WO2001015382A1 - Legitimacy protection of electronic document and a printed copy thereof - Google Patents
Legitimacy protection of electronic document and a printed copy thereof Download PDFInfo
- Publication number
- WO2001015382A1 WO2001015382A1 PCT/SG1999/000086 SG9900086W WO0115382A1 WO 2001015382 A1 WO2001015382 A1 WO 2001015382A1 SG 9900086 W SG9900086 W SG 9900086W WO 0115382 A1 WO0115382 A1 WO 0115382A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- document
- seal
- content
- electronic
- digest
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
- G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
- G09C5/00—Ciphering apparatus or methods not provided for in the preceding groups, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
- H04L2209/608—Watermarking
Definitions
- the invention relates to secure electronic and printed documents and, more particularly, to a method and apparatus for providing integrated legitimacy protection of electronic and printed documents.
- the document authentication process is activated as part of a program that verifies the identicalness of the document at the transmitting and receiving station through a high speed comparison and locks in the document so that modifications cannot occur. The process then awaits authentication handshakes from the two end points. Once the identities of the signatories of the document are verified, the document authentication apparatus prompts the parties to authenticate the document by appending an electronic signature thereto.
- the actual "signing" or authenticating of the electronic document can be implemented as an additional password step utilizing a personnel identity validation apparatus. Therefore, two levels of password protection can be used such that there exists a separate "document authenticating password". The more sophisticated the system is the more assured a court can be that a document's authentication is valid. In this manner, no paper document version of the electronic contract need be produced. The traditional elements of a paper contract are all present in electronic form in the computer system.
- U.S. Patent No. 5,742,685 (issued to Berson, et. al. on 21 April 1998) describes a method for verifying an identification card and recording verification of the same.
- a person whom the identification card identifies is scanned to produce a digital signal associated with some text message, which is compressed, encrypted, coded as a 2-D barcode, and printed on the backside of the identification card.
- the coded message is scanned, decoded, and decrypted, expanded, and displayed.
- Authentication can be carried out by comparing the displayed image and text with the image and text printed on the card.
- Huttinger, Stephan, "Online Ticket” Computer Graphik, Vol. 11, pp. 9-10, Jan. 1999 describes an online ticket that is delivered to a customer, which is selected and paid via the Internet.
- a 2-D barcode is provided representing the data of the tickets and signature.
- a digital signature technique is used to prove the authenticity of the ticket.
- U.S. Patent No. 4,853,961 (issued to Pastor on 1 August 1989) describes a system for authenticating a document, including a device having a decryption key. Upon application to information provided by a user, the system reveals not only a plain text message indicating the source of the authentication but also provides the decryption key for use with the information provided by the mailer.
- US Patent No. 5,388,158 (issued to Berson on 7 February 1995) describes a secure document and a method and an apparatus for producing and authenticating the same. A document is scanned to produce a digital signal, which is compressed, encrypted, and coded as a two-dimensional barcode or like form of coding. The barcode is incorporated into a label affixed to the document.
- a signal representing the image is encrypted using a public key encryption system, and the key is downloaded from a center.
- the corresponding decryption key is encrypted with another key and incorporated on the card.
- the coded signal is scanned from the label, decoded, decrypted, expanded and displayed. The card may then be authenticated by comparison of the displayed representation of the image and the document.
- U.S. Patent No. 5,157,726 (issued to Merkle, et. al. on 20 October 1992) describes a system for authenticating a hard copy of an original document.
- the original document and an identification (ID) card are inserted into a special copying machine.
- the machine digitizes the document text to produce a digital signature, which incorporates unique information from the sender's ID card.
- This machine produces a hard copy of the document, to which is added the digital signature.
- the sender retains the original, but forwards the copy to the recipient or receiver.
- the receiver inserts the received copy into the machine at his location, which digitizes and processes the document text and signature and indicates whether the digital signature is valid.
- 5,710,886 (issued to Christensen, et. al. on 20 January 1998) describes a method for distributing, generating, and redeeming discount coupons, rebate or gift certificates.
- the method tracks each coupon using a consumer ID number printed on the coupon.
- Coupons may be distributed electronically, for example, in the form of a diskette or CD-ROM software.
- Software on the diskette or CD-ROM may prompt a consumer to call a 1-800 number for a validation number or code.
- telemarketing personnel request consumer demographic and or identification information, which can be entered into a centralized database.
- a consumer may print out selected coupons.
- Each coupon can be printed only a limited number of times.
- Each coupon can also be imprinted with a consumer ID number, preferably in the form of a bar code.
- the patent states that "the use of a consumer ID number on the coupon may reduce or prevent the fraudulent copying and redemption of coupons".
- the techniques for electronic document authentication are not user- friendly. In other words, the techniques do not make the electronic document tangible or easily comprehendable to users.
- An encryption key or 2-D barcode is not directly readable by users, and the users do not know whether the document or item is authorized and by whom the document is authorized.
- technologies are not known to exist that provide an integrated solution for both electronic and printed document. This is critical for mission-critical applications, either for business or daily life. With an integrated solution, the benefit of high-speed delivery via the Internet and an Intranet can be enjoyed, while keeping the convenience and tangibility of a paper document.
- the protection provided by these techniques is not personalized. This is also important for legal and business document, where each person would be interested in protecting or being responsible for the content of his/her part.
- U.S. Patent Nos. 5,742,685 (issued to Berson, et. al. on 21 April 1998), 4,853,961 (issued to Pastor on 1 August 1989) and 5,388,158 (issued to Berson on 7 February 1995) disclose methods or systems for protecting electronic or paper document using cryptographic technique.
- these systems have a number of disadvantages including: 1) The methods or systems only provide a solution for an electronic or paper document only; 2) The methods or systems are based on cryptographic techniques, which are secure for an electronic document, but are not tangible and convenient to users in many applications. A paper document is still preferable for many applications and preferred by many people;
- the aspects of the invention seek to provide an integrated method of protecting the legitimacy of electronic document and a corresponding printed version. This is implemented by user-friendly e-seals. The protection is personalized using a personal e-seal. Documents with multiple signers can be effectively and efficiently protected and verified.
- an electronic document for reproduction of a corresponding printed document capable of having the legitimacy of the electronic document protected, the printed document being a printed version of the electronic document
- the electronic document including: content of an original document in electronic form; a content digest for the content the original document in electronic form; an electronic seal or e-seal for authenticating the original document in electronic form, the e-seal including a visible seal of an authority and the content digest embedded in the visible seal; an optically sensitive or sensible component added to the authenticated document for printing using a trusted printing process, the optically sensitive or sensible component containing information for indicating copying or modification of the printed document in a copy or modified version of the printed document.
- a printed document reproduced from an electronic document capable of having the legitimacy of the printed document protected the printed document being a printed version of the electronic document
- the printed document including: rendered content of an original document; an electronic seal or e-seal for authenticating the original document rendered in the printed document, the e-seal including a visible seal of an authority and a content digest for the content of the original document embedded in the visible seal; an optically sensitive or sensible component rendered in the authenticated document using a trusted printing process, the optically sensitive or sensible component containing information for indicating copying or modification of the printed document in a copy or modified version of the printed document.
- a method of protecting the legitimacy of an electronic document and a corresponding printed document the printed document being a printed version of the electronic document
- the method including the steps of: generating a content digest for an original document in electronic form; authenticating the original document in electronic form using an electronic seal or e-seal, the e-seal including a visible seal of an authority and the content digest embedded in the visible seal; adding an optically sensitive or sensible component to the authenticated document for printing using a trusted printing process, the optically sensitive or sensible component containing information for indicating copying or modification of the printed document in a copy or modified version of the printed document.
