Business to business secure mail
First Claim
Patent Images
1. A method for providing secure mail, the method comprising:
- receiving, at a recipient device, a protected message from a sender device associated with a first organization, wherein the recipient device is associated with a second organization, and wherein the first and second organizations are different;
requesting a receiving user token from a trust broker, wherein requesting the receiving user token comprises submitting a list of two or more email aliases associated with the receiving user token, wherein the two or more email aliases are federated with the trust broker;
submitting the receiving user token to an authorization server associated with the sender device;
receiving a user license issued by the authorization server; and
decrypting the protected message using the user license.
2 Assignments
0 Petitions
Accused Products
Abstract
Business to business secure mail may be provided. Consistent with embodiments of the invention, a protected message may be received. The recipient may request a token from a trust broker, submit the token to an authorization server associated with the sender, receive a user license from the authorization server; and decrypt the protected message using the user license. The protected message may restrict actions that may be taken by the recipient, such as forwarding to other users.
-
Citations
20 Claims
-
1. A method for providing secure mail, the method comprising:
-
receiving, at a recipient device, a protected message from a sender device associated with a first organization, wherein the recipient device is associated with a second organization, and wherein the first and second organizations are different; requesting a receiving user token from a trust broker, wherein requesting the receiving user token comprises submitting a list of two or more email aliases associated with the receiving user token, wherein the two or more email aliases are federated with the trust broker; submitting the receiving user token to an authorization server associated with the sender device; receiving a user license issued by the authorization server; and decrypting the protected message using the user license. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer readable storage medium storing a set of instructions that when executed by a processor, cause the processor to perform a method, the method comprising:
-
receiving, by a first device associated with a first user who is associated with a receiving organization, a protected message from a second device associated with a second user who is associated with a sending organization, wherein the protected message comprises a list of authorized recipients, wherein the receiving organization is different from the sending organization; determining whether the first user is included in the list of authorized recipients;
in response to determining that the first user is included in the list of authorized recipients, requesting a user token from a trust broker, wherein requesting the user token from the trust broker comprises submitting a list of two or more email aliases, wherein the two or more email aliases are federated with the trust broker;submitting the user token to an authorization server associated with the sending organization; receiving a user license from the authorization server associated with the sending organization; and using the received user license to decrypt the protected message for the first user. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A system for providing secure mail between organizations, the system comprising:
-
a memory storage; and a processing unit coupled to the memory storage, wherein the processing unit is operative to; receive, by a first device associated with a first user who is associated with a receiving organization, a protected message from a second device associated with a second user who is associated with a sending organization, wherein the protected message comprises a list of authorized recipients, wherein the receiving organization and the sending organization are different; determine whether the receiving organization comprises a rights certificate associated with the sending organization; in response to determining that the receiving organization does not comprise a rights certificate associated with the sending organization; request an organization token from a trust broker, send the organization token to an authorization server associated with the sending organization, receive the rights certificate associated with the sending organization, and cache the rights certificate associated with the sending organization;
determine whether the first user is included in the list of authorized recipients;
in response to determining that the first user is included in the list of authorized recipients, request a user token from a trust broker, wherein the request includes submitting a list of two or more email aliases associated with the user token, wherein the two or more email aliases are federated with the trust broker;send the user token to the authorization server associated with the sending organization; receive a user license from the authorization server associated with the sending organization; decrypt the protected message for the first user using the rights certificate and the user license; and enforce at least one restriction associated with the protected message.
-
Specification