EP1101190A2 - System und verfahren zum sichern von elektronischen nachrichten - Google Patents

System und verfahren zum sichern von elektronischen nachrichten

Info

Publication number
EP1101190A2
EP1101190A2 EP99943655A EP99943655A EP1101190A2 EP 1101190 A2 EP1101190 A2 EP 1101190A2 EP 99943655 A EP99943655 A EP 99943655A EP 99943655 A EP99943655 A EP 99943655A EP 1101190 A2 EP1101190 A2 EP 1101190A2
Authority
EP
European Patent Office
Prior art keywords
electronic message
policies
computer
recipient
sender
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP99943655A
Other languages
English (en)
French (fr)
Inventor
Inc. Interosa
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
PRIVACY PRESERVE, INC.
Original Assignee
PRIVACY PRESERVE Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by PRIVACY PRESERVE Inc filed Critical PRIVACY PRESERVE Inc
Publication of EP1101190A2 publication Critical patent/EP1101190A2/de
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail

Definitions

  • the present invention relates to electronic messaging. More particularly, the present invention relates to rendering electronic messages in a controlled manner.
  • Electronic mail is a type of electronic message that involves the transmission of messages over a communications network, which can be the internet, a local area network (LAN), a wide area network (WAN) or other network.
  • a communications network can be the internet, a local area network (LAN), a wide area network (WAN) or other network.
  • LAN local area network
  • WAN wide area network
  • Businesses have begun to rely on email as a method for interoffice communications and companies that are fully networked make extensive use of email because it is fast, flexible, and reliable.
  • email Because the use of email has exploded in recent years, the capabilities and features of email systems and programs have also improved. For example, practically all email programs allow the user to attach files to a text message.
  • the attachment may be a photo, a video clip, a sound byte, or other data.
  • a user has the ability to send almost anything via email.
  • a single email can be simultaneously sent to more than one person without having to retype the text of the message.
  • An email can be stored on the
  • Email systems also have the ability to enhance the appearance of the text in the email. Users can select the color and font of the text in the email to enhance the visual appearance of the email.
  • Other email applications notify a user when an email is received and opened by the recipient.
  • Other additions to email systems include address books and scheduling applications. Address books allow a user to store email addresses and personal information about the recipient. In sum, Email applications are not only becoming sophisticated, but are also becoming indispensable.
  • Client based email involves a client side application stored on each client machine.
  • the application typically provides, at a minimum, the tools necessary for a user to compose and send an email.
  • a server receives the composed emails and forwards them to the recipients.
  • Browser based email systems also provide the tools necessary for a user to compose an email, but each user or client machine does not have a separate application because the email application is accessible with an internet browser.
  • Many proprietary email systems provide additional tools which are not available to users outside of the local network. For instance, an email may be retractable by the sender within the proprietary system if the email has not yet reached the recipient.
  • Instant messaging is another example where an electronic message is sent to a recipient.
  • a portal provides this service to users who are connected to the portal by having a user select or create a list of persons with whom instant messaging is desired. When a person on the list logs on to the portal, the creator of the list is notified.
  • the creator can then send a message which is instantly received by the recipient.
  • instant messaging is similar to a chat room where all users can view the messages of other users.
  • Instant messaging is typically limited to a known group of users which are all on a certain list.
  • Electronic messages can be sent in other methods.
  • facsimile, printing and other services are available on the Internet.
  • the common factor related to facsimiles, email, instant messaging and other services is data or information.
  • the fundamental issue is that information has value and there is a need to protect that data as the use of electronic messages becomes more prominent in personal and business applications.
  • the sender simply desires to maintain control over the information in the electronic message.
  • Sending an electronic message can deprive the sender of that control.
  • many firms or businesses which search various publications and databases for a fee. These firms produce a report related to the search request of their clients.
  • the contents of the report can be sensitive.
  • the report may contain an analysis of whether a hostile corporate takeover is feasible.
  • the report of these firms is valuable not only to the client, but also to the firm. With today's technology, the report may be sent to the client electronically. If the information in the report, however, is discovered by an unauthorized party, then damage has been done to both parties. In fact, many firms will not transmit sensitive data electronically for fear of the information being obtained by an unauthorized person.
  • the information in an electronic message can be discovered either intentionally or inadvertently. For example, it is possible for a user to accidentally hit the forward button instead of the reply button in an email application. The result of this mistake is that the information may be addressed or delivered to the wrong person.
  • traffic on the Internet is monitored and intercepted to determine the content of the traffic. If sensitive information is sent, it is possible that the information will be intercepted and misused. The same perils exist with paper documents, but it is more complicated to copy a report and mail it to an unauthorized person than it is to simply click the forward button of an email application.
  • Risk management for electronic messages requires, in one embodiment, that access to electronic messages be monitored or restricted. This is difficult because once the electronic message has been sent to a recipient, it is no longer in the control of the sender.
  • the present invention provides systems and methods for controlling the recipient's access to the electronic message.
  • the sender chooses policies which are to be enforced with respect to the electronic message.
  • the policies are typically related to the use and access of the electronic message, but may serve other functions. For instance, a user may choose a policy which prevents a recipient from printing the electronic message or the user may choose a policy which prevents the electronic message from being forwarded to another user. Other functions include automatically forwarding the message to another user upon being opened by a recipient.
  • policies can serve a wide variety of purposes for the sender. After the policies have been selected by the sender, they are associated with the electronic message. The policies and the electronic message are then packaged together to form an object.
  • the policies are represented, in one embodiment, by computer-executable instructions and are capable of executing on a remote machine. An example of such computer executable instructions is JAVA. This embodiment permits the object to enforce the policies selected by the sender on the recipient.
  • the present invention can be configured in a wide variety of ways. For instance, one embodiment uses a remote source to store the policies which the sender may associate with an electronic message.
  • the packaged object includes a Uniform Resource Identifier (URI) referring to a remote policy which must be accessed before access to the electronic message is granted to the recipient.
  • URI Uniform Resource Identifier
  • the policies which may be stored at a remote location with respect to both the sender and the recipient, are enforced by the object.
  • the policies may be coded instructions which represent policies which are stored on a remote location.
  • the remote location may be referenced by a URI, or the remote location can be the recipient's computer or other rendering device. In other words, the recipient may have computer-executable instructions which can interpret the coded policies.
  • the present invention may be implemented in both client based systems as well as browser based systems.
  • the object may arrive as an attachment.
  • the recipient is required to have a Java virtual machine before the policies integrated with the electronic message may be enforced.
  • Figure 1 is an exemplary system for implementing the present invention
  • Figure 2 is a block diagram of an object comprising data packaged with one or more policies
  • Figure 3 is a block diagram illustrating an exemplary method for creating a self-executing object
  • Figure 4 is a block diagram of a network implementing the systems and methods of the present invention.
  • Electronic messages are used to convey information from one entity to another entity.
  • electronic message comprises email, instant messaging, facsimile, video files, audio files, graphics, text, documents, spreadsheets, databases and other data and information.
  • a significant problem with electronic messages is that control of the electronic message passes from the sender to the recipient. In many instances, the sender desires to maintain control of the electronic message. This is true of confidential or sensitive information as well as of data that is copyrighted or otherwise protected by law.
  • Electronic messages provide a sender with the ability to quickly transmit information to a recipient, but as previously discussed, certain risks are involved.
  • the protection a sender desires to impart to an electronic message can vary. Security, in any event, is never absolute.
  • the present invention provides systems and methods for securing electronic messages from unauthorized use.
  • a sender in a preferred embodiment of the present invention, creates or prepares an electronic message using either a client based or a browser based application.
  • Policies are made available to the sender and the sender selects one or more of those policies to be associated with the electronic message.
  • a packager is provided which packages the electronic message with the selected policies into an object.
  • the policies associated with the message are capable of executing or of being executed at the recipient's computer or other rendering device and permit the sender of the electronic message to maintain control over the electronic message in the object.
  • the use of the electronic message is dictated by the sender of the electronic message. In this manner, the risk of unauthorized use is reduced and the content of the electronic message is secured or protected.
  • the present invention is described in terms of diagrams and flow charts.
  • the embodiments of the present invention may comprise a special purpose or general purpose computer comprising various computer hardware.
