Information management system
First Claim
1. An information management system comprising:
- a plurality of workstations adapted for connection to a computer network, each workstation having a memory;
an application stored in said memory of each workstation configured to transmit an outbound message to said network for delivery to an intended recipient;
policy data containing rules for determining one or more particulars of the outbound message, and for controlling the transmission of said outbound message in dependence on those particulars; and
an analyser integrated into the application, said analyser configured to;
utilize said policy data to determine one or more particulars of the outbound message before transmission of the outbound message by the application;
selectively re-direct the outbound message to a third party instead of the originally intended recipient responsive to said policy data wherein the policy data is centrally defined for the plurality of workstations;
determine whether an address of the recipient of the outbound message is associated with a sender of the outbound message, by;
determining whether the address of the recipient contains one of a predetermined list of domain names; and
determining whether the address of the recipient contains at least one of a surname, first name, or initials of the sender of the outbound message; and
re-direct the outbound message to the third party in response to determining that the address of the recipient of the outbound message is associated with the sender of the outbound message.
4 Assignments
0 Petitions
Accused Products
Abstract
An information management system is described comprising one or more workstations running applications which allow a user of the workstation to connect to a network, such as the Internet. Each application has an analyzer, which monitors transmission data that the application is about to transmit to the network or has just received from the network, and which determines an appropriate action to take regarding that data. The analyzer may consult policy data containing a supervisior-defined policy to govern the workstations in order to determine what action to take. Such actions may be extracting data from the transmission data, such as passwords and usernames, digital certificates or eCommerce transaction details for storage and record keeping; ensuring that the transmission data is transmitted at an encryption strength appropriate to the contents of the transmission data; determining whether a check needs to be made as to whether a digital certificate received in transmission is valid; determining whether a transaction about to be made by a user of one of the workstations needs third party approval before it is made; and controlling the transmission of messages, such as e-mails according to a policy.
48 Citations
100 Claims
-
1. An information management system comprising:
-
a plurality of workstations adapted for connection to a computer network, each workstation having a memory; an application stored in said memory of each workstation configured to transmit an outbound message to said network for delivery to an intended recipient; policy data containing rules for determining one or more particulars of the outbound message, and for controlling the transmission of said outbound message in dependence on those particulars; and an analyser integrated into the application, said analyser configured to; utilize said policy data to determine one or more particulars of the outbound message before transmission of the outbound message by the application; selectively re-direct the outbound message to a third party instead of the originally intended recipient responsive to said policy data wherein the policy data is centrally defined for the plurality of workstations; determine whether an address of the recipient of the outbound message is associated with a sender of the outbound message, by; determining whether the address of the recipient contains one of a predetermined list of domain names; and determining whether the address of the recipient contains at least one of a surname, first name, or initials of the sender of the outbound message; and re-direct the outbound message to the third party in response to determining that the address of the recipient of the outbound message is associated with the sender of the outbound message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. An information management system comprising:
-
a plurality of workstations adapted for connection to a computer network, each workstation having a memory; application means, stored in said memory of each workstation, for transmitting an outbound message to said network for delivery to an intended recipient; policy storage means for storing policy data containing rules for determining one or more particulars of the outbound message, said rules being for controlling the transmission of said outbound message in dependence on those particulars; and analysing means, integrated into the application means, for; determining, utilizing said policy data, one or more particulars of the outbound message before transmission of the outbound message by the application; selectively re-directing the outbound message to a third party instead of the originally intended recipient responsive to said policy data wherein the policy data is centrally defined for the plurality of workstations; determine whether an address of the recipient of the outbound message is associated with a sender of the outbound message, by; determining whether the address of the recipient contains one of a predetermined list of domain names; and determining whether the address of the recipient contains at least one of a surname, first name, or initials of the sender of the outbound message; and re-direct the outbound message to the third party in response to determining that the address of the recipient of the outbound message is associated with the sender of the outbound message. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
-
-
43. A method of managing information comprising the steps of:
-
