公开(公告)号：US07784087B2

公开(公告)日：2010-08-24

申请号：US11197112

申请日：2005-08-04

申请人： Sameer Yami ,  Peter Tran

发明人： Sameer Yami ,  Peter Tran

IPC分类号： G06F21/00 ,  H04L29/06

CPC分类号： H04L9/3226 ,  H04L9/3234 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/10 ,  H04L2209/60

摘要： A system and method for the selective sharing of an electronic document. The method enables a user to share access to an electronic document stored on a repository on a document management system. A user, via a document processing services network, generates a password and token corresponding to the document to be shared. The token provides information regarding the electronic document to be shared and the way the shared document will be made available to other users. The user then gives the token along with the password to the other users desiring to have access to the shared document. The other users are then able to retrieve the electronic document via email, viewing on a web browser, or printing at a multifunction peripheral device.

摘要翻译： 用于选择性共享电子文档的系统和方法。 该方法使得用户能够共享对存储在文档管理系统上的存储库上的电子文档的访问。 用户通过文档处理服务网络生成与要共享的文档相对应的密码和令牌。 令牌提供有关要共享的电子文档以及共享文档将被提供给其他用户的信息。 用户然后将令牌和密码一起提供给希望访问共享文档的其他用户。 其他用户然后能够通过电子邮件检索电子文档，在网络浏览器上查看，或在多功能外围设备上打印。

公开(公告)号：US20070283446A1

公开(公告)日：2007-12-06

申请号：US11446908

申请日：2006-06-05

申请人： Sameer Yami ,  Amir Shahindoust ,  Michael Yeung ,  Peter Tran

发明人： Sameer Yami ,  Amir Shahindoust ,  Michael Yeung ,  Peter Tran

IPC分类号： H04L9/32

CPC分类号： H04L9/32 ,  G06F21/608 ,  H04L9/14 ,  H04L63/0435 ,  H04L63/061 ,  H04L2209/60 ,  H04L2209/80

摘要： A system and method for secure handling of scanned documents is provided. Electronic document data is received by a document processing device and assigned an identifier unique to the document. A user ID or electronic mail address is then received corresponding to the selected output operation. The user ID or address is then transmitted, along with the identifier, to an encryption key generator, which then generates a symmetric encryption key. The encryption key is then returned to the document processing device, whereupon the electronic document data is encrypted and the key is deleted by the document processing device. The encrypted document is then stored or transmitted via electronic mail, in accordance with the selected output operation. Decryption is thereafter accomplished using the document identifier, user ID or email address, and key generator identification data.

摘要翻译： 提供了一种用于安全处理扫描文档的系统和方法。 电子文档数据由文档处理设备接收并分配给该文档唯一的标识符。 然后根据所选择的输出操作接收用户ID或电子邮件地址。 然后将用户ID或地址连同该标识符一起发送到加密密钥生成器，然后加密密钥生成器生成对称加密密钥。 然后将加密密钥返回到文档处理设备，由此文档处理设备对电子文档数据进行加密，密钥被删除。 然后，根据所选择的输出操作，通过电子邮件存储或发送加密的文档。 此后，使用文档标识符，用户ID或电子邮件地址以及密钥生成器识别数据完成解密。

公开(公告)号：US20070283170A1

公开(公告)日：2007-12-06

申请号：US11446874

申请日：2006-06-05

申请人： Sameer Yami ,  Amir Shahindoust

发明人： Sameer Yami ,  Amir Shahindoust

IPC分类号： G06F12/14

CPC分类号： H04L9/0866

摘要： A system and method for secure inter-process data communication is provided. Identification data corresponding to a user is received and used to generate a symmetric encryption key. The symmetric encryption key is then used to encrypt job data. A token associated with the encrypted job data is then generated. Expiration data corresponding to the validity period of the token is then associated with the token, whereupon the token is stored. The generated symmetric key is then encrypted using a static symmetric encryption key, whereupon the encrypted symmetric key is also stored in association with the token. When a process receives the encrypted job data, the process retrieves the token and determines, based on the expiration data whether the token is still valid. When the token is valid, the static key is retrieved and used to decrypt the encrypted encryption key. The decrypted encryption key is then used to decrypt the job data, whereupon the process performs the function associated therewith upon the decrypted job data.