  • Embodiments within the scope of the present invention also include computer- readable media having computer-executable instructions or data structures stored thereon.
  • Such computer-readable media can be any available media which can be accessed by a general purpose or special purpose computer.
  • Such computer-readable media can comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired executable instructions or data structures and which can be accessed by a general purpose or special purpose computer.
  • Computer-executable instructions comprise, for example, instructions and data which cause a general purpose computer, special purpose computer, or special purpose processing device to perform a certain function or group of functions.
  • the computer-executable instructions and associated data structures represent an example of program code means for executing the steps of the invention disclosed herein.
  • Figure 1 and the following discussion are intended to provide a brief, general description of a suitable computing environment in which the invention may be implemented.
  • the invention will be described in the general context of computer-executable instructions, such as program modules, being executed by a personal computer.
  • program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types.
  • the invention may be practiced with other computer system configurations, including handheld devices, multi-processor systems, microprocessor-based or programmable consumer electronics, network PCs, minicomputers, mainframe computers, and the like.
  • the invention may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network.
  • program modules may be located in both local and remote memory storage devices.
  • an exemplary system for implementing the invention includes a general purpose computing device in the form of a conventional computer 20, including a processing unit 21. a system memory 22, and a system bus 23 that couples various system components including the system memory to the processing unit.
  • the system bus 23 may be any of several types of bus structures including a memory bus or memory controller, a peripheral bus, and a local bus using any of a variety of bus architectures.
  • the system memory includes read only memory (ROM) 24 and random access memory (RAM) 25.
  • ROM read only memory
  • RAM random access memory
  • a basic input/output system (BIOS) 26 containing the basic routines that help to transfer information between elements within the computer 20, such as during start-up, may be stored in ROM 24.
  • the computer 20 may also include a magnetic hard disk drive 27 for reading from and writing to a magnetic hard disk, not shown, a magnetic disk drive 28 for reading from or writing to a removable magnetic disk 29, and an optical disk drive 30 for reading from or writing to removable optical disk 31 such as a CD-ROM or other optical media.
  • the magnetic hard disk drive 27, magnetic disk drive 28, and optical disk drive 30 are connected to the system bus 23 by a hard disk drive interface 32, a magnetic disk drive-interface 33, and an optical drive interface 34, respectively.
  • the drives and their associated computer-readable media provide nonvolatile storage of computer readable instructions, data structures, program modules and other data for the computer 20.
  • the exemplary environment described herein employs a magnetic hard disk 27.
  • a number of program modules may be stored on the hard disk, magnetic disk 29, optical disk 31, ROM 24 or RAM 25, including an operating system 35, one or more application programs 36, other program modules 37, and program data 38.
  • a user may enter commands and information into the computer 20 through input devices such as a keyboard 40 and pointing device 42.
  • Other input devices may include a microphone, joy stick, game pad, satellite dish, scanner, or the like.
  • serial port interface 46 that is coupled to system bus 23, but may be connected by other interfaces, such as a parallel port, game port or a universal serial bus (USB).
  • a monitor 47 or other type of display device is also connected to system bus 23 via an interface, such as video adapter 48.
  • the computer 20 may operate in a networked environment using logical connections to one or more remote computers, such as a remote computer 49.
  • Remote computer 49 may be another personal computer, a server, a router, a network PC, a peer device or other common network node, and typically includes many or all of the elements described above relative to the computer 20, although only a memory storage device 50 has been illustrated in Figure 1.
  • the logical connections depicted in Figure 1 include a local area network (LAN) 51 and a wide area network (WAN) 52 that are presented here by way of example and not limitation.
  • LAN local area network
  • WAN wide area network
  • the computer 20 When used in a LAN networking environment, the computer 20 is connected to the local network 51 through a network interface or adapter 53. When used in a WAN networking environment, the computer 20 typically includes a modem 54 or other means for establishing communications over the wide area network 52, such as the Internet. Additionally, computer networks may comprise wireless networks.
  • the modem 54 which may be internal or external, is connected to the system bus 23 via the serial port interface 46.
  • program modules depicted relative to the computer 20, or portions thereof may be stored in the remote memory- storage device. It will be appreciated that the network connections shown are exemplary and other means of establishing a communications link between the computers may be used.
  • FIG. 2 is a block diagram conceptually illustrating data to which access is restricted by policies.
