US20040181668A1 - Methods for conducting server-side encryption/decryption-on-demand - Google Patents
Methods for conducting server-side encryption/decryption-on-demand Download PDFInfo
- Publication number
- US20040181668A1 US20040181668A1 US10/626,103 US62610303A US2004181668A1 US 20040181668 A1 US20040181668 A1 US 20040181668A1 US 62610303 A US62610303 A US 62610303A US 2004181668 A1 US2004181668 A1 US 2004181668A1
- Authority
- US
- United States
- Prior art keywords
- data file
- file
- encrypted data
- server
- memory locations
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/76—Proxy, i.e. using intermediary entity to perform cryptographic operations
Definitions
- the present invention is directed to methods and systems for securing files that are received, processed, stored, and delivered on or by typical web server applications, services, and devices.
- the present invention implements a method used to secure computer files on a file server using dual-key encryption technologies without requiring the exchange of encryption keys with external users.
- the method may be embedded within one or more computer-readable programs, written in a programming language, such as Perl, and running on a web server.
- the method may employ the use of a single encryption/decryption key pair that is stored on the same web server to encrypt files received from external users on an inbound path and to decrypt files delivered to external users on an outbound path. All inbound and outbound encryption and decryption occurs in real time in a memory subsystem of the web server, which may include Random Access Memory (RAM).
- RAM Random Access Memory
- a method of encrypting and decrypting an electronic file on a web-based computer system includes receiving, by a computer system, an electronic data file, where the computer system includes a memory subsystem and a plurality of memory locations, encrypting the data file in the memory subsystem, storing the encrypted data file in one or more of the plurality of memory locations, retrieving the encrypted data file from the one or more memory locations, decrypting the encrypted data file in the memory subsystem, and displaying the decrypted data file on a web browser.
- the memory subsystem includes random access memory.
- the receiving step is performed using a SSL/HTTPS protocol.
- the transmitting step is performed using a SSL/HTTPS protocol.
- the method may further include, prior to the receiving step, receiving a username and a password from an external user device and verifying that the username and password correspond to a pre-defined user having access to the computer system.
- the method further includes, between the storing step and the retrieving step retrieving the encrypted data file from the one or more memory locations, analyzing the encrypted data file, modifying the analyzed data file, and storing the modified data file in the one or more memory locations.
- a method of encrypting and decrypting an electronic data file on a web-based computer system includes receiving, by a web server, an electronic data file, where the web server includes a memory subsystem, encrypting the data file in the memory subsystem, transmitting the encrypted data file to a file server having a plurality of memory locations, storing the encrypted data file in one or more of the plurality of memory locations, retrieving the encrypted data file from the one or more memory locations, transmitting the encrypted data file to the web server, decrypting the encrypted data file in the memory subsystem, and displaying the decrypted data file on a web browser.
- the method further includes, between the storing step and the retrieving step, retrieving the encrypted data file from the one or more memory locations, transmitting the encrypted data file to a back-end data processing server, analyzing, by the back-end data processing server, the encrypted data file, modifying, by the back-end data processing server, the analyzed data file, transmitting the modified data file to the file server, and storing the modified data file in the one or more memory locations.
- a system for encrypting and decrypting an electronic data file includes a web server for encrypting a data file and decrypting an encrypted data file, the web server having a memory subsystem, a file server, electrically connected to the web server, for storing the encrypted data file, the file server having a plurality of memory locations, and a back-end data processing server, electrically connected to the file server, for modifying the encrypted data file.
- the web server includes a computer process for receiving the data file from an external user device, encrypting the data file in the memory subsystem, and transmitting the encrypted data file to a file server.
- the file server includes a computer process for receiving the encrypted data file from the web server, storing the encrypted data file in one or more of a plurality of memory locations, retrieving the encrypted data file from the one or more memory locations, and transmitting the encrypted data file to the back-end data processing server.
- the back-end data processing server includes a computer process for receiving the encrypted data file from the file server, analyzing the encrypted data file, modifying the analyzed data file, and transmitting the modified data file to the file server.
- the computer process of the file server further includes receiving the modified data file from the back-end data processing server, storing the modified data file in the one or more memory locations, retrieving the modified data file from the one or more memory locations, and transmitting the modified data file to the web server.
- the computer process of the web server further includes receiving the modified data file from the file server, decrypting the modified data file in the memory subsystem, and displaying the decrypted data file on a web browser.
- a system for encrypting and decrypting an electronic data file includes a web server for encrypting a data file and decrypting an encrypted data file, the web server having a memory subsystem, and a file server electrically connected to the web server, for storing the encrypted data file, the file server having a plurality of memory locations.
- the web server includes a computer process for receiving the data file from an external user device, encrypting the data file in the memory subsystem, and transmitting the encrypted data file to the file server.
- the file server includes a computer process for receiving the encrypted data file from the web server, storing the encrypted data file in one or more of the plurality of memory locations, retrieving the encrypted data file from the one or more memory locations, and transmitting the encrypted data file to the web server.
- the computer process of the web server further includes receiving the encrypted data file from the file server, decrypting the encrypted data file in the memory subsystem, and displaying the decrypted data file on a web browser.
- the computer process of the file server further includes, between the storing step and the retrieving step, retrieving the encrypted data file from the one or more memory locations, analyzing the encrypted data file, modifying the analyzed data file, and storing the modified data file in the one or more memory locations.
- a system of for encrypting and decrypting an electronic data file includes a server including a memory subsystem, a plurality of memory locations, and a computer process for receiving a data file from an external user device, encrypting the data file in a memory subsystem, storing the encrypted data file in one or more of a plurality of memory locations, retrieving the encrypted data file from the one or more memory locations, decrypting the encrypted data file in the memory subsystem, and displaying the decrypted data file on a web browser.
- the computer process further includes, between the storing step and the retrieving step, retrieving the encrypted data file from the one or more memory locations, analyzing the encrypted data file, modifying the analyzed data file, and storing the modified data file in the one or more memory locations.
- the invention may take form in various components and arrangements of components, and in various steps and arrangements of steps.
- the drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention.
- FIG. 1 depicts an exemplary diagram of the computer architecture and network connections used to implement an embodiment of the present invention.
- FIG. 2 illustrates a data flow diagram of the inbound flow of files sent from an external user computer and the outbound flow of files to an external user computer according to an embodiment of the present invention.
- FIG. 3 shows a program logic diagram for two computer program applications according to an embodiment of the present invention.
- FIG. 1 depicts an exemplary diagram of the computer architecture and network connections used to implement an embodiment of the present invention.
- a user computer 1 may be connected to a computer network 2 .
- the computer network 2 may include, without limitation, the Internet, an intranet, or any other interconnected network of computers.
- the connection of the user computer 1 to the computer network 2 may be achieved by any standard communication means including, but not limited to, a dialup service, a cable connection, a digital subscriber line, an Ethernet network interface, an Asynchronous Transfer Mode network interface, a wireless service, or similar technologies.
- a web server 3 running a standard http/https web server application may be used to transmit web pages to the user computer 1 .
- a file server 4 may store a plurality of incoming files until they are retrieved by a back-end data processing server 5 .
- the file server 4 may store outgoing files until they are retrieved by the user and sent to the user computer 1 .
- a back-end data processing server 5 may be used to host special purpose applications that may transform or modify encrypted files and generate outgoing user-deliverable files.
- the computer/network architecture depicted in FIG. 1 is only one of many configurations that may be used to implement the method and system of the present invention.
- the method or system may be implemented using only two servers, such as a web server and a combined file and back-end data processing server.
- the method or system may be implemented entirely within a single server, such as a web server that performs all three functions described in reference to FIG. 1: web server, file server and back-end data processing server.
- the network architecture depicted in FIG. 1, and described in reference thereto is preferred because it maximizes security by separating the data flow and processing across machines that may be separated by firewalls.
- FIG. 2 illustrates a data flow diagram of the inbound flow of files sent from an external user computer and the outbound flow of files to an external user computer according to an embodiment of the present invention.
- the user computer 1 may-access a login page 6 of a service provider's website using any web browsing application, such as Netscape Navigator or Microsoft's Internet Explorer.
- a user may supply an assigned username and password when accessing the login page 6 in order to access the web server 3 .
- the transmission of the login page 6 and all subsequently described pages and files transmitted between the user computer 1 and the web server 3 may utilize the secure SSL/HTTPS protocol standard.
- the login page 6 of the preferred embodiment may be used to provide an additional layer of security. However, the login page 6 may be removed where user authentication via the submission of a username and/or a password is unnecessary, but encryption/decryption-on-demand is still required.
- a user may select a file stored locally on the user computer 1 and submit the file for processing by the web server 3 via a file upload web page 7 .
- the upload transmission may be securely transmitted via use of the SSL/HTTPS protocol standard, which provides an additional layer of security to the transmission environment.
- the SSL/HTTPS standard is not used for the transmission of one or more of the transmitted files between the user computer 1 and the web server 3 .
- a computer program 8 written in a computer-recognizable language, such as Perl, and stored on the web server 3 may be used to process an incoming electronic data file.
- the process of encrypting the program is depicted in FIG. 3.
- the electronic data file may be processed by reading the data file in unencrypted form 16 from a buffer on the web server 3 into a memory subsystem of the web server.
- the memory subsystem may include one or more memory devices, including, without limitation, Random Access Memory (RAM).
- the content of the data file may then be encrypted 17 in the memory subsystem via a system call to an encryption application, such as PGP.
- the encrypted data content may be saved 18 to a file on the web server 3 .
- the encrypted data file may then be transferred 9 from the web server 3 to the file server 4 . This transfer may be performed via a File Transfer Protocol (FTP) program or any similar program for transferring files between servers.
- FTP File Transfer Protocol
- a computer application environment other than Perl may be used to implement the present invention.
- any application environment permitting direct system calls (e.g., to an encryption utility) and Common Gateway Interface (CGI) interactions with a web server may be used.
- CGI Common Gateway Interface
- the present invention may be implemented via the use of dual-key encryption technologies other than PGP or through the use of single-key or other encryption methodologies.
- additional processing of the encrypted data file on the back-end data processing server 5 may be performed. Such additional processing is optional to the present invention.
- the additional processing may include using a FIP program to send 10 the encrypted data file from the file server 4 to the back-end data processing server 5 .
- the encrypted data file may then be analyzed, modified and/or rewritten II by the back-end data processing server 5 , and transferred back 12 to the file server 4 as an encrypted user-deliverable data file.
- the encrypted user-deliverable data file may be transferred 13 from the file server 4 to the web server 3 by using a FIP program.
- a computer program 14 written in a computer-recognizable language, such as Perl, and stored on the web server 3 may be used to decrypt the outgoing encrypted user-deliverable data file.
- the process of decrypting the file is depicted in FIG. 3.
- the encrypted user-deliverable data file may be read in encrypted form 19 from a buffer on the web server 3 into the memory subsystem.
- the file content may be decrypted in the memory subsystem via a system call to a decryption application, such as PGP, and the encrypted data file may be deleted from the system 20 .
- the decrypted content in the memory subsystem may then be downloaded 21 to the user's browser 15 via a buffer on the web server 3 .
- the two computer programs 8 , 14 may perform additional functions that are not essential to the implementation of the present invention.
- the additional, non-essential functions are part of the preferred embodiment of the present invention, however, and are referenced herein to show the implementation of the preferred embodiment.
- the additional, non-essential functions in computer program 8 may include, without limitation, the user authentication process including the reception of a username and password.
- the additional, non-essential functions in computer program 14 may include, without limitation, a means for creating a web page (dynamically) listing all available user-deliverable files and allowing the user to choose which file to decrypt and download.
Abstract
A method and system for encryption and decryption of data files on a web-based computer system includes encrypting the data file in a memory subsystem, such as RAM, storing the encrypted data file in one or more of a plurality of memory locations, analyzing and modifying the encrypted data file, retrieving and decrypting the modified data file; and displaying the decrypted data file on a web browser. The computer system may include one to three servers. The data file may be encrypted and decrypted using any dual-key encryption algorithm, such as PGP, or a single key algorithm. Data transmitted into and out of the computer system may be via an SSL/HTTPS protocol to provide additional security.
Description
- This application is a continuation-in-part of, claims priority to, and incorporates by reference in its entirety, co-pending U.S. patent application Ser. No. 09/343,921, filed on Jun. 30, 1999.
- The present invention is directed to methods and systems for securing files that are received, processed, stored, and delivered on or by typical web server applications, services, and devices.
- Many current web-based services receive and deliver encrypted files to and from external users or customers over electronic networks, such as the Internet. These web-based services often require their users to encrypt files prior to transmission and decrypt files upon receipt.
- Requiring users of a service to encrypt and decrypt files typically requires time-consuming public key exchange procedures between the user and the service provider. In addition, it places a heavy burden on non-technical users who may not be familiar with dual-key encryption methods and tools. Furthermore, the encryption and decryption processes require the service provider to develop and establish a key management infrastructure that increases in complexity as the number of users using the service increases.
