TECHNICAL FIELD

[0001] The present invention generally relates to digital information security (InfoSec), and in particular, relates to systems and methods for establishing a trusted and secure digital asset management platform enabling its subscribers to securely store their digital assets, specify the flow of their encrypted document in requesting authentication, submitting and/or sharing with the intended platform’s users or agencies.

BACKGROUND ART

[0002] Abbreviations used herein:

[0003] "Digital transformation" is the term that has been used and heard in the past ten years across individual, organisations and government agencies. In a very narrow and simple sense this term may refer to the concept of "going paperless" or reaching a "digital business maturity" affecting both individual businesses and whole segments of society. There is clear evidence that the digital transformation is already underway for example digital documents, digital receipt, official digital letter, digital statement, even digital driving licencing and the like where the transaction of those occurs online, within a secure system, via digital communication with trusted devices or uses an associated mobile device rather than traditional hand-to-hand exchange, surface mails, and/or human senses assessment on physical ID. [0004] However, it has been obviously seen that the digital transformation is not proceeding at the same pace everywhere, in every business sector, in every organisation and/or at every individual. In some sectors or fields, even with individuals, friction in adopting digital transformation is noticed, especially in the field of digital identity mostly due to the fundamental issues of trust and security as society transitions from paper-based to digital security and ID documents. Many questions have been raised regarding “how secure those systems and digital artefacts are?”, “how much we can trust them when we can no longer use our human senses to assess them?”, “they are as well protected as the physical documents we’re so familiar with, or they are more vulnerable to criminal fraud?”, “how the digital copy of a physical ID/document or original can be certified for use?” and so on.

[0005] Due to the trust and security issues leaving many unsatisfactorily answered questions, forcing end user to accept a digital artefact from a known organisation or agency may not be an issue. But forcing an end user to share his/her digital information, especially digital ID copy or making organisations/agencies to widely accept an end user digital documents and ID like physical documents, may be a great challenge during the transition period because there is no system or platform that can provide the end user with the trust and confidence that the fraudulent use or re-purposing of his/her shared digital information is prevented, or to provide an agency or organisation the guarantee that the digital document received from an individual is genuine unless the end user identity has been authenticated, and the digital document can be digitally certified by an authorised third party and can be validated within a trusted environment or system.

[0006] Furthermore, "Digital transformation", particularly the ‘going paperless’ concept demands secure digital storage and secure digital assets management which is growing day by day. This may not be a challenge for large businesses, organisations or government agencies because they should have the technologies, resources and expertise to provide and maintain a trust and secure system for their own organisation and personnel in storing, sharing, processing and importantly protecting their valued digital artefacts. However, with economic globalization, organizations may have access to data from contractors around the world, employees or others. Such data can be made available on the Internet, such as a wide area network to make the data available to employees and others to improve access to data convenient, but this increases security risk.

[0007] For small business and normal individuals who don’t have access to adequate technologies and resources which are publicly available for use, secure digital data storage and sharing is a challenge. Traditionally, an individual may use his/her own devices in storing his/her digital artefacts and keeping an eye on the device may be the conservative way to secure the devices and the stored data.

[0008] Use of the Internet, and, of cloud-based storage and applications, is becoming increasingly integral to everyday life. An individual may use the cloud-based storage and computing as his/her personal repository for his/her digital assets. Cloud-based storage on an endpoint of the Internet provides ubiquitous access of user's files and applications from any capable end point, at any time. With the increased usage, comes an increased exposure to unscrupulous users of the Internet that can seek to randomly cause havoc or steal sensitive or private information from specific users. The traditional paradigm for protection of sensitive information stored in cloud-based locations on the Internet is a password i.e. user’s knowledge factors. For access, a user presents log-in credentials to a server that are verified against known credentials stored at the server. Problematically, the comparison paradigm is vulnerable to phishing or key-logging attacks by imposters, hacking or network Sniffing, and even guessing by trial and error. Once exposed, the user files and applications are open not only to undetected theft by copying, but to vandalism by deletion. Moreover, the entire account is exposed at once because individually protecting each file and application with a unique password i.e. encryption techniques, is not commonly practical and normally applying encryption techniques cannot be carried out by every individual.

[0009] There have been proposed several novel techniques around secure storage and sharing service platforms, attempting to address the security problem for user’s data stored and shared on any cloud-based storage.

[0010] United States Patent No. 9,922,207, Chines Patent Publication No. 102761521B and United States Patent No. 9,767,299 disclose the concept where symmetric file key is generated or provided for a file encryption, the file key is encrypted with user asymmetric public key, then both encrypted file and encrypted file key are stored on the server. To decrypt the file, the user asymmetric private key is used to reconstruct the file key, then the file key is used to encrypt the file. The user asymmetric private key is securely kept on the user’s device which can be reconstituted with the user’s password. For file sharing, the file key is encrypted with the user’s key whom the file will be shared with. The file key may be randomly generated to minimise the risk when the file key is compromised. However, the risk remains high if the password-protected user private key is compromised which lead to the exposure of the entire user database. [0011] United States Patent No. 8,954,758 goes beyond the password protected private key in these documents by proposing the use of human gesture to form and then reconstitute a cryptography key whereas United States Patent No. 9070112 proposes asymmetric file key for file encryption.

[0012] In order to enhance security over the internet thus maintaining confidentiality of data, an article entitled Double Layer Encryption Algorithm Key Cryptography for Secure Data Sharing in Cloud by Dr.D.Usha, M.Subbbulakshmi, International Journal of Scientific & Engineering Research Volume 9, Issue 5, May-2018 proposes double layer encryption using RSA asymmetric key approach. According to this technique, the file is encrypted twice by the user using the same public key before it is stored in the cloud.

[0013] When it comes sharing the file, United States Patent No. 9537918 discloses that the secret key will be sent to other users whom the file will be shared with via an ‘out-of-band’ channel. The discussed techniques may improve the security for cloud storage. But the risk especially risk of chained failure remains high. When coming to the sharing, none of those techniques can provide mechanism to prevent fraudulent use or re-purposing of the document.

[0014] As a result, there has been the fundamental issue of trust and security as society transitions from paper-based to digital security and ID documents in an insecure network i.e. internet. Accordingly, there is a need in the art to effectively protect system user’s digital assets on a cloud-based storage system with no point of chained failure, to enable a user to securely share documents with other system users in a way that prevent the fraudulent use or re-purposing of the shared document, and to facilitate the digital certification or authentication of a document or copy. These together shall establish a trusted environment and processes that give the system users a sense of security in applying the concept of ‘going paperless’ in full.

[0015] It will be clearly understood that, if a prior art publication is referred to herein, this reference does not constitute an admission that the publication forms part of the common general knowledge in the art in Australia or in any other country.

SUMMARY OF INVENTION

[0016] The present invention is directed to systems and methods for secure digital file sharing and authenticating, which may at least partially overcome at least one of the abovementioned disadvantages or provide the consumer with a useful or commercial choice.

[0017] With the foregoing in view, the present invention in one form, resides broadly in a system for secure digital file storing, sharing and authenticating, the system including:

At least one computer server operating a primary server software application

At least one user with a personal computing device operating a client software application configured to communicate with the primary server software application, the user provided with a unique account following a registration process with the system, the registration process based on receipt of a combination of at least one knowledge factor, possession factor and inherence factor from the user by the primary server software application collected during the registration process; upon successful user registration, the client software application on the personal computing device automatically generates a registered user asymmetric cryptography keypair including a user public key and a user private key, and stores the keypair on the personal computing device, the client software application encrypting at least the user’s at least one knowledge factor and the user private key before providing to the at least one computer server, the user’s at least one knowledge factor remaining encrypted at all times at the at least one computer server, the system thereafter using the asymmetric cryptography keypair to allow the user to securely store, in a digital artefact repository, a digital artefact utilising multilayer encryption of the digital artefact with geographically non-collocated cryptography modules, said geographically non- collocated cryptography modules including a first encryption engine for first layer encryption using user the user public key at a user side and a second encryption engine for second layer encryption using a unique document encryption key at the at least one computer server, the unique document encryption key including a symmetric -key which is generated by the at least one computer server uniquely for every new digital artefact loaded and encrypted with the user private key and stored in an electronically stored key vault.

[0018] The present invention finds particular use in the management of digital documents.

[0019] The client software application may be or include a secure website accessed on the user personal computing device or a proprietary client software application installed on the user personal computing device.

[0020] Preferably a combination of at least two of any one or more of knowledge factors, possession factors and inherence factors are used. Knowledge factors require the user to demonstrate knowledge of hidden information. Routinely used in single-layer authentication processes, knowledge factors can come in the form of passwords, passphrases, PINs or answers to secret questions.

[0021] Preferably taking the form of connected tokens or disconnected tokens, possession factors are physical entities possessed by the authorised user to connect to the client computer or portal.

[0022] Connected tokens are preferably items which physically connect to a computer in order to authenticate identity. Items such as card readers, wireless tags and USB tokens are common connected tokens used to serve as a possession factor during a multi-factor authentication process.

[0023] Disconnected tokens are items which do not directly connect to the client computer - instead requiring input from the individual attempting to sign in. Most typically, a disconnected token device will use a built-in screen to display authentication data which is then utilised by the user to sign in, where and when prompted.

[0024] Any possession factors used in the system of the present invention may be provided to a user and/or created by or as a part of the client software application.

[0025] Inherence factors are metrics intrinsically owned by the authorised individuals. These often take the form of biometrics - such as fingerprint readers, retina scanners or voice recognition.

[0026] Preferably, in order to view a digital artefact that is stored in the system of the present invention, such as a digital document, a registered user would successfully login to the user account using the client software application on the user personal computing device.

[0027] Once logged into the system, the registered user can preferably can select any digital artefact for action, for example a digital document can be selected for viewing via the client software application on the user personal computing device.

[0028] Without additional user intervention, the user’s selected artefact ID(s) is submitted to the primary server software application operating on the at least one computer server where the multilayer encrypted document and the encrypted unique document encryption key corresponding to the submitted artefact ID are retrieved from the digital artefact repository and key vault respectively for use at a first decryption engine to recover the user public-key encrypted document (i.e. the document still remains encrypted). [0029] The primary server software application operating on the at least one computer server then preferably sends the user public -key encrypted document to the client software application on the user personal computing device, where the user private key is autonomously retrieved by the client software application on the user personal computing device for use at a second decryption engine in decrypting the user public key encrypted document. The document is then displayed via the client software application on the user personal computing device.

[0030] The system of the present invention is also preferably configured to provide the services on secure digital artefact sharing where a first user can share his/her stored digital artefact or any artefact in his/her possession, with one or more second users within the system with high confidence that his/her shared artefact is protected by the system from fraudulent misuse and/or repurposing.

[0031] The preferred process of sharing an artefact by a first user means allowing another party (i.e. one or more second users) to view a shared artefact.

[0032] Preferably, a first user would successfully login to the user account using the client software application on the user personal computing device.

[0033] Within the system, the first user can then select one or more stored artefact (s) for sharing and further select the second users who will be receiving the shared artefact (s).

[0034] The artefact(s) selected for sharing may be in the first user digital artefact repository or in his/her possession but may not have been uploaded to the system at the time the request for sharing is made (such as for example in the case where the artefact is loaded and then an immediate sharing request is made). If the selected artefact has not been uploaded to the first user’s digital artefact repository, then preferably without user intervention, the artefact intended for sharing is autonomously uploaded onto the first user’s digital artefact repository using the above discussed artefact loading process which returns the artefact ID as reference for use in the sharing process.

[0035] Once the first user has selected the artefact for share and the second user(s), preferably without additional intervention or action from the first user, the client software application on the personal computing device will typically submit the artefact ID(s), the second user ID(s) and other sharing attributes chosen by the first user, to the primary server software application operating on the at least one computer server.

[0036] The sharing attributes chosen by the first user may include the restriction on how the shared artefact can be used. At the server, the multilayer encrypted document(s) and the encrypted unique document encryption key corresponding to the submitted document ID(s), and the first user keypair are retrieved from the first user’s digital artefact repository and key vault respectively for use within a third decryption engine.

[0037] At the third decryption engine, the original artefact is briefly recovered and a digital copy of the artefact is preferably generated for sharing. The digital copy of the original artefact is preferably low-resolution (compared to the original artefact) and watermarked (if a document) making it immediately differentiable from the original artefact within the ecosystem of the invention.

[0038] Preferably, the public keypair corresponding to the second user (or multiple keypairs if more than one second user) is retrieved from the key vault for use in the third encryption engine. At the third encryption engine, the low-resolution and watermarked copy (208) is the preferably encrypted with the or each retrieved public key and then a unique document encryption key is preferably generated. The multilayer encrypted low-resolution and watermarked copy is then saved in the second user(s) (recipient) folder or repository.

[0039] Thereafter, the second user shall preferably become the (beneficial) owner of the shared low-resolution and watermarked copy of the original digital artefact. A notification (for example, a push notification) is preferably generated and sent to the or each second user(s) to notify the or each second user(s) that they have received a shared document.

[0040] Preferably, shared documents can only be viewed from within the system by the rightful beneficial owner. Upon receiving a notification of shared document from the system on behalf of the first user, a second user will preferably successfully login to the system and choose the shared document to view.

[0041] Upon receiving a shared document viewing request, the primary server software application operating on the at least one computer server preferably securely verifies the second user’s private key, and then retrieves the double-layer encrypted shared copy and the unique document encryption key corresponding to the submitted shared document ID from the second user document folder or repository and the key vault respectively for use in decrypting at the first decryption engine to recover the second user group public-key encrypted shared copy.

[0042] The primary server software application operating on the at least one computer server then preferably sends the second user public -key encrypted shared copy to the requesting client software application on the user personal computing device, where the second user private key is preferably autonomously retrieved by the client software application on the user personal computing device for use at the second decryption engine in decrypting the second user key encrypted copy.

[0043] The low-resolution and watermarked copy is then preferably displayed via the client software application on the user personal computing device. The use of the displayed low- resolution and watermarked copy at the second user device may be restricted depending on the sharing attributes that were configured by the first user. The restrictions may include editing, downloading and/or printing.

[0044] The multilayer encryption model with geographically non-collocated cryptography modules architecture may in turn comprise one cryptography module at the client-side and at least one cryptography module at the server-side.

[0045] The at least one client-side cryptography module will preferably be provided by or as a part of the client software application. The at least one client-side cryptography module preferably always uses the system registered user’s RSA public key for encrypting the user artefact, and the corresponding user’s RSA private key for decrypting the public-key encrypted artefact.

[0046] The RSA keypair (i.e. public key and corresponding private key) is preferably automatically generated at the client-side by the client software application upon the successful user registration using the client software application installed on the user personal computing device.

[0047] A copy of the encrypted user private key and the corresponding user public key are preferably transferred to the primary server software application operating on the at least one computer server for centralised key management.

[0048] An encrypted user private key is preferably further encrypted before it is saved in a system key vault. There can be one or more system key vaults.

[0049] The server-side cryptography module may use the symmetric document key for re encrypting the user public-key encrypted artefact, and for decrypting the multilayer encrypted artefact.

[0050] A symmetric artefact key is preferably uniquely generated by the primary server software application operating on the at least one computer server for each artefact loaded and or created including any digital copy of the artefact which is generated for sharing.

[0051] The server generated symmetric artefact key is preferably encrypted with the artefact owner’s private key and then normally saved in the key vault.

[0052] The automated and secure artefact sharing process may only require that a first user within the system select the artefact for sharing, defining the sharing attributes, and selecting one or more second users who will receive the shared artefact.

[0053] The primary server software application operating on the at least one computer server within the secure system preferably briefly retrieves, from the first user’s repository, the artefact corresponding to the selected artefact ID, and generates a low-resolution & watermarked digital copy of the artefact for sharing.

[0054] The generated low-resolution & watermarked digital copy of the artefact for sharing is preferably multilayer encrypted with second user public key and then with the unique artefact key, and saved in the second user(s) repository. The generated low-resolution & watermarked digital or shared copy preferably becomes the property of the second user.

[0055] The generated low-resolution & watermarked digital copy is preferably encrypted in such a way that it can only be decrypted and viewed within the system by the rightful second user(s).

[0056] The automated and secure digital certification of a digital artefact may only require a first user within the system to select the artefact for authentication or certification, and selecting second users who will authenticate or certify the artefact copy.

[0057] The generated low-resolution & watermarked digital copy is preferably multilayer encrypted then saved in the second user repository and notification is sent to the second user once saving has been completed.

[0058] For certification purposes, when a notification is received, the second user may view the generated low-resolution & watermarked digital copy, verify the generated low-resolution & watermarked digital copy by comparing the generated low-resolution & watermarked digital copy with source system data, and then cryptographically sign the generated low-resolution & watermarked digital copy. [0059] When the second user has completed the certifying process by cryptographically sign the generated low-resolution & watermarked digital copy, the cryptographically signed copy is preferably multilayer encrypted then saved into the first user repository for viewing only by the first user, and/or into a third-party user repository for viewing only by the third user, if the third user is included by the first user.

[0060] The system may further include an ID AM server for user registrations, device registrations & associations, user logins, user identity verification/validation/authentication, password resets & recoveries, group configurations & reconfigurations, and document or file processing request.

[0061] The system may further include one or more databases for securely keeping the system registered users’ information.

[0062] The system may further include one or more digital key vaults for securely storing the system registered users’ keys, keypairs and/or artefact keys.

[0063] The system may further include artefact repositories for secure retention of the system registered users encrypted digital artefacts or assets such as documents or files.

[0064] The system of the present invention is preferably scalable and may be deployable on public cloud, private cloud, or hybrid cloud.

[0065] A user may register for an account through a secure website accessed via the user personal computing device or client software application installed on the user personal computing device.

[0066] Upon successful user account registration using a secure website accessed via the user personal computing device or client software application installed on the user personal computing device, the primary server software application operating on the at least one computer server will preferably associate the personal computing device (for example using an IMEI number or equivalent identification) and/or secure website or client software application with the registered user account.

[0067] Preferably, at the first login attempt from the secure website accessed via the user personal computing device or client software application installed on a user personal computing device that is being used for the first time with the system of the present invention, the system may subject the first time login to strong multifactor authentication linking with the current associated device(s). The system may send a one-time passcode to the client software application installed on a user personal computing device or otherwise use multifactor authentication to authenticate the user and/or personal computing device. Upon successful login on the new personal computing device for the first time, the primary server software application operating on the at least one computer server may associate the new personal computing device with the registered user account.

[0068] The present invention is therefore directed to a system, and method for realising cloud-based secure digital asset management platform, which may at least partially overcome at least one of the disadvantages, mentioned in the background section or provide the consumer with a useful or commercial choice.

[0069] The system of a preferred embodiment preferably provides services including but not being limited to the secure user’s digital assets particularly storage and security of document sharing in a way that prevents fraudulent use or re-purposing of the document, and document certification supporting non-repudiable certification of document authenticity.

[0070] The system preferably comprises the secure server operating a primary software application, a secure website, and/or a secure mobile application for being installed on any personal computing device or smart device capable of internet access.

[0071] The secure platform is preferably scalable and preferably comprises ID AM (Identify and Access Management) servers, secure databases, secure key vaults, and secure document repository.

[0072] The ID AM servers is used for user registrations, device registrations, user logins, user identity verifications, validations and authentications, password resets & recoveries, group configurations & reconfigurations, and documents or files processing requests.

[0073] The database is preferably for securely keeping the registered user’s information; the key vaults is for securely storing the registered user’s keys and/or keypair. The document repository is preferably for securely retaining the registered users encrypted digital assets such as documents or files.

[0074] The platform may be deployed in public cloud, private cloud, or hybrid cloud. A user at an endpoint of the internet may via the website or the client software application installed and operable on their smart devices to register for an account. When registering for a user account via the client software application, the device and client software application on that device are associated with the user account as part of the system security. On the successful completion of account registration, RSA key pair (private or secret key and public key) is preferably automatically generated at the client-side for further use in encryption and decryption of user data. As a part of the system security strengthening, when a registered user attempts to login from the app on new device for the first time, the system’s multifactor authentication may generate one-time passcode, and send to the app on the associated device(s). The one-time passcode is used for authentication from the new device. Upon successful login on a new device, the device is associated with the registered user account and the user encrypted RSA private key and the associate public key copies are transferred to the new device for subsequent use.

[0075] One embodiment of the present invention relates to the cryptographic based security method that ensures individuals’ documents are strongly protected. The security method preferably comprises multilayer encryption with geographically non-collocated cryptography modules being distributed across the client side and server sides to eliminate single point of failure and chained failure. According to the method, a plaintext file entering the system at the client-side is preferably automatically encrypted by the client side first cryptography module using the user public key for secure transportation to the server. The ciphertext file is preferably further encrypted at the server side second cryptography module using the uniquely generated document key for securely storing in the user repository. A document that has been uploaded to the platform can preferably only be accessed and/or viewed from within the by the document owner and thus helping the realisation of the concept where the user is the one who owns the data in the cloud storage environment.

[0076] Another embodiment of the present invention relates to the method that enables a first user as the primary document owner within the system, to securely share a document or a suite of documents with other second users, in a way that prevents fraudulent use or re-purposing of the document. The method may involve first user as the document owner and one or more second users as the person(s) with whom the document is shared.

[0077] The method preferably comprises steps in selecting the document for sharing and one or more second users by the first user, retrieving the document intended for sharing from the first user repository by the server, generating low-resolution & watermarked digital version of the document by the server, performing multilayer encryption on the low-resolution and watermarked digital copies with a second user group public key and then with the second user group document key by the server, saving the multilayer encrypted low-resolution & watermarked digital copies in the second users’ repositories by the server, thus making the second user the (beneficial) owner of the shared low-resolution & watermarked digital copies, and then preferably notifying the second users that they have received a shared document by the server on behalf of the first user. The shared documents can typically only be viewed from within the system (requiring registration and login) by the intended second users.

[0078] A further embodiment of the present invention relates to method enabling documents to be certified by document originators, or a certifying body, supporting non-repudiable certification of document authenticity. The method may involve first user as the document owner, second user as the document originator or certifying body approved by the business, and third users as the shared document receivers. The method preferably comprises steps in selecting the document for being certified or authenticated and further selecting the second user and one or more third user by the first user; preferably retrieving the document for being certified from the first user repository by the server, generating reduced-resolution & watermarked digital version of the document by the server; preferably performing multilayer encryption on the reduced- resolution and watermarked digital version with the second public key and then with the uniquely generated document key by the server; preferably saving the multilayer encrypted reduced-resolution & watermarked digital version in the second user’ s repositories by the server, and preferably notifying the second users that they have received a document for authentication by the server on behalf of the first user.

[0079] The second user within the system, may verify the reduced-resolution and watermarked digital version by comparing the digital version with their source system data and then typically cryptographically signs the reduced-resolution & watermarked version, completing certification.

[0080] Alternatively, the second user may be given the authority by the system to directly view the original corresponding to the copy for the verification purpose. The server then preferably multilayer encrypts the authenticated or certified copy with the first user public key and then with the uniquely generated document key. The multilayer encrypted copy is then typically saved into the first user’s repository by the server and the first user is notified by the server on behalf of the second user.

[0081] Alternatively, the server may multilayer encrypt the authenticated or certified copy with the group public key and then with the uniquely generated group document key. The said group may include the first user and one or multiple third user. The multilayer encrypted copy is then preferably saved into the first user’s repository and the third users’ repositories by the server and the first user and third users are preferably notified by the server on behalf of the second user. The authenticated or certified documents can only be viewed from within the system by the first user and/or the third users. The third user or whoever views the digitally signed document does so within the system, and sees visual evidence - text, image or both - that verifies that the document is certified.

[0082] Any of the features described herein can be combined in any combination with any one or more of the other features described herein within the scope of the invention.

[0083] The reference to any prior art in this specification is not, and should not be taken as an acknowledgement or any form of suggestion that the prior art forms part of the common general knowledge.

BRIEF DESCRIPTION OF DRAWINGS

[0084] Preferred features, embodiments and variations of the invention may be discerned from the following Detailed Description which provides sufficient information for those skilled in the art to perform the invention. The Detailed Description is not to be regarded as limiting the scope of the preceding Summary of the Invention in any way. The Detailed Description will make reference to a number of drawings as follows:

[0085] Figure 1 is a schematic view of the system architecture of a system according to a preferred embodiment of the present invention.

[0086] Figure 2 is a method of loading a digital file into the system of a preferred embodiment for secure storing.

[0087] Figure 3 is a graphical representation of a detail design for loading a document into the system of a preferred embodiment for secure storing, sharing and/or request for authentication.

[0088] Figure 4 shows a method of viewing a stored digital file within the system of a preferred embodiment for secure storing.

[0089] Figure 5 is a graphical representation of a detail design for viewing a document in the system of a preferred embodiment.

[0090] Figure 6 shows a method of sharing digital document/file within the system of a preferred embodiment. [0091] Figure 7 is a graphical representation of a detail design for sharing a document in the system of a preferred embodiment.

[0092] Figure 8 is a graphical representation of a detail design for viewing a shared document in the system of a preferred embodiment.

[0093] Figure 9 shows an exemplary method of automated authentication and sharing within the system of a preferred embodiment.

DESCRIPTION OF EMBODIMENTS

[0094] According to a particularly preferred embodiment of the present invention, a system for secure digital file sharing and authenticating is provided.

[0095] The system for secure digital file sharing and authenticating of a preferred embodiment includes a computer server operating a primary server software application and multiple users, each having an associated personal computing device operating a client software application configured to communicate with the primary server software application. Each user is provided with a unique account following a registration process with the system, the registration process based on receipt of a combination of at least one knowledge factor, possession factor and inherence factor from the user by the primary server software application collected during the registration process.

[0096] Upon successful user registration, the client software application on the personal computing device automatically generates a registered user asymmetric cryptography keypair including a user public key and a user private key, and stores the keypair on the personal computing device, typically with a backup stored on the computer server operating the primary server software application.

[0097] The client software application encrypts at least the user’s at least one knowledge factor and the user private key before providing to the at least one computer server, and the user’s at least one knowledge factor remains encrypted at all times at the at least one computer server.

[0098] The system thereafter uses the asymmetric cryptography keypair to allow the user to securely store, in a digital artefact repository, one or more digital artefacts, which will typically be documents or files utilising multilayer encryption of the digital artefact with geographically non-collocated cryptography modules, said geographically non-collocated cryptography modules including a first encryption engine for first layer encryption using user the user public key at a user side and a second encryption engine for second layer encryption using a unique document encryption key at the at least one computer server.

[0099] The unique document encryption key includes a symmetric -key which is generated by the at least one computer server uniquely for every new digital artefact loaded into the system or created within the system and encrypted with the user private key and stored in an electronically stored key vault.

[0100] The present invention finds particular use in the management of digital documents.

[0101] The client software application will normally be or include a secure website accessed on the user personal computing device or a proprietary client software application installed on the user personal computing device, the use of which is capable of identifying the user and/or the user personal computing device, typically using an IMEI number or equivalent.

[0102] Figure 1 illustrates the high-level view of the ecosystem architecture, which the to-be disclosed techniques or methods in applying several well-established cryptographies that secures the registered users data and privacy information, to establish the trust system and platform system of the present invention, hereinafter named ‘i-dentify’ for safe & confident digital assets management including but not being limited to storing, sharing and processing digital artefacts (e.g. document or file) with high level of automation in a way that fraudulent misuse and/or repurposing of those within the said ‘i-dentify’ system can be prevented, are discussed to advance.

[0103] In reference to the Figure 1, the preferred ‘i-dentify’ ecosystem architecture (01) comprises:

• the secure ‘i-dentify’ platform (20), the ‘i-dentify’ secure domain website (15), and the ‘i- dentify’ mobile applications (i.e. apps 17 and 18) which form the secure i-dentify system (10);

• a plurality of internet access capable client devices (such as computer - 05) supporting a secure web browser;

• a plurality of smart devices (such as smart phones or tablets i.e. 07 and 08) supporting the installed and operatable ‘i-dentify’ mobile app (17 or 18); and

• a plurality of ‘i-dentify’ registered users (03) with associated communication device (e.g. mobile phone 06 with association 36) and/or plural ‘i-dentify’ registered users (04) with one or multiple associated smart devices (07 with association 47, and 08 with association 48).

[0104] A set of API or adaptors (51) enables the i-dentify platform to securely interact with other system(s) (50).

[0105] The secure i-dentify platform (20) in turn comprises the ID AM Server(s) (Identity and Access Management) (21), the secure database (22), the secure key vaults (23) and the secure document repository (24). Where the ID AM Server(s) is designed to handle new user(s) registration, new device(s) registration, user login, user identity verification/validation/authentication, password reset & recovery, new & existing group configuration & reconfiguration, and new & exist document(s) or file(s) processing request; the database (22) is designed for securely keeping the i-dentify registered users information; the key vaults (23) is designed to securely store the i-dentify registered users keys; and lastly the document repository (24) is designed to securely retain the i-dentify registered users encrypted digital assets such as documents or files. Furthermore, the secure i-dentify platform (20) is designed for being deployed in public cloud, private cloud, or hybrid cloud which enable new users to register and/or its registered users to access and share their digital assets via the secure i- dentify website or secure i-dentify mobile apps on theirs associated smart devices anytime and anywhere.

[0106] In order to use the i-dentify digital assets management services including but not being limited to confidential digital document safe -keeping, sharing, approving and certification or authentication, a user must via the secure i-dentify website or i-dentify mobile app installed on his/her associated smart device, performs the registration for an account. There is one and only one account for each successfully registered user.

[0107] The i-dentify system may provide several types of user account depending on a user’s privileges and/or authorities. For example, a standard-user account may allow a registered user to only use the i-dentify platform in securely retaining his/her own authenticated original digital document, in securely sharing his/her digital document with other i-dentify registered user(s) or agencies without concern whether his/her shared document will be fraudulently misused and/or repurposed, or in requesting another i-dentify registered power-user to certify his/her digital copy. Where a power-user account such as the one for an authorised person like justice of peace, may allow a user to view the relevant authenticated original digital document when certifying the corresponding digital copy, or a privilege-user account like the one for a government agency such as VicRoad for example, may allow a user to trigger a built-in API (51) that interact with their external system (50) for information verification/validation like driver licence status inquiry. A privilege-user account may be configured for group usage i.e. plurality number of users in an agency may share the same account.

[0108] During the registration phase, the i-dentify system shall via its secure i-dentify website or user’s device installed mobile app, collect plurality of user’s knowledge factors, possession factors, and inherence factors. Where three or more of those factors shall be used in interoperable manner to confirm the registering user’s identity, and two or more of those factors shall be used to authenticate the user upon subsequent logins or automated password recovery/reset. It should be noted that the i-dentify system only collect and retain the registered user’s knowledge factors and possession factors securely. Where the registered user’s inherence factors such as finger print or facial attributes are collected and stored in the user’s associated trusted smart device (i.e. the one with biometric capability) or in the third-party cloud biometric service provider system (e.g. 50) that is integrated with the i-dentify platform. An API-call (can be in-app API call) from the i-dentify system will trigger the biometric matching function for delivering the matching result i.e. positive or negative to the i-dentify server which will be used for decision making in granting access to the registered user.

[0109] Upon successful user registration via the i-dentify mobile app on the user associated device, the i-dentify mobile app automatically generates the registered user corresponded RSA keypair (i.e. user public key and user private key - client-side keys generation). The client-side generated RSA keypair is securely kept in the registered user associated device where a copy is securely transmitted to the i-dentify server for central management. The RSA asymmetric public key and private key will subsequently be used in encrypting the user’s document or file to secure data transmission prior to uploading to the i-dentify server and decrypting the user’s downloaded encrypted document or file for viewing at the user’s device(s).

[0110] In order to secure data transmission and prevent unauthorised access to the registered user information, the “elevated encryption” technique is used to encrypt the collected user’s knowledge factors and the user’s RSA private key at client site (e.g. user’s computer web browser or user’s device mobile app), using the ‘in-app built-in encryption/decryption engine’ before being transported to the i-dentify servers (21), where additional layer of encryption is applied before they will be stored in the secure database (22). Once being entered the system and encrypted; the user knowledge factors shall remain encrypted i.e. there is no point in the system that those items are disclosed in the readable format including the system administrator.

[0111] In the i-dentify ecosystem (10), a registered user (e.g. 04) can log in his/her i-dentify account flexibly from multiple associated smart devices (e.g. 07 & 47 and 08 & 48) having the installed i-dentify app (e.g. 17 and 18) to upload his/her own file to the i-dentify repository, or to download his/her own document/file from the i-dentify repository for viewing, or to share or view shared document/file securely. The i-dentify server’s device management function facilitates the said flexibility by securely transferring the centrally stored user’s RSA public key and encrypted RSA private key to the new device upon the successful first login from that device, where the transferred keypair will subsequently be used anonymously for encryption and decryption on the said device. During the initial login from a new device, to ensure the new device (e.g. 08) as part of the registered user possession/association (e.g. 48), the i-dentify system shall enforce multifactor authentication process where ‘the one time in-app passcode may be sent to the primarily or previously used user’s associated device (e.g. 07), that will be for authentication on the new device (e.g. 08)’ on the second step of MFA.

[0112] The most basic service that the i-dentify system designed to provide is the secure documents or digital artefacts storing and viewing where an i-dentify registered user may utilise the i-dentify platform as his/her cloud repository for securely or safely retaining his/her own digital assets which can be accessed only by himself/herself anywhere and anytime.

[0113] Figure 2 exemplarily illustrates the loading process by which an i-dentify registered user (e.g. 04) loads a document (101) from his/her associated device (e.g. 07) using the i-dentify secure website or mobile app (17) to the secure i-dentify platform (20) for safe-keeping, and may be subsequently for sharing and/or authentication. The key point of the document loading process (100 - Figure 2) is the multilayer encryption of a user document or digital artefact with geographically non-collocated cryptography modules. The said geographically non-collocated cryptography modules entails the first encryption engine (102) for 1st layer encryption using user public key at the client side and second encryption engine (103) for second layer encryption using unique document key at the server side. Without user intervention, a document entering the i- dentify system at a client-side is always encrypted at the client-side (e.g. device 07) with the user’s RSA public key by the 1st encryption engine (e.g. 102) before being submitted to the server (21). At the i-dentify server (21), the document is re-encrypted second time with a unique document key (105) by the second encryption engine (103).

[0114] The document encryption key (105) is a symmetric -key which is generated by the i- dentify server (21) uniquely for every new document and its copies. Each generated unique document key is encrypted with the user’s private key and then stored in the key vaults (23). A multilayer encrypted document is then saved in the document repository (24) in database area or folder (104) being reserved for the registered user (04). The multilayer encryption model with geographically non-collocated cryptography modules using user asymmetric keys at client-side module and unique document symmetric key at the server- side module shall leave no point of failure especially chained failure can be eliminated. The detail design of loading a document into the ‘i-dentify’ platform is illustrated in the Figure 3.

[0115] A document that has been uploaded to the i-dentify platform can only be accessed and/or viewed from within the i-dentify by the document owner and thus helping the realisation of the concept where the user is the one who own the data in the cloud environment.

[0116] Figure 4 exemplarily illustrates the document viewing process (150). In order to view the documents, an i-dentify registered user ‘n’ (e.g. 03 or 04) must successfully login his/her account using the secure i-dentify website or the installed mobile app (e.g. 17) in his/her associated device (e.g. client device 07). Within the i-dentify system, the registered user (e.g. 04) via the mobile app (e.g. 17) on his/her device (e.g. 07) can select document(s) for viewing (e.g. 151).

[0117] Without additional user intervention, the user’s selected document ID(s) (e.g. 152) is submitted to the i-dentify server (e.g. 21), where the multilayer encrypted document (104) and the encrypted unique document key (105) corresponding to the submitted document ID (152) are retrieved from the user document repository or folder (e.g. 24) and the key vaults (e.g. 23) respectively for use at the first decryption engine (153) to recover the user public-key encrypted document (i.e. the document still remains encrypted). The server (e.g. 21) is then sending the user public -key encrypted document to the requesting mobile app (e.g. 17) on the targeted client device (e.g. 07), where the user private key is autonomously retrieved by the app for use at the second decryption engine (155) in decrypting the user public key encrypted document. The document is then displayed via the mobile app within the i-dentify (e.g. 156).

[0118] Figure 5 details the documents viewing process within the i-dentify according to a preferred embodiment.

[0119] In addition to the above discussed techniques on secure digital asset storing and viewing, the i-dentify system is designed to provide the services on secure digital asset sharing where an i-dentify first user can share his/her i-dentify stored document or any documents in his/her possession with one or more i-dentify second users within the i-dentify with high confidence that his/her shared document is protected by the i-dentify from fraudulent misuse and/or repurposing. The said process of sharing a document (200) is exemplarily illustrated in Figure 6.

[0120] As the name suggests, sharing a document (i.e. by the first user) means allowing another party (i.e. one or more second users) to view the shared document. Like the discussed document loading and viewing process, in order to share a document, an i-dentify first user (03 or 04) must successfully login his/her account using the secure i-dentify website or the installed mobile app (17) on his/her associated device (07). Within the i-dentify system (10 - Figure 1), the first user (04) via the mobile app (17) on his/her associated device (07) may select a document(s) for sharing and further select the i-dentify second users (201) who will be receiving the shared document. The selected document(s) for share may be in the i-dentify first user repository or in his/her possession but has not been uploaded to the i-dentify.

[0121] If the selected document has not been uploaded to the i-dentify first user’s repository, without user intervention, the document intended for sharing is autonomously uploaded onto the first user’s i-dentify repository using the above discussed document loading process which returns the document ID as reference for use in the to-be-discussed sharing process.

[0122] Once the first user has selected the document for share and the second user(s) (201), without additional intervention or action from the first user (04), the mobile app (17) shall submit the document ID(s), the second user ID(s) and other sharing attributes chosen by the first user (202), to the i-dentify server (21). The sharing attributes chosen by the first user may include the restriction on how the shared document can be used. At the i-dentify server (21), the multilayer encrypted document(s) (204) and the encrypted document key (205) corresponding to the submitted document ID(s), and the first user keys are retrieved from the first user’s repository or folder (203) and the key vaults (23) respectively for use within the third decryption engine (206).

[0123] At the third decryption engine (206), the original document is briefly recovered for generating a copy (208) which will be shared. The copy of the original document (208) is low- resolution and watermarked making it differentiable from its original within the i-dentify ecosystem. The group public keys corresponding to the second users’ group (207) is retrieved from the key vaults (23) for use in the third encryption engine (209). At the third encryption engine (209), the low-resolution and watermarked copy (208) is encrypted with the retrieved group public key and then with the group document key. The multilayer encrypted low-resolution and watermarked copy is then saved in the second user(s) (recipient) folder (211). Therefore, the second user shall become the (beneficial) owner of the shared low-resolution and watermarked copy. Notification (e.g. push notification) for each second user(s) is generated (212) and sent to notify the second user(s) (213) that they have received a shared document. Figure 7 details the documents sharing process within the i-dentify according to a preferred embodiment of the present invention.

[0124] Like the above disclosed document viewing process, shared documents can only be viewed from within i-dentify by the rightful beneficial owner. Figure 8 details the process of viewing shared document according to a preferred embodiment of the present invention.

[0125] Upon receiving a notification of shared document from the i-dentify system on behalf of the first user, a second user must successfully login the i-dentify system and choose the shared document to view. Upon receiving a shared document viewing request, the i-dentify server securely verifying the second user’s group private key, and then retrieve the double-layer encrypted shared copy and the unique document group key corresponding to the submitted shared document ID from the second user document folder or repository and the key vaults respectively for use in decrypting at the first decryption engine to recover the second user group public -key encrypted shared copy. The server is then sending the second user group public -key encrypted shared copy to the requesting mobile app on the client device, where the second user group private key is autonomously retrieved by the app for use at the second decryption engine in decrypting the second user group key encrypted copy. The low-resolution and watermarked copy is then displayed via the mobile app within the i-dentify. The use of the displayed low-resolution and watermarked copy at the second user device may be restricted depending on the sharing attributes that was configured by the first user. The restriction may include downloading and/or printing.

[0126] Furthermore, the i-dentify system is also designed to provide its users the flexibility to formulate or manage the process flow for their own document that may involve multiple i- dentify users with different account types and their requested actions. For example, the process of authentication and sharing of document (300) as being exemplified in Figure 9.

[0127] In reference to the exemplary authentication and sharing of a document (300 - Figure 9), within the i-dentify, a first user on his/her device (301), may want an original document in his/her possession where the copy of the original must be certified by a nominated (high-power) second user (302), and the authenticated copy is then submitted to the third user (303) as an legitimated copy for further usage. A second user may be the document originator (e.g. financial institutes, or first user employer), or a certifying body (e.g. justice of peace) approved by the i- dentify business.

[0128] Like previous disclosed processes, the first user must successfully login the i-dentify system via the i-dentify app on his/her device. The first user (301) commences the process via the app on his/her device, by selecting the document, identifying the second user for authentication and the third user as the recipient of the authenticated copy (310). Without further interventions from the first user (301), the document ID, second user ID, third user ID and the defined process flow (311) are submitted to the i-dentify server (304).

[0129] At the i-dentify server (304), the original document corresponding to the submitted document ID is briefly retrieved within the third decryption engine from the first user’s folder or repository (340) for generating a reduced resolution & watermarked copy. The reduced- resolution and watermarked copy is multilayer encrypted using second user public key and newly generated document key, and then stored in the second user’s folder or repository (341). The i- dentify notifies the second user that he/she have received a document and authentication request (314).

[0130] Upon receiving a document and authentication request, the second user may login the i-dentify system, view the reduced-resolution and watermarked copy, verify the reduced- resolution and watermarked copy by comparing the copy with their source system data (320) and then cryptographically signs the reduced-resolution & watermarked copy.

[0131] Alternatively, the second user (302) may be given the authority by the i-dentify to directly view the original corresponding to the copy for the verification purpose.

[0132] On the completion of the certifying process (322), the i-dentify system may provide the option for the second user (302) to send the authenticated copy directly to the third user (303). When the option for direct delivery of the authenticated copy is selected, the i-dentify will encrypt and save the authenticated copies to the first user’s folder (351) and third user’s folder or repository (352), and the notifications are sent to the first user (323) indicating the delivery of the authenticated copy and third user (324) informing the sharing of the authenticated copy.

[0133] When the option for direct delivery of the authenticated copy is not selected, the i- dentify will save the encrypted authenticated copy to the first user’s folder or repository (351), and the notification is sent to the first user (323) indicating the availability of the authenticated copy. The first use may then need to view and act in sharing the authenticated copy (312) to the third user (303) where the authenticated copy is decrypted, re-encrypted and stored in the third user’s folder (342). The third user (303) or whoever views the digitally signed document does so within i-dentify (330), and sees visual evidence - text, image or both - that verifies that the document is certified.

[0134] The major functions of the preferred embodiment can be summarised as follows:

Authentication and sharing of documents

[0135] Document is loaded using the i-dentify app. A reduced resolution, watermarked version of the document is shared with the certifying body, who may be the document originator, or a certifying body approved by the i-dentify business. The certifying body, running i-dentify, compares the document with their source system data, and then digitally signs the watermarked copy. The document owner receives a copy of the digitally signed document and can then share that with whomever. Whoever views the digitally signed document does so within i-dentify, and sees visual evidence - text, image or both - that verifies that the document is certified.

Load document

[0136] This is the process by which a user loads a document from their device. A key point is that documents are always encrypted client-side before being submitted to the server.

[0137] Document is twice encrypted, firstly with the user’s public key, and subsequently with a unique document encryption key. The document is encrypted with its own private key, and that private key is further encrypted with the user’s private key.

Share document

[0138] Sharing a document means, as the name suggests, allowing another party to view the shared document. The process of sharing a document entails:

1. Within i-dentify, generating a copy of the original document (call ndoc), that is low- resolution and watermarked within the i-dentify app

2. Retrieving the group public key, and encrypting ndoc with a group public key

3. Storing the encrypted document in the recipient’ s folder

4. i-dentify notifies the recipient that they have received a document View document

[0139] Documents can only be viewed from within i-dentify. The process entails retrieving the document’s private key from the server, decrypting the document client-side in i-dentify, and then displaying the document from with i-dentify.

View shared document

[0140] Documents can only be viewed from within i-dentify. The process entails securely verifying the group private key, and then decrypting the document client-side within i-dentify, using the group private key.

[0141] The preferred embodiment therefore provides a trusted and secure digital asset management platform enabling its subscribers to securely store their digital assets, specify the flow of their encrypted document in requesting authentication, submitting and/or sharing with the intended platform’s users or agencies

[0142] In the present specification and claims (if any), the word ‘comprising’ and its derivatives including ‘comprises’ and ‘comprise’ include each of the stated integers but does not exclude the inclusion of one or more further integers.

[0143] Reference throughout this specification to ‘one embodiment’ or ‘an embodiment’ means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, the appearance of the phrases ‘in one embodiment’ or ‘in an embodiment’ in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, the particular features, structures, or characteristics may be combined in any suitable manner in one or more combinations.

[0144] In compliance with the statute, the invention has been described in language more or less specific to structural or methodical features. It is to be understood that the invention is not limited to specific features shown or described since the means herein described comprises preferred forms of putting the invention into effect. The invention is, therefore, claimed in any of its forms or modifications within the proper scope of the appended claims (if any) appropriately interpreted by those skilled in the art.