Abstract: A cryptographic key management system includes executable instructions to control access to keys based on permissions for users and groups. Executable instructions support cryptographic operations on the keys through a network application program interface. The cryptographic operations are controlled by the permissions. The cryptographic operations are distributed between the servers and the clients in accordance with criteria specifying optimal execution of cryptographic operations between the servers and the clients.

Abstract: A secure access method includes generating administrator access security information including a public and private key pair. The administrator access security information is associated with a set of client users assigned to a specified group. Each client user has personal security credentials for accessing a client computer. The administrator access security information is copied to a set of security tokens. The security tokens are distributed. A client computer associated with a client user of the set of client users is accessed by utilizing one of the security tokens instead of personal security credentials for the client computer.

Abstract: This present invention provides users with secure transparent electronic communication, allowing them to send and receive encrypted and/or signed messages with little or no user involvement. In various embodiments, the present invention provides a user with e-mail security via automated hierarchical techniques for transparently sending and receiving secure messages, and lowers the burden on administrators. Such a system can also manage cryptographic keys and certificates for the users, and creates such keys and certificates for the users when necessary. A server according to the present invention can intercept unsecured messages from a user, automatically transform those messages into secured messages, and transmit those secure messages to the intended recipients. The server can also automatically transform messages after the recipient sends a digital identity to the server and downloads the software necessary for transforming the secured messages back into readable messages (i.e.

Abstract: A system includes a set of private key fragments distributed across a set of networked resources. Each private key fragment independently produces a fractional cryptographic result. A combination module on a designated networked resource combines a sufficient number of fractional cryptographic results to produce an operable cryptographic result. A method includes generating a set of private key fragments. The set of private key fragments is located across a set of networked resources. Fractional cryptographic results are produced at the set of networked resources. The fractional cryptographic results are combined to produce an operable cryptographic result.

Abstract: A computer readable storage medium includes executable instructions to identify when a security policy cannot be applied by a supported secure email machine to a received email message and thus the email message is routed to an auxiliary secure email machine. Secure email policies are applied to the email message at the auxiliary secure email machine. The email message is then routed from the auxiliary secure email machine to the supported secure email machine.

Abstract: A cryptographic key management system includes executable instructions to control access to keys based on permissions for users and groups. Executable instructions support cryptographic operations on the keys through a network application program interface. The cryptographic operations are controlled by the permissions. The cryptographic operations are distributed between the servers and the clients in accordance with criteria specifying optimal execution of cryptographic operations between the servers and the clients.

Abstract: A computer readable storage medium includes executable instructions to encrypt a file with a file encryption key to produce an encrypted file. The file encryption key is encrypted with a directory encryption key to produce an encrypted file encryption key. The directory encryption key is encrypted with a public key of a user within a group to produce an encrypted directory encryption key.

Abstract: The invention includes a computer readable medium storing executable instructions to enroll a user with a secure email support facility. The computer readable medium includes executable instructions to send an enrollment message, supply a registration response, and confirm the registration response. An authentication email is also sent. A client identifies the authentication email. Authentication information within the authentication email is decrypted. The authentication information is used to authenticate the client and subsequently obtain access to a secure email support facility.

Abstract: One embodiment of the present invention provides a system for managing public keys through a server that stores associations between public keys and email addresses. This system operates by receiving a client public key from a client, and then storing the client public key in a database at the server. The system then allows other clients to lookup the client public key in the database. The system also periodically sends a verification request from the server to the client asking if the client public key remains valid. If an affirmative response to the verification request is not received, the system removes the client public key from the database.

Abstract: One embodiment of the present invention provides a system for managing public keys through a server that stores associations between public keys and email addresses. This system operates by receiving a first message from a client containing a request for approval of a client public key along with the client public key. In response this request for approval, the system sends a second message to the client containing a request for identity confirmation that includes the client public key. If a third message is received from the client containing an affirmative response to the request for identity confirmation, the system stores an association between a client email address and the client public key in a database. This allows other clients to look up the client public key in the database.

Abstract: One embodiment of the present invention provides a system that facilitates secure transmission of an email message to anonymous recipients without divulging the identities of the anonymous recipients. This system constructs an email message by identifying recipients of the email message. These recipients can include known recipients, who can be identified by examining the email message, and anonymous recipients, who cannot be identified by examining the email message. The system also generates a session key for the email message, and encrypts a body of the email message with the session key. The system also creates a recipient block for the email message that contains an entry for each recipient of the email message. Each entry in this recipient block contains the session key encrypted with a public key associated with the recipient to form an encrypted session key, so that only a corresponding private key held by the recipient can be used to decrypt the encrypted session key.

Abstract: This present invention provides users with secure transparent electronic communication, allowing them to send and receive encrypted and/or signed messages with little or no user involvement. In various embodiments, the present invention provides a user with e-mail security via automated hierarchical techniques for transparently sending and receiving secure messages, and lowers the burden on administrators. The present invention can include a server in a local network that acts as a proxy between a user and an open communications network, thereby providing transparent transmission and receipt of secure messages for the user. This could be used for sending and receiving secure e-mail or for securing instant messaging (IM). A server according to the present invention can intercept unsecured messages from a user, automatically transform those messages into secured messages, and transmit those secure messages to the intended recipients.