  • Electronic message 204 can be an email, an instant message, a video clip, an audio file, a document, a file, a Universal Resource Identifier (URI) or any other type of data which is to be protected.
  • polices 202 are intended to define how electronic message 204 can be used or accessed.
  • Policies 202 and electronic message 204 are coupled or packaged together to form object 200.
  • Policies 202 are an important aspect of object 200 because policies 202 define, in one embodiment: the method of revealing or rendering electronic message 204; how electronic message 204 is to be accessed; and the ways in which a user may interact with or use electronic message 204.
  • Exemplary polices which may be selected by a sender of electronic message 204, include but are not limited to: indicating whether the recipient is permitted to forward electronic message 204 to another user; indicating whether a recipient is permitted to copy, paste or cut the content of electronic message 204; indicating whether a recipient is permitted to save electronic message 204 separate from policies 202; indicating whether a sender is able to retract electronic message 204 that has been sent or forwarded to the recipient or another user; and indicating whether a user can print electronic message 204.
  • policies 202 may specify and/or include: a date before which an electronic message may not be used, or a date after which an electronic message may no longer be used, or a time window in which the electronic message may be accessed; the number of times an electronic message may be opened or accessed; an audit trail, in which data pertaining to the usage history of an electronic message is captured and stored in a file or sent to another party, which may be the sender of the electronic message; acceptance conditions or the presentation of acceptance conditions, which the recipient must accept before the electronic message is accessed or opened, and the recording of the recipient's acceptance or rejection of the acceptance conditions as well as notification to a party, such as the sender, that the acceptance conditions have been accepted or rejected; the number of times an electronic message may be accessed, opened or read, which may be once; that a record of the use of the electronic message by the recipient may be created and sent or forwarded to another party which may be the sender; that only a specific number or a larger number of electronic messages may be accessed or opened; that only the first N number of
  • polices can be implemented and all polices can be combined in complex relations. Clearly, many policies can be implemented and enforced with respect to an electronic message.
  • policies 202 may comprise a URI reference.
  • the URI reference which may be remotely located with respect to both the sender and recipient of the electronic message may contain the actual polices that the sender desires to enforce.
  • the policy packaged in the object would be the requirement to look to a remote source or location for additional policies which may affect the recipient's access to the electronic message.
  • Figure 3 is illustrative of the method by which object 200 is formed.
  • Electronic message 204 is gathered or created by a user. For instance, a user may create an email which is to be sent to a recipient. The email, in this case, would be electronic message 204.
  • associator 222 associates policies 202, which have been selected by the sender, with electronic message 204. At associator 222, policies 222 which are linked or associated with electronic message 204 and are not yet enforceable.
  • packager 220 packages them to create object 200. In one embodiment, this is done by creating a
  • policies 202 are computer-executable instructions that are capable of executing on a remote computer.
  • the policies packaged with an electronic message are coded instructions which invoke computer-executable instructions which reside in a separate or remote environment or location.
  • the local network of the recipient may have the computer-executable instructions necessary to execute the coded instructions stored on a server which is accessible by the recipient, or the computer of the recipient may contain the necessary computer-executable instructions, or the computer- executable instructions referenced by the coded instructions may reside on a remote location or environment.
  • the policies packaged in an object can be executed and enforced in a variety of methods.
  • policies 202 are active and will control the recipient's access and use of electronic message 204. In this manner, object 200 is self-enforcing. In systems having a form of electronic messaging, such as email, the sender is no longer in physical control of the electronic message after it has been sent. Creating an object, which comprises data and computer-executable instructions, permits the sender of the data to ensure that the data is used appropriately by the recipient.
  • packager 220, or associator 222 has the capability to encrypt electronic message 204.
  • the encryption of data 202 in one embodiment, is to ensure that only the intended recipient has the capability of decrypting data 202. For example, if electronic message 204 is encrypted with a key that only a particular recipient possesses, forwarding data 202 to another user, while possible, is essentially useless because the data remains encrypted.
  • the encryption is typically performed using methods well known in the art.
  • the encryption is to ensure that only when the conditions specified in the policies are satisfied can the message be decrypted and viewed.
  • FIG 4 is a block diagram of an exemplary system in which electronic messages may be sent.