摘要翻译： 提供了一种用于安全的进程间数据通信的系统和方法。 接收与用户对应的识别数据，并用于生成对称加密密钥。 然后对称加密密钥用于加密作业数据。 然后生成与加密的作业数据相关联的令牌。 与令牌的有效期相对应的到期数据然后与令牌相关联，于是令牌被存储。 然后使用静态对称加密密钥对生成的对称密钥进行加密，由此加密的对称密钥也与令牌相关联地存储。 当进程接收到加密的作业数据时，进程将检索令牌，并根据到期数据确定令牌是否仍然有效。 当令牌有效时，检索静态密钥并用于解密加密的加密密钥。 解密的加密密钥然后用于解密作业数据，于是该处理在解密的作业数据上执行与其相关联的功能。

公开(公告)号：US20070113089A1

公开(公告)日：2007-05-17

申请号：US11272904

申请日：2005-11-14

申请人： Sameer Yami ,  Amir Shahindoust ,  Michael Yeung

发明人： Sameer Yami ,  Amir Shahindoust ,  Michael Yeung

IPC分类号： H04L9/00

CPC分类号： H04L9/32 ,  H04L2209/80

摘要： The present invention is directed to a system and method for propagation of security information for secure information exchange. Existing and new authentication information are gathered and combined into the same header. The header is attached to electronic document data encrypted by a client device and sent via a computer network to a document processing device. The document processing device, upon receipt of the header and document first decrypts the header and uses the existing authentication information to qualify the new authentication information by validating the existing authentication information through a trusted authentication mechanism. Once validated, the new authentication information is available for future document processing operations by the document processing device and other trusted document processing devices.

摘要翻译： 本发明涉及用于安全信息交换的安全信息的传播的系统和方法。 现有的和新的认证信息被收集并组合成相同的标题。 该标题附加到由客户端设备加密并通过计算机网络发送到文档处理设备的电子文档数据。 文档处理设备在接收到报头和文档之后首先对报头进行解密并使用现有认证信息来通过可信赖的认证机制验证现有认证信息来限定新认证信息。 一旦验证，新的认证信息可用于文档处理设备和其他可信文档处理设备的将来的文档处理操作。

公开(公告)号：US20070076867A1

公开(公告)日：2007-04-05

申请号：US11242235

申请日：2005-10-03

申请人： Michael Yeung ,  Sameer Yami ,  Amir Shahindoust

发明人： Michael Yeung ,  Sameer Yami ,  Amir Shahindoust

IPC分类号： H04L9/30 ,  H04L9/00 ,  G06F12/14 ,  H04L9/32 ,  H04K1/00 ,  G06F11/30

CPC分类号： H04L9/085 ,  H04L9/0866 ,  H04L63/0442

摘要： The present invention is directed to a system and method for secure transmission of electronic document data on a network. The method begins with the receipt of user identification data associated with the identity of a user of document processing devices on the associated network. A password key, composed of a first share and a second share, is then generated from the user identification data. The first share is then communicated to an associated storage area. Electronic document data is then received, and an encryption key is randomly generated. The electronic document data is then encrypted using the encryption key. The second share is then appended to the encrypted electronic document and the combined data is communicated to an associated document processing device.

摘要翻译： 本发明涉及一种用于网络上电子文档数据的安全传输的系统和方法。 该方法开始于接收与相关网络上的文档处理设备的用户的身份相关联的用户标识数据。 然后，从用户识别数据生成由第一共享和第二共享组成的密码密钥。 然后将第一份额传送给相关联的存储区域。 然后接收电子文档数据，随机生成加密密钥。 然后使用加密密钥对电子文档数据进行加密。 然后将第二份额附加到加密电子文档，并将组合数据传送到相关联的文档处理装置。

公开(公告)号：US20110173445A1

公开(公告)日：2011-07-14

申请号：US12194186

申请日：2008-08-19

申请人： Sameer Yami ,  William Su ,  Michael L. Yeung ,  Hongfeng Wei

发明人： Sameer Yami ,  William Su ,  Michael L. Yeung ,  Hongfeng Wei

IPC分类号： G06F12/14

CPC分类号： G06F21/6218 ,  G06F2221/2113

摘要： The subject application is directed to a system and method for automated application of security levels to electronic documents.1). Text data associated with text content of each of a plurality of stored electronic documents is stored in a data storage, each of the stored electronic documents having a security level associated therewith. An electronic document inclusive of text data comprising a plurality of text strings is received, and the text strings are compared with text data in at least one of the stored electronic documents. A security level is assigned to the received electronic document at a level associated with a stored electronic document in accordance with an output of the comparison.OR2). Electronic documents are received and keyword data is extracted to generate an index file associated with each electronic document. The index file is then stored in association with its respective electronic document in an associated data storage. Upon receipt of an electronic document for processing, keyword data is extracted and compared to keyword data in the index files associated with each of the stored electronic documents. The security level associated with each matching stored electronic document is then identified to determine the highest security level from among the matching documents. The received electronic document is then assigned the highest determined security level.

摘要翻译： 本申请涉及用于将安全级别自动应用于电子文档的系统和方法。 1）。 与多个存储的电子文档中的每一个的文本内容相关联的文本数据被存储在数据存储器中，每个存储的电子文档具有与其相关联的安全级别。 接收包括多个文本串的文本数据的电子文档，并将文本串与至少一个存储的电子文档中的文本数据进行比较。 根据比较的输出，以与存储的电子文档相关联的级别将所接收的电子文档分配给安全级别。 或2）。 收到电子文件，并提取关键字数据以生成与每个电子文档相关联的索引文件。 然后将索引文件与其相应的电子文档相关联地存储在相关联的数据存储器中。 在接收到用于处理的电子文档时，提取关键字数据并与与所存储的电子文档中的每一个相关联的索引文件中的关键字数据进行比较。 然后识别与每个匹配的存储的电子文档相关联的安全级别以确定匹配文档中的最高安全级别。 然后，所接收的电子文档被分配最高的确定的安全级别。

公开(公告)号：US07864354B2

公开(公告)日：2011-01-04

申请号：US11450223

申请日：2006-06-09

申请人： Amir Shahindoust ,  Peter Tran ,  Sameer Yami ,  Michael Yeung

发明人： Amir Shahindoust ,  Peter Tran ,  Sameer Yami ,  Michael Yeung

IPC分类号： G06F3/12 ,  G06K15/00

CPC分类号： H04N1/4406 ,  H04N1/00233 ,  H04N1/444 ,  H04N2201/0094 ,  H04N2201/3219 ,  H04N2201/3226 ,  H04N2201/3273

摘要： A system and method for controlled monitoring of pending document processing operations is provided. Each document processing request received by a document processing device is assigned a job name, which is then encrypted using a random static encryption key, resulting in a job identification. A user then logs onto the document processing device to view pending jobs, which are displayed to the user by only job identification. Those jobs with which the user is associated are then decrypted by the document processing device, allowing the user to view job information including status and file name. The user is thereby also able to modify or delete those pending jobs with which the user is associated. Once the job queue is empty, the random static encryption key is deleted and a new key is generated when a document processing request is received into the empty queue.

摘要翻译： 提供了一种用于受控监视待处理文档处理操作的系统和方法。 为文档处理设备接收到的每个文档处理请求被分配了一个作业名称，然后使用随机静态加密密钥对其进行加密，从而导致作业识别。 然后，用户登录到文档处理设备以查看待处理作业，其仅通过作业识别显示给用户。 用户所关联的那些作业然后被文档处理设备解密，允许用户查看包括状态和文件名的作业信息。 因此，用户还能够修改或删除与用户相关联的那些挂起的作业。 一旦作业队列为空，则当文档处理请求被接收到空队列中时，随机静态加密密钥被删除并产生新的密钥。

公开(公告)号：US20100191983A1

公开(公告)日：2010-07-29

申请号：US12360483

申请日：2009-01-27

申请人： Sameer YAMI ,  Amir Shahindoust

发明人： Sameer YAMI ,  Amir Shahindoust

IPC分类号： G06F12/14

CPC分类号： G06F21/608

摘要： The subject application is directed to a system and method for secure logging of document processing device messages. A duration for capturing status messages is first defined and unencrypted document processing device status messages are received during the defined duration. An encryption key is generated for association with the duration and is thereafter associated with the duration. Each of the unencrypted document processing status messages is then encrypted using the key as it is received. The encrypted messages are then stored in an associated data storage. Following a completion of the defined duration, each of the encrypted messages is decrypted and then stored in a single, signed storage file. The signed storage file is then encrypted using the generated encryption key, and the encrypted storage file is associatively stored with the key.

摘要翻译： 本申请涉及用于文档处理设备消息的安全记录的系统和方法。 首先定义捕获状态消息的持续时间，并在定义的持续时间内接收未加密的文档处理设备状态消息。 生成加密密钥以与持续时间相关联，并且此后与持续时间相关联。 然后，每个未加密的文档处理状态消息使用接收到的密钥进行加密。 然后将加密的消息存储在相关联的数据存储器中。 在定义的持续时间完成之后，每个加密消息被解密，然后存储在单个签名的存储文件中。 然后，使用生成的加密密钥对签名的存储文件进行加密，并且将加密的存储文件与密钥相关联地存储。

公开(公告)号：US20090070446A1

公开(公告)日：2009-03-12

申请号：US11851135

申请日：2007-09-06

申请人： Amir SHAHINDOUST ,  Sameer Yami ,  Peter Hn Tran

发明人： Amir SHAHINDOUST ,  Sameer Yami ,  Peter Hn Tran

IPC分类号： G06F15/16 ,  G06F17/30

CPC分类号： G06F21/608 ,  G06F2221/2101 ,  G06F2221/2141

摘要： The subject application is directed to a system and method for securing of document processing devices in accordance with use patterns. Operational data is first received associated with the historic operation of an associated document processing device is first received. Next, feature data corresponding to the available capabilities of the associated document processing device is received. Utilization data is then generated according to the received operational data and the feature data, which includes data representing underutilized capabilities of the associated document processing device. An electronic document is then output inclusive of the generated utilization data.

摘要翻译： 本申请涉及根据使用模式来保护文件处理装置的系统和方法。 首先接收与相关联的文档处理设备的历史操作相关联的操作数据。 接下来，接收与相关联的文档处理设备的可用能力相对应的特征数据。 然后根据所接收到的操作数据和特征数据生成利用率数据，该特征数据包括表示相关联的文档处理设备的未充分利用的能力的数据。 然后输出包括生成的利用数据的电子文档。

公开(公告)号：US20070283166A1

公开(公告)日：2007-12-06

申请号：US11446910

申请日：2006-06-05

申请人： Sameer Yami ,  Peter Tran

发明人： Sameer Yami ,  Peter Tran

IPC分类号： G06F12/14

CPC分类号： G06F21/552

摘要： A system and method for state transition intrusion detection is provided. The system and method employ a state transition file, containing a listing or table of all available state transitions associated with a given operation. A log file is then generated using state transition data gathered during the performance of a given operation. Depending upon the instructions present in the state transition file, one or more state transitions in the log file are digitally signed. To determine if an intrusion has occurred, the log file is analyzed, state transition by state transition. This analysis is accomplished by comparing the signatures associated with the state transitions in the log file with those signatures contained in the state transition file, thereby detecting any erroneous signatures. Each operation capable of being performed is accounted for in the state transition file such that all available state transitions associated with the operation are stored in the file. The type of operation represented in the log file is then determined and the transitions contained in the log file are compared to those transitions associated with the operation type in the state transition file. Any missing state transitions denote tampering or modification of the log file, indicating an intrusion, whereupon an administrator is notified.

摘要翻译： 提供了一种用于状态转换入侵检测的系统和方法。 系统和方法采用状态转换文件，其中包含与给定操作相关联的所有可用状态转换的列表或表。 然后使用在执行给定操作期间收集的状态转换数据生成日志文件。 根据状态转换文件中的指令，日志文件中的一个或多个状态转换是数字签名的。 为了确定是否发生了入侵，日志文件被分析，状态转换状态转换。 通过将与日志文件中的状态转换相关联的签名与包含在状态转换文件中的签名进行比较来实现该分析，从而检测任何错误的签名。 在状态转换文件中考虑能够执行的每个操作，使得与操作相关联的所有可用状态转换被存储在文件中。 然后确定日志文件中表示的操作类型，并将日志文件中包含的转换与与状态转换文件中的操作类型相关联的转换进行比较。 任何丢失的状态转换表示篡改或修改日志文件，表示入侵，然后通知管理员。