Adhoc secure document exchange
First Claim
1. A non-transitory computational component storing instructions that are executed by a processor to perform a method, the method comprising:
- detecting by an email server an attachment to a first message comprising a first electronic message;
removing said attachment from said first electronic message;
associating a password with said attachment;
storing said attachment in a secure storage device, wherein said password is required to access said stored attachment;
inserting a link to said stored attachment in said first electronic message;
delivering said first electronic message with said inserted link to a first delivery address;
delivering said password to a second delivery address as part of a second message, wherein said first delivery address is different than said second delivery address;
receiving by a user said first electronic message at said first delivery address;
receiving by said user said second electronic message containing said password at said second delivery address;
accessing by said user associated with said first and second delivery addresses said link to said stored attachment, wherein said accessing comprises a request by said user for said stored attachment;
receiving by a secure server said request for said stored attachment;
requesting said password from said user associated with said first and second delivery addresses; and
in response to receiving said password from said user, delivering said attachment without alteration and in an original form to one of said first and second delivery addresses.
24 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present invention are directed to a system capable of enforcing document security and delivery policies. In particular, the present invention allows for the detection and removal of files attached to electronic messages. When an attached file is removed from an electronic message, the file may be placed in secure storage. A link to the stored file is inserted in the electronic communication prior to delivery of the message to the addressee of the communication. In order to access the stored file, the recipient of the message is required to select the provided link, which establishes a secure communication channel between the secure storage device and the receiving client computer. Optionally, the recipient may also be required to provide a password and/or digital certificate in order to access the stored file.
51 Citations
22 Claims
-
1. A non-transitory computational component storing instructions that are executed by a processor to perform a method, the method comprising:
-
detecting by an email server an attachment to a first message comprising a first electronic message; removing said attachment from said first electronic message; associating a password with said attachment; storing said attachment in a secure storage device, wherein said password is required to access said stored attachment; inserting a link to said stored attachment in said first electronic message; delivering said first electronic message with said inserted link to a first delivery address; delivering said password to a second delivery address as part of a second message, wherein said first delivery address is different than said second delivery address; receiving by a user said first electronic message at said first delivery address; receiving by said user said second electronic message containing said password at said second delivery address; accessing by said user associated with said first and second delivery addresses said link to said stored attachment, wherein said accessing comprises a request by said user for said stored attachment; receiving by a secure server said request for said stored attachment; requesting said password from said user associated with said first and second delivery addresses; and in response to receiving said password from said user, delivering said attachment without alteration and in an original form to one of said first and second delivery addresses. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for enforcing security policies, comprising:
-
generating a first electronic message; attaching a first file to said first electronic message; initiating delivery of said first electronic message and said first file; intercepting said first electronic message and said first file; removing said first file from said first electronic message; storing said first file; inserting a first link to said stored first file in said first electronic message; delivering said first electronic message and said first link to a first delivery address wherein a user is provided with the first electronic message at the first delivery address; generating a password notification message, wherein said password notification message includes a password or instructions for obtaining a password; delivering said password notification message to a second delivery address, wherein said first delivery address is different than said second delivery address, and wherein the user is provided with the password notification message at the second delivery address; receiving a request for said stored first file, wherein said receiving a request for said stored first file includes a user associated with said first delivery address clicking on said first link; requesting said password from said user requesting said first stored file; and in response to receiving said password, delivering said stored first file to said user, wherein said stored first file is delivered to said user in an original form. - View Dependent Claims (12, 13)
-
-
14. A document delivery security system, comprising:
-
a first client computer; a first communication network; at least a first server computer interconnected to said client computer by said first communication network; a communication interface between said first server computer and a second communication network; software running on said at least a first server computer operable to detect a first electronic message having an attached file and marked for delivery over said second communication network, and operable to remove said file from said first electronic message, wherein said first electronic message is provided to said communication interface for delivery to a first delivery address without said file and with a link to said file, wherein said software is further operable to cause a second electronic message to be provided to a second delivery address, wherein said second electronic message includes a first password, wherein said first delivery address is different than said second delivery address; wherein said first electronic message is delivered to said first delivery address, and wherein said second electronic message is delivered to said second delivery address; storage interconnected to said first server computer, wherein said file is stored in said storage, and wherein said first password is required to access said file, wherein said software running on said at least a first server computer is further operable to; respond to a request to access said file received in connection with a click on said link included in said first electronic message by requiring said first password, and in response to receiving said required first password is operable to provide said file to said communication interface for delivery to said first delivery address. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A communication system, comprising:
-
means for receiving a first communication from a first communication network; means for detecting an attachment to said first communication; means for removing said detected attachment from said first communication; means for storing said removed attachment; means for inserting a link to said stored attachment in said first communication; and means for providing said first communication with said inserted link to a second communication network for delivery to a first delivery address and for providing a second communication containing a password necessary to access said stored attachment to said second communication network for delivery to a second delivery address, wherein said first delivery address and said second delivery address are different, wherein in response to a request to access said stored attachment entered by a recipient click on said inserted link, said recipient is required to provide said password, and wherein in response to receiving said password said stored attachment is delivered to said recipient without modification. - View Dependent Claims (20, 21, 22)
-
Specification