CA2529423A1 - Asynchronous tamper-proof tag for routing e-mails and e-mail attachments - Google Patents
Asynchronous tamper-proof tag for routing e-mails and e-mail attachments Download PDFInfo
- Publication number
- CA2529423A1 CA2529423A1 CA002529423A CA2529423A CA2529423A1 CA 2529423 A1 CA2529423 A1 CA 2529423A1 CA 002529423 A CA002529423 A CA 002529423A CA 2529423 A CA2529423 A CA 2529423A CA 2529423 A1 CA2529423 A1 CA 2529423A1
- Authority
- CA
- Canada
- Prior art keywords
- identification code
- computer
- electronic mail
- recipient
- mail message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/07—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail characterised by the inclusion of specific contents
- H04L51/08—Annexed information, e.g. attachments
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
- H04L67/63—Routing a service request depending on the request content or context
Abstract
A method of automatically processing e-mails wherein the e-mail is tagged by the sender with a unique identifier so that the e-mail can be automatically routed or filed. The unique identifier is encrypted to protect it from unauthorized tampering or decoding to avoid misidentification or fraudulent labelling of the e-mails.
Description
Asynchronous Tamper-Proof Tag for Routing E-Mails and E-Mail Attachments Technical Field [0001] This invention relates to the field of electronic mail ("e-mail") communication over computer networks, and more particularly to the automated routing and filing of e-mails and e-mail attach-meats.
Back_ or~und [0002] Currently when an e-mail is received by a receiving e-mail ac-count, the recipient can open the e-mail and view its contents.
The e-mail can then be saved to a file, re-routed by forwarding to another e-mail address, or deleted. Some systems, called Auto-mated Responders, exist which analyze the contents of the e-mail and automatically perform a task, such as an automated response to a question sent to a technical support line. In these cases, the e-mail may be filed, routed or deleted automatically by the Auto-mated Responder based on a pre-programmed set of rules that relate to the contents of the e-mail.
Back_ or~und [0002] Currently when an e-mail is received by a receiving e-mail ac-count, the recipient can open the e-mail and view its contents.
The e-mail can then be saved to a file, re-routed by forwarding to another e-mail address, or deleted. Some systems, called Auto-mated Responders, exist which analyze the contents of the e-mail and automatically perform a task, such as an automated response to a question sent to a technical support line. In these cases, the e-mail may be filed, routed or deleted automatically by the Auto-mated Responder based on a pre-programmed set of rules that relate to the contents of the e-mail.
[0003] US patents 6,732,101 Cook, 6,732,273 Byers and 5,509,000 Oberlander disclose systems in which e-mails are handled or routed according to certain rules or preferences. A problem with existing systems is that the e-mail being received must be filed or deleted based upon actions taken by the recipient, whether by a person, an expert system or a software component resident on the recipient's server. In the event that a person does the opening and filing process, labor costs are incurred and the potential for user error exists. In the event an expert system does the opening and filing, there is a high probability of error as most expert systems are prone to misinterpret the data in the e-mail. In some systems the sender must interact with a software tool on the recipient's server prior to sending the e-mail, which causes inconvenience or obstacles for the sender.
[0004] There is therefore a need for a system in which the e-mail can be composed by the sender asynchronously, without concurrently contacting the recipient, so that the e-mail can be automatically processed. It would be additionally useful if the system of identi-fying the e-mail for automatic routing or filing is impervious to tampering or decoding by unauthorized personnel, so that e-mails can be automatically filed with the certainty that they have not been misidentified or fraudulently labeled.
Summary of Invention [0005] The invention provides a method of automatically processing electronic mail messages sent from a sending computer to a recipient computer, the method comprising the steps of:
i) providing a public encryption key, and a corresponding private encryption key stored on a trusted server; ii) the sending com-puter receiving an identification code which determines how the electronic mail message will be automatically processed, wherein said identification code has been encrypted by said public key;
iii) the sending computer adding the encrypted identification code to an electronic mail message to form a tagged electronic mail message; iv) the sending computer forwarding the tagged elec-tropic mail message to the trusted server; v) the trusted server decrypting the encrypted identification code using the private key; vi) the trusted server forwarding the decrypted identification code and the electronic mail message to the recipient computer;
and vii) the recipient computer automatically processing the electronic mail message using the decrypted identification code.
Summary of Invention [0005] The invention provides a method of automatically processing electronic mail messages sent from a sending computer to a recipient computer, the method comprising the steps of:
i) providing a public encryption key, and a corresponding private encryption key stored on a trusted server; ii) the sending com-puter receiving an identification code which determines how the electronic mail message will be automatically processed, wherein said identification code has been encrypted by said public key;
iii) the sending computer adding the encrypted identification code to an electronic mail message to form a tagged electronic mail message; iv) the sending computer forwarding the tagged elec-tropic mail message to the trusted server; v) the trusted server decrypting the encrypted identification code using the private key; vi) the trusted server forwarding the decrypted identification code and the electronic mail message to the recipient computer;
and vii) the recipient computer automatically processing the electronic mail message using the decrypted identification code.
[0006] The invention further provides a data processing system for carrying out the foregoing method.
Brief Description of Drawings [0007] In drawings which illustrate a preferred embodiment of the inven-tion:
Brief Description of Drawings [0007] In drawings which illustrate a preferred embodiment of the inven-tion:
[0008] Fig. 1 is a schematic chart illustrating the system of the invention.
[0009] Fig. 2 is a flowchart illustrating Public/Private Key Encryption.
[00010] Fig. 3 is a flowchart illustrating the method of the invention.
[00011] Fig. 4 is a flowchart illustrating the method of the invention.
Description [00012] Throughout the following description, specific details are set forth in order to provide a more thorough understanding of the invention.
