ZA200505602B - Method and system for secure transmission of e-mail - Google Patents
Method and system for secure transmission of e-mail Download PDFInfo
- Publication number
- ZA200505602B ZA200505602B ZA200505602A ZA200505602A ZA200505602B ZA 200505602 B ZA200505602 B ZA 200505602B ZA 200505602 A ZA200505602 A ZA 200505602A ZA 200505602 A ZA200505602 A ZA 200505602A ZA 200505602 B ZA200505602 B ZA 200505602B
- Authority
- ZA
- South Africa
- Prior art keywords
- recipient
- server
- message
- sender
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims description 25
- 230000005540 biological transmission Effects 0.000 title claims description 4
- 238000005516 engineering process Methods 0.000 claims description 2
- 235000002020 sage Nutrition 0.000 claims 1
- 238000010586 diagram Methods 0.000 description 3
- 230000000630 rising effect Effects 0.000 description 2
- 235000019227 E-number Nutrition 0.000 description 1
- 239000004243 E-number Substances 0.000 description 1
- 241001441724 Tetraodontidae Species 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
Description
Method and System for Secure Transmission of E-Mail
THIS invention relates to a method of transmitting an e-mail message securely from a sender to a recipient, and to a system for implementing thes method,
Conventional e-nwail is notoriously insecure. Two security options are presently available. Firstly, the sender of an e-mail message can request = receipt notificatiorm. However, this can be cancelled by the recipient of the message, and even if a receipt notification is received, the sender canno-t be certain that the message was received by the intended recipient.
Secondly, the sender can digitally sign the e-mail using a public/private kew system. This arrangement guarantees authenticity of the document anc author, but does n ot prevent unauthorised viewing of the message.
Encryption systems requiring a unique key for decryption of a message , which must be sent to the recipient separately from the main, encrypted message, are cumbersome and inconvenient to use.
It is an object of the invention to provide an alternative method and system ‘ for transmitting e-mail messages securely.
CONFIRMATION COPY
According to the invention there is provided a method of transmitting an e- . mail message securely from a sender to a recipient, th e method comp rising: at a slave server, receiving an e-mail message from the sender, extracting message identification data therefrom, transrmitting the message identification data securely to a master server, encrypting the message, and transmitting the encrypted message to the ] recipient; at a master server, receiving and storing the message identification data from the slave server, receiving a key request transmitted securely by the recipient of the encrypted message, autknenticating the recipient, and transmitting a key securely to the authenticated recipient to permit the recipient to decrypt the encrypted message.
The step of authenticating the recipient may include regis-tering the recipient on a database associated with the master server.
The registration of the recipient preferably includes recording a password selected by the recipient for use by the recipient in the autBhentication proce ss.
Preferably, secure transmissions of data between the slave serv-er and the mastesr server, and the recipient and the master server, utilise zn existing secure communications technology, such as the secure sockets layer (SSL) in existing software.
Further to the invention there is provided an e-mail system for transmitting an e-mail message securely from a sender to a recipient, the system comp rising:
WVO 2004/054189 PCT/IB2003/005864 a master server; and at least one slave server, the slave server being connectable securealy to the master server and operable to receive an e-mail message from the sender, to extract message identification data therefrom, to transmit the message identification data securely to the master server, to encrypt the e-mail message, and to transmit the encrypted message to the recipient; the master server being contactable securely by the recipient of the encrypted message to receive authentication data fromm the recipient, to authenticate the recipient, and to transmit a key to the recipient to permit the encryption of the encrypted message.
The master server may be located at a site remote from both the sender and the recipient. Preferably, the slave serveer is located at the same site as the sender.
The slave server may be a dedicated secure mail sefver, or may comprise an existing mail server running suitable secure mail software.
Figure 1 is a simplified schematic diagram showing a system for transmitting e-mail messages securely according to the invention; and
Figure 2 is a simplified flow diagram illmistrating major steps in the ' method of the invention.
