US20100100743A1 - Natural Visualization And Routing Of Digital Signatures - Google Patents

Natural Visualization And Routing Of Digital Signatures Download PDF

Info

Publication number
US20100100743A1
US20100100743A1 US12/253,344 US25334408A US2010100743A1 US 20100100743 A1 US20100100743 A1 US 20100100743A1 US 25334408 A US25334408 A US 25334408A US 2010100743 A1 US2010100743 A1 US 2010100743A1
Authority
US
United States
Prior art keywords
signature
electronic document
graphic
digital
receiving
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US12/253,344
Inventor
Alnur Ali
Hyong Guk Kim
Alexander Malek
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Priority to US12/253,344 priority Critical patent/US20100100743A1/en
Publication of US20100100743A1 publication Critical patent/US20100100743A1/en
Assigned to MICROSOFT CORPORATION reassignment MICROSOFT CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: ALI, ALNUR, MALEK, ALEXANDER, KIM, HYONG GUK
Assigned to MICROSOFT TECHNOLOGY LICENSING, LLC reassignment MICROSOFT TECHNOLOGY LICENSING, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MICROSOFT CORPORATION
Priority to US14/966,146 priority patent/US9954683B2/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0457Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply dynamic encryption, e.g. stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/68Special signature format, e.g. XML format
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • digital signatures include a digital code that can be attached to an electronic document to uniquely identify the author. Like a written signature, the purpose of a digital signature is to guarantee that the individual signing (and subsequently sending the document to others) is who he or she claims to be.
  • users may “sign” an electronic document by clicking a “sign” button in an application program user interface to apply the digital signature.
  • the applied digital signature may include an identification of the name of the signer (e.g., “Signed by . . . ) as well as the date and time the signature was received by the application program. If an electronic document is to be signed by multiple signers, copies of the document may be e-mailed to each signer for receiving their signatures.
  • Embodiments are provided for securely visualizing and routing digital signatures in an electronic document generated by an application program executing on a computer system.
  • the application program may generate an electronic document for receiving a signature graphic.
  • a hash value may then be calculated from the electronic document including the signature graphic.
  • a digital signature object may be generated which includes the hash value and cryptographic data.
  • the digital signature object may be embedded in the electronic document as a cryptographic signature.
  • the electronic document including the signature graphic and the digital signature object may then be displayed to a user as a digital signature.
  • the application program may collect multiple digital signatures in an electronic document for routing to individual signers, one-by-one.
  • the application program may send a link to an electronic document to only one current signer identified by an unsigned signature line from among multiple signature lines available for receiving a digital signature in the electronic document.
  • the application program may further automatically select, from among the multiple signature lines, the unsigned signature line for receiving the digital signature from the current signer receiving the link to the electronic document.
  • the selected unsigned signature line is then made available for the current signer to sign.
  • the application program may send the link to the electronic document to other signers for signing the document, one-by-one, until each of the signatures for the electronic document has been received.
  • the application program may be utilized to display a user interface for generating and validating signature data for securely visualizing digital signatures in an electronic document.
  • the application program may display a first window for receiving a signature graphic or digital signature associated with a signer of the electronic document.
  • the application program may further displaying the received signature graphic in the first window, validate the received signature graphic against a digital signature object embedded in the electronic document, and display a second window for defining the display of a plurality of signature line properties for one or more signature lines displayed in the electronic document.
  • the signature line properties may include signature data which may further include a name of the signer of the electronic document, a title of the signer of the electronic document, or an electronic mail address associated with the signer of the electronic document.
  • the application program may further display, in the second window appearance options for displaying the signature graphic in the electronic document.
  • the appearance options may include a first option for displaying the signature graphic over the signature line, a second option for displaying the signature graphic as a stamp compatible with an Eastern signature format, and a third option for displaying a date that the electronic document was signed.
  • the application program may further display a third window for defining signature properties for the electronic document.
  • the signature properties may include user-selectable selectable options including: a first option for signing the entire electronic document, a second option for signing one or more identified portions of the electronic document, a third option for co-signing multiple signature lines in the electronic document, and a fourth option for counter-signing multiple signatures lines in the electronic document.
  • FIG. 1 is a block diagram illustrating the creation of secure digital signatures using a signature graphic, in accordance with various embodiments
  • FIG. 2 is a block diagram illustrating a computing environment which may be utilized for the visualization and routing of digital signatures, in accordance with various embodiments;
  • FIG. 3 is a flow diagram illustrating a routine for securely visualizing digital signatures in an electronic document generated by an application program, in accordance with one embodiment
  • FIG. 4 is a flow diagram illustrating a routine for collecting digital signatures for routing through an application program executing on a computer system, in accordance with an embodiment
  • FIG. 5 is a flow diagram illustrating a routine for collecting digital signatures for routing through an application program executing on a computer system, in accordance with an alternative embodiment
  • FIG. 6 is a computer screen display of an electronic document which may be utilized for collecting digital signatures in an electronic document, in accordance with an embodiment
  • FIG. 7 is a tree diagram illustrating a visual layout of an electronic document which is utilized to specify signature lines for receiving digital signatures from multiple signers during the collection of digital signatures in the electronic document, in accordance with an embodiment
  • FIG. 8 is a computer screen display of a user interface which may be utilized to receive a signature graphic for digitally signing an electronic document, in accordance with an embodiment
  • FIG. 9 is a computer screen display of a user interface which may be utilized to validate a digital signature in an electronic document, in accordance with an embodiment
  • FIG. 10 is a computer screen display of a user interface which may be utilized to invalidate a digital signature in an electronic document, in accordance with an embodiment
  • FIG. 11 is a computer screen display of a user interface which may be utilized to receive signature line properties which may be utilized in the collection and routing of digital signatures, in accordance with an embodiment
  • FIG. 12 is a computer screen display of a user interface which may be utilized to define the appearance of a digital signature in an electronic document, in accordance with an embodiment
  • FIG. 13 is a computer screen display of a user interface which may be utilized to specify portions of an electronic document for receiving digital signatures and to specify the interaction between multiple digital signatures in an electronic document, in accordance with an embodiment.
  • Embodiments are provided for securely visualizing and routing digital signatures in an electronic document generated by an application program executing on a computer system.
  • the application program may generate an electronic document for receiving a signature graphic.
  • a hash value may then be calculated from the electronic document including the signature graphic.
  • a digital signature object may be generated which includes the hash value and cryptographic data.
  • the digital signature object may be embedded in the electronic document as a cryptographic signature.
  • the electronic document including the signature graphic and the digital signature object may then be displayed to a user as a digital signature.
  • the application program may collect multiple digital signatures in an electronic document for routing to individual signers, one-by-one.
  • the application program may send a link to an electronic document to only one current signer identified by an unsigned signature line from among multiple signature lines available for receiving a digital signature in the electronic document.
  • the application program may further automatically select, from among the multiple signature lines, the unsigned signature line for receiving the digital signature from the current signer receiving the link to the electronic document.
  • the selected unsigned signature line is then made available for the current signer to sign.
  • the application program may send the link to the electronic document to other signers for signing the document, one-by-one, until each of the signatures for the electronic document has been received.
  • the application program may be utilized to display a user interface for generating and validating signature data for securely visualizing digital signatures in an electronic document.
  • the application program may display a first window for receiving a signature graphic or digital signature associated with a signer of the electronic document.
  • the application program may further displaying the received signature graphic in the first window, validate the received signature graphic against a digital signature object embedded in the electronic document, and display a second window for defining the display of a plurality of signature line properties for one or more signature lines displayed in the electronic document.
  • the signature line properties may include signature data which may further include a name of the signer of the electronic document, a title of the signer of the electronic document, or an electronic mail address associated with the signer of the electronic document.
  • the application program may further display, in the second window appearance options for displaying the signature graphic in the electronic document.
  • the appearance options may include a first option for displaying the signature graphic over the signature line, a second option for displaying the signature graphic as a stamp compatible with an Eastern signature format, and a third option for displaying a date that the electronic document was signed.
  • the application program may further display a third window for defining signature properties for the electronic document.
  • the signature properties may include user-selectable selectable options including: a first option for signing the entire electronic document, a second option for signing one or more identified portions of the electronic document, a third option for co-signing multiple signature lines in the electronic document, and a fourth option for counter-signing multiple signatures lines in the electronic document.
  • FIG. 1 is a block diagram illustrating the interaction between various software components for generating a secure digitally signed electronic document having a natural signature (signature graphic), in accordance with various embodiments.
  • the software components include an electronic document 60 which includes a signature graphic 62 .
  • the signature graphic 62 may include, without limitation, a handwritten signature (which may be received on a pen-based or tablet computing device) or a computer-based typewritten signature font.
  • the signature graphic may also be either in a Western signature format or an Eastern signature format.
  • signatures in Western signature formats are typically generated by scribbling or typing a series of characters in a left to right manner while Eastern signature formats, such as those used in Japan, are typically generated using a picture graphic such as a Hanko stamp (colloquially known as a “chop”).
  • a Hanko stamp colloquially known as a “chop”.
  • the software components further include a hash calculation module 64 for generating a hash value 66 from the electronic document 60 and the signature graphic 62 .
  • a hash value may be an alphanumeric value generated by a formula from input data in such a way that it is extremely unlikely that some other input data will produce the same hash value.
  • Various methods for generating hash values are well-known to those skilled in the art, and therefore are not discussed in further detail herein.
  • the software components further include cryptographic data 70 which includes private key data 72 , public key data 74 , and digital certificate data 76 .
  • cryptographic data 70 which includes private key data 72 , public key data 74 , and digital certificate data 76 .
  • various cryptographic encryption methods allow for the encryption of data using a public key infrastructure (“PKI”) for verifying and authenticating the validity of data.
  • PKI infrastructure may include a private key, a public key, and a digital certificate.
  • the private key data 72 may be utilized to encrypt the hash value 66 while the public key data 74 and the digital certificate data 76 may be added to the encrypted hash value 66 to create a digital signature object 78 which, as will be described in greater detail below in the discussion of FIGS.
  • the digital signature object 78 may be used to verify and authenticate a digital signature against a signature graphic in an electronic document.
  • the digital signature object 78 may also be embedded in the electronic document 60 as a cryptographic signature. It will be appreciate that the embedded digital signature object 78 and the signature graphic 62 form the digital signature for the electronic document 60 .
  • FIG. 2 the following discussion is intended to provide a brief, general description of a suitable computing environment in which various illustrative embodiments may be implemented. While various embodiments will be described in the general context of program modules that execute in conjunction with program modules that run on an operating system on a personal computer, those skilled in the art will recognize that the various embodiments may also be implemented in combination with other types of computer systems and program modules.
  • program modules include routines, programs, components, data structures, and other types of structures that perform particular tasks or implement particular abstract data types.
  • program modules may be located in both local and remote memory storage devices.
  • FIG. 2 shows the computer 2 which may include a general purpose desktop, laptop, handheld, tablet, or other type of computer capable of executing one or more application programs.
  • the computer 2 includes at least one central processing unit 8 (“CPU”), a system memory 12 , including a random access memory 18 (“RAM”) and a read-only memory (“ROM”) 20 , and a system bus 10 that couples the memory to the CPU 8 .
  • CPU central processing unit
  • RAM random access memory
  • ROM read-only memory
  • the computer 2 further includes a mass storage device 14 for storing an operating system 32 , an application program 50 , the electronic document 60 , the cryptographic data 70 , and metadata 80 .
  • the metadata 80 may include e-mail addresses 82 , titles 84 , and signer names 86 . As will be described in greater detail below, the metadata 80 may be used to facilitate the collection and routing of digital signatures in accordance with various embodiments.
  • the operating system 32 may be suitable for controlling the operation of a networked personal computer, such as the WINDOWS operating systems from MICROSOFT CORPORATION of Redmond, Wash.
  • the application program 50 may comprise various productivity application programs including, but not limited to, word processing application programs, spreadsheet application programs and information gathering programs which are used in the creation and routing (e.g., via electronic mail) electronic documents.
  • the application program 50 may be utilized to securely generate and visualize digital signatures in an electronic document, collect multiple digital signatures in an electronic document for routing to individual signers, and display a user interface for generating and validating signature data for securely visualizing digital signatures in an electronic document.
  • the mass storage device 14 is connected to the CPU 8 through a mass storage controller (not shown) connected to the bus 10 .
  • the mass storage device 14 and its associated computer-readable media provide non-volatile storage for the computer 2 .
  • computer-readable media can be any available media that can be accessed or utilized by the computer 2 .
  • computer-readable media may comprise computer storage media and communication media.
  • Computer storage media includes volatile and non-volatile, removable and non-removable hardware storage media implemented in any physical method or technology for the storage of information such as computer-readable instructions, data structures, program modules or other data.
  • Computer storage media includes, but is not limited to, RAM, ROM, EPROM, EEPROM, flash memory or other solid state memory technology, CD-ROM, digital versatile disks (“DVD”), or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, which can be used to store the desired information and which can be accessed by the computer 2 .
  • Communication media typically embodies computer-readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media.
  • modulated data signal means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal.
  • communication media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared, and other wireless media. Combinations of any of the above should also be included within the scope of computer-readable media.
  • Computer-readable media may also be referred to as a computer program product.
  • the computer 2 may operate in a networked environment using logical connections to remote computers through a network 4 , such as a local network or a wide area network (e.g., the Internet), for example.
  • the computer 2 may connect to the network 4 through a network interface unit 16 connected to the bus 10 .
  • the computer 2 may be in communication with one or more remote servers hosting a shared services platform such as the SHAREPOINT SERVER platform from Microsoft Corporation of Redmond, Wash.
  • the network interface unit 16 may also be utilized to connect to other types of networks and remote computing systems.
  • the computer 2 may also include an input/output controller 22 for receiving and processing input from a number of input types, including a keyboard, mouse, pen, stylus, finger, and/or other means. Similarly, an input/output controller 22 may provide output to a display device 70 , a printer, or other type of output device. Additionally, a touch screen can serve as an input and an output mechanism.
  • an input/output controller 22 for receiving and processing input from a number of input types, including a keyboard, mouse, pen, stylus, finger, and/or other means.
  • an input/output controller 22 may provide output to a display device 70 , a printer, or other type of output device.
  • a touch screen can serve as an input and an output mechanism.
  • FIG. 3 is a flow diagram 3 illustrating a routine 300 for securely visualizing digital signatures in an electronic document generated by an application program, in accordance with an embodiment
  • the routine 300 begins at operation 305 , where the application program 50 executing on the computer 2 receives a signature graphic (such as the signature graphic 62 discussed above with respect to FIG. 1 ) in the electronic document 60 .
  • a signature graphic such as the signature graphic 62 discussed above with respect to FIG. 1
  • the application program 50 may be configured to allow a user to enter a signature graphic directly over a signature line already present in the electronic document or alternatively, generate a user interface for inserting one or more types of signature graphics in the electronic document 60 .
  • a user of the application program 50 may directly write his or signature above a signature line in the electronic document 60 using a pen, stylus, or touchscreen input device connected to or integrated with a tablet computer.
  • the user may use the user interface to enter a typewritten signature (e.g., in a signature font) or retrieve a previously stored image file comprising a signature stored on the computer 2 which may then be entered into the electronic document 60 as a signature graphic.
  • a typewritten signature e.g., in a signature font
  • retrieve a previously stored image file comprising a signature stored on the computer 2 which may then be entered into the electronic document 60 as a signature graphic.
  • An illustrative user interface for entering a signature in accordance with an embodiment is shown in FIG. 8 and will be discussed in greater detail below.
  • the routine 300 continues to operation 310 , where the application program 50 determines whether the signature graphic entered into the electronic document 60 is in a compatible file format for the hash calculation module 64 (discussed above with respect to FIG. 1 ).
  • the hash calculation module 64 may be configured to receive a signature graphic as a Portable Network Graphics (“PNG”) image file. If at operation 310 , the application program 50 determines that the signature graphic is not in a compatible file format, then the routine 300 continues to operation 315 where the application program 50 converts the signature graphic into a compatible file format for inputting into the hash calculation module 64 .
  • PNG Portable Network Graphics
  • the routine 300 continues to operation 315 where the application program 50 converts the signature graphic into a compatible file format for inputting into the hash calculation module 64 .
  • Various methods for converting images into different image file formats are well-known to those skilled in the art, and therefore are not discussed in further detail herein. From operation 315 , the routine 300 continues to operation 320 . If however, at operation 310
  • the application program 50 calculates a hash value from the electronic document 60 including the inserted signature graphic.
  • the application program 50 may configured with the hash calculation module 64 (discussed above with respect to FIG. 1 ) and may utilize the hash calculation module 64 to receive the electronic document 60 (including the signature graphic) as an input and calculate an alphanumeric hash value from the received input.
  • routine 300 continues to operation 325 where the application program 50 encrypts the hash value with private key cryptographic data, such as the private key data 72 discussed above with respect to FIG. 1 .
  • routine 300 continues to operation 330 where the application program 50 adds digital certificate and public key cryptographic data (such as the digital certificate data 78 and the public key data 76 discussed above with respect to FIG. 1 ) to the encrypted hash value generated at operation 325 in order to generate a digital signature object (such as the digital signature object 78 discussed above with respect to FIG. 1 ).
  • digital certificate and public key cryptographic data such as the digital certificate data 78 and the public key data 76 discussed above with respect to FIG. 1
  • the routine 300 continues to operation 335 where the application program 50 embeds the digital signature object into the electronic document 60 .
  • the digital signature object may be embedded into the electronic document 60 as hidden program code which is not seen by a user viewing the electronic document 60 .
  • the digital signature object may represent a cryptographic signature which is paired along with the currently displayed signature graphic in the electronic document to create a cryptographically secure digital signature.
  • routine 300 continues to operation 340 where the application program 50 displays the digitally signed electronic document 60 to a user.
  • the routine 300 continues to operation 345 where the application program 50 verifies or validates the digital signature by comparing a new or subsequent hash value calculated from the electronic document 60 to the hash value used in the digital signature object generated at operation 330 .
  • the application program 50 may be utilized to determine if the signature graphic in the electronic document 60 has been modified and if so, use a hash value calculated from the modified signature graphic invalidate the digitally signed document.
  • the routine 300 continues to operation 350 , where the application program 50 determines whether a hash value calculated from a currently displayed signature graphic in the electronic document 60 matches a previously calculated hash value used in determining the digital signature object currently embedded in the electronic document 60 .
  • the application program 50 may be configured to utilize the unencrypted hash value used to create the digital signature object and compare that value to a hash value generated from a currently displayed signature graphic in the electronic document 60 . If, at operation 350 , the application program 50 determines that the hash values match, then the routine 300 continues to operation 355 where the application program 50 validates the digital signature as authentic (i.e., the signature graphic currently displayed in the electronic document 60 is the same as the signature graphic utilized in generating the digital signature object). If however, at operation 350 , the application program 50 determines that the hash values do not match, then the routine 300 branches from operation 350 to operation 360 .
  • a digital signature may be modified when a user modifies or changes a signature graphic utilized to generate the digital signature object or cryptographic signature in an electronic document. For example, if a signer subsequent to the original signer of the digitally signed electronic document 60 modifies the signature graphic displayed in the document in an effort to pose as the original signer (e.g., by replacing the original signature graphic with the subsequent user's signature graphic), the calculated hash value for the modified signature graphic will be different than that calculated for the original signer. As a result, the hash values will not match and the digital signature for the document will be invalidated.
  • the application program 50 may be configured to generate a user interface for displaying to a user whether or not a digitally signed document is valid.
  • An illustrative user interface showing a successful validation of a digital signature is shown in FIG. 9 and will be discussed in greater detail below.
  • an illustrative user interface showing an invalidation of a digital signature is shown in FIG. 10 which will also be discussed in greater detail below. From operations 355 and 360 , the routine 300 then ends.
  • FIG. 4 is a flow diagram illustrating a routine 400 for collecting digital signatures for routing through an application program executing on a computer system, in accordance with an embodiment.
  • the routine 400 begins at operation 405 , where the application program 50 executing on the computer 2 converts an electronic document (e.g., the electronic document 600 shown in FIG. 6 ) containing multiple signature lines into a markup language node tree.
  • an electronic document e.g., the electronic document 600 shown in FIG. 6
  • An illustrative computer screen display illustrating an electronic document with multiple signature lines is shown in FIG. 6 and will be discussed in greater detail below.
  • An illustrative markup language node tree is shown in FIG. 7 which will also be discussed in greater detail below.
  • the application program 50 may be configured to convert the electronic document into one of a number of markup language formats including, but not limited to, the hypertext markup language (“HTML”) and the extensible markup language (“XML”) formats.
  • the application program 50 may organize the converted markup language into a node tree.
  • various markup languages including HTML and XML comprise nodes which by definition conform to a tree structure.
  • the application program 50 may be configured to map the visual layout of the electronic document into a tree layout of nodes that may be traversed using graph-theoretic methods. As will be discussed in greater detail herein, the tree layout may be utilized to determine an order for collecting digital signatures in an electronic document.
  • the routine 400 continues to operation 410 , where the application program 50 traverses the nodes in the node tree to determine a visual layout of the signature lines in the electronic document.
  • the application program 50 may be configured to perform a pre-order traversal of the node tree which may include a visual left-to-right traversal or a right-to-left traversal.
  • the pre-order traversal may be performed by accessing an HTML document object model (“DOM”). It will further be understood that the pre-order traversal may be the same as a depth-first search of a DOM except that the search doesn't terminate until the entire tree is examined.
  • the routine 400 continues to operation 415 , where the application program 50 assigns a number to each node corresponding to the visual layout of the signature lines in the electronic document.
  • the application program 50 may keep a count of the order in which each node (corresponding to a signature line) is visually displayed. It should be understood that in accordance with various embodiments, the operations 405 - 415 discussed above may be performed as the electronic document is being authored but prior to any signatures being received.
  • the routine 400 continues to operation 420 where the application program 50 sends a link to the electronic document to a current signer in the electronic document for receiving a digital signature.
  • the application program 50 may be configured to collect signatures for the electronic document by e-mailing a uniform resource locator (“URL”) for accessing the electronic document to each signer, one signer at a time, who has not yet digitally signed the electronic document (i.e., the current signer) in the order determined in operation 415 .
  • URL uniform resource locator
  • routine 400 continues to operation 425 where the application program 50 traverses the visual layout of signature lines in the node tree for previously received digital signatures in order to determine a correct signature line for receiving a digital signature for the current signer.
  • the routine 400 continues to operation 430 where the application program 50 selects the first unsigned signature line in the electronic document as the signature line for digitally signing by the current signer.
  • the application program 50 may be configured to display a visual indicator (such as an icon) in the electronic document to identify the selected signature line for the receiving the digital signature of the current signer.
  • routine 400 continues to operation 435 where the application program 50 receives the digital signature of the current signer.
  • the digital signature may be received using the routine 300 described above with respect to FIG. 3 .
  • the routine 400 continues to operation 440 where the application program 50 determines if more unsigned signature lines are present in the electronic document. If, at operation 440 , the application program determines that more signature lines in the electronic document remain unsigned, then the routine 400 continues to operation 445 where the routine 400 returns to operation 420 where the link to the electronic document is sent to the next signer identified by the next or higher numbered signature line in the visual layout of signature lines in the node tree as compared to the previously signed signature line in the electronic document. If however, at operation 440 , the application program 50 determines that all of the signature lines in the electronic document have been signed, then the routine 400 then ends.
  • FIG. 5 is a flow diagram illustrating a routine 500 for collecting digital signatures for routing through an application program executing on a computer system, in accordance with an alternative embodiment.
  • the routine 500 begins at operation 505 , where the application program 50 executing on the computer 2 receives metadata (such as the metadata 80 discussed with respect to FIG. 2 ) for appending to multiple signature lines in an electronic document (e.g., the electronic document 600 shown in FIG. 6 ).
  • the application program 50 may be configured to append the metadata 80 to specify the intended signer name, e-mail address, and title for each signature line in an electronic document generated to collect signatures from multiple signers.
  • the metadata 80 may also be utilized to infer a signature line (i.e., position inference) for each signer to sign upon receiving the electronic document. It should be understood that in accordance with various embodiments, the operation 505 discussed above may be performed as the electronic document is being authored but prior to any signatures being received.
  • the routine 500 continues to operation 510 , where the application program 50 sends a link to the electronic document to a current signer in the electronic document for receiving a digital signature.
  • the application program 50 may be configured to collect signatures for the electronic document by e-mailing a uniform resource locator (“URL”) for accessing the electronic document to each signer, one signer at a time, who has not yet digitally signed the electronic document (i.e., the current signer is the recipient of the link to the electronic document).
  • URL uniform resource locator
  • routine 500 continues to operation 515 where the application program 50 selects an identifier contained within the metadata 80 for each signature line in the electronic document.
  • the application program 50 my be configured to select or retrieve e-mail addresses 82 , titles 84 , and signer names 86 from the metadata 80 shown in FIG. 2 .
  • the routine 500 continues to operation 520 where the application program 50 selects a signature line having an identifier matching an e-mail address or a title determined for the current signer (i.e., the signer receiving the link to the electronic document at operation 510 ).
  • the application program 50 may be configured to compare the e-mail address used to send the link to the electronic document for receiving a digital signature to an e-mail address in the e-mail addresses 82 metadata for each of the signature lines in the electronic document.
  • the signature line in the electronic document which matches the e-mail address of the current signer may be selected as the signature line for receiving the digital signature.
  • the application program 50 may be configured to select a signature line based on an organizational hierarchy by using the titles 84 metadata.
  • the application program 50 may be configured to compare the title (e.g., general manager, program manager, etc.) of the current signer to the titles in the titles 84 metadata appended to the signature lines in the electronic document.
  • the signature line which matches the current signer's title may then be selected as the signature line for receiving the digital signature of the current signer.
  • the title for the current signer may be obtained by accessing a network directory lookup service such as the ACTIVE DIRECTORY directory service from Microsoft Corporation of Redmond, Wash.
  • a user identification (e.g., the current signer's initials) for the current signer for using the application program 50 on the computer 2 may be utilized by the application program 50 to access directory service information about the current signer including the current signer's title in an organizational hierarchy.
  • the application program 50 may be configured to select a signature line based on the current signer's name using the signer names 86 metadata.
  • the application program 50 may be configured to convert the singer names 86 metadata appended to the signature lines e-mail addresses using the network directory lookup service.
  • the application program 50 may then select the signature line in the electronic document which matches the e-mail address used to send the link to the electronic document to the current signer.
  • the signature line may be identified to the current signer by configuring the application program 50 to display a visual indicator (such as an icon) in the electronic document to identify the selected signature line for the receiving the digital signature of the current signer.
  • routine 500 continues to operation 525 where the application program 50 receives the digital signature of the current signer.
  • the digital signature may be received using the routine 300 described above with respect to FIG. 3 .
  • the routine 500 continues to operation 530 where the application program 50 determines if more unsigned signature lines are present in the electronic document. If, at operation 530 , the application program determines that more signature lines in the electronic document remain unsigned, then the routine 500 continues to operation 535 where the routine 500 returns to operation 510 where the link to the electronic document is sent to another signer. If however, at operation 530 , the application program 50 determines that all of the signature lines in the electronic document have been signed, then the routine 500 then ends.
  • FIG. 6 is a computer screen display of an electronic document 600 generated by the application program 50 which may be utilized for collecting digital signatures, in accordance with an embodiment.
  • the electronic document 600 includes signature sections 610 , 620 , 630 , 640 , 650 , 660 , and 670 for collecting multiple digital signatures.
  • Each of the signature sections 610 , 620 , 640 , 650 , 660 , and 670 displays a title for the intended signer, a signature line, and an intended signer name.
  • the signature section 630 displays a signature line for receiving a signature in an Eastern signature format (such as a Hanko stamp).
  • the signature sections 610 , 620 , 640 , 650 , 660 , and 670 may only display a title for each intended signer without displaying the intended signer name.
  • digital signatures may be collected from the intended signers by using an organizational hierarchy as discussed above with respect to operation 520 of FIG. 5 .
  • the electronic document 600 also displays a user control 615 .
  • the user control 615 may be selected by a signer to open a user interface to enter a signature graphic to be displayed on a signature line and to further digitally sign the electronic document.
  • An illustrative user interface for signing the electronic document 600 is shown in FIG. 8 which will be discussed in greater detail below.
  • FIG. 7 is a tree diagram 700 illustrating a visual layout of an electronic document which is utilized to specify signature lines for receiving digital signatures from multiple signers during the collection of digital signatures in the electronic document, in accordance with an embodiment.
  • the application program 50 may be configured to convert an electronic document (e.g., the electronic document 600 shown in FIG. 6 ) containing multiple signature lines into markup language according to a markup language format (e.g., HTML or XML).
  • the markup language may then be organized into the tree diagram 700 by the application program 50 .
  • the electronic document 600 may be converted into HTML as shown below:
  • the tree diagram 700 consists of nodes 705 , 710 , 715 , 720 , 725 , 730 , 735 , 740 , 745 , 750 , and 755 , each of which is mapped to the HTML code shown above.
  • the tree diagram 700 provides a visual layout of the electronic document 600 that may be traversed using graph-theoretic methods and may be utilized to determine an order for collecting digital signatures as discussed above with respect to FIG. 4 .
  • FIG. 8 is a computer screen display of a user interface 800 , generated by the application program 50 , which may be utilized to receive a signature graphic for digitally signing an electronic document, in accordance with an embodiment.
  • the user interface 800 includes a signature box 810 for a signer to type in a signature to be used as the signature graphic.
  • the user interface 800 also includes a user control 820 for a signer to retrieve a previously stored image file to be used as the signature graphic.
  • the user interface 800 also includes a Sign button 830 for digitally signing an electronic document using the selected signature graphic.
  • FIG. 9 is a computer screen display of a user interface 900 , generated by the application program 50 , which may be utilized to validate a digital signature in an electronic document, in accordance with an embodiment.
  • the user interface 900 displays a validation message 910 for a signature graphic 910 which has been applied to an electronic document for digitally signing the electronic document.
  • the user interface 900 displaying the validation message 910 may be generated by the application program 50 upon the completion of the validation operation 355 discussed above with respect to FIG. 3 .
  • FIG. 10 is a computer screen display of a user interface 1000 , generated by the application program 50 , which may be utilized to invalidate a digital signature in an electronic document, in accordance with an embodiment.
  • the user interface 1000 displays a validation message 1010 for a signature graphic which has been applied to an electronic document for digitally signing the electronic document.
  • the user interface 1000 displaying the validation message 1010 may be generated by the application program 50 upon the completion of the invalidation operation 360 discussed above with respect to FIG. 3 .
  • FIG. 11 is a computer screen display of a user interface 1100 , generated by the application program 50 , which may be utilized to receive signature line properties which may be utilized in the collection and routing of digital signatures, in accordance with an embodiment.
  • the user interface 100 includes a General tab 1111 , and input boxes 1120 , 1130 , and 1140 for receiving a Singer name, a Signer title, and a Signer e-mail address.
  • the input boxes 1120 , 1130 , and 1140 may be utilized by the author of an electronic document to create the metadata 80 which is appended to signature lines to specify the intended signer name, e-mail address, and title for each signature line in the electronic document.
  • the metadata 80 may be utilized to infer a signature line (i.e., position inference) for each signer to sign upon receiving the electronic document.
  • FIG. 12 is a computer screen display of a user interface 1200 , generated by the application program 50 , which may be utilized to define the appearance of a digital signature in an electronic document, in accordance with an embodiment.
  • the user interface 1200 includes a Display tab 1210 , an Appearance checkbox 1120 for showing a signed date, an Appearance radio or option button 1230 for showing a signature line, and an Appearance radio or option button 1240 for showing a stamp for signing an electronic document in an Eastern signature format.
  • FIG. 13 is a computer screen display of a user interface 1300 , generated by the application program 50 , which may be utilized to specify portions of an electronic document for receiving digital signatures and to specify the interaction between multiple digital signatures in an electronic document, in accordance with an embodiment.
  • the user interface 1300 includes a Signature properties tab 1310 and radio or option buttons 1320 and 1330 which may be selected to specify signing an entire electronic document (e.g., a form) or signing parts of the electronic document.
  • the user interface 1300 further includes input boxes 1332 , 1334 , and 1336 which may be utilized to specify the parts of the electronic document to be signed.
  • the input box 1332 may be utilized to type in a name for the data that can be signed
  • the input box 1334 may be utilized to specify fields and groups in the electronic document to be signed
  • input box 1336 may be utilized to specify a group for storing digital signatures.
  • the user interface 1300 further includes radio or option buttons 1340 and 1342 which may be selected to specify how multiple digital signatures received in an electronic document may interact.
  • the radio or option button 1340 may be selected to specify that all of the digital signatures are independent of one another (i.e., a co-signing arrangement) while the radio or option button 1342 may be selected to specify that each digital signature sings the previous digital signature (i.e., a counter-signing arrangement).

Abstract

Embodiments are provided for securely visualizing and routing digital signatures in an electronic document generated by an application program executing on a computer system. The application program may generate an electronic document for receiving a signature graphic, and calculate a hash value from the electronic document and the signature graphic, and create a cryptographic signature from the hash value using a cryptographic encryption method. The electronic document is digitally signed by embedding the cryptographic signature therein. The application program may further collect and route digital signatures by automatically collecting signatures from individual signers, one-by-one, and identify the appropriate signature line for each signer to sign. The application program may further generate a user interface for creating and collecting digital signatures.

Description

    BACKGROUND
  • Many software applications allow users to digitally sign electronic documents as a means to make paper-based signatures more secure. Typically, digital signatures include a digital code that can be attached to an electronic document to uniquely identify the author. Like a written signature, the purpose of a digital signature is to guarantee that the individual signing (and subsequently sending the document to others) is who he or she claims to be. Typically, users may “sign” an electronic document by clicking a “sign” button in an application program user interface to apply the digital signature. The applied digital signature may include an identification of the name of the signer (e.g., “Signed by . . . ) as well as the date and time the signature was received by the application program. If an electronic document is to be signed by multiple signers, copies of the document may be e-mailed to each signer for receiving their signatures.
  • Current methods of applying and collecting digital signatures however, suffer from several drawbacks. One drawback in the application of digital signatures is that many application programs do not allow the use of natural signature graphics (i.e., script or handwritten signatures) when digitally signing electronic documents. While some application programs do allow for a user to copy and paste digital signatures directly into an electronic document, these signatures are not cryptographically secure as the application programs allow anyone to easily replace the signature graphic of the original signer with that of another user. One drawback with the collection of digital signatures is that current methods of sending out multiple copies of an electronic document to multiple signers incur problems with managing the various versions of the document, merging edits to the document (different signers may edit the document differently), and finding the position on the document where the document author intended each signer to sign (the signer may need to read through lines of text to find the appropriate place for receiving their signature). Currently, these problems must be addressed manually resulting in wasted time and resources in collecting all of the signatures. It is with respect to these considerations and others that the various embodiments of the present invention have been made.
    • SUMMARY
  • This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended as an aid in determining the scope of the claimed subject matter.
  • Embodiments are provided for securely visualizing and routing digital signatures in an electronic document generated by an application program executing on a computer system. The application program may generate an electronic document for receiving a signature graphic. A hash value may then be calculated from the electronic document including the signature graphic. A digital signature object may be generated which includes the hash value and cryptographic data. The digital signature object may be embedded in the electronic document as a cryptographic signature. The electronic document including the signature graphic and the digital signature object may then be displayed to a user as a digital signature.
  • In another embodiment, the application program may collect multiple digital signatures in an electronic document for routing to individual signers, one-by-one. The application program may send a link to an electronic document to only one current signer identified by an unsigned signature line from among multiple signature lines available for receiving a digital signature in the electronic document. The application program may further automatically select, from among the multiple signature lines, the unsigned signature line for receiving the digital signature from the current signer receiving the link to the electronic document. The selected unsigned signature line is then made available for the current signer to sign. Once the current signer's signature is received, the application program may send the link to the electronic document to other signers for signing the document, one-by-one, until each of the signatures for the electronic document has been received.
  • In yet another embodiment, the application program may be utilized to display a user interface for generating and validating signature data for securely visualizing digital signatures in an electronic document. The application program may display a first window for receiving a signature graphic or digital signature associated with a signer of the electronic document. The application program may further displaying the received signature graphic in the first window, validate the received signature graphic against a digital signature object embedded in the electronic document, and display a second window for defining the display of a plurality of signature line properties for one or more signature lines displayed in the electronic document. The signature line properties may include signature data which may further include a name of the signer of the electronic document, a title of the signer of the electronic document, or an electronic mail address associated with the signer of the electronic document. The application program may further display, in the second window appearance options for displaying the signature graphic in the electronic document. The appearance options may include a first option for displaying the signature graphic over the signature line, a second option for displaying the signature graphic as a stamp compatible with an Eastern signature format, and a third option for displaying a date that the electronic document was signed. The application program may further display a third window for defining signature properties for the electronic document. The signature properties may include user-selectable selectable options including: a first option for signing the entire electronic document, a second option for signing one or more identified portions of the electronic document, a third option for co-signing multiple signature lines in the electronic document, and a fourth option for counter-signing multiple signatures lines in the electronic document.
  • These and other features and advantages will be apparent from a reading of the following detailed description and a review of the associated drawings. It is to be understood that both the foregoing general description and the following detailed description are illustrative only and are not restrictive of the invention as claimed.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a block diagram illustrating the creation of secure digital signatures using a signature graphic, in accordance with various embodiments;
  • FIG. 2 is a block diagram illustrating a computing environment which may be utilized for the visualization and routing of digital signatures, in accordance with various embodiments;
  • FIG. 3 is a flow diagram illustrating a routine for securely visualizing digital signatures in an electronic document generated by an application program, in accordance with one embodiment;
  • FIG. 4 is a flow diagram illustrating a routine for collecting digital signatures for routing through an application program executing on a computer system, in accordance with an embodiment;
  • FIG. 5 is a flow diagram illustrating a routine for collecting digital signatures for routing through an application program executing on a computer system, in accordance with an alternative embodiment;
  • FIG. 6 is a computer screen display of an electronic document which may be utilized for collecting digital signatures in an electronic document, in accordance with an embodiment;
  • FIG. 7 is a tree diagram illustrating a visual layout of an electronic document which is utilized to specify signature lines for receiving digital signatures from multiple signers during the collection of digital signatures in the electronic document, in accordance with an embodiment;
  • FIG. 8 is a computer screen display of a user interface which may be utilized to receive a signature graphic for digitally signing an electronic document, in accordance with an embodiment;
  • FIG. 9 is a computer screen display of a user interface which may be utilized to validate a digital signature in an electronic document, in accordance with an embodiment;
  • FIG. 10 is a computer screen display of a user interface which may be utilized to invalidate a digital signature in an electronic document, in accordance with an embodiment;
  • FIG. 11 is a computer screen display of a user interface which may be utilized to receive signature line properties which may be utilized in the collection and routing of digital signatures, in accordance with an embodiment;
  • FIG. 12 is a computer screen display of a user interface which may be utilized to define the appearance of a digital signature in an electronic document, in accordance with an embodiment; and
  • FIG. 13 is a computer screen display of a user interface which may be utilized to specify portions of an electronic document for receiving digital signatures and to specify the interaction between multiple digital signatures in an electronic document, in accordance with an embodiment.
    •  DETAILED DESCRIPTION
  • Embodiments are provided for securely visualizing and routing digital signatures in an electronic document generated by an application program executing on a computer system. The application program may generate an electronic document for receiving a signature graphic. A hash value may then be calculated from the electronic document including the signature graphic. A digital signature object may be generated which includes the hash value and cryptographic data. The digital signature object may be embedded in the electronic document as a cryptographic signature. The electronic document including the signature graphic and the digital signature object may then be displayed to a user as a digital signature.
  • In another embodiment, the application program may collect multiple digital signatures in an electronic document for routing to individual signers, one-by-one. The application program may send a link to an electronic document to only one current signer identified by an unsigned signature line from among multiple signature lines available for receiving a digital signature in the electronic document. The application program may further automatically select, from among the multiple signature lines, the unsigned signature line for receiving the digital signature from the current signer receiving the link to the electronic document. The selected unsigned signature line is then made available for the current signer to sign. Once the current signer's signature is received, the application program may send the link to the electronic document to other signers for signing the document, one-by-one, until each of the signatures for the electronic document has been received.
  • In yet another embodiment, the application program may be utilized to display a user interface for generating and validating signature data for securely visualizing digital signatures in an electronic document. The application program may display a first window for receiving a signature graphic or digital signature associated with a signer of the electronic document. The application program may further displaying the received signature graphic in the first window, validate the received signature graphic against a digital signature object embedded in the electronic document, and display a second window for defining the display of a plurality of signature line properties for one or more signature lines displayed in the electronic document. The signature line properties may include signature data which may further include a name of the signer of the electronic document, a title of the signer of the electronic document, or an electronic mail address associated with the signer of the electronic document. The application program may further display, in the second window appearance options for displaying the signature graphic in the electronic document. The appearance options may include a first option for displaying the signature graphic over the signature line, a second option for displaying the signature graphic as a stamp compatible with an Eastern signature format, and a third option for displaying a date that the electronic document was signed. The application program may further display a third window for defining signature properties for the electronic document. The signature properties may include user-selectable selectable options including: a first option for signing the entire electronic document, a second option for signing one or more identified portions of the electronic document, a third option for co-signing multiple signature lines in the electronic document, and a fourth option for counter-signing multiple signatures lines in the electronic document. Referring now to the drawings, in which like numerals represent like elements, various illustrative embodiments will now be described.
  • FIG. 1 is a block diagram illustrating the interaction between various software components for generating a secure digitally signed electronic document having a natural signature (signature graphic), in accordance with various embodiments. The software components include an electronic document 60 which includes a signature graphic 62. As defined herein, the signature graphic 62 may include, without limitation, a handwritten signature (which may be received on a pen-based or tablet computing device) or a computer-based typewritten signature font. In accordance with various embodiments, the signature graphic may also be either in a Western signature format or an Eastern signature format. It will be appreciated that signatures in Western signature formats, such as those used in the United States, are typically generated by scribbling or typing a series of characters in a left to right manner while Eastern signature formats, such as those used in Japan, are typically generated using a picture graphic such as a Hanko stamp (colloquially known as a “chop”).
  • The software components further include a hash calculation module 64 for generating a hash value 66 from the electronic document 60 and the signature graphic 62. As should be understood by those skilled in the art, a hash value may be an alphanumeric value generated by a formula from input data in such a way that it is extremely unlikely that some other input data will produce the same hash value. Various methods for generating hash values are well-known to those skilled in the art, and therefore are not discussed in further detail herein.
  • The software components further include cryptographic data 70 which includes private key data 72, public key data 74, and digital certificate data 76. As known to those skilled in the art, various cryptographic encryption methods allow for the encryption of data using a public key infrastructure (“PKI”) for verifying and authenticating the validity of data. The PKI infrastructure may include a private key, a public key, and a digital certificate. In accordance with various embodiments, the private key data 72 may be utilized to encrypt the hash value 66 while the public key data 74 and the digital certificate data 76 may be added to the encrypted hash value 66 to create a digital signature object 78 which, as will be described in greater detail below in the discussion of FIGS. 2-3, may be used to verify and authenticate a digital signature against a signature graphic in an electronic document. The digital signature object 78 may also be embedded in the electronic document 60 as a cryptographic signature. It will be appreciate that the embedded digital signature object 78 and the signature graphic 62 form the digital signature for the electronic document 60.
    • Exemplary Operating Environment
  • Referring now to FIG. 2, the following discussion is intended to provide a brief, general description of a suitable computing environment in which various illustrative embodiments may be implemented. While various embodiments will be described in the general context of program modules that execute in conjunction with program modules that run on an operating system on a personal computer, those skilled in the art will recognize that the various embodiments may also be implemented in combination with other types of computer systems and program modules.
