Automated provisioning of a network appliance

US 9,363,088 B2
Filed: 07/22/2010
Issued: 06/07/2016
Est. Priority Date: 07/22/2010
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving an indication of a domain name;

receiving a public key;

encrypting a secret message using the public key;

generating an electronic message, comprising;

generating a random electronic message address at the domain name; and

generating a body of the electronic message that includes the encrypted secret message;

sending the electronic message to an appliance via an outgoing mail server;

in response to sending the electronic message, receiving the secret message from the appliance, wherein the secret message received from the appliance has been decrypted by the appliance using the private key;

in response to a determination that the secret message as decrypted by the appliance matches the secret message sent in the electronic message, generating, activating, and/or issuing a certificate that indicates provisioning of the domain name for encryption services.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Network communication and provisioning systems and methods are provided to enable automatic provisioning of an appliance to provide encryption services for email messages and other types of electronic messages addressed to or from an email domain.

42 Citations

View as Search Results

22 Claims

1. A method, comprising:
- receiving an indication of a domain name;
  
  receiving a public key;
  
  encrypting a secret message using the public key;
  
  generating an electronic message, comprising;
  
  generating a random electronic message address at the domain name; and
  
  generating a body of the electronic message that includes the encrypted secret message;
  
  sending the electronic message to an appliance via an outgoing mail server;
  
  in response to sending the electronic message, receiving the secret message from the appliance, wherein the secret message received from the appliance has been decrypted by the appliance using the private key;
  
  in response to a determination that the secret message as decrypted by the appliance matches the secret message sent in the electronic message, generating, activating, and/or issuing a certificate that indicates provisioning of the domain name for encryption services.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the decrypted message is received within a predetermined period of time.
  - 3. The method of claim 1, further comprising provisioning encryption services for the appliance for the domain name.
  - 4. The method of claim 1, further comprising denying a subsequent attempt to authenticate the domain name as being associated with at least one of the appliance and another appliance.
  - 5. The method of claim 1 further comprising:
    - waiting for the secret message to be returned as decrypted by an appliance associated with the domain name; and
      
      determining that a predetermined period of time has elapsed without the secret message being delivered as decrypted.
  - 6. The method of claim 5 further comprising resending the electronic message.
  - 7. The method of claim 5 further comprising determining that the domain name should remain available for encryption provisioning.

8. A certificate server, comprising:
- at least one processor; and
  
  at least one storage device;
  
  the at least one processor, in conjunction with the at least one storage device, configured to cause the certificate server to;
  
  receive an indication of a domain name;
  
  receive a public key;
  
  encrypt a secret message using the public key;
  
  generate an electronic message, comprising;
  
  generate a random electronic message address at the domain name; and
  
  generate a body of the electronic message that includes the encrypted secret message;
  
  send the electronic message to an appliance via an outgoing mail server;
  
  in response to sending the electronic message, receive the secret message from the appliance, wherein the secret message received from the appliance has been decrypted by the appliance using the private key;
  
  in response to a determination that the secret message as decrypted by the appliance matches the secret message sent in the electronic message, generate, activate, and/or issue a certificate that indicates provisioning of the domain name for encryption services.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The certificate server of claim 8, wherein the decrypted message is received within a predetermined period of time.
  - 10. The certificate server of claim 8, wherein the at least one processor is further configured to provision encryption services for the appliance for the domain name.
  - 11. The certificate server of claim 8, wherein the at least one processor is further configured to deny a subsequent attempt to authenticate the domain name as being associated with at least one of the appliance and another appliance.
  - 12. The certificate server of claim 8, wherein the at least one processor is further configured to:
    - wait for the secret message to be returned as decrypted by an appliance associated with the domain name; and
      
      determine that a predetermined period of time has elapsed without the secret message being delivered as decrypted.
  - 13. The certificate server of claim 12, wherein the at least one processor is further configured to resend the electronic message.
  - 14. The certificate server of claim 12, wherein the at least one processor is further configured to determine that the domain name should remain available for encryption provisioning.

15. A method implemented by an appliance for provisioning the appliance to provide electronic message encryption, comprising:
- receiving a private key;
  
  receiving a public key;
  
  receiving an electronic message from a mail server that;
  
  is addressed to a domain delivered by the appliance; and
  
  includes an encrypted secret message;
  
  determining the electronic message includes the encrypted secret message in response to determining that the electronic message includes a predetermined set of symbols;
  
  utilizing the private key by the appliance to decrypt the encrypted secret message received in the electronic message;
  
  sending the secret message as decrypted to a certificate server;
  
  in response to sending the secret message as decrypted, receiving one or more commands to enable provisioning of the appliance to provide security services for electronic messages associated with the domain; and
  
  provisioning the appliance to provide the security services for the domain.
- View Dependent Claims (16, 17, 18)
- - 16. The method of claim 15 further comprising:
    - receiving an additional electronic message addressed to an electronic message account associated with the domain; and
      
      determining whether the additional electronic message is encrypted.
  - 17. The method of claim 16 further comprising:
    - in response to determining whether the additional electronic message is encrypted, decrypting the additional electronic message; and
      
      relaying the additional electronic message as decrypted.
  - 18. The method of claim 16 further comprising:
    - in response to determining whether the additional electronic message is unencrypted and relaying the additional electronic message.

19. An appliance, comprising:
- at least one processor; and
  
  at least one storage device;
  
  the at least one processor, in conjunction with the at least one storage device, configured to cause the appliance to;
  
  receive a private key;
  
  receive a public key;
  
  receive an electronic message from a mail server that;
  
  is addressed to a domain delivered by the appliance; and
  
  includes an encrypted secret message;
  
  determine the electronic message includes the encrypted secret message in response to determining that the electronic message includes a predetermined set of symbols;
  
  utilize the private key by the appliance to decrypt the encrypted secret message in the electronic message;
  
  send the secret message as decrypted to a certificate server;
  
  in response to sending the secret message as decrypted, receive one or more commands to enable provisioning of the appliance to provide security services for electronic messages associated with the domain; and
  
  provision the appliance to provide the security services for the domain.
- View Dependent Claims (20, 21, 22)
- - 20. The appliance of claim 19, wherein the at least one processor is further configured to cause the appliance to:
    - receive an additional electronic message addressed to an electronic message account associated with the domain; and
      
      determine whether the additional electronic message is encrypted.
  - 21. The appliance of claim 20, wherein the at least one processor is further configured to cause the appliance to:
    - decrypt the additional electronic message in response to determining whether the additional electronic message is encrypted; and
      
      relay the additional electronic message as decrypted.
  - 22. The appliance of claim 20, wherein the at least one processor is further configured to cause the appliance to:
    - relay the additional electronic message in response to determining whether the additional electronic message is unencrypted.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ZixCorp Systems, Inc. (Open Text Corporation)
Original Assignee
ZixCorp Systems, Inc. (Open Text Corporation)
Inventors
Kalan, John, Rego, Charles A.
Primary Examiner(s)
Brown, Christopher
Assistant Examiner(s)
JACKSON, JENISE E

Application Number

US12/841,822
Publication Number

US 20120023326A1
Time in Patent Office

2,147 Days
Field of Search

713/156, 713170-171
US Class Current

1/1
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/045   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0823   using certificates cryptogr...

H04L 63/0876   based on the identity of th...

H04L 9/321   involving a third party or ...

H04L 9/3263   involving certificates, e.g...

Automated provisioning of a network appliance

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

42 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Automated provisioning of a network appliance

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

42 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links