Browse Prior Art Database

Disclosed is a method for the secure transfer of forms data between enterprises

IP.com Disclosure Number: IPCOM000168592D
Original Publication Date: 2008-Mar-17
Included in the Prior Art Database: 2008-Mar-17
Document File: 2 page(s) / 20K

Publishing Venue

IBM

Abstract

In forms processing, prescribed information is provided and reviewed as a form is executed. It is desirable to keep the forms information together in a single data object but it may be necessary to limit the access to any given field or fields to any number of recipients. It is also desirable to protect the forms data from being accessible as the form is transferred between or within the enterprise. When limiting the access of a given field, from one enterprise to the other, in a form, it is desirable that the originating enterprise not be aware of the individuals authorized to access the fields in the receiving enterprise. This is because the receiving enterprise is responsible for hiring, firing, and work assignments within their own business unit. Methods will be described for controlling access and execution of a form within and between enterprises.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

Page 1 of 2

Disclosed is a method for the secure transfer of forms data between enterprises

Public Key Infrastructure or PKI provides a means of managing public private key pairs in such a way as to be able to validate the authenticity, currency, and revocation status of a given key set. Private keys are used to encrypt data or the hash of the data so that, when said data or hash is properly decrypted with the public key, the recipient can be assured the signed (encrypted data) originated from the owner of the private key. This is known as a digital signature and allows the recipient to check the validity of the signed data.

In the reverse process the public key can be used to encrypt data so that only the owner of the private key may gain access. By encrypting symmetric keys, that have been used to encrypt data, one can insure that only the recipient listed on the public key may gain access to the data encrypted with the symmetric key. When a service, controlled by a policy management system, is the owner of the private key, the ability of a user to gain authorization to use the service allows controlled access to the encrypted data that is part of the form.

This allows a form's originator to delegate authorization to an unknown but authorized policy management system and user.

These policy management systems can be within or between enterprises.

In this scenario, two unique certificates can represent an agreement between two entities executing a form. The use of the certificate in the processing of the form signifies acceptance of the agreement.

The method is illustrated in the following scenario. A form is designed to allow a hospital to transfer cases to a collection agency for collection of delinquent payments by specific patients. The form includes the patient information and bill total for collection in field group a. The form includes additional information related to internal account and file numbers needed by the hospital in field group b. The form provides for internal information required by the collection agency in field group c. The form provides information related to the final status of the case fr...