Systems and methods for automated exchange of electronic mail encryption certificates

US 7,664,947 B2
Filed: 10/12/2005
Issued: 02/16/2010
Est. Priority Date: 10/12/2005
Status: Active Grant

First Claim

Patent Images

1. A communication method between a machine running an email client and its email firewall, the method comprising using the machine to:

generate an email message for a recipient;

prior to sending the message to the firewall, automatically generate a query and send the query to a directory access proxy component of the firewall, the query requesting the proxy component to obtain a public encryption certificate corresponding to the recipient;

receive the public encryption certificate from the proxy component;

use the certificate to encrypt the email message; and

send the encrypted email message to the firewall.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for automated exchange of encryption certificates for transmitting and receiving encrypted email messages are disclosed. In one embodiment, a method of communicating an encrypted email message includes providing a recipient identifier, creating an unencrypted email message, automatically querying a recipient email domain for a recipient encryption key corresponding to the recipient identifier, automatically receiving the recipient encryption key from the recipient email domain, automatically encrypting the unencrypted email message using the recipient encryption key, and transmitting the encrypted email message to the recipient identifier.

Citations

18 Claims

1. A communication method between a machine running an email client and its email firewall, the method comprising using the machine to:
- generate an email message for a recipient;
  
  prior to sending the message to the firewall, automatically generate a query and send the query to a directory access proxy component of the firewall, the query requesting the proxy component to obtain a public encryption certificate corresponding to the recipient;
  
  receive the public encryption certificate from the proxy component;
  
  use the certificate to encrypt the email message; and
  
  send the encrypted email message to the firewall.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the recipient is identified by at least one of a recipient email address, a recipient common name, and a recipient group name.
  - 3. The method of claim 1, wherein when the client issues a “
    - send”
      
      command, the machine automatically generates the query and sends the query to the proxy component of the firewall.
  - 4. The method of claim 1, wherein the query is sent to Lightweight Directory Access Protocol (LDAP) proxy component of the firewall.
  - 5. The method of claim 1, wherein the client relies upon the LDAP proxy component as a transport mechanism that automatically looks up a recipient email domain and obtains the public key certificate.
  - 6. The method of claim 1, wherein the email message is sent to additional recipients, and wherein the client relies upon the LDAP proxy component as a transport mechanism that automatically looks up a recipient email domain and obtains a public key certificate for each additional recipient.
  - 7. The method of claim 1, wherein email message is based on at least one Secure/Multipurpose Internet Mail Extensions (S/MIME) standard.
  - 8. The method of claim 1, wherein the encrypted email message is sent using the Simple Mail Transfer Protocol (SMTP).

9. An article comprising computer-readable memory encoded with an email client for causing a computer to communicate with a firewall, including:
- generating an email message for a recipient;
  
  prior to sending the message to the firewall, automatically generating a query and send the query to a directory access proxy component of the firewall, the query requesting the proxy component to obtain a public encryption certificate;
  
  receiving public encryption certificate from the proxy component;
  
  using the certificate to encrypt the email message; and
  
  sending the encrypted email message to the firewall.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The article of claim 9, wherein the recipient is identified by at least one of a recipient email address, a recipient common name, and a recipient group name.
  - 11. The article of claim 9, wherein generating the query, receiving the certificate, and encrypting the email are performed automatically, whereby the encryption of the e-mail message is transparent to a user of the email client.
  - 12. The article of claim 9, wherein when the query is automatically generated and sent to the proxy component of the firewall in response to a user-initiated command to send the email message.
  - 13. The article of claim 9, wherein the e-mail client relies upon the proxy component as a transport mechanism that automatically looks up the recipient'"'"'s email domain and obtains the public key certificate.
  - 14. The article of claim 13, wherein the email message is sent to additional recipients, and wherein the client relies upon the proxy component as a transport mechanism that automatically looks up a recipient email domain and obtains a public key certificate for each additional recipient.

15. A computer system comprising:
- a machine having a directory access proxy component; and
  
  a first computer having an email utility that, prior to sending an email message, automatically generates a query and sends the query to the directory access proxy component of the firewall, the query requesting the proxy component to obtain a public encryption certificate for a recipient of the email message;
  
  wherein the directory access proxy component queries within the recipient'"'"'s email domain to obtain the recipient'"'"'s public encryption certificate and, after receiving the certificate, forwards the certificate to the first computer; and
  
  wherein the first computer uses the certificate to encrypt the email message and sends the encrypted email to the recipient.
- View Dependent Claims (16, 17, 18)
- - 16. The computer system of claim 15, wherein generating the query, receiving the certificate, and encrypting the email are performed automatically by the machine, whereby the encryption of the e-mail message is transparent to a user of the email utility.
  - 17. The computer system of claim 15, further comprising at least one certificate server;
    - wherein the proxy component locates the certificate server that stores the recipient'"'"'s public certificate.
  - 18. The computer system of claim 15, wherein the directory access proxy component functions as a front end LDAP server and a back end proxy that automatically looks up the recipient'"'"'s email domain and obtains the public key certificate.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
The Boeing Co.
Original Assignee
The Boeing Co.
Inventors
Fang, Wen
Primary Examiner(s)
Abrishamkar; Kaveh

Application Number

US11/248,500
Publication Number

US 20070083749A1
Time in Patent Office

1,588 Days
Field of Search

None
US Class Current

713/152
CPC Class Codes

H04L 2209/76   Proxy, i.e. using intermedi...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 51/00   User-to-user messaging in p...

H04L 63/0442   wherein the sending and rec...

H04L 63/06   for supporting key manageme...

H04L 63/0823   using certificates cryptogr...

H04L 9/3268   using certificate validatio...

Systems and methods for automated exchange of electronic mail encryption certificates

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for automated exchange of electronic mail encryption certificates

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links