  • Generally, program modules include routines, programs, components, data structures, and other types of structures that perform particular tasks or implement particular abstract data types. Moreover, those skilled in the art will appreciate that the various embodiments may be practiced with other computer system configurations, including hand-held devices, multiprocessor systems, microprocessor-based or programmable consumer electronics, minicomputers, mainframe computers, and the like. The various embodiments may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote memory storage devices.
  • FIG. 2 shows the computer 2 which may include a general purpose desktop, laptop, handheld, tablet, or other type of computer capable of executing one or more application programs. The computer 2 includes at least one central processing unit 8 (“CPU”), a system memory 12, including a random access memory 18 (“RAM”) and a read-only memory (“ROM”) 20, and a system bus 10 that couples the memory to the CPU 8. A basic input/output system containing the basic routines that help to transfer information between elements within the computer, such as during startup, is stored in the ROM 20.
  • The computer 2 further includes a mass storage device 14 for storing an operating system 32, an application program 50, the electronic document 60, the cryptographic data 70, and metadata 80. The metadata 80 may include e-mail addresses 82, titles 84, and signer names 86. As will be described in greater detail below, the metadata 80 may be used to facilitate the collection and routing of digital signatures in accordance with various embodiments.
  • In accordance with various embodiments, the operating system 32 may be suitable for controlling the operation of a networked personal computer, such as the WINDOWS operating systems from MICROSOFT CORPORATION of Redmond, Wash. The application program 50 may comprise various productivity application programs including, but not limited to, word processing application programs, spreadsheet application programs and information gathering programs which are used in the creation and routing (e.g., via electronic mail) electronic documents. In accordance with various embodiments (which will be described in greater detail in the discussion of FIGS. 2-13), the application program 50 may be utilized to securely generate and visualize digital signatures in an electronic document, collect multiple digital signatures in an electronic document for routing to individual signers, and display a user interface for generating and validating signature data for securely visualizing digital signatures in an electronic document.
  • The mass storage device 14 is connected to the CPU 8 through a mass storage controller (not shown) connected to the bus 10. The mass storage device 14 and its associated computer-readable media provide non-volatile storage for the computer 2. Although the description of computer-readable media contained herein refers to a mass storage device, such as a hard disk or CD-ROM drive, it should be appreciated by those skilled in the art that computer-readable media can be any available media that can be accessed or utilized by the computer 2. By way of example, and not limitation, computer-readable media may comprise computer storage media and communication media.
  • Computer storage media includes volatile and non-volatile, removable and non-removable hardware storage media implemented in any physical method or technology for the storage of information such as computer-readable instructions, data structures, program modules or other data. Computer storage media includes, but is not limited to, RAM, ROM, EPROM, EEPROM, flash memory or other solid state memory technology, CD-ROM, digital versatile disks (“DVD”), or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, which can be used to store the desired information and which can be accessed by the computer 2. Communication media typically embodies computer-readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media. The term “modulated data signal” means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal. By way of example, and not limitation, communication media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared, and other wireless media. Combinations of any of the above should also be included within the scope of computer-readable media. Computer-readable media may also be referred to as a computer program product.
  • According to various embodiments of the invention, the computer 2 may operate in a networked environment using logical connections to remote computers through a network 4, such as a local network or a wide area network (e.g., the Internet), for example. The computer 2 may connect to the network 4 through a network interface unit 16 connected to the bus 10. It should be appreciated by those skilled in the art that when operating in a networked environment, the computer 2 may be in communication with one or more remote servers hosting a shared services platform such as the SHAREPOINT SERVER platform from Microsoft Corporation of Redmond, Wash. It should be appreciated that the network interface unit 16 may also be utilized to connect to other types of networks and remote computing systems. The computer 2 may also include an input/output controller 22 for receiving and processing input from a number of input types, including a keyboard, mouse, pen, stylus, finger, and/or other means. Similarly, an input/output controller 22 may provide output to a display device 70, a printer, or other type of output device. Additionally, a touch screen can serve as an input and an output mechanism.
  • FIG. 3 is a flow diagram 3 illustrating a routine 300 for securely visualizing digital signatures in an electronic document generated by an application program, in accordance with an embodiment; When reading the discussion of the routines presented herein, it should be appreciated that the logical operations of various embodiments of the present invention are implemented (1) as a sequence of computer implemented acts or program modules running on a computing system and/or (2) as interconnected machine logical circuits or circuit modules within the computing system. The implementation is a matter of choice dependent on the performance requirements of the computing system implementing the invention. Accordingly, the logical operations illustrated in FIGS. 3-5 and making up the various embodiments described herein are referred to variously as operations, structural devices, acts or modules. It will be recognized by one skilled in the art that these operations, structural devices, acts and modules may be implemented in software, in firmware, in special purpose digital logical, and any combination thereof without deviating from the spirit and scope of the present invention as recited within the claims set forth herein.
  • The routine 300 begins at operation 305, where the application program 50 executing on the computer 2 receives a signature graphic (such as the signature graphic 62 discussed above with respect to FIG. 1) in the electronic document 60. It should be understood that, in accordance with various embodiments, the application program 50 may be configured to allow a user to enter a signature graphic directly over a signature line already present in the electronic document or alternatively, generate a user interface for inserting one or more types of signature graphics in the electronic document 60. For example, a user of the application program 50 may directly write his or signature above a signature line in the electronic document 60 using a pen, stylus, or touchscreen input device connected to or integrated with a tablet computer. Alternatively, the user may use the user interface to enter a typewritten signature (e.g., in a signature font) or retrieve a previously stored image file comprising a signature stored on the computer 2 which may then be entered into the electronic document 60 as a signature graphic. An illustrative user interface for entering a signature in accordance with an embodiment is shown in FIG. 8 and will be discussed in greater detail below.
  • From operation 305, the routine 300 continues to operation 310, where the application program 50 determines whether the signature graphic entered into the electronic document 60 is in a compatible file format for the hash calculation module 64 (discussed above with respect to FIG. 1). For example, the hash calculation module 64 may be configured to receive a signature graphic as a Portable Network Graphics (“PNG”) image file. If at operation 310, the application program 50 determines that the signature graphic is not in a compatible file format, then the routine 300 continues to operation 315 where the application program 50 converts the signature graphic into a compatible file format for inputting into the hash calculation module 64. Various methods for converting images into different image file formats are well-known to those skilled in the art, and therefore are not discussed in further detail herein. From operation 315, the routine 300 continues to operation 320. If however, at operation 310, the application program 50 determines that the signature graphic is in a compatible file format, then the routine 300 branches from operation 310 to operation 320.
  • At operation 320, the application program 50 calculates a hash value from the electronic document 60 including the inserted signature graphic. For example, the application program 50 may configured with the hash calculation module 64 (discussed above with respect to FIG. 1) and may utilize the hash calculation module 64 to receive the electronic document 60 (including the signature graphic) as an input and calculate an alphanumeric hash value from the received input.
  • From operation 320, the routine 300 continues to operation 325 where the application program 50 encrypts the hash value with private key cryptographic data, such as the private key data 72 discussed above with respect to FIG. 1.
  • From operation 325, the routine 300 continues to operation 330 where the application program 50 adds digital certificate and public key cryptographic data (such as the digital certificate data 78 and the public key data 76 discussed above with respect to FIG. 1) to the encrypted hash value generated at operation 325 in order to generate a digital signature object (such as the digital signature object 78 discussed above with respect to FIG. 1).
  • From operation 330, the routine 300 continues to operation 335 where the application program 50 embeds the digital signature object into the electronic document 60. It will be appreciated that the digital signature object may be embedded into the electronic document 60 as hidden program code which is not seen by a user viewing the electronic document 60. As discussed above in the description of FIG. 1, the digital signature object may represent a cryptographic signature which is paired along with the currently displayed signature graphic in the electronic document to create a cryptographically secure digital signature.
  • From operation 335, the routine 300 continues to operation 340 where the application program 50 displays the digitally signed electronic document 60 to a user.
  • From operation 340, the routine 300 continues to operation 345 where the application program 50 verifies or validates the digital signature by comparing a new or subsequent hash value calculated from the electronic document 60 to the hash value used in the digital signature object generated at operation 330. In particular, the application program 50 may be utilized to determine if the signature graphic in the electronic document 60 has been modified and if so, use a hash value calculated from the modified signature graphic invalidate the digitally signed document.
  • From operation 345, the routine 300 continues to operation 350, where the application program 50 determines whether a hash value calculated from a currently displayed signature graphic in the electronic document 60 matches a previously calculated hash value used in determining the digital signature object currently embedded in the electronic document 60. In particular, the application program 50 may be configured to utilize the unencrypted hash value used to create the digital signature object and compare that value to a hash value generated from a currently displayed signature graphic in the electronic document 60. If, at operation 350, the application program 50 determines that the hash values match, then the routine 300 continues to operation 355 where the application program 50 validates the digital signature as authentic (i.e., the signature graphic currently displayed in the electronic document 60 is the same as the signature graphic utilized in generating the digital signature object). If however, at operation 350, the application program 50 determines that the hash values do not match, then the routine 300 branches from operation 350 to operation 360.
  • At operation 360, the application program 50 invalidates the digital signature as having been modified. It will be appreciated that a digital signature may be modified when a user modifies or changes a signature graphic utilized to generate the digital signature object or cryptographic signature in an electronic document. For example, if a signer subsequent to the original signer of the digitally signed electronic document 60 modifies the signature graphic displayed in the document in an effort to pose as the original signer (e.g., by replacing the original signature graphic with the subsequent user's signature graphic), the calculated hash value for the modified signature graphic will be different than that calculated for the original signer. As a result, the hash values will not match and the digital signature for the document will be invalidated. In accordance with an embodiment, the application program 50 may be configured to generate a user interface for displaying to a user whether or not a digitally signed document is valid. An illustrative user interface showing a successful validation of a digital signature is shown in FIG. 9 and will be discussed in greater detail below. Similarly, an illustrative user interface showing an invalidation of a digital signature is shown in FIG. 10 which will also be discussed in greater detail below. From operations 355 and 360, the routine 300 then ends.
  • FIG. 4 is a flow diagram illustrating a routine 400 for collecting digital signatures for routing through an application program executing on a computer system, in accordance with an embodiment. The routine 400 begins at operation 405, where the application program 50 executing on the computer 2 converts an electronic document (e.g., the electronic document 600 shown in FIG. 6) containing multiple signature lines into a markup language node tree. An illustrative computer screen display illustrating an electronic document with multiple signature lines is shown in FIG. 6 and will be discussed in greater detail below. An illustrative markup language node tree is shown in FIG. 7 which will also be discussed in greater detail below. In particular, the application program 50 may be configured to convert the electronic document into one of a number of markup language formats including, but not limited to, the hypertext markup language (“HTML”) and the extensible markup language (“XML”) formats. Once the electronic document has been converted into a markup language format, the application program 50 may organize the converted markup language into a node tree. For example, and as will be understood by those skilled in the art, various markup languages including HTML and XML comprise nodes which by definition conform to a tree structure. In accordance with an embodiment, the application program 50 may be configured to map the visual layout of the electronic document into a tree layout of nodes that may be traversed using graph-theoretic methods. As will be discussed in greater detail herein, the tree layout may be utilized to determine an order for collecting digital signatures in an electronic document.
  • From operation 405, the routine 400 continues to operation 410, where the application program 50 traverses the nodes in the node tree to determine a visual layout of the signature lines in the electronic document. In particular, the application program 50 may be configured to perform a pre-order traversal of the node tree which may include a visual left-to-right traversal or a right-to-left traversal. As will be understood by those skilled in the art, in accordance with one embodiment, the pre-order traversal may be performed by accessing an HTML document object model (“DOM”). It will further be understood that the pre-order traversal may be the same as a depth-first search of a DOM except that the search doesn't terminate until the entire tree is examined.
