Systems and methods for controlling email access

US 9,325,713 B2
Filed: 05/07/2014
Issued: 04/26/2016
Est. Priority Date: 12/06/2012
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable medium embodying a program executable in at least one computing device comprising at least one hardware processor, the program comprising code that, when executed by the at least one computing device, causes the at least one computing device to:

access an email resource requested by a client device from at least one email service;

identify a resource rule specifying a condition for which the client device is authorized to access the email resource, the resource rule being identified based at least in part on a device state of the client device;

determine whether the email resource satisfies the resource rule based at least in part on a stringency level associated with the resource rule, the stringency level being increased or reduced based at least in part on the device state;

responsive to the email resource failing to satisfy the resource rule, modify the email resource causing the email resource to satisfy the resource rule; and

responsive to the email resource, as modified, satisfying the resource rule, authorize the client device to access the email resource.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the disclosure relate to proxying at least one email resource from at least one email service to at least one client device, identifying at least one resource rule associated with the email resources, and adding at least one URL to the email resources in accordance with the resource rules.

213 Citations

31 Claims

1. A non-transitory computer-readable medium embodying a program executable in at least one computing device comprising at least one hardware processor, the program comprising code that, when executed by the at least one computing device, causes the at least one computing device to:
- access an email resource requested by a client device from at least one email service;
  
  identify a resource rule specifying a condition for which the client device is authorized to access the email resource, the resource rule being identified based at least in part on a device state of the client device;
  
  determine whether the email resource satisfies the resource rule based at least in part on a stringency level associated with the resource rule, the stringency level being increased or reduced based at least in part on the device state;
  
  responsive to the email resource failing to satisfy the resource rule, modify the email resource causing the email resource to satisfy the resource rule; and
  
  responsive to the email resource, as modified, satisfying the resource rule, authorize the client device to access the email resource.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The non-transitory computer-readable medium of claim 1, wherein the code that modifies the email resource to satisfy the resource rule further comprises code that formats the email resource from a current format of the email resource into hypertext markup language (HTML) format, rich text format, or plain text format.
  - 3. The non-transitory computer-readable medium of claim 1, wherein the code that modifies the email resource to satisfy the resource rule further comprises code that encodes the email resource using advanced encryption standard (AES) or data encryption standard (DES).
  - 4. The non-transitory computer-readable medium of claim 1, wherein the code that modifies the email resource to satisfy the resource rule further comprises code that configures the email resource to be exclusively accessible via at least one secure container application executable by the client device.
  - 5. The non-transitory computer-readable medium of claim 1, wherein the code that modifies the email resource to satisfy the resource rule further comprises code that:
    - removes an attachment associated with the email resource;
      
      encrypts the attachment based at least in part on a cryptographic key; and
      
      makes the attachment as encrypted available via a client application executable by the client device.
  - 6. The non-transitory computer-readable medium of claim 1, wherein the code that modifies the email resource to satisfy the resource rule further comprises code that removes a digital image from a body of the email resource and attaches the digital image as an attachment to the email resource.
  - 7. The non-transitory computer-readable medium of claim 1, wherein the code that modifies the email resource to satisfy the resource rule further comprises code that:
    - flags the email resource as having been modified; and
      
      attaches an indication to the email resource that provides information associated with a modification of the email resource.
  - 8. The non-transitory computer-readable medium of claim 1, wherein the code that authorizes the client device to access the email resource further comprises code that:
    - transmits the email resource to the client device responsive to modifying the email resource to satisfy the resource rule;
      
      makes the email resource available for a download by the client device;
      
      ortransmits the email resource to the client device upon receiving a request to download the email resource from the client device.
  - 9. The non-transitory computer-readable medium of claim 1, wherein the device state further comprises information associated with a current time associated with the client device, at least one network accessible by the client device, or at least one network beacon accessible by the client device.
  - 10. The non-transitory computer-readable medium of claim 1, wherein the device state further comprises information associated with a hardware feature of the client device, a software feature of the client device, or an application accessible by the client device.
  - 11. The non-transitory computer-readable medium of claim 1, wherein the resource rule further comprises a variably stringent resource rule, wherein a stringency of the variably stringent resource rule is based at least in part on the device state associated with the client device.

12. A system, comprising:
- a first computing device comprising at least one hardware processor; and
  
  program code executed in the first computing device that causes the first computing device to at least;
  
  proxy a second computing device to access an email resource requested by a client device from an email service;
  
  identify a resource rule specifying a condition for which the client device is authorized to access the email resource, the resource rule being identified based at least in part on a device state associated with the client device;
  
  determine whether the email resource satisfies the resource rule based at least in part on a stringency level associated with the resource rule, the stringency level being increased or reduced based at least in part on the device state;
  
  responsive to the email resource failing to satisfy the resource rule, modify the email resource to satisfy the resource rule; and
  
  responsive to the email resource satisfying the resource rule, authorize the client device to access the email resource.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 13. The system of claim 12, wherein the program code that causes the first computing device to modify the email resource to satisfy the resource rule further comprises program code that causes the first computing device to add at least one uniform resource locator (URL) to the email resource responsive to the at least one URL being required by the resource rule.
  - 14. The system of claim 12, wherein the program code that causes the first computing device to modify the email resource to satisfy the resource rule further comprises program code that causes the first computing device to encode the email resource using advanced encryption standard (AES) or data encryption standard (DES).
  - 15. The system of claim 12, wherein the program code that causes the first computing device to modify the email resource to satisfy the resource rule further comprises program code that causes the first computing device to configure the email resource to be exclusively accessible via at least one secure container application executable by the client device.
  - 16. The system of claim 12, wherein the program code that causes the first computing device to modify the email resource to satisfy the resource rule further comprises program code that causes the first computing device to at least:
    - remove an attachment associated with the email resource;
      
      encrypt the attachment based at least in part on a cryptographic key; and
      
      make the attachment as encrypted available via a client application executable by the client device.
  - 17. The system of claim 12, wherein the program code that causes the first computing device to modify the email resource to satisfy the resource rule further comprises program code that causes the first computing device to remove a digital image from a body of the email resource and attaches the digital image as an attachment to the email resource.
  - 18. The system of claim 12, wherein the program code that causes the first computing device to modify the email resource to satisfy the resource rule further comprises program code that causes the first computing device to at least:
    - flag the email resource as having been modified; and
      
      attach an indication to the email resource that provides information associated with a modification of the email resource.
  - 19. The system of claim 12, wherein the device state further comprises information associated with a current time associated with the client device, at least one network accessible by the client device, or at least one network beacon accessible by the client device.
  - 20. The system of claim 12, wherein the device state further comprises information associated with a hardware feature of the client device, a software feature of the client device, or an application accessible by the client device.
  - 21. The system of claim 12, wherein the resource rule further comprises a variably stringent resource rule, wherein a stringency of the variably stringent resource rule is based at least in part on the device state associated with the client device.

22. A method, comprising:
- accessing, by a first computing device comprising at least one hardware processor, an email resource from a second computing device, the email resource being requested by a client device from an email service;
  
  identifying, by the first computing device, a resource rule specifying a condition for which the client device is authorized to access the email resource, the resource rule being identified based at least in part on a device state associated with the client device;
  
  determining, by the first computing device, whether the email resource satisfies the resource rule based at least in part on a stringency level associated with the resource rule, the stringency level being increased or reduced based at least in part on the device state;
  
  responsive to the email resource failing to satisfy the resource rule, modifying, by the first computing device, the email resource to satisfy the resource rule; and
  
  responsive to the email resource satisfying the resource rule, authorizing, by the first computing device, the client device to access the email resource.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 23. The method of claim 22, wherein modifying the email resource to satisfy the resource rule further comprises adding, by the first computing device, at least one uniform resource locator (URL) to the email resource responsive to the at least one URL being required by the resource rule.
  - 24. The method of claim 22, wherein modifying the email resource to satisfy the resource rule further comprises encoding, by the first computing device, the email resource using advanced encryption standard (AES) or data encryption standard (DES).
  - 25. The method of claim 22, wherein modifying the email resource to satisfy the resource rule further comprises configuring, by the first computing device, the email resource to be exclusively accessible via at least one secure container application executable by the client device.
  - 26. The method of claim 22, wherein modifying the email resource to satisfy the resource rule further comprises:
    - removing, by the first computing device, an attachment associated with the email resource;
      
      encrypting, by the first computing device, the attachment based at least in part on a cryptographic key; and
      
      making, by the first computing device, the attachment as encrypted available via a client application executable by the client device.
  - 27. The method of claim 22, wherein modifying the email resource to satisfy the resource rule further comprises removing, by the first computing device, a digital image from a body of the email resource and attaching, by the first computing device, the digital image as an attachment to the email resource.
  - 28. The method of claim 22, wherein modifying the email resource to satisfy the resource rule further comprises:
    - flagging, by the first computing device, the email resource as having been modified; and
      
      attaching, by the first computing device, an indication to the email resource that provides information associated with a modification of the email resource.
  - 29. The method of claim 22, wherein the device state further comprises information associated with a current time associated with the client device, at least one network accessible by the client device, or at least one network beacon accessible by the client device.
  - 30. The method of claim 22, wherein the device state further comprises information associated with a hardware feature of the client device, a software feature of the client device, or an application accessible by the client device.
  - 31. The method of claim 22, wherein the resource rule further comprises a variably stringent resource rule, wherein a stringency of the variably stringent resource rule is based at least in part on the device state associated with the client device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AirWatch LLC (Broadcom, Inc.)
Original Assignee
AirWatch LLC (Broadcom, Inc.)
Inventors
Stuntebeck, Erich, Dabbiere, David
Primary Examiner(s)
NGUYEN, TU T

Application Number

US14/272,224
Publication Number

US 20140245381A1
Time in Patent Office

720 Days
Field of Search

726/1
US Class Current

1/1
CPC Class Codes

H04L 63/10   for controlling access to d...

H04L 63/102   Entity profiles

H04L 63/20   for managing network securi...

Systems and methods for controlling email access

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

213 Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for controlling email access

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

213 Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links