Secure electronic mail system
First Claim
1. A computer-implemented method of securely communicating e-mail messages, the method comprising:
- intercepting an e-mail message on a sender computing device when the e-mail message is composed and sent by a sender on the sender computing device;
sending the intercepted e-mail message in unencrypted form over a secure channel to a server system that implements a secure e-mail service;
receiving the e-mail message in unencrypted form at the server system, the e-mail message being from the sender, the sender having an account with the secure e-mail service, and being addressed to a recipient that does not have an account with the secure e-mail service;
storing the e-mail message in encrypted form on the server system;
generating, or causing a generation of, an introductory message after receiving of the e-mail message at the server system;
sending the introductory message from the server system to the sender computing device;
transmitting, or causing a transmission of, the introductory message from the sender computing device to the recipient in unencrypted form via an SMTP protocol, said introductory message lacking at least some message content of the e-mail message, and including a link to a web client interface that provides functionality to authenticate the recipient and to securely retrieve the e-mail message from the server system and further including a message access key including a message identifier identifying the e-mail message and a service host identifier indicating to the recipient a network accessible address of the server system at which the e-mail message is stored, wherein the message access key does not serve as an encryption or decryption key;
upon access of the introductory message by the recipient, programmatically receiving recipient data including the message access key and a recipient e-mail address from the recipient;
registering the recipient with the secure e-mail service by validating the message access key and the recipient e-mail address; and
transmitting the e-mail message in unencrypted form to the recipient via a secure communications protocol, based on the recipient data.
5 Assignments
0 Petitions
Accused Products
Abstract
An e-mail system is disclosed that overcomes many deficiencies of, but is backward compatible with, existing e-mail systems. Embodiments of the system may include various features, including but not limited to: (1) secure transfer of e-mail messages, without the need for users to replace existing e-mail clients or to change e-mail addresses; (2) tracking of all actions performed in connection with an e-mail transmission; (3) the ability for a recipient to view information about an e-mail message, optionally including information about how other addressees have responded to it, before deciding whether to retrieve the e-mail message; (4) the aggregation of entire e-mail conversations into a single threaded view; (5) the ability to include both private and public messages in a single e-mail communication; (6) sender control over downstream actions performed in connection with an e-mail message; (7) flexible control over cryptographic methods used to encrypt emails messages for storage.
119 Citations
28 Claims
-
1. A computer-implemented method of securely communicating e-mail messages, the method comprising:
-
intercepting an e-mail message on a sender computing device when the e-mail message is composed and sent by a sender on the sender computing device; sending the intercepted e-mail message in unencrypted form over a secure channel to a server system that implements a secure e-mail service; receiving the e-mail message in unencrypted form at the server system, the e-mail message being from the sender, the sender having an account with the secure e-mail service, and being addressed to a recipient that does not have an account with the secure e-mail service; storing the e-mail message in encrypted form on the server system; generating, or causing a generation of, an introductory message after receiving of the e-mail message at the server system; sending the introductory message from the server system to the sender computing device; transmitting, or causing a transmission of, the introductory message from the sender computing device to the recipient in unencrypted form via an SMTP protocol, said introductory message lacking at least some message content of the e-mail message, and including a link to a web client interface that provides functionality to authenticate the recipient and to securely retrieve the e-mail message from the server system and further including a message access key including a message identifier identifying the e-mail message and a service host identifier indicating to the recipient a network accessible address of the server system at which the e-mail message is stored, wherein the message access key does not serve as an encryption or decryption key; upon access of the introductory message by the recipient, programmatically receiving recipient data including the message access key and a recipient e-mail address from the recipient; registering the recipient with the secure e-mail service by validating the message access key and the recipient e-mail address; and transmitting the e-mail message in unencrypted form to the recipient via a secure communications protocol, based on the recipient data. - View Dependent Claims (2, 3)
-
-
4. A computer-implemented method comprising:
-
intercepting an e-mail message composed and sent by a sender via an e-mail client running on a sender computing device with an e-mail client plug-in running on the sender computing device, such that an ordinary transmission of the e-mail message to a recipient e-mail address of a recipient is blocked; sending the e-mail message in unencrypted form via a secure communications protocol from the sender computing device to a server system for storage thereon in encrypted form; sending an introductory message in unencrypted form via an SMTP protocol from the sender computing device to a recipient computing device associated with the recipient e-mail address, said introductory message including a key for retrieving the e-mail message from the server system in unencrypted form via the secure communications protocol, the key including a message identifier identifying the e-mail message and a service host identifier indicating to the recipient a network accessible address of the server system at which the e-mail message is stored, wherein the key does not serve as an encryption or decryption key, the key being further usable with the recipient e-mail address to programmatically register the recipient with a secure e-mail service provided by the server system upon access of the introductory message by the recipient, wherein the introductory message lacks at least some message content of the e-mail message. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
- 25. An e-mail client plug-in stored on a non-transitory computer-readable storage medium on a user computing device, said e-mail client plug-in adapted to run in conjunction with an e-mail client program on the user computing device and being capable of intercepting an e-mail message composed and sent by a sender from the e-mail client program such that an ordinary transmission of the e-mail message is blocked, and being capable of causing the intercepted e-mail message to be sent from the user computing device in unencrypted form via a secure communications protocol over a network to a secure e-mail service, and further being capable of sending a notification message from the e-mail client program on the user computing device to a recipient to whom the e-mail message is addressed in unencrypted form via a path that does not include said secure e-mail service, said notification message including a key for subsequent retrieval of the e-mail message in unencrypted form via the secure communications protocol by the recipient from the secure e-mail service, the key including a message identifier identifying the e-mail message and a service host identifier indicating to the recipient a network accessible address of the secure e-mail service at which the e-mail message is stored, wherein the key does not serve as an encryption or decryption key, the key being further usable with an e-mail address of the recipient to programmatically register the recipient with the secure e-mail service upon access of the notification message by the recipient.
Specification