the serving device, allowing the user of the client device to move said computer file or computer program to another computing device (the xe2x80x9cnext client devicexe2x80x9d). In this example, the present invention would instruct the operating systems of the client device and the next client device to prevent user intervention until completion of the move. The present invention instructs the encrypting file system of the client device to decrypt said computer file or computer program. Then the present invention instructs the public key infrastructure of the client device to encrypt for transmission said computer file or computer program (and the permissions and/or rights established by the serving device), then transmit via communication means the computer file or computer program to the next client device. Upon receipt by the next client device of said computer file or computer program (and the permissions and/or rights established by the serving device), the present invention automatically instructs the public key infrastructure of the next client device to decrypt from transmission said computer file or computer program (and the permissions and/or rights established by the serving device) transmitted by the client device. The present invention then instructs the encrypting file system of the next client device to encrypt for storage based on the permissions and/or rights established by the serving device which accompanied said computer file or computer program during transmission from the client device, and store said computer file or computer program.
The present invention pertains to a system for manipulating a computer file and/or program. The system comprises a serving device having access to a computer file and/or program which is unencrypted and which can encrypt the unencrypted computer file and/or program to become an encrypted computer file and/or program and transfer it. The system comprises a connector connected to the serving device on which the encrypted computer file and/or program travels and to which the serving device transfers the encrypted computer file and/or program. The system comprises a client device which receives the encrypted computer file and/or program and decrypts the encrypted computer file and/or program back to the unencrypted computer file and/or program. The client device does not allow intervention to the encrypted computer file and/or program during a time when the encrypted computer and/or file program is received. The serving device is separate, apart and distinct from the client device.
The present invention pertains to a method for manipulating a computer file and/or program. The method comprises the steps of suspending intervention by a user at a client device of the client device. Then there is the step of encrypting an unencrypted computer file and/or program at the server device to form an encrypted computer file and/or program. Next there is the step of transferring the encrypted computer file and/or program to the client device along a connector connected to the client device and the server device. Then there is the step of reestablishing the intervention of the client device by the user.