providing a plurality of workstations adapted for connection to a computer network, each providing an application stored in said memory of each workstation for transmitting an outbound message to said network for delivery to an intended recipient; providing policy data containing rules for determining one or more particulars of the outbound message, and for controlling the transmission of said outbound message in dependence on those particulars wherein the policy data is centrally defined for the plurality of workstations; analysing said outbound message before transmission of the outbound message by the application, using said application to determine, in conjunction with said policy data, said one or more particulars; selectively re-directing the outbound message to a third party instead of the originally intended recipient in dependence on said one or more particulars; determining whether an address of the recipient of the outbound message is associated with a sender of the outbound message, by; determining whether the address of the recipient contains one of a predetermined list of domain names; and determining whether the address of the recipient contains at least one of a surname, first name, or initials of the sender of the outbound message; and re-directing the outbound message to the third party in response to determining that the address of the recipient of the outbound message is associated with the sender of the outbound message. - View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63)
-
-
64. A computer software product, for controlling a computer to manage information, said computer being connected to a network and having access to policy data containing rules for controlling transmission of outbound data to the network, comprising a recording medium readable by the computer, having program code recorded thereon which when executed on said computer configures the computer to:
-
analyse, with an application running on said computer that transmits outbound messages to said network and receives inbound messages from said network, an outbound message to determine in conjunction with said rules of said policy data one or more particulars of said outbound message, wherein the analysing is performed before transmission of said outbound message by the application, and wherein the policy data is centrally defined for a plurality of computers including said computer; selectively re-direct said outbound message to a third party instead of the originally intended recipient in dependence on said one or more particulars; determine whether an address of the recipient of the outbound message is associated with a sender of the outbound message, by; determining whether the address of the recipient contains one of a predetermined list of domain names; and determining whether the address of the recipient contains at least one of a surname, first name, or initials of the sender of the outbound message; and re-direct the outbound message to the third party in response to determining that the address of the recipient of the outbound message is associated with the sender of the outbound message. - View Dependent Claims (65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84)
-
-
85. An information management system comprising:
a plurality of computer workstations adapted for connection to a computer network, each computer workstation having a memory, each computer workstation storing an application in said memory including instructions executed by said workstation, the workstation configured to; transmit an outbound message to said network for delivery to an intended recipient; utilize policy data containing rules to determine the one or more particulars of the outbound message using an analyser integrated into the application before transmission of the outbound message by the application, wherein the policy data is centrally defined for the plurality of workstations; control the transmission of said outbound message in dependence on the particulars of the outbound message; selectively re-direct the outbound message using said analyser to a third party destination instead of the originally intended recipient responsive to said policy data; determine whether an address of the recipient of the outbound message is associated with a sender of the outbound message, by; determining whether the address of the recipient contains one of a predetermined list of domain names; and determining whether the address of the recipient contains at least one of a surname, first name, or initials of the sender of the outbound message; and re-direct the outbound message to the third party in response to determining that the address of the recipient of the outbound message is associated with the sender of the outbound message. - View Dependent Claims (86, 87, 88, 89, 90, 91, 92, 93, 94, 95)
-
96. An information management system comprising:
-
a plurality of workstations adapted for connection to a computer network, each workstation having a memory; an application stored in said memory of each workstation configured to transmit an outbound message to said network for delivery to an intended recipient; policy data containing rules for determining one or more particulars of the outbound message, and for controlling the transmission of said outbound message in dependence on those particulars; and an analyser integrated into the application, said analyser configured to; utilize said policy data to determine one or more particulars of the outbound message before transmission of the outbound message by the application; selectively re-direct the outbound message to a third party instead of the originally intended recipient responsive to said policy data wherein the policy data is centrally defined for the plurality of workstations; re-direct the outbound message to said third party in response to determining that the message or attachments to the message are to be encrypted before transmission; prevent the outbound message from being encrypted prior to re-directing the outbound message; and re-direct the unencrypted outbound message and its original encryption key to the third party to allow the third party to approve or deny transmission of the message.
