Secure E-Mail Messaging System

US 20100017598A1
Filed: 07/21/2008
Published: 01/21/2010
Est. Priority Date: 07/21/2008
Status: Active Grant

First Claim

Patent Images

1. A secure e-mail messaging system comprising:

an e-mail relay server coupled to a secure client configured on a secure domain and an external client configured on an external domain, the e-mail relay server having a memory for storage of an actual address of the secure client, a first certificate associated with the actual address, an alias address associated with the actual address, and a second certificate associated with the alias address, the e-mail relay server operable to;

receive an e-mail message comprising the alias address from the external client, the e-mail message being encrypted according to the second certificate;

decrypt the e-mail message according to the second certificate;

replace the alias address with the actual address to form a modified e-mail message;

encrypt the modified e-mail message according to the first certificate; and

transmit the modified e-mail message to the secure client.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

According to one embodiment, a secure e-mail messaging system includes an e-mail relay server coupled to a secure client configured on a secure domain and an external client configured on an external domain. The e-mail relay server has a memory for storage of an actual address of the secure client, a first certificate associated with the actual address, an alias address associated with the actual address, and a second certificate associated with the alias address. The e-mail relay server receives an e-mail message that includes the alias address from the external client and decrypts the e-mail message according to the second certificate. The e-mail messaging server then replaces the alias address with the actual address to form a modified e-mail message, encrypts the modified e-mail message according to the first certificate, and transmits the modified e-mail message to the secure client.

66 Citations

View as Search Results

24 Claims

1. A secure e-mail messaging system comprising:
- an e-mail relay server coupled to a secure client configured on a secure domain and an external client configured on an external domain, the e-mail relay server having a memory for storage of an actual address of the secure client, a first certificate associated with the actual address, an alias address associated with the actual address, and a second certificate associated with the alias address, the e-mail relay server operable to;
  
  receive an e-mail message comprising the alias address from the external client, the e-mail message being encrypted according to the second certificate;
  
  decrypt the e-mail message according to the second certificate;
  
  replace the alias address with the actual address to form a modified e-mail message;
  
  encrypt the modified e-mail message according to the first certificate; and
  
  transmit the modified e-mail message to the secure client.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The secure e-mail messaging system of claim 1, wherein the e-mail relay server is further operable to:
    - receive another e-mail message comprising the actual address from the secure client, the e-mail message being encrypted according to the first certificate;
      
      encrypt the another e-mail message according to the first certificate;
      
      replace the actual address with the alias address to form another modified e-mail message;
      
      encrypt the another modified e-mail message according to the second certificate; and
      
      transmit the another modified e-mail message to the external client.
  - 3. The secure e-mail messaging system of claim 1, wherein the e-mail relay server is operable to decrypt the e-mail message according to the second certificate by decrypting the e-mail message according to a private key of the alias address and verify an external address of the external client according to a public key of the external client.
  - 4. The secure e-mail messaging system of claim 1, wherein the first domain comprises a secure network having a security level that differs from the security level of the second domain.
  - 5. The secure e-mail messaging system of claim 1, wherein the first certificate is isolated from the second domain and the second certificate is isolated from the first domain.
  - 6. The secure e-mail messaging system of claim 1, further comprising a guard node coupled to the e-mail relay server, the guard node operable to verify the e-mail message according to a plurality of rules.
  - 7. The secure e-mail messaging system of claim 6, wherein the guard node is operable to verify the first e-mail message by searching the body portion for instances of one of a plurality of key phrases or one of a plurality of keywords and if found, restrict the e-mail relay server from transmitting the modified e-mail message.
  - 8. The secure e-mail messaging system of claim 1, wherein e-mail relay server is coupled to the secure client through a domain gateway, the domain gateway operable to compartment information transmitted from the secure domain to the external domain.

