Policy enforcement in a secure data file delivery system
First Claim
1. A method comprising:
- in a secure interactive session between a client sender associated with an enterprise and a web server accessible to the client sender via a public internet, receiving data specifying one or more recipients, a subject and message data, and identifying one or more data files for inclusion in a package submitted for delivery to the specified one or more recipients;
evaluating at least one of the message data and the one or more data files for violation of a sender policy framework specified and configurable by a policy authority with which the client sender is associated;
detecting, based on the evaluating, that a violation of the sender policy framework has occurred in association with the package;
after detection of the violation, allowing the client sender to, during the secure interactive session, modify at least one of the message data and one or more data files and resubmit the package for delivery; and
effectuating delivery of the package at least in part by sending a notification message to each of the specified one or more recipients, the notification message containing a private universal resource locator (private URL), and the package being securely retrievable by the respective recipient via the private URL and not violative of the sender policy framework.
2 Assignments
0 Petitions
Accused Products
Abstract
A server interacts with a sender to form a package which can include one or more attached data files to be sent to one or more recipients, and the server applies a policy established by a policy authority of the sender to the package. Since the server both forms the package through interaction with the sender and applies the policy, violations of the policy by the package can be brought to the sender'"'"'s attention during an interactive session with the sender and before encryption of all or part of the package. As a result, the sender is educated regarding the policy of the sender'"'"'s policy authority, and the sender can modify the package immediately to comport with the policy. The server delivers the package to intended recipients by sending notification to each recipient and including package identification data, e.g., a URL by which the package can be retrieved.
17 Citations
22 Claims
-
1. A method comprising:
-
in a secure interactive session between a client sender associated with an enterprise and a web server accessible to the client sender via a public internet, receiving data specifying one or more recipients, a subject and message data, and identifying one or more data files for inclusion in a package submitted for delivery to the specified one or more recipients; evaluating at least one of the message data and the one or more data files for violation of a sender policy framework specified and configurable by a policy authority with which the client sender is associated; detecting, based on the evaluating, that a violation of the sender policy framework has occurred in association with the package; after detection of the violation, allowing the client sender to, during the secure interactive session, modify at least one of the message data and one or more data files and resubmit the package for delivery; and effectuating delivery of the package at least in part by sending a notification message to each of the specified one or more recipients, the notification message containing a private universal resource locator (private URL), and the package being securely retrievable by the respective recipient via the private URL and not violative of the sender policy framework. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer program product encoded in one or more media, the computer program product including codes executable on one or more processors of a service platform to cause the service platform to perform a method including:
-
in a secure interactive session between a client sender associated with an enterprise and a web server accessible to the client sender via a public internet, receiving data specifying one or more recipients, a subject and message data, and identifying one or more data files for inclusion in a package submitted for delivery to the specified one or more recipients; evaluating at least one of the message data and the one or more data files for violation of a sender policy framework specified and configurable by a policy authority with which the client sender is associated; detecting, based on the evaluating, that a violation of the sender policy framework has occurred in association with the package; after detection of the violation, allowing the client sender to, during the secure interactive session, modify at least one of the message data and one or more data files and resubmit the package for delivery; and effectuating delivery of the package at least in part by sending a notification message to each of the specified one or more recipients, the notification message containing a private universal resource locator (private URL), and the package being securely retrievable by the respective recipient via the private URL and not violative of the sender policy framework. - View Dependent Claims (18, 19)
-
-
20. A secure file transfer service platform comprising:
-
a package manager implemented as code executable by at least one hardware processor of the service platform and accessible to at least some remote users thereof via a public network, the package manager providing human ones of the remote users with an interactive package creation user interface by which the human ones of the remote users may specify, as a package sender, one or more recipients, a subject and message data, and by which one or more data files may be specified for inclusion in the package for delivery to the specified one or more recipients; a policy manager implemented as code executable on one or more servers of the service platform to enforce, relative to packages interactively created by the package senders, information security policies established by policy authorities of an enterprise with which a particular package sender is associated, the policy manager supplying the package manager with indications of policy violations and thereby allowing the human ones of the remote users, in the course of an interactive package creation and submission session, to modify at least one of the message data and the one or more data files to correct policy violations in the package and resubmit the package for the delivery; and a delivery manager implemented as code executable on one or more servers of the service platform to facilitate delivery of submitted packages not violative of the information security policies established by a policy authority of an enterprise with which a particular package sender is associated, the delivery manager sending to each of the one or more recipients a notification message containing a private universal resource locator (private URL), and the package being securely retrievable by the respective recipient via the private URL and not violative of the sender policy framework. - View Dependent Claims (21, 22)
-
Specification