WO2003015396A1 - Authenticated electronic document management system and method - Google Patents

Authenticated electronic document management system and method Download PDF

Info

Publication number
WO2003015396A1
WO2003015396A1 PCT/CA2002/001178 CA0201178W WO03015396A1 WO 2003015396 A1 WO2003015396 A1 WO 2003015396A1 CA 0201178 W CA0201178 W CA 0201178W WO 03015396 A1 WO03015396 A1 WO 03015396A1
Authority
WO
WIPO (PCT)
Prior art keywords
document
electronic document
digest
barcode
forwarding
Prior art date
Application number
PCT/CA2002/001178
Other languages
French (fr)
Inventor
Shawn L. King
John Desrochers
Original Assignee
Advanced Software Concepts Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Advanced Software Concepts Inc. filed Critical Advanced Software Concepts Inc.
Priority to EP02750736A priority Critical patent/EP1415461A1/en
Priority to JP2003520181A priority patent/JP2004537822A/en
Priority to CA002456657A priority patent/CA2456657A1/en
Publication of WO2003015396A1 publication Critical patent/WO2003015396A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
    • H04N1/32101Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N1/32128Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title attached to the image data, e.g. file header, transmitted message header, information on the same page or in the same computer file as the image
    • H04N1/32133Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title attached to the image data, e.g. file header, transmitted message header, information on the same page or in the same computer file as the image on the same paper sheet, e.g. a facsimile page header
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/254Management at additional data server, e.g. shopping server, rights management server
    • H04N21/2541Rights Management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N2201/00Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
    • H04N2201/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
    • H04N2201/3201Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N2201/3225Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of data relating to an image, a page or a document
    • H04N2201/3233Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of data relating to an image, a page or a document of authentication information, e.g. digital signature, watermark
    • H04N2201/3235Checking or certification of the authentication information, e.g. by comparison with data stored independently
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N2201/00Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
    • H04N2201/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
    • H04N2201/3201Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N2201/3225Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of data relating to an image, a page or a document
    • H04N2201/3233Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of data relating to an image, a page or a document of authentication information, e.g. digital signature, watermark
    • H04N2201/3236Details of authentication information generation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N2201/00Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
    • H04N2201/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
    • H04N2201/3201Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N2201/3269Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title of machine readable codes or marks, e.g. bar codes or glyphs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N2201/00Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
    • H04N2201/32Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
    • H04N2201/3201Display, printing, storage or transmission of additional information, e.g. ID code, date and time or title
    • H04N2201/3274Storage or retrieval of prestored additional information

