Protecting content from third party using client-side security protection
First Claim
1. A system, comprising:
- one or more processing units; and
memory comprising instructions that when executed by at least some of the one or more processing units performs one or more steps, the one or more steps comprising;
determining that an untrusted message service is being used to transmit a message to a recipient;
analyzing the message using one or more rules from a rules component, wherein the one or more rules are used to generate security for the message, and wherein analyzing the message comprises;
evaluating input during composition of the message;
applying the one or more rules to the message;
monitoring for changes to the input of the message; and
when changes to the input are detected, reevaluating the input;
applying the security to the message, wherein the security prevents a body portion of the message from being exposed at the untrusted message service, and wherein the security includes attaching one or more attributes of the security to the message, and wherein the security is applied in response to a determination that the untrusted message service is being used to send the message; and
sending the message to the recipient using the untrusted message service.
2 Assignments
0 Petitions
Accused Products
Abstract
Architecture that employs encryption and storage of encryption keys to protect trusted client message content from an untrusted third-party hosted service. Each trusted user machine is configured to optionally apply security to messages. Rules determine when automatic protection is applied and the level of protection to apply. The trusted client automatically downloads the rules (or rules policies) from a trusted rules service and caches the rules locally. During composition, the rules analyze the message and automatically apply security template(s) to the message. The security template(s) encrypt the body of the message, but not the headers or subject. The untrusted message service processes the header and delivers the message to the correct recipient. The hosted service cannot view the contents of the message body, and only intended recipients of the protected message can view the message body. Offline protection is supported, and the user can override protection by the rules.
39 Citations
19 Claims
-
1. A system, comprising:
-
one or more processing units; and memory comprising instructions that when executed by at least some of the one or more processing units performs one or more steps, the one or more steps comprising; determining that an untrusted message service is being used to transmit a message to a recipient; analyzing the message using one or more rules from a rules component, wherein the one or more rules are used to generate security for the message, and wherein analyzing the message comprises; evaluating input during composition of the message; applying the one or more rules to the message; monitoring for changes to the input of the message; and when changes to the input are detected, reevaluating the input; applying the security to the message, wherein the security prevents a body portion of the message from being exposed at the untrusted message service, and wherein the security includes attaching one or more attributes of the security to the message, and wherein the security is applied in response to a determination that the untrusted message service is being used to send the message; and sending the message to the recipient using the untrusted message service. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A messaging system comprising:
-
a computing device using an untrusted message service for transmitting a message; a rules component associated with the untrusted message service, wherein the rules component is configured to analyze the message using one or more rules, wherein analyzing the message comprises; evaluating input during composition of the message; applying the one or more rules to the message; monitoring for changes to the input of the message; and when changes to the input are detected, reevaluating the input; and a security component associated with the computing device, wherein the security component is configured to apply the security to the message, wherein the security prevents a body portion of the message from being exposed at the untrusted message service when the message is transmitted, and wherein the security includes attaching one or more attributes of the security to the message, and wherein the security is applied in response to a determination that the untrusted message service is being used to send the message. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method of processing messages, the method comprising:
-
receiving, by a computing device, a message from a client to a recipient; analyzing the message using rules from a rules component, wherein the rules are used to generate security for the message, and wherein analyzing the message comprises; evaluating input during composition of the message; applying the one or more rules to the message; monitoring for changes to the input of the message; and when changes to the input are detected, reevaluating the input; applying, by the computing device, the security to the message, wherein the security prevents a body portion of the message from being exposed at the untrusted message service, and wherein the security includes attaching one or more attributes of the security to the message, and wherein the security is applied in response to a determination that the untrusted message service is being used to send the one or more messages; and sending the message to the recipient using the untrusted message service. - View Dependent Claims (16, 17, 18, 19)
-
Specification