However, the invention may be practiced without these particulars.
In other instances, well known elements have not been shown or des-cribed in detail to avoid unnecessarily obscuring the invention.
Accordingly, the specification and drawings are to be regarded in an illustrative, rather than a restrictive, sense.
Description [00012] Throughout the following description, specific details are set forth in order to provide a more thorough understanding of the invention.
However, the invention may be practiced without these particulars.
In other instances, well known elements have not been shown or des-cribed in detail to avoid unnecessarily obscuring the invention.
Accordingly, the specification and drawings are to be regarded in an illustrative, rather than a restrictive, sense.
[00013] The following is an explanation of the meaning of certain terms used in this disclosure. E-mails use a protocol called SMTP to travel across the Internet. The addressing of e-mails operates on the basis that each server has an address (the portion of the e-mail address following the "@") and each e-mail account on the server has a name (the portion of the e-mail address preceding the "@"). For example, an e-mail sent to service@i-fax.com is destined to be transmitted to a server called "i-fax.com" and an e-mail account called "service".
[00014] E-mail messages are comprised of several elements, including:
[00015] Message Header: This section of the e-mail contains vital informa-tion that is used by the SMTP protocol on the Internet to route the e-mail to its destination and to identify other vital elements including the sender's identity.
[00016] Subject Line: The subject line of an e-mail contains information entered by the sender that generally relates to the e-mail's content.
[00017] Body: The "body" of the e-mail is the text portion of the e-mail generally composed by the sender, but can also contain content from a third party (e.g. in cases where the sender is forwarding an e-mail that was received from a third party).
[00018] Attachment(s): Other files, such as Microsoft Word 'm files or Excef~" spreadsheets, can also be attached to an e-mail.
[00019] With reference to Fig. 1, the system of the invention allows a sender 14 of an e-mail to compose the e-mail asynchronously, without concurrently contacting the recipient 12, so that the e-mail can be automatically filed or routed, wherein the system of identifying the e-mail routing or filing is protected from tampering or decoding by unauthorized personnel, so that e-mails can be automatically filed without unauthorized misidentification or fraudulent labeling. The system of the invention allows the sender to identify the nature of an e-mail that is about to be sent to the recipient 12 using a coding scheme agreed to by the sender and recipient in advance. The system generates a tamper-proof character string which contains the unique identifier or "tag" agreed to by the sender and receiver in advance, by encoding the unique identifier or tag using public key encryption.
Using this system, a sender can direct e-mails and e-mail attachments directly to a recipient's filing system or workflow management system.
Using this system, a sender can direct e-mails and e-mail attachments directly to a recipient's filing system or workflow management system.
[00020] The software tool which generates the encoded identifier may reside on the sender's computer, or on a third party webserver or computer, or on the recipient's webserver or computer. The system of the invention preferably uses Public/Private Key Encryption ("PKI"), as illustrated in Fig. 1 and 2.
Distribution of Public and Private Encryption Keys [00021] To facilitate the use of Public/Private Key Encryption, the system establishes a Certification Authority 10 capable of generating asym-metric encryption key pairs. Each e-mail recipient 12 must have a Public and Private Encryption Key Pair assigned by the Certification Authority central server 10. The Private Key is retained by the central server 10, also referred to as the "trusted server" since the Private Key is secure from unauthorized access, and the Public Key is distributed to the e-mail recipients 12, also referred to herein as the "clients". For the purpose of this example, a 1024 bit RSA key generation process is used. An RSA key pair is generated for each client 12. In the example below, the key pair is called "test-private key" and "test-public key":
Example of Private Key:
MIICXAIBAAKBgQCyg5z/IdfU2dKoEm2zpDdHb3M7Jdy9p+ncsUhR4NFmd55uK8Kf afLs005588HezksnMHw6Venk4ajia1U21zfZuuPX59segwEFdHCgSiEROMHC2fVW
lBzlktidc+314olOkEVFBx92WPOLX7VKZnAurMbyWnYNIAmKNH30vDmZrwIDAQAB
AoGAJ8S6TPw1I04Fx/uTBNoolnllqk+dBYNKzieQfOOguTsanFKTYQAxZf6o4fIz lncOtwROKJDLMnozLX3LIgWKIlADDu4/ziOWt1R08gE95YzDg/LNHnk3wrYmNuZs GJyltL6xJ6wOQLUKF6LTQvsaBl4pKhj1/wZliwMXfLBNUcECQQDZ7vI0NcyKEOzC
pAAkdubirG2Gx5Y0+Y/pSTBtQLpIJ7NNkmyt/a45b2kXcBRFTMAjAJpLG6091XBj kBJYEHDtAkEAObIBUBLMF262cnX21nJcHplleif61X12PhgavoXo/F/6alFuRvfB
GVYA4Yn78cc6fkNSISNJNIVSMfRU5QINiwJBAJx+hnRRcahvUOTQSb3ImBSLxzay mb0+vEXEJbB+bNr4sDvy+pHSia55TFj1RdkhrRMlepaWqXVHEKaeLV4JqFOCQB41 pOapzSmSQwWlq/PpMRE9IsSTJtWDGhLHSGEHw301Fz1dw6rOR5Cq6qmCOvSBngk1 CJ2X2xjXbV+9Ls9WzQOCQBoK8kcmkqVFdKLHdmBWYPPpSOzuzSLsoD4G9tJ32bnI
VD9ooas+TD2sWIvyl5TPc965gyVKJrilILhMaeWxHZU=
-----END RSA PRIVATE KEY-----Example of Public Key:
-----BEGIN PUBLIC KEY-----MIGfMAOGCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCygSz/IdfU2dKoEm2zpDdHb3M7 Jdy9p+ncsUhR4NFmd55uK8KfafLs005588HezksnMHw6Venk4ajialU2lzfZuuPX
59segwEFdHCgSiEROMHC2fVWlBzlktidc+314olOkEvFBx92WPOLX7VKZnAurMby WnYNIAmKNH30vDmZrwIDAQAB
-----END PUBLIC KEY-----[00022] As illustrated in Fig. 2, the Public Key is transmitted to the client in .pem format. ".pem" format is a standard key format which uses base64 encoding, so it will not fail in a 7-bit transfer to the client.
