Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Security kernel or utility
Reexamination Certificate
1998-05-07
2001-02-06
Swann, Tod R. (Department: 2767)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Security kernel or utility
Reexamination Certificate
active
06185681
ABSTRACT:
NOTICE OF COPYRIGHTS AND TRADE DRESS
A portion of the disclosure of this patent document contains material which is subject to copyright protection. This patent document may show and/or describe matter which is or may become trade dress of the owner. The copyright and trade dress owner has no objection to the facsimile reproduction by any one of the patent disclosure, as it appears in the Patent and Trademark Office patent files or records, but otherwise reserves all copyright and trade dress rights whatsoever.
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates generally to cryptographic systems and electronic document management systems.
2. Description of Related Art
Global access of electronic information can be critical for even the smallest of businesses today. Very few companies operate solely within the boundaries of a single location or their employee list. Over the last 25 years technology has rapidly advanced and expanded these boundaries. The advent of such technologies as the Internet, intranets, extranets, and e-mail have made the electronic transfer of information common place in businesses today. Management of business information is critical to the success of modern businesses. A technology known as Electronic Document Management (EDM) aims to provide organizations with the ability to find any document, created in any application, by anyone, at any time, dealing with any subject, at any place in the world. EDM includes managing multiple versions of a document. PC DOCS, Inc. (Burlington, Mass.) is one of the world's leading providers of EDM solutions. With the advanced technology of EDM comes a wide variety of information that has varying economic values and privacy aspects. Users may not know what information is monitored or intercepted or who is using their computer.
An electronic document management system (EDMS) is a combination of databases, indexes, and search engines utilized to store and retrieve electronic documents distributed across an organization. An EDMS is designed to provide the structure required for an organization to properly manage and share its electronic document resources
A wide array of information is typically stored in a company's EDMS. This includes:
strategic and corporate plans;
proprietary product and service information;
confidential legal documents;
private health information; and
private employment information.
As companies increase the efficiency of accessing more information, their security risks also increase. According to a recent survey by Ernest & Young LLP:
74% of the respondents said their security risks have increased over the prior two years;
more than a quarter said that their security risks have increase at a faster rate than the growth of their computing;
55% of the respondents lacked confidence that their computer systems could withstand an internal attack
71% of security professionals are not confident that their organizations are protected from external attack; and
two-thirds of the respondents reported losses resulting from a security breach over the prior two years.
The bottom line is simple—the more information available, the more security needed.
It has been said that “There is no need to break the window of a house if the front door is unlocked.” This saying certainly applies to computer security. The “unlocked doors” in electronic information security include:
e-mail;
electronic document management (including non-EDMS file systems); and
stolen hardware.
One of the fastest growing means of communication today is e-mail. It is estimated that over one million e-mail messages pass through the Internet every hour. E-mail provides a quick, economical, easy to use method of sharing both thoughts and electronic information. Unfortunately, e-mail is like an electronic postcard for the world to see. It is transmitted across the Internet using the Simple Mail Transfer Protocol (SMTP). This protocol has virtually no security features. Messages and files can be read by anyone who comes into contact with them.
The number of documents managed by organizations increases daily. Knowledge is becoming the most important product for companies today. As EDM enhances a company's productivity and efficiency to manage that knowledge it also exposes that company to unauthorized access to that knowledge. The typical EDMS solely relies on password protection for security.
The value of the approximately 265,000 portable computers (laptops, notebooks, palmtops) reported stolen in 1996 was $805 million, a 27% increase from 1995. However, the data on these portable computers is worth much more than the hardware itself. It is critical that the data stored on any type of hardware, whether it is a desktop computer, portable computer or server, must be properly secured form any unauthorized access.
Some of the “locks” used for electronic information security include:
passwords,
firewalls,
smart cards, and
encryption.
Passwords are often used to prevent unauthorized individuals from accessing electronic data. Passwords may also be used to link activities that have occurred to a particular individual. The problem with passwords is that if any unauthorized party steals or guesses a password, the security of the computer system may be severely compromised. Passwords are wholly inadequate for file archiving.
Systems using firewalls prevent intruders from accessing the firm's internal systems. Password-based firewall systems do not provide positive user identification nor do they protect electronic data that is stored on a server, has left the firm on a portable computer, is sent via e-mail over the Internet, or is stored on a floppy disk.
The typical smart card is a self-contained, tamper resistant, credit card size device that serves as a storage device and is equipped with an integrated microprocessor chip an non-volatile electronic memory. The smart card processes information on the integrated microprocessor chip. Security is enhanced because the user must have the smart card along with the user's confidential information (e.g., a password) to gain access to their computer files. Passwords are kept off computer hosts and on the smart card to enhance security. Smart cards typically can only be accessed with a user-defined password. Many smart cards include a lock-out feature so that failed attempts at the smart card password will lock the card out to prevent any unauthorized or fraudulent use of the smart card. ISO 7816 compliant smart cards and smart card readers follow industry standards.
Increasingly, information technology professionals are turning to encryption technologies to ensure the privacy of business information. Encryption can provide confidentiality, source authentication, and data integrity. Unfortunately encryption generally is cumbersome and difficult to use. A major obstacle for the implementation of encryption technologies has been their disruption to the users' workflow.
Encryption is a process of scrambling data utilizing a mathematical function called an encryption algorithm, and a key that affects the results of this mathematical function. Data, before becoming encrypted, is said to be “clear text.” Encrypted data is said to be “cipher text.” With most encryption algorithms, it is nearly impossible to convert cipher text back to clear text without knowledge of the encryption key used. The strength of the encrypted data is generally dependent upon the encryption algorithm and the size of the encryption key.
There are two types of encryption: symmetric (private key) and asymmetric (public key).
Private key encryption uses a common secret key for both encryption and decryption. Private key encryption is best suited to be used in trusted work groups. It is fast and efficient, and properly secures large files. The leading private key encryption is DES (Data Encryption Standard). DES was adopted as a federal standard in 1977. It has been extensively used and is considered to be strong encryption. Other types of private key encryption include: Triple-DES, IDEA, RC4, M
Anderson Roy L.
Sereboff Steve C.
Smithers Matthew
Swann Tod R.
LandOfFree
Method of transparent encryption and decryption for an... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method of transparent encryption and decryption for an..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method of transparent encryption and decryption for an... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2567686