Secure electronic mail system

US 10,021,062 B2
Filed: 10/25/2017
Issued: 07/10/2018
Est. Priority Date: 07/01/2005
Status: Active Grant

First Claim

Patent Images

1. A secure messaging system comprising:

a server system including a processor configured to execute a secure messaging service program; and

a sender computing device including a processor configured to execute a program that displays a client graphical user interface (GUI);

wherein the sender computing device is configured to;

receive input of a message from a sender via the client GUI;

receive input of a send command from the sender via the client GUI to send the message to a recipient designated by the sender; and

send the message over a secure channel to the server system;

wherein the server system is configured to;

receive the message;

store the message in encrypted form;

generate a substitute message after receiving the message, said substitute message lacking at least some message content of the message, and including a link that provides functionality to authenticate a recipient and to securely retrieve the message from the server system and further including a message access key including a message identifier identifying the message and a service host identifier indicating to the recipient a network accessible address of the server system at which the message is stored; and

transmit the substitute message to the sender computing device via the secure channel;

wherein the sender computing device is further configured to;

send the substitute message from the sender computing device to a third party application server for transmission to a recipient computing device, wherein the substitute message is transmitted from the sender computing device to the third party application server over a secure channel; and

wherein the server system is further configured to;

receive a request for access to the message stored at the server system from the recipient computing device, the request being generated based on the message access key in the link in the substitute message; and

transmit the message to the recipient computing device via a secure communications protocol.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An e-mail system is disclosed that overcomes many deficiencies of, but is backward compatible with, existing e-mail systems. Embodiments of the system may include various features, including but not limited to: (1) secure transfer of e-mail messages, without the need for users to replace existing e-mail clients or to change e-mail addresses; (2) tracking of all actions performed in connection with an e-mail transmission; (3) the ability for a recipient to view information about an e-mail message, optionally including information about how other addressees have responded to it, before deciding whether to retrieve the e-mail message; (4) the aggregation of entire e-mail conversations into a single threaded view; (5) the ability to include both private and public messages in a single e-mail communication; (6) sender control over downstream actions performed in connection with an e-mail message; (7) flexible control over cryptographic methods used to encrypt emails messages for storage.

171 Citations

20 Claims

1. A secure messaging system comprising:
- a server system including a processor configured to execute a secure messaging service program; and
  
  a sender computing device including a processor configured to execute a program that displays a client graphical user interface (GUI);
  
  wherein the sender computing device is configured to;
  
  receive input of a message from a sender via the client GUI;
  
  receive input of a send command from the sender via the client GUI to send the message to a recipient designated by the sender; and
  
  send the message over a secure channel to the server system;
  
  wherein the server system is configured to;
  
  receive the message;
  
  store the message in encrypted form;
  
  generate a substitute message after receiving the message, said substitute message lacking at least some message content of the message, and including a link that provides functionality to authenticate a recipient and to securely retrieve the message from the server system and further including a message access key including a message identifier identifying the message and a service host identifier indicating to the recipient a network accessible address of the server system at which the message is stored; and
  
  transmit the substitute message to the sender computing device via the secure channel;
  
  wherein the sender computing device is further configured to;
  
  send the substitute message from the sender computing device to a third party application server for transmission to a recipient computing device, wherein the substitute message is transmitted from the sender computing device to the third party application server over a secure channel; and
  
  wherein the server system is further configured to;
  
  receive a request for access to the message stored at the server system from the recipient computing device, the request being generated based on the message access key in the link in the substitute message; and
  
  transmit the message to the recipient computing device via a secure communications protocol.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The secure messaging system of claim 1, wherein the message is an e-mail message.
  - 3. The secure messaging system of claim 2, wherein the e-mail message includes at least one of an attached file, a calendar invite, a signature request, and a fillable form.
  - 4. The secure messaging system of claim 3, wherein the substitute message lacks one or more of an SMTP e-mail address of the sender, a subject line of the e-mail message, and a file name of the attached file.
  - 5. The secure messaging system of claim 2, wherein the substitute message is a substitute e-mail message, the substitute e-mail message is transmitted to the third party application server via an SMTP relay of the third party application server, and the substitute e-mail message is transmitted from the third party application server to the recipient computing device over an SMTP protocol.
  - 6. The secure messaging system of claim 1, wherein the server system is further configured to:
    - receive recipient data including a recipient address from the recipient; and
      
      transmit the message to the recipient computing device via a secure communications protocol, based on the recipient data.
  - 7. The secure messaging system of claim 1, wherein the link is a link to a web client interface that points to a web site that provides functionality for accessing the message via a web-based interface.
  - 8. The secure messaging system of claim 7, wherein the web-based interface is a web browser.
  - 9. The secure messaging system of claim 1, wherein the link is a link that points to an application server that provides functionality for accessing the message via an in-application interface.
  - 10. The secure messaging system of claim 1, wherein the sender computing device is further configured to:
    - receive a security token from the third party application server; and
      
      open a secure connection between the sender computing device and the third party application server, wherein opening the secure connection includes sending the security token to the third party application server.
  - 11. The secure messaging system of claim 1, where the message is received from the sender via a client plug-in running on the sender computing device.

12. A method for use with a secure messaging system, the method comprising:
- at a sender computing device;
  
  receiving input of a message from a sender via a client GUI;
  
  receiving input of a send command from the sender via the client GUI to send the message to a recipient designated by the sender; and
  
  sending the message over a secure channel to a server system;
  
  at the server system;
  
  receiving the message;
  
  storing the message in encrypted form;
  
  generating a substitute message after receiving the message, said substitute message lacking at least some message content of the message, and including a link that provides functionality to authenticate a recipient and to securely retrieve the message from the server system and further including a message access key including a message identifier identifying the message and a service host identifier indicating to the recipient a network accessible address of the server system at which the message is stored; and
  
  transmitting the substitute message to the sender computing device via the secure channel;
  
  at the sender computing device;
  
  sending the substitute message from the sender computing device to a third party application server for transmission to a recipient computing device, wherein the substitute message is transmitted from the sender computing device to the third party application server over a secure channel; and
  
  at the server system;
  
  receiving a request for access to the message stored at the server system from the recipient computing device, the request being generated based on the message access key in the link in the substitute message; and
  
  transmitting the message to the recipient computing device via a secure communications protocol.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The method of claim 12, wherein the message is an e-mail message.
  - 14. The method of claim 13, wherein the e-mail message includes at least one of an attached file, a calendar invite, a signature request, and a fillable form.
  - 15. The method of claim 14, wherein the substitute message lacks one or more of an SMTP e-mail address of the sender, a subject line of the e-mail message, and a file name of the attached file.
  - 16. The method of claim 13, wherein the substitute message is a substitute e-mail message, the substitute e-mail message is transmitted to the third party application server via an SMTP relay of the third party application server, and the substitute e-mail message is transmitted from the third party application server to the recipient computing device over an SMTP protocol.
  - 17. The method of claim 12, wherein the link is a link to a web client interface that points to a web site that provides functionality for accessing the message via a web-based interface.
  - 18. The method of claim 12, wherein the link is a link that points to an application server that provides functionality for accessing the message via an in-application interface.

19. A secure messaging system comprising:
- a server system including a processor configured to execute a secure messaging service program;
  
  a third party application server; and
  
  a sender computing device including a processor configured to execute a program that displays a client graphical user interface (GUI);
  
  wherein the sender computing device is configured to;
  
  receive input of a message from a sender via the client GUI;
  
  receive input of a send command from the sender via the client GUI to send the message to a recipient designated by the sender; and
  
  send the message over a secure channel to the server system;
  
  wherein the server system is configured to;
  
  receive the message;
  
  store the message in encrypted form;
  
  generate a substitute message after receiving the message, said substitute message lacking at least some message content of the message, and including a link that provides functionality to authenticate a recipient and to securely retrieve the message from the server system and further including a message access key including a message identifier identifying the message and a service host identifier indicating to the recipient a network accessible address of the server system at which the message is stored; and
  
  transmit the substitute message to the sender computing device via the secure channel;
  
  wherein the sender computing device is further configured to;
  
  send the substitute message from the sender computing device to the third party application server, wherein the substitute message is sent from the sender computing device to the third party application server over a secure channel;
  
  wherein the third party application server is configured to;
  
  transmit the substitute message to a recipient computing device; and
  
  wherein the server system is further configured to;
  
  receive a request for access to the message stored at the server system from the recipient computing device, the request being generated based on the message access key in the link in the substitute message; and
  
  transmit the message to the recipient computing device via a secure communications protocol.
- View Dependent Claims (20)
- - 20. The secure messaging system of claim 19, wherein the message is an e-mail message, the substitute message is a substitute e-mail message, the substitute e-mail message is transmitted to the third party application server via an SMTP relay of the third party application server, and the substitute e-mail message is transmitted from the third party application server to the recipient computing device over an SMTP protocol.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Appriver Canada, ULC (Open Text Corporation)
Original Assignee
Cirius Messaging Inc. (Open Text Corporation)
Inventors
LeVasseur, Thierry, Astudillo, Esteban, McLean, Matt
Primary Examiner(s)
Tiv, Backhean

Application Number

US15/793,796
Publication Number

US 20180054414A1
Time in Patent Office

258 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/445   by mutual authentication, e...

G06F 21/60   Protecting data

G06F 21/602   Providing cryptographic fac...

G06F 21/606   by securing the transmissio...

G06Q 10/10   Office automation; Time man...

G06Q 10/107   Computer-aided management o...

H04L 12/4625   Single bridge functionality...

H04L 12/4633   Interconnection of networks...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 2209/68   Special signature format, e...

H04L 2209/80   Wireless network architectu...

H04L 51/00   User-to-user messaging in p...

H04L 51/02   using automatic reactions o...

H04L 51/18   Commands or executable codes

H04L 51/212   using filtering or selectiv...

H04L 51/214   using selective forwarding

H04L 51/216   Handling conversation histo...

H04L 51/234   for tracking messages

H04L 51/42   Mailbox-related aspects, e....

H04L 51/56 : Unified messaging, e.g. int...

H04L 63/0428 : wherein the data content is...

H04L 63/08 : for authentication of entit...

H04L 63/12 : Applying verification of th...

H04L 63/123 : received data contents, e.g...

H04L 63/1441 : Countermeasures against mal...

H04L 63/145 : the attack involving the pr...

H04L 63/168 : above the transport layer

H04L 63/306 : intercepting packet switche...

H04L 67/02 : based on web technology, e....

H04L 9/3213 : using tickets or tokens, e....

H04L 9/3247 : involving digital signatures

H04L 9/3263 : involving certificates, e.g...

View All

Secure electronic mail system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

171 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure electronic mail system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

171 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links