SECURE MESSAGE DELIVERY USING A TRUST BROKER
First Claim
1. A computer-implemented method for securely exchanging email between two email systems connected by an insecure network using a trust broker, the method comprising:
- receiving a message from an email client connected to a first email system;
identifying a domain of a recipient of the message based on information associated with the message;
sending a request to the trust broker requesting a token for securely sending email to a second email system associated with the recipient, wherein the trust broker manages security information for multiple email systems and provides tokens that assure an email system receiving a message that the received message is secure;
receiving a response to the request that contains the requested token;
encrypting the message using the received token; and
sending the encrypted message to the second email system over an unsecure network.
2 Assignments
0 Petitions
Accused Products
Abstract
An email security system is described that allows users within different organizations to securely send email to one another. The email security system provides a federation server on the Internet or other unsecured network accessible by each of the organizations. Each organization provides identity information to the federation server. When a sender in one organization sends a message to a recipient in another organization, the federation server provides the sender'"'"'s email server with a secure token for encrypting the message to provide secure delivery over the unsecured network.
70 Citations
20 Claims
-
1. A computer-implemented method for securely exchanging email between two email systems connected by an insecure network using a trust broker, the method comprising:
-
receiving a message from an email client connected to a first email system; identifying a domain of a recipient of the message based on information associated with the message; sending a request to the trust broker requesting a token for securely sending email to a second email system associated with the recipient, wherein the trust broker manages security information for multiple email systems and provides tokens that assure an email system receiving a message that the received message is secure; receiving a response to the request that contains the requested token; encrypting the message using the received token; and sending the encrypted message to the second email system over an unsecure network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A computer system for delivering secure email between domains, the system comprising:
-
a federation server component configured to collect organization identifying information, verify the identity of requesters, and distribute tokens for securely communication with organizations; a first email server component configured to send email communicate with the federation server to obtain tokens for securely communicating with domains associated with email recipients, and encrypt email messages using the obtained tokens; a second email server component configured to receive encrypted email, verify signature information of the first email server, decrypt email, and deliver email securely to recipients; and an unsecure network communicatively connected to the federation server component, first email server component, and second email server component. - View Dependent Claims (14)
-
-
15. A computer-readable medium containing instructions for controlling a computer system to provide tokens for sending and receiving secure messages, by a method comprising:
-
receiving a request for a token that verifies the identity of a request sender and contains a shared secret provided by a destination of a message, wherein the request contains an indication of an organization with which the request sender is associated; verifying the identity of the request sender based on the indication of the organization associated with the request sender and identity information accessible by the computer system about the organization. retrieving a domain with which the request sender wants to communicate from the request; providing the requested token to the sender with which the sender can send a secure message to the domain. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification