Transport Pipeline Decryption for Content-Scanning Agents

US 20100313016A1
Filed: 06/04/2009
Published: 12/09/2010
Est. Priority Date: 06/04/2009
Status: Abandoned Application

First Claim

Patent Images

1. A method for providing pipeline decryption, the method comprising:

receiving an encrypted message;

decrypting the encrypted message by a server; and

providing access to the decrypted message to at least one pipeline agent.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Transport pipeline decryption may be provided. Consistent with embodiments of the invention, a protected message may be received and decrypted. The decrypted message may be provided to pipeline agents, such as anti-virus, anti-spam, journaling, and/or policy enforcement agents. The message may then be re-encrypted and delivered.

69 Citations

View as Search Results

20 Claims

1. A method for providing pipeline decryption, the method comprising:
- receiving an encrypted message;
  
  decrypting the encrypted message by a server; and
  
  providing access to the decrypted message to at least one pipeline agent.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, further comprising:
    - determining whether the server is operable to re-encrypt the decrypted message; and
      
      in response to determining that the server is operable to re-encrypt the decrypted message, re-encrypting the message.
  - 3. The method of claim 2, further comprising:
    - in response to determining that the server is not operable to re-encrypt the decrypted message, discarding the message.
  - 4. The method of claim 3, further comprising:
    - in response to determining that the server is not operable to re-encrypt the decrypted message, notifying a sender of the message that the message was not delivered.
  - 5. The method of claim 1, further comprising:
    - prior to decrypting the encrypted message, determining whether the receiving organization is authorized to decrypt the message for the at least one pipeline agent.
  - 6. The method of claim 3, wherein determining whether the receiving organization is authorized to decrypt the message for the at least one pipeline agent comprises determining whether a permission setting associated with the encrypted message authorizes an organization associated with the server to decrypt the message.
  - 7. The method of claim 6, further comprising determining, by a sender of the message, whether a receiving organization not authorized to decrypt the encrypted message has attempted to decrypt the encrypted message.
  - 8. The method of claim 1, wherein the server is associated with a sender of the encrypted message.
  - 9. The method of claim 1, wherein the server is associated with a recipient of the encrypted message.
  - 10. The method of claim 1, further comprising retrieving a decryption key associated with the protected message from an authorization server associated with a sender of the message.
  - 11. The method of claim 10, further comprising:
    - saving the decryption key associated with the protected message with the decrypted message; and
      
      re-encrypting the decrypted message using the saved decryption key.
  - 12. The method of claim 1, further comprising:
    - saving the encrypted message with the decrypted message; and
      
      delivering the encrypted message as originally received to at least one recipient.
  - 13. The method of claim 1, further comprising storing an archive version of the encrypted message and the decrypted message.

14. A computer-readable medium which stores a set of instructions which when executed performs a method for providing transport pipeline decryption, the method executed by the set of instructions comprising:
- receiving a protected message;
  
  decrypting the protected message;
  
  providing access to the protected message to at least one message agent;
  
  re-encrypting the decrypted message; and
  
  delivering the re-encrypted message.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The computer-readable medium of claim 14, further comprising stamping the re-encrypted message with at least one property indicating that the message has been provided to the at least one message agent.
  - 16. The computer-readable medium of claim 14, wherein the at least one message agent comprises at least one of the following:
    - an anti-virus agent, a journaling agent, a policy agent, and a spam filter agent.
  - 17. The computer-readable medium of claim 14, further comprising providing write access to the decrypted message to the at least one message agent.
  - 18. The computer-readable medium of claim 14, further comprising receiving a registration from the at least one message agent.
  - 19. The computer-readable medium of claim 14, further comprising:
    - determining whether the protected message comprises at least one property authorizing pipeline decryption prior to delivery to a receiving user; and
      
      in response to determining that the protected message does not comprise the at least one property authorizing pipeline decryption prior to delivery to a receiving user, delivering the protected message to the receiving user without decrypting the protected message.

20. A system for providing transport pipeline decryption, the system comprising:
- a memory storage; and
  
  a processing unit coupled to the memory storage, wherein the processing unit is operative to;
  
  receive an encrypted message,determine whether the protected message comprises at least one property authorizing pipeline decryption prior to delivery to a receiving user,in response to determining that the protected message comprises at least one property authorizing pipeline decryption prior to delivery to a receiving user;
  
  retrieve a decryption key associated with the encrypted message from an authorization server associated with a sender of the encrypted message,decrypt the encrypted message, wherein the system is associated with at least one of the following;
  
  a sending organization and a receiving organization,save the decryption key with the decrypted message,provide read access and write access to the encrypted message and the decrypted message to at least one pipeline agent, wherein the at least one pipeline agent comprises at least one of the following;
  
  an anti-virus agent, a journaling agent, a policy agent, and a spam filter agent;
  
  determine whether the system is operable to re-encrypt the decrypted message, andin response to determining that the server is operable to re-encrypt the decrypted message;
  
  re-encrypt the message with the saved decryption key,send the re-encrypted message to at least one recipient,save an archive copy of the decrypted message and the encrypted message, andadd at least one property field to the re-encrypted message, wherein the at least one property field identifies the re-encrypted message as having been provided to the at least one pipeline agent by the server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Boctor, Victor, Chow, Danny Tin-Van, Zhang, Hao, Yarmolenko, Vladimir, Zhong, Yuhui, Kostal, Gregory, Karamfilov, Krassimir E., Byrum, Frank D., Mehta, Mayank, Jain, Chandresh K., Chung, Charlie R., Kamat, Pankaj M., Fulay, Amit K., Patel, Tejas D., Koman, Ayse Yesim

Application Number

US12/478,608
Publication Number

US 20100313016A1
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06F 21/56   Computer malware detection ...

G06F 21/57   Certifying or maintaining t...

H04L 51/212   using filtering or selectiv...

H04L 63/0464   using hop-by-hop encryption...

H04L 63/145   the attack involving the pr...

Transport Pipeline Decryption for Content-Scanning Agents

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

69 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Transport Pipeline Decryption for Content-Scanning Agents

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

69 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links