This invention relates to electronic distribution of information.
The daily volume of information (referred to herein as xe2x80x9cdocumentsxe2x80x9d and including but not limited to files, data streams, electronic representations of documents, multimedia files, etc.) distributed via electronic networks, including the Internet, intranets, private networks, etc. is large and growing. But distributing documents over the networks may be risky, and even dangerous, because the documents are being distributed by insecure network servers to an insecure environment. Networks do not guarantee successful delivery to only the intended recipient(s), do not provide document tractability, and do not provide sender control over the document once it is distributed. Because of the risks, private, restricted, and/or sensitive documents often are not distributed over networks.
The Adobe Portable Document Format (PDF), which is a de-facto standard for electronic distribution of documents, provides for protection of documents via encryption. It uses the 40 bit RC4 encoding scheme from RSA Corporation. Every protected document must have an encryption dictionary that specifies the security handler to be used to authorize access to the document. The document has two passwords: an xe2x80x9copen documentxe2x80x9d password and a xe2x80x9cchange security optionsxe2x80x9d password. The change security options password is used to control access to the document: printing, copying text and graphics out of the document, modifying the document, and adding or modifying text notes. When the correct open document password is supplied, the document is opened and decrypted. The change security options password is required to change these passwords and restrictions. The Adobe PDF thereby provides sender control over the document once it is distributed. But it still fails to provide other needed security measures, such as guaranteed successful delivery to only the intended recipient(s), tractability, and advanced control (e.g. document life, document printing, forwarding, archival, etc.). Moreover, such passwords allow the opportunity for brute-force or repeated attacks, which in time allow document integrity to be compromised.
This invention is directed to solving these and other problems and disadvantages of the prior art. According to the invention, a method of communicating between a client and a server comprises the following steps. In response to receipt of a request for information (xe2x80x9cdocumentxe2x80x9d) from the client, the server sends the information and permissions pertaining to the information, in encrypted form to the client. In response to receipt of the information, the client sends an acknowledgment to the server, decrypts the information, and enforces the permissions with respect to the information and client credentials. In response to activity with respect to the information at the client, the client reports the activity to the server. In response to the receipt of the acknowledgment and the report, the server stores a record thereof. Illustratively, the server validates the request and/or the client in response to receipt of the request and sends the information only upon (successful) validation, while it forbears from sending the information upon a lack of validation.
Preferably, the client authenticates itself with the server by a secure means (e.g., a key, a digital signature, a public-private key, SSL, etc.). The server acknowledges the client and returns confirmation to the client, including encryption keys if appropriate, for this type of transaction. The client then sends a request for a document to the server. Based on client credentials and requested document security settings, the server generates the document, sets permissions, and encrypts it. The server logs information about the client, the document, and the permissions to a database. The server then digitally signs the document and transmits it to the client. Upon receipt of the document, the client transmits an acknowledgment of transmission to the server. The server logs the transmission information. The client decrypts the document based on permission settings set by the server. The client continues to communicate with the server regarding the actions of the client.
Optionally, different classes of clients, with different permissions for different uses can exist. Authentication of the client includes defining the types of transactions that are allowed to the client. The client can have multiple identifiers (IDs) for multiple servers. Different encryption algorithms can be used based on client ID, server environment, and application (higher-security applications, lower-security applications). Initialization of the document system requires that the clients"" information be placed in a directory service to be used by the server for validation of clients.
The invention provides for the secure and controlled electronic distribution of documents across a communications network, such as the Internet for example. Advantages attainable therewith include the following:
The document is delivered securely and to only the intended client. Document reception is confirmed by the client via the acknowledgment to the server.
The document and its history and origin are trackable. Each document may contain specific identifiers, signatures, and/or xe2x80x9cwatermarksxe2x80x9d that confirm the validity and the origin of the document. Such characteristics as the issuer, recipient date of origination, intended purpose, etc., may be tracked. The server may also be notified whenever the document is perused, how many times, and by whom.
The document is delivered, and may even be created, automatically, and delivery is confirmed automatically.
The document is controllable. The originator of the document has total control, through the server, of the document throughout the life of the document. Each document has pre-defined and enforced control characteristics (permissions). For example, the originator may or may not allow the document to be viewed, printed, saved, forwarded, or modified, or may set a limit on the maximum number of permitted viewings and printings. The originator may also allow the document to xe2x80x9clivexe2x80x9d for only a specified amount of time.
The invention can be tailored to substantially any business transaction, including banking, legal processes, certifications, purchases, etc.
The invention can be adapted to any document-based systems such as e-mail and HTML Internet delivery. Furthermore, any transaction that presently requires any exchange of paper can instead use the invention for a secure electronic document exchange.
While the invention has been characterized above in terms of a method, it also encompasses apparatus that performs the method. The apparatus preferably includes an effectorxe2x80x94any entity that effects the corresponding step, unlike a meansxe2x80x94for each step. The invention further encompasses a computer-readable medium (e.g., a memory device) containing instructions which, when executed in a computer, cause the computer to perform the method steps.
These and other features and advantages of the present invention will become apparent from the following description of an illustrative embodiment of the invention taken together with the drawing.