Taint mechanism for messaging system

US 10,594,703 B2
Filed: 03/16/2018
Issued: 03/17/2020
Est. Priority Date: 05/18/2015
Status: Active Grant

First Claim

Patent Images

1. A method for managing a plurality of messages associated with an online messaging system, the method comprising:

receiving a message from a messaging source;

determining whether the messaging source associated with the received message is trusted, wherein determining whether the messaging source associated with the received message is trusted includes determining whether the received message was digitally signed by an application with a chain of trust;

tagging the received message or storing the received message, wherein the tagging and the storing is based on the determination that the messaging source is not trusted and not digitally signed;

in response to determining the tagged or stored message can be validated, validating the tagged or stored message;

sending the validated message to the online messaging system; and

in response to determining the tagged or stored message cannot be validated and the online messaging system is allowed to receive an unvalidated message, untagging the message and sending the unvalidated message to the online messaging system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for managing a plurality of messages associated with an online messaging system is provided. The method may include receiving a message from a messaging source. The method may also include determining whether the messaging source associated with the received message is trusted. The method may further include tagging the received message or storing the received message, wherein the tagging and the storing is based on the determination that the messaging source is not trusted. The method may additionally include validating the received message.

9 Citations

20 Claims

1. A method for managing a plurality of messages associated with an online messaging system, the method comprising:
- receiving a message from a messaging source;
  
  determining whether the messaging source associated with the received message is trusted, wherein determining whether the messaging source associated with the received message is trusted includes determining whether the received message was digitally signed by an application with a chain of trust;
  
  tagging the received message or storing the received message, wherein the tagging and the storing is based on the determination that the messaging source is not trusted and not digitally signed;
  
  in response to determining the tagged or stored message can be validated, validating the tagged or stored message;
  
  sending the validated message to the online messaging system; and
  
  in response to determining the tagged or stored message cannot be validated and the online messaging system is allowed to receive an unvalidated message, untagging the message and sending the unvalidated message to the online messaging system.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the messaging source comprises at least one of a network connection, an application, and an input queue.
  - 3. The method of claim 1, wherein determining whether the messaging source associated with the received message is trusted comprises determining whether an attribute associated with the received message has been set to flag the received message as being sent from an untrusted source.
  - 4. The method of claim 3, wherein the setting of the attribute associated with the received message is either manually set by an administrator or automatically set according to a plurality of predetermined criteria identifying a plurality of untrusted sources.
  - 5. The method of claim 1, wherein the tagging of the received message comprises storing a taint flag in a field in a header associated with an application messaging payload for a plurality of data associated with the received message or storing a taint flag in a plurality of metadata associated with the received message.
  - 6. The method of claim 1, wherein storing the received message comprises storing the received message in a data store or a repository.
  - 7. The method of claim 1, wherein validating the received message further comprises:
    - determining whether it is possible to sanitize or to verify the received message is safe;
      
      determining whether to maintain or unset the tagging of the received message based on the determination that is possible to sanitize or to verify the received message is safe; and
      
      sending the received message back into the online messaging system based on the determination that is possible to sanitize or to verify the received message is safe.

8. A computer system for managing a plurality of messages associated with an online messaging system, the computer system comprising:
- one or more processors, one or more computer-readable memories, one or more computer-readable tangible storage devices, and program instructions stored on at least one of the one or more storage devices for execution by at least one of the one or more processors via at least one of the one or more memories, wherein the computer system is capable of performing a method comprising;
  
  receiving a message from a messaging source;
  
  determining whether the messaging source associated with the received message is trusted, wherein determining whether the messaging source associated with the received message is trusted includes determining whether the received message was digitally signed by an application with a chain of trust;
  
  tagging the received message or storing the received message, wherein the tagging and the storing is based on the determination that the messaging source is not trusted and not digitally signed;
  
  in response to determining the tagged or stored message can be validated, validating the tagged or stored message;
  
  sending the validated message to the online messaging system; and
  
  in response to determining the tagged or stored message cannot be validated and the online messaging system is allowed to receive an unvalidated message, untagging the message and sending the unvalidated message to the online messaging system.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer system of claim 8, wherein the messaging source comprises at least one of a network connection, an application, and an input queue.
  - 10. The computer system of claim 8, wherein determining whether the messaging source associated with the received message is trusted comprises determining whether an attribute associated with the received message has been set to flag the received message as being sent from an untrusted source.
  - 11. The computer system of claim 10, wherein the setting of the attribute associated with the received message is either manually set by an administrator or automatically set according to a plurality of predetermined criteria identifying a plurality of untrusted sources.
  - 12. The computer system of claim 8, wherein the tagging of the received message comprises storing a taint flag in a field in a header associated with an application messaging payload for a plurality of data associated with the received message or storing a taint flag in a plurality of metadata associated with the received message.
  - 13. The computer system of claim 8, wherein storing the received message comprises storing the received message in a data store or a repository.
  - 14. The computer system of claim 8, wherein validating the received message further comprises:
    - determining whether it is possible to sanitize or to verify the received message is safe;
      
      determining whether to maintain or unset the tagging of the received message based on the determination that is possible to sanitize or to verify the received message is safe; and
      
      sending the received message back into the online messaging system based on the determination that is possible to sanitize or to verify the received message is safe.

15. A computer program product for managing a plurality of messages associated with an online messaging system, the computer program product comprising:
- one or more computer-readable storage devices and program instructions stored on at least one of the one or more tangible storage devices, the program instructions executable by a processor, the program instructions comprising;
  
  program instructions to receive a message from a messaging source;
  
  program instructions to determine whether the messaging source associated with the received message is trusted, wherein determining whether the messaging source associated with the received message is trusted includes determining whether the received message was digitally signed by an application with a chain of trust;
  
  program instructions to tag the received message or storing the received message, wherein the tagging and the storing is based on the determination that the messaging source is not trusted and not digitally signed;
  
  in response to determining the tagged or stored message can be validated, program instructions to validate the tagged or stored message;
  
  program instructions to send the validated message to the online messaging system; and
  
  in response to determining the tagged or stored message cannot be validated and the online messaging system is allowed to receive an unvalidated message, program instructions to untag the message and send the unvalidated message to the online messaging system.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer program product of claim 15, wherein the messaging source comprises at least one of a network connection, an application, and an input queue.
  - 17. The computer program product of claim 15, wherein determining whether the messaging source associated with the received message is trusted comprises determining whether an attribute associated with the received message has been set to flag the received message as being sent from an untrusted source.
  - 18. The computer program product of claim 17, wherein the setting of the attribute associated with the received message is either manually set by an administrator or automatically set according to a plurality of predetermined criteria identifying a plurality of untrusted sources.
  - 19. The computer program product of claim 15, wherein the tagging of the received message comprises storing a taint flag in a field in a header associated with an application messaging payload for a plurality of data associated with the received message or storing a taint flag in a plurality of metadata associated with the received message.
  - 20. The computer program product of claim 15, wherein storing the received message comprises storing the received message in a data store or a repository.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Beardsmore, Anthony P., Levell, Jonathan
Primary Examiner(s)
Patel, Chirag R

Application Number

US15/923,278
Publication Number

US 20180205744A1
Time in Patent Office

732 Days
Field of Search
US Class Current
CPC Class Codes

G06Q 10/107   Computer-aided management o...

H04L 51/046   Interoperability with other...

H04L 51/08   Annexed information, e.g. a...

H04L 51/212   using filtering or selectiv...

H04L 51/23   Reliability checks, e.g. ac...

H04L 63/0209   Architectural arrangements,...

H04L 63/123   received data contents, e.g...

H04L 63/126   the source of the received ...

Taint mechanism for messaging system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

9 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Taint mechanism for messaging system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others