Secure electronic mail system

US 10,601,764 B2
Filed: 04/10/2019
Issued: 03/24/2020
Est. Priority Date: 07/01/2005
Status: Active Grant

First Claim

Patent Images

1. A method for a secure messaging system, the method comprising:

implementing, at a server system, a secure messaging service;

intercepting a message on a sender computing device when the message is composed and sent by a sender on the sender computing device;

sending the intercepted message in unencrypted form over a secure channel to the server system;

receiving the message in unencrypted form at the server system, the message being from the sender, the sender having an account with the secure messaging service, and being addressed to a recipient that does not have an account with the secure messaging service;

storing the message in encrypted form on the server system;

generating, or causing a generation of, an introductory message after receiving of the message at the server system;

transmitting, or causing a transmission of, the introductory message to the recipient in unencrypted form via an SMTP protocol, said introductory message lacking at least some message content of the message, and including a link to a web client interface that provides functionality to authenticate the recipient and to securely retrieve the message from the server system and further including a message access key including a message identifier identifying the message and a service host identifier indicating to the recipient a network accessible address of the server system at which the message is stored, wherein the message access key does not serve as an encryption or decryption key;

upon access of the introductory message by the recipient, programmatically receiving recipient data including the message access key and a recipient address from the recipient;

registering the recipient with the secure messaging service by validating the message access key and the recipient address; and

transmitting the message in unencrypted form to the recipient via a secure communications protocol, based on the recipient data.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An e-mail system is disclosed that overcomes many deficiencies of, but is backward compatible with, existing e-mail systems. Embodiments of the system may include various features, including but not limited to: (1) secure transfer of e-mail messages, without the need for users to replace existing e-mail clients or to change e-mail addresses; (2) tracking of all actions performed in connection with an e-mail transmission; (3) the ability for a recipient to view information about an e-mail message, optionally including information about how other addressees have responded to it, before deciding whether to retrieve the e-mail message; (4) the aggregation of entire e-mail conversations into a single threaded view; (5) the ability to include both private and public messages in a single e-mail communication; (6) sender control over downstream actions performed in connection with an e-mail message; (7) flexible control over cryptographic methods used to encrypt emails messages for storage.

Citations

21 Claims

1. A method for a secure messaging system, the method comprising:
- implementing, at a server system, a secure messaging service;
  
  intercepting a message on a sender computing device when the message is composed and sent by a sender on the sender computing device;
  
  sending the intercepted message in unencrypted form over a secure channel to the server system;
  
  receiving the message in unencrypted form at the server system, the message being from the sender, the sender having an account with the secure messaging service, and being addressed to a recipient that does not have an account with the secure messaging service;
  
  storing the message in encrypted form on the server system;
  
  generating, or causing a generation of, an introductory message after receiving of the message at the server system;
  
  transmitting, or causing a transmission of, the introductory message to the recipient in unencrypted form via an SMTP protocol, said introductory message lacking at least some message content of the message, and including a link to a web client interface that provides functionality to authenticate the recipient and to securely retrieve the message from the server system and further including a message access key including a message identifier identifying the message and a service host identifier indicating to the recipient a network accessible address of the server system at which the message is stored, wherein the message access key does not serve as an encryption or decryption key;
  
  upon access of the introductory message by the recipient, programmatically receiving recipient data including the message access key and a recipient address from the recipient;
  
  registering the recipient with the secure messaging service by validating the message access key and the recipient address; and
  
  transmitting the message in unencrypted form to the recipient via a secure communications protocol, based on the recipient data.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, wherein the link to the web client interface points to a web site that provides functionality for accessing the message via a web-based interface.
  - 3. The method of claim 1, wherein the receiving includes receiving the message from the sender via a client plug-in running on the sender computing device, and where the transmitting of the message in unencrypted form to the recipient occurs after the transmitting of the introductory message.

4. A method for a secure messaging system, the method comprising:
- intercepting a message composed and sent by a sender via a messaging client running on a sender computing device with a messaging client plug-in running on a sender computing device, such that an ordinary transmission of the message to a recipient via a recipient computing device associated with a recipient address is blocked;
  
  sending the message in unencrypted form via a secure communications protocol from the sender computing device to a server system for storage thereon in encrypted form;
  
  sending an introductory message in unencrypted form via an SMTP protocol to the recipient computing device, said introductory message including a key for retrieving the message from the server system in unencrypted form via the secure communications protocol, the key including a message identifier identifying the message and a service host identifier indicating to the recipient a network accessible address of the server system at which the message is stored, wherein the key does not serve as an encryption or decryption key, the key being further usable with the recipient address to programmatically register the recipient with the secure messaging service upon access of the introductory message by the recipient, wherein the introductory message lacks at least some message content of the message.
- View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 5. The method of claim 4, the method further comprising:
    - communicating the message in unencrypted form from the sender computing device to the recipient via the secure messaging service without using a store-and-forward model.
  - 6. The method of claim 4, wherein the server system implements multiple different secure messaging services from which the sender can select, at least some of which use different encryption methods than others, and wherein the step of encrypting the message at the server system comprises using an encryption method that corresponds to a secure messaging service selected by the sender.
  - 7. The method of claim 4, wherein the introductory message is a text-only message.
  - 8. The method of claim 4, wherein the introductory message is initially sent from the server system to the sender computing device, and then from the sender computing device to the recipient address, such that the introductory message appears to the recipient to come from the sender.
  - 9. The method of claim 4, wherein the introductory message further includes an Internet address for downloading a client plug-in that provides functionality for the recipient to retrieve the message from the server system.
  - 10. The method of claim 4, wherein the introductory message further includes a link to a web client interface that provides functionality for authenticating the recipient based on recipient data and for retrieving the message in unencrypted form via the secure communications protocol from the server system based on the authentication of the recipient.
  - 11. The method of claim 4, wherein the message is sent in unencrypted form from the sender computing device to the server system without use of an SMTP protocol.
  - 12. The method of claim 4, the method further comprising:
    - sending, via the client plug-in, authentication information from the sender computing device to the server system to enable the server system to authenticate the sender computing device prior to receiving the message.
  - 13. The method of claim 12, wherein the authentication information is sent from the sender computing device to the server system using the secure communications protocol.
  - 14. The method of claim 13, wherein the secure communications protocol is an HTTPS protocol.
  - 15. The method of claim 4, the method further comprising:
    - on the recipient computing device, using the key to retrieve additional information about the message from the server system prior to retrieving the message.
  - 16. The method of claim 15, wherein the additional information about the message includes information about how one or more recipients of the message have rated the message.
  - 17. The method of claim 15, wherein the additional information about the message includes a result of at least one virus scan of the message.
  - 18. The method of claim 4, wherein the step of sending the introductory message to the recipient computing device associated with the recipient address is performed by the sender computing system via execution of the client plug-in.
  - 19. The method of claim 4, wherein the step of sending the introductory message to the recipient computing device associated with the recipient address is performed by the server system.
  - 20. The method of claim 4, the method further comprising:
    - receiving, at said server system, a termination request sent from the sender computing device, andin response to the termination request, blocking the recipient from forwarding or replying to the message, but continuing to provide the recipient access to the message.
  - 21. The method of claim 4, the method further comprising:
    - retrieving, by the recipient, the message from the server system;
      
      forwarding, by the recipient, the message to a second recipient to generate a child message;
      
      receiving a request from the sender to terminate a conversation associated with the message;
      
      in response to the request, blocking the recipient from forwarding and replying to the message; and
      
      blocking the second recipient from forwarding and replying to the child message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Appriver Canada, ULC (Open Text Corporation)
Original Assignee
Appriver Canada, ULC (Open Text Corporation)
Inventors
LeVasseur, Thierry, Astudillo, Esteban, McLean, Matt
Primary Examiner(s)
Tiv, Backhean

Application Number

US16/380,839
Publication Number

US 20190238494A1
Time in Patent Office

349 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/445   by mutual authentication, e...

G06F 21/60   Protecting data

G06F 21/602   Providing cryptographic fac...

G06F 21/606   by securing the transmissio...

G06Q 10/10   Office automation; Time man...

G06Q 10/107   Computer-aided management o...

H04L 12/4625   Single bridge functionality...

H04L 12/4633   Interconnection of networks...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 2209/68   Special signature format, e...

H04L 2209/80   Wireless

H04L 51/00   User-to-user messaging in p...

H04L 51/02   using automatic reactions o...

H04L 51/18   Commands or executable codes

H04L 51/212   using filtering or selectiv...

H04L 51/214   using selective forwarding

H04L 51/216   Handling conversation histo...

H04L 51/234   for tracking messages

H04L 51/42   Mailbox-related aspects, e....

H04L 51/56 : Unified messaging, e.g. int...

H04L 63/0428 : wherein the data content is...

H04L 63/08 : for authentication of entit...

H04L 63/12 : Applying verification of th...

H04L 63/123 : received data contents, e.g...

H04L 63/1441 : Countermeasures against mal...

H04L 63/145 : the attack involving the pr...

H04L 63/168 : above the transport layer

H04L 63/306 : intercepting packet switche...

H04L 67/02 : based on web technology, e....

H04L 9/3213 : using tickets or tokens, e....

H04L 9/3247 : involving digital signatures

H04L 9/3263 : involving certificates, e.g...

View All

Secure electronic mail system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Secure electronic mail system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links