- an apparatus for protecting the legitimacy of an electronic document and a corresponding printed document the printed document being a printed version of the electronic document
- the apparatus including: means for generating a content digest for an original document in electronic form; means for authenticating the original document in electronic form using an electronic seal or e-seal, the e-seal including a visible seal of an authority and the content digest embedded in the visible seal; means for adding an optically sensitive or sensible component to the authenticated document for printing using a trusted printing process, the optically sensitive or sensible component containing information for indicating copying or modification of the printed document in a copy or modified version of the printed document.
- a computer program product having a computer usable medium having a computer readable program code means embodied therein for protecting the legitimacy of an electronic document and a corresponding printed document, the printed document being a printed version of the electronic document
- the computer program product including: computer readable program code means for generating a content digest for an original document in electronic form; computer readable program code means for authenticating the original document in electronic form using an electronic seal or e- seal, the e-seal including a visible seal of an authority and the content digest embedded in the visible seal; computer readable program code means for adding an optically sensitive or sensible component to the authenticated document for printing using a trusted printing process, the optically sensitive or sensible component containing information for indicating copying or modification of the printed document in a copy or modified version of the printed document.
- a system utilising a network for protecting the legitimacy of an electronic document and a corresponding printed document, the printed document being a printed version of the electronic document
- the system including: means for generating a content digest for an original document in electronic form; means for authenticating the original document in electronic form using an electronic seal or e-seal, the e-seal including a visible seal of an authority and the content digest embedded in the visible seal; means for adding an optically sensitive or sensible component to the authenticated document for printing using a trusted printing process, the optically sensitive or sensible component containing information for indicating copying or modification of the printed document in a copy or modified version of the printed document.
- a system for protecting the legitimacy of an electronic document and a corresponding printed document including: means for generating an authenticated electronic document, the authenticated electronic document including content of an original document in electronic form, an electronic seal or e-seal for authenticating the original document in electronic form, the e-seal including a visible seal of an authority and a content digest embedded in the e-seal; means for generating an optically sensitive or sensible component added to the authenticated electronic document for printing using a trusted printing process, the optically sensitive or sensible component containing information for indicating copying or modification of the printed document in a copy or modified version of the printed document; means for verifying the legitimacy of the authenticated electronic document; means for printing the authenticated electronic document and the optically sensitive component using the trusted printing process dependent upon the verifying means to provide an authenticated printed document.
- a method for protecting the legitimacy of an electronic document and a corresponding printed document including the steps of: generating an authenticated electronic document, the authenticated electronic document including content of an original document in electronic form, an electronic seal or e-seal for authenticating the original document in electronic form, the e-seal including a visible seal of an authority and a content digest embedded in the e-seal; generating an optically sensitive or sensible component added to the authenticated electronic document for printing using a trusted printing process, the optically sensitive or sensible component containing information for indicating copying or modification of the printed document in a copy or modified version of the printed document; verifying the legitimacy of the authenticated electronic document; printing the authenticated electronic document and the optically sensitive component using the trusted printing process dependent upon the verifying step to provide an authenticated printed document.
- a computer program product having a computer usable medium having a computer readable program code means embodied therein for protecting the legitimacy of an electronic document and a corresponding printed document
- the computer program product including: computer readable program code means for generating an authenticated electronic document, the authenticated electronic document including content of an original document in electronic form, an electronic seal or e-seal for authenticating the original document in electronic form, the e-seal including a visible seal of an authority and a content digest embedded in the e-seal; computer readable program code means for generating an optically sensitive or sensible component added to the authenticated electronic document for printing using a trusted printing process, the optically sensitive or sensible component containing information for indicating copying or modification of the printed document in a copy or modified version of the printed document; computer readable program code means for verifying the legitimacy of the authenticated electronic document; computer readable program code means for printing the authenticated electronic document and the optically sensitive component using the trusted printing process dependent upon the computer
- a method of trusted document delivery via a network including the steps of: establishing a secure communication link between parties at one or more locations; verifying the identity of each party; providing means for a party to sign an original document; protecting the legitimacy of a signed document in electronic form, the protected signed document including content of an original document in electronic form, a content digest for the content of the original document in electronic form, and an electronic seal or e-seal for authenticating the original document in electronic form, the e-seal including a visible seal of an authority and the content digest embedded in the visible seal; sending a protected, signed electronic document from a sending party at a first location to a receiving party at a second remote location of the network; notifying the receiving party of the sent protected electronic document; receiving the sent protected electronic document at the second remote location of the network; and sending a receipt of the sent protected electronic document to the sending party at the first location.
- Figs. 1A-1C are greyscale images illustrating an example of an e-seal and the roles of the e-seal's components in file protection in accordance with the embodiments of the invention
- Fig. 2 is a block diagram illustrating a content definition scheme for documents with multiple signers in accordance with the first embodiment of the invention
- Fig. 3 is a greyscale image provided as an example of watermarking a seal image (i.e., the Lina image) using binary coding to embed the document digest in spatial domain in accordance with the embodiments of the invention;
- Fig. 4 is a block diagram illustrating the layout of a document having electronic seal (e-seal) protection in accordance with a first embodiment of the invention
- Fig. 5 is a block diagram illustrating a process of electronic document authorization using an e-seal in accordance with the first embodiment of the invention
- Fig. 6 is a block diagram illustrating a verification process for an electronic document in accordance with the first embodiment of the invention
- Fig. 7 is a block diagram illustrating a printing process for converting an electronic document into a printed version in accordance with the first embodiment of the invention
- Fig. 8 is a block diagram illustrating a verification process for paper document in accordance with the first embodiment of the invention.
- Fig. 9 is a diagram symbolically illustrating a service center for certification/notarisation in accordance with the embodiments of the invention.
- modules Components of the system are described as modules.
- a module and in particular the module's functionality, can be implemented in either hardware or software.
- a module is a process, program, or portion thereof, that usually performs a particular function or related functions.
- a module is a functional hardware unit designed for use with other components or modules.
- a module may be implemented using discrete electronic components, or it can form a portion of an entire electronic circuit such as an Application Specific Integrated Circuit (ASIC). Numerous other possibilities exist.
- ASIC Application Specific Integrated Circuit
- the embodiments of the invention provide an integrated document legitimacy protection system, including four products/services providing speedy delivery of trusted electronic and paper documents via the Internet and/or an Intranet, and certification/notarization services.
- the embodiments provide methods and products for legitimacy protection of an electronic and printed documents using an electronic seal, or "e-seal”.
- the e-seal is a visual representation of a person's authentication of the document, and includes three major components: 1) a visible seal providing a visual identity of the person, which can be an image containing a logo, a real seal, a signature of the person, or a combination of them (with an e-seal people immediately know who authorized the document); 2) a watermark, embedded into the seal images to protect the integrity of the document and the watermarking information contains digest of the document content protected by cryptographic operations. Any modification of document content creates inconsistency between the content and the e-seal.
- a novel digest derivation algorithm is utilised, which generates a similar digest for electronic and paper versions of a document;
- an optically sensitive component is added to the printed document on the fly by a special printing method, controlled by a trusted party, to verify that the document's legitimacy before printing.
- the optical sensitive component protects the original printed document from possible forgeries, such as cut-and-paste and duplication by photocopying and rescanning. With the optically sensitive component, the verification can be done visually with simple or commonly available devices.
- the embodiments of the invention include four products/services, including trusted document delivery, electronic certification/notarization, an electronic check or negotiable instrument, and signing of an official document by multiple parties.