Definitions

  • This invention relates generally to the field of electronic commerce ("e- commerce”) software applications and, more particularly, to an electronic system and method for creating, managing and authenticating documents, such as commercial contracts, in electronic form.
  • e- commerce electronic commerce
  • Cryptography is frequently employed within networked systems as a security measure and uses private and public keys.
  • the terms "private key” and "public key” are well known terms of art and are used for asymmetric cryptography in which one key is used for encryption and the other for decryption and one of these keys, namely the private key, is kept by the user and never revealed or transferred.
  • Asymmetric cryptography is considered to provide a higher level of security than symmetric cryptography for which a shared key is used for both encryption and decryption (the sharing aspect introducing an element of insecurity).
  • the public key of that party is located by means of a public key infrastructure (PKI) and is used to encrypt the message; then, only the person with the corresponding private key (i.e. being the other party for whom the message is created) is able to decrypt the message.
  • PKI public key infrastructure
  • digital signature is also a well known term of art and refers to a message digest encrypted using a private key, a message digest being a condensed form of a document or transaction to be signed which cannot be used to recreate the document or transaction itself, and which is extremely sensitive to small changes in the document.
  • the digital signature is verified by decrypting it with the corresponding public key to recover the message digest and then comparing the recovered message digest with one computed by a verifier using the document which was purported to be signed.
  • encrypted message digests may be used to verify that a party holds a specific private key they are more commonly used to prove that the holder of a specific key was involved in a transaction involving the message; for example, to identify that they gave their assent to the message, just as a physical signature is used to indicate the participation of the signing party in a document. In this case, the encrypted form of the digest must be retained at a secure site.
  • an electronic system and method for creating, managing and authenticating documents e.g. commercial contracts
  • documents e.g. commercial contracts
  • the content, revision status and authenticating parties are stored, tracked, retrieved and validated on demand by permitted users.
  • an electronic document management system and method for verifying the contents of an electronic document exchanged through a network and comprising variable data input by a user Data defining an electronic document is captured and stored by the system, the captured data including at least the variable data.
  • the variable data is input by a user and captured into a pre-determined electronic form template whereby the data defining the electronic document comprises the variable data and the pre-determined electronic form template.
  • a unique document number and revision number are generated for the defined electronic document and stored with the captured data.
  • a unique digest is generated from the defined electronic document by applying a secure algorithm thereto whereby the digest is uniquely associated with the defined electronic document.
  • the unique digest is stored and associated with the defined electronic document.
  • a barcode is generated for each page of the defined electronic document from the unique digest, the document number and its revision number, and paging details, whereby the barcode uniquely identifies the page of the defined electronic document to which it pertains and the contents thereof.
  • the defined electronic document with the barcode added thereto is forwarded for use by a user.
  • the barcoded defined electronic document forwarded for use by a user may be in the form of an electronic image such as a PDF formatted image.
  • a unique digital exchange key is generated by applying the secure algorithm to the electronic image and stored in association with the defined electronic document.
  • the barcoded document is authenticated by the parties either by hand- signing a printed copy of the barcoded document or by applying a digital signature using a third party validation service.
  • the resultant barcoded, signed and authenticated document is associated to the variable data originally input by the user by cross- referencing the digest component of that barcode to the stored digest associated with the defined electronic document.
  • the system binds the signed document (an electronic image) to the original input data.
  • the electronic storage of the resulting bound documents permits authorized users to locate existing documents (e.g. contracts), track document revisions and validate document contents and signatories.
  • Figure 1 is an operational block diagram showing the hardware components of, and steps performed by, a preferred implementation of an electronic document management system in accordance with the invention
  • Figure 2 is a sample barcoded contract established by the electronic document management system of Figure 1 ;
  • Figure 3 is a flow chart showing the steps of a method for creating and storing a barcoded document in accordance with the invention
  • Figure 4 is a flow chart showing the steps of a method for receiving and storing a hand-signed barcoded document in accordance with the invention.
  • Figures 5(a) and 5(b) are a flow chart showing the steps of a method for receiving and storing a digitally signed barcoded document in accordance with the invention (the flow chart of Figure 5(b) continuing from that of Figure 5(a)).
  • the present invention is an electronic document management system which, in the preferred embodiment described herein, is implemented in software components.
  • Figure 1 shows hardware components which are used to implement a preferred embodiment of the electronic document management system.
  • the components of the illustrated system are shown in the top portion "A" of Figure 1 and the alternative and/or complementary user components, comprising a web-enabled cell phone/personal digital assistant (PDA) 20, PC 30, printer 40 and/or fax machine 50, are shown in the bottom portion "B" of Figure 1.
  • PDA personal digital assistant
  • the electronic document management system operates on hardware which includes a secure Authentication server 25 for communicating in a secure manner with a Web/Application server 45 to validate users of the system.
  • a Web/Application server 45 interfaces to the user's web-enabled cell phone and PC components 20, 30 for data transfer therebetween and also communicates with a secure Database 35 to create and manage electronic documents.
  • a Receipt/Delivery server 55 receives documents from the Web/Application server 45 and interfaces to the user components PC 30, printer 40 and fax 50 to email, print or fax documents, respectively.
  • the Receipt/Delivery server 55 also receives authenticated (i.e. signed) faxed documents from the user via the fax machine 50.
  • the Receipt/Delivery server 55 communicates with the Database 35 to validate and store signed documents.
  • the functionality and components of the Authentication, Web/Application, Database and Receipt/Delivery servers 25,45,35, 55 of this preferred embodiment are detailed below. However, it is to be understood by the reader that the software components of the electronic document management system may be implemented by means of different software/hardware configurations and components for alternative embodiments.
  • the Web/Application server 45 provides two functions, namely, a Web server function and an Application server function.
  • the Web server function runs applications for displaying system screens and documents to the user in a user-requested format
  • the Application server function runs components of the electronic document management system including a document forwarding component which forwards documents for faxing, emailing and printing by the Receipt/Delivery server 55. It also receives input from the Web server, validates user inputs and stores those inputs in the Database 35. Hardware and software components used for the
  • Web/Application server 45 in the preferred embodiment are the following:
  • Web Server Apache 1.3 with SSL supporting high security connections.
  • JSP/Servlet Server Tomcat 3
  • JDBC Java Database Connectivity
  • JSP Java Server Pages
  • the Database (with an associated server) 35 provides storage for storing user inputs and document identification data including digests and signed electronic documents (i.e. images).
  • Database (and server) 35 in the preferred embodiment are the following:
  • Disk array of suitable size for storage needs
  • Database Oracle 8i RDBMS [other options: DB2, or SQL Server]
  • the Authentication server 25 performs user account maintenance functions. These functions include user and password authentication, account expiry, maintenance of user attributes, account locking and account disabling.
  • the hardware and software components used for the Authentication server 25 in the preferred embodiment are the following:
  • the Receipt/Delivery server 55 receives documents from the Application server 45 and emails, prints or faxes them to a specified destination.
  • the Receipt/Delivery server 55 also receives faxed or emailed signed documents by means of a document receiving component and interacts with the Database 35 for storage.
  • the hardware and software components used for the Receipt/Delivery server 55 in the preferred embodiment are the following:
  • Email Application software Sendmail 8, Imapd, and JavaMail 1.2
  • Figure 2 represents a sample document, being a commercial contract in this illustration, created by the subject electronic document management system.
  • Variable data is input by the user (via cell phone/PDA 20 or PC 30), and captured by a data capturing component of the system using a predetermined electronic template such that the variable data, in the context of that particular template, defines an electronic document.
  • a form-type document template is contemplated for use by the preferred embodiment described herein but any type of template may be used, as desired, for a particular application and does not restrict, or form part of, the electronic document management system claimed herein.
  • a representation of the variable input data, system-assigned document and revision numbers and fixed document template data is copied by the Application server 45 into an array of bytes to which NISTs secure hash algorithm is applied by a document digest generator component to generate a unique document digest.
  • a Java security object (employing the Java software products of Sun Microsystems, Inc. of California, U.S.A.) is used to implement NIST's secure hash algorithm known as SHA. This algorithm is well known by persons skilled in the art and it is broadly published and available to the public, for example, see FIPS PUB 180-1 , Federal Information Processing Standards Publication, Secure Hash Standards, issued April 17, 1995 by the U.S. Department of Commerce.
  • the document number, revision number and paging details for that document are combined with the generated unique digest to produce a document identifier which is uniquely associated with a specific page of that specific document.
  • This unique document identifier is then converted to a 2 OF 5 Interleaved formatted barcode 100 (see Figure 2) using a barcode generator component and inserted into the associated page of the document (see the barcode 100 applied to the document of Figure 2).
  • the generated barcode is unique to the specific contents of the associated document page and, as such, any change made to the contents of that page may be identified and tracked by reference to this barcode and any subsequent barcodes derived for revisions of the document.
  • a signature is applied to the document using one of the following alternative methods:
  • the document may be printed by a user via printer 40, hand-signed by all parties, and then faxed via fax machine 50 to the Receipt/Delivery server 55 (in this case it is assumed that the hand-signing of the document is locally validated e.g. the party faxing back the signed document may be a representative of the contracting authority, such as a sales person, and may be assumed to have validated, by witnessing, the signing of the document of the other party who may be a customer); or,
  • Digital signatures may be applied to the document using third party validation services and then forwarded to the Receipt/Delivery server 55.
  • the Receipt/Delivery server 55 receives a signed document and for each page uses a barcode verification component to identify and validate the barcode therein, comparing the digest of the received document -with that of the document data associated with the defined (i.e. original) document. Once the document has been validated the Receipt/Delivery server 55 stores it within Database 35.
  • the barcode is parsed to determine the document number, revision number, paging details and digest.
  • the document number is used to retrieve the defined document from the Database 35.
  • the digest for the defined document is compared to the digest of the barcode of the received document. Any difference between the new digest value and the stored digest value for the defined document results in a determination that the received document is invalid.
  • the received document is then placed in a rejection queue for manual intervention.
  • the flowchart of Figure 3 shows a preferred sequence of steps performed by the system to create and store a barcoded electronic document in accordance with the invention.
  • An authorized user enters variable data into a predetermined electronic form template.
  • the user-input variable data is validated and the document is stored in the Database 35 together with a system-generated unique document number and revision number for that document.
  • a document digest is generated as described above and the resulting digest is associated with the document and stored in the Database 35.
  • a document image generator component of the system then generates an image of the document, this being a PDF image in the illustrated example.
  • a unique barcode comprising the document and revision numbers, document digest and paging details, is generated and attached to each page of the document image.
  • a digital exchange key generator component For use in validating digitally signed documents, a digital exchange key generator component generates a digital exchange key by applying the same hash algorithm to the entire document image (i.e. the entire PDF file in this example) and this digital exchange key is stored in Database 35. The document image is then forwarded for delivery to a user's fax, printer or email address.
  • FIGS. 4 and 5(a), (b) show preferred sequences of steps performed by the system to receive and store hand-signed and digitally-signed barcoded documents, respectively.
  • a hand-signed document it is faxed to the Receipt/Delivery server 55 and that server scans the barcode from each page of the electronic copy of the faxed-in document. If the barcodes cannot be located on the pages or the barcodes of each page of the document do not conform (apart from the page number) then the electronic copy of the faxed-in document is forwarded to a local exception queue for manual intervention.
  • the scanned barcodes are parsed into their components: document number, revision number, paging details, and digest; and these components are cross-referenced to those stored in the Database server 35 for the defined document. If the values do not match any stored value, or if there is already an image of a signed document stored for the document values, the electronic copy of the faxed-in document is forwarded to an exception queue for manual intervention. If an image has not yet been stored, the image of the signed document is associated with the original stored document and stored in the Database 35.
  • a digitally-signed document the user applies their digital signature to the document if they agree to the terms of the document and the digitally signed document is then emailed to the Receipt/Delivery server 55 where the user's security credentials are authenticated by a digital signature authentication component using the Public Key Infrastructure (PKI). If the user is authenticated the digital signature authentication component decrypts the digital signature using the user's public key collected from the PKI and thereby retrieves the document hash as computed by the user.
  • PKI Public Key Infrastructure
  • the digital signature authentication component then verifies the validity of the signature by applying to the received document the same hash formula used by the user and the resulting hash value is compared to the hash value retrieved from the digital signature received from the user (it is to be noted that this hash formula is applied for purposes of the selected cryptographic processes for applying the digital signature and it is not the same hash formula applied by the system to produce the document digest). If the hash values do not match, the verification process has failed and the email is forwarded to another mailbox for manual intervention. If they do match, the document and revision numbers are retrieved from the received document and, using this information, a digital exchange key verification component retrieves from the Database 35 the stored digital exchange key which is associated with those document and revision numbers.
  • the digital exchange key verification component takes steps to prove the returned document is the same as the sent document. To do so, it computes the digital exchange key for the received document using the original hash formula and the computed digital exchange key is compared to the stored digital exchange key for the defined (i.e. original) document. If the keys do not match the verification process has failed and the email is forwarded to another mailbox for manual intervention. If the keys match the document image, the email and the full authentication details are associated with the defined document and all of these are stored in the Database 35.

