Decryption of electronic communication in an electronic discovery enterprise system
First Claim
1. A method for electronic communication decryption in an enterprise-wide electronic discovery system, the method comprising:
- generating, by a computing device processor, a user identification file database by scanning at least a portion of an enterprise-wide network for user identification files and adding user identification files identified during the scan to the user identification file database;
identifying, by a computing device processor, a file owner for each of a plurality of user identification files stored in the user identification file database by parsing a name of each of the user identification files and comparing parsed data to data stored in enterprise human resources databases to identify the file owner for each of the user identification files;
identifying, by a computing device processor, a password for each of the plurality of user identification files stored in the user identification file database by parsing a name of each of the user identification files to deduce the password from within the name of the user identification file;
verifying, by a computing device processor, the validity of each of the passwords by applying the password to an associated user identification file to determine that the password is successful in rendering one or more decryption keys;
in response to successful verification of the validity of the password, recording the file owner and the password in an entry of the user identification file in the user identification file database; and
decrypting, automatically, encrypted electronic communication entries in electronic communication files collected from custodians in the electronic discovery system by;
automatically generating a client-specific communication session based on an electronic communication file being associated with a user identification file based on a same file owner,accessing the electronic communication file within the client-specific communication session,automatically identifying encrypted electronic communication entries in the electronic communication file,accessing the associated user identification file based on the identified password to provide the decryption key for decrypting the encrypted electronic communication entries, anddecrypting the encrypted electronic communication entries by application of the decryption key,wherein the custodians are limited to individuals or groups of individuals within the enterprise who created or are associated with electronic data required to be collected in an electronic discovery matter and wherein the electronic discovery matter is one of a legal proceeding, audit or forensic investigation in which electronic data is sought, located, secured and searched with the intent of using it as evidence.
1 Assignment
0 Petitions
Accused Products
Abstract
Apparatus, methods and computer program products are described herein for automatically decrypting electronic communication that is harvested from custodians in an enterprise-wide electronic discovery system. Automatic decryption provides for electronic communication that is encrypted to be decrypted, even in instances in which the system is not provided the password and/or decryption key(s) from the encrypting custodian. The automatic decryption process, which ensues prior to delivering data to the third party data analysis provider or the requesting party, allows for data that may otherwise be unavailable or incomprehensible to the third party or requester to be readily accessible. Thus, decryption of such data in a relatively efficient and automated manner is highly beneficial.
-
Citations
15 Claims
-
1. A method for electronic communication decryption in an enterprise-wide electronic discovery system, the method comprising:
-
generating, by a computing device processor, a user identification file database by scanning at least a portion of an enterprise-wide network for user identification files and adding user identification files identified during the scan to the user identification file database; identifying, by a computing device processor, a file owner for each of a plurality of user identification files stored in the user identification file database by parsing a name of each of the user identification files and comparing parsed data to data stored in enterprise human resources databases to identify the file owner for each of the user identification files; identifying, by a computing device processor, a password for each of the plurality of user identification files stored in the user identification file database by parsing a name of each of the user identification files to deduce the password from within the name of the user identification file; verifying, by a computing device processor, the validity of each of the passwords by applying the password to an associated user identification file to determine that the password is successful in rendering one or more decryption keys; in response to successful verification of the validity of the password, recording the file owner and the password in an entry of the user identification file in the user identification file database; and decrypting, automatically, encrypted electronic communication entries in electronic communication files collected from custodians in the electronic discovery system by; automatically generating a client-specific communication session based on an electronic communication file being associated with a user identification file based on a same file owner, accessing the electronic communication file within the client-specific communication session, automatically identifying encrypted electronic communication entries in the electronic communication file, accessing the associated user identification file based on the identified password to provide the decryption key for decrypting the encrypted electronic communication entries, and decrypting the encrypted electronic communication entries by application of the decryption key, wherein the custodians are limited to individuals or groups of individuals within the enterprise who created or are associated with electronic data required to be collected in an electronic discovery matter and wherein the electronic discovery matter is one of a legal proceeding, audit or forensic investigation in which electronic data is sought, located, secured and searched with the intent of using it as evidence. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system for decrypting electronic communication in an enterprise-wide electronic discovery system, the system comprising:
-
a computing platform including at least one processor and a memory; and a decryption module stored in the memory, in communication with at least one of the one or more processors and configured to automatically decrypt encrypted entries in an electronic communication file, wherein the module includes, a user identification file database generator configured to generate a user identification file database by scanning at least a portion of an enterprise-wide network for user identification files and adding user identification files identified during the scan to the user identification file database, a user identification file owner identifier configured to identify the owner of each of a plurality of user identification files stored in the user identification file database by parsing a name of each of the user identification files and comparing parsed data to data stored in enterprise human resources databases to identify the file owner for each of the user identification files, a user identification file password identifier configured to determine an associated password for each of the plurality of user identification files stored in the user identification file database by parsing a name of each of the user identification files to deduce the password from within the name of the user identification file, a password verifier configured to verify the validity of each of the determined passwords by applying the password to an associated user identification file to determine that the password is successful in rendering one or more decryption keys, a recorder configured to, in response to successful verification of the validity of the password, record the password and owner as an entry in the associated user identification file of the user identification file database, and a decryption application configured to automatically decrypt encrypted entries in electronic communication files collected from custodians in the electronic discovery system and including; a communication session generator configured to automatically generate a client-specific communication session based on an electronic communication file being associated with a user identification file based on a same file owner, an encryption entry identifier configured to access the electronic communication file within the client-specific communication session and identify encrypted electronic communication entries in the electronic communication file, and a decryption routine configured to access the associated user identification file based on the identified password to provide the decryption key for decrypting the encrypted electronic communication entries and decrypt the encrypted electronic communication entries by application of the decryption key, wherein the custodians are limited to individuals or groups of individuals within the enterprise who created or are associated with electronic data required to be collected in an electronic discovery matter and wherein the electronic discovery matter is one of a legal proceeding, audit or forensic investigation in which electronic data is sought, located, secured and searched with the intent of using it as evidence. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A computer program product comprising:
-
a non-transitory computer-readable medium comprising; a first set of codes for causing a computer to generate a user identification file database by scanning at least a portion of an enterprise-wide network for user identification files and adding user identification files identified during the scan to the user identification file database; a second set of codes for causing a computer to identify a file owner for each of a plurality of user identification files stored in the user identification file database by parsing a name of each of the user identification files and comparing parsed data to data stored in enterprise human resources databases to identify the file owner for each of the user identification files; a third set of codes for causing a computer to identify a password for each of the plurality of user identification files stored in the user identification file database by parsing a name of each of the user identification files to deduce the password from within the name of the user identification file; a fourth set of codes for causing a computer to verify the validity of each of the passwords by applying the password to an associated user identification file to determine that the password is successful in rendering one or more decryption keys; a fifth set of codes for causing a computer to, in response to successful verification of the validity of the password, record the file owner and the password in an entry of the user identification file in the user identification file database; and a sixth set of codes for causing a computer to decrypt, automatically, encrypted electronic communication entries in electronic communication files collected from custodians in the electronic discovery system by; automatically generating a client-specific communication session based on an electronic communication file being associated with a user identification file based on a same file owner, accessing the electronic communication file within the client-specific communication session, automatically identifying encrypted electronic communication entries in the electronic communication file, accessing the associated user identification file based on the identified password to provide the decryption key for decrypting the encrypted electronic communication entries, and decrypting the encrypted electronic communication entries by application of the decryption key, wherein the custodians are limited to individuals or groups of individuals within the enterprise who created or are associated with electronic data required to be collected in an electronic discovery matter and wherein the electronic discovery matter is one of a legal proceeding, audit or forensic investigation in which electronic data is sought, located, secured and searched with the intent of using it as evidence. - View Dependent Claims (12, 13, 14, 15)
-
Specification