  • Network 230 is illustrated having a plurality of senders 232, packager 220, server 234 and path 236.
  • Senders 232 are intended to be representative of the source of an electronic message or other data.
  • sender 232 is a computer as described in Figure 1 which has the capability of creating and sending or transmitting an electronic message.
  • Server 234 may also be embodied as a computer having the capability of sending or forwarding electronic messages created by sender 232.
  • Server 234, in a preferred embodiment is a mail server or a web server.
  • Packager 220 creates object 200.
  • Packager 220 may also be embodied as a computer and is located, in a preferred embodiment, in the network such that all electronic messages are examined or monitored by packager 220. Those electronic messages that have been associated with policies are manipulated by packager 220 to form object 200. Electronic messages that are not associated with policies are typically ignored by packager 220.
  • Server 234 upon receiving an electronic message, forwards or sends the electronic message to recipient 242. Typically, sender 232 and recipient 242 are connected via a network. In figure 4, Internet 238 is the connecting network. The electronic message, or object arrives at server 240 at which point recipient 242 is notified that an electronic message has arrived.
  • FIG 4 illustrates that electronic messages or objects are sent and received in well known methods with the difference that packager 220 creates an object which is self-enforcing.
  • the policies of the sent object define what recipient 242 can do with the electronic message in the object, rather than the particular application of the user.
  • Recipient 242 upon receiving the object, will only be able to access the data in the object as determined by the policies.
  • the policies are part of the object.
  • the policies may refer to a remote location which is independent of sender 232.
  • source 244 which may be referenced by a URI, may contain the policies which are to be enforced against recipient 242.
  • the object received by recipient 242, in this example, would cause source 244 to be accessed to determine the policies to be enforced against recipient 242.
  • Path 236 is representative of the path of the electronic message from sender 232 to packager 220. While the electronic message is in path 236, an object has not been formed and the electronic message is potentially discoverable by unauthorized persons. To protect against this possibility, a cryptographically secure connection may be employed for the transport of the electronic message. In another embodiment, path 236 first leads to an associator, shown in Figure
  • the associator typically performs a function separate from the function of the packager, but the associator is capable of performing its function at sender 232, at packager 220. or at some point in path 236.
  • the associator is integrated with sender 232 and in yet another embodiment, the associator is integrated with packager 220, and in another embodiment, the associator is separate from both sender 232 and packager 220 as illustrated in Figure 3. If the associator is executed on the same machine or computer as the environment in which an electronic message is created, path 236 is obviated.
  • Policies are typically selected by the sender of an electronic message, although it is possible for an entity such as a corporation to automatically associate policies with each outgoing electronic message.
  • the first environment is a client based environment and the second environment is a browser-based environment.
  • each client typically has a separate application which provides the user with the ability to create and transmit electronic messages.
  • a module is integrated with the application which permits the user to select and associate policies with an electronic message. In one embodiment, this is done by installing the module into each separate application for each sender.
  • the module permits the sender to select policies which will be associated with the electronic message or data to be sent. Later, the packager creates an object which comprises the code necessary to enforce the selected polices on the electronic message or data.
  • the application In a browser based environment, the application is typically located on a server computer and each user accesses the application using a browser.
  • the policies are made available to the user by altering options exposed to the user via the web pages which make up the user interface. A user can select the desired policies by simply pointing and clicking. The selected policies are then associated with the electronic message or data and the packager creates an object which has the capability of enforcing those policies. In both environments, the user selects which polices are to be enforced on the electronic message.
  • the module of the client based environment can be enlarged to include other polices or policies can be removed from an application.
  • the policies provided in the browser based environment can be removed or expanded. The policies can be adapted to each environment quickly and easily.
  • policies available to end users or senders may be determined by the original installation or modification previously mentioned. It may also be determined by a policy selection and configuration environment intended for management by a systems administrator.
  • the policies which may be selected by a user are usually intended to protect the electronic message or data of the user.
  • the data may be a balance sheet of a corporation which is only intended to be viewed by a certain accountant.
  • the data is copyrighted and is being sent electronically to the purchaser.
  • emails it is very simple for a recipient to forward an email to one or more persons. However, it is possible that this is not the intent of the sender.
  • Policies are intended to protect against this and other situations where the data or electronic message is to be protected. The protection provided is not absolute in some instances, but the risk that the data will be used in an unauthorized manner is usually reduced.
  • a first policy is that of preventing a recipient from forwarding the electronic message to a new user and the policy can be enforced in a variety of methods.
  • the electronic method is encrypted with the public key of the recipient. Presumably, only the recipient has the private key, which is necessary to decrypt the message. If the electronic message is forwarded, it is forwarded in an encrypted form which the next user cannot decrypt because they do not possess the private key of the original recipient.
  • Another method requires the sender and the recipient to agree to a password in a separate transaction, such as a telephone call, before the electronic message is sent to the recipient.
  • the policies associated and integrated with the electronic message will require the recipient to supply a password before access is granted to the electronic message.
  • a final exemplary method of preventing an electronic message from being forwarded is to prevent the recipient from being able to access the forwarding mechanism of the application. In some instances, this can be done by hiding the forward button of the recipient's electronic messaging application. Depending on the amount of security desired, a different mechanism can be employed for preventing a recipient from forwarding an electronic message. Combinations of the above mentioned methods are also possible.
  • Each of the embodiments described for preventing unauthorized forwarding offers a different amount of security to the sender of the electronic message. In some instances, the intent of the sender may be to simply complicate the process. For example, an expert computer user may be able to forward an electronic message in the case where the forward button is hidden. The typical user, however, will be unable to forward the electronic message.
  • Another policy which may be selected by the user is the ability to cause an electronic message to expire.
  • This policy can also be implemented in a variety of methods.
  • the packager which may be accessible by a URI, stores a date or time which indicates the expiration date of an object.
  • the policy of the objects checks the current date or time against the date or time stored at the packager. If the electronic message or object has expired, then access is denied to the recipient.
  • the data is frequently encrypted as an additional precaution.
  • the source of the current date or time may be the clock on the recipient's computer, an external trusted time source, or a combination of such time sources.
  • Another embodiment is to store the expiration date at a remote location, which is also accessible using a URI.
  • the object before allowing the recipient access, checks the expiration time at the remote location, rather than the packager, to determine if the electronic message has expired.
  • these methods offer scaled security.
  • Another policy is the ability to retract an electronic message that has already been sent to a recipient.
  • the sender can register with the packager to indicate that the electronic message is to be retracted.
  • the object which was sent to the recipient first checks with the packager to determine if the sender desires to retract the object. If the sender has indicated that the object is to be retracted, the policies of the object do not permit the recipient to access the data stored in the object. In this embodiment, the data may be encrypted as a further precaution.
  • the operation of this policy is similar to the expiration policy.
  • Another policy which may be selected by the user is restricting the ability of the recipient to cut, copy or paste the contents of the object.
  • the recipient selects text to be cut or copied, the text is placed in a buffer or memory.
  • the policy of the object detects when text of the data in the object has been selected and placed in the buffer. The policy may either replace the data in the buffer with unrelated digital data or may simply cause the buffer to be emptied. In this manner, the recipient is prevented from cutting, copying and pasting the contents or text of the electronic message in the object.
  • policies described above are intended to be exemplary of the type of policies which may be selected by the sender of an electronic message and are not intended to be limiting.
  • the policies which may be made available to a sender can be altered or removed. Additional policies can be made available for the use of the sender and the policies can be enforced in a variety of methods.
  • the purpose of the policies is related to risk management of the data rather than absolute security.
  • the level of risk to the data can be varied as determined by the policy and the strength of the policy selected.
  • An electronic message can be associated with more than one policy and in some instances, the policies to be enforced can be located in a remote location. The policies can be enforced in both client based and browser based environments.
EP99943655A 1998-08-04 1999-08-04 System und verfahren zum sichern von elektronischen nachrichten Withdrawn EP1101190A2 (de)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US12946798A 1998-08-04 1998-08-04
US129467 1998-08-04
PCT/US1999/017786 WO2000008794A2 (en) 1998-08-04 1999-08-04 Systems and methods for securing electronic message