Abstract

The invention provides a system and method for establishing and managing authenticated electronic documents (e.g. commercial contracts) whereby the content, revision status and authenticating parties are stored, tracked, retrieved and validated on demand by permitted users. Variable document data is input by user into an electronic form template and this data is captured by the system. The system derives a document number and revision number for the document and all of this identifying information is associated with the document and stored. A document digest formula is applied to generate a unique document digest. The system then generates a unique barcode for each page of the document based on the digest, document number, revision number and paging details and the barcodes are electronically added to the associated pages of the document. Either the parties to the document sign a printed copy of the barcoded document or a digital signature is applied using a third party validation service. The resultant signed and barcoded document is stored electronically whereby permitted users may locate existing documents (e.g. contracts), track document revisions and validate document contents and signatories.

Description

AUTHENTICATED ELECTRONIC DOCUMENT MANAGEMENT SYSTEM AND METHOD
Field of the Invention
This invention relates generally to the field of electronic commerce ("e- commerce") software applications and, more particularly, to an electronic system and method for creating, managing and authenticating documents, such as commercial contracts, in electronic form.
Background of the Invention
Cryptography is frequently employed within networked systems as a security measure and uses private and public keys. The terms "private key" and "public key" are well known terms of art and are used for asymmetric cryptography in which one key is used for encryption and the other for decryption and one of these keys, namely the private key, is kept by the user and never revealed or transferred. Asymmetric cryptography is considered to provide a higher level of security than symmetric cryptography for which a shared key is used for both encryption and decryption (the sharing aspect introducing an element of insecurity). When using asymmetric cryptography to send a message to another party, the public key of that party is located by means of a public key infrastructure (PKI) and is used to encrypt the message; then, only the person with the corresponding private key (i.e. being the other party for whom the message is created) is able to decrypt the message.
The term digital signature is also a well known term of art and refers to a message digest encrypted using a private key, a message digest being a condensed form of a document or transaction to be signed which cannot be used to recreate the document or transaction itself, and which is extremely sensitive to small changes in the document. The digital signature is verified by decrypting it with the corresponding public key to recover the message digest and then comparing the recovered message digest with one computed by a verifier using the document which was purported to be signed. Although encrypted message digests may be used to verify that a party holds a specific private key they are more commonly used to prove that the holder of a specific key was involved in a transaction involving the message; for example, to identify that they gave their assent to the message, just as a physical signature is used to indicate the participation of the signing party in a document. In this case, the encrypted form of the digest must be retained at a secure site.
One of the problematic aspects of e-commerce is the necessity to verify both the parties and the contents of any given transaction (e.g. contract). The foregoing electronic security technologies are available to authenticate the parties participating in a transaction (i.e. electronic signatures, digital certificates and third party authentication) but these technologies are insufficient to also enable a user to validate the exact content of a document signed by the parties thereto. This is a substantial concern associated with e-commerce given the ease with which the data that makes up an electronic contract can become corrupt and thereby make the enforcement of these kinds of contracts very difficult.
There is a need, therefore, for a more effective and flexible means for validating the verity of an electronically generated and authenticated document such as a commercial contract, whereby both the contents and signatures may be matched to one another. Further is a need for a means to readily identify and track the changes made to such an electronic document during its lifecycle.
Summary of the Invention
In accordance with the invention there is provided an electronic system and method for creating, managing and authenticating documents (e.g. commercial contracts) whereby the content, revision status and authenticating parties are stored, tracked, retrieved and validated on demand by permitted users.
In accordance with the invention there are provided an electronic document management system and method for verifying the contents of an electronic document exchanged through a network and comprising variable data input by a user. Data defining an electronic document is captured and stored by the system, the captured data including at least the variable data. The variable data is input by a user and captured into a pre-determined electronic form template whereby the data defining the electronic document comprises the variable data and the pre-determined electronic form template. A unique document number and revision number are generated for the defined electronic document and stored with the captured data. A unique digest is generated from the defined electronic document by applying a secure algorithm thereto whereby the digest is uniquely associated with the defined electronic document. The unique digest is stored and associated with the defined electronic document. A barcode is generated for each page of the defined electronic document from the unique digest, the document number and its revision number, and paging details, whereby the barcode uniquely identifies the page of the defined electronic document to which it pertains and the contents thereof. The defined electronic document with the barcode added thereto is forwarded for use by a user. The barcoded defined electronic document forwarded for use by a user may be in the form of an electronic image such as a PDF formatted image.
For processing digitally-signed documents a unique digital exchange key is generated by applying the secure algorithm to the electronic image and stored in association with the defined electronic document.
In use, the barcoded document is authenticated by the parties either by hand- signing a printed copy of the barcoded document or by applying a digital signature using a third party validation service. The resultant barcoded, signed and authenticated document is associated to the variable data originally input by the user by cross- referencing the digest component of that barcode to the stored digest associated with the defined electronic document. Upon successful association the system binds the signed document (an electronic image) to the original input data. The electronic storage of the resulting bound documents permits authorized users to locate existing documents (e.g. contracts), track document revisions and validate document contents and signatories.
Description of the Drawings
The present invention is described in detail below with reference to the following drawings in which like reference numerals refer throughout to like elements.
Figure 1 is an operational block diagram showing the hardware components of, and steps performed by, a preferred implementation of an electronic document management system in accordance with the invention;
Figure 2 is a sample barcoded contract established by the electronic document management system of Figure 1 ;
Figure 3 is a flow chart showing the steps of a method for creating and storing a barcoded document in accordance with the invention; Figure 4 is a flow chart showing the steps of a method for receiving and storing a hand-signed barcoded document in accordance with the invention; and,
Figures 5(a) and 5(b) are a flow chart showing the steps of a method for receiving and storing a digitally signed barcoded document in accordance with the invention (the flow chart of Figure 5(b) continuing from that of Figure 5(a)).
Detailed Description of a Preferred Embodiment
The present invention is an electronic document management system which, in the preferred embodiment described herein, is implemented in software components. Figure 1 shows hardware components which are used to implement a preferred embodiment of the electronic document management system. The components of the illustrated system are shown in the top portion "A" of Figure 1 and the alternative and/or complementary user components, comprising a web-enabled cell phone/personal digital assistant (PDA) 20, PC 30, printer 40 and/or fax machine 50, are shown in the bottom portion "B" of Figure 1.
The electronic document management system operates on hardware which includes a secure Authentication server 25 for communicating in a secure manner with a Web/Application server 45 to validate users of the system. A Web/Application server 45 interfaces to the user's web-enabled cell phone and PC components 20, 30 for data transfer therebetween and also communicates with a secure Database 35 to create and manage electronic documents. A Receipt/Delivery server 55 receives documents from the Web/Application server 45 and interfaces to the user components PC 30, printer 40 and fax 50 to email, print or fax documents, respectively. The Receipt/Delivery server 55 also receives authenticated (i.e. signed) faxed documents from the user via the fax machine 50. The Receipt/Delivery server 55 communicates with the Database 35 to validate and store signed documents. The functionality and components of the Authentication, Web/Application, Database and Receipt/Delivery servers 25,45,35, 55 of this preferred embodiment are detailed below. However, it is to be understood by the reader that the software components of the electronic document management system may be implemented by means of different software/hardware configurations and components for alternative embodiments.
The Web/Application server 45 provides two functions, namely, a Web server function and an Application server function. The Web server function runs applications for displaying system screens and documents to the user in a user-requested format
(HTML, WML, PDF, etc.). The Application server function runs components of the electronic document management system including a document forwarding component which forwards documents for faxing, emailing and printing by the Receipt/Delivery server 55. It also receives input from the Web server, validates user inputs and stores those inputs in the Database 35. Hardware and software components used for the
Web/Application server 45 in the preferred embodiment are the following:
System: Redhat Linux 7 [other options: Windows NT, or Solaris 7] Processor: Pentium III 1000 MHz [ other options: UltraSPARC] Memory: 512 MB (or more) Disk: redundant 9 GB (or more) Application Software:
Web Server: Apache 1.3 with SSL supporting high security connections.
JSP/Servlet Server: Tomcat 3
• Development Software:
Java 1.3
Java Database Connectivity (JDBC) 2.0
Java Server Pages (JSP) 1.1
Java Servlets 2.2
Apache Batik 1.0, FOP 0.19, Xalan 2.0.0, Xerces 1.2.3
The Database (with an associated server) 35 provides storage for storing user inputs and document identification data including digests and signed electronic documents (i.e. images). The hardware and software components used for the
Database (and server) 35 in the preferred embodiment are the following:
System: Redhat Linux 7 [other options: Windows NT, or Solaris 7]
Processor: Pentium III 1000 MHz [ other options: UltraSPARC]
Memory: 1024 MB (or more)
Disk: array of suitable size for storage needs
Database: Oracle 8i RDBMS [other options: DB2, or SQL Server]
The Authentication server 25 performs user account maintenance functions. These functions include user and password authentication, account expiry, maintenance of user attributes, account locking and account disabling. The hardware and software components used for the Authentication server 25 in the preferred embodiment are the following:
• System: Redhat Linux 7 [other options: Windows NT, or Solaris 7]
• Processor: Pentium III 1000 MHz (or more) [other options: UltraSPARC]
• Memory: 512 MB (or more) • LDAP application software iPlanet [other options: Open LDAP or Oracle]
The Receipt/Delivery server 55 receives documents from the Application server 45 and emails, prints or faxes them to a specified destination. The Receipt/Delivery server 55 also receives faxed or emailed signed documents by means of a document receiving component and interacts with the Database 35 for storage. The hardware and software components used for the Receipt/Delivery server 55 in the preferred embodiment are the following:
• System: Redhat Linux 7 [other options: Windows NT, or Solaris 7]
• Processor: Pentium III 1000 MHz [other options: UltraSPARC]
• Memory: 512 MB (or more)
• Fax Application software: Efax [or Hylafax]
• Print Application software: LPRng
• Email Application software: Sendmail 8, Imapd, and JavaMail 1.2
Figure 2 represents a sample document, being a commercial contract in this illustration, created by the subject electronic document management system.
Variable data is input by the user (via cell phone/PDA 20 or PC 30), and captured by a data capturing component of the system using a predetermined electronic template such that the variable data, in the context of that particular template, defines an electronic document. A form-type document template is contemplated for use by the preferred embodiment described herein but any type of template may be used, as desired, for a particular application and does not restrict, or form part of, the electronic document management system claimed herein.
A representation of the variable input data, system-assigned document and revision numbers and fixed document template data is copied by the Application server 45 into an array of bytes to which NISTs secure hash algorithm is applied by a document digest generator component to generate a unique document digest. A Java security object (employing the Java software products of Sun Microsystems, Inc. of California, U.S.A.) is used to implement NIST's secure hash algorithm known as SHA. This algorithm is well known by persons skilled in the art and it is broadly published and available to the public, for example, see FIPS PUB 180-1 , Federal Information Processing Standards Publication, Secure Hash Standards, issued April 17, 1995 by the U.S. Department of Commerce. The document number, revision number and paging details for that document are combined with the generated unique digest to produce a document identifier which is uniquely associated with a specific page of that specific document. This unique document identifier is then converted to a 2 OF 5 Interleaved formatted barcode 100 (see Figure 2) using a barcode generator component and inserted into the associated page of the document (see the barcode 100 applied to the document of Figure 2).
Advantageously, the generated barcode is unique to the specific contents of the associated document page and, as such, any change made to the contents of that page may be identified and tracked by reference to this barcode and any subsequent barcodes derived for revisions of the document.
A signature is applied to the document using one of the following alternative methods:
1. The document may be printed by a user via printer 40, hand-signed by all parties, and then faxed via fax machine 50 to the Receipt/Delivery server 55 (in this case it is assumed that the hand-signing of the document is locally validated e.g. the party faxing back the signed document may be a representative of the contracting authority, such as a sales person, and may be assumed to have validated, by witnessing, the signing of the document of the other party who may be a customer); or,
2. Digital signatures may be applied to the document using third party validation services and then forwarded to the Receipt/Delivery server 55.
The Receipt/Delivery server 55 receives a signed document and for each page uses a barcode verification component to identify and validate the barcode therein, comparing the digest of the received document -with that of the document data associated with the defined (i.e. original) document. Once the document has been validated the Receipt/Delivery server 55 stores it within Database 35.
To validate that the contents of a received document are identical to the original document, the barcode is parsed to determine the document number, revision number, paging details and digest. The document number is used to retrieve the defined document from the Database 35. The digest for the defined document is compared to the digest of the barcode of the received document. Any difference between the new digest value and the stored digest value for the defined document results in a determination that the received document is invalid. The received document is then placed in a rejection queue for manual intervention.
The flowchart of Figure 3 shows a preferred sequence of steps performed by the system to create and store a barcoded electronic document in accordance with the invention. An authorized user enters variable data into a predetermined electronic form template. The user-input variable data is validated and the document is stored in the Database 35 together with a system-generated unique document number and revision number for that document. A document digest is generated as described above and the resulting digest is associated with the document and stored in the Database 35. A document image generator component of the system then generates an image of the document, this being a PDF image in the illustrated example. A unique barcode, comprising the document and revision numbers, document digest and paging details, is generated and attached to each page of the document image. For use in validating digitally signed documents, a digital exchange key generator component generates a digital exchange key by applying the same hash algorithm to the entire document image (i.e. the entire PDF file in this example) and this digital exchange key is stored in Database 35. The document image is then forwarded for delivery to a user's fax, printer or email address.
The flowcharts of Figures 4 and 5(a), (b) show preferred sequences of steps performed by the system to receive and store hand-signed and digitally-signed barcoded documents, respectively. As detailed by Figure 4, for a hand-signed document it is faxed to the Receipt/Delivery server 55 and that server scans the barcode from each page of the electronic copy of the faxed-in document. If the barcodes cannot be located on the pages or the barcodes of each page of the document do not conform (apart from the page number) then the electronic copy of the faxed-in document is forwarded to a local exception queue for manual intervention. The scanned barcodes are parsed into their components: document number, revision number, paging details, and digest; and these components are cross-referenced to those stored in the Database server 35 for the defined document. If the values do not match any stored value, or if there is already an image of a signed document stored for the document values, the electronic copy of the faxed-in document is forwarded to an exception queue for manual intervention. If an image has not yet been stored, the image of the signed document is associated with the original stored document and stored in the Database 35.
As detailed by Figures 5(a) and (b), for a digitally-signed document the user applies their digital signature to the document if they agree to the terms of the document and the digitally signed document is then emailed to the Receipt/Delivery server 55 where the user's security credentials are authenticated by a digital signature authentication component using the Public Key Infrastructure (PKI). If the user is authenticated the digital signature authentication component decrypts the digital signature using the user's public key collected from the PKI and thereby retrieves the document hash as computed by the user. The digital signature authentication component then verifies the validity of the signature by applying to the received document the same hash formula used by the user and the resulting hash value is compared to the hash value retrieved from the digital signature received from the user (it is to be noted that this hash formula is applied for purposes of the selected cryptographic processes for applying the digital signature and it is not the same hash formula applied by the system to produce the document digest). If the hash values do not match, the verification process has failed and the email is forwarded to another mailbox for manual intervention. If they do match, the document and revision numbers are retrieved from the received document and, using this information, a digital exchange key verification component retrieves from the Database 35 the stored digital exchange key which is associated with those document and revision numbers. If an associated digital exchange key cannot be located, or if an existing signed image is already stored, then the verification process has failed and the email is forwarded to another mailbox for manual intervention. If an associated digital exchange key is located and no existing signed image exists, the digital exchange key verification component takes steps to prove the returned document is the same as the sent document. To do so, it computes the digital exchange key for the received document using the original hash formula and the computed digital exchange key is compared to the stored digital exchange key for the defined (i.e. original) document. If the keys do not match the verification process has failed and the email is forwarded to another mailbox for manual intervention. If the keys match the document image, the email and the full authentication details are associated with the defined document and all of these are stored in the Database 35. It will be appreciated by the reader that the foregoing electronic document management system and method provide effective means for closely and accurately tracking the contents of electronic documents exchanged between parties over a network and for verifying the validity of the contents of each page of an electronic document that has been hand-signed or digitally signed by one or more parties.
While the invention has been described herein with reference to a system and method for creating, managing and authenticating commercial contracts it will be apparent to the reader that the invention may be applied to any type of document which is subject to embodiment in an electronic format. Similarly, while it is preferable to interface the system to the user through a cellular telecommunications network and/or an Internet global communication network, to take advantage of the broad availability and accessibility of this network to users, the invention is not limited thereto and an intranet could instead be used. Further, it is to be understood that the specific system components described herein may be embodied in and implemented by any number of alternative discrete hardware components, as appropriate, and the embodiment described here is not intended to limit the scope of the invention which is defined solely by the appended claims. From the teachings provided herein, a person skilled in the art is able to implement the invention by means of alternative computer program embodiments.

