System and method for controlling access to an electronic message recipient

US 8,239,471 B2
Filed: 10/21/2010
Issued: 08/07/2012
Est. Priority Date: 08/09/2002
Status: Active Grant

First Claim

Patent Images

1. A method for selectively allowing or denying access to a recipient user coupled to an electronic communications network by other users coupled to the electronic communication network, said recipient user having an associated recipient identifier, comprising the steps of:

A. generating, by a security module, a plurality of proxy identifiers associated with said recipient user, each of said proxy identifiers having at least three associated security states,a first of said states being indicative of allowing any other user coupled to said electronic communication network access to said recipient user,a second of said states being indicative of denying any other user coupled to said electronic communication network access to said recipient user, anda third of said states being conditionally indicative of allowing at least one but fewer than all other users coupled to said electronic communication network access to said recipient user if predetermined criteria are met and denying access to said recipient user otherwise;

B. receiving, by a receiver, an inbound message from a sender user coupled to said electronic communication network, said inbound message including a sender identifier and said recipient identifier, said sender identifier being associated with the sender user of said inbound message, said recipient identifier derived from a proxy identifier associated with recipient user, and said recipient identifier selected by said recipient user or a sender user;

C. assigning, by the security module, said recipient identifier with the proxy identifier associated with said recipient user based on a security state set by the recipient user; and

D. processing, by the security module, said inbound message to determine a security status associated therewith using said sender identifier and said recipient identifier.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for, and method of, generating a plurality of proxy identities to a given originator identity as a means of providing controlled access to the originator identity in electronic communications media such as e-mail and instant messaging.

28 Citations

View as Search Results

20 Claims

1. A method for selectively allowing or denying access to a recipient user coupled to an electronic communications network by other users coupled to the electronic communication network, said recipient user having an associated recipient identifier, comprising the steps of:
- A. generating, by a security module, a plurality of proxy identifiers associated with said recipient user, each of said proxy identifiers having at least three associated security states,a first of said states being indicative of allowing any other user coupled to said electronic communication network access to said recipient user,a second of said states being indicative of denying any other user coupled to said electronic communication network access to said recipient user, anda third of said states being conditionally indicative of allowing at least one but fewer than all other users coupled to said electronic communication network access to said recipient user if predetermined criteria are met and denying access to said recipient user otherwise;
  
  B. receiving, by a receiver, an inbound message from a sender user coupled to said electronic communication network, said inbound message including a sender identifier and said recipient identifier, said sender identifier being associated with the sender user of said inbound message, said recipient identifier derived from a proxy identifier associated with recipient user, and said recipient identifier selected by said recipient user or a sender user;
  
  C. assigning, by the security module, said recipient identifier with the proxy identifier associated with said recipient user based on a security state set by the recipient user; and
  
  D. processing, by the security module, said inbound message to determine a security status associated therewith using said sender identifier and said recipient identifier.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising:
    - E. pursuant to said determination, controlling by a queue storage communication access, for said inbound message to said recipient user by;
      
      i. allowing communication access for said inbound message to said recipient user when said security status corresponds to said first state;
      
      ii. denying communication access for said inbound message to said recipient user when said security status corresponds to said second state;
      
      iii. allowing communication access for said inbound message to said recipient user when said security status corresponds to said third state and meets one or more of said predetermined criteria at least partially related to said security status of said one of said proxy identifiers, and denying communication access for said transferred inbound message to said recipient user otherwise.
  - 3. The method of claim 1, wherein processing said inbound message includes attempting to match said sender identifier with at least one of a plurality of identifiers associated with contacts of the recipient user.
  - 4. The method of claim 1, wherein processing said inbound message includes assigning said recipient identifier to at least one of a plurality of identifiers associated with contacts of the recipient user.
  - 5. The method of claim 1, wherein processing said inbound message includes assigning said recipient identifier to at least one contact of the recipient user.
  - 6. The method of claim 1, wherein said sender identifier is an e-mail address and said recipient identifier is an e-mail address.
  - 7. The method of claim 1, wherein the recipient identifier is valid for a predefined time period.
  - 8. The method of claim 7, wherein the recipient identifier expires after the predefined time period.
  - 9. The method of claim 1, wherein processing said inbound message includes rejecting said inbound message if the recipient identifier is not assigned to the proxy identifier.
  - 10. The method of claim 1, wherein processing said inbound message includes determining the security state associated with said sender user.
  - 11. The method of claim 1, wherein processing said inbound message includes determining if said recipient user initiated generation of a proxy identifier included in said inbound message.