The client 12 must then save the Public Key on its web server 20 that will be used to generate e-mail tags. The Private Key is retained on the central server 10 and is used to decrypt incoming e-mails 16.
Distribution of Public and Private Encryption Keys [00021] To facilitate the use of Public/Private Key Encryption, the system establishes a Certification Authority 10 capable of generating asym-metric encryption key pairs. Each e-mail recipient 12 must have a Public and Private Encryption Key Pair assigned by the Certification Authority central server 10. The Private Key is retained by the central server 10, also referred to as the "trusted server" since the Private Key is secure from unauthorized access, and the Public Key is distributed to the e-mail recipients 12, also referred to herein as the "clients". For the purpose of this example, a 1024 bit RSA key generation process is used. An RSA key pair is generated for each client 12. In the example below, the key pair is called "test-private key" and "test-public key":
Example of Private Key:
MIICXAIBAAKBgQCyg5z/IdfU2dKoEm2zpDdHb3M7Jdy9p+ncsUhR4NFmd55uK8Kf afLs005588HezksnMHw6Venk4ajia1U21zfZuuPX59segwEFdHCgSiEROMHC2fVW
lBzlktidc+314olOkEVFBx92WPOLX7VKZnAurMbyWnYNIAmKNH30vDmZrwIDAQAB
AoGAJ8S6TPw1I04Fx/uTBNoolnllqk+dBYNKzieQfOOguTsanFKTYQAxZf6o4fIz lncOtwROKJDLMnozLX3LIgWKIlADDu4/ziOWt1R08gE95YzDg/LNHnk3wrYmNuZs GJyltL6xJ6wOQLUKF6LTQvsaBl4pKhj1/wZliwMXfLBNUcECQQDZ7vI0NcyKEOzC
pAAkdubirG2Gx5Y0+Y/pSTBtQLpIJ7NNkmyt/a45b2kXcBRFTMAjAJpLG6091XBj kBJYEHDtAkEAObIBUBLMF262cnX21nJcHplleif61X12PhgavoXo/F/6alFuRvfB
GVYA4Yn78cc6fkNSISNJNIVSMfRU5QINiwJBAJx+hnRRcahvUOTQSb3ImBSLxzay mb0+vEXEJbB+bNr4sDvy+pHSia55TFj1RdkhrRMlepaWqXVHEKaeLV4JqFOCQB41 pOapzSmSQwWlq/PpMRE9IsSTJtWDGhLHSGEHw301Fz1dw6rOR5Cq6qmCOvSBngk1 CJ2X2xjXbV+9Ls9WzQOCQBoK8kcmkqVFdKLHdmBWYPPpSOzuzSLsoD4G9tJ32bnI
VD9ooas+TD2sWIvyl5TPc965gyVKJrilILhMaeWxHZU=
-----END RSA PRIVATE KEY-----Example of Public Key:
-----BEGIN PUBLIC KEY-----MIGfMAOGCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCygSz/IdfU2dKoEm2zpDdHb3M7 Jdy9p+ncsUhR4NFmd55uK8KfafLs005588HezksnMHw6Venk4ajialU2lzfZuuPX
59segwEFdHCgSiEROMHC2fVWlBzlktidc+314olOkEvFBx92WPOLX7VKZnAurMby WnYNIAmKNH30vDmZrwIDAQAB
-----END PUBLIC KEY-----[00022] As illustrated in Fig. 2, the Public Key is transmitted to the client in .pem format. ".pem" format is a standard key format which uses base64 encoding, so it will not fail in a 7-bit transfer to the client.
The client 12 must then save the Public Key on its web server 20 that will be used to generate e-mail tags. The Private Key is retained on the central server 10 and is used to decrypt incoming e-mails 16.
[00023] The process for asynchronously generating an encrypted tag in an e-mail is illustrated in Fig. 3. The end user 14 can tag an e-mail by visiting the client's website 12, producing a tag and placing the tag in the e-mail. The task of producing a tag can be performed in a number of ways. The following are examples of two methods.
[00024] First, the end user 14 can visit the client 12 website, enter a value to be represented in the tag and then click on a link on the client's -website causing the end user's e-mail program to automatically launch with the tag embedded in the Subject Line of the e-mail.
[00025] Alternatively end user 14 can visit the client's website 12, enter a value to be represented in the tag and click on a link on the client's website 12 causing the tag to display on the end user's screen. The end user can then copy the tag using his/her browser and paste the tag into the e-mail.
[00026] In both of these cases, the technique for generating the tag is the same. The value to be represented in the tag is provided by the end user 14. The value's content depends on the application in question.
The value can be an Account Number, a File Number or some other form of identifier. The value can be provided by the end user 14 or be generated by some other process related to the client's application.
The process of providing this "tag value" is completely unrelated to the central server 10 and is performed without any foreknowledge of its content, hence it is asynchronous.
Example Value: 9876543210 [00027] The tag value is then input into a computer program that resides on the client's server 12 or on a server controlled by the client. This server must have: a) a copy of the Public Key provided by the central server 10; b) a software package, herein called a "plug-in", that can take the tag value and the Public Key as input and output an en-crypted version of the value.