Claims

WHAT IS CLAIMED IS:
1. An electronic document management system for verifying the contents of an electronic document exchanged through a network and comprising variable data input by a user, said system comprising:
(a) a data capturing component for capturing data defining an electronic document, wherein said data comprises at least said variable data, and forwarding said data for storage;
(b) a document digest generator for generating a digest from said defined electronic document by applying a secure algorithm thereto, whereby said digest is uniquely associated with said defined electronic document, and forwarding said digest for storage in association with said defined electronic document;
(c) a barcode generator for generating a barcode from said generated digest whereby said barcode uniquely identifies said defined electronic document and the contents thereof;
(d) a document forwarding component for forwarding said defined electronic document with said barcode added thereto for use by a user;
(e) a document receiving component for receiving from a user a signed electronic document comprising variable data and a barcode; and,
(f) a barcode verification component for determining the validity of said barcode of said received electronic document wherein a digest component of said barcode is compared to said stored digest associated with said defined electronic document.
2. An electronic document management system according to claim 1 wherein a unique document number is generated for said defined electronic document, said document number is stored with said captured data and said digest is generated from said defined electronic document and said document number.
3. An electronic document management system according to claim 2 wherein said user inputs said variable data into a pre-determined electronic form template and said data defining said electronic document comprises said variable data and said predetermined electronic form template.
4. An electronic document management system according to claim 3 wherein a unique document revision number is generated for said defined electronic document, said document revision number is stored with said captured data and said digest is generated from said defined electronic document and said document and revision numbers.
5. An electronic document management system according to claim 4 wherein a unique barcode for each page of said defined electronic document is generated by said barcode generator from said digest, said document and revision numbers and paging details for said defined electronic document and each said unique barcode is added to the specific page of said defined electronic document associated therewith, wherein the resulting barcoded defined electronic document is forwarded by said document forwarding component.
6. An electronic document management system according to claim 5 and further comprising a document image generator for generating an electronic image of said barcoded defined electronic document, wherein said document forwarding component forwards said electronic image.
7. An electronic document management system according to claim 6 wherein said received electronic document has been hand-signed and faxed by said user.
8. An electronic document management system according to claim 6 and further comprising a digital exchange key generator for generating a unique digital exchange key associated with said defined electronic document, said generated unique digital exchange key being generated by applying said secure algorithm to said electronic image, and forwarding said digital exchange key for storage.
9. An electronic document management system according to claim 8 wherein said electronic document received by said document receiving component comprises a digital signature and said system further comprises a digital signature authentication component for authenticating said digital signature and a digital exchange key verification component for determining the validity of said received electronic document, wherein said digital exchange key verification component determines a digital exchange key by applying said secure algorithm to said received electronic document and comparing said determined digital exchange key to said stored unique digital exchange key associated with said defined electronic document.
10. A method for managing and verifying the contents of an electronic document exchanged through a network and comprising variable data input by a user, said method comprising:
(a) capturing data defining an electronic document, whereby said data comprises at least said variable data, and forwarding said data for storage;
(b) generating a digest from said defined electronic document by applying a secure algorithm thereto whereby said digest is uniquely associated with said defined electronic document, and forwarding said digest for storage in association with said defined electronic document;
(c) generating a barcode from said generated digest whereby said barcode uniquely identifies said defined electronic document and the contents thereof;
(d) forwarding said defined electronic document with said barcode added thereto for use by a user;
(e) receiving from a user a signed electronic document comprising variable data and a barcode; and,
(f) determining the validity of said barcode of a document received by said document receiving component wherein a digest component of said barcode is compared to said stored digest associated with said defined electronic document.
11. A method according to claim 10 whereby said user inputs said variable data into a pre-determined electronic form template and said data defining said electronic document comprises said variable data and said pre-determined electronic form template.
12. A method according to claim 11 and further comprising generating a unique document number for said defined electronic document and forwarding said document number for storage with said captured data, whereby said digest is generated from said defined electronic document and said document number.
13. A method according to claim 12 and further comprising generating a unique document revision number for said defined electronic document and forwarding said document revision number for storage with said captured data, whereby said digest is generated from said defined electronic document and said document and revision numbers.
14. A method according to claim 13 and further comprising generating a unique barcode for each page of said defined electronic document from said digest, said document and revision numbers and paging details for said defined electronic document, adding each said unique barcode to the specific page of said defined electronic document which is associated therewith and forwarding the resulting barcoded defined electronic document for use by a user.
15. A method according to claim 14 and further comprising generating an electronic image of said barcoded defined electronic document and forwarding said image for use by a user.
16. A method according to claim 15 and further comprising generating a unique digital exchange key associated with said defined electronic document by applying said secure algorithm to said electronic image and forwarding said digital exchange key for storage.
17. A method according to claim 16 whereby said electronic document received by said document receiving component comprises a digital signature, said method further comprising:
(a) authenticating said digital signature; and,
(b) determining the validity of said received electronic document by applying said secure algorithm to said received electronic document and comparing the resulting determined digital exchange key to said stored unique digital exchange key associated with said defined electronic document.
18. A method according to claim 15 whereby said received electronic document has been hand-signed and faxed by said user.
PCT/CA2002/001178 2001-08-06 2002-07-26 Authenticated electronic document management system and method WO2003015396A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
EP02750736A EP1415461A1 (en) 2001-08-06 2002-07-26 Authenticated electronic document management system and method
JP2003520181A JP2004537822A (en) 2001-08-06 2002-07-26 Authentication electronic document management system and method
CA002456657A CA2456657A1 (en) 2001-08-06 2002-07-26 Authenticated electronic document management system and method

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/923,615 2001-08-06
US09/923,615 US20030028494A1 (en) 2001-08-06 2001-08-06 Electronic document management system and method

Publications (1)

Publication Number Publication Date
WO2003015396A1 true WO2003015396A1 (en) 2003-02-20

Family

ID=25448969

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CA2002/001178 WO2003015396A1 (en) 2001-08-06 2002-07-26 Authenticated electronic document management system and method

Country Status (5)

Country Link
US (2) US20030028494A1 (en)
EP (1) EP1415461A1 (en)
JP (1) JP2004537822A (en)
CA (1) CA2456657A1 (en)
WO (1) WO2003015396A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ES2238156A1 (en) * 2003-10-13 2005-08-16 Retevision Movil, S.A. Method for authenticating user for accessing computer applications and signing electronic documents through mobile phone, involves controlling communication network while accessing computer applications and signing documents by user
DE102004031446A1 (en) * 2004-06-29 2006-01-26 Secardeo Gmbh Authorizing method for digital signatures in portable document format (PDF) documents stores authorizing data in a PDF document for checking signatures