Publications (1)

Publication Number Publication Date
EP1101190A2 true EP1101190A2 (de) 2001-05-23

Family

ID=22440096

Family Applications (2)

Application Number Title Priority Date Filing Date
EP99943655A Withdrawn EP1101190A2 (de) 1998-08-04 1999-08-04 System und verfahren zum sichern von elektronischen nachrichten
EP99938984A Withdrawn EP1104606A2 (de) 1998-08-04 1999-08-04 Gerät und verfahren zur herstellung eines verpackten gegenstands und daraus hergestellter verpackter gegenstand

Family Applications After (1)

Application Number Title Priority Date Filing Date
EP99938984A Withdrawn EP1104606A2 (de) 1998-08-04 1999-08-04 Gerät und verfahren zur herstellung eines verpackten gegenstands und daraus hergestellter verpackter gegenstand

Country Status (5)

Country Link
EP (2) EP1101190A2 (de)
CN (1) CN1342278A (de)
AU (2) AU5670899A (de)
CA (1) CA2339239A1 (de)
WO (2) WO2000008794A2 (de)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9219755B2 (en) 1996-11-08 2015-12-22 Finjan, Inc. Malicious mobile code runtime monitoring system and methods
US8079086B1 (en) 1997-11-06 2011-12-13 Finjan, Inc. Malicious mobile code runtime monitoring system and methods
US7058822B2 (en) 2000-03-30 2006-06-06 Finjan Software, Ltd. Malicious mobile code runtime monitoring system and methods
US6826609B1 (en) 2000-03-31 2004-11-30 Tumbleweed Communications Corp. Policy enforcement in a secure data file delivery system
GB0027280D0 (en) * 2000-11-08 2000-12-27 Malcolm Peter An information management system
US6938065B2 (en) * 2000-12-12 2005-08-30 Ericsson Inc. System and method for controlling inclusion of email content
US8438465B2 (en) * 2001-04-03 2013-05-07 Purdue Pharma L.P. Privileged communication system with routing controls
CN1902902A (zh) 2003-09-04 2007-01-24 Emc公司 数据消息镜像和重定向
US8059805B2 (en) 2005-06-30 2011-11-15 Emc Corporation Enhanced services provided using communication redirection and processing
US8605878B2 (en) 2005-06-30 2013-12-10 Emc Corporation Redirecting and mirroring of telephonic communications
US8831194B2 (en) 2005-06-30 2014-09-09 Emc Corporation Telephonic communication redirection and compliance processing
US10924459B2 (en) * 2016-12-16 2021-02-16 Futurewei Technologies, Inc. Location control and access control of emails
US20180176256A1 (en) * 2016-12-16 2018-06-21 Futurewei Technologies, Inc. Temporal Control and Access Control of Emails