The value can be an Account Number, a File Number or some other form of identifier. The value can be provided by the end user 14 or be generated by some other process related to the client's application.
The process of providing this "tag value" is completely unrelated to the central server 10 and is performed without any foreknowledge of its content, hence it is asynchronous.
Example Value: 9876543210 [00027] The tag value is then input into a computer program that resides on the client's server 12 or on a server controlled by the client. This server must have: a) a copy of the Public Key provided by the central server 10; b) a software package, herein called a "plug-in", that can take the tag value and the Public Key as input and output an en-crypted version of the value.
[00028] The following is an example of a command line input in the Perl software language (where the command is called ifaxudt.pl):
ifaxudt.pl public key.pem "9876543210"
_ g _ Additionally, the encoded tag should be identified by a delimiter, such as:
%encoded value%
ifaxudt.pl public key.pem "9876543210"
_ g _ Additionally, the encoded tag should be identified by a delimiter, such as:
%encoded value%
[00029] The following is an example of the encrypted output produced by the '.plug-in~. ;
Example Encrypted Tag:
l0 ooSG/RsYVmySHcFmlFsq92hOtQYlWkpqC95JF4puTV72d7hFVPBAYhaoO/dFlDwIOa n4ChAuoCeDTQhiBfMuAOdTGu6+Ay11oX4hgYHu1/TdNs9C70REDkOFS/RwyFe00g DGx6WtINXPNI8HhpA0yBAu0tadsgOsQ9abgXdJHj/m8=°s [00030] The tag is then inserted into the e-mail. This can be performed: a) automatically by a software program designed to launch the end user's e-mail application with the tag embedded in the Subject Line;
b) manually by the end user who copies the tag from the client's server into the e-mail; or c) by a software tool designed to place the tag into the e-mail.
Example Encrypted Tag:
l0 ooSG/RsYVmySHcFmlFsq92hOtQYlWkpqC95JF4puTV72d7hFVPBAYhaoO/dFlDwIOa n4ChAuoCeDTQhiBfMuAOdTGu6+Ay11oX4hgYHu1/TdNs9C70REDkOFS/RwyFe00g DGx6WtINXPNI8HhpA0yBAu0tadsgOsQ9abgXdJHj/m8=°s [00030] The tag is then inserted into the e-mail. This can be performed: a) automatically by a software program designed to launch the end user's e-mail application with the tag embedded in the Subject Line;
b) manually by the end user who copies the tag from the client's server into the e-mail; or c) by a software tool designed to place the tag into the e-mail.
[00031] While in Fig. 1 the encrypted tag is shown as generated by the recipient 12 server, this tag could also have been generated by a Third Party Server or the End User's Server, if these servers were trusted servers possessing copies of the Public Key.
[00032] The sender can then send the e-mail with the encrypted tag in the e-mail, contained within the Subject Line, Body or Attachments in the e-mail. The invention then allows a server connected to the Internet to: a) receive the tagged e-mail; b) decode the encrypted tag using the private encryption key; and c) identify the e-mail by reading the contents of the tag.
[00033] The process of sending and processing a tagged e-mail is illustrated in Fig. 4. When an end user 14 sends a tagged e-mail, he/she sends the e-mail to an e-mail address on the Central Server 10. The Central Server 10 receives the e-mail and a copy of the Private Key is used to decrypt the e-mail tag. The encrypted e-mail tag is located and decrypted. When a tagged e-mail is received by the central server 10, the e-mail is opened and the encrypted tag is located based on the existence of the delimiters found at the beginning of the tag "%%" and the delimiter found at the end of the tag "%". Once the contents of the tag are located between the delimiters (e.g. %%en crypted value%), the tag is extracted and decrypted.
[00034] The following is an example of a command using Open SSL with the RSA private key where the terms "encrypted tag" and "decrypted tag" refer to the input of the encrypted tag found in the e-mail and the decrypted output produced by the system:
openssl rsautl -decrypt -inkey private-key.pem -in encrypted tag -out decrypted tag Once the tag value is decrypted, the system then saves the E-mail Subject Line, Body and Attachments using the "tag value" in the file names.
openssl rsautl -decrypt -inkey private-key.pem -in encrypted tag -out decrypted tag Once the tag value is decrypted, the system then saves the E-mail Subject Line, Body and Attachments using the "tag value" in the file names.
[00035] The routing or saving of the tagged e-mail content is carried out as follows. When the central server 10 has received the tagged e-mail 16, has decrypted the encrypted tag and saved the e-mail's content under the tag value, the e-mail's content can then be processed in various ways based upon the contents of the tag and the requirements of the e-mail recipient 12. In the preferred embodiment of the invention, the e-mail's contents are divided into its component parts:
1. The E-Mail Subject Line and the Body are saved in a text Ele (with a .txt extension) and named with the "tag value" (e.g.
tag value.txt), hence forth called the "E-Mail Text File".
2. The Attachments are renamed with the "tag value" as a prefix to the attachment's original name (e.g. if the Attachment was named "document.doc" the resulting file is called "tag value document.doc"), henceforth called the "E-Mail Attach-ment File".
1. The E-Mail Subject Line and the Body are saved in a text Ele (with a .txt extension) and named with the "tag value" (e.g.
tag value.txt), hence forth called the "E-Mail Text File".
2. The Attachments are renamed with the "tag value" as a prefix to the attachment's original name (e.g. if the Attachment was named "document.doc" the resulting file is called "tag value document.doc"), henceforth called the "E-Mail Attach-ment File".
[00036] Then the E-Mail Text File and the E-Mail Attachment File are sent to the client's server using a transport layer encryption, such as Secure FTP or SSH. Clients receiving these files can then perform a number of functions based upon the contents of the tag value. For example:
1. The E-Mail Text and Attachment Files can be saved in a database associated with other relevant information.
2. The E-Mail Text and Attachment Files can be routed to the atten-tion of relevant personnel, based on the information in the tag and a set of rules predetermined by the client.