Figure 1 shows an example of a system &or sending e-mail messages . securely from a sender 10 to a recipient 12. In most cases, but not necessarily, the sender and the recipient wil | be firms or companies each operating a network comprising a conventional mail server and several work stations.
At the premises of the sender 10, a conventio- nal mail server 14 is provided, to which are connected a number of work stattions 16, which will typically be conventional PC's or laptop/notebook computers. In addition to the conventional mail server 14, a secure slave rmail server 18 of the invention is provided. The slave server 18 can communicate with the conventional mail server 14, as indicated by the connectiom 20, and also with any of the work stations 16 as indicated by the connection 22. Each work station, as usual, communicates with the conventional mnail server 14 as indicated by the connections 24.
At the premises of the recipient 12 a similar s ystem is provided, comprising a conventional non-secure mail server 114 a nd a number of work stations 116. Each of the work stations 116 can comemunicate with the mail server 114 via a respective connection 124.
Located remotely from both the sender and the recipient 12 is a secure master e-mail server 26, which can be accesssed via the Internet and which typically comprises a server and associated database hosted on the
Internet by an authorised service provider.
The slave server 18 functions as a secure SMTP (simple mail transport protocol) relay, which can be a stand-alone s-erver, or which can effectively comprise software installed on an existin-g server at the customer's premises.
Conventionally, e-mail is sent by an SMATP server, which can either be at ; the user's premises, or be hosted by an Internet service provider (ISP) using a dial-up connection. E-mail softwrsare on the client's work stations is . set up by creating a mail account in which the SMTP address of the relevant mail server is configured. Wheen sending e-mail, this account is used and e-mail is directed from the wrork station to the selected SMTP server, which in turn dispatches the e-mail to the intended recipient.
In order to use the system of the invertion, the slave server (whether a stand-alone server or an existing server with suitable software installed on it) is configured with the current SMTP settings. On each client work station 16 a new, secure second mail account is created, pointing to the slave server as the SMTP server, with all other settings remaining the same as in the existing account. To send a sescure e-mail, a user simply sends the e-mail via the newly created secure account and the e-mail is directed to the stave server, rather than to the existing non-secure mail server.
When such an e-mail is received by the sBave server, it: 1. Detaches all attachments. 2. Saves the content of the e-mail bo dy. 3. Merges and compresses of the above files into a single compressed file (similar to a “zip” file) 4. Creates a random 128 Character key and encrypts the files using
Blowfish encryption. 5. Creates a new “secure e-mail” rmessage with the encrypted file attached. The body of the e-mail rmessage contains instructions on how to open the attached encrypted file and a link to the master server (for new users).
6. Sends a secure information packet to te master server containing - the following information extracted from the original e-mail: . 1. Sender e-mail address : 2. Receiver e-mail address 3. E-mail Subject 4. Key generated in step 4 5. Unique e-mail ID
This information is stored in a dat abase associated with the master server.
The secure e-mail is transmitted to the recipient in the same way as a non- secure e-mail, that is, from the mail server 14 of the sender to the mail server 114 of the recipient, via a connection indi cated at 28, typically via the
Internet. This encrypted, secure e-mail is rece=ived by the recipient's mail server 114 and sent on to the work station of th € addressed recipient. The secure e-mail includes a component which contains instructions to the recipient for opening the secure portion of thes e-mail, and a link to the master server to allow the recipient to register if the recipient is not already registered. The user double clicks on the secure e-mail attachment, launching a free viewer and prompting the recipient to provide an e-mail address and a password.
The recipient connects via his/her work station 116 to the master server 26 and, if necessary, performs a registration process, supplying personal identification details and a unique password. Asssuming that the recipient is already registered on the database of the master server, the recipient . provides his/her e-mail address and secret p assword. This process is carried out securely, for example, using the se«cure sockets layer (SSL) in i Internet explorer or other Web browser software .