-
-
97. An information management system comprising:
-
a plurality of workstations adapted for connection to a computer network, each workstation having a memory; application means, stored in said memory of each workstation, for transmitting an outbound message to said network for delivery to an intended recipient; policy storage means for storing policy data containing rules for determining one or more particulars of the outbound message, said rules being for controlling the transmission of said outbound message in dependence on those particulars; and analysing means, integrated into the application means, for; determining, utilizing said policy data, one or more particulars of the outbound message before transmission of the outbound message by the application; selectively re-directing the outbound message to a third party instead of the originally intended recipient responsive to said policy data wherein the policy data is centrally defined for the plurality of workstations; re-directing the outbound message to said third party in response to determining that the message or attachments to the message are to be encrypted before transmission; preventing the outbound message from being encrypted prior to re-directing the outbound message; and re-directing the unencrypted outbound message and its original encryption key to the third party to allow the third party to approve or deny transmission of the message.
-
-
98. A method of managing information comprising the steps of:
-
providing a plurality of workstations adapted for connection to a computer network, each providing an application stored in said memory of each workstation for transmitting an outbound message to said network for delivery to an intended recipient; providing policy data containing rules for determining one or more particulars of the outbound message, and for controlling the transmission of said outbound message in dependence on those particulars wherein the policy data is centrally defined for the plurality of workstations; analysing said outbound message before transmission of the outbound message by the application, using said application to determine, in conjunction with said policy data, said one or more particulars; selectively re-directing the outbound message to a third party instead of the originally intended recipient in dependence on said one or more particulars; re-directing the outbound message to said third party in response to determining that the message or attachments to the message are to be encrypted before transmission; preventing the outbound message from being encrypted prior to re-directing the outbound message; and re-directing the unencrypted outbound message and its original encryption key to the third party to allow the third party to approve or deny transmission of the message.
-
-
99. A computer software product, for controlling a computer to manage information, said computer being connected to a network and having access to policy data containing rules for controlling transmission of outbound data to the network, comprising a recording medium readable by the computer, having program code recorded thereon which when executed on said computer configures the computer to:
-
analyse, with an application running on said computer that transmits outbound messages to said network and receives inbound messages from said network, an outbound message to determine in conjunction with said rules of said policy data one or more particulars of said outbound message, wherein the analysing is performed before transmission of said outbound message by the application, and wherein the policy data is centrally defined for a plurality of computers including said computer; selectively re-direct said outbound message to a third party instead of the originally intended recipient in dependence on said one or more particulars; re-direct the outbound message to said third party in response to determining that the message or attachments to the message are to be encrypted before transmission; prevent the outbound message from being encrypted prior to re-directing the outbound message; and re-direct the unencrypted outbound message and its original encryption key to the third party to allow the third party to approve or deny transmission of the message.
-
-
100. An information management system comprising:
-
a plurality of computer workstations adapted for connection to a computer network, each computer workstation having a memory, each computer workstation storing an application in said memory including instructions executed by said workstation, the workstation configured to; transmit an outbound message to said network for delivery to an intended recipient; utilize policy data containing rules to determine the one or more particulars of the outbound message using an analyser integrated into the application before transmission of the outbound message by the application, wherein the policy data is centrally defined for the plurality of workstations; control the transmission of said outbound message in dependence on the particulars of the outbound message; selectively re-direct the outbound message using said analyser to a third party destination instead of the originally intended recipient responsive to said policy data; re-direct the outbound message to said third party in response to determining that the message or attachments to the message are to be encrypted before transmission; prevent the outbound message from being encrypted prior to re-directing the outbound message; and re-direct the unencrypted outbound message and its original encryption key to the third party to allow the third party to approve or deny transmission of the message.
-
Specification