Processing encrypted electronic documents
First Claim
1. A data processing system, comprising:
- a computer configured to receive and process electronic documents directed to one or more users;
a key server coupled to the computer and configured to store decryption data associated with one or more users, groups or domains;
a quarantine coupled to the computer;
electronic document processing logic coupled to the computer and to the quarantine and when executed operable to;
identify an encrypted electronic document received at the computer;
determine whether the key server stores particular decryption data, or credentials to access decryption data, that can decrypt the encrypted electronic document;
in response to determining that the key server stores particular decryption data of a document recipient and that can decrypt the encrypted electronic document;
first, retrieve the particular decryption data of the document recipient from the key server;
second, decrypt the electronic document using the particular decryption data of the document recipient and retrieved from the key server;
third, scan the electronic document to identify specified content in the electronic document to determine whether the specified content contains malicious elements;
fourth, encrypt the scanned document using the particular decryption data retrieved from the key server; and
fifth, perform one or more responsive actions based on the specified content;
in response to determining that the key server does not store particular decryption data of a document recipient and that can decrypt the encrypted electronic document;
first, store the electronic document in the quarantine;
second, notify one of the users;
third, receive from the one of the users the particular decryption data of the document recipient;
fourth, decrypt the electronic document using the particular decryption data of the document recipient and received from the one of the users;
fifth, scan the electronic document to identify specified content in the electronic document to determine whether the specified content contains malicious elements;
sixth, encrypt the scanned document using the particular decryption data received from the one of the users; and
seventh, perform one or more responsive actions based on the specified content.
1 Assignment
0 Petitions
Accused Products
Abstract
Electronic document processing logic coupled to a computer and to a quarantine is operable to identify an encrypted electronic document received at the computer; determine whether the key server stores particular decryption data, or credentials to access decryption data, that can decrypt the encrypted electronic document; in response to determining that the key server does not store particular decryption data that can decrypt the encrypted electronic document: store the electronic document in the quarantine; notify one of the users; receive from the one of the users the particular decryption data; decrypt the electronic document; scan the electronic document to identify specified content in the electronic document; and perform one or more responsive actions based on the specified content. As a result, encrypted content in documents or e-mail can be decrypted, scanned for viruses, malware, or prohibited content, and re-encrypted or delivered.
54 Citations
26 Claims
-
1. A data processing system, comprising:
-
a computer configured to receive and process electronic documents directed to one or more users; a key server coupled to the computer and configured to store decryption data associated with one or more users, groups or domains; a quarantine coupled to the computer; electronic document processing logic coupled to the computer and to the quarantine and when executed operable to; identify an encrypted electronic document received at the computer; determine whether the key server stores particular decryption data, or credentials to access decryption data, that can decrypt the encrypted electronic document; in response to determining that the key server stores particular decryption data of a document recipient and that can decrypt the encrypted electronic document;
first, retrieve the particular decryption data of the document recipient from the key server;
second, decrypt the electronic document using the particular decryption data of the document recipient and retrieved from the key server;
third, scan the electronic document to identify specified content in the electronic document to determine whether the specified content contains malicious elements;
fourth, encrypt the scanned document using the particular decryption data retrieved from the key server; and
fifth, perform one or more responsive actions based on the specified content;in response to determining that the key server does not store particular decryption data of a document recipient and that can decrypt the encrypted electronic document;
first, store the electronic document in the quarantine;
second, notify one of the users;
third, receive from the one of the users the particular decryption data of the document recipient;
fourth, decrypt the electronic document using the particular decryption data of the document recipient and received from the one of the users;
fifth, scan the electronic document to identify specified content in the electronic document to determine whether the specified content contains malicious elements;
sixth, encrypt the scanned document using the particular decryption data received from the one of the users; and
seventh, perform one or more responsive actions based on the specified content. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A data processing system, comprising:
-
an e-mail relay configured to receive and process e-mails directed to one or more users; a key server coupled to the e-mail relay and configured to store decryption data associated with one or more users, groups or domains; a message quarantine coupled to the e-mail relay; e-mail processing logic coupled to the e-mail relay and to the message quarantine and when executed operable to; identify an encrypted e-mail received at the e-mail relay; determine whether the key server stores particular decryption data, or credentials to access decryption data, that can decrypt the encrypted e-mail; in response to determining that the key server stores particular decryption data of a document recipient and that can decrypt the encrypted e-mail;
first, retrieve the particular decryption data of the document recipient from the key server;
second, decrypt the e-mail using the particular decryption data of the document recipient and retrieved from the key server;
third, scan the e-mail to identify specified content in the e-mail to determine whether the specified content contains malicious elements;
fourth, encrypt the scanned document using the particular decryption data retrieved from the key server; and
fifth, perform one or more responsive actions based on the specified content;in response to determining that the key server does not store particular decryption data of a document recipient and that can decrypt the encrypted e-mail;
first, store the e-mail in the message quarantine;
second, notify one of the users;
third, receive from the one of the users the particular decryption data of the document recipient;
fourth, decrypt the e-mail using the particular decryption data of the document recipient and received from the one of the users;
fifth, scan the e-mail to identify specified content in the e-mail to determine whether the specified content contains malicious elements;
sixth, encrypt the scanned document using the particular decryption data received from the one of the users; and
seventh, perform one or more responsive actions based on the specified content. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory computer-readable data storage medium encoded with one or more sequences of instructions which, when executed by one or more processors, cause the one or more processors to perform:
-
receiving and processing electronic documents directed to one or more users; establishing a quarantine in memory; identifying an encrypted electronic document received at a computer; determining whether a key server, which is configured to store decryption data associated with one or more users, groups or domains, stores particular decryption data, or credentials to access decryption data, that can decrypt the encrypted electronic document; in response to determining that the key server stores particular decryption data of a document recipient and that can decrypt the encrypted electronic document;
first, retrieving the particular decryption data of the document recipient from the key server;
second, decrypting the electronic document using the particular decryption data of the document recipient and retrieved from the key server;
third, scanning the electronic document to identify specified content in the electronic document to determine whether the specified content contains malicious elements;
fourth, encrypting the scanned document using the particular decryption data retrieved from the key server; and
fifth, performing one or more responsive actions based on the specified content;in response to determining that the key server does not store particular decryption data of a document recipient and that can decrypt the encrypted electronic document;
first, storing the electronic document in the quarantine;
second, notifying one of the users;
third, receiving from the one of the users the particular decryption data of the document recipient;
fourth, decrypting the electronic document using the particular decryption data of the document recipient and received from the one of the users;
fifth, scanning the electronic document to identify specified content in the electronic document to determine whether the specified content contains malicious elements;
sixth, encrypting the scanned document; and
seventh, performing one or more responsive actions based on the specified content. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
-
Specification