Method and system for messaging security
First Claim
1. A system comprising:
- a messaging firewall that cooperates with a remote publicly accessible security server to securely transmit e-mail messages,wherein the messaging firewall encrypts an e-mail message in accordance with at least one encryption key and determines, based on textual content, a destination, a size, and a source of the e-mail message, whether application of a signature to the e-mail message is required, the e-mail message being sent from the source to one or more recipients;
wherein the messaging firewall queries the remote security server for an encryption key including related encryption data which is associated with at least one target server for the e-mail message, and that in response to a determination that application of a signature is required for the e-mail message, retrieves the signature and a certificate associated with the source of the e-mail message;
wherein the encryption key is the recipient'"'"'s public key;
wherein the certificate is used to store the recipient'"'"'s public key;
wherein the signature is applied to the e-mail message to allow for a recipient of the one or more recipients to authenticate the source, wherein the encryption key is stored in the remote security server, and the certificate is included with the signature; and
wherein the messaging firewall transmits the e-mail message to at least one target server for which encryption data was retrieved by the messaging firewall.
2 Assignments
0 Petitions
Accused Products
Abstract
An e-mail firewall applies policies to e-mail messages transmitted between a first site and a plurality of second sites. The e-mail firewall includes a plurality of mail transfer relay modules for transferring e-mail messages between the first site and one of the second sites. Policy managers are used to enforce and administer selectable policies. The policies are used to determine security procedures for the transmission and reception of e-mail messages. The e-mail firewall employs signature verification processes to verify signatures in received encrypted e-mail messages. The e-mail firewall is further adapted to employ external servers for verifying signatures. External servers are also used to retrieve data that is employed to encrypt and decrypt e-mail messages received and transmitted by the e-mail firewall, respectively.
-
Citations
16 Claims
-
1. A system comprising:
-
a messaging firewall that cooperates with a remote publicly accessible security server to securely transmit e-mail messages, wherein the messaging firewall encrypts an e-mail message in accordance with at least one encryption key and determines, based on textual content, a destination, a size, and a source of the e-mail message, whether application of a signature to the e-mail message is required, the e-mail message being sent from the source to one or more recipients; wherein the messaging firewall queries the remote security server for an encryption key including related encryption data which is associated with at least one target server for the e-mail message, and that in response to a determination that application of a signature is required for the e-mail message, retrieves the signature and a certificate associated with the source of the e-mail message; wherein the encryption key is the recipient'"'"'s public key; wherein the certificate is used to store the recipient'"'"'s public key; wherein the signature is applied to the e-mail message to allow for a recipient of the one or more recipients to authenticate the source, wherein the encryption key is stored in the remote security server, and the certificate is included with the signature; and wherein the messaging firewall transmits the e-mail message to at least one target server for which encryption data was retrieved by the messaging firewall. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of securely transmitting e-mail messages, the method comprising:
-
encrypting, at a messaging firewall, an e-mail message in accordance with at least one encryption key, the e-mail message being sent from a source to one or more recipients; determining based on textual content, a destination, a size, and the source of the e-mail message, whether application of a signature to the e-mail message is required; querying, at the messaging firewall, a remote security server for an encryption key including related encryption data which is associated with at least one target server for the e-mail message, wherein the encryption key is the recipient'"'"'s public key; in response to a determination that application of a signature is required for the e-mail message, retrieving the signature and a certificate associated with the source of the e-mail message, wherein the certificate is used to store the recipient'"'"'s public key, wherein the signature is applied to the e-mail message to allow for a recipient of the one or more recipients to authenticate the source, wherein the encryption key is stored in the remote security server, and the certificate is included with the signature; and transmitting the e-mail message to at least one target server for which encryption data was retrieved by the messaging firewall. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A computer program product encoded in one or more non-transitory media, the computer program product including instructions that when executed by one or more processors causes the one or more processors to perform a method comprising:
-
encrypting, at a messaging firewall, an e-mail message in accordance with at least one encryption key, the e-mail message being sent from a source to one or more recipients; determining based on textual content, a destination, a size, and the source of the e-mail message, whether application of a signature to the e-mail message is required; querying, at a messaging firewall, a remote security server for an encryption key including related encryption data which is associated with at least one target server for the e-mail message, wherein the encryption key is the recipient'"'"'s public key; in response to a determination that application of a signature is required for the e-mail message, retrieving a signature and a certificate associated with the source of the e-mail message, wherein the certificate is used to store the recipient'"'"'s public key, wherein the signature is applied to the e-mail message to allow for a recipient of the one or more recipients to authenticate the source, wherein the encryption key is stored in the remote security server, and the certificate is included with the signature; and transmitting the e-mail message to at least one target server for which encryption data was retrieved by the messaging firewall.
-
Specification