Abstract: This present invention provides users with secure transparent electronic communication, allowing them to send and receive encrypted and/or signed messages with little or no user involvement. In various embodiments, the present invention provides a user with e-mail security via automated hierarchical techniques for transparently sending and receiving secure messages, and lowers the burden on administrators. Such a system can also manage cryptographic keys and certificates for the users, and creates such keys and certificates for the users when necessary. A server according to the present invention can intercept unsecured messages from a user, automatically transform those messages into secured messages, and transmit those secure messages to the intended recipients. The server can also automatically transform messages after the recipient sends a digital identity to the server and downloads the software necessary for transforming the secured messages back into readable messages (i.e.

Abstract: This present invention provides users with secure transparent electronic communication, allowing them to send and receive encrypted and/or signed messages with little or no user involvement. In various embodiments, the present invention provides a user with e-mail security via automated hierarchical techniques for transparently sending and receiving secure messages, lowers the burden on administrators, and allows for a public key infrastructure (PKI) to be dynamically constructed and operated. Such a system can also manage cryptographic keys and certificates for the users, and create such keys and certificates for the users when necessary. The server can also receive an indication that a user has been properly authenticated, check whether the user has a cryptographic key, and automatically create a key if the user does not have one, thereby automatically registering the user within a community and allowing the user to transparently send and receive secure electronic messages.

Abstract: One embodiment of the present invention provides a system that facilitates encrypting and decrypting a data item. The system operates by encrypting a data item with a session key using a symmetric encryption mechanism to produce an encrypted data item. Next, the system splits the session key into a plurality of shares so that the session key can be reconstituted from a predefined number of shares. The system also receives a plurality of responses from the user (which may be responses to questions), and encrypts the plurality of shares with the plurality of responses using the symmetric encryption mechanism to generate a plurality of encrypted shares. The plurality of encrypted shares are stored for later retrieval. In one embodiment of the present invention, the system decrypts the data item by, receiving a plurality of new responses from the user, and attempting to decrypt the plurality of encrypted shares with the plurality of new responses.

Abstract: An apparatus for presenting components stored in stackable trays, and removing empty trays having a base member having an input and an output portion; a discharge area; a shuttle member which removes empty storage trays and places them in the discharge area.

Abstract: A process is disclosed for producing reinforced twin-sheet thermoformed articles comprising the steps of heating first and second sheets of thermoplastic material; forming the sheets in molds; heating a reinforcing insert of thermoplastic material; placing the heated insert on the first sheet in its mold at the location to be reinforced; pressing the second sheet into contact with the heated first sheet and the heated insert to form the insert between the sheets so that a fusion of the thermoplastic sheets and the insert takes place to produce a reinforced section of the article having a desired shape and thickness. Alternative processes are disclosed wherein a heated quantity of thermoplastic liquid material is extruded or injected between the first and second sheets within the first and second molds either by inserting the liquid material before the molds are closed or by injecting it through one of the molds.

Abstract: A process is disclosed for producing reinforced twin-sheet thermoformed articles comprising the steps of heating first and second sheets of thermoplastic material; forming the sheets in molds; heating a reinforcing insert of thermoplastic material; placing the heated insert on the first sheet in its mold at the location to be reinforced; pressing the second sheet into contact with the heated first sheet and the heated insert to form the insert between the sheets so that a fusion of the thermoplastic sheets and the insert takes place to produce a reinforced section of the article having a desired shape and thickness. Alternative processes are disclosed wherein a heated quantity of thermoplastic liquid material is extruded or injected between the first and second sheets within the first and second molds either by inserting the liquid material before the molds are closed or by injecting it through one of the molds.

Abstract: A process is disclosed for producing reinforced twin-sheet thermoformed articles comprising the steps of heating first and second sheets of thermoplastic material; forming the sheets in molds; heating a reinforcing insert of thermoplastic material; placing the heated insert on the first sheet in its mold at the location to be reinforced; pressing tile second sheet into contact with the heated first sheet and the heated insert to form the insert between tile sheets so that a fusion of the thermoplastic sheets and tile insert takes place to produce a reinforced section of the article having a desired shape and thickness. Alternative processes are disclosed wherein a heated quantity of thermoplastic liquid material is extruded or injected between the first and second sheets within the first and second molds either by inserting the liquid material before the molds are closed or by injecting it through one of the molds.

Abstract: Reinforced twin-sheet thermoformed articles are produced by heating first and second sheets of thermoplastic material; forming the sheets in molds; heating a reinforcing insert of thermoplastic material; placing the heated insert on the first sheet in its mold at the location to be reinforced; pressing the second sheet into contact with the heated first sheet and the heated insert to form the insert between the sheets so that a fusion of the thermoplastic sheets and the insert takes place to produce a reinforced section of the article having a desired shape and thickness. Alternatively, a heated quantity of thermoplastic liquid material may be extruded or injected between the first and second sheets within the first and second molds either by inserting the liquid material before the molds are closed or by injecting it through one of the molds.