3. The E-Mail Text and Attachment Files can cause processes to launch in the memory of the client's server or in the client's business, e.g. the arrival of a specific document could start the processing of an insurance claim.
1. The E-Mail Text and Attachment Files can be saved in a database associated with other relevant information.
2. The E-Mail Text and Attachment Files can be routed to the atten-tion of relevant personnel, based on the information in the tag and a set of rules predetermined by the client.
3. The E-Mail Text and Attachment Files can cause processes to launch in the memory of the client's server or in the client's business, e.g. the arrival of a specific document could start the processing of an insurance claim.
[00037] In operation of the invention in practice, clients 12 will be registered to receive e-mails via the system. Typically these clients will be companies that receive large volumes of e-mails related to speciEc business transactions. The operator of the system will typically act as the Certification Authority 10 and will issue a Public Key for use by all end users 14 sending e-mails to the clients 12. The Certi~ca-tion Authority 10 will retain the Private Key on the central server.
All e-mails sent to the clients 12 via this system will pass through the central server of the Certification Authority 10 and be scanned for the existence of the e-mail tag 18. Tags will be decoded using the Private Key held on file by the Certification Authority 10 on the central server. The contents of the e-mail 18 will then be decons-tructed, so that the Subject Line and Body will be placed in a text file named with the value in the tag and the e-mail attachments will be re-named with the value in the tag as a suffix to the original names assigned by the sender. The text file containing the Subject Line and Body and the Attachments will then be sent to the client's computer using FTP or Secure FTP. When the client 12 has received the files from the central server 10, the client can then use the information contained within the tag to process the e-mail contents automatically.
All e-mails sent to the clients 12 via this system will pass through the central server of the Certification Authority 10 and be scanned for the existence of the e-mail tag 18. Tags will be decoded using the Private Key held on file by the Certification Authority 10 on the central server. The contents of the e-mail 18 will then be decons-tructed, so that the Subject Line and Body will be placed in a text file named with the value in the tag and the e-mail attachments will be re-named with the value in the tag as a suffix to the original names assigned by the sender. The text file containing the Subject Line and Body and the Attachments will then be sent to the client's computer using FTP or Secure FTP. When the client 12 has received the files from the central server 10, the client can then use the information contained within the tag to process the e-mail contents automatically.
[00038] The tagging of e-mails by a sender 14 can be used in many ways:
1. To ensure an audit trail for e-mails. For example, e-mails being sent to a government department could be tagged by the sender to ensure that the e-mail is logged against a particular matter (e.g. an IRS audit).
2. To facilitate the archival of e-mails. For example, during drug trials, participants and the drug company exchange information related to aspects of the trial. These interactions must be logged and available for an audit by the supervising agency (e.g. the FDA).
3. To gather information about an on-line transaction that is comes from a third party. For example, a title insurance company may require supporting information to complete a property transaction.
An e-mail from a buyer's insurance company could be sent with the tag, so that the e-mail automatically affixes to the correct transaction.
4. To facilitate the gathering of information. For example, an auditor could send tagged e-mails with questions to persons participating in the audit. When responses are sent to the e-mails, the system could capture and archive the answers as part of the audit process.
1. To ensure an audit trail for e-mails. For example, e-mails being sent to a government department could be tagged by the sender to ensure that the e-mail is logged against a particular matter (e.g. an IRS audit).
2. To facilitate the archival of e-mails. For example, during drug trials, participants and the drug company exchange information related to aspects of the trial. These interactions must be logged and available for an audit by the supervising agency (e.g. the FDA).
3. To gather information about an on-line transaction that is comes from a third party. For example, a title insurance company may require supporting information to complete a property transaction.
An e-mail from a buyer's insurance company could be sent with the tag, so that the e-mail automatically affixes to the correct transaction.
4. To facilitate the gathering of information. For example, an auditor could send tagged e-mails with questions to persons participating in the audit. When responses are sent to the e-mails, the system could capture and archive the answers as part of the audit process.
[00039] There are many tools on the market for the Encryption of E-Mails and their content. Protocols like S/MIME allow the contents of an e-mail to be encrypted. Protocols like TLS (Transport Layer Security) use Secure Socket Layer (SSL) to encrypt the e-mail while in transit between two e-mail servers. The invention described here does not relate to the "transport" encryption of the e-mail or the encryption of the "contents". The invention described herein can operate with or without S/MIME or TLS, as the invention described here deals with the encryption of the identification of the e-mail content, not with the encryption of the e-mail content itself.
[00040] Thus the present invention provides a method of receiving and filing an e-mail wherein the e-mail is tagged with a unique identifier by the sender asynchronously, without concurrently contacting the recipi-ent's server, so that the e-mail can be automatically filed a) without human intervention; b) without the prospect of human or machine error; and c) without the requirement for prior contact with the recipient's server. Further the tag is protected from tampering or decoding by unauthorized personnel, so that e-mails that are tagged can be filed with the comfort that they have not been misidentified or fraudulently labeled.
[00041 ] A user can therefore encode an e-mail tag asynchronously, without communicating with the client's server to encode the e-mail. The encoded e-mail tag cannot be read by a hacker as it is encoded using PKI, so the filing scheme used by the client can remain secret even when the e-mail is sent over the public Internet. The client can take comfort that only authorized e-mails are processed automatically. E-mails and attachments can be FTPed directly to a client's workflow process without human intervention and with the certainty of know-ing that the e-mail tag is valid. Clients' Private Key will remain secure. Only the Certifying Authority 10 can decode the tag. Users who send an e-mail can access the tagging software, which is a stand-alone software tool, in many ways, including a Browser Plug-In on their desktop or a Server Plug-In on a third party's server.