Families Citing this family (123)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8307037B2 (en) 2000-01-10 2012-11-06 Bump Network, Inc. Inter vehicle communication system
JP2002344736A (en) * 2001-05-21 2002-11-29 Oki Electric Ind Co Ltd Original warrant system for print paper, printer, and verification device
US20040166593A1 (en) * 2001-06-22 2004-08-26 Nolte David D. Adaptive interferometric multi-analyte high-speed biosensor
AU2003219823A1 (en) * 2002-02-20 2003-09-09 Bitpipe, Inc. Electronic document tracking
JP2004094487A (en) * 2002-08-30 2004-03-25 Matsushita Electric Ind Co Ltd Support system for preparing document
US8040541B2 (en) * 2002-08-06 2011-10-18 Polestar, Ltd. Secure document printing
US8171567B1 (en) 2002-09-04 2012-05-01 Tracer Detection Technology Corp. Authentication method and system
WO2004095195A2 (en) * 2003-04-21 2004-11-04 Document Images, Llc System and method for managing imaged freight documents
JP4036333B2 (en) * 2003-05-23 2008-01-23 日本アイ・ビー・エム株式会社 Sender mail server, receiver mail server, e-mail system, signature data management method, and program
US20040243536A1 (en) * 2003-05-28 2004-12-02 Integrated Data Control, Inc. Information capturing, indexing, and authentication system
US7451321B2 (en) * 2003-10-07 2008-11-11 Joseph Ernest Dryer Electronic signature management method
TW200515752A (en) * 2003-10-24 2005-05-01 Hon Hai Prec Ind Co Ltd System and method for limiting the download times
EP1730675B1 (en) * 2004-03-12 2015-05-20 Ingenia Holdings Limited Authenticity verification methods, products and apparatuses
EP1730665B1 (en) * 2004-03-12 2009-06-03 Ingenia Technology Limited Methods and apparatuses for creating authenticatable printed articles and subsequently verifying them
US9799060B2 (en) * 2004-04-01 2017-10-24 Google Inc. Content access with handheld document data capture devices
JP2008502058A (en) * 2004-05-18 2008-01-24 シルバーブルック リサーチ ピーティワイ リミテッド Method and computer system for tracking security documents
US20050289639A1 (en) * 2004-06-23 2005-12-29 Leung Wai K System and method of securing the management of documentation
US7949666B2 (en) * 2004-07-09 2011-05-24 Ricoh, Ltd. Synchronizing distributed work through document logs
GB2417592B (en) 2004-08-13 2006-07-26 Ingenia Technology Ltd Authenticity verification of articles
US20060101028A1 (en) * 2004-10-21 2006-05-11 Banks Lanette E Method and apparatus for efficient electronic document management
JP2006155585A (en) * 2004-10-27 2006-06-15 Ricoh Co Ltd Document management service providing device, authentication service providing device, document management service providing program, authentication service providing program, recording medium, document management service providing method, and authentication service providing method
US20060112017A1 (en) * 2004-11-22 2006-05-25 George Koppich System and method for auditing an electronic document trail
US7580164B2 (en) * 2004-12-22 2009-08-25 Ricoh Co., Ltd. Document separator pages
US7760372B2 (en) * 2005-01-11 2010-07-20 Xerox Corporation Method for automated document selection
US7451140B2 (en) * 2005-01-11 2008-11-11 Xerox Corporation System and method for proofing individual documents of variable information document runs using document quality measurements
US7405831B2 (en) * 2005-02-01 2008-07-29 Purdue Research Foundation Laser scanning interferometric surface metrology
US20070023643A1 (en) * 2005-02-01 2007-02-01 Nolte David D Differentially encoded biological analyzer planar array apparatus and methods
US7910356B2 (en) 2005-02-01 2011-03-22 Purdue Research Foundation Multiplexed biological analyzer planar array apparatus and methods
US8154769B2 (en) * 2005-02-15 2012-04-10 Ricoh Co. Ltd Systems and methods for generating and processing evolutionary documents
US7634280B2 (en) * 2005-02-17 2009-12-15 International Business Machines Corporation Method and system for authenticating messages exchanged in a communications system
US20060200582A1 (en) * 2005-02-23 2006-09-07 Phipps Andrew M Unique identifier addressing and messaging enabling transfer of digital communication, content, and commerce
US8140350B2 (en) * 2005-02-22 2012-03-20 Medimaging Tools, Llc System and method for integrating ancillary data in DICOM image files
US8489410B2 (en) 2005-02-22 2013-07-16 Medimaging Tools, Llc System and method for modifying and routing DICOM examination files
US7506801B2 (en) * 2005-04-07 2009-03-24 Toshiba Corporation Document audit trail system and method
US20060265332A1 (en) * 2005-05-17 2006-11-23 Lexmark International, Inc. Method for providing document traceability
US20060282396A1 (en) * 2005-06-09 2006-12-14 Civil Foundation, Llc Multi-jurisdictional electronic-commerce legal products, methods of production and methods of conducting business therewith
US20070013961A1 (en) * 2005-07-13 2007-01-18 Ecloz, Llc Original document verification system and method in an electronic document transaction
JP5123181B2 (en) * 2005-07-27 2013-01-16 インジェニア・テクノロジー・(ユーケイ)・リミテッド Authenticity verification
WO2007012821A1 (en) * 2005-07-27 2007-02-01 Ingenia Technology Limited Verification of the signature of an article created from signals obtained from scatter of coherent optical radiation from the surface of the article
RU2008107340A (en) * 2005-07-27 2009-09-10 Инджениа Текнолоджи Лимитед (Gb) RECIPE AUTHENTICATION USING SPECL STRUCTURES
JP4765482B2 (en) * 2005-08-25 2011-09-07 富士ゼロックス株式会社 Document management system, document management program, and document management method
GB2429950B (en) * 2005-09-08 2007-08-22 Ingenia Holdings Copying
US8732570B2 (en) * 2005-09-08 2014-05-20 Ricoh Co. Ltd. Non-symbolic data system for the automated completion of forms
US20070115497A1 (en) * 2005-10-28 2007-05-24 Ingenia Holdings (Uk) Limited Document Management System
WO2007049034A1 (en) * 2005-10-28 2007-05-03 Ingenia Holdings (Uk) Limited System and method for managing physical and electronic documents
US8085445B2 (en) * 2005-10-28 2011-12-27 Redphone Security, Inc. Method to certify facsimile transmissions
US7561722B2 (en) * 2005-12-14 2009-07-14 Xerox Corporation System and method for interactive document layout
US7769712B2 (en) * 2005-12-21 2010-08-03 Decernis, Llc Document validation system and method
DE112006003518T5 (en) * 2005-12-21 2009-01-29 Decernis, Llc System for the validation of at least part of a document
GB2448245B (en) * 2005-12-23 2009-11-04 Ingenia Holdings Optical authentication
US7996367B2 (en) * 2006-01-18 2011-08-09 Echosign, Inc. Automatic document exchange with document searching capability
US7895166B2 (en) * 2006-01-18 2011-02-22 Echosign, Inc. Automatic document exchange with archiving capability
US7996439B2 (en) * 2006-01-18 2011-08-09 Echosign, Inc. Automatic document exchange and execution management
JP2007206822A (en) * 2006-01-31 2007-08-16 Fuji Xerox Co Ltd Document management system, document disposal management system, document management method, and document disposal management method
AU2007217078A1 (en) * 2006-02-16 2007-08-30 Purdue Research Foundation In-line quadrature and anti-reflection enhanced phase quadrature interferometric detection
JP2007265073A (en) * 2006-03-29 2007-10-11 Fujitsu Ltd Printer, printing method, and printing system
JP2007281673A (en) * 2006-04-04 2007-10-25 Fuji Xerox Co Ltd Information processing apparatus and information processing program
GB2440386A (en) * 2006-06-12 2008-01-30 Ingenia Technology Ltd Scanner authentication
JP4147255B2 (en) * 2006-06-23 2008-09-10 キヤノン株式会社 Image processing apparatus, image processing control method, program, and storage medium
US20080021857A1 (en) * 2006-07-10 2008-01-24 Kabushiki Kaisha Toshiba Electronic Data Storing Apparatus
US20110082969A1 (en) * 2006-07-26 2011-04-07 James Joseph Macor Associative data storage devices for authentication of collectable objects
