Systems and methods to secure restricted information in electronic mail messages

US 8,793,801 B2
Filed: 05/18/2007
Issued: 07/29/2014
Est. Priority Date: 05/18/2007
Status: Active Grant

First Claim

Patent Images

1. A processor-implemented method of facilitating a secure distribution of information, comprising:

determining at a client device that an email message is being generated by a user;

associating a security classification with the email message;

identifying each intended recipient of the email message;

verifying each intended recipient has a security classification that corresponds to the security classification associated with the email message by comparing each intended recipient with a list of presently allowed potential recipients derived at least in part on the security classification associated with the email message;

generating a recipient confirmation prompt if a security classification associated with an intended recipient does not correspond to the security classification associated with the email message;

finalizing the email message for transmission according to the email message'"'"'s intended recipient verification and the security classification;

transmitting the email message along with an indication of the security classification and routing the email message based, at least in part, on the security classification and the email message'"'"'s intended recipient verification;

determining whether a destination associated with the email message is (i) within a local environment or (ii) external to the local environment;

if it is determined that the destination is external, arranging for information to be provided via a Web site in accordance with the security classification;

determining whether a recipient is able to access information via the Web site; and

if it is determined that the recipient is not able to access information via the Web site, notifying the user via the client device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided to secure restricted information in electronic mail messages. According to some embodiments, it is determined at a client device that an email message is being generated by a user. A security classification may be associated with the email message, and the email message may be sent toward a destination along with an indication of the security classification, wherein the email message is routed based, at least in part, on the security classification.

11 Citations

View as Search Results

20 Claims

1. A processor-implemented method of facilitating a secure distribution of information, comprising:
- determining at a client device that an email message is being generated by a user;
  
  associating a security classification with the email message;
  
  identifying each intended recipient of the email message;
  
  verifying each intended recipient has a security classification that corresponds to the security classification associated with the email message by comparing each intended recipient with a list of presently allowed potential recipients derived at least in part on the security classification associated with the email message;
  
  generating a recipient confirmation prompt if a security classification associated with an intended recipient does not correspond to the security classification associated with the email message;
  
  finalizing the email message for transmission according to the email message'"'"'s intended recipient verification and the security classification;
  
  transmitting the email message along with an indication of the security classification and routing the email message based, at least in part, on the security classification and the email message'"'"'s intended recipient verification;
  
  determining whether a destination associated with the email message is (i) within a local environment or (ii) external to the local environment;
  
  if it is determined that the destination is external, arranging for information to be provided via a Web site in accordance with the security classification;
  
  determining whether a recipient is able to access information via the Web site; and
  
  if it is determined that the recipient is not able to access information via the Web site, notifying the user via the client device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1, wherein said associating is performed using a plugin application executing at the client device.
  - 3. The method of claim 1, wherein the list is a white list stored locally at the client device.
  - 4. The method of claim 3, wherein the white list is periodically updated by a remote device.
  - 5. The method of claim 1, further comprising:
    - automatically associating the security classification with the email message.
  - 6. The method of claim 5, wherein the associating is based at least in part on at least one of:
    - (i) information included in the email message, (ii) an attachment associated with the email message, (iii) information associated with a user, or (iv) information associated with a destination of the email message.
  - 7. The method of claim 1, further comprising:
    - receiving an indication of the security classification from the user.
  - 8. The method of claim 7, wherein said receiving includes:
    - providing a default security classification; and
      
      receiving from the user an adjustment to the default security classification.
  - 9. The method of claim 8, further comprising:
    - logging information associated with the adjustment.
  - 10. The method of claim 1, further comprising:
    - enforcing a rule associated with the security classification.
  - 11. The method of claim 10, wherein said enforcing is performed at the client device.
  - 12. The method of claim 10, wherein said enforcing is performed at a server remote from the client device.
  - 13. The method of claim 12, wherein the server is associated with at least one of:
    - (i) a secure mail service, (ii) a message managing system, or (iii) an integrated messaging exchange.
  - 14. The method of claim 1, further comprising:
    - automatically modifying the email message in accordance with the security classification.
  - 15. The method of claim 1, further comprising:
    - preventing the email message from reaching a destination in accordance with the security classification.
  - 16. The method of claim 1, wherein the client device comprises at least one of:
    - (i) a personal computer, (ii) a personal digital assistant, (iii) a mobile computer, or (iv) a wireless device.
  - 17. The method of claim 1, wherein a plurality of security classification categories are associated with the email message.
  - 18. The method of claim 1, further comprising:
    - intercepting the email message if the recipient confirmation prompt is overridden.

19. An apparatus to facilitate a secure distribution of information, comprising:
- a client device to determine that an email message is being generated by a user;
  
  an input device configured to;
  
  receive information associated with a security classification for the email message;
  
  identify each intended recipient of the email message;
  
  verify each intended recipient has a security classification that corresponds to the security classification associated with the email message by comparing each intended recipient with a list of presently allowed potential recipients derived at least in part on the security classification associated with the email message;
  
  generating a recipient confirmation prompt if a security classification associated with an intended recipient does not correspond to the security classification associated with the email message;
  
  finalize the email message for transmission according to the email message'"'"'s intended recipient verification and the security classification;
  
  determine whether a destination associated with the email message is (i) within a local environment or (ii) external to the local environment;
  
  if it is determined that the destination is external, arrange for information to be provided via a Web site in accordance with the security classification;
  
  determine whether a recipient is able to access information via the Web site; and
  
  if it is determined that the recipient is not able to access information via the Web site, notify the user via the client device; and
  
  a transmitting device to transmit the email message along with an indication of the security classification and routing the email message based, at least in part, on the security classification and the email message'"'"'s intended recipient verification.

20. A processor-implemented method of facilitating a secure distribution of information, comprising:
- receiving from a remote server information associated with an allowed recipient white list;
  
  storing the information locally at a client device;
  
  determining at the client device that an email message is being generated by a user;
  
  associating a security classification with the email message, wherein said associating is performed using a plug-in application executing at the client device;
  
  identifying each intended recipient of the email message;
  
  verifying each identified recipient by comparing each security classification associated with each intended recipient of the email message with a corresponding security classification of the locally stored presently allowed recipient white list based at least in part on the security classification;
  
  if a security classification associated with an intended recipient does not correspond with the security classification on the presently allowed recipient white list, generating a recipient confirmation prompt querying whether the intended recipient should receive the email message;
  
  finalizing the email message for transmission according to the email message'"'"'s intended recipient verification and the security classification; and
  
  determining whether a destination associated with the email message and the intended recipient is (i) within a local environment or (ii) external to the local environment; and
  
  if the destination is external, arranging for information to be provided via a Web site in accordance with the security classification.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Goldman Sachs & Co. LLC (Goldman Sachs Group Incorporated)
Original Assignee
Goldman Sachs & Company (Goldman Sachs Group Incorporated)
Inventors
Marman, Timothy, Kukreja, Rajiv
Primary Examiner(s)
HOFFMAN, BRANDON S

Application Number

US11/750,562
Publication Number

US 20080289037A1
Time in Patent Office

2,629 Days
Field of Search

726/1, 726/11, 726/12, 726/26, 726/27, 726/30, 713/153, 713/154
US Class Current

726/26
CPC Class Codes

G06F 21/60 Protecting data

H04L 51/212 using filtering or selectiv...

Systems and methods to secure restricted information in electronic mail messages

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

11 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods to secure restricted information in electronic mail messages

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

11 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links