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4525780A (en) * 1981-05-22 1985-06-25 Data General Corporation Data processing system having a memory using object-based information and a protection scheme for determining access rights to such information
US4924513A (en) * 1987-09-25 1990-05-08 Digital Equipment Corporation Apparatus and method for secure transmission of data over an unsecure transmission channel
US5325310A (en) * 1992-06-26 1994-06-28 International Business Machines Corporation Method and system for persistant electronic mail reply processing
US5379432A (en) * 1993-07-19 1995-01-03 Taligent, Inc. Object-oriented interface for a procedural operating system
JPH08331175A (ja) * 1995-05-31 1996-12-13 Sony Corp 情報管理方法及び装置
US5893910A (en) * 1996-01-04 1999-04-13 Softguard Enterprises Inc. Method and apparatus for establishing the legitimacy of use of a block of digitally represented information
WO1997026735A1 (en) * 1996-01-16 1997-07-24 Raptor Systems, Inc. Key management for network communication
US5937161A (en) * 1996-04-12 1999-08-10 Usa.Net, Inc. Electronic message forwarding system
US5805700A (en) * 1996-10-15 1998-09-08 Intel Corporation Policy based selective encryption of compressed video data
US5903652A (en) * 1996-11-25 1999-05-11 Microsoft Corporation System and apparatus for monitoring secure information in a computer network

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO0008794A2 *

Also Published As

Publication number Publication date
WO2000008794A2 (en) 2000-02-17
EP1104606A2 (de) 2001-06-06
WO2000008793A2 (en) 2000-02-17
CN1342278A (zh) 2002-03-27
WO2000008794A3 (en) 2000-05-18
AU5335499A (en) 2000-02-28
CA2339239A1 (en) 2000-02-17
WO2000008793A3 (en) 2000-05-18
AU5670899A (en) 2000-02-28

Similar Documents

Publication Publication Date Title
US7093136B2 (en) Methods, systems, computer program products, and data structures for limiting the dissemination of electronic email
JP3932319B2 (ja) 格納された鍵による暗号化/暗号解読を用いた電子メール用ファイアウォール
US7454778B2 (en) Enforcing rights management through edge email servers
EP1386242B1 (de) Privilegiertes e-mail-system mit routing-steuerungen
EP1735934B1 (de) Verfahren zur dynamischen anwendung von rechteverwaltungsrichtlinien
US20150113269A1 (en) Highly accurate security and filtering software
US8219798B1 (en) Method and system for securing E-mail transmissions
US20040148356A1 (en) System and method for private messaging
US20020143885A1 (en) Encrypted e-mail reader and responder system, method, and computer program product
US20060031352A1 (en) Tamper-proof electronic messaging
JP2004046811A (ja) 送信装置ファイアウォール
WO2005109795A1 (en) Tamper-proof electronic messaging
US8001614B2 (en) System and method for making encrypted content available to derivable related parties
EP1101190A2 (de) System und verfahren zum sichern von elektronischen nachrichten
CA2339228A1 (en) Systems and methods for securing electronic message
WO2001050691A2 (en) Sender-controlled post delivery handling of digitally delivered documents in a computer network
JP2006072685A (ja) 電子メール処理装置
JP2008219743A (ja) ファイル暗号管理システムとそのシステムを実施する方法
Poore Computer Forensics and Privacy: At What Price Do We Police the Internet?
Stecher Integrity, Privacy, and Security in Open Pluggable Edge Services (OPES) for SMTP
Stecher RFC 4902: Integrity, Privacy, and Security in Open Pluggable Edge Services (OPES) for SMTP
Infrastructure Email Protocols
Negrino Protect Your E-mail
AU7181200A (en) Self-destructing document and E-mail messaging system

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20010202

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

AX Request for extension of the european patent

Free format text: AL PAYMENT 20010202;LT PAYMENT 20010202;LV PAYMENT 20010202;MK PAYMENT 20010202;RO PAYMENT 20010202;SI PAYMENT 20010202

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: PRIVACY PRESERVE, INC.

RIN1 Information on inventor provided before grant (corrected)

Inventor name: PRIVACY PRESERVE, INC.

RIN1 Information on inventor provided before grant (corrected)

Inventor name: FRASCADORE, GREGORY

Inventor name: MULLIGAN, M. GEOFF

Inventor name: BLUMENTHAL, JOHN

Inventor name: SENATOR, STEVEN T.

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20030301