US20080149518A1 (en) * 2006-07-26 2008-06-26 Macor James J Protection and authentication device for a collectable object
US8479004B2 (en) * 2006-08-31 2013-07-02 Ricoh Co., Ltd Paper-based document logging
US20080059494A1 (en) * 2006-09-01 2008-03-06 Ean Rouse Schuessler Document database system and method
US7672934B1 (en) * 2006-10-19 2010-03-02 Symantec Operting Corporation Method for restoring documents from a database file
US7522282B2 (en) * 2006-11-30 2009-04-21 Purdue Research Foundation Molecular interferometric imaging process and apparatus
US20080144899A1 (en) * 2006-11-30 2008-06-19 Manoj Varma Process for extracting periodic features from images by template matching
US20080230605A1 (en) * 2006-11-30 2008-09-25 Brian Weichel Process and apparatus for maintaining data integrity
WO2008089495A2 (en) 2007-01-19 2008-07-24 Purdue Research Foundation System with extended range of molecular sensing through integrated multi-modal data acquisition
US8006094B2 (en) * 2007-02-21 2011-08-23 Ricoh Co., Ltd. Trustworthy timestamps and certifiable clocks using logs linked by cryptographic hashes
US9514117B2 (en) * 2007-02-28 2016-12-06 Docusign, Inc. System and method for document tagging templates
CA2681722A1 (en) 2007-03-26 2008-10-02 Purdue Research Foundation Method and apparatus for conjugate quadrature interferometric detection of an immunoassay
US9369604B2 (en) * 2007-03-28 2016-06-14 Ricoh Co., Ltd. Mechanism for speculative printing
US20080243688A1 (en) * 2007-03-28 2008-10-02 Hart Peter E Method and Apparatus for Recording Transactions with a Portable Logging Device
US8996483B2 (en) * 2007-03-28 2015-03-31 Ricoh Co., Ltd. Method and apparatus for recording associations with logs
US8396909B1 (en) * 2007-04-12 2013-03-12 United Services Automobile Association (Usaa) Electronic file management hierarchical structure
US8375072B1 (en) * 2007-04-12 2013-02-12 United Services Automobile Association (Usaa) Electronic file management hierarchical structure
WO2008128125A1 (en) 2007-04-12 2008-10-23 Avow Systems, Inc. Electronic document management and delivery
GB2450131B (en) * 2007-06-13 2009-05-06 Ingenia Holdings Fuzzy Keys
US20090003588A1 (en) * 2007-06-26 2009-01-01 John Gordon Ross Counter Sealing Archives of Electronic Seals
US8655961B2 (en) 2007-07-18 2014-02-18 Docusign, Inc. Systems and methods for distributed electronic signature documents
US8949706B2 (en) 2007-07-18 2015-02-03 Docusign, Inc. Systems and methods for distributed electronic signature documents
US9760839B1 (en) 2007-07-25 2017-09-12 United Services Automobile Association (Usaa) Electronic recording statement management
US8156416B2 (en) * 2008-05-12 2012-04-10 Xerox Corporation Securing printed output
GB2460625B (en) * 2008-05-14 2010-05-26 Ingenia Holdings Two tier authentication
US8688744B2 (en) * 2008-09-09 2014-04-01 Applied Systems, Inc. Method, system, and apparatus for scanning and importing documents
US9613049B2 (en) 2008-09-09 2017-04-04 Applied Systems, Inc. Document integration and distribution system, method and device
KR20100034637A (en) * 2008-09-24 2010-04-01 삼성전자주식회사 The data transmitting method in image forming apparatus and the image forming apparatus for performing the method
US8185733B2 (en) * 2008-10-02 2012-05-22 Ricoh Co., Ltd. Method and apparatus for automatically publishing content based identifiers
US7818256B1 (en) * 2008-11-20 2010-10-19 Citibank, N.A. Digital receipt for electronic data and methods and systems for generating same
GB2466465B (en) * 2008-12-19 2011-02-16 Ingenia Holdings Authentication
GB2466311B (en) * 2008-12-19 2010-11-03 Ingenia Holdings Self-calibration of a matching algorithm for determining authenticity
US9165262B2 (en) 2009-01-29 2015-10-20 International Business Machines Corporation Automatic generation of assent indication in a document approval function for collaborative document editing
US8218763B2 (en) * 2009-04-22 2012-07-10 International Business Machines Corporation Method for ensuring the validity of recovered electronic documents from remote storage
US20110000402A1 (en) * 2009-07-06 2011-01-06 Grasso Jr Louis P System and Method for Handling Recyclable Materials and Products Manufactured Therefrom
US8229070B2 (en) * 2009-09-30 2012-07-24 The Board Of Trustees Of The Leland Stanford Junior University Intrafraction motion management using a rough to accurate monitoring strategy
GB2476226B (en) 2009-11-10 2012-03-28 Ingenia Holdings Ltd Optimisation
US9270663B2 (en) 2010-04-30 2016-02-23 T-Central, Inc. System and method to enable PKI- and PMI-based distributed locking of content and distributed unlocking of protected content and/or scoring of users and/or scoring of end-entity access means—added
US9251131B2 (en) 2010-05-04 2016-02-02 Docusign, Inc. Systems and methods for distributed electronic signature documents including version control
EP2580705B1 (en) 2010-06-11 2018-08-08 DocuSign, Inc. Web-based electronically signed documents
US20130041961A1 (en) 2010-09-13 2013-02-14 Frederick Mitchell Thrower, III Systems and methods for electronic communication using unique identifiers associated with electronic addresses
US8561882B2 (en) * 2011-02-11 2013-10-22 Athenahealth, Inc. Safety net for bar-coded documents
JP2013012844A (en) * 2011-06-28 2013-01-17 Brother Ind Ltd Facsimile control program, information processor, and facsimile system
US9824198B2 (en) 2011-07-14 2017-11-21 Docusign, Inc. System and method for identity and reputation score based on transaction history
US9268758B2 (en) 2011-07-14 2016-02-23 Docusign, Inc. Method for associating third party content with online document signing
EP2732427B1 (en) 2011-07-14 2019-02-27 DocuSign, Inc. Online signature identity and verification in community
WO2013029048A1 (en) 2011-08-25 2013-02-28 Docusign, Inc. Mobile solution for signing and retaining third-party documents
US10511732B2 (en) 2011-08-25 2019-12-17 Docusign, Inc. Mobile solution for importing and signing third-party electronic signature documents
US20130086186A1 (en) * 2011-09-23 2013-04-04 Rpost Communications Limited Computer implemented method for collection, aggregation and authentication of electronic data
US9230130B2 (en) 2012-03-22 2016-01-05 Docusign, Inc. System and method for rules-based control of custody of electronic signature transactions
ITRM20120590A1 (en) * 2012-11-23 2014-05-24 Land S R L PROCEDURE FOR CODIFICATION AND DECODING OF THE DIGITAL SIGNATURE.
WO2016160052A1 (en) 2015-03-31 2016-10-06 Paradigm, Inc. Systems and methods for generating and validating certified electronic credentials
US10699001B2 (en) 2015-03-31 2020-06-30 Paradigm, Inc. Systems and methods for generating and validating certified electronic credentials
CN104951256B (en) * 2015-04-28 2018-03-13 珠海街邻网络有限公司 A kind of Method of printing, printer and server
JP6610034B2 (en) * 2015-06-30 2019-11-27 富士ゼロックス株式会社 Information processing apparatus and information processing program
US10033536B2 (en) 2016-03-25 2018-07-24 Credly, Inc. Generation, management, and tracking of digital credentials
US10068074B2 (en) 2016-03-25 2018-09-04 Credly, Inc. Generation, management, and tracking of digital credentials
DE102016221699A1 (en) * 2016-11-04 2018-05-09 Bundesdruckerei Gmbh Procedure for issuing a virtual version of a document
IT201700101442A1 (en) * 2017-09-12 2019-03-12 Altera Fabrica Srls METHOD FOR AUTOMATIC AND FORMED CATALOGING INCREASED IN DIGITAL AND / OR PAPER RESOURCES IN DOCUMENT MANAGEMENT
US20190087831A1 (en) 2017-09-15 2019-03-21 Pearson Education, Inc. Generating digital credentials based on sensor feedback data
US10803104B2 (en) 2017-11-01 2020-10-13 Pearson Education, Inc. Digital credential field mapping
JP7113589B2 (en) * 2018-07-17 2022-08-05 株式会社デンソー Information intermediation device, information provision device, and information acquisition device
US20230385890A1 (en) * 2022-05-25 2023-11-30 The Toronto-Dominion Bank Distributed authentication in ambient commerce