- What is needed is a method and system for encrypting and decrypting electronic files that overcomes all of these concerns and problems while ensuring that strong protection and security are provided to important files.
- The present invention implements a method used to secure computer files on a file server using dual-key encryption technologies without requiring the exchange of encryption keys with external users. The method may be embedded within one or more computer-readable programs, written in a programming language, such as Perl, and running on a web server. The method may employ the use of a single encryption/decryption key pair that is stored on the same web server to encrypt files received from external users on an inbound path and to decrypt files delivered to external users on an outbound path. All inbound and outbound encryption and decryption occurs in real time in a memory subsystem of the web server, which may include Random Access Memory (RAM). As a result, no unencrypted version of an electronic file needs to be created using the present invention. The method and system do not require any specific dual-key or public-private key encryption product or environment.
- In a preferred embodiment of the present invention, a method of encrypting and decrypting an electronic file on a web-based computer system includes receiving, by a computer system, an electronic data file, where the computer system includes a memory subsystem and a plurality of memory locations, encrypting the data file in the memory subsystem, storing the encrypted data file in one or more of the plurality of memory locations, retrieving the encrypted data file from the one or more memory locations, decrypting the encrypted data file in the memory subsystem, and displaying the decrypted data file on a web browser. In an embodiment, the memory subsystem includes random access memory. In an embodiment, the receiving step is performed using a SSL/HTTPS protocol. In an embodiment, the transmitting step is performed using a SSL/HTTPS protocol.
- In an embodiment, the method may further include, prior to the receiving step, receiving a username and a password from an external user device and verifying that the username and password correspond to a pre-defined user having access to the computer system. In an alternate embodiment, the method further includes, between the storing step and the retrieving step retrieving the encrypted data file from the one or more memory locations, analyzing the encrypted data file, modifying the analyzed data file, and storing the modified data file in the one or more memory locations.
- In an alternate embodiment, a method of encrypting and decrypting an electronic data file on a web-based computer system includes receiving, by a web server, an electronic data file, where the web server includes a memory subsystem, encrypting the data file in the memory subsystem, transmitting the encrypted data file to a file server having a plurality of memory locations, storing the encrypted data file in one or more of the plurality of memory locations, retrieving the encrypted data file from the one or more memory locations, transmitting the encrypted data file to the web server, decrypting the encrypted data file in the memory subsystem, and displaying the decrypted data file on a web browser. In an alternate embodiment, the method further includes, between the storing step and the retrieving step, retrieving the encrypted data file from the one or more memory locations, transmitting the encrypted data file to a back-end data processing server, analyzing, by the back-end data processing server, the encrypted data file, modifying, by the back-end data processing server, the analyzed data file, transmitting the modified data file to the file server, and storing the modified data file in the one or more memory locations.
- In a preferred embodiment, a system for encrypting and decrypting an electronic data file includes a web server for encrypting a data file and decrypting an encrypted data file, the web server having a memory subsystem, a file server, electrically connected to the web server, for storing the encrypted data file, the file server having a plurality of memory locations, and a back-end data processing server, electrically connected to the file server, for modifying the encrypted data file. The web server includes a computer process for receiving the data file from an external user device, encrypting the data file in the memory subsystem, and transmitting the encrypted data file to a file server. The file server includes a computer process for receiving the encrypted data file from the web server, storing the encrypted data file in one or more of a plurality of memory locations, retrieving the encrypted data file from the one or more memory locations, and transmitting the encrypted data file to the back-end data processing server. The back-end data processing server includes a computer process for receiving the encrypted data file from the file server, analyzing the encrypted data file, modifying the analyzed data file, and transmitting the modified data file to the file server. In a further embodiment, the computer process of the file server further includes receiving the modified data file from the back-end data processing server, storing the modified data file in the one or more memory locations, retrieving the modified data file from the one or more memory locations, and transmitting the modified data file to the web server. In a further embodiment, the computer process of the web server further includes receiving the modified data file from the file server, decrypting the modified data file in the memory subsystem, and displaying the decrypted data file on a web browser.
- In an alternate embodiment, a system for encrypting and decrypting an electronic data file includes a web server for encrypting a data file and decrypting an encrypted data file, the web server having a memory subsystem, and a file server electrically connected to the web server, for storing the encrypted data file, the file server having a plurality of memory locations. The web server includes a computer process for receiving the data file from an external user device, encrypting the data file in the memory subsystem, and transmitting the encrypted data file to the file server. The file server includes a computer process for receiving the encrypted data file from the web server, storing the encrypted data file in one or more of the plurality of memory locations, retrieving the encrypted data file from the one or more memory locations, and transmitting the encrypted data file to the web server. In a further embodiment, the computer process of the web server further includes receiving the encrypted data file from the file server, decrypting the encrypted data file in the memory subsystem, and displaying the decrypted data file on a web browser. In an alternate embodiment, the computer process of the file server further includes, between the storing step and the retrieving step, retrieving the encrypted data file from the one or more memory locations, analyzing the encrypted data file, modifying the analyzed data file, and storing the modified data file in the one or more memory locations.
- In an alternate embodiment, a system of for encrypting and decrypting an electronic data file includes a server including a memory subsystem, a plurality of memory locations, and a computer process for receiving a data file from an external user device, encrypting the data file in a memory subsystem, storing the encrypted data file in one or more of a plurality of memory locations, retrieving the encrypted data file from the one or more memory locations, decrypting the encrypted data file in the memory subsystem, and displaying the decrypted data file on a web browser. In a further embodiment, the computer process further includes, between the storing step and the retrieving step, retrieving the encrypted data file from the one or more memory locations, analyzing the encrypted data file, modifying the analyzed data file, and storing the modified data file in the one or more memory locations.
- Further advantages and aspects of the present invention will become apparent to those of ordinary skill in the art upon reading and understanding the following detailed description of the invention.
- The invention may take form in various components and arrangements of components, and in various steps and arrangements of steps. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention.
- FIG. 1 depicts an exemplary diagram of the computer architecture and network connections used to implement an embodiment of the present invention.
- FIG. 2 illustrates a data flow diagram of the inbound flow of files sent from an external user computer and the outbound flow of files to an external user computer according to an embodiment of the present invention.
- FIG. 3 shows a program logic diagram for two computer program applications according to an embodiment of the present invention.
- Before the present methods and systems are described, it is to be understood that this invention is not limited to the particular methodologies, protocols, or systems described, as these may vary. It is also to be understood that the terminology used in the description is for the purpose of describing the particular versions or embodiments only, and is not intended to limit the scope of the present invention which will be limited only by the appended claims. In particular, although the present invention is described in conjunction with Internet files, it will be appreciated that the present invention may find use in any electronic exchange of data.
- It must also be noted that as used herein and in the appended claims, the singular forms “a”, “an”, and “the” include plural reference unless the context clearly dictates otherwise. Thus, for example, reference to a “computer” is a reference to one or more computers and equivalents thereof known to those skilled in the art, and so forth. Unless defined otherwise, all technical and scientific terms used herein have the same meanings as commonly understood by one of ordinary skill in the art. Although any methods similar or equivalent to those described herein can be used in the practice or testing of embodiments of the present invention, the preferred methods are now described. All publications mentioned herein are incorporated by reference. Nothing herein is to be construed as an admission that the invention is not entitled to antedate such disclosure by virtue of prior invention.
- FIG. 1 depicts an exemplary diagram of the computer architecture and network connections used to implement an embodiment of the present invention. A
user computer 1 may be connected to acomputer network 2. Thecomputer network 2 may include, without limitation, the Internet, an intranet, or any other interconnected network of computers. The connection of theuser computer 1 to thecomputer network 2 may be achieved by any standard communication means including, but not limited to, a dialup service, a cable connection, a digital subscriber line, an Ethernet network interface, an Asynchronous Transfer Mode network interface, a wireless service, or similar technologies. Aweb server 3 running a standard http/https web server application may be used to transmit web pages to theuser computer 1. Afile server 4 may store a plurality of incoming files until they are retrieved by a back-enddata processing server 5. In addition, thefile server 4 may store outgoing files until they are retrieved by the user and sent to theuser computer 1. A back-enddata processing server 5 may be used to host special purpose applications that may transform or modify encrypted files and generate outgoing user-deliverable files. - The computer/network architecture depicted in FIG. 1 is only one of many configurations that may be used to implement the method and system of the present invention. For example, the method or system may be implemented using only two servers, such as a web server and a combined file and back-end data processing server. Moreover, the method or system may be implemented entirely within a single server, such as a web server that performs all three functions described in reference to FIG. 1: web server, file server and back-end data processing server. However, the network architecture depicted in FIG. 1, and described in reference thereto, is preferred because it maximizes security by separating the data flow and processing across machines that may be separated by firewalls.
- FIG. 2 illustrates a data flow diagram of the inbound flow of files sent from an external user computer and the outbound flow of files to an external user computer according to an embodiment of the present invention. The
user computer 1 may-access alogin page 6 of a service provider's website using any web browsing application, such as Netscape Navigator or Microsoft's Internet Explorer. A user may supply an assigned username and password when accessing thelogin page 6 in order to access theweb server 3. The transmission of thelogin page 6 and all subsequently described pages and files transmitted between theuser computer 1 and theweb server 3 may utilize the secure SSL/HTTPS protocol standard. Thelogin page 6 of the preferred embodiment may be used to provide an additional layer of security. However, thelogin page 6 may be removed where user authentication via the submission of a username and/or a password is unnecessary, but encryption/decryption-on-demand is still required. - A user may select a file stored locally on the
user computer 1 and submit the file for processing by theweb server 3 via a file uploadweb page 7. The file upload process may be achieved through use of a standard HTML tag, such as <form><input type=“file” name=“filename”></form>. The upload transmission may be securely transmitted via use of the SSL/HTTPS protocol standard, which provides an additional layer of security to the transmission environment. In an alternate embodiment, the SSL/HTTPS standard is not used for the transmission of one or more of the transmitted files between theuser computer 1 and theweb server 3. - A
computer program 8 written in a computer-recognizable language, such as Perl, and stored on theweb server 3, may be used to process an incoming electronic data file. The process of encrypting the program is depicted in FIG. 3. The electronic data file may be processed by reading the data file inunencrypted form 16 from a buffer on theweb server 3 into a memory subsystem of the web server. The memory subsystem may include one or more memory devices, including, without limitation, Random Access Memory (RAM). The content of the data file may then be encrypted 17 in the memory subsystem via a system call to an encryption application, such as PGP. The encrypted data content may be saved 18 to a file on theweb server 3. The encrypted data file may then be transferred 9 from theweb server 3 to thefile server 4. This transfer may be performed via a File Transfer Protocol (FTP) program or any similar program for transferring files between servers. - In an alternate embodiment, a computer application environment other than Perl may be used to implement the present invention. In fact, any application environment permitting direct system calls (e.g., to an encryption utility) and Common Gateway Interface (CGI) interactions with a web server may be used. Moreover, the present invention may be implemented via the use of dual-key encryption technologies other than PGP or through the use of single-key or other encryption methodologies.
- Once the encrypted data file is stored on the
file server 4, additional processing of the encrypted data file on the back-enddata processing server 5 may be performed. Such additional processing is optional to the present invention. The additional processing may include using a FIP program to send 10 the encrypted data file from thefile server 4 to the back-enddata processing server 5. The encrypted data file may then be analyzed, modified and/or rewritten II by the back-enddata processing server 5, and transferred back 12 to thefile server 4 as an encrypted user-deliverable data file. - When requested by a user, the encrypted user-deliverable data file may be transferred13 from the
file server 4 to theweb server 3 by using a FIP program. Acomputer program 14 written in a computer-recognizable language, such as Perl, and stored on theweb server 3, may be used to decrypt the outgoing encrypted user-deliverable data file. The process of decrypting the file is depicted in FIG. 3. The encrypted user-deliverable data file may be read inencrypted form 19 from a buffer on theweb server 3 into the memory subsystem. The file content may be decrypted in the memory subsystem via a system call to a decryption application, such as PGP, and the encrypted data file may be deleted from thesystem 20. The decrypted content in the memory subsystem may then be downloaded 21 to the user'sbrowser 15 via a buffer on theweb server 3. - The two
computer programs computer program 8 may include, without limitation, the user authentication process including the reception of a username and password. The additional, non-essential functions incomputer program 14 may include, without limitation, a means for creating a web page (dynamically) listing all available user-deliverable files and allowing the user to choose which file to decrypt and download. - The foregoing is considered as illustrative only of the principles of the invention. Further, since numerous modifications and changes will readily occur to those skilled in the art, it is not desired to limit the invention to the exact construction and operation shown and described, and accordingly, all suitable modifications and equivalents may be resorted to, falling within the scope of the invention.
Claims (21)
1. A method of encrypting and decrypting an electronic file on a web-based computer system, comprising:
receiving, by a computer system, an electronic data file, wherein the computer system includes a memory subsystem and a plurality of memory locations;
encrypting the data file in the memory subsystem;
storing the encrypted data file in one or more of the plurality of memory locations;
retrieving the encrypted data file from the one or more memory locations;
decrypting the encrypted data file in the memory subsystem; and
displaying the decrypted data file on a web browser.
