The present invention relates generally to the transfer of encrypted data between computers connected to a network. More specifically, this invention pertains to a system and method for transferring selected sections of an encrypted document stored on a document server across a network to a remote client computer at the request of a user.
Electronic document delivery is rapidly replacing more conventional physical document delivery in many applications. For example, businesses are storing documents of various types and sizes on computers that they control for the purpose of rendering those documents accessible to customers or clients who can connect to that computer or server using the Internet or a proprietary TCP/IP computer network. In such a prior art system, a user would access the document server from the user's remote client computer, locate the document of interest, and send a command that would cause the document to be transferred across the network to the client computer.
In many such applications, the document server computer is connected to a network, such as the Internet, that is accessible to remote computers and users who have no need for the electronic documents stored on the server. If its owner considers the information contained in the electronic documents confidential, then the documents must be secured and protected against unauthorized access. Conventionally, this security is supplied by document encryption. In the various document encryption methods known to those skilled in the art, the secure electronic documents are transferred across the network to a client computer in encrypted form, where they are decrypted using one or more encryption keys made available to authorized users and clients. Most such systems are "avalanche based," meaning that the encryption of each byte of data in an electronic document is dependent on the value of the preceding byte. "Secure Socket Layer" (SSL) is another conventional security protocol in which the electronic documents reside on the server in unencrypted form but are encrypted when transferred across the network to a client.
All such prior art systems and methods for transferring encrypted documents across a network have a common deficiency. If an authorized user requests that a portion of a secure document be transferred from the document server to the client computer, the entire document must be decrypted. If the electronic document is large as compared to the rate at which the encrypted data can be transferred across the network and decrypted, efficiency is compromised. The user must wait to receive the desired section of the document while unwanted sections are also transferred. Valuable user time, processing capacity, and network bandwidth are wasted while an entire electronic document is transferred and decrypted so that the user can access only part of that document.
What is needed, then, is a system and method for transferring a desired section of an encrypted electronic document across a computer network without having to transfer and decrypt the entire document.