[00042] As will be apparent to those skilled in the art in the light of the foregoing disclosure, many alterations and modifications are possible in the practice of this invention without departing from the spirit or scope thereof. Accordingly, the scope of the invention is to be construed in accordance with the substance defined by the following claims.
[00041 ] A user can therefore encode an e-mail tag asynchronously, without communicating with the client's server to encode the e-mail. The encoded e-mail tag cannot be read by a hacker as it is encoded using PKI, so the filing scheme used by the client can remain secret even when the e-mail is sent over the public Internet. The client can take comfort that only authorized e-mails are processed automatically. E-mails and attachments can be FTPed directly to a client's workflow process without human intervention and with the certainty of know-ing that the e-mail tag is valid. Clients' Private Key will remain secure. Only the Certifying Authority 10 can decode the tag. Users who send an e-mail can access the tagging software, which is a stand-alone software tool, in many ways, including a Browser Plug-In on their desktop or a Server Plug-In on a third party's server.
[00042] As will be apparent to those skilled in the art in the light of the foregoing disclosure, many alterations and modifications are possible in the practice of this invention without departing from the spirit or scope thereof. Accordingly, the scope of the invention is to be construed in accordance with the substance defined by the following claims.
Claims (17)
1. A method of automatically processing electronic mail messages sent from a sending computer to a recipient computer, the method comprising the steps of:
i) providing a public encryption key, and a corresponding private encryption key stored on a trusted server;
ii) said sending computer receiving an identification code which determines how the electronic mail message will be automatically processed by said receiving computer, wherein said identification code has been encrypted by said public key;
iii) said sending computer adding said encrypted identification code to an electronic mail message to form a tagged electronic mail mes-~
sage;
iv) said sending computer forwarding said tagged electronic mail message to said trusted server;
v) said trusted server decrypting said encrypted identification code using said private key;
vi) said trusted server forwarding said decrypted identification code and said electronic mail message to said recipient computer; and vii) said recipient computer automatically processing said electronic mail message using said decrypted identification code.
i) providing a public encryption key, and a corresponding private encryption key stored on a trusted server;
ii) said sending computer receiving an identification code which determines how the electronic mail message will be automatically processed by said receiving computer, wherein said identification code has been encrypted by said public key;
iii) said sending computer adding said encrypted identification code to an electronic mail message to form a tagged electronic mail mes-~
sage;
iv) said sending computer forwarding said tagged electronic mail message to said trusted server;
v) said trusted server decrypting said encrypted identification code using said private key;
vi) said trusted server forwarding said decrypted identification code and said electronic mail message to said recipient computer; and vii) said recipient computer automatically processing said electronic mail message using said decrypted identification code.
2. A method according to claim 1 wherein said sending computer receives said identification code prior to composing and sending said electronic mail mes-sage.
3. A method according to claim 1 wherein said sending computer receives said identification code by visiting a website associated with said recipient com-puter, entering a value representative of how the electronic message is to be processed by said recipient computer, and receiving an encrypted identification code.
4. A method according to claim 1 wherein said sending computer receives said identification code by visiting a website associated with said recipient com-puter, entering a value representative of how the message is to be processed by said recipient computer, and then causing said sending computer's electronic mail program to launch with said identification code embedded in the elec-tronic mail message.
5. A method according to claim 1 wherein said sending computer receives said identification code by by visiting a website associated with said recipient computer, entering a value representative of how the electronic message is to be processed by said recipient computer, causing said identification code to display on said sending computer's screen, and then copying and pasting said identification code into the electronic mail message.
6. A method according to claim 1 wherein said sending computer receives said encrypted identification code by visiting a website associated with said recipi-ent computer, entering a value to be represented in said encrypted identification code and causing an e-mail program to launch with said encrypted identifica-tion code embedded in the subject line of the electronic mail message.
7. A method according to claim 1 wherein said sending computer receives said encrypted identification code by visiting a website associated with said recipi-ent computer, entering a value to be represented in said encrypted identification code, causing said encrypted identification code to display on the sending computer's screen, said sending computer then copying and pasting said encrypted identification code into the electronic mail message.
8. A method according to claim 1 wherein said encrypted identification code is provided with pre-determined delimiters for identifying said encrypted identification code.
9. A method according to claim 1 wherein said public key is stored on said recipient computer.
10. A method according to claim 1 wherein said recipient computer comprises a recipient web server and said public key is stored on said recipient's web server.
11. A method according to claim 8 wherein said trusted server decrypts said encrypted identification code using said private key by locating said encrypted identification code based on the location of said delimiters, extracting and decrypting said encrypted identification code.
12. A method according to claim 1 wherein said trusted server forwards said decrypted identification code and said electronic mail message to said recipient computer by saving the e-mail's content in files associated with the decrypted identification code and forwarding said files to said recipient computer.
13. A method according to claim 1 wherein said trusted server forwards said decrypted identification code and said electronic mail message to said recipient computer by dividing said electronic mail message into its component parts and saving such component parts in files associated with the decrypted identifica-tion code and forwarding said files to said recipient computer.
14. A method according to claim 13 wherein said component parts comprise the electronic mail message subject line and body and attachments.
15. A method according to claim 14 wherein said files associated with the decrypted identification code comprise an electronic mail text file and an electronic mail attachment file.
16. A data processing system for automatically processing electronic mail messages sent from a sending computer to a receiving computer, said data processing system comprising:
i) a digitally-communicative network comprising said sending and receiving computers and a trusted server, said receiving computer comprising memory means for storing a public encryption key, and said trusted server comprising memory means for storing a corre-sponding private encryption key;
ii) means associated with said receiving computer for receiving an identification code from said sending computer which determines how the electronic mail message will be automatically processed by said receiving computer and encrypting said identification code with said public key;
iii) means in said sending computer for receiving an encrypted identification code and adding said encrypted identification code to an electronic mail message to form a tagged electronic mail message;
iv) means in said sending computer for forwarding said tagged electronic mail message to said trusted server;
v) means in said trusted server for decrypting said encrypted identifi-cation code using said private key;
vi) means in said trusted server for forwarding said decrypted identi-fication code and said electronic mail message to said recipient computer; and vii) means in said recipient computer for automatically processing said electronic mail message using said decrypted identification code.
i) a digitally-communicative network comprising said sending and receiving computers and a trusted server, said receiving computer comprising memory means for storing a public encryption key, and said trusted server comprising memory means for storing a corre-sponding private encryption key;
ii) means associated with said receiving computer for receiving an identification code from said sending computer which determines how the electronic mail message will be automatically processed by said receiving computer and encrypting said identification code with said public key;
iii) means in said sending computer for receiving an encrypted identification code and adding said encrypted identification code to an electronic mail message to form a tagged electronic mail message;
iv) means in said sending computer for forwarding said tagged electronic mail message to said trusted server;
v) means in said trusted server for decrypting said encrypted identifi-cation code using said private key;
vi) means in said trusted server for forwarding said decrypted identi-fication code and said electronic mail message to said recipient computer; and vii) means in said recipient computer for automatically processing said electronic mail message using said decrypted identification code.
17. A data processing system according to claim 16 wherein said recipient computer comprises a recipient web server and said public key is stored on said recipient's web server.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US11/030870 | 2005-01-10 | ||
| US11/030,870 US7730139B2 (en) | 2005-01-10 | 2005-01-10 | Asynchronous tamper-proof tag for routing e-mails and e-mail attachments |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CA2529423A1 true CA2529423A1 (en) | 2006-07-10 |
Family
ID=36676929
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA002529423A Abandoned CA2529423A1 (en) | 2005-01-10 | 2005-12-07 | Asynchronous tamper-proof tag for routing e-mails and e-mail attachments |
Country Status (2)
| Country | Link |
|---|---|
| US (1) | US7730139B2 (en) |
| CA (1) | CA2529423A1 (en) |
Families Citing this family (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE69940281D1 (en) * | 1998-07-22 | 2009-02-26 | Panasonic Corp | Digital data recording apparatus and method for copyright protection and for easier reproduction of encrypted data and computer readable recording medium for program recording |
| US7617190B2 (en) * | 2005-11-29 | 2009-11-10 | Microsoft Corporation | Data feeds for management systems |
| US7912933B2 (en) * | 2005-11-29 | 2011-03-22 | Microsoft Corporation | Tags for management systems |
| US20070168432A1 (en) * | 2006-01-17 | 2007-07-19 | Cibernet Corporation | Use of service identifiers to authenticate the originator of an electronic message |
| US8171540B2 (en) * | 2007-06-08 | 2012-05-01 | Titus, Inc. | Method and system for E-mail management of E-mail having embedded classification metadata |
| US20090158035A1 (en) * | 2007-12-13 | 2009-06-18 | Stultz John G | Public Key Encryption For Web Browsers |
| US8843568B2 (en) | 2010-05-17 | 2014-09-23 | Microsoft Corporation | Email tags |
| US20120323775A1 (en) * | 2011-06-14 | 2012-12-20 | Bank Of America | Enhanced searchability of fields associated with online billpay memo data |
| US20120331074A1 (en) * | 2011-06-24 | 2012-12-27 | iPost | Trusted Electronic Communications |
| US9531707B1 (en) * | 2012-11-21 | 2016-12-27 | Isaac S. Daniel | Convenient and secure biometrically authenticated system and method for delivering E-mail and parcels |
| US9191345B2 (en) * | 2013-06-26 | 2015-11-17 | Timyo Holdings, Inc. | Method and system for exchanging emails |
| US10263927B2 (en) | 2015-12-08 | 2019-04-16 | International Business Machines Corporation | Decluttering general communication message for specific audience |
| US9578122B1 (en) * | 2015-12-08 | 2017-02-21 | International Business Machines Corporation | Communicating an E-mail from a sender to a plurality of recipients |
| US20180063282A1 (en) * | 2016-08-29 | 2018-03-01 | Lenovo Enterprise Solutions (Singapore) Pte. Ltd. | Generating automatic responses to requests for information |
Family Cites Families (29)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5509000A (en) | 1994-06-10 | 1996-04-16 | Motorola, Inc. | Method and apparatus for routing information in a communication system |
| US6044154A (en) * | 1994-10-31 | 2000-03-28 | Communications Devices, Inc. | Remote generated, device identifier key for use with a dual-key reflexive encryption security system |
| US5958005A (en) * | 1997-07-17 | 1999-09-28 | Bell Atlantic Network Services, Inc. | Electronic mail security |
| US5999967A (en) | 1997-08-17 | 1999-12-07 | Sundsted; Todd | Electronic mail filtering by electronic stamp |
