This invention is directed to a method and system for the propagation of security information for secure information exchange. More particularly, this invention is directed to a method and system for associating new authentication information with existing authentication information and using the existing authentication information to qualify the new authentication information for further usage.
Office settings typically include a variety of document processing devices, such as printers, copiers, facsimile machines, scanners, and the like, which employ little to no inherent data security. A user with physical access to the computer network of such an office is able to view or intercept the plain text transmission of documents sent by another user over the network. Various attempts to encrypt document data have been employed, such as requiring the input of a password at the receiving document processing device to output the document. In typical secure document processing operations, a user encrypts a document for transmission to a document processing device. Once received, the document processing device decrypts the data and outputs the document accordingly. However, to maintain security, each document processing device on a computer network employs a unique public key/private key encryption combination. Each of the security protocols requires the preliminary step of exchanging the encryption or security keys. Such an exchange requires a two-sided communication between the client and the server. When the client is only able to send information to the server, and not receive any information back, it becomes important to capture some kind of authentication information from existing sources on the client side, and also generate new authentication information on the client, for use for the specific purpose of communicating with a particular server.
Thus, there is a need for the association of existing authentication information with the new authentication information, and using the existing authentication information to qualify the new authentication information for further usage.