PROTECTING CONTENT FROM THIRD PARTY USING CLIENT-SIDE SECURITY PROTECTION
2 Assignments
0 Petitions
Accused Products
Abstract
Architecture that employs encryption and storage of encryption keys to protect trusted client message content from an untrusted third-party hosted service. Each trusted user machine is configured to optionally apply security to messages. Rules determine when automatic protection is applied and the level of protection to apply. The trusted client automatically downloads the rules (or rules policies) from a trusted rules service and caches the rules locally. During composition, the rules analyze the message and automatically apply security template(s) to the message. The security template(s) encrypt the body of the message, but not the headers or subject. The untrusted message service processes the header and delivers the message to the correct recipient. The hosted service cannot view the contents of the message body, and only intended recipients of the protected message can view the message body. Offline protection is supported, and the user can override protection by the rules.
9 Citations
35 Claims
-
1-20. -20. (canceled)
-
21. A computer-implemented messaging system, comprising:
-
an untrusted message service for sending one or more messages from a client to one or more recipients; wherein the untrusted message service provides rules to the client; wherein the rules provide for security, the security allowing exposure of a header portion and a subject portion of the message at the untrusted message service; and wherein the security further prevents a body portion and message attachments of the message from being exposed at the untrusted message service.
-
-
28. A computer-implemented method of processing messages, comprising:
-
receiving a message from a client to a recipient; analyzing the message using rules from a trusted rules service associated with an untrusted message service, wherein the rules provide for security that allows exposure of a header portion and a subject portion of the message at the untrusted message service and prevents a body portion and message attachments of the message from being exposed at the untrusted message service; and sending the message to the recipient using the untrusted message service.
-
-
35. A computer-implemented method of processing messages, comprising:
-
using an untrusted message service, sending one or more messages from a client to one or more recipients; wherein the untrusted message service provides rules to the client; wherein the rules provide for security, the security allowing exposure of a header portion and a subject portion of the message at the untrusted message service; and wherein the security further prevents a body portion and message attachments of the message from being exposed at the untrusted message service.
-
Specification