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001009830A1 (en) * 1999-08-02 2001-02-08 Ecrypt Encryption Technologies Ag Method for archiving documents with a digital signature on paper or similar materials

Family Cites Families (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5163091A (en) * 1990-01-29 1992-11-10 Graziano James M Knowledge based system for document authentication (apparatus)
US5136647A (en) * 1990-08-02 1992-08-04 Bell Communications Research, Inc. Method for secure time-stamping of digital documents
US5191613A (en) * 1990-11-16 1993-03-02 Graziano James M Knowledge based system for document authentication
US20020170966A1 (en) * 1995-07-27 2002-11-21 Hannigan Brett T. Identification document including embedded data
US5606609A (en) * 1994-09-19 1997-02-25 Scientific-Atlanta Electronic document verification system and method
US6188766B1 (en) * 1997-03-05 2001-02-13 Cryptography Research, Inc. Apparatus and method for confirming, timestamping, and archiving printer and telecopier transmissions
US6779178B1 (en) * 1997-03-07 2004-08-17 Signature Mail. Com, Llc System and method for personalizing electronic mail messages
US6212504B1 (en) * 1998-01-12 2001-04-03 Unisys Corporation Self-authentication of value documents using encoded indices
US6202933B1 (en) * 1998-02-19 2001-03-20 Ernst & Young U.S. Llp Transaction card and methods and apparatus therefor
US6243480B1 (en) * 1998-04-30 2001-06-05 Jian Zhao Digital authentication with analog documents
US6170744B1 (en) * 1998-09-24 2001-01-09 Payformance Corporation Self-authenticating negotiable documents
JP3853528B2 (en) * 1998-11-12 2006-12-06 日本電気株式会社 Authentication management system and authentication management method
ATE289435T1 (en) * 1998-11-19 2005-03-15 Digimarc Corp PRINTING AND VERIFICATION OF SELF-CHECKING SECURITY DOCUMENTS
US6671805B1 (en) * 1999-06-17 2003-12-30 Ilumin Corporation System and method for document-driven processing of digitally-signed electronic documents
US20010034835A1 (en) * 2000-02-29 2001-10-25 Smith Robert E. Applied digital and physical signatures over telecommunications media
AU4771901A (en) * 2000-03-22 2001-10-03 Unifiedmarket Inc Method and system for a network-based securities marketplace
US20020049614A1 (en) * 2000-05-23 2002-04-25 Rice Marion R. Image signatures with unique watermark ID
US7152047B1 (en) * 2000-05-24 2006-12-19 Esecure.Biz, Inc. System and method for production and authentication of original documents
US6499665B1 (en) * 2000-08-21 2002-12-31 Xerox Corporation Method for indexing and retrieval of physical documents
US6726104B2 (en) * 2000-12-18 2004-04-27 Symbol Technologies, Inc. Scaling techniques for printing bar code symbols
US6944770B2 (en) * 2001-05-17 2005-09-13 Intelli-Mark Technologies, Inc. Methods and systems for generating and validating value-bearing documents

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001009830A1 (en) * 1999-08-02 2001-02-08 Ecrypt Encryption Technologies Ag Method for archiving documents with a digital signature on paper or similar materials

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ES2238156A1 (en) * 2003-10-13 2005-08-16 Retevision Movil, S.A. Method for authenticating user for accessing computer applications and signing electronic documents through mobile phone, involves controlling communication network while accessing computer applications and signing documents by user
DE102004031446A1 (en) * 2004-06-29 2006-01-26 Secardeo Gmbh Authorizing method for digital signatures in portable document format (PDF) documents stores authorizing data in a PDF document for checking signatures
DE102004031446B4 (en) * 2004-06-29 2006-10-26 Secardeo Gmbh Method for authorizing digital signatures in PDF documents

Also Published As

Publication number Publication date
US20040078337A1 (en) 2004-04-22
US20030028494A1 (en) 2003-02-06
EP1415461A1 (en) 2004-05-06
JP2004537822A (en) 2004-12-16
CA2456657A1 (en) 2003-02-20

Similar Documents

Publication Publication Date Title
US20030028494A1 (en) Electronic document management system and method
US6553493B1 (en) Secure mapping and aliasing of private keys used in public key cryptography
Kuhn et al. Sp 800-32. introduction to public key technology and the federal pki infrastructure
US7082538B2 (en) Electronically verified digital signature and document delivery system and method
US8185938B2 (en) Method and system for network single-sign-on using a public key certificate and an associated attribute certificate
US7356690B2 (en) Method and system for managing a distributed trust path locator for public key certificates relating to the trust path of an X.509 attribute certificate
US6188766B1 (en) Apparatus and method for confirming, timestamping, and archiving printer and telecopier transmissions
US20020144109A1 (en) Method and system for facilitating public key credentials acquisition
EP0940945A2 (en) A method and apparatus for certification and safe storage of electronic documents
US20020004800A1 (en) Electronic notary method and system
US20060224895A1 (en) System and methods for electronically notarizing scanned documents
US20100100465A1 (en) Trusted third party authentication and notarization for email
WO2020098419A1 (en) Method and apparatus for providing security identity information, and method and apparatus for acquiring security identity information
US20030028493A1 (en) Personal information management system, personal information management method, and information processing server
US20120191979A1 (en) System and method for electronic signature via proxy
US20040068470A1 (en) Distributing public keys
US20050044369A1 (en) Electronic document management system
US20020073310A1 (en) Method and system for a secure binding of a revoked X.509 certificate to its corresponding certificate revocation list
EP3379440A1 (en) A computer implemented method for automatically certifying documents with integrity and authenticity guarantees and computer programs thereof
US7660981B1 (en) Verifiable chain of transfer for digital documents
WO2021030329A1 (en) Unified authentication system for decentralized identity platforms
WO2004012415A1 (en) Electronic sealing for electronic transactions
KR101933090B1 (en) System and method for providing electronic signature service
CA2426536A1 (en) Electronic document management system and method
Varshney et al. Digital signatures

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BY BZ CA CH CN CO CR CU CZ DE DM DZ EC EE ES FI GB GD GE GH HR HU ID IL IN IS JP KE KG KP KR LC LK LR LS LT LU LV MA MD MG MN MW MX MZ NO NZ OM PH PL PT RU SD SE SG SI SK SL TJ TM TN TR TZ UA UG UZ VN YU ZA ZM

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ UG ZM ZW AM AZ BY KG KZ RU TJ TM AT BE BG CH CY CZ DK EE ES FI FR GB GR IE IT LU MC PT SE SK TR BF BJ CF CG CI GA GN GQ GW ML MR NE SN TD TG

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LU MC NL PT SE SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2456657

Country of ref document: CA

Ref document number: 2003520181

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 2002750736

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2002750736

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWW Wipo information: withdrawn in national office

Ref document number: 2002750736

Country of ref document: EP