Systems and method for the transparent management of document rights
First Claim
1. A method of transparently controlling an e-mail message, the method comprising:
- composing an e-mail at an e-mail composer, composing the e-mail including inserting one or more control instructions in the e-mail;
forwarding the e-mail to a recipient, forwarding the e-mail message further including determining if an e-mail reader of the recipient has access to one or more control modules for decoding the one or more control instructions;
if the e-mail reader does not have the one or more control modules, downloading the control modules to the e-mail reader;
upon receipt of the e-mail message at the e-mail reader, executing the one or more control modules, executing the one or more control modules further including decoding the one or more control instructions.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are described for enabling documents to be controlled by a sender, in a manner which is transparent to any end recipients. The invention include mechanisms enabling a sender to control documents sent to recipient, in a manner that (1) encrypts the message to ensure its security, and (2) restricts operations the recipient may perform on the received message. The recipient and sender need not agree on a control protocol in advance of the communication. Wide distribution of a Digital Rights Management System may be facilitated by use of self-installing modules, which integrate with existing software used for document publishing and retrieval. The modules are forwarded to unregistered recipients upon authentication of the recipient, and install automatically on the recipient'"'"'s computer. The modules authenticate instructions from a sender, and, per instructions from the sender, may pre-empt certain types of operations on the e-mail by the recipient
52 Citations
45 Claims
-
1. A method of transparently controlling an e-mail message, the method comprising:
-
composing an e-mail at an e-mail composer, composing the e-mail including inserting one or more control instructions in the e-mail;
forwarding the e-mail to a recipient, forwarding the e-mail message further including determining if an e-mail reader of the recipient has access to one or more control modules for decoding the one or more control instructions;
if the e-mail reader does not have the one or more control modules, downloading the control modules to the e-mail reader;
upon receipt of the e-mail message at the e-mail reader, executing the one or more control modules, executing the one or more control modules further including decoding the one or more control instructions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A secure e-mail format for an e-mail message, the secure e-mail format comprising:
-
a header in MIME format;
a recipient information field indicating an encrypted key for each of one or more recipients for the e-mail message;
a digital signature by a sender of the e-mail message;
a data field, the data field further comprising a subfield indicating a length of encrypted data, a subfield indicating an encryption algorithm used to encrypt the encrypted data, and an encrypted payload field containing the encrypted data. - View Dependent Claims (15, 16, 17)
-
-
18. A method of controlling access to an electronic document, comprising:
-
generating one or more flags for the electronic document, the one or more flags indicating access permissions for at least one recipient of the electronic document;
forwarding the electronic document to the at least one recipient in encrypted format, wherein forwarding the electronic document further includes forwarding the one or more flags with the electronic document, the one or more flags also in the encrypted format;
accessing the electronic document by the recipient via a client program;
receiving a command by the recipient at the client program for execution on the electronic document;
intercepting the command prior to execution;
comparing the one or more flags to the command;
in response to comparing the one or more flags to the command, permitting or denying execution of the command on the electronic document. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A secure e-mail system comprising:
-
a client e-mail reader, the client e-mail reader executing on a first terminal in communication with an internetwork;
a source e-mail composer, the source e-mail composer executing on a second terminal in communication with the internetwork;
a self-installing add-in component for the client e-mail reader, wherein the add-in component is originally resident on a dedicated server accessible via the internetwork, such that the self-installing add-in component is operative to install itself on the first terminal upon downloading to the first terminal, and authenticate one or more instructions from the source e-mail composer, the one or more instructions intercepting and pre-empting commands from the client e-mail reader. - View Dependent Claims (30, 31, 32, 33, 34)
-
-
35. An e-mail reader capable of reading MIME encoded messages, the e-mail reader comprising:
-
a first one or more software modules for validating sender certificates embedded in e-mail messages received by the e-mail reader;
a second one or more software modules for intercepting user commands, at the instruction of e-mail messages validated by the first one or more software modules. - View Dependent Claims (36, 37, 38, 39)
-
-
40. A computer program product comprising:
-
a computer usable medium having computer readable program code means embodied therein for reading secure e-mail, the computer readable program code means in said computer program product comprising;
computer readable program code means for causing a computer to open an e-mail message;
computer readable program code means for causing the computer to authenticate a sender of the message; and
computer readable program code means for causing the computer to preempt one or more commands from a reader of the e-mail, wherein flags for preempting the one or more commands are embedded in the e-mail by the authenticated sender.
-
-
41. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform method steps for reading secure e-mail, the method steps comprising;
-
authenticating an encrypted e-mail;
reading one or more flags in the authenticated e-mail, the one or more flags identifying user commands to be pre-empted;
pre-empting one or more user commands indicated by the one or more flags. - View Dependent Claims (42, 43, 44, 45)
-
Specification