Abstract: A system and method for enabling secure communications from a shared multifunction peripheral device is provided. The shared multifunction peripheral device first receives identification data representative of an associated user requesting a document processing operation. Upon authentication of the user, a key pair is generated by the shared multifunction peripheral device. The shared multifunction peripheral device also generates a limited operation certificate, restricting the user to a particular function offered by the shared multifunction peripheral device. The certificate is then stored by the shared multifunction peripheral device and the private key is encrypted using the received identification data. The public key and encrypted private key are then stored by the shared multifunction peripheral device. An electronic mail message is then generated by the shared multifunction peripheral device and digitally signed using the private key, whereupon it is transmitted to one or more designated recipients.

Abstract: The subject application is directed to a system and method for generating verifiable device user passwords. More particularly, the subject application is directed to a system and method for authenticating a document processing device with a client device without either device possessing any previous authentication certificate or information.

Abstract: A system and method for state transition intrusion detection is provided. The system and method employ a state transition file, containing a listing or table of all available state transitions associated with a given operation. A log file is then generated using state transition data gathered during the performance of a given operation. Depending upon the instructions present in the state transition file, one or more state transitions in the log file are digitally signed. To determine if an intrusion has occurred, the log file is analyzed, state transition by state transition. This analysis is accomplished by comparing the signatures associated with the state transitions in the log file with those signatures contained in the state transition file, thereby detecting any erroneous signatures. Each operation capable of being performed is accounted for in the state transition file such that all available state transitions associated with the operation are stored in the file.

Abstract: A system and method for secure handling of scanned documents is provided. Electronic document data is received by a document processing device and assigned an identifier unique to the document. A user ID or electronic mail address is then received corresponding to the selected output operation. The user ID or address is then transmitted, along with the identifier, to an encryption key generator, which then generates a symmetric encryption key. The encryption key is then returned to the document processing device, whereupon the electronic document data is encrypted and the key is deleted by the document processing device. The encrypted document is then stored or transmitted via electronic mail, in accordance with the selected output operation. Decryption is thereafter accomplished using the document identifier, user ID or email address, and key generator identification data.

Abstract: The present invention is directed to a system and method for secure document transmission. The method begins by receiving first and second key portions into a data storage associated with a document processing device. The first key portion suitably includes data representing a user of the document processing device and the second key portion suitably includes data representing a source of at least one electronic document directed for transmission to the document processing device. Next, at least one encrypted electronic document is received into the document processing device, wherein the document includes the second key portion. The received electronic document is then decrypted using the second key portion and the first key portion, which was retrieved from the data storage. Following decryption, a document processing operation is commenced on the decrypted electronic document.

Abstract: The present invention is directed to a system and method for propagation of security information for secure information exchange. Existing and new authentication information are gathered and combined into the same header. The header is attached to electronic document data encrypted by a client device and sent via a computer network to a document processing device. The document processing device, upon receipt of the header and document first decrypts the header and uses the existing authentication information to qualify the new authentication information by validating the existing authentication information through a trusted authentication mechanism. Once validated, the new authentication information is available for future document processing operations by the document processing device and other trusted document processing devices.

Abstract: A system and method for certificate-based document processing authority is provided. Upon receipt of a request for access for document processing operations, an administrator selects a set of allowable functions corresponding to the requesting user. A document processing device is then designated for performing any requested operations and a certificate is generated by the administrator. The certificate is then sent to the designated document processing device, which functions as a certificate authority, for signing. Once signed, the certificate is issued to the requesting user. When a document processing request is received by the document processing device, a comparison is made between the requested operation and the set of allowable functions contained in the certificate associated with the user sending the request. The operation is then selectively performed based upon the results of the comparison.

Abstract: The present invention is directed to a system and method for secure transmission of electronic document data on a network. The method begins with the receipt of user identification data associated with the identity of a user of document processing devices on the associated network. A password key, composed of a first share and a second share, is then generated from the user identification data. The first share is then communicated to an associated storage area. Electronic document data is then received, and an encryption key is randomly generated. The electronic document data is then encrypted using the encryption key. The second share is then appended to the encrypted electronic document and the combined data is communicated to an associated document processing device.

Abstract: The present invention is directed to a system and method for secure inter-domain document transmission. Encrypted electronic document data is received from a source domain into a target domain. The encrypted electronic document includes header data containing encrypted user authentication data and data representing an identified file server associated with the target domain. Next, key data is retrieved from the identified file server. Decryption of the encrypted electronic document is then commenced using the retrieved key data.

Abstract: A system and method for the selective sharing of an electronic document. The method enables a user to share access to an electronic document stored on a repository on a document management system. A user, via a document processing services network, generates a password and token corresponding to the document to be shared. The token provides information regarding the electronic document to be shared and the way the shared document will be made available to other users. The user then gives the token along with the password to the other users desiring to have access to the shared document. The other users are then able to retrieve the electronic document via email, viewing on a web browser, or printing at a multifunction peripheral device.

Abstract: A method and system for searching location based information on a mobile device is disclosed. The method and system provides for location based resource information retrieval, processing retrieved resource information based on probability of finding them in the given location, a Peer to Peer recommendation system that combines other user's real time recommendations with archived recommendations, a virtual social network that creates a dynamic network consisting of user and user's acquaintances for refining the resource information, providing a refined set of search results, by considering user's privacy choices and personal preferences.

Abstract: A method and system for providing secure logging for intrusion detection is disclosed. The method and system provides for receiving log data, writing information to a log file based on the log data received, writing a first line to a log file as a signature, obtaining a random symmetric key during the writing of a second line, generating a MAC (message authentication code) for the first line from the random symmetric key, and generating a respective key during the writing of each subsequent line and utilizing the respective key to generate a MAC for the line previous to the subsequent line. In addition, the method and system provides for the writing of a last line to the log file to comprise a signature.