Vault controller secure depositor for managing secure communication

Abstract

A secure-end-to-end communication system for conducting electronic business includes a web server—vault controller having personal storage vaults for users, registration and certification authorities. Each personal vault runs programs on the controller under a unique platform ID, e.g. a UNIX user ID. Data storage is provided by the controller wherein the storage is owned by the same user ID assigned to the vault. User processes running in dedicated vaults are able to communicate with other User processes running in different vaults using a secure depositor running as a module in a vault process in each vault. Messages are sent from a vault process to a specific vault rather than another vault process. There is no direct communication between vault processes. In operation, if a vault process intends for a message to go to another vault, e.g. Vault V, the sending secure depositor performs the mapping from the DN of the owner of Vault V to the DN of Vault V. The secure depositor then obtains the public encryption key of Vault V from the certificate found in the X.500 directory under the DN of Vault V. The secure depositor encrypts the message with the recipient's public key and signs the message with the private signing key in the sender's vault. The secure depositor inserts the encrypted and signed message (including the signing certificate) into a queue for Vault V. On the receiving side, the receiving secure depositor retrieves the message and decrypts the message with the private decryption key in Vault V. The secure depositor verifies the signature with the included certificate, after validating the certificate and checking the appropriate Certification Revocation Lists (CRL) in the X.500 directory. A secure depositor daemon, running either in the controller or on a remote machine, is used for relaying messages between processes running in vaults on different machines.