Methods and systems for allocating and indicating trustworthiness of secure communications

US 8,549,087 B2
Filed: 06/09/2011
Issued: 10/01/2013
Est. Priority Date: 11/07/2008
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

one or more computer processors;

a computer readable electronic memory storage in communication with the one or more processors, the computer readable electronic memory storage storing software modules including instructions that are executable by the one or more processors, the software modules including at least;

an authentication module provided by an authenticatable entity configured to;

access a message comprising content that has been digitally signed and message security data related to a third party;

determine at least a portion of the message has been presented via a first user interface element under control of a first application by a first entity;

generate one or more attestations about the message using the message and the message security data;

determine whether the one or more attestations about the message are reliable based on criteria from the authenticatable entity;

present the one or more attestations, an indication of the reliability of the one or more attestations, and an identification of the authenticatable entity in proximity to the first user interface element via a second user interface element under control of the authenticatable entity;

present information about the one or more attestations in a chrome portion of a web page, wherein the web page comprises at least a portion of the message, and wherein the chrome portion is controlled by extended functionality of a browser running on the system; and

present the indication of the reliability of the one or more attestations via the second user interface element under control of the authenticatable entity, wherein the authenticatable entity transfers responsibility for the indication of the reliability of the one or more attestations in the second user interface element.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention enable allocating and indicating the trustworthiness of a message, especially messages that comprise content that has been digitally signed. In some embodiments, a provider of assurance services and assurance software provides trust attestations related to messages and may manipulate the user interface used to view these messages. The trust attestations may be computed by various methods. The trust attestations may then be presented when the message is displayed to the user using the assurance software. For example, the trust attestations may be displayed as user interface elements in a designated portion of the chrome of a messaging service, such as a webmail service. In one embodiment, the assurance software can run on the webmail service and the trust attestations in the chrome are served up via techniques for delivery of client-server presentation data. In another embodiment, the assurance software is implemented as software that runs on the client and may perform some computations on the client in order to manipulate the messaging service'"'"'s chrome. In yet another embodiment, the assurance software may run as an extension to an e-mail client that runs on a user'"'"'s machine. The assurance software is configured to work with the presenter of the message, but independently of the presenter.

49 Citations

View as Search Results

19 Claims

1. A system comprising:
- one or more computer processors;
  
  a computer readable electronic memory storage in communication with the one or more processors, the computer readable electronic memory storage storing software modules including instructions that are executable by the one or more processors, the software modules including at least;
  
  an authentication module provided by an authenticatable entity configured to;
  
  access a message comprising content that has been digitally signed and message security data related to a third party;
  
  determine at least a portion of the message has been presented via a first user interface element under control of a first application by a first entity;
  
  generate one or more attestations about the message using the message and the message security data;
  
  determine whether the one or more attestations about the message are reliable based on criteria from the authenticatable entity;
  
  present the one or more attestations, an indication of the reliability of the one or more attestations, and an identification of the authenticatable entity in proximity to the first user interface element via a second user interface element under control of the authenticatable entity;
  
  present information about the one or more attestations in a chrome portion of a web page, wherein the web page comprises at least a portion of the message, and wherein the chrome portion is controlled by extended functionality of a browser running on the system; and
  
  present the indication of the reliability of the one or more attestations via the second user interface element under control of the authenticatable entity, wherein the authenticatable entity transfers responsibility for the indication of the reliability of the one or more attestations in the second user interface element.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein the authentication module is further configured to receive an e-mail message.
  - 3. The system of claim 2, wherein the authentication module is further configured to receive an S/MIME e-mail message.
  - 4. The system of claim 1, wherein the authentication module is further configured to:
    - present at least a portion of a webmail message via a web page served by a webmail service or present at least a portion of an e-mail message via an e-mail client running on the system.
  - 5. The system of claim 1, wherein the indication of the reliability of the one or more attestations is:
    - part of the one or more attestations or separate from the one or more attestations.
  - 6. The system of claim 1, wherein the authentication module is further configured to receive the message via a loopback port.

7. A computer-implemented method of indicating attestations about a message, said method comprising:
- under control of one or more computing devices configured with specific computer executable instructions,accessing, via an authentication module provided by an authenticatable entity, a message comprising content and message security data related to a third party;
  
  determining at least a portion of the message has been presented via a first user interface element under control of a first application by a first entity;
  
  generating at least one attestation about the message using the message and the message security data;
  
  determining whether the at least attestation about the message is reliable based on criteria from the authenticatable entity;
  
  presenting, in proximity to the at least a portion of the message, the at least one attestation, an indication of reliability of the at least one attestation, and an identification of the authenticatable entity via a second user interface element under control of the authenticatable entity, wherein the second user interface element indicates a difference in control by the authenticatable entity, the authenticatable entity authenticatable and distinct from the first entity;
  
  presenting information about the at least one attestation in a chrome portion of a web page, wherein the web page comprises at least a portion of the message, and wherein the chrome portion is controlled by extended functionality of a browser running on one or more of the one or more computing devices; and
  
  presenting the indication of the reliability of the at least one attestation via the second user interface element under control of the authenticatable entity, wherein the authenticatable entity transfers responsibility for the indication of the reliability of the at least one attestation in the second user interface element.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15)
- - 8. The method of claim 7, wherein accessing the message comprises accessing an e-mail message comprising content that has been digitally signed.
  - 9. The method of claim 7, wherein the determining the at least a portion of the message has been presented via the first user interface element under control of the first application by the first entity comprises determining the at least a portion of the message has been presented:
    - as a webpage served by the first application or via a messaging client.
  - 10. The method of claim 8, wherein the presenting the at least one attestation, the indication of the reliability of the at least one attestation, and the identification of the authenticatable entity comprises presenting at least some of the at least one attestation, the indication of the reliability of the at least one attestation, or the identification of the authenticatable entity in a chrome portion of the webpage, wherein the chrome portion is controlled by the authenticatable entity.
  - 11. The method of claim 7, wherein the presenting the at least one attestation, the indication of the reliability of the at least one attestation, and the identification of the authenticatable entity comprises further presenting information that indicates liability for the reliability of the at least one attestation regarding the third party that is known, but not necessarily trusted by the authenticatable entity.
  - 12. The method of claim 7, wherein the presenting the at least one attestation, the indication of the reliability of the at least one attestation, and the identification of the authenticatable entity comprises further presenting information that indicates the liability for the reliability of the at least one attestation by a certification authority.
  - 13. The method of claim 7, wherein the presenting the at least one attestation, the indication of the reliability of the at least one attestation, and the identification of the authenticatable entity further comprises presenting information that indicates the liability for the reliability of the at least one attestation by a certification authority that is known, but not necessarily trusted by the authenticatable entity.
  - 14. The method of claim 7, wherein the presenting the at least one attestation, the indication of the reliability of the at least one attestation, and the identification of the authenticatable entity further comprises presenting information that indicates liability for reliability of the at least one attestation by a certification authority that is known, but not necessarily trusted by a recipient of the message.
  - 15. The method of claim 7, wherein the indication of the reliability of the at least one attestation is:
    - part of the at least one attestation or separate from the at least one attestation.

16. A system comprising:
- one or more computer processors;
  
  a computer readable electronic memory storage in communication with the one or more processors, the computer readable electronic memory storage storing software modules including instructions that are executable by the one or more processors, the software modules including at least;
  
  an authentication module provided by an authenticatable entity configured to;
  
  access a message and message security data;
  
  determine at least a portion of the message has been presented via a user interface element controlled by a messaging system;
  
  identify at least one attestation about the message;
  
  determine whether the at least one attestation about the message is reliable using at least the message security data;
  
  present the at least one attestation and an identification of the authenticatable entity in proximity to the at least a portion of the message via the user interface element controlled by the authenticatable entity, the authenticatable entity authenticatable and distinct from the messaging system;
  
  present information about the at least one attestation in a chrome portion of a web page, wherein the web page comprises at least a portion of the message, and wherein the chrome portion is controlled by extended functionality of a browser running on the system; and
  
  present the indication of a reliability of the at least one attestation via the second user interface element under control of the authenticatable entity, wherein the authenticatable entity transfers responsibility for the indication of the reliability of the at least one attestation in the second user interface element.

17. A computer-implemented method of indicating attestations about a message from a messaging system to be presented to a user, said method comprising:
- under control of one or more computing devices configured with specific computer executable instructions,identifying, by an authentication module provided by an authenticatable entity, when at least a portion of a message has been presented via a presentation interface that is at least partially under control of the messaging system;
  
  accessing security data related to the message;
  
  generating at least one attestation about the message based at least on the security data;
  
  determining whether the at least one attestation about the message is reliable based on criteria from the authenticatable entity;
  
  presenting the at least one attestation about the message, an indication of the reliability of the at least one attestation, and an identification of the authenticatable entity in proximity to the at least a portion of the message via a user interface element that is not under control of the messaging system and under control of the authenticatable entity, the authenticatable entity distinct from the messaging system, and wherein the authenticatable entity is able to be authenticated;
  
  presenting information about the at least one attestation in a chrome portion of a web page, wherein the web page comprises at least a portion of the message, and wherein the chrome portion is controlled by extended functionality of a browser running on one or more of the one or more computing devices; and
  
  presenting the indication of the reliability of the at least one attestation via the second user interface element under control of the authenticatable entity, wherein the authenticatable entity transfers responsibility for the indication of the reliability of the at least one attestation in the second user interface element.
- View Dependent Claims (18, 19)
- - 18. The method of claim 17, wherein the presenting the at least one attestation about the message, the indication of the reliability of the at least one attestation, and the identification of the authenticatable entity comprises presenting at least some of the at least one attestation about the message, the indication of the reliability of the at least one attestation, or the identification of the authenticatable entity:
    - in the chrome portion of a webmail web page or in the chrome portion of an e-mail displayed via an e-mail client.
  - 19. The method of claim 17, wherein the indication of the reliability of the at least one attestation is:
    - part of the at least one attestation or separate from the at least one attestation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Penango, Inc.
Original Assignee
Penango, Inc.
Inventors
Leonard, Sean Joseph
Primary Examiner(s)
Hussain, Tauqir

Application Number

US13/157,230
Publication Number

US 20120143967A1
Time in Patent Office

845 Days
Field of Search

709/206, 709/207
US Class Current

709/206
CPC Class Codes

H04L 63/1433 Vulnerability analysis

Methods and systems for allocating and indicating trustworthiness of secure communications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

49 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for allocating and indicating trustworthiness of secure communications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links