Policy enforcement in a secure data file delivery system
First Claim
1. A method for enforcing policy upon a package to be delivered from a sender to a plurality of recipients through a computer network, including:
- receiving package data which is generated by the sender;
applying, by a server, a policy to the package, wherein the policy is specified by policy data received from a policy authority of the sender, and the policy specifies a set of actions to be carried out upon satisfaction of a set of conditions, wherein one or more actions interrupts delivery of the package, logs handling of the package, or modifies the package;
responsive to a determination at the server, that the set of conditions is satisfied by one or more attributes of a first set of recipients, but not a second set of recipients, duplicating the package to provide two instances thereof;
storing the first set of recipients in a recipients field of the first instance of the package;
storing the set of actions in an action record of the first instance of the package;
storing the second set of recipients in a recipients field of the second instance of the package, wherein the action record of the second instance of the package is different from the action record of the first instance of the package;
delivering the first instance of the package to the first set of recipients, but not to the second set of recipients, upon satisfaction of the set of actions in the action record of the first instance of the package; and
delaying delivery of the second instance of the package to the second set of recipients upon, at least one action of the set of actions in the of the action record of the second instance of the package, that indicates delayed delivery to the second set of recipients.
2 Assignments
0 Petitions
Accused Products
Abstract
A server interacts with a sender to form a package which can include one or more attached data files to be sent to one or more recipients, and the server applies a policy established by a policy authority of the sender to the package. Since the server both forms the package through interaction with the sender and applies the policy, violations of the policy by the package can be brought to the sender'"'"'s attention during an interactive session with the sender and before encryption of all or part of the package. As a result, the sender is educated regarding the policy of the sender'"'"'s policy authority, and the sender can modify the package immediately to comport with the policy. The server delivers the package to intended recipients by sending a notification to each recipient and including package identification data, e.g., a URL by which the package can be retrieved.
71 Citations
17 Claims
-
1. A method for enforcing policy upon a package to be delivered from a sender to a plurality of recipients through a computer network, including:
-
receiving package data which is generated by the sender; applying, by a server, a policy to the package, wherein the policy is specified by policy data received from a policy authority of the sender, and the policy specifies a set of actions to be carried out upon satisfaction of a set of conditions, wherein one or more actions interrupts delivery of the package, logs handling of the package, or modifies the package; responsive to a determination at the server, that the set of conditions is satisfied by one or more attributes of a first set of recipients, but not a second set of recipients, duplicating the package to provide two instances thereof; storing the first set of recipients in a recipients field of the first instance of the package; storing the set of actions in an action record of the first instance of the package; storing the second set of recipients in a recipients field of the second instance of the package, wherein the action record of the second instance of the package is different from the action record of the first instance of the package; delivering the first instance of the package to the first set of recipients, but not to the second set of recipients, upon satisfaction of the set of actions in the action record of the first instance of the package; and delaying delivery of the second instance of the package to the second set of recipients upon, at least one action of the set of actions in the of the action record of the second instance of the package, that indicates delayed delivery to the second set of recipients. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer program product encoded in one or more non-transitory media, the computer program product including codes executable on one or more processors of a service platform to cause the service platform to perform a method including:
-
receiving package data which is generated by the sender; applying, by a server, a policy to the package, wherein the policy is specified by policy data received from a policy authority of the sender, and the policy specifies a set of actions to be carried out upon satisfaction of a set of conditions, wherein one or more actions interrupts delivery of the package, logs handling of the package, or modifies the package; responsive to a determination at the server, that the set of conditions is satisfied by one or more attributes of a first set of recipients, but not a second set of recipients, duplicating the package to provide two instances thereof; storing the first set of recipients in a recipients field of the first instance of the package; storing the set of actions in an action record of the first instance of the package; storing the second set of recipients in a recipients field of the second instance of the package, wherein the action record of the second instance of the package is different from the action record of the first instance of the package; delivering the first instance of the package to the first set of recipients, but not to the second set of recipients, upon satisfaction of the set of actions in the action record of the first instance of the package; and delaying delivery of the second instance of the package to the second set of recipients upon, at least one action of the set of actions in the of the action record of the second instance of the package, that indicates delayed delivery to the second set of recipients. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
Specification