| US6564320B1 (en) * | 1998-06-30 | 2003-05-13 | Verisign, Inc. | Local hosting of digital certificate services |
| US6732273B1 (en) | 1998-10-21 | 2004-05-04 | Lucent Technologies Inc. | Priority and security coding system for electronic mail messages |
| GB2343529B (en) * | 1998-11-07 | 2003-06-11 | Ibm | Filtering incoming e-mail |
| US6249807B1 (en) * | 1998-11-17 | 2001-06-19 | Kana Communications, Inc. | Method and apparatus for performing enterprise email management |
| US6760752B1 (en) * | 1999-06-28 | 2004-07-06 | Zix Corporation | Secure transmission system |
| US6640301B1 (en) | 1999-07-08 | 2003-10-28 | David Way Ng | Third-party e-mail authentication service provider using checksum and unknown pad characters with removal of quotation indents |
| US7058683B1 (en) * | 1999-07-20 | 2006-06-06 | Sun Microsystems, Inc. | Methods and apparatus for providing a virtual host in electronic messaging servers |
| US7149893B1 (en) * | 1999-09-07 | 2006-12-12 | Poofaway.Com, Inc. | System and method for enabling the originator of an electronic mail message to preset an expiration time, date, and/or event, and to control processing or handling by a recipient |
| JP2001308841A (en) * | 2000-04-21 | 2001-11-02 | Sony Corp | Device and method for transmission, device and method for reception, and system and method for transmission and reception |
| US20020007453A1 (en) * | 2000-05-23 | 2002-01-17 | Nemovicher C. Kerry | Secured electronic mail system and method |
| US6732101B1 (en) * | 2000-06-15 | 2004-05-04 | Zix Corporation | Secure message forwarding system detecting user's preferences including security preferences |
| US7082536B2 (en) * | 2000-11-13 | 2006-07-25 | Globalcerts, Lc | System and method for computerized global messaging encryption |
| US20020091782A1 (en) * | 2001-01-09 | 2002-07-11 | Benninghoff Charles F. | Method for certifying and unifying delivery of electronic packages |
| JP2002222151A (en) * | 2001-01-25 | 2002-08-09 | Murata Mach Ltd | Method and device for transmitting electronic mail |
| US7146009B2 (en) * | 2002-02-05 | 2006-12-05 | Surety, Llc | Secure electronic messaging system requiring key retrieval for deriving decryption keys |
| US8117263B2 (en) * | 2002-06-07 | 2012-02-14 | At&T Intellectual Property I, L.P. | Systems and methods for delivering time sensitive messages over a distributed network |
| TW576984B (en) * | 2002-07-19 | 2004-02-21 | Jen-Hwang Weng | On-line web page editing system and method |
| US7660989B2 (en) * | 2002-11-26 | 2010-02-09 | Rpost International Limited | System for, and method of, authenticating an electronic message to a recipient |
| US7172120B2 (en) * | 2002-12-10 | 2007-02-06 | Carekey, Inc. | Method of and system for entering physical records into an electronic data store |
| US7269731B2 (en) * | 2003-01-29 | 2007-09-11 | Hewlett-Packard Development Company, L.P. | Message authorization system and method |
| US7017181B2 (en) * | 2003-06-25 | 2006-03-21 | Voltage Security, Inc. | Identity-based-encryption messaging system with public parameter host servers |
| US7266847B2 (en) * | 2003-09-25 | 2007-09-04 | Voltage Security, Inc. | Secure message system with remote decryption service |
| DE60322917D1 (en) * | 2003-11-26 | 2008-09-25 | Totemo Ag | Method and device for encryption of electronic mail |
| US7774411B2 (en) * | 2003-12-12 | 2010-08-10 | Wisys Technology Foundation, Inc. | Secure electronic message transport protocol |
| US20050198173A1 (en) * | 2004-01-02 | 2005-09-08 | Evans Alexander W. | System and method for controlling receipt of electronic messages |
-
2005
- 2005-01-10 US US11/030,870 patent/US7730139B2/en not_active Expired - Fee Related
- 2005-12-07 CA CA002529423A patent/CA2529423A1/en not_active Abandoned
Also Published As
| Publication number | Publication date |
|---|---|
| US20060168039A1 (en) | 2006-07-27 |
| US7730139B2 (en) | 2010-06-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7730139B2 (en) | Asynchronous tamper-proof tag for routing e-mails and e-mail attachments | |
| US10182026B2 (en) | System for, and method of, providing the transmission, receipt and content of a reply to an electronic message | |
| EP2166716A2 (en) | System and method for cipher E-mail protection | |
| CN1636365B (en) | System and method for verifying delivery and content of electronic messages | |
| US7096355B1 (en) | Dynamic encoding algorithms and inline message decryption | |
| US7305545B2 (en) | Automated electronic messaging encryption system | |
| EP2761804B1 (en) | Differential client-side encryption of information originating from a client | |
| JP5256358B2 (en) | System and method for verifying delivery and integrity of electronic messages | |
| CN100478875C (en) | Method and system for updating data in accordance with rights management policy | |
| US7596689B2 (en) | Secure and reliable document delivery using routing lists | |
| US20040148356A1 (en) | System and method for private messaging | |
| JP5000658B2 (en) | Processing of protective electronic communication | |
| US20100037050A1 (en) | Method and apparatus for an encrypted message exchange | |
| US7966492B1 (en) | System and method for allowing an e-mail message recipient to authenticate the message | |
| WO2006017205A2 (en) | Record management of secured email | |
| CN102571627B (en) | E-mail transmitting method and system thereof | |
| WO2018218046A1 (en) | System for sending verifiable e-mail and/or files securely | |
| EP2335195B1 (en) | Electronic business postal system | |
| EP1570615B1 (en) | Method of verifying delivery and integrity of electronic messages | |
| CN112655037B (en) | Secure file distribution system and secure file distribution method | |
| EP1473868B1 (en) | Method and apparatus for passing data securely between parties | |
| CA2338530A1 (en) | Secure message management system | |
| WO2000046952A1 (en) | Method for sending secure email via standard browser | |
| US20060080533A1 (en) | System and method for providing e-mail verification | |
| JP2002342239A (en) | Electronic mail system and electronic mail communication method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request | ||
| FZDE | Discontinued |