Secure electronic mail system

US 9,497,158 B2
Filed: 12/20/2013
Issued: 11/15/2016
Est. Priority Date: 07/01/2005
Status: Active Grant

First Claim

Patent Images

1. A secure email system comprising:

a server system that implements a secure e-mail service; and

a sender computing device;

wherein the secure email system is configured to;

intercept an e-mail message on the sender computing device when the e-mail message is composed and sent by a sender on the sender computing device;

send the intercepted e-mail message in unencrypted form over a secure channel to the server system;

receive the e-mail message in unencrypted form at the server system, the e-mail message being from the sender, the sender having an account with the secure e-mail service, and being addressed to a recipient that does not have an account with the secure e-mail service;

store the e-mail message in encrypted form on the server system;

generate, or cause a generation of, an introductory message after receiving of the e-mail message at the server system;

send the introductory message from the server system to the sender computing device;

transmit, or cause a transmission of, the introductory message from the sender computing device to the recipient in unencrypted form via an SMTP protocol, said introductory message lacking at least some message content of the e-mail message, and including a link to a web client interface that provides functionality to authenticate the recipient and to securely retrieve the e-mail message from the server system and further including a message access key including a message identifier identifying the e-mail message and a service host identifier indicating to the recipient a network accessible address of the server system at which the e-mail message is stored, wherein the message access key does not serve as an encryption or decryption key;

upon access of the introductory message by the recipient, programmatically receive recipient data including the message access key and a recipient e-mail address from the recipient;

register the recipient with the secure e-mail service by validating the message access key and the recipient e-mail address; and

transmit the e-mail message in unencrypted form to the recipient via a secure communications protocol, based on the recipient data.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An e-mail system is disclosed that overcomes many deficiencies of, but is backward compatible with, existing e-mail systems. Embodiments of the system may include various features, including but not limited to: (1) secure transfer of e-mail messages, without the need for users to replace existing e-mail clients or to change e-mail addresses; (2) tracking of all actions performed in connection with an e-mail transmission; (3) the ability for a recipient to view information about an e-mail message, optionally including information about how other addressees have responded to it, before deciding whether to retrieve the e-mail message; (4) the aggregation of entire e-mail conversations into a single threaded view; (5) the ability to include both private and public messages in a single e-mail communication; (6) sender control over downstream actions performed in connection with an e-mail message; (7) flexible control over cryptographic methods used to encrypt emails messages for storage.

132 Citations

22 Claims

1. A secure email system comprising:
- a server system that implements a secure e-mail service; and
  
  a sender computing device;
  
  wherein the secure email system is configured to;
  
  intercept an e-mail message on the sender computing device when the e-mail message is composed and sent by a sender on the sender computing device;
  
  send the intercepted e-mail message in unencrypted form over a secure channel to the server system;
  
  receive the e-mail message in unencrypted form at the server system, the e-mail message being from the sender, the sender having an account with the secure e-mail service, and being addressed to a recipient that does not have an account with the secure e-mail service;
  
  store the e-mail message in encrypted form on the server system;
  
  generate, or cause a generation of, an introductory message after receiving of the e-mail message at the server system;
  
  send the introductory message from the server system to the sender computing device;
  
  transmit, or cause a transmission of, the introductory message from the sender computing device to the recipient in unencrypted form via an SMTP protocol, said introductory message lacking at least some message content of the e-mail message, and including a link to a web client interface that provides functionality to authenticate the recipient and to securely retrieve the e-mail message from the server system and further including a message access key including a message identifier identifying the e-mail message and a service host identifier indicating to the recipient a network accessible address of the server system at which the e-mail message is stored, wherein the message access key does not serve as an encryption or decryption key;
  
  upon access of the introductory message by the recipient, programmatically receive recipient data including the message access key and a recipient e-mail address from the recipient;
  
  register the recipient with the secure e-mail service by validating the message access key and the recipient e-mail address; and
  
  transmit the e-mail message in unencrypted form to the recipient via a secure communications protocol, based on the recipient data.
- View Dependent Claims (2, 3)
- - 2. The secure email system of claim 1, wherein the link to the web client interface points to a web site that provides functionality for accessing the e-mail message via a web-based interface.
  - 3. The secure email system of claim 1, where the receiving includes receiving the e-mail message from the sender via an e-mail client plug-in running on the sender computing device, and where the transmitting of the e-mail message in unencrypted form to the recipient occurs after the transmitting of the introductory message.

4. A secure email system comprising:
- a server system which provides a secure e-mail service;
  
  a sender computing device running an e-mail client; and
  
  a recipient computing device associated with a recipient e-mail address of a recipient;
  
  wherein the secure email system is configured to;
  
  intercept an e-mail message composed and sent by a sender via the e-mail client running on the sender computing device with an e-mail client plug-in running on the sender computing device, such that an ordinary transmission of the e-mail message to the recipient e-mail address is blocked;
  
  send the e-mail message in unencrypted form via a secure communications protocol from the sender computing device to the server system for storage thereon in encrypted form;
  
  send an introductory message in unencrypted form via an SMTP protocol from the sender computing device to the recipient computing device, said introductory message including a key for retrieving the e-mail message from the server system in unencrypted form via the secure communications protocol, the key including a message identifier identifying the e-mail message and a service host identifier indicating to the recipient a network accessible address of the server system at which the e-mail message is stored, wherein the key does not serve as an encryption or decryption key, the key being further usable with the recipient e-mail address to programmatically register the recipient with the secure e-mail service upon access of the introductory message by the recipient, wherein the introductory message lacks at least some message content of the e-mail message.
- View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 5. The secure email system of claim 4, further configured to communicate the e-mail message in unencrypted form from the sender computing device to the recipient via the secure e-mail service without using a store-and-forward model.
  - 6. The secure email system of claim 4, further configured to encrypt the e-mail message at the server system for storage thereon.
  - 7. The secure email system of claim 6, wherein the server system implements multiple different secure e-mail services from which the sender can select, at least some of which use different e-mail encryption methods than others, and wherein the step of encrypting the e-mail message at the server system comprises using an encryption method that corresponds to a secure e-mail service selected by the sender.
  - 8. The secure email system of claim 4, wherein the introductory message is a text-only message.
  - 9. The secure email system of claim 4, wherein the introductory message is initially sent from the server system to the sender computing device, and then from the sender computing device to the recipient e-mail address, such that the introductory message appears to the recipient to come from the sender.
  - 10. The secure email system of claim 4, wherein the introductory message further includes an Internet address for downloading an e-mail client plug-in that provides functionality for the recipient to retrieve the e-mail message from the server system.
  - 11. The secure email system of claim 4, wherein the introductory message further includes a link to a web client interface that provides functionality for authenticating the recipient based on recipient data and for retrieving the e-mail message in unencrypted form via the secure communications protocol from the server system based on the authentication of the recipient.
  - 12. The secure email system of claim 4, wherein the e-mail message is sent in unencrypted form from the sender computing device to the server system without use of an SMTP protocol.
  - 13. The secure email system of claim 4, further configured to send, via the e-mail client plug-in, authentication information from the sender computing device to the server system to enable the server system to authenticate the sender computing device prior to receiving the e-mail message.
  - 14. The secure email system of claim 13, wherein the authentication information is sent from the sender computing device to the server system using the secure communications protocol.
  - 15. The secure email system of claim 14, wherein the secure communications protocol is an HTTPS protocol.
  - 16. The secure email system of claim 4, further configured to, on the recipient computing device, use the key to retrieve additional information about the e-mail message from the server system prior to retrieving the e-mail message.
  - 17. The secure email system of claim 16, wherein the additional information about the e-mail message includes information about how one or more recipients of the e-mail message have rated the e-mail message.
  - 18. The secure email system of claim 16, wherein the additional information about the e-mail message includes a result of at least one virus scan of the e-mail message.
  - 19. The secure email system of claim 4, wherein the step of sending the introductory message to the recipient computing device associated with the recipient e-mail address is performed by the sender computing system via execution of the e-mail client plug-in.
  - 20. The secure email system of claim 4, wherein the step of sending the introductory message to the recipient computing device associated with the recipient e-mail address is performed by the server system.
  - 21. The secure email system of claim 4, further configured to receive, at said server system, a termination request sent from the sender computing device, and in response to the termination request, block the recipient from forwarding or replying to the e-mail message, but continue to provide the recipient access to the e-mail message.
  - 22. The secure email system of claim 4, further configured to, after the recipient has retrieved the e-mail message (“
    - parent e-mail message”
      
      ) from the server system, and has forwarded the parent e-mail message to a second recipient to generate a child e-mail message;
      
      (a) receive a request from the sender to terminate an e-mail conversation associated with the parent e-mail message, (b) in response to the request, block the recipient from forwarding and replying to the parent e-mail message, and (c) block the second recipient from forwarding and replying to the child e-mail message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Appriver Canada, ULC (Open Text Corporation)
Original Assignee
Cirius Messaging Inc. (Open Text Corporation)
Inventors
LeVasseur, Thierry, Astudillo, Esteban, McLean, Matt
Primary Examiner(s)
Tiv, Backhean

Application Number

US14/135,885
Publication Number

US 20140115084A1
Time in Patent Office

1,061 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/60   Protecting data

G06F 21/602   Providing cryptographic fac...

G06Q 10/107   Computer-aided management o...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 2209/68   Special signature format, e...

H04L 2209/80   Wireless network architectu...

H04L 51/00   User-to-user messaging in p...

H04L 51/02   using automatic reactions o...

H04L 51/18   Commands or executable codes

H04L 51/212   using filtering or selectiv...

H04L 51/214   using selective forwarding

H04L 51/234   for tracking messages

H04L 51/42   Mailbox-related aspects, e....

H04L 51/56   Unified messaging, e.g. int...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/12   Applying verification of th...

H04L 63/123   received data contents, e.g...

H04L 63/126   the source of the received ...

H04L 63/145 : the attack involving the pr...

H04L 63/168 : above the transport layer

H04L 63/306 : intercepting packet switche...

H04L 67/02 : based on web technology, e....

H04L 9/3213 : using tickets or tokens, e....

H04L 9/3247 : involving digital signatures

H04L 9/3263 : involving certificates, e.g...

View All

Secure electronic mail system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

132 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Secure electronic mail system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

132 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links