2. The method of claim 1 further comprising, prior to the receiving step:
receiving a username and a password from an external user device; and
verifying the username and password correspond to a pre-defined user having access to the computer system.
3. The method of claim 1 further comprising, between the storing step and the retrieving step:
retrieving the encrypted data file from the one or more memory locations;
analyzing the encrypted data file;
modifying the analyzed data file; and
storing the modified data file in the one or more memory locations.
4. The method of claim 1 wherein the receiving step is performed using a SSL/HTTPS protocol.
5. The method of claim 1 wherein the displaying step is performed using a SSL/HTTPS protocol.
6. The method of claim 1 wherein the memory subsystem includes random access memory.
7. A method of encrypting and decrypting an electronic data file on a web-based computer system, comprising:
receiving, by a web server, an electronic data file, wherein the web server includes a memory subsystem;
encrypting the data file in the memory subsystem;
transmitting the encrypted data file to a file server having a plurality of memory locations;
storing the encrypted data file in one or more of the plurality of memory locations;
retrieving the encrypted data file from the one or more memory locations;
transmitting the encrypted data file to the web server;
decrypting the encrypted data file in the memory subsystem; and
displaying the decrypted data file on a web browser.
8. The method of claim 7 further comprising, prior to the receiving step:
receiving, by the web server, a username and a password from an external user device; and
verifying, by the web server, the username and password correspond to a pre-defined user having access to the computer system.
9. The method of claim 7 further comprising, between the storing step and the retrieving step:
retrieving the encrypted data file from the one or more memory locations;
analyzing the encrypted data file;
modifying the analyzed data file; and
storing the modified data file in the one or more memory locations.
10. The method of claim 7 wherein the receiving step is performed using a SSL/HTTPS protocol.
11. The method of claim 7 wherein the displaying step is performed using a SSL/HTTPS protocol.
12. The method of claim 7 wherein the memory subsystem includes random access memory.
13. The method of claim 7 further comprising, between the storing step and the retrieving step:
retrieving the encrypted data file from the one or more memory locations;
transmitting the encrypted data file to a back-end data processing server;
analyzing, by the back-end data processing server, the encrypted data file;
modifying, by the back-end data processing server, the analyzed data file;
transmitting the modified data file to the file server; and
storing the modified data file in the one or more memory locations.
14. A system for encrypting and decrypting an electronic data file, comprising:
a web server for encrypting a data file and decrypting an encrypted data file, the web server having a memory subsystem;
a file server, electrically connected to the web server, for storing the encrypted data file, the file server having a plurality of memory locations; and
a back-end data processing server, electrically connected to the file server, for modifying the encrypted data file,
wherein the web server includes a computer process comprising:
receiving the data file from an external user device,
encrypting the data file in the memory subsystem, and
transmitting the encrypted data file to the file server,
wherein the file server includes a computer process comprising:
receiving the encrypted data file from the web server,
storing the encrypted data file in one or more of a plurality of memory locations,
retrieving the encrypted data file from the one or more memory locations, and
transmitting the encrypted data file to the back-end data processing server,
wherein the back-end data processing server includes a computer process comprising:
receiving the encrypted data file from the file server,
analyzing the encrypted data file,
modifying the analyzed data file, and
transmitting the modified data file to the file server.
15. The system of claim 14 wherein the computer process of the file server further comprises:
receiving the modified data file from the back-end data processing server;
storing the modified data file in the one or more memory locations;
retrieving the modified data file from the one or more memory locations; and
transmitting the modified data file to the web server.
16. The system of claim 15 wherein the computer process of the web server further comprises:
receiving the modified data file from the file server;
decrypting the modified data file in the memory subsystem; and
displaying the decrypted data file on a web browser.
17. A system for encrypting and decrypting an electronic data file, comprising:
a web server for encrypting a data file and decrypting an encrypted data file, the web server-having a memory subsystem; and
a file server electrically connected to the web server, for storing the encrypted data file, the file server having a plurality of memory locations
wherein the web server includes a computer process comprising:
receiving the data file from an external user device,
encrypting the data file in the memory subsystem, and
transmitting the encrypted data file to the file server,
wherein the file server includes a computer process comprising:
receiving the encrypted data file from the web server,
storing the encrypted data file in one or more of the plurality of memory locations,
retrieving the encrypted data file from the one or more memory locations, and
transmitting the encrypted data file to the web server.
18. The system of claim 17 wherein the computer process of the web server further comprises:
receiving the encrypted data file from the file server;
decrypting the encrypted data file in the memory subsystem; and
displaying the decrypted data file on a web browser.
19. The system of claim 17 wherein the computer process of the file server further comprises, between the storing step and the retrieving step:
retrieving the encrypted data file from the one or more memory locations;
analyzing the encrypted data file;
modifying the analyzed data file; and
storing the modified data file in the one or more memory locations.
20. A system for encrypting and decrypting an electronic data file, comprising a computer system including:
a memory subsystem;
a plurality of memory locations; and
a computer process comprising:
receiving a-data file from an external user device,
encrypting the data file in a memory subsystem,
storing the encrypted data file in one or more of a plurality of memory locations,
retrieving the encrypted data file from the one or more memory locations,
decrypting the encrypted data file in the memory subsystem, and
displaying the decrypted data file on a web browser.
