E-mail firewall with stored key encryption/decryption

US 8,607,042 B2
Filed: 12/20/2006
Issued: 12/10/2013
Est. Priority Date: 07/23/1998
Status: Expired due to Fees

First Claim

Patent Images

1. A method for controlling e-mail messages transmitted from and received by a computing site, the method implemented using a firewall implemented at least partially in hardware and comprising:

selectively encrypting individual e-mail messages transmitted from an e-mail sender associated with said computing site to a first e-mail recipient via the firewall, the selective encrypting being performed under control of the firewall and in accordance with (i) a security policy associated with said computing site and (ii) at least a first recipient key associated with the first e-mail recipient;

decrypting individual encrypted e-mail messages sent to a second e-mail recipient associated with said computing site, the decrypting being performed under control of the firewall and in accordance with (i) the security policy and (ii) at least a second recipient key associated with the second e-mail recipient;

at the firewall, filtering said e-mail messages, after said decryption and before said encryption respectively, and in accordance with changeable filter information, the filtering comprising at least content filtering to enforce content control policies by reference to specific words in the message body, each of said e-mail messages including at least one recipient address; and

transmitting at least one of said messages to at least one recipient address thereof in response to a predetermined policy result of said filter.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An e-mail firewall applies policies to messages between a first site and a plurality of second sites in accordance with administrator selectable policies. The firewall includes an SMTP relay and policy managers to enforce administrator selectable policies, such as encryption and decryption policies, a source/destination policy, a content policy and a first virus policy. Some policies are characterized by administrator selectable criteria, administrator selectable exceptions to the criteria and administrator selectable actions associated with the criteria and exceptions. Policy managers can include an access manager for restricting transmission of messages between the first and second sites in accordance with the source/destination policy, a content manager for restricting transmission of messages between the first and second sites in accordance with the content policy, and a virus manager for restricting transmission of messages between the first and second sites in accordance with the virus policy.

Citations

7 Claims

1. A method for controlling e-mail messages transmitted from and received by a computing site, the method implemented using a firewall implemented at least partially in hardware and comprising:
- selectively encrypting individual e-mail messages transmitted from an e-mail sender associated with said computing site to a first e-mail recipient via the firewall, the selective encrypting being performed under control of the firewall and in accordance with (i) a security policy associated with said computing site and (ii) at least a first recipient key associated with the first e-mail recipient;
  
  decrypting individual encrypted e-mail messages sent to a second e-mail recipient associated with said computing site, the decrypting being performed under control of the firewall and in accordance with (i) the security policy and (ii) at least a second recipient key associated with the second e-mail recipient;
  
  at the firewall, filtering said e-mail messages, after said decryption and before said encryption respectively, and in accordance with changeable filter information, the filtering comprising at least content filtering to enforce content control policies by reference to specific words in the message body, each of said e-mail messages including at least one recipient address; and
  
  transmitting at least one of said messages to at least one recipient address thereof in response to a predetermined policy result of said filter.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The e-mail control method as set forth in claim 1, wherein each of said e-mail messages comprise destination information identifying at least one recipient address for the respective e-mail message, and wherein said filtering further comprises destination filtering for restricting transit of those of said e-mail messages which contain information corresponding to changeable destination filter information.
  - 3. The e-mail control method as set forth in claim 2, wherein each of said e-mail messages comprise source information identifying a source for the respective e-mail message, and wherein said filtering further comprises source filtering for restricting transit of those of said e-mail messages which contain information corresponding to changeable source filter information.
  - 4. The e-mail control method as set forth in claim 2 further comprising, in response to said filtering, redirecting those of said e-mail messages which contain information corresponding to said changeable filter information to a destination which differs from the recipient address of the respective e-mail message.
  - 5. The e-mail control method as set forth in claim 2 further comprising, in response to said filtering, causing redirection of those of said respective e-mail messages which contain information corresponding to said changeable filter information to a destination which corresponds to the recipient address of the respective e-mail message.
  - 6. The e-mail control method as set forth in claim 2 further comprising:
    - in response to said filtering, redirecting a particular one of said e-mail messages and generating a notification e-mail message; and
      
      transmitting said notification e-mail message to a destination corresponding to changeable notification message destination information.
  - 7. The e-mail control method as set forth in claim 6 further comprising:
    - including the particular e-mail message with said notification message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Axway Incorporated (Axway Software SA)
Original Assignee
Axway Incorporated (Axway Software SA)
Inventors
Dickinson, III, Robert D., Krishnamurthy, Sathvik
Primary Examiner(s)
Shiferaw, Eleni
Assistant Examiner(s)
CALLAHAN, PAUL E

Application Number

US11/642,117
Publication Number

US 20070245416A1
Time in Patent Office

2,547 Days
Field of Search

726/11, 726/14, 726/24, 380/30, 380/282, 380/20, 713/154, 713/156, 713/170
US Class Current

713/154
CPC Class Codes

H04L 2209/76   Proxy, i.e. using intermedi...

H04L 51/063   Content adaptation, e.g. re...

H04L 51/212   using filtering or selectiv...

H04L 51/224   providing notification on i...

H04L 63/0227   Filtering policies mail mes...

H04L 63/0245   Filtering by information in...

H04L 63/0263   Rule management

H04L 63/0428   wherein the data content is...

H04L 63/0464   using hop-by-hop encryption...

E-mail firewall with stored key encryption/decryption

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

7 Claims

Specification

Solutions

Use Cases

Quick Links

E-mail firewall with stored key encryption/decryption

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

7 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links