  • From operation 410, the routine 400 continues to operation 415, where the application program 50 assigns a number to each node corresponding to the visual layout of the signature lines in the electronic document. In particular, as the node tree is traversed, the application program 50 may keep a count of the order in which each node (corresponding to a signature line) is visually displayed. It should be understood that in accordance with various embodiments, the operations 405-415 discussed above may be performed as the electronic document is being authored but prior to any signatures being received.
  • From operation 415, the routine 400 continues to operation 420 where the application program 50 sends a link to the electronic document to a current signer in the electronic document for receiving a digital signature. In particular, the application program 50 may be configured to collect signatures for the electronic document by e-mailing a uniform resource locator (“URL”) for accessing the electronic document to each signer, one signer at a time, who has not yet digitally signed the electronic document (i.e., the current signer) in the order determined in operation 415.
  • From operation 420, the routine 400 continues to operation 425 where the application program 50 traverses the visual layout of signature lines in the node tree for previously received digital signatures in order to determine a correct signature line for receiving a digital signature for the current signer.
  • From operation 425, the routine 400 continues to operation 430 where the application program 50 selects the first unsigned signature line in the electronic document as the signature line for digitally signing by the current signer. In particular, the application program 50 may be configured to display a visual indicator (such as an icon) in the electronic document to identify the selected signature line for the receiving the digital signature of the current signer.
  • From operation 430, the routine 400 continues to operation 435 where the application program 50 receives the digital signature of the current signer. In accordance with various embodiments, the digital signature may be received using the routine 300 described above with respect to FIG. 3.
  • From operation 435, the routine 400 continues to operation 440 where the application program 50 determines if more unsigned signature lines are present in the electronic document. If, at operation 440, the application program determines that more signature lines in the electronic document remain unsigned, then the routine 400 continues to operation 445 where the routine 400 returns to operation 420 where the link to the electronic document is sent to the next signer identified by the next or higher numbered signature line in the visual layout of signature lines in the node tree as compared to the previously signed signature line in the electronic document. If however, at operation 440, the application program 50 determines that all of the signature lines in the electronic document have been signed, then the routine 400 then ends.
  • FIG. 5 is a flow diagram illustrating a routine 500 for collecting digital signatures for routing through an application program executing on a computer system, in accordance with an alternative embodiment. The routine 500 begins at operation 505, where the application program 50 executing on the computer 2 receives metadata (such as the metadata 80 discussed with respect to FIG. 2) for appending to multiple signature lines in an electronic document (e.g., the electronic document 600 shown in FIG. 6). In particular, the application program 50 may be configured to append the metadata 80 to specify the intended signer name, e-mail address, and title for each signature line in an electronic document generated to collect signatures from multiple signers. As will be described in greater detail below, the metadata 80 may also be utilized to infer a signature line (i.e., position inference) for each signer to sign upon receiving the electronic document. It should be understood that in accordance with various embodiments, the operation 505 discussed above may be performed as the electronic document is being authored but prior to any signatures being received.
  • From operation 505, the routine 500 continues to operation 510, where the application program 50 sends a link to the electronic document to a current signer in the electronic document for receiving a digital signature. In particular, the application program 50 may be configured to collect signatures for the electronic document by e-mailing a uniform resource locator (“URL”) for accessing the electronic document to each signer, one signer at a time, who has not yet digitally signed the electronic document (i.e., the current signer is the recipient of the link to the electronic document).
  • From operation 510, the routine 500 continues to operation 515 where the application program 50 selects an identifier contained within the metadata 80 for each signature line in the electronic document. In particular, the application program 50 my be configured to select or retrieve e-mail addresses 82, titles 84, and signer names 86 from the metadata 80 shown in FIG. 2.
  • From operation 515, the routine 500 continues to operation 520 where the application program 50 selects a signature line having an identifier matching an e-mail address or a title determined for the current signer (i.e., the signer receiving the link to the electronic document at operation 510). In particular, in accordance with an embodiment, the application program 50 may be configured to compare the e-mail address used to send the link to the electronic document for receiving a digital signature to an e-mail address in the e-mail addresses 82 metadata for each of the signature lines in the electronic document. The signature line in the electronic document which matches the e-mail address of the current signer may be selected as the signature line for receiving the digital signature. In accordance with another embodiment, the application program 50 may be configured to select a signature line based on an organizational hierarchy by using the titles 84 metadata. In particular, the application program 50 may be configured to compare the title (e.g., general manager, program manager, etc.) of the current signer to the titles in the titles 84 metadata appended to the signature lines in the electronic document. The signature line which matches the current signer's title may then be selected as the signature line for receiving the digital signature of the current signer. In accordance with an embodiment, the title for the current signer may be obtained by accessing a network directory lookup service such as the ACTIVE DIRECTORY directory service from Microsoft Corporation of Redmond, Wash. For example, a user identification (e.g., the current signer's initials) for the current signer for using the application program 50 on the computer 2 may be utilized by the application program 50 to access directory service information about the current signer including the current signer's title in an organizational hierarchy. It will be appreciated that by selecting a signature line based on the titles 84 metadata, the electronic document may be authored with signature lines which do not specify any signer names. In accordance with yet another embodiment, the application program 50 may be configured to select a signature line based on the current signer's name using the signer names 86 metadata. In particular, the application program 50 may be configured to convert the singer names 86 metadata appended to the signature lines e-mail addresses using the network directory lookup service. The application program 50 may then select the signature line in the electronic document which matches the e-mail address used to send the link to the electronic document to the current signer. In accordance with various embodiments, the signature line may be identified to the current signer by configuring the application program 50 to display a visual indicator (such as an icon) in the electronic document to identify the selected signature line for the receiving the digital signature of the current signer.
  • From operation 520, the routine 500 continues to operation 525 where the application program 50 receives the digital signature of the current signer. In accordance with various embodiments, the digital signature may be received using the routine 300 described above with respect to FIG. 3.
  • From operation 525, the routine 500 continues to operation 530 where the application program 50 determines if more unsigned signature lines are present in the electronic document. If, at operation 530, the application program determines that more signature lines in the electronic document remain unsigned, then the routine 500 continues to operation 535 where the routine 500 returns to operation 510 where the link to the electronic document is sent to another signer. If however, at operation 530, the application program 50 determines that all of the signature lines in the electronic document have been signed, then the routine 500 then ends.
  • FIG. 6 is a computer screen display of an electronic document 600 generated by the application program 50 which may be utilized for collecting digital signatures, in accordance with an embodiment. The electronic document 600 includes signature sections 610, 620, 630, 640, 650, 660, and 670 for collecting multiple digital signatures. Each of the signature sections 610, 620, 640, 650, 660, and 670 displays a title for the intended signer, a signature line, and an intended signer name. The signature section 630 displays a signature line for receiving a signature in an Eastern signature format (such as a Hanko stamp). It should be understood that in accordance with alternative embodiments, the signature sections 610, 620, 640, 650, 660, and 670 may only display a title for each intended signer without displaying the intended signer name. In these embodiments, digital signatures may be collected from the intended signers by using an organizational hierarchy as discussed above with respect to operation 520 of FIG. 5. The electronic document 600 also displays a user control 615. In accordance with various embodiments, the user control 615 may be selected by a signer to open a user interface to enter a signature graphic to be displayed on a signature line and to further digitally sign the electronic document. An illustrative user interface for signing the electronic document 600 is shown in FIG. 8 which will be discussed in greater detail below.
  • FIG. 7 is a tree diagram 700 illustrating a visual layout of an electronic document which is utilized to specify signature lines for receiving digital signatures from multiple signers during the collection of digital signatures in the electronic document, in accordance with an embodiment. As discussed above in the discussion of FIG. 4, the application program 50 may be configured to convert an electronic document (e.g., the electronic document 600 shown in FIG. 6) containing multiple signature lines into markup language according to a markup language format (e.g., HTML or XML). The markup language may then be organized into the tree diagram 700 by the application program 50. For example, the electronic document 600 may be converted into HTML as shown below:
  •
    <table style=“width: 100%”>
        <tr>
           <td>1</td>
           <td>2</td>
           <td rowspan=“2”>3</td>
        </tr>
        <tr>
           <td>4</td>
           <td>5</td>
        </tr>
        <tr>
           <td colspan=“2”>6</td>
           <td>7</td>
        </tr>
    </table>
  • The tree diagram 700 consists of nodes 705, 710, 715, 720, 725, 730, 735, 740, 745, 750, and 755, each of which is mapped to the HTML code shown above. The tree diagram 700 provides a visual layout of the electronic document 600 that may be traversed using graph-theoretic methods and may be utilized to determine an order for collecting digital signatures as discussed above with respect to FIG. 4.
  • FIG. 8 is a computer screen display of a user interface 800, generated by the application program 50, which may be utilized to receive a signature graphic for digitally signing an electronic document, in accordance with an embodiment. The user interface 800 includes a signature box 810 for a signer to type in a signature to be used as the signature graphic. The user interface 800 also includes a user control 820 for a signer to retrieve a previously stored image file to be used as the signature graphic. The user interface 800 also includes a Sign button 830 for digitally signing an electronic document using the selected signature graphic.
  • FIG. 9 is a computer screen display of a user interface 900, generated by the application program 50, which may be utilized to validate a digital signature in an electronic document, in accordance with an embodiment. The user interface 900 displays a validation message 910 for a signature graphic 910 which has been applied to an electronic document for digitally signing the electronic document. In accordance with an embodiment, the user interface 900 displaying the validation message 910 may be generated by the application program 50 upon the completion of the validation operation 355 discussed above with respect to FIG. 3.
  • FIG. 10 is a computer screen display of a user interface 1000, generated by the application program 50, which may be utilized to invalidate a digital signature in an electronic document, in accordance with an embodiment. The user interface 1000 displays a validation message 1010 for a signature graphic which has been applied to an electronic document for digitally signing the electronic document. In accordance with an embodiment, the user interface 1000 displaying the validation message 1010 may be generated by the application program 50 upon the completion of the invalidation operation 360 discussed above with respect to FIG. 3.
  • FIG. 11 is a computer screen display of a user interface 1100, generated by the application program 50, which may be utilized to receive signature line properties which may be utilized in the collection and routing of digital signatures, in accordance with an embodiment. The user interface 100 includes a General tab 1111, and input boxes 1120, 1130, and 1140 for receiving a Singer name, a Signer title, and a Signer e-mail address. The input boxes 1120, 1130, and 1140 may be utilized by the author of an electronic document to create the metadata 80 which is appended to signature lines to specify the intended signer name, e-mail address, and title for each signature line in the electronic document. As discussed above with respect to FIG. 5, the metadata 80 may be utilized to infer a signature line (i.e., position inference) for each signer to sign upon receiving the electronic document.
  • FIG. 12 is a computer screen display of a user interface 1200, generated by the application program 50, which may be utilized to define the appearance of a digital signature in an electronic document, in accordance with an embodiment. The user interface 1200 includes a Display tab 1210, an Appearance checkbox 1120 for showing a signed date, an Appearance radio or option button 1230 for showing a signature line, and an Appearance radio or option button 1240 for showing a stamp for signing an electronic document in an Eastern signature format.
  • FIG. 13 is a computer screen display of a user interface 1300, generated by the application program 50, which may be utilized to specify portions of an electronic document for receiving digital signatures and to specify the interaction between multiple digital signatures in an electronic document, in accordance with an embodiment. The user interface 1300 includes a Signature properties tab 1310 and radio or option buttons 1320 and 1330 which may be selected to specify signing an entire electronic document (e.g., a form) or signing parts of the electronic document. The user interface 1300 further includes input boxes 1332, 1334, and 1336 which may be utilized to specify the parts of the electronic document to be signed. In particular, the input box 1332 may be utilized to type in a name for the data that can be signed, the input box 1334 may be utilized to specify fields and groups in the electronic document to be signed, and input box 1336 may be utilized to specify a group for storing digital signatures. The user interface 1300 further includes radio or option buttons 1340 and 1342 which may be selected to specify how multiple digital signatures received in an electronic document may interact. In particular, the radio or option button 1340 may be selected to specify that all of the digital signatures are independent of one another (i.e., a co-signing arrangement) while the radio or option button 1342 may be selected to specify that each digital signature sings the previous digital signature (i.e., a counter-signing arrangement).
  • Although the invention has been described in connection with various illustrative embodiments, those of ordinary skill in the art will understand that many modifications can be made thereto within the scope of the claims that follow. Accordingly, it is not intended that the scope of the invention in any way be limited by the above description, but instead be determined entirely by reference to the claims that follow.

Claims (20)

1. A computer-implemented method for securely visualizing digital signatures in an electronic document generated by an application program executing on a computer system, comprising:
receiving, in the electronic document, at least one signature graphic;
calculating a hash value from the electronic document including the at least one signature graphic;
generating a digital signature object comprising the hash value and cryptographic data, the digital signature object comprising a cryptographic signature;
embedding the digital signature object in the electronic document; and
displaying the electronic document comprising the at least one signature graphic and the digital signature object as a digital signature.
2. The method of claim 1, wherein receiving at least one signature graphic comprises receiving a signature graphic file stored in the computer system.
3. The method of claim 1, wherein receiving at least one signature graphic comprises receiving at least one typed character in a signature font in the user interface from a user.
4. The method of claim 1, wherein receiving at least one signature graphic comprises, in substantially real-time, a handwritten signature from a user.
5. The method of claim 1, wherein receiving, in the electronic document, at least one signature graphic comprises receiving a signature in at least one of a Western signature format and an Eastern signature format.
6. The method of claim 1, wherein generating a digital signature object comprising the hash value and cryptographic data comprises:
encrypting the hash value using private key cryptographic data; and
adding one or more of the following to the encrypted hash value: digital certificate cryptographic data and public key cryptographic data.
7. The method of claim 1 further comprising:
prior to calculating the hash value, determining whether the at least one signature graphic is in a compatible graphic file format; and
if it is determined that the at least one signature graphic is not in a compatible graphic file format, then converting the at least one signature graphic into the compatible graphic file format.
8. The method of claim 1 further comprising:
comparing a new hash value calculated from the electronic document and the signature graphic to the hash value in the digital signature object;
if the compared hash values match, then validating the digital signature; and
if the compared hash values do not match, then invalidating the digital signature.
9. A computer-implemented method for collecting digital signatures for routing through an application program executing on a computer system, comprising:
(a) sending a link to an electronic document to only one current signer identified by an unsigned signature line among a plurality of signature lines for receiving a digital signature, wherein the electronic document is generated by the application program;
(b) automatically selecting, from among the plurality of signature lines, the unsigned signature line for receiving the digital signature from the current signer,
(c) receiving the digital signature of the current signer in the selected unsigned signature line;
(d) upon receiving the digital signature of the current signer, repeating the operations (a)-(c) for each of the plurality of signature lines in the electronic document until digital signatures have been received for each of the plurality of signature lines.
10. The method of claim 9 further comprising, prior to sending the link to the electronic document, receiving metadata for appending to each of the plurality of signature lines in the electronic document, the metadata comprising one or more of the following identifiers: a signer name, an electronic mail address of the signer, and a title of the signer.
11. The method of claim 10, wherein automatically selecting the unsigned signature line for receiving the digital signature from the current signer comprises:
selecting an identifier contained within the metadata for each of the plurality of signature lines in the electronic document; and
selecting a signature line from among the plurality of signature lines having an identifier which matches at least one of an electronic mail address or a title determined for the current signer as the unsigned signature line for receiving the digital signature from the current signer.
12. The method of claim 9, prior to sending the link to the electronic document, further comprising:
converting the electronic document into a tree comprising a plurality of markup language nodes containing the plurality of signature lines, the tree representing a visual layout of the plurality of signature lines in the electronic document;
traversing the markup language nodes to determine a visual order of each of the plurality of signature lines; and
assigning a number to each of the plurality of markup language nodes corresponding to the visual order.
13. The method of claim 12, wherein assigning a number to each of the plurality of markup language nodes corresponding to the visual order comprises assigning each number to the plurality of markup language nodes in at least one of a left-to-right visual order and a right-to-left visual order.
14. The method of claim 12, wherein automatically selecting the unsigned signature line for receiving the digital signature from the current signer comprises:
traversing the visual layout of the plurality of signature lines in the electronic document for previously received digital signatures; and
selecting the first unsigned signature line as the unsigned signature line for receiving the digital signature from the current signer.
15. A computer-readable storage medium comprising computer executable instructions which, when executed on a computer, will cause the computer to perform a method of displaying on a display device a user interface for generating and validating signature data for securely visualizing digital signatures in an electronic document, the method comprising:
displaying a first window for receiving a signature graphic associated with a signer of the electronic document;
displaying the received signature graphic in the first window;
validating the received signature graphic against a digital signature object embedded in the electronic document;
displaying a second window for defining the display of a plurality of signature line properties for at least one signature line displayed in the electronic document, the signature line properties comprising:
signature data comprising one or more of the following:
a name of the signer of the electronic document;
a title of the signer of the electronic document; and
an electronic mail address associated with the signer of the electronic document;
appearance options for displaying the signature graphic in the electronic document, the appearance options comprising one or more of the following:
a first option for displaying the signature graphic over the at least one signature line;
a second option for displaying the signature graphic as a stamp when the signature graphic comprises an Eastern signature format; and
a third option for displaying a date that the electronic document was signed; and
displaying a third window for defining a plurality of signature properties for the electronic document, the signature properties comprising one or more of the following selectable options:
a first option for signing the entire electronic document;
a second option for signing one or more identified portions of the electronic document;
a third option for co-signing a plurality of signature lines in the electronic document; and
a fourth option for counter-signing a plurality of signatures lines in the electronic document.
16. The computer-readable storage medium of claim 15, wherein receiving a signature graphic comprises receiving a signature graphic file stored in the computer.
17. The computer-readable storage medium of claim 15, wherein receiving a signature graphic comprises receiving at least one typed character in a typographical font.
18. The computer-readable storage medium of claim 15, wherein receiving a signature graphic comprises receiving a signature graphic in at least one of a Western signature format and an Eastern signature format.
19. The computer-readable medium of claim 15, wherein the digital signature object embedded in the electronic document comprises an encrypted hash value generated from the electronic document, the signature graphic, and private key cryptographic data, wherein the encrypted hash value is summed with digital certificate cryptographic data and public key cryptographic data to generate the digital signature object.
20. The computer-readable medium of claim 15, wherein the identified portions of the electronic document comprise one or more of the following: received user-named data in the electronic document, received user-identified fields and groups in the electronic document, and a received user group name for storing digital signatures received in the electronic document.
US12/253,344 2008-10-17 2008-10-17 Natural Visualization And Routing Of Digital Signatures Abandoned US20100100743A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US12/253,344 US20100100743A1 (en) 2008-10-17 2008-10-17 Natural Visualization And Routing Of Digital Signatures
US14/966,146 US9954683B2 (en) 2008-10-17 2015-12-11 Natural visualization and routing of digital signatures

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US12/253,344 US20100100743A1 (en) 2008-10-17 2008-10-17 Natural Visualization And Routing Of Digital Signatures

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US14/966,146 Division US9954683B2 (en) 2008-10-17 2015-12-11 Natural visualization and routing of digital signatures

Publications (1)

Publication Number Publication Date
US20100100743A1 true US20100100743A1 (en) 2010-04-22

Family

ID=42109564

Family Applications (2)

Application Number Title Priority Date Filing Date
US12/253,344 Abandoned US20100100743A1 (en) 2008-10-17 2008-10-17 Natural Visualization And Routing Of Digital Signatures
US14/966,146 Active 2029-04-14 US9954683B2 (en) 2008-10-17 2015-12-11 Natural visualization and routing of digital signatures

Family Applications After (1)

Application Number Title Priority Date Filing Date
US14/966,146 Active 2029-04-14 US9954683B2 (en) 2008-10-17 2015-12-11 Natural visualization and routing of digital signatures

Country Status (1)

Country Link
US (2) US20100100743A1 (en)