- the method, product, apparatus, computer program product system can be applied to different types of documents.
- the embodiments of the invention offer three levels/types of protection.
- a visible seal provides low level protection to warn people that the document is authorized and protected.
- the watermark provides secure protection from possible unauthorized modification of the document's content.
- the optical sensitive component provides effective protection for the printed document with simple and off-line visual verification.
- the embodiments are very user-friendly. People can deal with an electronic document in a way similar to an ordinary paper document. More advantageously, the embodiments provide an integrated solution for both an electronic document and a corresponding printed version. This is important because both an electronic version and a paper version of a document have their advantages, and both types of document are required in many applications. The integrated solution is, therefore, a key feature for mission critical applications.
- the controlled, trusted printing method which verifies the document's legitimacy before printing and adds the optical sensible component on the fly, bridges electronic and printed document and effectively prevents these documents from attacks such as a screen dump and cut-and-paste.
- an electronic seal or e-seal in accordance with the embodiments of the invention includes a visible image identifying a person's authentication of a document.
- the e-seal represents effective and efficient protection regarding the integrity of the document.
- Figs. 1A-1C illustrate an example of an e-seal in accordance with the embodiments of the invention.
- Each e-seal preferably has three components: a visible or seal image, a watermark containing a digest of the content of a document, and an optically sensitive or sensible component.
- Fig. 1 A shows an e-seal 110, which can be attached to, or inco ⁇ orated in, an electronic document (not shown).
- the e-seal 110 is depicted in a black- line rectangle.
- the e-seal 110 includes an image of a person's signature 110A (Jiankang Wu) acting as a visual identifier of the signer of the document.
- the visible seal 110A is kept in digital image format.
- Other visible images 110A besides a person's signature may be practised without departing from the scope and spirit of the invention.
- the visible image 110A may be a document header, a logo, an image of a person's face, a graphical symbol, and the like.
- the visible image 110A is preferably watermarked with information about the owner of the visible seal 110A to protect the ownership of the visible seal 110A.
- the e-seal 110 also includes a watermark HOB appearing as a noise-like strip under the image of the signature 110 A.
- the watermark HOB conveys the digest of the document's content (i.e., the information contained in the document including text, images, and the like) to protect the integrity of the document.
- the digest of content is described in greater detail hereinafter.
- Fig. IB illustrates a corresponding e-seal 120 rendered on a printed document (not shown) and again depicted within a black-line rectangular box.
- the e-seal 120 includes a visible seal 120 A and a watermark 120B containing the digest of the document's content.
- Fig. IC is a depiction of an e- seal 130 in a photocopy of the original printed document containing the e-seal 120 of Fig. IB. In Fig.
- the photocopied e-seal 120 has changed appearance so that an imperceptible portion of the optically sensitive component 120 is now perceptible (i.e., the signature of Jiankang Wu) in the photocopied e-seal 130.
- a visible seal can be viewed as a user- friendly interface and a visual identity of an authority.
- Huttinger, Stephan, "Online Ticket", Computer Graphik, Vol. 11, pp 9-10, January 1999 discloses a two-dimensional (2-D) bar code for authorization of document, which is an easily detectable code of encrypted information.
- a bar code is a printed binary code, which can be detected by a bar code reader with a very low error rate, but is not readable by a human being. That is, with a bar code on a document, who the document is authorised by is not known, and a user cannot determine if the bar code is a valid one or not without a testing device.
- An authority either an organisation or individual, often has a unique "seal", which can be a logo, a signature, or the like.
- the image of the foregoing is the visible seal component of the e-seal.
- an invisible watermark is preferably embedded into the seal image.
- the invisible watermark information may include, but is not limited to, the name of the owner and the date of generation of the seal. Other information may be included in the seal image. If the watermarking process is not invertible, another person cannot pretend to be the owner.
- Image watermarking for copyright protection is discussed in Cox, Ingemar J., and Miller, Matt L., "A Review of Watermarking and the Importance of Perceptual Modeling", Proc. Of Electronic Imaging '97, February 1997.
- a seal image can be locked by the owner using, for example encryption, and stored in a secure place.
- the owner unlocks the seal image and uses the seal image to sign a document. Access to and unlocking the seal image can be done using a password, a smart card, or biometrics.
- the second type of applications are those where documents are transferred among multiple parties. Examples include electronic legal document, and official documents in government or large companies. There may be multiple persons initiating the document and a need exists for a trusted third party issuing keys.
- the word "key” includes a piece or set of information, with which a message or device can be transferred from one state to another by a specific function.
- a security key can be used to encrypt a message.
- a set of eigenfaces being a face image mapped into a small dimension feature vector can be used.
- watermark information can be embedded into an image with a secret address.
- a security key, eigenfaces and an embedding address can be all referred to as "keys" and are merely illustrative. Numerous other possible key exist and will be appreciated by those skilled in the art.
- the embodiments of the invention seek to protect document content from possible tampering and/or unauthorised use. Therefore, defining the document content in the protection process is of significant importance, especially for those documents signed by multiple persons.
- the content of the document refers to all information contained in the document at the time of signing (i.e. applying an e-seal to the document), including layout and format.
- the content is defined as content with respect to a particular signer.
- a first example is where the contract is signed by two parties. In a first round, both parties sign a plain document, being one of two copies of a contract. The contract content is the content of the document. In a second round, each party signs the other document that is already signed by the other party. In this case, the content of the document includes the signature the other party.
- Fig. 2 shows a second example illustrating the idea of content definition with respect to a particular signer of the document using a three signer example.
- a document 200 containing initial content 222 is initiated and signed by a first person, and sent to a second person.
- the second person signs the document and sends it to a third person.
- the content 222 of the document 200 seen is the whole information contained in the original document, shown as box 222.
- the document content 220 with respect to that person should include the content 222 of the original document 200, the first person's signature 224 and the second person's addition 226 (such as comments) to the document.
- the content 230 of the document 200 includes the original document 222, the signatures of the first person (224) and second person, addition to the document by the second person 226 and the third person 236.
- the signature of the person is implemented as e-seal. This can be formally written as:
- the digest of the document content is embedded into the e-seal of the person when the document is signed by that person.
- the embodiments of this invention work for both electronic and printed paper versions of a document.
- the "digest” of the document content is able to be readily derived from both the electronic and paper versions of the document, and the derived digests are the same or quite similar.
- the "digest" of a document's content can be defined as a condensed representation of the document having a size sufficiently small so the digest can be embedded into the e-seal image.
- the digest generation function There are two important desired properties for the digest generation function. Firstly, the digest must be sensitive to content changes, including changes that may be quite small. Secondly, desirably the digest is sensitive to spatial locations so that the location of changes can be detected as well.
- digest M (Content)
- Digest M(Key, Content)
- M stands for a mapping function
- Key is a secret value shared between the issuer and the verifier.
- a message digest can be generated using a secure hash algorithm. For a digest 128-bits long, approximately 2 12S messages must be tried before finding two that have the same digest C. Kaufman, R. Perlman and M. Speciner,
- a cryptographic digest is also applicable to a document with text content where optical character recognition (OCR) works well to convert a paper document to electronic form.
- OCR optical character recognition
- To generate a "location-dependent" digest the text can be divided into several blocks, and a small size digest is generated for each block. The final digest integrates all of the small size digests.
- a secure hashing algorithm is a pseudo-random mapping function.
- a single bit error in the content may result in a large difference between the digests. Therefore, the content of the document must be error- free during transmission, storage, and format conversion.
