Systems and methods for controlling email access

US 9,426,129 B2
Filed: 07/22/2014
Issued: 08/23/2016
Est. Priority Date: 12/06/2012
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, comprising code that:

accesses an email resource in transit to a client device from at least one email service, the email resource comprising an email attachment;

identifies a compliance rule associated with the email resource, the compliance rule specifying that the email resource may only be accessed if the email attachment is removed from the email resource and is encrypted with a cryptographic key accessible to a secure container application, the secure container application being configured to prohibit performing at least one of a cut function, a copy function, or a screen capture function while the email attachment is accessed;

removes the email attachment from the email resource in accordance with the compliance rule;

generates an encrypted email attachment from the email attachment using the cryptographic key accessible to the secure container application in accordance with the compliance rule; and

causes a transmission of the email resource and the encrypted email attachment to the client device.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the disclosure relate to proxying one or more email resources in transit to the client devices from the email services, removing one or more email attachments from the email resources, and encoding the stripped email attachments based at least in part on one or more cryptographic keys.

231 Citations

20 Claims

1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, comprising code that:
- accesses an email resource in transit to a client device from at least one email service, the email resource comprising an email attachment;
  
  identifies a compliance rule associated with the email resource, the compliance rule specifying that the email resource may only be accessed if the email attachment is removed from the email resource and is encrypted with a cryptographic key accessible to a secure container application, the secure container application being configured to prohibit performing at least one of a cut function, a copy function, or a screen capture function while the email attachment is accessed;
  
  removes the email attachment from the email resource in accordance with the compliance rule;
  
  generates an encrypted email attachment from the email attachment using the cryptographic key accessible to the secure container application in accordance with the compliance rule; and
  
  causes a transmission of the email resource and the encrypted email attachment to the client device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The non-transitory computer-readable medium of claim 1, wherein the encrypted email attachment is configured to be decrypted by the secure container application.
  - 3. The non-transitory computer-readable medium of claim 2, wherein the encrypted email attachment is decrypted by the secure container application using the cryptographic key.
  - 4. The non-transitory computer-readable medium of claim 1, wherein the program further comprises code that:
    - regulates access of the encrypted email attachment to the secure container application, a client side application with a native email capability, or a printing function.
  - 5. The non-transitory computer-readable medium of claim 1, wherein the program further comprises code that:
    - makes the cryptographic key available to the secure container application.
  - 6. The non-transitory computer-readable medium of claim 1, wherein the program further comprises code that:
    - encrypts the email resource using advanced encryption standard (AES) or data encryption standard (DES).
  - 7. The non-transitory computer-readable medium of claim 1, wherein the secure container application is invoked to access the encrypted email attachment when a link embedded within the email resource that is associated with the encrypted email attachment is selected.

8. A system, comprising:
- at least one computing device; and
  
  program code executed in the at least one computing device that causes the at least one computing device to at least;
  
  access an email resource in transit to a client device from at least one email service, the email resource comprising at least one email attachment;
  
  identify a compliance rule associated with the email resource, the compliance rule specifying that the email resource may only be accessed if the at least one email attachment is removed from the email resource and is encrypted with a cryptographic key accessible to a secure container application, the secure container application being configured to prohibit performing at least one of a cut function, a copy function, or a screen capture function while the at least one email attachment is accessed;
  
  remove the at least one email attachment from the email resource in accordance with the compliance rule;
  
  generate at least one encrypted email attachment from the at least one email attachment using the cryptographic key accessible to the secure container application in accordance with the compliance rule; and
  
  cause a transmission of the email resource and the at least one encrypted email attachment to a user device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the at least one encrypted email attachment is configured to be decrypted by the secure container application.
  - 10. The system of claim 9, wherein the at least one encrypted email attachment is decrypted by the secure container application using the cryptographic key.
  - 11. The system of claim 8, further comprising program code that causes the at least one computing device to:
    - regulate access of the encrypted email attachment to the secure container application, a client side application with a native email capability, or a printing function.
  - 12. The system of claim 8, further comprising program code that causes the at least one computing device to:
    - make the cryptographic key available to the secure container application.
  - 13. The system of claim 8, further comprising program code that causes the at least one computing device to:
    - encrypts the email resource using advanced encryption standard (AES) or data encryption standard (DES).
  - 14. The system of claim 8, wherein the secure container application is invoked to access the at least one encrypted email attachment when a link to the encrypted email attachment is selected.

15. A method, comprising:
- accessing, by at least one computing device, an email resource in transit to a client device from at least one email service, the email resource comprising at least one email attachment;
  
  identifying, by the at least one computing device, a compliance rule associated with the email resource, the compliance rule specifying that the email resource may only be accessed if the at least one email attachment is removed from the email resource and is encrypted with a cryptographic key accessible to a secure container application, the secure container application being configured to prohibit performing at least one of a cut function, a copy function, or a screen capture function while the at least one email attachment is accessed;
  
  removing, by the at least one computing device, the at least one email attachment from the email resource in accordance with the compliance rule;
  
  generating, by the at least one computing device, at least one encrypted email attachment from the at least one email attachment using the cryptographic key accessible to the secure container application in accordance with the compliance rule; and
  
  causing, by the at least one computing device, a transmission of the email resource and the at least one encrypted email attachment to a user device.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, wherein the at least one encrypted email attachment is configured to be decrypted by the secure container application.
  - 17. The method of claim 16, wherein the at least one encrypted email attachment is decrypted by the secure container application using the cryptographic key.
  - 18. The method of claim 15, further comprising:
    - regulating, by the at least one computing device, access of the encrypted email attachment to the secure container application, a client side application with a native email capability, or a printing function.
  - 19. The method of claim 15, further comprising:
    - making, by the at least one computing device, the cryptographic key available to the secure container application.
  - 20. The method of claim 15, wherein the secure container application is invoked to access the at least one encrypted email attachment when a link to the at least one encrypted email attachment is selected.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AirWatch LLC (Broadcom, Inc.)
Original Assignee
AirWatch LLC (Broadcom, Inc.)
Inventors
Dabbiere, Alan, Stuntebeck, Erich, Brannon, Jonathon Blake
Primary Examiner(s)
Eskandarnia, Arvin

Application Number

US14/337,338
Publication Number

US 20140331040A1
Time in Patent Office

763 Days
Field of Search

713/152
US Class Current

1/1
CPC Class Codes

H04L 51/08   Annexed information, e.g. a...

H04L 63/0281   Proxies

H04L 63/0428   wherein the data content is...

H04L 63/0435   wherein the sending and rec...

H04L 63/20   for managing network securi...

Systems and methods for controlling email access

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

231 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for controlling email access

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

231 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links