Having received the recipient's e-mail address and password, the master server authenticates the recipient by checking the supplied e-mail address and password for validity. Additionally, th e master server verifies, by , comparing the message identification dat a with the supplied e-mail address, that the secure e-mail in question weas intended for that recipient. . if the authentication process is successful, t he master server transmits a decryption key securely to the recipient at the relevant work station 116, allowing the secure e-mail to be opened and displayed by the viewer sent with the secure e-mail. The key is used automatically by the viewer and is not displayed to the recipient.
If the authentication process fails, the record for the secure e-mail in question is tagged. After three unsuccessfeul attempts at accessing the secure e-mail, it is destroyed. All steps of the above described process are logged and reported back to the sender via the slave server.
It is envisaged that the e-mail viewer prov ided with the secure e-mail message will contain one or more banners or other forms of advertising. It is proposed that recipients of the secure e-mail messages not be charged for the secure e-mail service, and it will be appreciated that only conventional software and equipment is requir-ed by the recipient in order to . access the secure e-mail system of the inventi=on.
The sender, at whose premises the slave server 18 is installed, will receive monthly detailed billing, with each billed item ircluding the sender, receiver, e-mail subject, date/time sent and date/time received. It is envisaged that the sender would be billed according to th e number of secure e-mail messages sent.
The simplified flow diagram of Figure 2 summ arises the major steps of the above described method.
The database associated with the master server 26 will typically have the following structure:
Table: Transactions - This table stores all transactions . Fields: Date _Sent - Date e-mail waas sent
Date_Actioned - Date destroye-d, timed out or received
Status - e.g. received
Count - number of triess used to view
Sender - Sender's e-mail address
Reciever - recipient's e-nmail address e-maillD - unique ID of e—mail
Subject - Subject of orig inal e-mail
Key - unlock key
SlavelD - unique ID of slave to determine customer
Billed - indicator for bil ling action
Table: Recipients - This table stores all registered receivers
Fields: E-mail - e-mail address
Password - password min 8 char
Name - name
Surname - surname
Etc... - additional customer information “Table: Slaves - This table store-s all master accounts
Fields: SlavelD - unigue ID of slamve
Status - active or locked (for non- payment)
Company - name of registe red company
Etc... - additional custo mer information...
. It will be appreciated that the described method and system allow a company or individual wishing to transmit e-mail message=s securely to do . so without requiring the intended recipients of such me ssages to install special hardware or software at their own premises. The clescribed system is relatively easy to install and users can easily select between the options of sending conventional, non-secure e-mails and secure e-mails using the system of the invention. :
It will also be understood by those skilled in the art —that the specific embodiment of the invention described above is purely exeemplary, and that other encryption techniques and procedures couid be use=d instead, within the ambit of the inventive concept.
Claims (11)
1. A method of transmitting an e-mail messasge securely from a sender . to a recipient, the method comprising: at a slave server, receiving an e-mail message from the sender, extracting message ideratification data therefrom, transmitting the message identification data securely to a master server, encrypting the mes=sage, and transmitting the encrypted message to the recipient; at a master server, receiving a nd storing the message identification data from the slaves server, receiving a key request transmitted securely by the recipient of the : encrypted message, authenticating the recipient, and transmitting a key securely to the authenticated recipient to permit the recipient to decrypt the encrypted message.
2. A method according to claim 1 wherein the step of authenticating the recipient includes registering the recipient on a database associated with the master server.
3. A method according to claim 2 wherelin the registration of the recipient includes recording a password seelected by the recipient for use by the recipient in the authentication process.
4, A method according to any one of claims 1 to 3 wherein secure transmissions of data between the slave server and the master ; server, and the recipient and the master server, utilise an existing secure communications technology.
5. A method according to any one of claims 1 to 4 wherein the message identification data extracted frorm the e-mail message and sent to the master server comprises thes sender's e-mail address,
the receiver's e-mail address, the e-mail subject, a key for ) decryption of the encrypted message, and a unique identification code.
