Information management system
First Claim
1. An information management system comprising:
- one or more workstations connected to a computer network, each workstation having a memory;
an application stored in said memory of each workstation for transmitting outbound messages to said network and receiving inbound messages from said network;
policy data containing rules for determining one or more particulars of the outbound message, and for controlling the transmission of said outbound message in dependence on those particulars, wherein the one or more particulars include a plurality of certificates available to sign the message, a particular one of the plurality of certificates to be used in signing the message if the message is marked for signature, and whether the message contains one or more words in a pre-determined list of keywords; and
an analyzer, said analyzer determining, in conjunction with said policy data, one or more particulars of the outbound message and selecting, based on the policy data and the one or more particulars determined, a particular action for controlling the transmission of said outbound message from a plurality of actions comprising requiring that the message be digitally signed before transmission, notifying the sender of the message that digitally signing is recommended, requiring that a digitally signed message be transmitted without signature, and notifying the sender of the message digitally signing is not recommended.
4 Assignments
0 Petitions
Accused Products
Abstract
An information management system is described comprising one or more workstations running applications which allow a user of the workstation to connect to a network, such as the Internet. Each application has an analyzer, which monitors transmission data that the application is about to transmit to the network or has just received from the network, and which determines an appropriate action to take regarding that data. The analyzer may consult policy data containing a supervisor-defined policy to govern the workstations in order to determine what action to take. Such actions may be extracting data from the transmission data, such as passwords and usernames, digital certificates or eCommerce transaction details for storage and record keeping; ensuring that the transmission data is transmitted at an encryption strength appropriate to the contents of the transmission data; determining whether a check needs to be made as to whether a digital certificate received in transmission is valid; determining whether a transaction about to be made by a user of one of the workstations needs third party approval before it is made; and controlling the transmission of messages, such as e-mails according to a policy.
34 Citations
72 Claims
-
1. An information management system comprising:
-
one or more workstations connected to a computer network, each workstation having a memory; an application stored in said memory of each workstation for transmitting outbound messages to said network and receiving inbound messages from said network; policy data containing rules for determining one or more particulars of the outbound message, and for controlling the transmission of said outbound message in dependence on those particulars, wherein the one or more particulars include a plurality of certificates available to sign the message, a particular one of the plurality of certificates to be used in signing the message if the message is marked for signature, and whether the message contains one or more words in a pre-determined list of keywords; and an analyzer, said analyzer determining, in conjunction with said policy data, one or more particulars of the outbound message and selecting, based on the policy data and the one or more particulars determined, a particular action for controlling the transmission of said outbound message from a plurality of actions comprising requiring that the message be digitally signed before transmission, notifying the sender of the message that digitally signing is recommended, requiring that a digitally signed message be transmitted without signature, and notifying the sender of the message digitally signing is not recommended. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. An information management system comprising:
-
one or more workstations connected to a computer network, each workstation having a memory; application means stored in said memory of each workstation for transmitting outbound messages to said network and receiving inbound messages from said network; policy storage means for storing data containing rules for determining one or more particulars of the outbound message, said rules being for controlling the transmission of said outbound message in dependence on those particulars, wherein the one or more particulars include a plurality of certificates available to sign the message, a particular one of the plurality of certificates to be used in signing the message if the message is marked for signature, and whether the message contains one or more words in a pre-determined list of keywords; and analyzing means, for determining, in conjunction with said policy data, one or more particulars of the outbound message and for selecting, based on the policy data and the one or more particulars determined, a particular action for controlling the transmission of said outbound message from a plurality of actions comprising requiring that the message be digitally signed before transmission, notifying the sender of the message that digitally signing is recommended, requiring that a digitally signed message be transmitted without signature; and notifying the sender of the message that not digitally signing the message is recommended. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
37. A method of managing information comprising the steps of
providing one or more workstations connected to a computer network, each workstation having a memory; -
providing an application stored in said memory of each workstation for transmitting outbound messages to said network and receiving inbound messages from said network; providing policy data containing rules for determining one or more particulars of the outbound messages, and for controlling the transmission of said outbound message in dependence on those particulars; analyzing, in conjunction with said policy data said outbound messages, to determine one or more particulars of said outbound messages, in particular, whether said outbound message is digitally signed, wherein the one or more particulars include a plurality of certificates available to sign the message, a particular one of the plurality of certificates to be used in signing the message if the message is marked for signature, and whether the message contains one or more words in a pre-determined list of keywords; and selecting, based on the policy data and the one or more particulars determined, a particular action for controlling the transmission of said outbound messages from a plurality of actions comprising requiring that the outbound message be digitally signed before transmission, requiring that the outbound message, if digitally signed, not be digitally signed;
notifying the sender of the message that digitally signing is recommended, and notifying the sender of the message that digitally signing is not recommended. - View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54)
-
-
55. A computer software product, for controlling a computer to manage information, said computer being connected to a network and having access to policy data containing rules for controlling transmission of outbound data to the network, comprising a recording medium readable by the computer, having program code recorded thereon which when executed on said computer configures the computer to:
-
analyze, in conjunction with an application running on said computer that transmits outbound messages to said network and receives inbound messages from said network, said outbound messages to determine in conjunction with said rules of said policy data one or more particulars of said outbound message, wherein the one or more particulars include a plurality of certificates available to sign the message, a particular one of the plurality of certificates to be used in signing the message if the message is marked for signature, and whether the message contains one or more words in a pre-determined list of keywords; and select, based on the policy data and the one or more particulars determined, a particular action for controlling the transmission of said outbound messages from a plurality of actions comprising requiring that the outbound message be digitally signed before transmission, requiring that a digitally signed outbound message not be digitally signed;
notifying the sender of the outbound message that digitally signing is recommended, and notifying the sender of the outbound message in the case of a digitally signed message that digitally signing is not recommended. - View Dependent Claims (56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72)
-
Specification