Identity-based-encryption message management system
First Claim
1. A method of processing incoming email messages to an organization, wherein the organization has a network, a gateway, a private key generator, and a plurality of recipients and wherein the gateway, private key generator, and recipients are connected by the network, the method comprising:
- receiving an encrypted email message for a recipient in the organization with the gateway;
with the gateway, using recipient credential information to request a private key of the recipient from the private key generator;
using the recipient credential information at the private key generator to determine whether the gateway is authorized to obtain the requested private key, and, if the gateway is authorized, generating the requested private key in real time;
providing the private key that has been generated by the private key generator to the gateway; and
at the gateway, using the private key to decrypt the email message.
8 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for managing email are provided. Some of the email may be encrypted using identity-based-encryption (IBE) techniques. When an incoming IBE-encrypted message for a recipient in an organization is received by a gateway at the organization, the gateway may request an IBE private key from an IBE private key generator. The IBE private key generator may generate the requested IBE private key for the gateway. The gateway may use an IBE decryption engine to decrypt the incoming message. The decrypted message can be scanned for viruses and spam and delivered to the recipient. Outgoing email messages can also be processed. If indicated by message attributes or information provided by a message sender, an outgoing message can be encrypted using an IBE encryption engine and the IBE public key of a desired recipient.
25 Citations
19 Claims
-
1. A method of processing incoming email messages to an organization, wherein the organization has a network, a gateway, a private key generator, and a plurality of recipients and wherein the gateway, private key generator, and recipients are connected by the network, the method comprising:
-
receiving an encrypted email message for a recipient in the organization with the gateway; with the gateway, using recipient credential information to request a private key of the recipient from the private key generator; using the recipient credential information at the private key generator to determine whether the gateway is authorized to obtain the requested private key, and, if the gateway is authorized, generating the requested private key in real time; providing the private key that has been generated by the private key generator to the gateway; and at the gateway, using the private key to decrypt the email message. - View Dependent Claims (2, 3)
-
-
4. A method of processing email messages in an organization, wherein the organization has a network, a gateway, a private key generator, and a plurality of recipients and wherein the gateway, private key generator, and recipients are connected by the network, the method comprising:
-
receiving an encrypted email message for a recipient in the organization with the gateway; with the gateway, using recipient credential information to request a private key of the recipient from the private key generator; at the gateway, receiving the private key from the private key generator; and at the gateway, using the private key to decrypt the email message. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
Specification