21. The system of claim 20 wherein the computer process further comprises, between the storing step and the retrieving step:
retrieving the encrypted data file from the one or more memory locations;
analyzing the encrypted data file;
modifying the analyzed data file; and
storing the modified data file in the one or more memory locations.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/626,103 US20040181668A1 (en) | 1999-06-30 | 2003-07-23 | Methods for conducting server-side encryption/decryption-on-demand |
US11/617,916 US7519810B2 (en) | 1999-06-30 | 2006-12-29 | Methods for conducting server-side encryption/decryption-on-demand |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US34392199A | 1999-06-30 | 1999-06-30 | |
US10/626,103 US20040181668A1 (en) | 1999-06-30 | 2003-07-23 | Methods for conducting server-side encryption/decryption-on-demand |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US34392199A Continuation-In-Part | 1999-06-30 | 1999-06-30 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/617,916 Continuation US7519810B2 (en) | 1999-06-30 | 2006-12-29 | Methods for conducting server-side encryption/decryption-on-demand |
Publications (1)
Publication Number | Publication Date |
---|---|
US20040181668A1 true US20040181668A1 (en) | 2004-09-16 |
Family
ID=38429777
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/626,103 Abandoned US20040181668A1 (en) | 1999-06-30 | 2003-07-23 | Methods for conducting server-side encryption/decryption-on-demand |
US11/617,916 Expired - Lifetime US7519810B2 (en) | 1999-06-30 | 2006-12-29 | Methods for conducting server-side encryption/decryption-on-demand |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/617,916 Expired - Lifetime US7519810B2 (en) | 1999-06-30 | 2006-12-29 | Methods for conducting server-side encryption/decryption-on-demand |
Country Status (1)
Country | Link |
---|---|
US (2) | US20040181668A1 (en) |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060072745A1 (en) * | 2004-10-01 | 2006-04-06 | Hiromi Fukaya | Encryption system using device authentication keys |
US20090210480A1 (en) * | 2008-02-14 | 2009-08-20 | Suthaharan Sivasubramaniam | Method and system for collective socializing using a mobile social network |
US20090271620A1 (en) * | 2008-04-28 | 2009-10-29 | Gosukonda Naga Venkata Satya Sudhakar | Techniques for secure data management in a distributed environment |
US20100198917A1 (en) * | 2009-02-02 | 2010-08-05 | Kota Enterprises, Llc | Crowd formation for mobile device users |
US20110113244A1 (en) * | 2006-07-31 | 2011-05-12 | Aruba Wireless Networks | Stateless cryptographic protocol-based hardware acceleration |
US8554770B2 (en) | 2009-04-29 | 2013-10-08 | Waldeck Technology, Llc | Profile construction using location-based aggregate profile information |
US8620532B2 (en) | 2009-03-25 | 2013-12-31 | Waldeck Technology, Llc | Passive crowd-sourced map updates and alternate route recommendations |
US20140068262A1 (en) * | 2012-09-06 | 2014-03-06 | Zixcorp Systems, Inc., | Secure Message Forwarding With Sender Controlled Decryption |
US20140130162A1 (en) * | 2012-11-02 | 2014-05-08 | Electronics And Telecommunications Research Institute | Phishing preventing system and operating method thereof |
US20140195825A1 (en) * | 2012-07-19 | 2014-07-10 | Tencent Technology (Shenzhen) Company Limited | Method and system for running encrypted files |
US8782560B2 (en) | 2009-12-22 | 2014-07-15 | Waldeck Technology, Llc | Relative item of interest explorer interface |
US8898288B2 (en) | 2010-03-03 | 2014-11-25 | Waldeck Technology, Llc | Status update propagation based on crowd or POI similarity |
US9300704B2 (en) | 2009-11-06 | 2016-03-29 | Waldeck Technology, Llc | Crowd formation based on physical boundaries and other rules |
US9763048B2 (en) | 2009-07-21 | 2017-09-12 | Waldeck Technology, Llc | Secondary indications of user locations and use thereof by a location-based service |
US9886727B2 (en) | 2010-11-11 | 2018-02-06 | Ikorongo Technology, LLC | Automatic check-ins and status updates |
Families Citing this family (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7966513B2 (en) * | 2006-02-03 | 2011-06-21 | Emc Corporation | Automatic classification of backup clients |
JP4862579B2 (en) * | 2006-09-19 | 2012-01-25 | 富士通株式会社 | Information protection apparatus, information protection method, and information protection program |
US9397981B2 (en) | 2009-04-20 | 2016-07-19 | International Business Machines Corporation | Method and system for secure document exchange |
DE102010038228A1 (en) * | 2010-10-15 | 2012-04-19 | Phoenix Contact Gmbh & Co. Kg | Method for establishing a VPN connection between two networks |
US8601603B1 (en) * | 2010-12-01 | 2013-12-03 | The United States Of America, As Represented By The Secretary Of The Navy | Secure information transmission over a network |
WO2013020178A1 (en) * | 2011-08-11 | 2013-02-14 | Cocoon Data Holdings Limited | A system and method for distributing secured data |
CN102819699A (en) * | 2012-06-04 | 2012-12-12 | 珠海欧比特控制工程股份有限公司 | Processor system |
TWI466012B (en) * | 2012-09-11 | 2014-12-21 | Kinpo Elect Inc | Document processing methods |
US20140189235A1 (en) * | 2012-12-31 | 2014-07-03 | Unisys Corporation | Stealth appliance between a storage controller and a disk array |
JP6854529B2 (en) | 2015-12-24 | 2021-04-07 | ヘヴンテック プロプライエタリー リミテッドHaventec Pty Ltd | Improved storage system |
US9992175B2 (en) * | 2016-01-08 | 2018-06-05 | Moneygram International, Inc. | Systems and method for providing a data security service |
US10404452B2 (en) | 2016-08-19 | 2019-09-03 | Amazon Technologies, Inc. | Message service with distributed key caching for server-side encryption |
WO2018107248A1 (en) * | 2016-12-16 | 2018-06-21 | Haventec Pty Ltd | System of secure client side data storage |
US11483147B2 (en) * | 2020-01-23 | 2022-10-25 | Bank Of America Corporation | Intelligent encryption based on user and data properties |
Citations (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4323921A (en) * | 1979-02-06 | 1982-04-06 | Etablissement Public De Diffusion Dit "Telediffusion De France" | System for transmitting information provided with means for controlling access to the information transmitted |
US5191611A (en) * | 1989-04-03 | 1993-03-02 | Lang Gerald S | Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients |
US5548646A (en) * | 1994-09-15 | 1996-08-20 | Sun Microsystems, Inc. | System for signatureless transmission and reception of data packets between computer networks |
US5623637A (en) * | 1993-12-06 | 1997-04-22 | Telequip Corporation | Encrypted data storage card including smartcard integrated circuit for storing an access password and encryption keys |
US5699428A (en) * | 1996-01-16 | 1997-12-16 | Symantec Corporation | System for automatic decryption of file data on a per-use basis and automatic re-encryption within context of multi-threaded operating system under which applications run in real-time |
US6006333A (en) * | 1996-03-13 | 1999-12-21 | Sun Microsystems, Inc. | Password helper using a client-side master password which automatically presents the appropriate server-side password to a particular remote server |
US6023506A (en) * | 1995-10-26 | 2000-02-08 | Hitachi, Ltd. | Data encryption control apparatus and method |
US6052780A (en) * | 1996-09-12 | 2000-04-18 | Open Security Solutions, Llc | Computer system and process for accessing an encrypted and self-decrypting digital information product while restricting access to decrypted digital information |
US6061790A (en) * | 1996-11-20 | 2000-05-09 | Starfish Software, Inc. | Network computer system with remote user data encipher methodology |
US6105012A (en) * | 1997-04-22 | 2000-08-15 | Sun Microsystems, Inc. | Security system and method for financial institution server and client web browser |
US6115040A (en) * | 1997-09-26 | 2000-09-05 | Mci Communications Corporation | Graphical user interface for Web enabled applications |
US6134591A (en) * | 1997-06-18 | 2000-10-17 | Client/Server Technologies, Inc. | Network security and integration method and system |
US6169967B1 (en) * | 1998-09-04 | 2001-01-02 | Dresser Industries, Inc. | Cascade method and apparatus for providing engineered solutions for a well programming process |
US6202159B1 (en) * | 1999-06-30 | 2001-03-13 | International Business Machines Corporation | Vault controller dispatcher and methods of operation for handling interaction between browser sessions and vault processes in electronic business systems |
US6338050B1 (en) * | 1998-11-16 | 2002-01-08 | Trade Access, Inc. | System and method for providing and updating user supplied context for a negotiations system |
US20020023213A1 (en) * | 2000-06-12 | 2002-02-21 | Tia Walker | Encryption system that dynamically locates keys |
US6381644B2 (en) * | 1997-09-26 | 2002-04-30 | Mci Worldcom, Inc. | Integrated proxy interface for web based telecommunications network management |
US6421768B1 (en) * | 1999-05-04 | 2002-07-16 | First Data Corporation | Method and system for authentication and single sign on using cryptographically assured cookies in a distributed computer environment |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6169976B1 (en) | 1998-07-02 | 2001-01-02 | Encommerce, Inc. | Method and apparatus for regulating the use of licensed products |
US7069591B1 (en) * | 2000-03-22 | 2006-06-27 | Neil Weicher | System for encrypting data files of application programs |
US7526795B2 (en) * | 2001-03-27 | 2009-04-28 | Micron Technology, Inc. | Data security for digital data storage |
-
2003
- 2003-07-23 US US10/626,103 patent/US20040181668A1/en not_active Abandoned
-
2006
- 2006-12-29 US US11/617,916 patent/US7519810B2/en not_active Expired - Lifetime
Patent Citations (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4323921A (en) * | 1979-02-06 | 1982-04-06 | Etablissement Public De Diffusion Dit "Telediffusion De France" | System for transmitting information provided with means for controlling access to the information transmitted |
US5191611A (en) * | 1989-04-03 | 1993-03-02 | Lang Gerald S | Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients |
US5623637A (en) * | 1993-12-06 | 1997-04-22 | Telequip Corporation | Encrypted data storage card including smartcard integrated circuit for storing an access password and encryption keys |
US5548646A (en) * | 1994-09-15 | 1996-08-20 | Sun Microsystems, Inc. | System for signatureless transmission and reception of data packets between computer networks |
US6023506A (en) * | 1995-10-26 | 2000-02-08 | Hitachi, Ltd. | Data encryption control apparatus and method |
US5699428A (en) * | 1996-01-16 | 1997-12-16 | Symantec Corporation | System for automatic decryption of file data on a per-use basis and automatic re-encryption within context of multi-threaded operating system under which applications run in real-time |
US6006333A (en) * | 1996-03-13 | 1999-12-21 | Sun Microsystems, Inc. | Password helper using a client-side master password which automatically presents the appropriate server-side password to a particular remote server |
US6052780A (en) * | 1996-09-12 | 2000-04-18 | Open Security Solutions, Llc | Computer system and process for accessing an encrypted and self-decrypting digital information product while restricting access to decrypted digital information |
US6061790A (en) * | 1996-11-20 | 2000-05-09 | Starfish Software, Inc. | Network computer system with remote user data encipher methodology |
US6105012A (en) * | 1997-04-22 | 2000-08-15 | Sun Microsystems, Inc. | Security system and method for financial institution server and client web browser |
US6134591A (en) * | 1997-06-18 | 2000-10-17 | Client/Server Technologies, Inc. | Network security and integration method and system |
US6115040A (en) * | 1997-09-26 | 2000-09-05 | Mci Communications Corporation | Graphical user interface for Web enabled applications |
US6381644B2 (en) * | 1997-09-26 | 2002-04-30 | Mci Worldcom, Inc. | Integrated proxy interface for web based telecommunications network management |
US6169967B1 (en) * | 1998-09-04 | 2001-01-02 | Dresser Industries, Inc. | Cascade method and apparatus for providing engineered solutions for a well programming process |
US6338050B1 (en) * | 1998-11-16 | 2002-01-08 | Trade Access, Inc. | System and method for providing and updating user supplied context for a negotiations system |
US6421768B1 (en) * | 1999-05-04 | 2002-07-16 | First Data Corporation | Method and system for authentication and single sign on using cryptographically assured cookies in a distributed computer environment |
US6202159B1 (en) * | 1999-06-30 | 2001-03-13 | International Business Machines Corporation | Vault controller dispatcher and methods of operation for handling interaction between browser sessions and vault processes in electronic business systems |
US20020023213A1 (en) * | 2000-06-12 | 2002-02-21 | Tia Walker | Encryption system that dynamically locates keys |
Cited By (36)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060072745A1 (en) * | 2004-10-01 | 2006-04-06 | Hiromi Fukaya | Encryption system using device authentication keys |
US8838957B2 (en) | 2006-07-31 | 2014-09-16 | Aruba Networks, Inc. | Stateless cryptographic protocol-based hardware acceleration |
US20110113244A1 (en) * | 2006-07-31 | 2011-05-12 | Aruba Wireless Networks | Stateless cryptographic protocol-based hardware acceleration |
US7966646B2 (en) | 2006-07-31 | 2011-06-21 | Aruba Networks, Inc. | Stateless cryptographic protocol-based hardware acceleration |
US20110173439A1 (en) * | 2006-07-31 | 2011-07-14 | Kabushiki Kaisha Toshiba | Stateless Cryptographic Protocol-based Hardware Acceleration |
US8392968B2 (en) | 2006-07-31 | 2013-03-05 | Aruba Networks, Inc. | Stateless cryptographic protocol-based hardware acceleration |
