CA2628189A1 - Content-based policy compliance systems and methods - Google Patents
Content-based policy compliance systems and methods Download PDFInfo
- Publication number
- CA2628189A1 CA2628189A1 CA002628189A CA2628189A CA2628189A1 CA 2628189 A1 CA2628189 A1 CA 2628189A1 CA 002628189 A CA002628189 A CA 002628189A CA 2628189 A CA2628189 A CA 2628189A CA 2628189 A1 CA2628189 A1 CA 2628189A1
- Authority
- CA
- Canada
- Prior art keywords
- communication
- content
- files
- rule
- identifying characteristics
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/21—Monitoring or handling of messages
- H04L51/212—Monitoring or handling of messages using filtering or selective blocking
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- General Business, Economics & Management (AREA)
- Computer Hardware Design (AREA)
- Business, Economics & Management (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
- Storage Device Security (AREA)
- Telephonic Communication Services (AREA)
- Pharmaceuticals Containing Other Organic And Inorganic Compounds (AREA)
Abstract
Methods and systems for operation upon one or more data processors to filter communications of users in accordance with a content-based policy filter, employing classifiers, policy compliance engines, rulesets, lexical, contextual, cluster and fingerprint analysis. The filter is applied to some or all of the received communications, and based on the results of the analysis, the communication is either encrypted, subjected to quarantine, delayed, dropped or delivered to the intended recipient.
Description
CONT.~i~NT-BA.SEZ? P''ClLICY C.t3NIPLIANCE SIVSTEN IS A'=_'~D ME'TkIODS
BACK GROUND :'AND .i.3U1YfINJAR.SY
I'his docowent to systez-ns. aud. mctlyods fc?z proccssix~bx GC?'i7lTtiuttii'.at3ti7T9.s and txJ.oT'(: parLiemlaT'Iy to svYStems and rrze-thrsda fvr filte'ring 7 Go'i.Tlmit11i.wat1C').t15, ftz the ~lectx'oz3.ic.mai(.t:r3.tet=tng kidus.txy; most existin~.Systeins are a.iz)-Ietll ilt t;.',onteiat pdficy c*znpXi:anc.e (e.g., czrxiipl'iance wiilz c~~ic~~~~~e z~r ~~a4~~zrz~~zit~1 {~c~licy:) cat~ ~c aaa it~~~o~ta~~C
~caz~si~~ration.t:Ezr cc~z~pan'ies in vi~nv caftb,v increasi:rz.~ly cieciToxzic chaa-acter, ca.f i;nporta:zxt communications and F91/a1l Hb1l3ty L1f avc"71'ivty of t-fl( 'i:t3onT.c t:f}1m-nE'3I21ci:1t2#Jn techniques.
p.ruvi.4-ed -R)r rzpezation -tipczn onc~ ur.mci~e data proces:~cYrs to zlter L0111naunic;s.ti.ons iii ac:cordaiic;,p~~.,-ith contc:rzt :based po1iey coznplim-ice. For ~xwnl-sle, amethod az7ri system recc:iijxng a..s~.>t (yf ebarac.;=tcrisfie:s dis#in6five to tT-it elassifica#iozi; Wherein: the set.of vliar-acterisfias iaa4 been &Tived bzi.secl upon the~ scà qf fiIes; receiving a rzilo -dz:fining t.I-zott,eatment of c.ontent.sub;;tantiztl.iy similar to ttae- set ot'c:haracterist.ii>s; ari~~ -,vherein ~ic r4io defines ~~~eftr to fo~~varcl a eoznn-Wn?.catjoiz to a xe~cip:ient-based'upon the classifi-ct3txon ofthe: c;oxzt~~t and at least orio of tlit n::czpic;n:t or rh-c s.eiider.
BACK GROUND :'AND .i.3U1YfINJAR.SY
I'his docowent to systez-ns. aud. mctlyods fc?z proccssix~bx GC?'i7lTtiuttii'.at3ti7T9.s and txJ.oT'(: parLiemlaT'Iy to svYStems and rrze-thrsda fvr filte'ring 7 Go'i.Tlmit11i.wat1C').t15, ftz the ~lectx'oz3.ic.mai(.t:r3.tet=tng kidus.txy; most existin~.Systeins are a.iz)-Ietll ilt t;.',onteiat pdficy c*znpXi:anc.e (e.g., czrxiipl'iance wiilz c~~ic~~~~~e z~r ~~a4~~zrz~~zit~1 {~c~licy:) cat~ ~c aaa it~~~o~ta~~C
~caz~si~~ration.t:Ezr cc~z~pan'ies in vi~nv caftb,v increasi:rz.~ly cieciToxzic chaa-acter, ca.f i;nporta:zxt communications and F91/a1l Hb1l3ty L1f avc"71'ivty of t-fl( 'i:t3onT.c t:f}1m-nE'3I21ci:1t2#Jn techniques.
p.ruvi.4-ed -R)r rzpezation -tipczn onc~ ur.mci~e data proces:~cYrs to zlter L0111naunic;s.ti.ons iii ac:cordaiic;,p~~.,-ith contc:rzt :based po1iey coznplim-ice. For ~xwnl-sle, amethod az7ri system recc:iijxng a..s~.>t (yf ebarac.;=tcrisfie:s dis#in6five to tT-it elassifica#iozi; Wherein: the set.of vliar-acterisfias iaa4 been &Tived bzi.secl upon the~ scà qf fiIes; receiving a rzilo -dz:fining t.I-zott,eatment of c.ontent.sub;;tantiztl.iy similar to ttae- set ot'c:haracterist.ii>s; ari~~ -,vherein ~ic r4io defines ~~~eftr to fo~~varcl a eoznn-Wn?.catjoiz to a xe~cip:ient-based'upon the classifi-ct3txon ofthe: c;oxzt~~t and at least orio of tlit n::czpic;n:t or rh-c s.eiider.
2:0 ARiEiy .~~~CR1!''1 IONC}~ j'HE,- _ DRANVINCsS
FIG. 1 is a bkc;k di.agani dogi~.~ting 'a ~system for handiiaig, tmisrinissicins boalfg ca'ver a .net.u<o&.
F:t'G. 2 is a block. diagrautz depictiz~:~;. a coznpiian.cQ sy,-,sterxa. ihat has beQn '25 cc?nfligured tor cIassi.fyzog files -inc~ ap,pl-yirigpoiici.es.
FIGh 3 is ~ l-iIo-ek. di:agrazn cippict#zig-a. cqlwip~i.axi.ce .svsi:crxz.
opo.rdting on a JOG41 COMputir:
FIC3. 4%s a bl:pc t: diagr c4m. r~epieting -A cvzpplianc;c systeni'th'at has been ca~ifi.gLzred for classitriixgfiles based up:oii :a coMb~i-iation. tY.t' ~i4y $is t611hn.iquc5.
~nct'ystebn. that has becn 0 FIG... 5 is a bIoc:k d.ja:gram'dipicting a otiuiplA'-, configpzeil to usi cx.'tsti~g Corz.tunt .tc~ ~eVeICIp G:IIuhaeriStlcs Msob1r1ted '(Yi~~h a Liass.
F:10. 6 is ;i. blP.c:kci.iagxanx dcpklaug.a complianewsystem ti=S.a:t luts hcen 0011.#i ;urecl to ta.W.(~Pt. vno e}i' moro c0n teiit basG=si p6 licies,..~z{jm an acfr.3:I hli5tr7.toir:
FlG. 7 is a tloxvcliart depicting mi vpcratioila:l seOna)-iO for aIlowiTig .
Lont.Gnt based. polie;y(,ies).
FIG. 8 is a-flowcliaA depictipg, a.n operaki.t}n~il sÃ=onaTio fbr aIiovving.cozitextt laa,4Ã.~d poticy(iesl whereby the characteristics of the o'ntent: are automatioally genex=alerl lia5ed upe}n a:sel of related fiIes.assai zatecl wixh a c;Ias'sif.ieatiÃ}n..
Pi:G. 9 is A flo-wotaa.rt s~epià tih~ an Ãslatr'~.:tivn4l scealario Bor geftci'ating c:('Ynteri#.
'llasel'.Polic y. compiiahoo i.isihg access cc3nt.r6l -nghts to generate poli0y..
F:tGr. 10 is a i:lk,~wc:fiari depicting -an .op~.~'ationat seenario i'or filtering xnessages based ulaon. content baGi4 polioy(ies).
FIG. I 1 isa -flolvol-iart depicting on opexaii.bnal sc:Ã;rfanio. f-or s:c~n-,yerting crswn.ltxzzications li=Ã?iix Mu.1ti-Ple-forina.ts a.nd/orlanguages into a wrnmoij. Rim-Ea4:..
ancl:'or taiisgua;.ge antidzstilling the coiiamtiaiicatioii iiito ixie-tad.ata describing the ~. s Ci}u7A'31C1l'!1(:af'.~:1:oI? "P1'io1 til PiiT51II~~ the ~ac-';sage for any content :rnatch.
FiG. 1.1 is a block. diagrwn depicting a server access. architocWrÃ.?..
FI.C:q. 13 is a block diagrazA clopicting annti~er:ser'ver acce54 .arÃ:hitucture:.
D E'~':~111_:E'D D P_ SCR.1:1?'TIO N
IYiG.;1 cl.~piet5 at.1.t30 a sy,~toni. -i:ar handiingtransmissions reccaxred -oYjcr 4.
netWork 1lO..
suc,li as c:lÃ.~ts'oniQ mail messages sent fi.tani. orie:armore"nlossaging en#.iiiÃ;s .120. 'S'!ae 5ystem 1.00 tisÃ;s a me.,sagffig pOlk;y ooMpliance .sy5teni 130 to'IicIp pr.bc.ess the. c:o,*rmunica:tions frar~i -an ariginkting systetn. 120. 'I'lae.taessaging-pcilicy .25 Co.t3:3pl'E.ikt1C.#'. ~ysteI73. 130 t:xaM1:1l#:S GbaaKiC$o1'ist'iCS
as'StJClated With t1iC7= cClt'Il3-nlu31cat1ol1.s tzcstn:#:tae and based upozi the-exarziiiiateon, an a.otion. . is * tak-en wi:tli respect to -tlie communications. For mample; a eor.an-iunicatiali lvaa-y lie tietexx-iyiiYud. to be leggyfirna:te Z;nei tliu s' ffi.e t omxnqnicafion.
shoa.ld. za.ot be fiItei=etl by i1i-e .xn;essa.girtg-pÃilicy compliance sys~era 13i) and iiia#..oaÃ1 prcj%iicled to a rÃ.e-oi~~~l-t4" systpfti.
S{J 1.40 fo.r del:iv.Ã;ry to the iritend.iPd. rÃ.~zpkzt.
Th:ls dis6losure xelates to the r36ttiyor)' bwsed tipoai a cl:~~sz~s~~~x~-.~x..as~~G~a.~~d w1tla the wmi-nafticatiÃ?n.. It shkfulcl ~:.
that siwh conmuriii atzt>n4 can include e-~i-iaii, voic.c over izitemc;t prot0iol (vc7ii') pach:its, itxstaiit niessagiixg (M), file trfuzsfer protocoil FTl') pa~kcts, izypertext trauuibt protocol (14T'Ti') paLiwets, -GaPliez= paek:ets..
and tuly other rnethiad. whereby protecteci or 4~axsitivc~ =cc~nt~ zxt. ~~ :~., trade soc.rpÃs, pri vil~gqcj infOrmatifan, etc.) cmi, i7c iTa.nsf=ed over a n4tvuorkto another user.
It slipi.ii.d, be Azt Ãiiex= uncierstoccl tliat an organization cift-eu includes several d~partmonts wiaich operaw, to soi~e. degree, ind-c}ae=ider3.flv of onc dtiotiicr. Ilowc-vcrs ~~.3-z Organization may wish =to iare--,relittt~cft or disclosure es=fiia{brmation.bascd upon the pprson acccssina the ii.iforrrfation, ~.~T ba.s-cd Ãipon tl-ie persan to whcjrn tbe infvrna~it_ion isbezngsent. i~ci.t example, an orga.nizatiora ana.y not waiYt ezl gÃzie-er#_ng content disclosed to persc~i-is outside of the or.g<.aniÃzation. TI-itts; the or~:=~~izatioz~ desires to Cirnit tht rLvipients of nies.sages tb.a.t iiidi.ucic content related to l:lowl~.vt;Y, traditional tilteri,ng systcnls ~D-not pr+o'visisbap0U~urate ci.a:ssii'ica.tiotz of cox3wat beiug-sctzt to/#:roiai cxscrs within an vr~~zatioii.
1:5 '110 incrc:~.e the co-nteiit associateel Nvith mcssages, -Prop4rty (e.g., cng~~eerinn files, eiiarki;:ting fil=~;, legal files, etc., including te:x1 doc~urr~en.is, voice rc-cor.dings, images, rir.avvings,,mong otliers), a n.xessaging.pciicy co.miitianceayste:ri 200,c:an be contigLrod wiÃh a message wfiterii classification p,mgr.am. 2:tl a5 vhowix in FiU. 2. Am-iessagc ccinteqt -can tis.e: one or imre n3cssa.ge classification techniques or filters to eiiwqsi:ty message content;
The iniossage cOZitciit ~lassi~'~cati.6n priogram. 210 anai.ytcs the= cotitent of a cotunzrmic=ation (intended to travel acros$ the network tt-)a. recipient) in order to cl:assif~ the content of ti}e comm-iYnicat:ic,}o.. Hokvex-cr,, it slxould'ixe understood that..ii3e ?:S niesgagiug pCx.iz.cY cornpitaaicc sys-te.tx3 can also inspect incvniing communacabt3.rzs be.ttsxe di; tnb-uti.xx&~ the eon-m-4u.ttications:to a receiving sy-stem. The messaging policy con-lpliance :sy,stem 200 compares at 2.20 the class-ification ~imduc;ed by the rn.ossttge content classification prograrri 210 ta a'yvt. c,foiiÃ: or rnore nules= to detenni.iw wfictb&
the message is. in rQmialiat3ce witlz poliicy.