Cited By (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100235727A1 (en) * 2009-03-14 2010-09-16 Ashton Brian G Systems and Methods for Dynamic Electronic Signature Placement
US20100245294A1 (en) * 2009-03-31 2010-09-30 Piersol Kurt W Annotating Digital Files Of A Host Computer Using Networked Tablet Computers
US20100251106A1 (en) * 2009-03-31 2010-09-30 Barrus John W Annotating Digital Files Of A Host Computer Using A Peripheral Device
US20110061092A1 (en) * 2009-09-08 2011-03-10 Timothee Bailloeul Method for applying a physical seal authorization to documents in electronic workflows
US20110138177A1 (en) * 2009-12-04 2011-06-09 General Instrument Corporation Online public key infrastructure (pki) system
US20130061125A1 (en) * 2011-09-02 2013-03-07 Jn Projects, Inc. Systems and methods for annotating and sending electronic documents
US20130097493A1 (en) * 2011-10-17 2013-04-18 International Business Machines Corporation Managing Digital Signatures
US8856640B1 (en) * 2012-01-20 2014-10-07 Google Inc. Method and apparatus for applying revision specific electronic signatures to an electronically stored document
US20150067037A1 (en) * 2013-09-05 2015-03-05 Kabushiki Kaisha Toshiba Communication apparatus and communication method
US20150143219A1 (en) * 2010-05-04 2015-05-21 Docusign, Inc. Systems and methods for distributed electronic signature documents including version control
US9130928B2 (en) 2010-04-15 2015-09-08 Google Technology Holdings LLC Online secure device provisioning framework
US9286271B2 (en) 2010-05-26 2016-03-15 Google Inc. Providing an electronic document collection
US9384285B1 (en) 2012-12-18 2016-07-05 Google Inc. Methods for identifying related documents
US9495341B1 (en) 2012-12-18 2016-11-15 Google Inc. Fact correction and completion during document drafting
US9514113B1 (en) 2013-07-29 2016-12-06 Google Inc. Methods for automatic footnote generation
US9529916B1 (en) 2012-10-30 2016-12-27 Google Inc. Managing documents based on access context
US9529791B1 (en) 2013-12-12 2016-12-27 Google Inc. Template and content aware document and template editing
US20170048406A1 (en) * 2014-04-28 2017-02-16 Hewlett-Packard Development Company, L.P. Detecting signature lines within an electronic document
US9596219B2 (en) 2010-04-19 2017-03-14 Amaani, Llc Method of transmission of encrypted documents
US9703763B1 (en) 2014-08-14 2017-07-11 Google Inc. Automatic document citations by utilizing copied content for candidate sources
US20170200244A1 (en) * 2016-01-07 2017-07-13 Adobe Systems Incorporated Systems and Techniques for Integrating Electronic Signature Platforms with Social Messaging Applications for Authenticated Electronic Documents
US20170308513A1 (en) * 2016-04-26 2017-10-26 RiskIQ, Inc. Techniques for web framework detection
US20170344743A1 (en) * 2016-05-26 2017-11-30 Barracuda Networks, Inc. Method and apparatus for proactively identifying and mitigating malware attacks via hosted web assets
US9842113B1 (en) 2013-08-27 2017-12-12 Google Inc. Context-based file selection
US9954683B2 (en) 2008-10-17 2018-04-24 Microsoft Technology Licensing, Llc Natural visualization and routing of digital signatures
US20180307852A1 (en) * 2015-12-30 2018-10-25 Xiaolin Zhang System and method for data security
US10218515B2 (en) 2016-08-26 2019-02-26 Microsoft Technology Licensing, Llc Evolving a signature during trust verification of an object
US10951422B2 (en) * 2017-02-22 2021-03-16 CTIA—The Wireless Association Mobile message source authentication
EP3709567A4 (en) * 2017-11-07 2021-03-24 SECUVE Co., Ltd. Electronic signature authentication system on the basis of biometric information and electronic signature authentication method thereof
US10997407B2 (en) 2015-10-02 2021-05-04 Hewlett-Packard Development Company, L.P. Detecting document objects
US20210306133A1 (en) * 2019-10-08 2021-09-30 Johny Mathew Decentralized Methods and Systems for Storage, Access, Distribution and Exchange of Electronic Information and Documents over the Internet using Blockchain to protect against Cyber attacks and Theft
US11281887B2 (en) 2017-11-29 2022-03-22 Vynca, Inc. Multiple electronic signature method
US11308037B2 (en) 2012-10-30 2022-04-19 Google Llc Automatic collaboration
US11423164B2 (en) * 2018-05-21 2022-08-23 Vynca, Inc. Multiple electronic signature method
US11537669B1 (en) 2021-06-09 2022-12-27 Citrix Systems, Inc. Preparation of signature fields within electronic documents
US11586806B1 (en) * 2021-06-30 2023-02-21 Citrix Systems, Inc. Distributed electronic signature processing
EP4206961A1 (en) * 2021-12-31 2023-07-05 Lietuvos ir Vokietijos UAB "LIREMA" Method of signing a digital document combining a handwritten signature and electronic signing technology

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3671663A1 (en) 2018-12-20 2020-06-24 Assa Abloy AB Co-signing delegations
WO2023146772A2 (en) * 2022-01-28 2023-08-03 Docusign, Inc. Conferencing platform integration with information access control

Citations (40)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5606609A (en) * 1994-09-19 1997-02-25 Scientific-Atlanta Electronic document verification system and method
US5689567A (en) * 1993-12-27 1997-11-18 Nec Corporation Electronic signature method and apparatus
US5948103A (en) * 1996-06-26 1999-09-07 Wacom Co., Ltd. Electronic document security system, affixed electronic seal security system and electronic signature security system
US6161116A (en) * 1997-09-23 2000-12-12 Saltzman; Lawrence A. Ideogrammatic character editor method and apparatus
US20020019937A1 (en) * 2000-06-06 2002-02-14 Edstrom Trevor W. Secure document transport process
US20020048372A1 (en) * 2000-10-19 2002-04-25 Eng-Whatt Toh Universal signature object for digital data
US20020063734A1 (en) * 2000-11-30 2002-05-30 Afzal Khalfay Computer user interfaces that are generated as needed
US20020095579A1 (en) * 1997-06-05 2002-07-18 Hiroshi Yoshiura Digital data authentication method
US20020143711A1 (en) * 2001-03-27 2002-10-03 Nassiri Nicholas N. Method and system for performing and providing notary services and verifying an electronic signature via a global computer network
US20020143704A1 (en) * 2001-03-27 2002-10-03 Nassiri Nicholas N. Signature verifcation using a third party authenticator via a paperless electronic document platform
US20030217264A1 (en) * 2002-05-14 2003-11-20 Signitas Corporation System and method for providing a secure environment during the use of electronic documents and data
US20040039914A1 (en) * 2002-05-29 2004-02-26 Barr John Kennedy Layered security in digital watermarking
US20040181756A1 (en) * 2000-06-06 2004-09-16 Berringer Ryan R. Creating and verifying electronic documents
US20040236694A1 (en) * 2001-06-18 2004-11-25 Oliver Tattan Electronic data vault providing biometrically protected electronic signatures
US20050036651A1 (en) * 2001-11-30 2005-02-17 Tian Wen Digital anti&minus forging method
US20050132195A1 (en) * 2003-12-16 2005-06-16 Josef Dietl Electronic signing apparatus and methods
US20050132196A1 (en) * 2003-12-16 2005-06-16 Josef Dietl Electronic signatures
US6944648B2 (en) * 2000-09-22 2005-09-13 Docusign, Inc. System and method for managing transferable records
US20050246284A1 (en) * 1999-11-19 2005-11-03 Phillipo Stephen J Digital record carrier and method for use of same to inhibit copying using decryption code or key from remote depository
US6975992B2 (en) * 2001-07-31 2005-12-13 Hewlett-Packard Development Company, L.P. Method for watermarking data
US20060047963A1 (en) * 2004-08-24 2006-03-02 Julia Brown Method and system for expeditious processing of guaranteed signature documents and the like
US7024562B1 (en) * 2000-06-29 2006-04-04 Optisec Technologies Ltd. Method for carrying out secure digital signature and a system therefor
US20060271787A1 (en) * 2005-05-31 2006-11-30 Xerox Corporation System and method for validating a hard-copy document against an electronic version
US20060277452A1 (en) * 2005-06-03 2006-12-07 Microsoft Corporation Structuring data for presentation documents
US20070016785A1 (en) * 2005-07-14 2007-01-18 Yannick Guay System and method for digital signature and authentication
US20070094510A1 (en) * 2005-10-21 2007-04-26 Ross Darren G System and method for the electronic management and execution of transaction documents
US20070174629A1 (en) * 2001-03-05 2007-07-26 Suominen Edwin A Encryption and authentication systems and methods
US20080010218A1 (en) * 2004-12-30 2008-01-10 Topaz Systems, Inc. Electronic Signature Security System
US20080072334A1 (en) * 2006-09-18 2008-03-20 Todd Bailey System and method for electronic collaboration
US20080104408A1 (en) * 2006-10-25 2008-05-01 Darcy Mayer Notary document processing and storage system and methods
US20080100874A1 (en) * 2006-10-25 2008-05-01 Darcy Mayer Notary document processing and storage system and methods
US20080109657A1 (en) * 2006-11-06 2008-05-08 Siddharth Bajaj Web site authentication
US20080133929A1 (en) * 2004-10-11 2008-06-05 Christian Gehrmann Secure Loading And Storing Of Data In A Data Processing Device
US20080148054A1 (en) * 2006-12-15 2008-06-19 Microsoft Corporation Secure Signatures
US20080209313A1 (en) * 2007-02-28 2008-08-28 Docusign, Inc. System and method for document tagging templates
US20090024912A1 (en) * 2007-07-18 2009-01-22 Docusign, Inc. Systems and methods for distributed electronic signature documents
US20090025090A1 (en) * 2007-07-19 2009-01-22 Wachovia Corporation Digital safety deposit box
US20090119221A1 (en) * 2007-11-05 2009-05-07 Timothy Martin Weston System and Method for Cryptographically Authenticated Display Prompt Control for Multifunctional Payment Terminals
US20100106973A1 (en) * 2007-01-15 2010-04-29 Andreas Guenther Method and Device for Safeguarding of a Document with Inserted Signature image and Biometric Data in a Computer System
US20100161969A1 (en) * 2008-12-23 2010-06-24 Nortel Networks Limited Network device authentication

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080141033A1 (en) 1995-02-13 2008-06-12 Intertrust Technologies Corporation Trusted and secure techniques, systems and methods for item delivery and execution
US6757826B1 (en) 1998-04-14 2004-06-29 Citicorp Development Center, Inc. Digital graphic signature system
JP2000078125A (en) 1998-08-28 2000-03-14 Hitachi Ltd Method for generating electronic data able to be authenticated
US20020078358A1 (en) * 1999-08-16 2002-06-20 Neff C. Andrew Electronic voting system
AU782518B2 (en) * 2000-01-07 2005-08-04 International Business Machines Corporation A method for inter-enterprise role-based authorization
US6796489B2 (en) * 2000-06-06 2004-09-28 Ingeo Systems, Inc. Processing electronic documents with embedded digital signatures
US20020184504A1 (en) * 2001-03-26 2002-12-05 Eric Hughes Combined digital signature
WO2004042527A2 (en) * 2002-11-04 2004-05-21 Ford Timothy K Method and system for comprehensive real estate transaction management
US7822690B2 (en) * 2004-02-10 2010-10-26 Paul Rakowicz Paperless process for mortgage closings and other applications
US7406599B1 (en) 2004-04-06 2008-07-29 Adobe Systems Incorporated Indicating status for digital signatures
US7672003B2 (en) * 2004-09-01 2010-03-02 Eric Morgan Dowling Network scanner for global document creation, transmission and management
US8689287B2 (en) 2006-08-17 2014-04-01 Northrop Grumman Systems Corporation Federated credentialing system and method
US20080065775A1 (en) 2006-09-13 2008-03-13 Cisco Technology, Inc. Location data-URL mechanism
US20100100743A1 (en) 2008-10-17 2010-04-22 Microsoft Corporation Natural Visualization And Routing Of Digital Signatures

