Systems and methods for controlling email access

US 8,862,868 B2
Filed: 12/06/2012
Issued: 10/14/2014
Est. Priority Date: 12/06/2012
Status: Active Grant

First Claim

Patent Images

1. A system, comprising at least one processor and at least one memory device;

storing computer-executable instructions that, when executed by one or more processors, cause the system to perform operations comprising;

receiving an email comprising a plurality of email resources, the plurality of email resources comprising at least one email attachment and at least one email message;

identifying at least one resource rule associated with the at least one email attachment, the at least one resource rule comprising a variable stringency;

adjusting, based at least in part on at least one device profile describing at least one state of at least one client device, the variable stringency of the at least one resource rule;

removing, in accordance with the at least one resource rule, the at least one email attachment from the plurality of email resources;

encrypting, in accordance with the at least one resource rule, the at least one email attachment, thereby creating at least one encrypted email attachment, the at least one encrypted email attachment being configured to be decrypted using one or more cryptographic keys accessible to at least one secure container application executable on the at least one client device; and

causing one or more remaining email resources of the plurality of email resources to be made accessible to the at least one client device, the one or more remaining email resources comprising the at least one email message;

wherein adjusting the variable stringency of the at least one resource rule comprises associating one or more of a plurality of access restrictions with the at least one resource rule.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the disclosure relate to proxying one or more email resources in transit to the client devices from the email services, removing one or more email attachments from the email resources, and encoding the stripped email attachments based at least in part on one or more cryptographic keys.

210 Citations

20 Claims

1. A system, comprising at least one processor and at least one memory device;
- storing computer-executable instructions that, when executed by one or more processors, cause the system to perform operations comprising;
  
  receiving an email comprising a plurality of email resources, the plurality of email resources comprising at least one email attachment and at least one email message;
  
  identifying at least one resource rule associated with the at least one email attachment, the at least one resource rule comprising a variable stringency;
  
  adjusting, based at least in part on at least one device profile describing at least one state of at least one client device, the variable stringency of the at least one resource rule;
  
  removing, in accordance with the at least one resource rule, the at least one email attachment from the plurality of email resources;
  
  encrypting, in accordance with the at least one resource rule, the at least one email attachment, thereby creating at least one encrypted email attachment, the at least one encrypted email attachment being configured to be decrypted using one or more cryptographic keys accessible to at least one secure container application executable on the at least one client device; and
  
  causing one or more remaining email resources of the plurality of email resources to be made accessible to the at least one client device, the one or more remaining email resources comprising the at least one email message;
  
  wherein adjusting the variable stringency of the at least one resource rule comprises associating one or more of a plurality of access restrictions with the at least one resource rule.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1, wherein causing the one or more remaining email resources to be made accessible to the at least one client device comprises:
    - causing the remaining email resources to be transmitted to the at least one client device.
  - 3. The system of claim 1, wherein the system is further caused to perform operations comprising:
    - causing the at least one encrypted email attachment to be transmitted to the at least one client device.
  - 4. The system of claim 1, wherein the system is further caused to perform operations comprising:
    - causing the one or more cryptographic keys to be transmitted to the at least one client device.
  - 5. The system of claim 1, wherein the system is further caused to perform operations comprising:
    - authorizing the at least one client device, based at least in part on the at least one device profile describing the at least one state of the at least one client device, to access the one or more remaining email resources.
  - 6. The system of claim 1, wherein the system is further caused to perform operations comprising:
    - authorizing the at least one client device, based at least in part on the at least one device profile describing the at least one state of the at least one client device, to access the at least one encrypted email attachment.
  - 7. The system of claim 1, wherein the system is further caused to perform operations comprising:
    - receiving, at the at least one client device, the at least one email message;
      
      causing at least one selectable element associated with the removed at least one email attachment to be presented via at least one user interface of the at least one client device;
      
      receiving, via the at least one user interface, user selection of the at least one selectable element;
      
      causing, in response to receiving the user selection, the at least one encrypted email attachment to be received by the client device;
      
      causing the at least one encrypted email attachment to be saved to at least one memory of the client device;
      
      causing a user interface associated with at least one of the one or more secure container applications executable on the at least one client device to be displayed; and
      
      causing the at least one saved encrypted email attachment to be decrypted via the at least one secure container application using at least one of the one or more particular cryptographic keys.
  - 8. The system of claim 7, wherein the system is further caused to perform operations comprising:
    - causing a body of the at least one email attachment to be displayed via the user interface associated with the at least one secure container application, the at least one secure container application being configured to restrict at least one of cutting, copying, or screen capturing.

9. A method comprising:
- receiving an email comprising a plurality of email resources, the plurality of email resources comprising at least one email attachment and at least one email message;
  
  identifying at least one resource rule associated with the at least one email attachment, the at least one resource rule comprising a variable stringency;
  
  adjusting, based at least in part on at least one device profile describing at least one state of at least one client device, the variable stringency of the at least one resource rule;
  
  removing, in accordance with the at least one resource rule, the at least one email attachment from the plurality of email resources;
  
  encrypting, in accordance with the at least one resource rule, the at least one email attachment, thereby creating at least one encrypted email attachment, the at least one encrypted email attachment being configured to be decrypted using one or more cryptographic keys accessible to at least one secure container application executable on the at least one client device; and
  
  causing one or more remaining email resources of the plurality of email resources to be made accessible to the at least one client device, the one or more remaining email resources comprising the at least one email message;
  
  wherein adjusting the variable stringency of the at least one resource rule comprises associating one or more of a plurality of access restrictions with the at least one resource rule.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The method of claim 9, further comprising:
    - causing the one or more cryptographic to be transmitted to the at least one client device.
  - 11. The method of claim 9, further comprising:
    - authorizing the at least one client device, based at least in part on the at least one device profile describing the at least one state of the at least one client device, to access the at least one encrypted email attachment.
  - 12. The method of claim 9, further comprising:
    - receiving, at the at least one client device, the at least one email message;
      
      causing at least one selectable element associated with the removed at least one email attachment to be presented via at least one user interface of the at least one client device;
      
      receiving, via the at least one user interface, user selection of the at least one selectable element;
      
      causing, in response to receiving the user selection, the at least one encrypted email attachment to be received by the client device;
      
      causing the at least one encrypted email attachment to be saved to at least one memory of the client device;
      
      causing a user interface associated with at least one of the one or more secure container applications executable on the at least one client device to be displayed; and
      
      causing the at least one saved encrypted email attachment to be decrypted via the at least one secure container application using at least one of the one or more particular cryptographic keys.
  - 13. The method of claim 12, further comprising:
    - causing a body of the at least one email attachment to be displayed via the user interface associated with the at least one secure container application, the at least one secure container application being configured to restrict at least one of cutting, copying, or screen capturing.

14. A non-transitory computer-readable medium embodying a program executable in at least one computing device, the program comprising code, which when executed, causes the at least one computing device to perform a method comprising:
- receiving an email comprising a plurality of email resources, the plurality of email resources comprising at least one email attachment and at least one email message;
  
  identifying at least one resource rule associated with the at least one email attachment, the at least one resource rule comprising a variable stringency;
  
  adjusting, based at least in part on at least one device profile describing at least one state of at least one client device, the variable stringency of the at least one resource rule;
  
  removing, in accordance with the at least one resource rule, the at least one email attachment from the plurality of email resources;
  
  encrypting, in accordance with the at least one resource rule, the at least one email attachment, thereby creating at least one encrypted email attachment, the at least one encrypted email attachment being configured to be decrypted using one or more cryptographic keys accessible to at least one secure container application executable on the at least one client device; and
  
  causing one or more remaining email resources of the plurality of email resources to be made accessible to the at least one client device, the one or more remaining email resources comprising the at least one email message;
  
  wherein adjusting the variable stringency of the at least one resource rule comprises associating one or more of a plurality of access restrictions with the at least one resource rule.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The computer-readable medium of claim 14, wherein the plurality of email resources comprise at least one of one or more headers of the email resources, one or more bodies of the email resources, or one or more footers of the email resources.
  - 16. The computer-readable medium of claim 14, wherein the at least one computing device is further caused to perform:
    - causing the at least one encrypted email attachment to be transmitted to the one or more client devices.
  - 17. The computer-readable medium of claim 14, wherein the at least one secure container applications executable on the at least one client device is configured to restrict at least one of cutting, copying, pasting, transmitting, screen capturing, or printing resources.
  - 18. The computer-readable medium of claim 14, wherein the at least one computing device is further caused to perform:
    - authorizing the at least one client device associated with the email resources to access the remaining email resources based at least in part on the at least one device profile describing the at least one state of the at least one client device.
  - 19. The computer-readable medium of claim 14, wherein the at least one computing device is further caused to perform:
    - receiving, at the at least one client device, the at least one email message;
      
      causing at least one selectable element associated with the removed at least one email attachment to be presented via at least one user interface of the at least one client device;
      
      receiving, via the at least one user interface, user selection of the at least one selectable element;
      
      causing, in response to receiving the user selection, the at least one encrypted email attachment to be received by the client device;
      
      causing the at least one encrypted email attachment to be saved to at least one memory of the client device;
      
      causing a user interface associated with at least one of the one or more secure container applications executable on the at least one client device to be displayed; and
      
      causing the at least one saved encrypted email attachment to be decrypted via the at least one secure container application using at least one of the one or more particular cryptographic keys.
  - 20. The computer-readable medium of claim 19, wherein the at least one computing device is further caused to perform:
    - causing a body of the at least one email attachment to be displayed via the user interface associated with the at least one secure container application, the at least one secure container application being configured to restrict at least one of cutting, copying, or screen capturing.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AirWatch LLC (Broadcom, Inc.)
Original Assignee
AirWatch LLC (Broadcom, Inc.)
Inventors
Dabbiere, Alan, Stuntebeck, Erich, Brannon, Jonathon Blake
Primary Examiner(s)
Eskandarnia, Arvin

Application Number

US13/706,817
Publication Number

US 20140164759A1
Time in Patent Office

677 Days
Field of Search

713/152
US Class Current

713/152
CPC Class Codes

H04L 51/08   Annexed information, e.g. a...

H04L 63/0281   Proxies

H04L 63/0428   wherein the data content is...

H04L 63/0435   wherein the sending and rec...

H04L 63/20   for managing network securi...

Systems and methods for controlling email access

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

210 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Systems and methods for controlling email access

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

210 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others