- a simple digest of a document (e.g. degree certificate) can be derived by selection of a few key document items including the recipient, the name of the school, the name of the degree, and the date. Also, a simple way to verify both electronic and paper certificates is to manually input those items.
- the content of a picture has a different form when compared with text.
- the representation of the text is exact.
- a one bit change in the content of text results in differences of the text and, possibly, changes of meaning as well.
- the interpretation of picture is not precise.
- the content of a facial image may not change even if the image data is reduced from 8 bits per pixel to 4 bits per pixel. Therefore, a "feature measure" can be used to represent the content of a picture.
- Feature measures are extracted from a picture to capture the most salient features of the image.
- a typical example of feature measures for facial images is the eigenface. A. Pentland, "Eigenface for recognition", Journal of Cognitive Neuroscience, Vol.
- the feature measure concept can be extended to derive a digest for a non-raster data format (e.g. a symbolic representation for graphics and category or dictionary-base representation for text and table). For example, assume that a doctor did a medical check for a person. Since there are typical cases/categories and standard descriptions, those categories can be coded, the and use code number can be used to create a digest for the medical check up document.
- a non-raster data format e.g. a symbolic representation for graphics and category or dictionary-base representation for text and table.
- a document is in raster format. That is, the electronic document is converted to raster data format, a paper document is to be scanned in as raster data format, and multiple pages of the document are concatenated as one raster image.
- the method includes the following steps:
- Step 1 An appropriate block size is chosen. Principally, the block can be of any shape and size. However, usually a block is chosen to have a square shape. The size of the square can be of 4X4, 8X8, 16X16, or 32X32 pixels, depending on the image size of the document, the digest size of the e-seal to be embedded, and the required protection accuracy.
- Step 2 Each block is classified into one of a number of predetermined classes. The classification can be done in either the spatial or transform domain using either original block data or measures extracted from the block. For example, if vector quantization method is adopted, the block must be matched against a pre- determined codebook. This can be also viewed as classification.
- the blocks are transformed into the Cosine transform domain.
- Texture energy, directionality, fineness and dispersion measures can be derived for each block.
- the block is classified into one of, say, 16 classes (16 is merely illustrations and both larger and smaller numbers of classes can be practised).
- the block data in Cosine transform domain is represented as F(u,v),or,F(r, ⁇ )
- the four measures are defined as follows:
- Step 3 The digest of the document is determined or formed to be an anay of class labels.
- Step 4 For a document to be verified, a document image is processed the same way, using the same class parameters (or code book) as in step 2 to derive the digest. The derived digest is matched against the embedded digest. Class label changes of blocks indicate that modifications have occurred in those blocks.
- Class definition (or codebook determination) is an important aspect of this method and can be defined for each individual document, or for a group of documents. If blocks are classified in the spatial domain, the class definition is similar to defining a code book in vector quantization. As an example, consider a class definition in the Cosine transform domain as follows: • Step 1: Choose an appropriate block size. Collect document images that can represent the group of document the classes definition apply to.
- Step 2 For all document images, transform each block into Cosine transform domain and extract measures to represent characteristics of those blocks.
- Step 3 Decide the number of classes n_cls, according to the tolerance of modifications of the application: the more classes, the smaller are the modifications that can tolerated.
- Step 4 Use a clustering algorithm (e.g. K-Mean) to cluster all blocks into n_cls clusters.
- Step 5 The class definition for the given document image data set is made up of cluster centers and cluster labels.
- the digest of a document content is embedded into the e-seal in the form of a watermark.
- the watermark is used to verify the authenticity of the document content.
- the authenticity of the digest is protected through cryptographic means before the digest is embedded into the watermark.
- A) Authenticity protection of the digest using symmetric key encryption can be used.
- s is a secret key shared between the issuer and the verifier.
- E(s, Digest) denotes the encryption of a Digest under the key s
- D(s, Ciphertext) is decryption of Ciphertext under the key _>.
- Digest M(Content”); iv) Compare the Digest ' with Digest “. and if the "distance" between Digest ' and Digest” is within a pre-defined threshold, accept the document as authentic; otherwise reject the document.
- MAC Message Authentication Check
- Authenticity protection of the digest can be provided using a digital signature, s and/? are the private and public key pair of an issuer for a given digital signature scheme.
- SIG S(s, Digest).
- digital signature schemes digital signature schemes with an appendix and digital signature schemes with message recovery. Without loss of generality, the latter type of digital signature schemes is assumed in the description below. Examples of such schemes are RSA, Rabin, and Nyberg-Rueppel. Generalization to the former type of digital signature schemes is straightforward for those skilled in the art. Further, the verifier is assumed to obtain the public key of the issuer in an authentic manner.
- approaches A) and B) are suitable for situations where the issuer and the verifier trust each other, while approach C) can be used in situations where the issuer and the verifier do not trust each other.
- a spatial domain embedding method may be more preferable than a spectrum domain technique.
- the spatial domain method is simple and has a large capacity.
- the embodiments of the invention can utilise, but are not limited to, a simple technique shown in Fig. 3.
- the digest 300B is embedded in a region of the e-seal image 300 A.
- Part of the boundary of the watermark region 300B is the boundary of the original image content 300.
- the boundary 300B is recorded in the document file so as to facilitate watermark extraction in the verification process. This boundary is "content-dependent" and closely couples the watermark 300B and the seal image 300A.
- the watermark region 300B can be of any shape and at any location, depending on the needs of the application, as long as the watermark region does not affect the perception of the major image content 300 A.
- the digest 300B is coded as binary modulation of S component in HSV color space in Fig. 3. Other possible modulations to other components or in other color space are also valid.
- an error correction code can be used or the digest can be encoded with more pixels.
- the visible e-seal provides an immediate warning to people regarding document legitimacy protection.
- the optical sensible component provides secure protection for a printed document and easy verification by means of standard optical devices, such as a special lens or a commonly available device including a photocopier.
- optically sensible components can be applied in the embodiments of the invention.
- either of two methods for embedding optical sensible component into a document can be used:
- the secure elements can be embedded into these holes and later detected by an optical lens specially designed to match this particular class of document.
- the visual elements of the document can be modulated to make the document sensitive to a particular lighting scan along a pre-defined direction by either increasing the resolution or changing the color of the document.
- the detector can be a commercially available photocopier or scanner.
- Fig. 4 depicts the layout of a one page document400, including a content region 420 and two e-seal parts: a logo 410 and signature 430 (and preferably a serial number).
- the content region 420 can be further subdivided into several regions, each of which may contain different media, such as text, graphics, a table and/or a picture.
- Landmarks or Frames for Easy Location Frames 410, 420, 430 can be added as landmarks for the easy location of content 420 and e-seal regions 410, 430.
- Other forms of a landmark can be used instead of frames without departing from the scope and spirit of the invention.
- a typical example is a formal document 430, which includes two parts: a formal document header 410, and a signature and/or a seal 430 of an organization.
- the document header 410 may contain the name and logo of the organization. Classification and serial number of the document are usually printed in a place near the header as well. However, this can be part of the content 420 preferably.
- the visible information is embedded as watermark into the logo image 410 for protection.
- a paper document to be a valid document must contain both a header and one or more signatures.
- it is desirable that all images in the e-seal are watermarked to protect the ownership, although this need not be the case.
- an e-seal can be inserted to every page.
- a page number (numbered as current number - total number) is included in the document and considered as to be part of document content.
- a file containing necessary information is created and stored for further reference.
- the information contained in the file includes a key for authenticity protection of the digest and/or embedding, the size of the e-seal, parameters for an optically sensible component, the names of the signing persons, and the like.
