The present invention relates to document printing. More particularly, this invention relates to secure networked document printing.
A computer network typically includes one or more personal computers (sometimes called “client computers”) coupled together via a communications network. The communications network may link client computers located within a single office, or may couple client computers located over a large geographic area. A computer network also may include one or more print output devices, such as printers, copiers, facsimile machines, and plotters (collectively referred to herein as “printers”), that may be used on a shared basis by network users to print documents created or displayed on the client computers. In particular, when a user issues a “print” command from within an application program on a client computer, a print job is created that typically is routed over the network to a selected printer.
If the print job includes confidential or other sensitive information, the security of that information may be compromised in a conventional networked printing environment. For example, a networked computer that includes network snooping software may be able to intercept the print job as it is routed to the selected printer. Previously known techniques for addressing this problem have required special purpose printers that may not be available on existing computer networks, and may be costly to obtain.
For example, Slick et al. European Patent Application No. EP 1 091 285 A2 (“Slick”) describes a secure printing method in which print data are first encrypted with a randomly generated symmetric key, and then the symmetric key is encrypted twice, using public keys of both the intended recipient and the intended printer. To implement this technique, the selected printer includes an embedded “smart chip” that contains the printer's private key, and also includes an interface device for reading the intended recipient's private key from a smart card. Slick does not, however, describe secure document printing techniques that may be implemented using conventional printers that do not include such specialized smart chips and smart card interfaces.
Davis et al. U.S. Pat. No. 5,633,932 (“Davis”) describes a system and method for preventing a document from printing until the printer locally authenticates the intended recipient. In particular, a sending node first obtains a public key of a selected printing node, encrypts a document using the printer's public key, and then transfers the encrypted document over a network to the printing node. The printing node decrypts the document using the printing node's private key, and then prints the decrypted document only after the intended recipient is authenticated via either a keyboard, keypad, smart card, or biometric input coupled to the printing node. Davis does not describe secure document printing techniques that may be implemented using conventional printers that do not include such specialized authentication interfaces. Also, Davis does not describe systems that include printers that do not include public and private keys provided by the printer manufacturer
Accordingly, such previously known techniques may not be useful for existing computer networks that include conventional printers, without costly replacement or retrofit of the printers to include specialized hardware. It therefore would be desirable to provide methods and apparatus for securely printing a document over a communications network using conventional printers.