Subscription management service for secure messaging system
First Claim
1. A method for processing service requests at a service provider in a system in which users communicate by sending and receiving encrypted messages over a communications network, comprising:
- at a sender, creating an encrypted message with sender-recipient mapping information and sending the encrypted message with sender-recipient mapping information to a recipient over the communications network, wherein creating the encrypted message comprises encrypting a message with a public key associated with the recipient to create the encrypted message;
at the recipient, receiving the encrypted message and sender-recipient mapping information;
at the recipient, submitting a service request to the service provider, wherein the service request includes the sender-recipient mapping information;
at the service provider, using the sender-recipient mapping information to determine whether the sender is a primary user in an organization that is a direct customer of the service provider and, if the sender is a primary user, satisfying the service request of the recipient, wherein the sender has an email address and the recipient has an email address;
at the sender, creating a string containing the sender'"'"'s email address and the recipient'"'"'s email address; and
at the sender, creating the sender-recipient mapping information by digitally signing the string.
11 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for secure messaging are provided. A sender may encrypt an email message for a recipient. The email message may contain authenticated sender-recipient mapping information. When a recipient requests a client software download or private key from a service provider, the service provider can verify the authenticity of the sender-recipient mapping information. This assures the service provider that the recipient has received a communication from the sender and allows the service provider to provide services to the recipient based on the status of the sender. If the sender is a member of an organization that is a direct customer of the service provider, the service provider may satisfy the recipient'"'"'s service request.
-
Citations
6 Claims
-
1. A method for processing service requests at a service provider in a system in which users communicate by sending and receiving encrypted messages over a communications network, comprising:
-
at a sender, creating an encrypted message with sender-recipient mapping information and sending the encrypted message with sender-recipient mapping information to a recipient over the communications network, wherein creating the encrypted message comprises encrypting a message with a public key associated with the recipient to create the encrypted message; at the recipient, receiving the encrypted message and sender-recipient mapping information; at the recipient, submitting a service request to the service provider, wherein the service request includes the sender-recipient mapping information; at the service provider, using the sender-recipient mapping information to determine whether the sender is a primary user in an organization that is a direct customer of the service provider and, if the sender is a primary user, satisfying the service request of the recipient, wherein the sender has an email address and the recipient has an email address; at the sender, creating a string containing the sender'"'"'s email address and the recipient'"'"'s email address; and at the sender, creating the sender-recipient mapping information by digitally signing the string.
-
-
2. A method for processing service requests at a service provider in a system in which users communicate by sending and receiving encrypted messages over a communications network, comprising:
-
at a sender, creating an encrypted message with sender-recipient mapping information and sending the encrypted message with sender-recipient mapping information to a recipient over the communications network, wherein creating the encrypted message comprises encrypting a message with a public key associated with the recipient to create the encrypted message; at the recipient, receiving the encrypted message and sender-recipient mapping information; at the recipient, submitting a service request to the service provider, wherein the service request includes the sender-recipient mapping information; and at the service provider, using the sender-recipient mapping information to determine whether the sender is a primary user in an organization that is a direct customer of the service provider and, if the sender is a primary user, satisfying the service request of the recipient, wherein the sender has an email address, the recipient has an email address, and the sender has client software with an embedded secret, and wherein creating the encrypted message with sender-recipient mapping information comprises; at the sender, using the client software to generate a string based on the sender'"'"'s email address, the recipient'"'"'s email address, and the secret; and at the sender, using the client software to hash the string to produce the sender-recipient mapping information.
-
-
3. A method for processing service requests at a service provider in a system in which users communicate by sending and receiving encrypted messages over a communications network, comprising:
-
at a sender, creating an encrypted message with sender-recipient mapping information and sending the encrypted message with sender-recipient mapping information to a recipient over the communications network, wherein creating the encrypted message comprises encrypting a message with a public key associated with the recipient to create the encrypted message; at the recipient, receiving the encrypted message and sender-recipient mapping information; at the recipient, submitting a service request to the service provider, wherein the service request includes the sender-recipient mapping information; at the service provider, using the sender-recipient mapping information to determine whether the sender is a primary user in an organization that is a direct customer of the service provider and, if the sender is a primary user, satisfying the service request of the recipient; using the sender-recipient mapping information at the service provider to verify that the sender sent a communication to the recipient; and upon verifying that the sender has sent the communication to the recipient, using user registration information at the service provider to determine whether the sender is a primary user.
-
-
4. A method for processing service requests at a service provider in a system in which users communicate by sending and receiving encrypted messages over a communications network, comprising:
-
at a sender, creating an encrypted message with sender-recipient mapping information and sending the encrypted message with sender-recipient mapping information to a recipient over the communications network, wherein creating the encrypted message comprises encrypting a message with a public key associated with the recipient to create the encrypted message; at the recipient, receiving the encrypted message and sender-recipient mapping information; at the recipient, submitting a service request to the service provider, wherein the service request includes the sender-recipient mapping information; at the service provider, using the sender-recipient mapping information to determine whether the sender is a primary user in an organization that is a direct customer of the service provider and, if the sender is a primary user, satisfying the service request of the recipient, wherein the sender has an email address and the recipient has an email address, and wherein submitting the service request to the service provider comprises submitting the sender-recipient mapping information, the sender email address, and the recipient address to the service provider; at the service provider, using the recipient email address from the service request to determine whether the recipient is a primary user; and when it has been determined that the recipient is not a primary user, verifying the sender-recipient mapping information before using the sender-recipient mapping information to determine whether the sender is a primary user.
-
-
5. A method for processing service requests at a service provider in a system in which users communicate by sending and receiving encrypted messages over a communications network, comprising:
-
at a sender, creating an encrypted message with sender-recipient mapping information and sending the encrypted message with sender-recipient mapping information to a recipient over the communications network, wherein creating the encrypted message comprises encrypting a message with a public key associated with the recipient to create the encrypted message; at the recipient, receiving the encrypted message and sender-recipient mapping information; at the recipient, submitting a service request to the service provider, wherein the service request includes the sender-recipient mapping information; at the service provider, using the sender-recipient mapping information to determine whether the sender is a primary user in an organization that is a direct customer of the service provider and, if the sender is a primary user, satisfying the service request of the recipient, wherein the sender has an email address and the recipient has an email address, and wherein submitting the service request to the service provider comprises submitting the sender-recipient mapping information, the sender email address, and the recipient address to the service provider; at the service provider, using the recipient email address to determine whether the recipient is a primary user; when it has been determined that the recipient is not a primary user, verifying the sender-recipient mapping information before using the sender-recipient mapping information to determine whether the sender is a primary user; and upon determining that the sender is not a primary user using the sender-recipient mapping information, providing an opportunity for the recipient to register with the service provider as a tertiary user.
-
-
6. A method for processing service requests at a service provider in a system in which users communicate by sending and receiving encrypted messages over a communications network, comprising:
-
at a sender, creating an encrypted message with sender-recipient mapping information and sending the encrypted message with sender-recipient mapping information to a recipient over the communications network, wherein creating the encrypted message comprises encrypting a message with a public key associated with the recipient to create the encrypted message; at the recipient, receiving the encrypted message and sender-recipient mapping information; at the recipient, submitting a service request to the service provider, wherein the service request includes the sender-recipient mapping information; at the service provider, using the sender-recipient mapping information to determine whether the sender is a primary user in an organization that is a direct customer of the service provider and, if the sender is a primary user, satisfying the service request of the recipient, wherein the sender has an email address and the recipient has an email address, and wherein submitting the service request to the service provider comprises submitting the sender-recipient mapping information, the sender email address, and the recipient address to the service provider provider; at the service provider, using the recipient email address to determine whether the recipient is a primary user; when it has been determined that the recipient is not a primary user, verifying the sender-recipient mapping information before using the sender-recipient mapping information to determine whether the sender is a primary user; and after determining that the sender is a primary user using the sender-recipient mapping information, entering the recipient as a secondary user in a user status list at the service provider, wherein after the recipient has been entered in the user status list, the user status list contains an entry for the sender that contains a customer identifier that identifies a given primary organization associated with the sender and contains an entry for the recipient that contains the same customer identifier.
-
Specification