9. A secure e-mail messaging method comprising:
- receiving an e-mail message comprising an alias address from an external client configured on an external domain, the alias address associated with an actual address of a secure client configured on a secure network, the e-mail message being encrypted according to a second certificate associated with the alias address;
  
  decrypting the e-mail message according to the second certificate;
  
  replacing the alias address with the actual address to form a modified e-mail message;
  
  encrypting the modified e-mail message according to a first certificate associated with the actual address; and
  
  transmitting the modified e-mail message to the secure client.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The secure e-mail messaging method of claim 9, further comprising receiving another e-mail message comprising the actual address from the secure client, the e-mail message being encrypted according to the first certificate, encrypting the another e-mail message according to the first certificate, replacing the actual address with the alias address to form another modified e-mail message, encrypting the another modified e-mail message according to the second certificate, and transmitting the another modified e-mail message to the external client.
  - 11. The secure e-mail messaging method of claim 9, wherein decrypting the e-mail message according to the second certificate further comprises decrypting the e-mail message according to a private key of the alias address and verifying an external address of the external client according to a public key of the external client.
  - 12. The secure e-mail messaging method of claim 9, wherein receiving the e-mail message from the external client configured on the external domain comprises receiving the e-mail message from the external client configured on the external domain having a security level that differs from the security level of the secure domain.
  - 13. The secure e-mail messaging method of claim 9, wherein encrypting the modified e-mail message according to the first certificate comprises encrypting the modified e-mail message according to the first certificate that is isolated from the external domain.
  - 14. The secure e-mail messaging method of claim 9, further comprising verifying the e-mail message according to a plurality of rules.
  - 15. The secure e-mail messaging method of claim 14, wherein verifying the e-mail message according to a plurality of rules comprises searching the body portion for instances of one of a plurality of key phrases or one of a plurality of keywords and if found, restricting the e-mail relay server from transmitting the modified e-mail message.
  - 16. The secure e-mail messaging method of claim 9, further comprising compartmenting information that is transmitted from the secure domain to the external domain.

17. Code embodied on a computer-readable medium, when executed on a computer processor, operable to perform at least the following:
- receive an e-mail message comprising an alias address from an external client configured on an external domain, the alias address associated with an actual address of a secure client configured on a secure network, the e-mail message being encrypted according to a second certificate associated with the alias address;
  
  decrypt the e-mail message according to the second certificate;
  
  replace the alias address with the actual address to form a modified e-mail message;
  
  encrypt the modified e-mail message according to a first certificate associated with the actual address; and
  
  transmit the modified e-mail message to the secure client.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. The code of claim 17, further operable to receive another e-mail message comprising the actual address from the secure client, the e-mail message being encrypted according to the first certificate, encrypt the another e-mail message according to the first certificate, replace the actual address with the alias address to form another modified e-mail message, encrypt the another modified e-mail message according to the second certificate, and transmit the another modified e-mail message to the external client.
  - 19. The code of claim 17, further operable to decrypt the e-mail message according to the second certificate by decrypting the e-mail message according to a private key of the alias address and verifying an external address of the external client according to a public key of the external client.
  - 20. The code of claim 17, further operable to receive the e-mail message from the external client configured on the external domain that has a security level that differs from the security level of the secure domain.
  - 21. The code of claim 17, further operable to encrypt the modified e-mail message according to the first certificate that is isolated from the external domain.
  - 22. The code of claim 17, further operable to verify the e-mail message according to a plurality of rules.
  - 23. The code of claim 22, further operable to verify the e-mail message by searching the body portion for instances of one of a plurality of key phrases or one of a plurality of keywords and if found, restricting the e-mail relay server from transmitting the modified e-mail message.
  - 24. The code of claim 17, further operable to compartment information that is transmitted from the secure domain to the external domain.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Forcepoint Federal Holdings LLC (Forcepoint LLC)
Original Assignee
Raytheon Company (Rtx Corporation)
Inventors
Visaria, Jay J., Oberai, Tina A., Farley, Thomas D., Pippins, Jerry L. JR., Rodriguez, Ricardo J., Stahl, Noah Z.

Granted Patent

US 8,359,357 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

H04L 51/48 Message addressing, e.g. ad...

Secure E-Mail Messaging System

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

66 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Secure E-Mail Messaging System

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

66 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links