Patent Grant
9264408
The present invention relates generally to secure delivery of electronic documents and more specifically to a method and systems for verifying and confirming the reception of files by the intended recipient, employing automatic speech recognition and biometric voice speaker identification.
E-mail allows persons (or even automatic robotics machines) to quickly and easily electronically send textual messages and other information such as, for example, a collection of pictures, sound recordings, and formatted documents to other e-mail users anywhere in the world. Anything that can be accessed as a file e.g., in hard disk folders or in network shared folders, can be included in an e-mail attachment. E-mail attachments can be images, documents, spread sheets, mp3 files, programs, and the likes. Once files are attached to an e-mail, the e-mail as well as the attached files can be transmitted over a communications network (e.g., the Internet) to other computer systems. A recipient user or other users accessing an attached file can detach the file to a local system storage for further processing.
A serious risk associated with the exchange of electronic information on open and unsecured networks, particularly on the Internet, is that an impostor could intercept an electronic communication, or access some of the information, such as an e-mail, and masquerade himself as the authorized recipient of said electronic communication.
It is often needed to deliver an electronic document to the intended recipient and then to make sure that the intended recipient, and not a different person, has indeed received the document. Likewise, it is often desirable to deliver an electronic document to the intended recipient and then to receive a confirmation that the intended recipient, after having received the document, has indeed opened and reviewed the content of the document.
Securing the delivery of documents to the intended recipients by verifying and confirming receipt of such delivered documents by the intended recipients may be needed, for example, in various legal or safety related applications. Furthermore, in such kind of applications, it is generally desirable that the recipient cannot easily repudiate receiving or viewing the document.
Previous approaches for securing the delivery to the intended and authorized recipients of electronic documents and files e.g., attached to e-mails, and obtaining receipt confirmations by the intended recipients, present some drawbacks. A first limitation is that generally the delivery confirmation can not positively demonstrate that the recipient actually has viewed, read or was otherwise made aware of the content of the received document. For example, according to the prior art methods based on providing a recipient private information, or digitally signing a confirmation message, the intended recipient may later repudiate the confirmation and assert that he or she did not send the confirmation. For example, the intended recipient may claim that the private information, such as a password, must have been compromised and was provided by another recipient. Also, an e-mail sender can receive an automatic confirmation that the e-mail has been successfully delivered to the recipient's e-mail server and that the e-mail has been opened, but there is not a verification and confirmation that the person who accesses and opens files attached to the e-mail is in fact the intended authorized recipient; moreover, there is not any confirmation about document opening i.e., if the recipient, being either the intended authorized recipient or another person, has in fact opened or read the files or documents attached by the sender to the delivered e-mail. In such a situation, the intended recipient may confirm that the e-mail has been received, but later deny that they actually were aware of the entire content of the e-mail and/or the content of the e-mail attached files.
While most of the modern e-mail systems enable to configure an e-mail to transmit a message to the sender confirming the reception and opening of the e-mail by the recipient (supposedly, by the intended recipient), there is no equivalent mechanism informing the sender that a file attached to an e-mail has been opened by the recipient. Moreover, there is no mechanism provided to assure and confirm to the sender of an e-mail that all files attached to the e-mail, even after being detached and saved for future processing, have been opened and accessed by the authorized intended recipient of said files.
As a consequence, there is a need for a method and systems enabling senders of electronic documents and files attached to e-mail to assure, verify and confirm in a non-repudiable manner the delivery of those documents and files to the intended recipients.
Thus, it is a broad object of the invention to remedy the shortcomings of the prior art as described here above.
It is another object of the invention to provide an improved method and systems for securing the delivery of electronic documents and files to the intended recipients.
It is also another object of the invention to provide an improved method and systems for securing the delivery of electronic documents and files to the intended recipients, adapted to verify the identity of the user requesting access to a file before enabling the user to access the content of the file.
It is a further object of the invention to provide an improved method and systems for securing the delivery of electronic documents and files to the intended recipients, adapted to provide the sender of a file a non-repudiable confirmation of the access to the content of the file by the intended recipient.
It is still a further object of the invention to provide an improved method and systems for securing the delivery of electronic documents and files to the intended recipients by using voiceprints.
The accomplishment of these and other related objects is achieved by a method for encoding a file to be transmitted in a computer network to an intended recipient, for authenticating the recipient and confirming the reception of said file by said intended recipient, using biometric voice identification, the method comprising the steps of,
by a method for decoding a file encoded according to the previous method, said method comprising the steps of,
and by a method for authenticating the recipient of a file encoded according to the previous method, comprising the steps of,
Further advantages of the present invention will become apparent to the ones skilled in the art upon examination of the drawings and detailed description. It is intended that any additional advantages be incorporated herein.
a and 8b illustrate an example of the algorithm used to encode an address in a filename.
According to the invention, a method and systems for securing the access to an electronically transmitted file and for verifying and confirming that the intended recipient has received and opened the file, and not anybody else, is disclosed. The main principle consists in combining an encryption key with the recipient voiceprint so that the encrypted file received by a recipient can only be decrypted with the encryption key, the encryption key being transmitted to the recipient after he/she read a predetermined text if the voiceprint of this reading corresponds to the recipient voiceprint.
As it is generally known, most voice biometric solutions create a voice print of the user, a template of the person's unique voice characteristics created when the user enrolls with the system. All subsequent attempts to access the system require the user to speak, so that their live voice sample may be compared against the pre-recorded template. For example, a reference on this subject is U.S. Pat. No. 6,529,871, by Kanevsky, entitled “Apparatus and method for speaker verification/identification/classification employing non-acoustic and/or acoustic models and databases”.
After having recorded a sample of the recipient's voice, the sender must determine the recipient's voiceprint. This can be done locally, on a generic server, or on a specific voice check server. For sake of illustration, determination of voiceprint and voiceprint storage is done on a specific voice check server, as depicted on
For encrypting a file to be sent, the sender 100 must first obtain a sample of recipient's voice and a voiceprint ID as disclosed above. Then, the sender preferably creates a voice check ticket. The sender can also ask to the voice check server or to a third party server for a voice check ticket. A voice check ticket mainly consists in a voiceprint ID, an encryption key and a voice check text. The encryption key associated to the voice check ticket is used by the sender to encrypt the file to be transmitted. The voice check ticket is then transmitted to the voice check server that transmits back the address or Universal Resource Locator (URL) of the voice check ticket i.e., the address from which the voice check ticket can be downloaded. The address or URL of the voice check ticket is encoded within the name of the encoded file to be transmitted.
If a voiceprint has been associated to the selected recipient, the sender's computer module 600 sends a request for an encryption key and a Voice Check Ticket (VCT) to the security server module 605 (step 640). As mentioned above, the security server module 605 can be merged with the sender's computer module 600 so that the encryption key is generated in the sender's computer and the voice check ticket is also created by the sender's computer. The security server module 605 generates an encryption key (step 645) to be used by a standard predetermined encryption algorithm, for example a public key algorithm such as RSA. The encryption key is received by the sender's computer module 600 (step 650) that uses it to encrypt the file to be sent (step 655). Additionally, the security server module 605 generates a voice check ticket (step 660). As discussed above, each voice check ticket preferably comprises a voiceprint ID, an encryption key and a voice check text. Voiceprint ID is determined by the sender's computer module 600 according to the selected recipient while the encryption key and the voice check text are determined by the security server module 605. The encryption keys are randomly generated according to standard key generation algorithm. Voice check texts can be generated in different ways. For example, a voice check text can be written by the sender such as a declarative confirmation of the reception of the encrypted file by the recipient. Voice check text can also be selected by the sender e.g., by copying a portion of the e-mail text to which the encrypted file is attached. Alternatively, the voice check text can be automatically generated by the voice check server module 610 e.g., by randomly selecting a text from a library of documents stored or accessed from said server.
The voice check ticket is then transmitted to the voice check server module 610 (step 665) to be stored in a voice check ticket database (step 670). The voice check server module 610 returns the address or URL of the stored voice check ticket to the security server module 605 (step 675) that in turn, transmits the address or URL of the stored voice check ticket to the sender's computer module 600 (step 665). The address or URL of the stored voice check ticket is then encoded within the name of the file to be transmitted (step 680), in the sender's computer module 600. The file is then ready to be transmitted since it is encoded and contains information allowing the intended recipient to decrypt it.
For encoding the address or URL within the name of the file to transmit, a specific lexicography is determined so as to avoid particular characters that may be forbidden by the file system, e.g., “\” with Microsoft Windows system (Windows is a Trademark of Microsoft Corporation), and/or to encode the addresses so as to reduce their sizes. Addresses to be encoded may be of any forms e.g., local addresses, addresses in private networks or Internet addresses, however, for sake of illustration, the examples given in the following description are based on URL type of addresses.
a and 8b illustrate illustrates an example of the algorithm used to encode an address in a filename. As shown on
b depicts an example of the encoding algorithm referred to as step 810 on
As an illustration of the algorithm described above, let us consider the case of a text file named “Biometric.txt”, that a user would like to send to someone else as an encrypted e-mail attachment, using to this purpose a lexicography table to encode the voice check ticket address string into the filename, wherein
To get the voice check ticket allowing the opening of the file, it is required to access the voice check ticket corresponding to this file. For sake of illustration one can consider that this voice check ticket can be downloaded from the following URL:
http://www.voicecheck.com/tickets/R7KWW56.vct
Before the sender of the document “Biometric.txt” sends or attaches the document, an option such as “encrypt file” can be selected to encrypt the file to generate a voice check ticket, and to obtain the address or URL of this voice check ticket.
The filename is modified according to the algorithm illustrated on
http;www.voicecheck.com,tickets,R7KWW56.vct
Then, the encoded address is merged with the filename. In this example, the encoded address is enclosed in parenthesis that are used as separators. The encoded address is inserted in front of the extension dot of the primary filename as follows:
Biometric(http;www.voicecheck.com,tickets,R7KWW56.vct).txt
and the file is renamed using this modified filename.
It must be noticed that, for sake of illustration, this encoding algorithm is purposely very simple. A preferred one would consist in replacing a sequence of forbidden characters by a single one and in replacing sets of characters more compact codes e.g., replacing “http://” by “H!”.
Among the advantages of the invention, one should noticed that,
Naturally, in order to satisfy local and specific requirements, a person skilled in the art may apply to the solution described above many modifications and alterations all of which, however, are included within the scope of protection of the invention as defined by the following claims.
| Number | Date | Country | Kind |
|---|---|---|---|
| 05106928 | Jul 2005 | EP | regional |
This application is a continuation application claiming priority to Ser. No. 11/996,633, filed Jan. 24, 2008.
| Number | Name | Date | Kind |
|---|---|---|---|
| 5625747 | Goldberg et al. | Apr 1997 | A |
| 6175822 | Jones | Jan 2001 | B1 |
| 6510415 | Talmor et al. | Jan 2003 | B1 |
| 6529602 | Walker et al. | Mar 2003 | B1 |
| 6529871 | Kanevsky et al. | Mar 2003 | B1 |
| 6553341 | Mullaly et al. | Apr 2003 | B1 |
| 6668044 | Schwartz et al. | Dec 2003 | B1 |
| 6876987 | Bahler et al. | Apr 2005 | B2 |
| 7644280 | Carro | Jan 2010 | B2 |
| 8725514 | Jaramillo | May 2014 | B2 |
| 20010033640 | Wuelly | Oct 2001 | A1 |
| 20020023231 | Pathuel | Feb 2002 | A1 |
| 20020046279 | Chung | Apr 2002 | A1 |
| 20020169871 | Cravo de Almeida et al. | Nov 2002 | A1 |
| 20020194279 | Chern | Dec 2002 | A1 |
| 20030046083 | Devinney, Jr. et al. | Mar 2003 | A1 |
| 20030112978 | Rodman et al. | Jun 2003 | A1 |
| 20030135740 | Talmor et al. | Jul 2003 | A1 |
| 20030164398 | Walker | Sep 2003 | A1 |
| 20030229492 | Nolan | Dec 2003 | A1 |
| 20040088360 | Caughey | May 2004 | A1 |
| 20040102959 | Estrin | May 2004 | A1 |
| 20040121813 | Colson et al. | Jun 2004 | A1 |
| 20040135740 | Sato | Jul 2004 | A1 |
| 20040165702 | Finnigan | Aug 2004 | A1 |
| 20050015596 | Bowers | Jan 2005 | A1 |
| 20050021984 | Hollander | Jan 2005 | A1 |
| 20050074112 | Timmins | Apr 2005 | A1 |
| 20050086188 | Hillis | Apr 2005 | A1 |
| 20070150723 | Estable et al. | Jun 2007 | A1 |
| 20080235669 | Carro | Sep 2008 | A1 |
| 20090144057 | Cabezas et al. | Jun 2009 | A1 |
| 20100281254 | Carro | Nov 2010 | A1 |
| Number | Date | Country |
|---|---|---|
| 1102429 | May 2001 | EP |
| 10243105 | Sep 1998 | JP |
| 2001144745 | May 2001 | JP |
| 2002342145 | Nov 2002 | JP |
| 2005267379 | Sep 2005 | JP |
| 2005098566 | Oct 2005 | WO |
| Entry |
|---|
| Notice of Allowance (Mar. 30, 2015) for U.S. Appl. No. 11/996,633, filed Jan. 24, 2008. |
| Office Action (Jan. 13, 2015) for U.S. Appl. No. 11/996,633, filed Jan. 24, 2008. |
| RCE (Jun. 6, 2012) for U.S. Appl. No. 11/996,633, filed Jan. 24, 2008. |
| Final Office Action (Mar. 13, 2012) for U.S. Appl. No. 11/996,633, filed Jan. 24, 2008. |
| Amendment (Dec. 23, 2011) for U.S. Appl. No. 11/996,633, filed Jan. 24, 2008. |
| Office Action (Sep. 28, 2011) for U.S. Appl. No. 11/996,633, filed Jan. 24, 2008. |
| Final Amendment (Aug. 18, 2011) for U.S. Appl. No. 11/996,633, filed Jan. 24, 2008. |
| Final Office Action (Jul. 29, 2011) for U.S. Appl. No. 11/996,633, filed Jan. 24, 2008. |
| Amendment (Jun. 1, 2011) for U.S. Appl. No. 11/996,633, filed Jan. 24, 2008. |
| Office Action (Mar. 3, 2011) for U.S. Appl. No. 11/996,633, filed Jan. 24, 2008. |
| Preliminary Amendment (Jan. 24, 2008) for U.S. Appl. No. 11/996,633, filed Jan. 24, 2008. |
| Patent Application for U.S. Appl. No. 14/718,421, filed May 21, 2015. |
| Number | Date | Country | |
|---|---|---|---|
| 20150304285 A1 | Oct 2015 | US |
| Number | Date | Country | |
|---|---|---|---|
| Parent | 11996633 | US | |
| Child | 14718538 | US |