- the file is stored with an authority or a trusted third party. A verification process can access the file.
- Fig. 5 illustrates the protection process for an electronic document according to a first embodiment of the invention.
- the person needs to unlock the person's e-seal 534 using either a password or biometrics (fmge ⁇ rint, face, etc).
- verification module 510 for the verification of a previous e-seal is not applied to the electronic document or e-document 510 and the digest of the document content is generated by digest generation module 520, either with a key or without a key.
- a key is obtained to encrypt the digest if necessary.
- Address and parameters are chosen as a key 532 provided to the watermark embedding module 530 to embed the digest (as well as the time when the watermark is embedded) as a watermark into the e-seal image 534 and provide authentication of E-document file 542. Landmarks for easy location of e-seal and content can be added.
- the final module 540 of the process includes or adds information including the e-seal to the electronic document 512 and adds landmarks for verification and printing to provide an authenticated E-document 542 and an E-document file 544.
- module 510 In case of multiple signing persons, at the time of the n th signing person, verification is conducted using module 510 to validate all previous e-seals. The person's additional information is added to the document, a digest derived with respect to that person, and the digest encrypted and embedded. Information relating to the signing (adding the e-seal of that person) is added to the file of the electronic document.
- the content of the document includes main content, classification number, serial number, page number and all other information contained in the document.
- Fig. 6 illustrates the verification process for an authenticated electronic document 542 containing an e-seal and the corresponding electronic file 544 as input.
- the e- seals are located and verified by module 610.
- the watermark of each e-seal is extracted and decrypted to get the original digest.
- the digest of the content with respect to each e-seal is extracted from the electronic document, and compared with the digest extracted from the e-seal by module 620.
- the verification is successful if there is no difference or the difference is under a predefined threshold.
- validation of the e-seal image may be required to check the true ownership (of the e-seal) by extracting the copyright protection watermark in module 630 to produce verification result 644. If the verification result 644 is "Yes” or “true”, this indicates that the authenticated electronic document is an original. If the verification result 644 is "No” or “false”, this indicates that the document is not an original or is a forgery and the forgery is likely located at location (x,y).
- Printing of an electronic document 542 to get an authenticated printed copy 734 is controlled by the printing method shown in Fig. 7.
- the legitimacy of the electronic document is verified by verification module 710. If the verification is successful, an optical sensible component is added (preferably with a copy number) by adding module 720.
- the document is then printed by module 730.
- a serial number of the printed copy can be added to the document file, as well to the printed copy.
- the optical sensitive component is added to the e-seal of the last signer, which provides overall protection of the document including previously signed e-seals.
- a valid printed document can be only generated by the printing method of Fig. 7. This ensures that people cannot edit and then print the electronic document using any printing functions. By controlling the usage of the printing function, the legitimacy of the printed document can be secured to a large extent using the optically sensible component.
- On-line control A user logins on through a secure network and requests printing of a particular electronic document. After successful user verification by the authority or the trusted third party, the authority or trusted third party verifies the document and sends the printing function together with necessary data over to the user's site. The printing function prints the document on the user's printer. The document being printed, the portion of the data that has been printed already can be destroyed as the printing process is in progress. This can be done by erasing the memory containing that data portion progressively.
- Verification and printing agent An authorized agent may have a special printing device.
- the printing device can be either on-line connected to the authority or off-line. In the off line case, data and functions are preloaded into the device. The device prints out the document when a user is authorized. When the device runs in an on-line mode, the process is similar to the first approach. Partial data and function can be stored with the device depending upon the degree of security the device has.
- the verification starts with a printed document 734 to be verified, together with certain information about the document contained in a file of the document 544.
- the difference in verification of the electronic and paper document 644, 734 is that the paper document 734 can be verified by visual inspection, and the paper document 734 has to be scanned to convert it to digital form before the paper document can be verified the same way as electronic document 544.
- the first level of verification is the visual inspection of the e-seals by module 810
- the second level verification is the verification of the optically sensible component by module 820.
- the verification device again can be a simple optical device, such as a special lens or an ordinary photocopier.
- the verification process can stop at module 810 or 820 if the verification result is "OK" and the level of verification is acceptable.
- the third level verification is to scan the paper document to convert it back to a digital form using a scanning module 830.
- the digital document obtained by scanning is in its raster data format, which is different from the original electronic document where text, graphics and tables are coded in their usual way. Noise and other distortion may be added to the e-seal images and picture content although they are originally in raster format. Therefore, the watermark extraction module 840, and the digest extraction module 850 should tolerate distortion and format differences. If an application chooses to use selected items as digest of the content, manual inputting of the selected items may work well for both electronic and printed documents 544, 734.
- the first setting involves the sender's organization being an authorized identity and having set up a computer system, with the functionality described above:
- the sender prepares an electronic document by either editing an electronic document or scanning in a paper document.
- the sender then logs into to the organization's computer system, gets authorized, unlocks the person's e-seal, signs the document, and sends the document to the recipient while specifying if the server wants the recipient to receive the document in electronic and/or paper format.
- the recipient receives a notification (organization-organization or organization-individual) or when the recipient requests a document (tickets, coupon, gazettes, receipts...)
- the recipient logs into the sender's system, gets the electronic document, and/or prints out the paper document.
- the printing function from the sender's system is invoked, and the sender's e-seals and optical sensitive component are added to print a trusted copy.
- the second settings involves a document being sent through a service center: 1) The sender prepares an electronic document by either editing an electronic document or scanning in a paper document. The sender logs into a service center, gets identified, unlocks the person's e-seal, signs the document, and sends the document to the recipient while specifying if the sender wants the recipient to receive the document in electronic and/or paper format. 2) When the recipient receives a notification (organization-organization or organization-individual) or when the recipient requests a document (tickets, coupon, gazettes,...), the recipient logs into the service center, gets the electronic document, and/or prints out the paper document.
- a notification organization-organization or organization-individual
- the recipient requests a document tickets, coupon, gazettes, etc.
- the printing function from the service center is invoked, and the sender's e-seals and optical sensitive component are added to print a trusted copy.
- the service center can add a notarization seal and optical sensitive component to certify the true copy.
- the product of certification and notarization here applies to all types of documents, including, but not limited to, birth certificates, maniage certificates, degree certificates, and official letters. Degree certificates are used as an example in the following description.
- the embodiment of the invention is directed to the framework and technologies for operation of a certification/notarization service center.
- the service center 910 shown in Fig. 9 provides on-line services to document issuers 930 (e.g. the university the student obtained the degree from), document owners 920 (graduates), and document recipient 940 (the university the student is applying for a higher degree admission). Processes for various requests are as follows:
- an owner 920 requests an electronic degree certificate through the service center 910 with the indicated issuer 930 and the following steps are performed: 1) An owner 920 logons to the webpage of the service center 910, gets registered if not yet already done, and fills in a request form. 2) The service center 910 communicates with the issuer 930 about the request and arranges business links between the service center 910 and the issuer 930 if not yet already done.
- the issuer 930 connects to the service center 910, issues an electronic degree certificate for that owner 920, and sends the certificate to the owner 910 through the service center 910.
- the service center 910 keeps a record of the certificate, which is collected during the issuing process and is enough for the verification service. 5)
- the owner 920 can choose to either keep the e-certificate, or rent a secure deposit box to keep the certificates in the service center 910.
- an alternative way is that the owner 920 brings in a paper document (degree certificate) to the service center 910 and requests an electronic certificate service, which includes the following steps:
- the service center 910 verifies the legitimacy of the paper document with the original issuer 930 on its capacity, converts the paper document to electronic form, signs on the electronic version and assigns a trust level to the document.
- the trust level can be high if verified with the original issuer.
- the service center 910 keeps a record of the certificate.
- the owner 920 can choose to either keep the e-certificate, or rent a deposit box to keep certificates in the service center 910.
- an owner (student) 920 requests to send an electronic document (degree certificate) to a recipient 940 (the university the student is applying for a higher degree study) and includes the following steps.
- the owner 920 logs into the webpage of the service center 910 and fills in a request form.
- the service center 910 verifies the electronic document and sends the document to the recipient 940 together with service center's e-seal and security statement (level of trust). 3)
- the service center 910 notifies the owner 920 of the status when the recipient 940 has collected the electronic document.
- a party can request the service of document legitimacy verification including the following steps:
- the service center 910 checks for the record of the document and carries out the verification. If there is no record, the service center 910 contacts the issuer 930 for verification, and then puts the service center's e-seal into the document together with a security statement.
- the service center 910 keeps a record of that document and sends back the electronic document to the registered party.
- the service center 910 receives a request to print a hard copy of an electronic document either from an owner 910 or another party.
- the service center 910 performs verification on the electronic document, assigns a trust level to the document, and prints a copy together with the center's e-seal and a dedicated optical sensitive component.
- the service center 910 receives a request for legitimacy verification of a printed copy involving the following steps:
- the service center 910 verifies the validity of the e-seals by visual inspection.
- the service center 910 verifies the validity of the optically sensitive component. 3) The service center 910 scans in the paper document, and verifies the document legitimacy by checking the document content digest and ownership of the e-seal (if necessary).
- the service center 910 need only keep a record of the document that is necessary for verification services.
- the record is created and the data is collected when the document is signed using the services provided by the service center 910. That is, the service center 910 does not keep a copy of the whole document.
- the authority of the issuer 920 is well respected, and the privacy of the owner is protected.
- the deposit box is protected by the user.
- the service center 910 does not have any right to access the content of the deposit box.
- the owner 920 of the certificates can choose to send the e-certificates to anyone directly.
- the service center 910 is advantageous for a number of reasons:
- Checks or negotiable instruments are used and prefened by many people to pay their bills.
- the parties involved are a payer, a payee, a payer's bank, a payee's bank and the service center.
- An electronic check services product is as follows: Firstly, the payer issues a check involving the following steps:
- the payer logs on to the service center 910 through the center's webpage.
- C) The payer fills in the form for payment and signs the form using the same means as with the bank (pin, finge ⁇ rint, face, or others).
- the form includes information about the payer's bank and bank account, the person's name and identification number, the payee's name, amount, and the date of the payment.
- D) The service center 910 links to the payer's bank for validation.
- the service center 910 signs the check with both the payer's and service center's e-seals and sends the check to the payee.
- the service center 910 After the payee picks up the check, the service center 910 notifies the payer.
- the payer can choose to print out the check using the printing function provided by the service center 910, and personally give the check to the payee.
- the printed check has security feature of the payer's bank, the signature of the payer, the seal and optical sensitive component from the service center 910 and is trusted.
- the payee can send the check to payee's bank, and the bank scans in to read any required information from the check, and sends the information to the service center 910.
- the service center 910 verifies the check with the original form filled in by the payer.
- the service center 910 sends the check to the payee's bank with verification result.
- the payer's bank accepts the check and commits the transfer on the due date indicated in the check.
- H) In case of check refusal by the payer's bank, the payer's bank signs on the check for refusal.
- the service center 910 notifies the payer, payee, and payee's bank together with a copy of the check singed for refusal.
- I) For all cases, if a printed copy is requested by the payer, the payer's bank, the payee and the payee's bank, the service center verifies the check with the original form, adds an optical sensitive component that designed for that check, and prints a paper copy.
- the parties communicate to get the final copy that is agreeable to all the parties.
- the service center 910 puts a seal to freeze the document and sends the document to one of the signer to start signing.
- E) The signed copies are kept with signers.
- the signers can choose to rent deposit boxes from the service center 910 to keep their copies securely.
- the optical sensitive component is coupled with the last signer's e-seal.
- system server of an organization can be used rather than a service center and involves the following steps:.
- An official document e.g. a design document of a building
- An official document is created by a proposer.
- the system server creates a record of the document and files the record for further verification.
- the system server verifies and prints out a paper copy of the document.
- the printed copy has optical sensitive component added to the document.
- the optical sensitive component is from the system server, designed for this particular document, and coupled together with an e-seal of the last signer.
- the embodiments of the invention are preferably implemented using general-pu ⁇ ose computers.
- the processing or functionality of Figs. 1-9 can be implemented as software, or a computer program, executing on a computer.
- the method or process steps of protecting the legitimacy of electronic and conesponding printed documents are effected by instructions in the software that are carried out by the computer.
- the software may be implemented as one or more modules for implementing the process steps.
- a module is a part of a computer program that usually performs a particular function or related functions.
- a module can also be a packaged functional hardware unit for use with other components or modules.
- the software may be stored in a computer usable or readable medium, including a floppy disc, a hard disc drive, a magneto-optical disc drive, CD-ROM, magnetic tape or any other of a number of non-volatile storage devices well known to those skilled in the art.
- the software is preferably loaded into the computer from the computer usable medium and then carried out by the computer.
- a computer program product includes a computer usable medium having such software or a computer program recorded on the medium that can be carried out by a computer. The use of the computer program product in the computer preferably effects an advantageous system for virtual commodity trading.
- the computer system can be connected to one or more other computers via a communication interface using an appropriate communication channel such as a modem communications path, a computer network, or the like.
- the computer network may include a local area network (LAN), a wide area network (WAN), an Intranet, and/or the Internet.
- Computers with which the embodiment can be practiced include IBM-PC/ATs or compatibles, the Macintosh (TM) family of PCs, Sun Sparcstation (TM), a workstation or the like.
- TM Macintosh
- TM Sun Sparcstation
- workstation a workstation or the like.
- the processes of the embodiments are resident as software or a program recorded on a hard disk drive as the computer readable medium, and read and controlled using the computer system.
- the program may be supplied to the user encoded on a CD-ROM or a floppy disk, or alternatively could be read by the user from the network via a modem device connected to the computer, for example.
- the software can also be loaded into the computer system from other computer readable medium including magnetic tape, a ROM or integrated circuit, a magneto-optical disk, a radio or infra-red transmission channel between the computer and another device, a computer readable card such as a PCMCIA card, and the Internet and Intranets including email transmissions and information recorded on web sites and the like.
- the foregoing is merely exemplary of relevant computer readable mediums. Other computer readable mediums may be practiced without departing from the scope and spirit of the invention.
Abstract
Description
Claims
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB998168270A CN1305251C (en) | 1999-08-21 | 1999-08-21 | Legitimacy protection of electronic document and a printed copy thereof |
CA002374196A CA2374196A1 (en) | 1999-08-21 | 1999-08-21 | Legitimacy protection of electronic document and a printed copy thereof |
PCT/SG1999/000086 WO2001015382A1 (en) | 1999-08-21 | 1999-08-21 | Legitimacy protection of electronic document and a printed copy thereof |
JP2001518984A JP2003527778A (en) | 1999-08-21 | 1999-08-21 | Protection of the legitimacy of electronic documents and their printed copies |
GB0127490A GB2365184B (en) | 1999-08-21 | 1999-08-21 | Legitimacy protection of electronic document and a printed copy thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/SG1999/000086 WO2001015382A1 (en) | 1999-08-21 | 1999-08-21 | Legitimacy protection of electronic document and a printed copy thereof |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2001015382A1 true WO2001015382A1 (en) | 2001-03-01 |
Family
ID=20430233
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/SG1999/000086 WO2001015382A1 (en) | 1999-08-21 | 1999-08-21 | Legitimacy protection of electronic document and a printed copy thereof |
Country Status (5)
Country | Link |
---|---|
JP (1) | JP2003527778A (en) |
CN (1) | CN1305251C (en) |
CA (1) | CA2374196A1 (en) |
GB (1) | GB2365184B (en) |
WO (1) | WO2001015382A1 (en) |
Cited By (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1255372A1 (en) * | 2001-05-03 | 2002-11-06 | Telefonaktiebolaget L M Ericsson (Publ) | Method and system for data integrity protection |
WO2002091668A2 (en) * | 2001-05-03 | 2002-11-14 | Telefonaktiebolaget L M Ericsson | Method and system for data integrity protection |
WO2003056752A1 (en) * | 2001-12-21 | 2003-07-10 | Erik Landberg | To a data network related arrangement (bilateral) |
WO2003063414A1 (en) * | 2001-12-21 | 2003-07-31 | Erik Landberg | To a data network related arrangement (multilateral) |
WO2004006071A1 (en) * | 2002-07-02 | 2004-01-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Method of securing and exposing a logotype in an electronic device |
US7043636B2 (en) | 2000-09-26 | 2006-05-09 | Telefonaktiebolaget Lm Ericsson (Publ) | Data integrity mechanisms for static and dynamic data |
US7428076B2 (en) | 2004-08-02 | 2008-09-23 | Seiko Epson Corporation | Smart copying for variable cost, editable printouts |
EP2048867A1 (en) * | 2007-10-10 | 2009-04-15 | Deutsche Thomson OHG | Method and system for generation and verification of a digital seal on an analog document |
US7633652B2 (en) | 2005-12-07 | 2009-12-15 | Canon Kabushiki Kaisha | Image processing apparatus capable of processing image embedded with digital watermark, method for controlling the image processing apparatus, and storage medium storing program to execute the method |
US7757091B2 (en) | 2001-05-04 | 2010-07-13 | Abathorn Limited | Method and apparatus for the creation of a self-authenticating document |
US7778902B2 (en) | 2000-04-28 | 2010-08-17 | Charles Schwab & Co., Inc. | Method and apparatus for a new accounts program |
US7809152B2 (en) | 2002-05-14 | 2010-10-05 | Schreiner Group Gmbh & Co. Kg | Visible authentication patterns for printed document |
EP2320389A3 (en) * | 2002-05-14 | 2011-10-05 | Schreiner Group GmbH & Co. KG | Visible authentication patterns for printed document |
US8301886B2 (en) | 2001-08-24 | 2012-10-30 | Zih Corp. | Method and apparatus for article authentication |
USRE44220E1 (en) | 1998-06-18 | 2013-05-14 | Zih Corp. | Electronic identification system and method with source authenticity |
CN103729656A (en) * | 2014-01-22 | 2014-04-16 | 河北远东通信系统工程有限公司 | Seal imprint identification method and identification system |
CN110598531A (en) * | 2019-07-30 | 2019-12-20 | 云南昆钢电子信息科技有限公司 | Method and system for recognizing electronic seal based on face of mobile terminal |
US10755095B1 (en) | 2020-01-02 | 2020-08-25 | Capital One Services, Llc | System for scanning solicitations for fraud detection |
CN112016129A (en) * | 2020-06-08 | 2020-12-01 | 杭州印界科技集团有限公司 | Engineering drawing signature authorization and printing system and printer |
WO2023041989A1 (en) | 2021-09-17 | 2023-03-23 | Freshape Sa | Process of signing documents |
Families Citing this family (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100409224C (en) * | 2003-02-10 | 2008-08-06 | 吴建明 | Novel electronic signature stamp technique |
EP1692813B1 (en) | 2003-10-06 | 2009-10-14 | International Business Machines Corporation | Documenting security related aspects in the process of container shipping |
JP4378300B2 (en) * | 2005-02-18 | 2009-12-02 | キヤノン株式会社 | Printing system, printing method and program thereof |
EP2013770A4 (en) * | 2006-04-28 | 2009-08-26 | Microsoft Corp | Secure signatures |
CN101311950B (en) * | 2007-05-25 | 2012-01-18 | 北京书生国际信息技术有限公司 | Electronic stamp realization method and device |
JP5287023B2 (en) * | 2008-08-12 | 2013-09-11 | 富士ゼロックス株式会社 | Image processing system, image processing apparatus, authorized person information management apparatus, authorized person information processing program, and authorized person information management program |
CN102541480B (en) * | 2010-12-21 | 2014-12-24 | 北大方正集团有限公司 | Filtering method and device for printing |
JP2013081165A (en) * | 2011-09-23 | 2013-05-02 | Kiyoshi Yazawa | Document with fixed date |
CN103065101A (en) * | 2012-12-14 | 2013-04-24 | 北京思特奇信息技术股份有限公司 | Anti-counterfeiting method for documents |
CN103338103A (en) * | 2013-06-04 | 2013-10-02 | 中联重科股份有限公司 | A method, a system and a hand-held device for data encryption |
CN104298653B (en) * | 2013-07-18 | 2017-11-24 | 北大方正集团有限公司 | The method and apparatus for identifying document properties by changing page effect |
JP6183400B2 (en) * | 2015-03-31 | 2017-08-23 | コニカミノルタ株式会社 | Contract creation program, contract validation program, final encryption creation program, contract creation system, contract validation system, and final encryption creation system |
CN108776664B (en) * | 2018-04-19 | 2023-06-16 | 北京立思辰计算机技术有限公司 | Forced file recycling method and system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4981370A (en) * | 1990-01-29 | 1991-01-01 | Dziewit Halina S | Document authentication apparatus |
EP0649112A2 (en) * | 1993-10-15 | 1995-04-19 | Matsushita Electric Industrial Co., Ltd. | A method and means for enhancing optical character recognition of printed documents |
JPH1055441A (en) * | 1996-08-13 | 1998-02-24 | Niigata Nippon Denki Software Kk | Method for generating electronic seal impression and its device |
JPH11143969A (en) * | 1997-11-07 | 1999-05-28 | Ffc:Kk | Authentication device for electronic seal impression |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5606609A (en) * | 1994-09-19 | 1997-02-25 | Scientific-Atlanta | Electronic document verification system and method |
US5748738A (en) * | 1995-01-17 | 1998-05-05 | Document Authentication Systems, Inc. | System and method for electronic transmission, storage and retrieval of authenticated documents |
JP3540511B2 (en) * | 1996-06-18 | 2004-07-07 | 株式会社東芝 | Electronic signature verification device |
-
1999
- 1999-08-21 WO PCT/SG1999/000086 patent/WO2001015382A1/en active Application Filing
- 1999-08-21 JP JP2001518984A patent/JP2003527778A/en active Pending
- 1999-08-21 CN CNB998168270A patent/CN1305251C/en not_active Expired - Fee Related
- 1999-08-21 GB GB0127490A patent/GB2365184B/en not_active Expired - Fee Related
- 1999-08-21 CA CA002374196A patent/CA2374196A1/en not_active Abandoned
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4981370A (en) * | 1990-01-29 | 1991-01-01 | Dziewit Halina S | Document authentication apparatus |
EP0649112A2 (en) * | 1993-10-15 | 1995-04-19 | Matsushita Electric Industrial Co., Ltd. | A method and means for enhancing optical character recognition of printed documents |
JPH1055441A (en) * | 1996-08-13 | 1998-02-24 | Niigata Nippon Denki Software Kk | Method for generating electronic seal impression and its device |
JPH11143969A (en) * | 1997-11-07 | 1999-05-28 | Ffc:Kk | Authentication device for electronic seal impression |
Non-Patent Citations (2)
Title |
---|
PATENT ABSTRACTS OF JAPAN; & JP-A-10 055 441 (NIIGATA NIPPON DENKI SOFTWARE KK), 24 February 1998 (24.02.98). * |
PATENT ABSTRACTS OF JAPAN; & JP-A-11 143 969 (FUJI ELECTRIC CO LTD), 28 May 1999 (28.05.99). * |
Cited By (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
USRE44220E1 (en) | 1998-06-18 | 2013-05-14 | Zih Corp. | Electronic identification system and method with source authenticity |
US7778902B2 (en) | 2000-04-28 | 2010-08-17 | Charles Schwab & Co., Inc. | Method and apparatus for a new accounts program |
US7043636B2 (en) | 2000-09-26 | 2006-05-09 | Telefonaktiebolaget Lm Ericsson (Publ) | Data integrity mechanisms for static and dynamic data |
WO2002091668A3 (en) * | 2001-05-03 | 2003-01-09 | Ericsson Telefon Ab L M | Method and system for data integrity protection |
EP1255372A1 (en) * | 2001-05-03 | 2002-11-06 | Telefonaktiebolaget L M Ericsson (Publ) | Method and system for data integrity protection |
US7298840B2 (en) | 2001-05-03 | 2007-11-20 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and system for data integrity protection |
WO2002091668A2 (en) * | 2001-05-03 | 2002-11-14 | Telefonaktiebolaget L M Ericsson | Method and system for data integrity protection |
US7757091B2 (en) | 2001-05-04 | 2010-07-13 | Abathorn Limited | Method and apparatus for the creation of a self-authenticating document |
US8667276B2 (en) | 2001-08-24 | 2014-03-04 | Zih Corp. | Method and apparatus for article authentication |
US8301886B2 (en) | 2001-08-24 | 2012-10-30 | Zih Corp. | Method and apparatus for article authentication |
WO2003063414A1 (en) * | 2001-12-21 | 2003-07-31 | Erik Landberg | To a data network related arrangement (multilateral) |
WO2003056752A1 (en) * | 2001-12-21 | 2003-07-10 | Erik Landberg | To a data network related arrangement (bilateral) |
US7991198B2 (en) | 2002-05-14 | 2011-08-02 | Schreiner Group Gmbh & Co. Kg | Visible authentication patterns for printed document |
US7809152B2 (en) | 2002-05-14 | 2010-10-05 | Schreiner Group Gmbh & Co. Kg | Visible authentication patterns for printed document |
EP2320389A3 (en) * | 2002-05-14 | 2011-10-05 | Schreiner Group GmbH & Co. KG | Visible authentication patterns for printed document |
WO2004006071A1 (en) * | 2002-07-02 | 2004-01-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Method of securing and exposing a logotype in an electronic device |
US7428076B2 (en) | 2004-08-02 | 2008-09-23 | Seiko Epson Corporation | Smart copying for variable cost, editable printouts |
US7633652B2 (en) | 2005-12-07 | 2009-12-15 | Canon Kabushiki Kaisha | Image processing apparatus capable of processing image embedded with digital watermark, method for controlling the image processing apparatus, and storage medium storing program to execute the method |
EP2048867A1 (en) * | 2007-10-10 | 2009-04-15 | Deutsche Thomson OHG | Method and system for generation and verification of a digital seal on an analog document |
CN103729656A (en) * | 2014-01-22 | 2014-04-16 | 河北远东通信系统工程有限公司 | Seal imprint identification method and identification system |
CN110598531A (en) * | 2019-07-30 | 2019-12-20 | 云南昆钢电子信息科技有限公司 | Method and system for recognizing electronic seal based on face of mobile terminal |
US10755095B1 (en) | 2020-01-02 | 2020-08-25 | Capital One Services, Llc | System for scanning solicitations for fraud detection |
CN112016129B (en) * | 2020-06-08 | 2024-03-29 | 杭州印界科技集团有限公司 | Engineering drawing signature authorization and printing system and printer |
CN112016129A (en) * | 2020-06-08 | 2020-12-01 | 杭州印界科技集团有限公司 | Engineering drawing signature authorization and printing system and printer |
WO2023041989A1 (en) | 2021-09-17 | 2023-03-23 | Freshape Sa | Process of signing documents |
Also Published As
Publication number | Publication date |
---|---|
GB2365184B (en) | 2004-06-16 |
CN1305251C (en) | 2007-03-14 |
CA2374196A1 (en) | 2001-03-01 |
GB2365184A (en) | 2002-02-13 |
JP2003527778A (en) | 2003-09-16 |
GB0127490D0 (en) | 2002-01-09 |
CN1361960A (en) | 2002-07-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2001015382A1 (en) | Legitimacy protection of electronic document and a printed copy thereof | |
JP4800553B2 (en) | Certification watermark for applications related to print objects | |
US7770013B2 (en) | Digital authentication with digital and analog documents | |
EP1312030B1 (en) | Authentication watermarks for packaged products | |
US6748533B1 (en) | Method and apparatus for protecting the legitimacy of an article | |
US6567530B1 (en) | Device and method for authenticating and certifying printed documents | |
US6536665B1 (en) | Method and apparatus for transaction card security utilizing embedded image data | |
US6751336B2 (en) | Digital authentication with digital and analog documents | |
US20030089764A1 (en) | Creating counterfeit-resistant self-authenticating documents using cryptographic and biometric techniques | |
US20030012374A1 (en) | Electronic signing of documents | |
US20070277040A1 (en) | Electronically Signing a Document | |
AU2001277147A1 (en) | Authentication watermarks for printed objects and related applications | |
US20050036651A1 (en) | Digital anti&minus forging method | |
WO2014154109A1 (en) | Generating method, verifying method for electronic bill with anti-fake two dimension (2d) code and system for same | |
JPH06176036A (en) | Method for forming duplication which can be authenticated | |
US20100067691A1 (en) | Document certification and authentication system | |
CN101377837A (en) | Method for generating and checking electronic check two-dimension code credence | |
US7455216B2 (en) | Printed-matter issuing managing system, printed-matter verifying device and contents managing device | |
KR100430469B1 (en) | System for preventing document from forging/alternating | |
JP2002099209A (en) | Device, system, method, program, printed matter and recording medium relating to printed matter verification information addition and printed matter verification | |
GB2358115A (en) | Method and system for remote printing of duplication resistent documents | |
AU718248B2 (en) | Device and method for authenticating and certifying printed documents | |
Chow et al. | Forgery and tamper-proof identification document | |
EP1422671A1 (en) | Method and apparatus for transaction card security utilizing embedded image data | |
Wang et al. | A print-scan resistable digital seal system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 09486940 Country of ref document: US |
|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): CA CN GB IN JP SG US |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
ENP | Entry into the national phase |
Ref document number: 2374196 Country of ref document: CA Ref document number: 2374196 Country of ref document: CA Kind code of ref document: A |
|
ENP | Entry into the national phase |
Ref document number: 200127490 Country of ref document: GB Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: IN/PCT/2001/01089/DE Country of ref document: IN |
|
WWE | Wipo information: entry into national phase |
Ref document number: 998168270 Country of ref document: CN |