Abstract: A method and apparatus, such as a secure distribution server, receives encrypted information from a sender, wherein the encrypted information is for transmission to a plurality of intended recipients. In addition to the encrypted information, the method includes receiving an encrypted secret key that is encrypted using a public key associated with the secure distribution server. The method and apparatus decrypts the encrypted secret key to produce a decrypted secret key. The method and apparatus then encrypts the decrypted secret key with the corresponding public key of at least one (or each of a plurality of) intended recipient(s) to produce at least one (or plurality of) recipient-specific secure secret keys. The method and apparatus then forwards the received encrypted information sent by the sender and also sends at least one recipient-specific secure secret key to a corresponding intended recipient.

Abstract: The present invention provides a container system for releasably storing a substance. The container system includes a vial having a sample storage chamber and a piercing member for piercing a membrane in the lid, which membrane seals a substance within a reservoir in the lid until the membrane is pierced by the piercing member. The container system optionally includes a funnel. There is also provided a method and kit for use of such a container system.

Abstract: A method and apparatus, such as a secure distribution server, receives encrypted information from a sender, wherein the encrypted information is for transmission to a plurality of intended recipients. In addition to the encrypted information, the method includes receiving an encrypted secret key that is encrypted using a public key associated with the secure distribution server. The method and apparatus decrypts the encrypted secret key to produce a decrypted secret key. The method and apparatus then obtains a public key associated with one or more delegates of the intended recipient(s), sender(s) or other entity and encrypts the decrypted secret key with the corresponding public key of at least one delegate (or each of a plurality of delegates) associated with the intended recipient(s) or sender(s) to produce at least one delegate-specific secure secret key (or plurality of delegate-specific secure secret keys).

Abstract: A method and apparatus, such as a secure distribution server, receives encrypted information from a sender, wherein the encrypted information is for transmission to a plurality of intended recipients. In addition to the encrypted information, the method includes receiving an encrypted secret key that is encrypted using a public key associated with the secure distribution server. The method and apparatus decrypts the encrypted secret key to produce a decrypted secret key. The method and apparatus then encrypts the decrypted secret key with the corresponding public key of at least one (or each of a plurality of) intended recipient(s) to produce at least one (or plurality of) recipient-specific secure secret keys. The method and apparatus then forwards the received encrypted information sent by the sender and also sends at least one recipient-specific secure secret key to a corresponding intended recipient.

Abstract: A method and apparatus constructs a preferred certificate chain, such as a list of all certificate authorities in a shortest trusted path, based on generated certificate chain data, such as a table of trust relationships among certificate issuing units in a community of interest, to facilitate rapid validity determination of the certificate by a requesting unit. In one embodiment, requesting units, such as certificate validation units or subscribers, send queries to a common certificate chain constructing unit. Each query may identify a beginning and target certification authority in the community. The certificate chain constructing unit then automatically determines the certification chain among certification issuing units between the beginning and target certification authorities for each query and provides certificate chain data to the requesting unit. The requesting unit then performs validity determination on the certificate to be validated based on the certificate chain data.

Abstract: A computer network security system provides generation of a certificate revocation list (CRL) upon each revocation. The entire certificate revocation list may be published on demand, or only the portion that has changed. The computer network security system provides on-demand publishing of data identifying revoked certificates, such as revocation and expiration data, in response to receipt of revocation request data. The computer network security system stores the on-demand published data for analysis by one or more network nodes, such as a client, to determine whether a certificate is valid. The network nodes include certificate revocation list cache memory that may be selectively activated/deactivated, to effect storage/non-storage of the data identifying the revoked certificates.