1. Field of the Invention
The present invention relates to a complete, end-to-end, automatic transaction control/monitoring method for transmitting, under variable and high levels of security, high-value business, personal, or Federal/military information, on a real or near real-time basis.
2. Related Art
A "secure document" or "secure information" is any document media (paper, disc, voice, video, etc.) containing U.S. classified documents or information (i.e. "confidential," "secret," "top secret," etc.), business-sensitive, proprietary documents or information, highly personal documents or information, and any document or information where limited and fully controlled/auditable access is desired.
If an individual wishes to send a secure document via telefacsimile, for example, the current method of sending such a secure document is to call the receiving end and somehow make sure by voice communication that the intended, authorized recipient is standing at the other end at the receiving telefacsimile. Once the identity and proximity to the receiving telefacsimile of the intended recipient (mainly, via voice familiarity) is verified, the sending individual sends the document. After sending, the intended recipient provides confirmation to the sending individuals that the document was printed and received.
The same limited security procedure is followed when printing information from an electronic database to a remote conventional printer or other terminal device.
Thus, current hardware and systems involve limited or no automation in handling such secure documents or information on both a local and network basis. The systems and procedures currently available are mainly "person(s)-in-the-loop" systems which require certain labor-intensive actions and a high degree of manual coordination to achieve a limited "secure" operation. The labor-intensive aspect of this coordination procedure greatly increases the duration and costs of transmission while it decreases productivity. Therefore, there is a need in the art to provide a method of transmitting secure documents in a way which does not require such labor-intensive manual assistance.
It is noted that some islands of automation are available, but no end-to-end automation, with full auditability and real-time or near real-time control. Current systems such as a secure telephone unit ("STU") or STU facsimile machines assure no illegal tapping or eavesdropping but do not guarantee that the caller, recipient, or group is positively identified or is an authorized user or recipient. The positive identification and verification of authorization is always performed manually. Thus, there is a need for end-to-end automation, with full auditability and real-time or near real-time control of the transmission of secure documents and information.
A similar problem occurs in handling secure documents and secure information relating to work for various Federal agencies, including, U.S. Department of Defense (DOD). Secure documents and information are often located in a special file cabinet fitted with a piece of securing hardware, e.g., a number lock or combination lock, which is approved by the DOD. Every time the file cabinet is entered, the entering individual must manually enter a myriad of information into a log such as: which document was used; who handled it; date; time; and what was done with the document (i.e. document was copied; document was sent to another individual at another site). The DOD requires auditing and notification at the end of each month of all the people who handled each secure document. At the very least, the DOD requirements compel manual compilation of all the logs which is extremely tedious and costly.
Therefore, there is a need in the art to provide a cost-effective automatic auditing and monitoring capability which also provides electronic time, date and place identification stamps.
Further, these specially secured file cabinets are often grouped in secure rooms that have doors secured by special locks. Upon entry into the room, an additional log must be maintained to provide notification and accounting to the DOD. This additional step also creates additional delay in effective work time and greatly increases costs.
Therefore, there is a need in the art to provide a cost-effective automatic room security which mechanizes the room access logs and thereby decreasing costs and increasing productivity.
Exacerbating the foregoing problems, in order to copy certain secret government documents, only certain "secure" or tempest class copiers may be used so that the copier OPC drum may be cleared after copying and cartridges may be disposed of by only authorized personnel. Before these copies are made, a log sheet must be completed providing the details of the copying of the document. This creates yet another labor-consuming delay that increases costs and decreases productivity. In fact, access logs and usage data are generally maintained manually for secure facilities, information handling equipment, and users.
Therefore, there is a need in the art to provide an automatic information management and security system which eliminates the time inefficiencies and waste associated with manual logging and tracking of copies of high-value, secret documents.
Underlying the entire system is the fact that it is up to the employees and security personnel to verify whether a particular individual has a secret clearance, badge code number, or some other indicia of authorization and identification. Therefore, to prevent improper access, manual or personal direct intervention is required to verify both authorization and need to know in order to prevent improper and unauthorized transfer of secure documents. The verification by employees diverts resources from productive activity. The verification by security personnel results in additional salary or expense overhead.
Therefore, there is a need in the art to provide a system which greatly reduces the need for manual intervention to prevent unauthorized transfer of secure, proprietary and personal documents.
On a related matter, when an individual's authorization is revoked and the individual gains unauthorized access to secure documents a security breach occurs. When this security breach is manually detected, it is impossible to inform all the employees and/or security personnel of the breach in a timely fashion in order to insure manual intervention. In a large company, timely notification and communication of the changing authorizations of employees is relatively impossible. This is because authorization has traditionally been carried in the form of a color-coded badge or the like. As a result, if the security of a document has been breached by use of an authorization which has been terminated or forged, an entire month or more could pass before the monthly DOD audit discovers the security breach.
Therefore, there is a need in the art to provide an automated system for continuously updating comprehensive information about the authorizations of individuals, and to prevent unauthorized access to secure documents at the time access is attempted (real-time control).
Transmission of secure information (documents, data, video, etc.) is even more of a concern, given the planned office integration/automation Systems and Architectures (SW/HW) of the future; a la the ones announced by the Microsoft Corporation ("Microsoft-At-Work", see FIG. 7), Adobe ("Acrobat" for Print Documents), Apple Computer ("OCE"), General Magic ("Magic Cap") etc. covering the emerging multi-media information management systems for office and home. For example, the Microsoft Corporation is working on a new project currently called "Microsoft at Work" which would allow a worker to write a report and, by tapping a key, have 20 copies of the report printed, copied, and collated on one machine, thereby eliminating the step of having an individual take the report from the printer and take it to a photocopy machine where 20 copies are made. See "Software Giant Aiming at the Office," New York Times, Jun. 8, 1993, p. C1. See also, Hardcopy Observer, published by Lyra Research: Vol. III, Number 7, "Microsoft at Work Office," pp. 31-39 (July 1993); Vol. IV, Number 2, "Microsoft-at-Work Software," p. 30 (February 1994); Vol. IV, Number 3, "Microsoft-at-Work For Home Entertainment (SEGA games)", p. 9 (March 1994). In essence, the systems of the future integrate paper and electronic mediums.
Therefore, there is a need in the art to provide an automated information management and security system which would be compatible with the present office technology, yet would be compatible with potential integrated office equipment, networks, and architectures of the future.
The present invention provides an information management and security system which overcomes the shortcomings of the known systems providing various advantages such as instantaneous, multiple secure access(es) and minimizing the total "life-cycle" costs of managing "secure" information (from inception to destruction) utilizing present technology while being also compatible with new technology contemplated for the future. Also provides for transaction database services such as archiving, historic usage trends, transaction reporting/abstracting (user-definable) services.