US20090210480A1 (en) * | 2008-02-14 | 2009-08-20 | Suthaharan Sivasubramaniam | Method and system for collective socializing using a mobile social network |
US20120311037A1 (en) * | 2008-02-14 | 2012-12-06 | Suthaharan Sivasubramaniam | Method and System for Collective Socializing Using A Mobile Social Network |
US8539229B2 (en) | 2008-04-28 | 2013-09-17 | Novell, Inc. | Techniques for secure data management in a distributed environment |
US20090271620A1 (en) * | 2008-04-28 | 2009-10-29 | Gosukonda Naga Venkata Satya Sudhakar | Techniques for secure data management in a distributed environment |
US9530005B2 (en) | 2008-04-28 | 2016-12-27 | Novell, Inc. | Techniques for secure data management in a distributed environment |
US9195836B2 (en) | 2008-04-28 | 2015-11-24 | Novell, Inc. | Techniques for secure data management in a distributed environment |
US20100198826A1 (en) * | 2009-02-02 | 2010-08-05 | Kota Enterprises, Llc | Maintaining a historical record of anonymized user profile data by location for users in a mobile environment |
US9397890B2 (en) | 2009-02-02 | 2016-07-19 | Waldeck Technology Llc | Serving a request for data from a historical record of anonymized user profile data in a mobile environment |
US20100198917A1 (en) * | 2009-02-02 | 2010-08-05 | Kota Enterprises, Llc | Crowd formation for mobile device users |
US9098723B2 (en) | 2009-02-02 | 2015-08-04 | Waldeck Technology, Llc | Forming crowds and providing access to crowd data in a mobile environment |
US8918398B2 (en) | 2009-02-02 | 2014-12-23 | Waldeck Technology, Llc | Maintaining a historical record of anonymized user profile data by location for users in a mobile environment |
US9641393B2 (en) | 2009-02-02 | 2017-05-02 | Waldeck Technology, Llc | Forming crowds and providing access to crowd data in a mobile environment |
US20100198828A1 (en) * | 2009-02-02 | 2010-08-05 | Kota Enterprises, Llc | Forming crowds and providing access to crowd data in a mobile environment |
US8495065B2 (en) | 2009-02-02 | 2013-07-23 | Waldeck Technology, Llc | Maintaining a historical record of anonymized user profile data by location for users in a mobile environment |
US20100198870A1 (en) * | 2009-02-02 | 2010-08-05 | Kota Enterprises, Llc | Serving a request for data from a historical record of anonymized user profile data in a mobile environment |
US9410814B2 (en) | 2009-03-25 | 2016-08-09 | Waldeck Technology, Llc | Passive crowd-sourced map updates and alternate route recommendations |
US8620532B2 (en) | 2009-03-25 | 2013-12-31 | Waldeck Technology, Llc | Passive crowd-sourced map updates and alternate route recommendations |
US9140566B1 (en) | 2009-03-25 | 2015-09-22 | Waldeck Technology, Llc | Passive crowd-sourced map updates and alternative route recommendations |
US8554770B2 (en) | 2009-04-29 | 2013-10-08 | Waldeck Technology, Llc | Profile construction using location-based aggregate profile information |
US9763048B2 (en) | 2009-07-21 | 2017-09-12 | Waldeck Technology, Llc | Secondary indications of user locations and use thereof by a location-based service |
US9300704B2 (en) | 2009-11-06 | 2016-03-29 | Waldeck Technology, Llc | Crowd formation based on physical boundaries and other rules |
US8782560B2 (en) | 2009-12-22 | 2014-07-15 | Waldeck Technology, Llc | Relative item of interest explorer interface |
US8898288B2 (en) | 2010-03-03 | 2014-11-25 | Waldeck Technology, Llc | Status update propagation based on crowd or POI similarity |
US9886727B2 (en) | 2010-11-11 | 2018-02-06 | Ikorongo Technology, LLC | Automatic check-ins and status updates |
US11449904B1 (en) | 2010-11-11 | 2022-09-20 | Ikorongo Technology, LLC | System and device for generating a check-in image for a geographic location |
US9154309B2 (en) * | 2012-07-19 | 2015-10-06 | Tencent Technology (Shenzhen) Company Limited | Method and system for running encrypted files |
US20140195825A1 (en) * | 2012-07-19 | 2014-07-10 | Tencent Technology (Shenzhen) Company Limited | Method and system for running encrypted files |
US9602473B2 (en) * | 2012-09-06 | 2017-03-21 | Zixcorp Systems, Inc. | Secure message forwarding with sender controlled decryption |
US20140068262A1 (en) * | 2012-09-06 | 2014-03-06 | Zixcorp Systems, Inc., | Secure Message Forwarding With Sender Controlled Decryption |
US20140130162A1 (en) * | 2012-11-02 | 2014-05-08 | Electronics And Telecommunications Research Institute | Phishing preventing system and operating method thereof |
Also Published As
Publication number | Publication date |
---|---|
US7519810B2 (en) | 2009-04-14 |
US20070198823A1 (en) | 2007-08-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7519810B2 (en) | Methods for conducting server-side encryption/decryption-on-demand | |
EP1816811B1 (en) | Relay device, relay method, and program | |
US8261059B2 (en) | Secure file transfer and secure file transfer protocol | |
US8145898B2 (en) | Encryption/decryption pay per use web service | |
US6169805B1 (en) | System and method of operation for providing user's security on-demand over insecure networks | |
CN1227858C (en) | System and method for enabling secure acess to service in computer network | |
US7657737B2 (en) | Method for mapping an encrypted https network packet to a specific url name and other data without decryption outside of a secure web server | |
US20040161110A1 (en) | Server apparatus, key management apparatus, and encrypted communication method | |
WO2003088560A1 (en) | Pre-authenticated communication within a secure computer network | |
KR20070046792A (en) | A method of encrypting and transferring data between a sender and a receiver using a network | |
CN111756751B (en) | Message transmission method and device and electronic equipment | |
WO2004042537A2 (en) | System and method for securing digital messages | |
WO2000018078A1 (en) | Secure message exchange method using intermediaries | |
EP3242444A1 (en) | Service processing method and device | |
KR100562981B1 (en) | A system for encryption of wireless transmission from personal palm computer to world wide web terminals | |
KR100423191B1 (en) | Improving secure server performance with pre-processed data ready for secure protocol transfer | |
JP3674772B2 (en) | Multiple server login cooperation system, client device, login management device, server device, and storage medium | |
EP1465092B1 (en) | System and method for secure electronic commerce | |
CN106464684A (en) | Service processing method and apparatus | |
KR20010017849A (en) | Method of data sending and receiving for supporting a security function in world wide web | |
CN114978736A (en) | Method and device for encrypting cookie based on load balancing equipment | |
JP2006094019A (en) | Computer system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: EDUCATIONAL TESTING SERVICE, NEW JERSEY Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BLEW, EDWIN O.;CHANG, KER-MING;REEL/FRAME:015842/0043 Effective date: 20030731 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |