System and method for dynamic data security operations

US 20040133774A1
Filed: 06/17/2003
Published: 07/08/2004
Est. Priority Date: 01/07/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

receiving an indication that a user has been properly authenticated;

checking whether said user has a certificate; and

creating, when necessary, a certificate for said user;

wherein a server automatically registers said user within a community of users, allowing said user to transparently send and receive secure electronic messages.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This present invention provides users with secure transparent electronic communication, allowing them to send and receive encrypted and/or signed messages with little or no user involvement. In various embodiments, the present invention provides a user with e-mail security via automated hierarchical techniques for transparently sending and receiving secure messages, lowers the burden on administrators, and allows for a public key infrastructure (PKI) to be dynamically constructed and operated. Such a system can also manage cryptographic keys and certificates for the users, and create such keys and certificates for the users when necessary. The server can also receive an indication that a user has been properly authenticated, check whether the user has a cryptographic key, and automatically create a key if the user does not have one, thereby automatically registering the user within a community and allowing the user to transparently send and receive secure electronic messages.

99 Citations

View as Search Results

12 Claims

1. A method comprising:
- receiving an indication that a user has been properly authenticated;
  
  checking whether said user has a certificate; and
  
  creating, when necessary, a certificate for said user;
  
  wherein a server automatically registers said user within a community of users, allowing said user to transparently send and receive secure electronic messages.
- View Dependent Claims (2, 3, 4, 5)
- - 2. A method as in claim 1, wherein said creating further comprises:
    - retrieving, when available, information about said user from an electronic email message; and
      
      generating a certificate for said user based on said information.
  - 3. A method as in claim 2, wherein said information further comprises the name of said user.
  - 4. A method as in claim 3, wherein said information further comprises the electronic mail address for said user.
  - 5. A method as in claim 4, wherein said creating further comprises updating said certificate when said server determines the name of said user.

6. A method comprising:
- detecting if an alias exists for a user; and
  
  updating a certificate of said user when a server detects the existence of one or more said aliases.
- View Dependent Claims (7)
- - 7. A method as in claim 6, wherein said detecting further comprises:
    - adding a protocol header to each message for said user received by said server;
      
      inserting a first electronic mail address corresponding to said alias for said user in an appropriate field associated with said protocol header; and
      
      upon said user retrieving one or more of said received messages;
      
      comparing said first electronic mail address with a second electronic mail address corresponding to said user; and
      
      adding said first electronic mail address to said certificate of said user when said first electronic mail address and said second electronic mail address are different.

8. A method comprising:
- setting one or more expiration parameters for a certificate;
  
  generating a self signature and expiration date for said certificate when said certificate is utilized by a user and nearing expiration; and
  
  updating a certificate of said user when said server detects the existence of one or more aliases;
  
  wherein said certificate is automatically renewed.
- View Dependent Claims (9, 10, 11)
- - 9. A method as in claim 8, wherein said expiration parameters further comprise a key expiration timeout.
  - 10. A method as in claim 8, wherein said expiration parameters further comprise an account inactivity timeout.
  - 11. A method as in claim 8, wherein said expiration parameters further comprise a final account inactivity timeout.

12. A computer readable medium containing computer program instructions for automatically registering a user within a community of users, allowing said user to transparently send and receive secure electronic messages, said computer readable medium containing instructions for:
- receiving an indication that a user has been properly authenticated;
  
  checking whether said user has a cryptographic key; and
  
  creating, when necessary, a certificate for said user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NortonLifeLock Inc.
Original Assignee
NortonLifeLock Inc.
Inventors
Callas, Jonathan D., Price, William F. III, Allen, David E.

Application Number

US10/462,607
Publication Number

US 20040133774A1
Time in Patent Office

Days
Field of Search
US Class Current

713/153
CPC Class Codes

H04L 2209/76   Proxy, i.e. using intermedi...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 51/00   User-to-user messaging in p...

H04L 63/0428   wherein the data content is...

H04L 63/0823   using certificates cryptogr...

H04L 9/007   involving hierarchical stru...

H04L 9/3263   involving certificates, e.g...

System and method for dynamic data security operations

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

99 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for dynamic data security operations

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

99 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links