Patent Citations (41)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5689567A (en) * 1993-12-27 1997-11-18 Nec Corporation Electronic signature method and apparatus
US5606609A (en) * 1994-09-19 1997-02-25 Scientific-Atlanta Electronic document verification system and method
US5948103A (en) * 1996-06-26 1999-09-07 Wacom Co., Ltd. Electronic document security system, affixed electronic seal security system and electronic signature security system
US20020095579A1 (en) * 1997-06-05 2002-07-18 Hiroshi Yoshiura Digital data authentication method
US6161116A (en) * 1997-09-23 2000-12-12 Saltzman; Lawrence A. Ideogrammatic character editor method and apparatus
US20050246284A1 (en) * 1999-11-19 2005-11-03 Phillipo Stephen J Digital record carrier and method for use of same to inhibit copying using decryption code or key from remote depository
US20040181756A1 (en) * 2000-06-06 2004-09-16 Berringer Ryan R. Creating and verifying electronic documents
US20020019937A1 (en) * 2000-06-06 2002-02-14 Edstrom Trevor W. Secure document transport process
US7024562B1 (en) * 2000-06-29 2006-04-04 Optisec Technologies Ltd. Method for carrying out secure digital signature and a system therefor
US6944648B2 (en) * 2000-09-22 2005-09-13 Docusign, Inc. System and method for managing transferable records
US20020048372A1 (en) * 2000-10-19 2002-04-25 Eng-Whatt Toh Universal signature object for digital data
US20020063734A1 (en) * 2000-11-30 2002-05-30 Afzal Khalfay Computer user interfaces that are generated as needed
US20070174629A1 (en) * 2001-03-05 2007-07-26 Suominen Edwin A Encryption and authentication systems and methods
US20020143711A1 (en) * 2001-03-27 2002-10-03 Nassiri Nicholas N. Method and system for performing and providing notary services and verifying an electronic signature via a global computer network
US20020143704A1 (en) * 2001-03-27 2002-10-03 Nassiri Nicholas N. Signature verifcation using a third party authenticator via a paperless electronic document platform
US20040236694A1 (en) * 2001-06-18 2004-11-25 Oliver Tattan Electronic data vault providing biometrically protected electronic signatures
US6975992B2 (en) * 2001-07-31 2005-12-13 Hewlett-Packard Development Company, L.P. Method for watermarking data
US20050036651A1 (en) * 2001-11-30 2005-02-17 Tian Wen Digital anti&minus forging method
US20030217264A1 (en) * 2002-05-14 2003-11-20 Signitas Corporation System and method for providing a secure environment during the use of electronic documents and data
US20040039914A1 (en) * 2002-05-29 2004-02-26 Barr John Kennedy Layered security in digital watermarking
US20050132196A1 (en) * 2003-12-16 2005-06-16 Josef Dietl Electronic signatures
US20050132195A1 (en) * 2003-12-16 2005-06-16 Josef Dietl Electronic signing apparatus and methods
US20060047963A1 (en) * 2004-08-24 2006-03-02 Julia Brown Method and system for expeditious processing of guaranteed signature documents and the like
US20080133929A1 (en) * 2004-10-11 2008-06-05 Christian Gehrmann Secure Loading And Storing Of Data In A Data Processing Device
US20080010218A1 (en) * 2004-12-30 2008-01-10 Topaz Systems, Inc. Electronic Signature Security System
US20060271787A1 (en) * 2005-05-31 2006-11-30 Xerox Corporation System and method for validating a hard-copy document against an electronic version
US20060277452A1 (en) * 2005-06-03 2006-12-07 Microsoft Corporation Structuring data for presentation documents
US20070016785A1 (en) * 2005-07-14 2007-01-18 Yannick Guay System and method for digital signature and authentication
US20070094510A1 (en) * 2005-10-21 2007-04-26 Ross Darren G System and method for the electronic management and execution of transaction documents
US20080072334A1 (en) * 2006-09-18 2008-03-20 Todd Bailey System and method for electronic collaboration
US20080104408A1 (en) * 2006-10-25 2008-05-01 Darcy Mayer Notary document processing and storage system and methods
US20080100874A1 (en) * 2006-10-25 2008-05-01 Darcy Mayer Notary document processing and storage system and methods
US20080109657A1 (en) * 2006-11-06 2008-05-08 Siddharth Bajaj Web site authentication
US20080148054A1 (en) * 2006-12-15 2008-06-19 Microsoft Corporation Secure Signatures
US20100106973A1 (en) * 2007-01-15 2010-04-29 Andreas Guenther Method and Device for Safeguarding of a Document with Inserted Signature image and Biometric Data in a Computer System
US20080209313A1 (en) * 2007-02-28 2008-08-28 Docusign, Inc. System and method for document tagging templates
US9514117B2 (en) * 2007-02-28 2016-12-06 Docusign, Inc. System and method for document tagging templates
US20090024912A1 (en) * 2007-07-18 2009-01-22 Docusign, Inc. Systems and methods for distributed electronic signature documents
US20090025090A1 (en) * 2007-07-19 2009-01-22 Wachovia Corporation Digital safety deposit box
US20090119221A1 (en) * 2007-11-05 2009-05-07 Timothy Martin Weston System and Method for Cryptographically Authenticated Display Prompt Control for Multifunctional Payment Terminals
US20100161969A1 (en) * 2008-12-23 2010-06-24 Nortel Networks Limited Network device authentication

Cited By (52)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9954683B2 (en) 2008-10-17 2018-04-24 Microsoft Technology Licensing, Llc Natural visualization and routing of digital signatures
US20100235727A1 (en) * 2009-03-14 2010-09-16 Ashton Brian G Systems and Methods for Dynamic Electronic Signature Placement
US9134947B2 (en) * 2009-03-31 2015-09-15 Ricoh Company, Ltd. Annotating digital files of a host computer using a peripheral device
US20100245294A1 (en) * 2009-03-31 2010-09-30 Piersol Kurt W Annotating Digital Files Of A Host Computer Using Networked Tablet Computers
US9274624B2 (en) * 2009-03-31 2016-03-01 Ricoh Company, Ltd. Annotating digital files of a host computer using networked tablet computers
US20100251106A1 (en) * 2009-03-31 2010-09-30 Barrus John W Annotating Digital Files Of A Host Computer Using A Peripheral Device
US20110061092A1 (en) * 2009-09-08 2011-03-10 Timothee Bailloeul Method for applying a physical seal authorization to documents in electronic workflows
US8572695B2 (en) * 2009-09-08 2013-10-29 Ricoh Co., Ltd Method for applying a physical seal authorization to documents in electronic workflows
US20110138177A1 (en) * 2009-12-04 2011-06-09 General Instrument Corporation Online public key infrastructure (pki) system
US9130928B2 (en) 2010-04-15 2015-09-08 Google Technology Holdings LLC Online secure device provisioning framework
US9596219B2 (en) 2010-04-19 2017-03-14 Amaani, Llc Method of transmission of encrypted documents
US20150143219A1 (en) * 2010-05-04 2015-05-21 Docusign, Inc. Systems and methods for distributed electronic signature documents including version control
US9798710B2 (en) * 2010-05-04 2017-10-24 Docusign, Inc. Systems and methods for distributed electronic signature documents including version control
US9251131B2 (en) 2010-05-04 2016-02-02 Docusign, Inc. Systems and methods for distributed electronic signature documents including version control
US9286271B2 (en) 2010-05-26 2016-03-15 Google Inc. Providing an electronic document collection
US9292479B2 (en) 2010-05-26 2016-03-22 Google Inc. Providing an electronic document collection
US20130061125A1 (en) * 2011-09-02 2013-03-07 Jn Projects, Inc. Systems and methods for annotating and sending electronic documents
US9400974B2 (en) * 2011-09-02 2016-07-26 Jn Projects, Inc. Systems and methods for annotating and sending electronic documents
US20130097493A1 (en) * 2011-10-17 2013-04-18 International Business Machines Corporation Managing Digital Signatures
US8856640B1 (en) * 2012-01-20 2014-10-07 Google Inc. Method and apparatus for applying revision specific electronic signatures to an electronically stored document
US9542374B1 (en) 2012-01-20 2017-01-10 Google Inc. Method and apparatus for applying revision specific electronic signatures to an electronically stored document
US11748311B1 (en) 2012-10-30 2023-09-05 Google Llc Automatic collaboration
US9529916B1 (en) 2012-10-30 2016-12-27 Google Inc. Managing documents based on access context
US11308037B2 (en) 2012-10-30 2022-04-19 Google Llc Automatic collaboration
US9384285B1 (en) 2012-12-18 2016-07-05 Google Inc. Methods for identifying related documents
US9495341B1 (en) 2012-12-18 2016-11-15 Google Inc. Fact correction and completion during document drafting
US9514113B1 (en) 2013-07-29 2016-12-06 Google Inc. Methods for automatic footnote generation
US11681654B2 (en) 2013-08-27 2023-06-20 Google Llc Context-based file selection
US9842113B1 (en) 2013-08-27 2017-12-12 Google Inc. Context-based file selection
US20150067037A1 (en) * 2013-09-05 2015-03-05 Kabushiki Kaisha Toshiba Communication apparatus and communication method
US9529791B1 (en) 2013-12-12 2016-12-27 Google Inc. Template and content aware document and template editing
US20170048406A1 (en) * 2014-04-28 2017-02-16 Hewlett-Packard Development Company, L.P. Detecting signature lines within an electronic document
US10887479B2 (en) * 2014-04-28 2021-01-05 Hewlett-Packard Development Company, L.P. Multifunctional peripheral device detecting and displaying signature lines within an electronic document
US9703763B1 (en) 2014-08-14 2017-07-11 Google Inc. Automatic document citations by utilizing copied content for candidate sources
US10997407B2 (en) 2015-10-02 2021-05-04 Hewlett-Packard Development Company, L.P. Detecting document objects
US20180307852A1 (en) * 2015-12-30 2018-10-25 Xiaolin Zhang System and method for data security
US20170200244A1 (en) * 2016-01-07 2017-07-13 Adobe Systems Incorporated Systems and Techniques for Integrating Electronic Signature Platforms with Social Messaging Applications for Authenticated Electronic Documents
US20170308513A1 (en) * 2016-04-26 2017-10-26 RiskIQ, Inc. Techniques for web framework detection
US10346520B2 (en) * 2016-04-26 2019-07-09 RiskIQ, Inc. Techniques for monitoring version numbers of web frameworks
US11361149B2 (en) 2016-04-26 2022-06-14 Microsoft Technology Licensing, Llc Techniques for web framework detection
US10860715B2 (en) * 2016-05-26 2020-12-08 Barracuda Networks, Inc. Method and apparatus for proactively identifying and mitigating malware attacks via hosted web assets
US20170344743A1 (en) * 2016-05-26 2017-11-30 Barracuda Networks, Inc. Method and apparatus for proactively identifying and mitigating malware attacks via hosted web assets
US10218515B2 (en) 2016-08-26 2019-02-26 Microsoft Technology Licensing, Llc Evolving a signature during trust verification of an object
US10951422B2 (en) * 2017-02-22 2021-03-16 CTIA—The Wireless Association Mobile message source authentication
EP3709567A4 (en) * 2017-11-07 2021-03-24 SECUVE Co., Ltd. Electronic signature authentication system on the basis of biometric information and electronic signature authentication method thereof
US11281887B2 (en) 2017-11-29 2022-03-22 Vynca, Inc. Multiple electronic signature method
US11423164B2 (en) * 2018-05-21 2022-08-23 Vynca, Inc. Multiple electronic signature method
US11743027B2 (en) * 2019-10-08 2023-08-29 Johny Mathew Decentralized methods and systems for storage, access, distribution and exchange of electronic information and documents over the internet using blockchain to protect against cyber attacks and theft
US20210306133A1 (en) * 2019-10-08 2021-09-30 Johny Mathew Decentralized Methods and Systems for Storage, Access, Distribution and Exchange of Electronic Information and Documents over the Internet using Blockchain to protect against Cyber attacks and Theft
US11537669B1 (en) 2021-06-09 2022-12-27 Citrix Systems, Inc. Preparation of signature fields within electronic documents
US11586806B1 (en) * 2021-06-30 2023-02-21 Citrix Systems, Inc. Distributed electronic signature processing
EP4206961A1 (en) * 2021-12-31 2023-07-05 Lietuvos ir Vokietijos UAB "LIREMA" Method of signing a digital document combining a handwritten signature and electronic signing technology

Also Published As

Publication number Publication date
US20160099812A1 (en) 2016-04-07
US9954683B2 (en) 2018-04-24

Similar Documents

Publication Publication Date Title
US9954683B2 (en) Natural visualization and routing of digital signatures
US11294968B2 (en) Combining website characteristics in an automatically generated website
US20230050784A1 (en) Document processing service for displaying comments included in messages
US9286281B2 (en) Computer form action zone summary system and method
US8667383B2 (en) Unified electronic forms management system
US7721105B1 (en) Repurposing digitally signed information
CN103098047B (en) Systems and methods for distributed electronic signature documents including version control
US8495482B2 (en) Methods, systems, and computer readable media for automatically and securely citing and transferring electronically formatted information and for maintaining association between the cited or transferred information and back-end information
JP5009781B2 (en) How to automatically enable traceability of technical calculations
CN109740317A (en) A kind of digital finger-print based on block chain deposits card method and device
US20080037789A1 (en) Document Processing Device, Document Reading Device, and Document Processing Method
US10817662B2 (en) Expert system for automation, data collection, validation and managed storage without programming and without deployment
US20100174997A1 (en) Collaborative documents exposing or otherwise utilizing bona fides of content contributors
US9137237B2 (en) Automatically generating certification documents
US20230186241A1 (en) Generation method, storage medium, and information processing device
JP2011060286A (en) Paper-like forms processing system and method
US20230333715A1 (en) Processing electronic signature data in a collaborative environment
CN115115353B (en) Document content-based approval and approval content generation method and device
US20240037284A1 (en) Method and system for registering digital documents
US8812853B1 (en) Traceability for threaded communications
CN111401889B (en) Credit data processing method, device, equipment and medium based on block chain
WO2023152797A1 (en) Verification method, verification program, and information processing device
JP2007259222A (en) Electronic document exchanging system, and system server used for it
JP2005184052A (en) Electronic signature processing system with imprint
Chawathe Tracking Changes in Healthcare Documents

Legal Events

Date Code Title Description
AS Assignment

Owner name: MICROSOFT CORPORATION,WASHINGTON

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ALI, ALNUR;KIM, HYONG GUK;MALEK, ALEXANDER;SIGNING DATES FROM 20081014 TO 20081015;REEL/FRAME:024408/0007

AS Assignment

Owner name: MICROSOFT TECHNOLOGY LICENSING, LLC, WASHINGTON

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MICROSOFT CORPORATION;REEL/FRAME:034564/0001

Effective date: 20141014

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION