USRE44209EExpiredUtilityPatentIndex 57
Method and system for real-time control of document printing
Est. expiryJun 14, 2018(expired)· nominal 20-yr term from priority
Inventors:GOODMAN DANIEL I
G06F 40/103G06F 21/10G06F 2221/2119G06F 3/12H04N 1/4486H04L 67/34H04N 1/444G06Q 20/102G06F 21/84H04L 67/02H04N 2201/0039H04N 1/32776G06F 40/126H04N 1/4426G06F 40/109H04N 1/00244Y10S707/99939H04N 2201/3249Y10S707/99937Y10S707/99945
57
PatentIndex Score
2
Cited by
184
References
34
Claims
Abstract
A method for secure printing is presented. A document management system (DMS) is provided within a server computer for storing, displaying and printing a plurality of documents. At least a portion of the documents require authentication information for displaying and printing. A web-based capture protection system is provided that prevents proprietary content displayed on a display device from being screen-captured. The web-based capture protection system is combined with the DMS to augment the DMS with capture protection of displayed documents, including intercepting retrieval requests from a client computer to display documents from the DMS.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. A method for secure printing, comprising:
providing a document management system (DMS) that stores and retrieves a plurality of documents, wherein at least a portion of the documents require authentication information for access, and have DMS print restrictions associated therewith;
providing a web-based capture protection system that prevents proprietary content displayed on a display device from being screen-captured, wherein such proprietary content has web-based print restrictions which limit its being printed;
intercepting a retrieval request from a client computer, to retrieve a designated document from the DMS;
deriving combined print restrictions for the designated document by combining (1) the DMS print restrictions associated with the designated document and (2) the web-based print restrictions to restrict printing of proprietary content contained in the designated document;
encrypting the designated document using a document encryption key;
using a header encryption key, encrypting the combined print restrictions, the document encryption key, and the authentication information associated with the designated document;
appending the encrypted combined print restrictions, the encrypted document encryption key, and the authentication information to the encrypted designated document, within a document header;
decrypting, by the client computer, the encrypted document encryption key using the header encryption key;
decrypting, by the client computer, the encrypted designated document using the decrypted document encryption key;
subsequently intercepting a print request from the client computer, to print the designated document;
transmitting, by the client computer, an identifier of the designated document, the encrypted combined print restrictions, and the encrypted authentication information, to a printer server;
decrypting, by the printer server, the encrypted combined print restrictions and the encrypted authentication information;
requesting, by the printer server, retrieval of the designated document from the DMS based on the identifier of the designated document and the decrypted authentication information;
obtaining, by the printer server, print options from the client computer; and
determining, by the printer server, whether the client computer is allowed to print the designated document, based on the decrypted combined print restrictions and the obtained print options.
2. The method of claim 1 wherein the web-based print restrictions include a list of permissible printers.
3. The method of claim 1 wherein the identifier of the designated document is a URL for the designated document.
4. The method of claim 1 wherein the authentication information includes a username and a password.
5. The method of claim 1 wherein said decrypting, by the client computer, the encrypted document encryption key comprises obtaining the header encryption key from a key server.
6. The method of claim 1 wherein the web-based print restrictions include watermark attributes, and wherein said determining, by the printer server, whether the client computer is allowed to print the designated document comprises identifying a visible watermark to overlay on the designated document based on the watermark attributes.
7. The method of claim 1 , wherein the plurality of documents stored in the DMS include web pages.
8. The method of claim 1 , wherein the plurality of documents stored in the DMS include application documents.
9. A method for secure printing, comprising:
providing a document management system (DMS) that stores and retrieves a plurality of documents, wherein at least a portion of the documents require authentication information for access, and have DMS print restrictions associated therewith;
providing a web-based capture protection system that prevents proprietary content displayed on a display device from being screen-captured, wherein such proprietary content has web-based print restrictions which limit its being printed;
intercepting a retrieval request from a client computer, to retrieve a designated document from the DMS;
deriving combined print restrictions for the designated document by combining (1) the DMS print restrictions associated with the designated document and (2) the web-based print restrictions to restrict printing of proprietary content contained in the designated document;
encrypting the designated document using a document encryption key;
using a header encryption key, encrypting the combined print restrictions, the document encryption key, and the authentication information associated with the designated document;
appending the encrypted combined print restrictions, the encrypted document encryption key, and the authentication information to the encrypted designated document, within a document header;
decrypting, by the client computer, the encrypted combined print restrictions, the encrypted document encryption key, and the authentication information using the header encryption key;
decrypting, by the client computer, the encrypted designated document using the decrypted document encryption key;
subsequently intercepting a print request from the client computer, to print the designated document;
transmitting, by the client computer, an identifier of the designated document, the decrypted combined print restrictions, and the decrypted authentication information, to a printer server;
requesting, by the printer server, retrieval of the designated document from the DMS based on the identifier of the designated document and the decrypted authentication information;
obtaining, by the printer server, print options from the client computer; and
determining, by the printer server, whether the client computer is allowed to print the designated document, based on the decrypted combined print restrictions and the obtained print options.
10. A method for secure printing, comprising:
providing a document management system (DMS) that stores and retrieves a plurality of documents, wherein at least a portion of the documents require authentication information for access, and have DMS print restrictions associated therewith;
providing a web-based capture protection system that prevents proprietary content displayed on a display device from being screen-captured, wherein such proprietary content has web-based print restrictions which limit its being printed;
intercepting a retrieval request from a client computer, to retrieve a designated document from the DMS;
deriving combined print restrictions for the designated document by combining (1) the DMS print restrictions associated with the designated document and (2) the web-based print restrictions to restrict printing of proprietary content contained in the designated document;
encrypting the designated document using a document encryption key; using a header encryption key, encrypting the combined print restrictions, the document encryption key, and the authentication information associated with the designated document;
appending the encrypted combined print restrictions, the encrypted document encryption key, and the authentication information to the designated document, within a document header;
transmitting, by the client computer, the encrypted combined print restrictions, the encrypted document encryption key, and the authentication information to a key server for decryption;
receiving, by the client computer from the key server, decrypted combined print restrictions, a decrypted document encryption key and decrypted authentication information;
decrypting, by the client computer, the encrypted document using the decrypted document encryption key;
subsequently intercepting a print request from the client computer, to print the designated document;
transmitting, by the client computer, an identifier of the designated document, the decrypted combined print restrictions and the decrypted authentication information to a printer server;
requesting, by the printer server, retrieval of the designated document from the DMS based on the identifier of the designated document and the decrypted authentication information;
obtaining, by the printer server, print options from the client computer; and
determining, by the printer server, whether the client computer is allowed to print the designated document, based on the decrypted combined print restrictions and the obtained print options.
11. A server, comprising:
at least one memory device configured to store instructions; at least one processing device configured to execute the instructions stored in the at least one memory device to:
intercept a request from a client to retrieve a designated document from a document management system (DMS) configured to manage a plurality of documents, wherein at least a portion of the plurality of documents comprise authentication information for access and wherein at least a portion of the plurality of document comprise print restrictions associated therewith;
derive combined print restrictions for the designated document by combining the print restrictions associated with the designated document and web-based print restrictions associated with the designated document that prevents proprietary content associated with the designated document and displayed on a display device from being printed;
generate an encrypted designated document by encrypting the designated document using a document encryption key;
generate encrypted combined print restrictions by encrypting the combined print restrictions, the document encryption key, and the authentication information associated with the designated document using a header encryption key;
append the encrypted combined print restrictions, the document encryption key, and the authentication information to a header of the encrypted designated document;
transmit the encrypted designated document to a client that is configured to decrypt the document encryption key using the header encryption key, decrypt the encrypted designated document using the decrypted document encryption key, intercept a print request to print the designated document, transmit an identifier of the designated document, the encrypted combined print restrictions, and the encrypted authentication information, to a printer server that is configured to decrypt the encrypted combined print restrictions and the encrypted authentication information, request retrieval of the designated document from the DMS based on the identifier of the designated document and the decrypted authentication information, obtain print options from the client, and transmit an instruction to print the designated document in response to determining that the client is authorized to print the designated document based on the decrypted combined print restrictions and the obtained print options.
12. The server of claim 11, wherein the web-based print restrictions comprise a list of printers authorized to print the designated document.
13. The server of claim 11, wherein the identifier of the designated document comprise a universal resource locator associated with the designated document.
14. The server of claim 11, wherein the authentication information comprises a username, a password, or a combination of the username and the password.
15. The server of claim 11, wherein the client is further configured to obtain the header encryption key from a key server.
16. The server of claim 11,
wherein the web-based print restrictions comprise watermark attributes; and wherein the print server is further configured to identify a visible watermark to overlay on the designated document based on the watermark attributes.
17. The server of claim 11, wherein the plurality of documents comprise web pages.
18. The server of claim 11, wherein the plurality of documents comprise application documents.
19. A memory device having instructions stored thereon that, in response to execution by a processing device, cause the processing device to perform operations comprising:
intercepting a request from a client to retrieve a designated document from a document management system (DMS) configured to manage a plurality of documents, wherein at least a portion of the plurality of documents comprise authentication information for access and wherein at least a portion of the plurality of document comprise print restrictions associated therewith; generating combined print restrictions for the designated document by combining the print restrictions associated with the designated document and web-based print restrictions associated with the designated document that prevents proprietary content associated with the designated document and displayed on a display device from being printed; generating an encrypted designated document by encrypting the designated document using a document encryption key; generating encrypted combined print restrictions by encrypting the combined print restrictions, the document encryption key, and the authentication information associated with the designated document using a header encryption key; appending the encrypted combined print restrictions, the document encryption key, and the authentication information to a header of the encrypted designated document; transmitting the encrypted designated document to a client that is configured to transmit an identifier of the designated document, the encrypted combined print restrictions, and the encrypted authentication information, to a printer server that is configured to request retrieval of the designated document from the DMS based on the identifier of the designated document and configured to transmit an instruction to print the designated document in response to determining that the client is authorized to print the designated document based on decrypting the encrypted combined print restrictions.
20. The memory device of claim 19, wherein the web-based print restrictions comprise a list of printers authorized to print the designated document.
21. The memory device of claim 19, wherein the identifier of the designated document comprise a universal resource locator associated with the designated document.
22. The memory device of claim 19, wherein the authentication information comprises a username, a password, or a combination of the username and the password.
23. The memory device of claim 19, wherein the client is further configured to obtain the header encryption key from a key server.
24. The memory device of claim 19,
wherein the web-based print restrictions comprise watermark attributes; and wherein the print server is further configured to identify a visible watermark to overlay on the designated document based on the watermark attributes.
25. The memory device of claim 19, wherein the plurality of documents comprise web pages.
26. The memory device of claim 19, wherein the plurality of documents comprise application documents.
27. A server, comprising:
an intercepting circuit communicatively coupled to a document management system, a print server, and a client and configured to:
receive a request from the client to retrieve, from the document management system, a designated document comprising authentication information for access and comprising print restrictions associated therewith;
derive combined print restrictions for the designated document by combining the print restrictions associated with the designated document and web-based print restrictions associated with the designated document that prevents proprietary content associated with the designated document and displayed on a display device from being printed;
generate an encrypted designated document by encrypting the designated document using a document encryption key;
generate encrypted combined print restrictions by encrypting the combined print restrictions, the document encryption key, and the authentication information associated with the designated document using a header encryption key;
append the encrypted combined print restrictions, the document encryption key, and the authentication information to a header of the encrypted designated document;
transmit the encrypted designated document to the client;
wherein the client is configured to decrypt the encrypted designated document, receive a print request to print the designated document, and transmit an identifier of the designated document, the encrypted combined print restrictions, and the encrypted authentication information, to the printer server; and wherein the print server is configured to decrypt the encrypted combined print restrictions and the encrypted authentication information, request retrieval of the designated document from the DMS in response to the identifier of the designated document and the decrypted authentication information, obtain print options from the client, and transmit an instruction to print the designated document in response to determining that the client is authorized to print the designated document based on the decrypted combined print restrictions and the obtained print options.
28. The server of claim 27, wherein the web-based print restrictions comprise a list of printers authorized to print the designated document.
29. The server of claim 27, wherein the identifier of the designated document comprise a universal resource locator associated with the designated document.
30. The server of claim 27, wherein the authentication information comprises a username, a password, or a combination of the username and the password.
31. The server of claim 27, wherein the client is further configured to obtain the header encryption key from a key server.
32. The server of claim 27,
wherein the web-based print restrictions comprise watermark attributes; and wherein the print server is further configured to identify a visible watermark to overlay on the designated document based on the watermark attributes.
33. The server of claim 27, wherein the plurality of documents comprise web pages.
34. The server of claim 27, wherein the plurality of documents comprise application documents.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.