12. A system for selectively allowing or denying access to a recipient user coupled to an electronic communications network by other users coupled to the electronic communication network, said recipient user having an associated recipient identifier, comprising the steps of:
- a generator for generating a plurality of proxy identifiers associated with said recipient user, each of said proxy identifiers having at least three associated security states,a first of said states being indicative of allowing any other user coupled to said electronic communication network access to said recipient user,a second of said states being indicative of denying any other user coupled to said electronic communication network access to said recipient user, anda third of said states being conditionally indicative of allowing at least one but fewer than all other users coupled to said electronic communication network access to said recipient user if predetermined criteria are met and denying access to said recipient user otherwise;
  
  a message transferor for receiving an inbound message from a sender user coupled to said electronic communication network, said inbound message including a sender identifier and said recipient identifier, said sender identifier being associated with the sender user of said inbound message, said recipient identifier derived from a proxy identifier associated with recipient user, and said recipient identifier selected by said recipient user or a sender user;
  
  a processor for;
  
  assigning said recipient identifier with the proxy identifier associated with said recipient user based on a security state set by the recipient user; and
  
  processing said inbound message to determine a security status associated therewith using said sender identifier and said recipient identifier.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The system of claim 12, further comprising:
    - E. pursuant to said determination, a gate for controlling by a queue storage communication access, for said inbound message to said recipient user by;
      
      i. allowing communication access for said inbound message to said recipient user when said security status corresponds to said first state;
      
      ii. denying communication access for said inbound message to said recipient user when said security status corresponds to said second state;
      
      iii. allowing communication access for said inbound message to said recipient user when said security status corresponds to said third state and meets one or more of said predetermined criteria at least partially related to said security status of said one of said proxy identifiers, and denying communication access for said transferred inbound message to said recipient user otherwise.
  - 14. The system of claim 12, wherein said processor attempts to match said sender identifier with at least one of a plurality of identifiers associated with contacts of the recipient user.
  - 15. The system of claim 12, wherein said processor assigns said recipient identifier to at least one of a plurality of identifiers associated with contacts of the recipient user.
  - 16. The system of claim 12, wherein said processor assigns said recipient identifier to at least one contact of the recipient user.
  - 17. The system of claim 12, wherein said processor rejects said inbound message if the recipient identifier is not assigned to the proxy identifier.
  - 18. The system of claim 12, wherein said processor determines the security state associated with said sender user.
  - 19. The system of claim 12, wherein said processor determines if said recipient user initiated generation of a proxy identifier included in said inbound message.

20. A computer program product residing on a non-transitory computer readable medium having a plurality of instructions stored thereon which, when executed by a processor, cause that processor to:
- generating a plurality of proxy identifiers associated with said recipient user, each of said proxy identifiers having at least three associated security states, a first of said states being indicative of allowing any other user coupled to said electronic communication network access to said recipient user, a second of said states being indicative of denying any other user coupled to said electronic communication network access to said recipient user, and a third of said states being conditionally indicative of allowing at least one but fewer than all other users coupled to said electronic communication network access to said recipient user if predetermined criteria are met and dewing access to said recipient user otherwise;
  
  receiving an inbound message from a sender user coupled to said electronic communication network, said inbound message including a sender identifier and said recipient identifier, said sender identifier being associated with the sender user of said inbound message, said recipient identifier derived from a proxy identifier associated with recipient user, and said recipient identifier selected by said recipient user or a sender user;
  
  assigning said recipient identifier with the proxy identifier associated with said recipient user based on a security state set by the recipient user; and
  
  processing said inbound message to determine a security status associated therewith using said sender identifier and said recipient identifier.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sophos Limited (Sophos Group Ltd.)
Original Assignee
Reflexion Networks, Inc. (Sophos Group Ltd.)
Inventors
McIsaac, Joseph E., Dahllof, Marcus, Tatarsky, Bruce L., Vallett, Richard K.
Primary Examiner(s)
Flynn, Nathan
Assistant Examiner(s)
WRIGHT, BRYAN F

Application Number

US12/909,351
Publication Number

US 20110145892A1
Time in Patent Office

656 Days
Field of Search

726/4
US Class Current

709/206
CPC Class Codes

G06Q 10/107   Computer-aided management o...

H04L 2101/37   E-mail addresses

H04L 51/212   using filtering or selectiv...

H04L 51/214   using selective forwarding

H04L 51/48   Message addressing, e.g. ad...

H04L 61/30   Managing network names, e.g...

H04L 61/301   Name conversion

H04L 61/5069   for group communication, mu...

H04L 61/59   using proxies for addressing

H04L 63/0254   Stateful filtering

H04L 63/10   for controlling access to d...

H04L 63/102   Entity profiles

H04L 65/611   for multicast or broadcast ...

System and method for controlling access to an electronic message recipient

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

28 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

System and method for controlling access to an electronic message recipient

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others