6. A method according to any one of claims 1 to 5 wherein the encrypted message sent to the recipie=nt is sent as a compressed, encrypted file attached to an e—mail message comprising instructions on how to open the encrypted file and a link to the master server.
7. A system for transmitting an e-mail message securely from a sender to a recipient, the system comprising: a master server; and at least one slave server, the slave server being connectable seacurely to the master server and operable to receive an e-mail m essage from the sender, to extract message identification data therefrom, to transmit the message identification data securelys to the master server, to encrypt the e-mail message, and to trarsmit the encrypted message to the recipient; the master server being contactable securely by the recipient of the encrypted message to receive authentication data from the recipient, to authenticate the- recipient, and to transmit a key to the recipient to permit the encryption of the encrypted message.
R 8. A system according to claim 7 whereirm the master server is located at a site remote from both the sender a nd the recipient.
9. A system according to claim 7 or claim 8 wherein the slave server is located at the same site as the sender.
E WO 2004/054189 PCT/IB2003/005864 J
10. A system according to any one of claims 7 to 9 wherein he slave . server is a dedicated secure mail server. .
11. A system according to any one of claims 7 to 9 wherein the slave server comprises an existing mail server running suitable secure mail software.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| ZA200505602A ZA200505602B (en) | 2002-12-12 | 2003-12-11 | Method and system for secure transmission of e-mail |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| ZA200210082 | 2002-12-12 | ||
| ZA200505602A ZA200505602B (en) | 2002-12-12 | 2003-12-11 | Method and system for secure transmission of e-mail |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| ZA200505602B true ZA200505602B (en) | 2006-09-27 |
Family
ID=38917761
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| ZA200505602A ZA200505602B (en) | 2002-12-12 | 2003-12-11 | Method and system for secure transmission of e-mail |
Country Status (1)
| Country | Link |
|---|---|
| ZA (1) | ZA200505602B (en) |
-
2003
- 2003-12-11 ZA ZA200505602A patent/ZA200505602B/en unknown
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101336437B (en) | A communication system for providing the delivery of e-mail message | |
| US7305545B2 (en) | Automated electronic messaging encryption system | |
| US7277549B2 (en) | System for implementing business processes using key server events | |
| US8266421B2 (en) | Private electronic information exchange | |
| US8156190B2 (en) | Generating PKI email accounts on a web-based email system | |
| US20020116508A1 (en) | Method for secure transmission and receipt of data over a computer network using biometrics | |
| US20020007453A1 (en) | Secured electronic mail system and method | |
| US20080065878A1 (en) | Method and system for encrypted message transmission | |
| US8145707B2 (en) | Sending digitally signed emails via a web-based email system | |
| US20080235766A1 (en) | Apparatus and method for document certification | |
| CA2518025A1 (en) | Secure e-mail messaging system | |
| JP2007505554A (en) | Message security | |
| US9531707B1 (en) | Convenient and secure biometrically authenticated system and method for delivering E-mail and parcels | |
| CA2638407A1 (en) | Method and system for delivering secure messages to a computer desktop | |
| US8352742B2 (en) | Receiving encrypted emails via a web-based email system | |
| US20050198165A1 (en) | Systems and methods for electronic information distribution | |
| WO2004054189A1 (en) | Method and system for secure transmission of e-mail | |
| WO2000046952A1 (en) | Method for sending secure email via standard browser | |
| US20060080533A1 (en) | System and method for providing e-mail verification | |
| JP2001042769A (en) | Communicating method for electronic data, repeating server and recording medium | |
| ZA200505602B (en) | Method and system for secure transmission of e-mail | |
| CA2390817A1 (en) | Method for the moderately secure transmission of electronic mail | |
| KR100432611B1 (en) | System for providing service to transmit and receive document based on e-mail system and method thereof | |
| KR20180134315A (en) | Method and apparatus for certified electronic mail | |
| JP2004362129A (en) | Email encryption distribution system and its method |