1. Field of the Invention
This invention relates to computer network communication systems and, more particularly, to a system for monitoring secure commercial transactions in a computer network.
2. Background
Electronic commerce is currently expanding at a rapid rate. With the proliferation of low-cost electronic communication techniques, consumers, purchasing agents, merchants, suppliers, manufacturers, credit companies, banks and other institutions continue to expand their use of electronic commercial transaction technology. Wide scale use of commercial transactions, however, require wide scale accessibility.
In order to cost-effectively provide wide scale accessibility, commercial transaction systems must not only operate with private communication networks, but also operate with general purpose publicly accessible networks such as the internet or publicly accessible network service providers. Because publicly accessible networks have much larger numbers of users, they often provide lower transmission costs than private communication networks. Unfortunately, eavesdroppers and other intermediaries have regular and easy access to electronic messages transported on publicly accessible networks.
As a result, publicly accessible networks are not secure. Accordingly, methods have been developed to create electronic documents which are private and secure from unauthorized use. In conventional systems, an electronic document is usually converted into a secret form before transmission over the publicly accessible network. The process of converting information into a secret form is called "encryption" and a converted document is called an "encrypted" document.
When the encrypted document arrives at its destination, the encrypted document is converted back to its original form. The process of converting an encrypted document into readable form is called "decryption" and the readable document is called a "decrypted" document. A basic introduction to encryption and decryption is described in the text written by Bruce Schneier entitled "Applied Cryptography: Protocols, Algorithms And Source Code In C," published by John Wiley & Sons, 1994, which is hereby incorporated herein by reference.
Typically, secure documents rely on what are called "keys" to encrypt and decrypt secure documents in a particular manner. In encryption, the key is a word, number or encryption format which "locks" the document from unauthorized viewing. In decryption, a matching key is then used to "unlock" or translate the encrypted document back into readable form. Thus, an encryption key is analogous to a mechanical key which locks a door while the decryption key is analogous to a mechanical key which unlocks a door.
One technique called "public key/private key" encryption uses two different keys. The first key is called a public key and it is used to encrypt a document. The second key is called a private key and it is used to decrypt the encrypted document. This is analogous to a door lock with two keys, anyone who owns the public key can lock the door, but only the person who owns the private key can unlock the door. In conventional systems, the public key is publicly disseminated while the private key is kept private.
For example, assume that a computer user named Aaron wishes to receive encrypted information. Aaron first directs his computer to create a public key and a private key pair. Aaron then keeps his private key private while freely distributing his public key to other computer users. If another computer user named Barry wishes to send a document to Aaron, Barry directs his computer to encrypt the document with Aaron's public key and also directs his computer to send the encrypted document to Aaron. When Aaron's computer receives the encrypted document, it decrypts the encrypted document with Aaron's private key. Thus, while Barry and other computer users can send encrypted documents to Aaron, only Aaron can decrypt and read the document.
Besides providing security, current systems also use encryption techniques to authenticate or "digitally sign" a document. While digital signatures authenticate documents, digital signatures differ significantly from hand written signatures in that a digital signature "signs" a document by encrypting a portion of the document in a unique manner.
For example, if a computer user named Carl wishes to digitally sign an electronic document, Carl first directs his computer to create a public key private key pair. Carl's computer then digitally signs the electronic document by encrypting a portion of the document with Carl's private key. Carl can then direct his computer to send the document and Carl's public key to another computer user. In this example, the other computer user is named Doug. When Doug receives the electronic document and Carl's public key, Doug can direct his computer to verify Carl's digital signature by comparing the digitally signed portion of the document with Carl's public key to see if a predefined mathematical relationship exists. If so, the digital signature is authenticated. Because only Carl can properly encrypt the digital signature with his private key, other computer users cannot fraudulently sign the document.
Finally, the security techniques and digital signature techniques can be combined to create secure documents which contain digital signatures. For example, assume that two computer users named Eric and Frank wish to transmit digitally-signed secure documents. In this example, both Eric and Frank create public key/private key pairs. If Frank wishes to receive secure documents he sends his public key to Eric. Eric then directs his computer to generate an electronic document and digitally signs a portion of the electronic document with Eric's private key. Next, Eric directs his computer to encrypt the digitally-signed electronic document with Frank's public key. Eric then sends the encrypted, digitally-signed document and Eric's public key to Frank.
When Frank's computer receives the encrypted, digitally-signed document, it decrypts digitally-signed document with Frank's private key. Because only Frank's computer can decrypt the digitally-signed document, the document is secure. Frank can then verify Eric's digital signature by directing his computer to compare the encrypted digital signature to Eric's public key to see if a predefined mathematical relationship exists. If so, the digital signature is said to be authentic.
Such techniques are widely seen as an essential means for securing the privacy of consumers, and for authenticating the identity of consumers who exchange information on publicly accessible networks. These techniques, however, create a variety of maintenance problems for network service providers. For example, a network service provider needs information to route a secure document to its proper destination. In addition, a network service provider often desires to obtain audit information from the secure transmissions in order to properly bill transaction fees. Still further, in the event of a system crash or power outage, a network service provider needs an efficient means for locating secure documents which have been stored in a backup system.
Thus, while computer users wish to retain the privacy and the integrity of secure documents, providers of publicly accessible networks need the capability of monitoring the transmittal of secure documents to ensure proper routing, proper billing and the proper retrieval of secure documents from backup facilities. Consequently, current encryption and decryption techniques are not optimally adapted for publicly accessible networks. Accordingly, network providers need a cost-effective, flexible and secure system which can both provide secure audit information while maintaining the confidentiality of a secure document.