'30 Ii: the in cmxptiaucG with tlhc vrgn;iiization's -poiicies, ti-ke comn-iuriira.tio-ii is -fo r',prdod tn a.r~;t;ipieut via t~e'ne'#.ulcarik.
'2..'~Ø HoNvimYer, if~the cc?~an~~~nii~~~ir~~a is nnt i~i cca~n~i~.~~.ue= wi.tb thc.Or-ga.tJ:izabOn'spci=rcie,= the.
FIG. 1 is a bkc;k di.agani dogi~.~ting 'a ~system for handiiaig, tmisrinissicins boalfg ca'ver a .net.u<o&.
F:t'G. 2 is a block. diagrautz depictiz~:~;. a coznpiian.cQ sy,-,sterxa. ihat has beQn '25 cc?nfligured tor cIassi.fyzog files -inc~ ap,pl-yirigpoiici.es.
FIGh 3 is ~ l-iIo-ek. di:agrazn cippict#zig-a. cqlwip~i.axi.ce .svsi:crxz.
opo.rdting on a JOG41 COMputir:
FIC3. 4%s a bl:pc t: diagr c4m. r~epieting -A cvzpplianc;c systeni'th'at has been ca~ifi.gLzred for classitriixgfiles based up:oii :a coMb~i-iation. tY.t' ~i4y $is t611hn.iquc5.
~nct'ystebn. that has becn 0 FIG... 5 is a bIoc:k d.ja:gram'dipicting a otiuiplA'-, configpzeil to usi cx.'tsti~g Corz.tunt .tc~ ~eVeICIp G:IIuhaeriStlcs Msob1r1ted '(Yi~~h a Liass.
F:10. 6 is ;i. blP.c:kci.iagxanx dcpklaug.a complianewsystem ti=S.a:t luts hcen 0011.#i ;urecl to ta.W.(~Pt. vno e}i' moro c0n teiit basG=si p6 licies,..~z{jm an acfr.3:I hli5tr7.toir:
FlG. 7 is a tloxvcliart depicting mi vpcratioila:l seOna)-iO for aIlowiTig .
Lont.Gnt based. polie;y(,ies).
FIG. 8 is a-flowcliaA depictipg, a.n operaki.t}n~il sÃ=onaTio fbr aIiovving.cozitextt laa,4Ã.~d poticy(iesl whereby the characteristics of the o'ntent: are automatioally genex=alerl lia5ed upe}n a:sel of related fiIes.assai zatecl wixh a c;Ias'sif.ieatiÃ}n..
Pi:G. 9 is A flo-wotaa.rt s~epià tih~ an Ãslatr'~.:tivn4l scealario Bor geftci'ating c:('Ynteri#.
'llasel'.Polic y. compiiahoo i.isihg access cc3nt.r6l -nghts to generate poli0y..
F:tGr. 10 is a i:lk,~wc:fiari depicting -an .op~.~'ationat seenario i'or filtering xnessages based ulaon. content baGi4 polioy(ies).
FIG. I 1 isa -flolvol-iart depicting on opexaii.bnal sc:Ã;rfanio. f-or s:c~n-,yerting crswn.ltxzzications li=Ã?iix Mu.1ti-Ple-forina.ts a.nd/orlanguages into a wrnmoij. Rim-Ea4:..
ancl:'or taiisgua;.ge antidzstilling the coiiamtiaiicatioii iiito ixie-tad.ata describing the ~. s Ci}u7A'31C1l'!1(:af'.~:1:oI? "P1'io1 til PiiT51II~~ the ~ac-';sage for any content :rnatch.
FiG. 1.1 is a block. diagrwn depicting a server access. architocWrÃ.?..
FI.C:q. 13 is a block diagrazA clopicting annti~er:ser'ver acce54 .arÃ:hitucture:.
D E'~':~111_:E'D D P_ SCR.1:1?'TIO N
IYiG.;1 cl.~piet5 at.1.t30 a sy,~toni. -i:ar handiingtransmissions reccaxred -oYjcr 4.
netWork 1lO..
suc,li as c:lÃ.~ts'oniQ mail messages sent fi.tani. orie:armore"nlossaging en#.iiiÃ;s .120. 'S'!ae 5ystem 1.00 tisÃ;s a me.,sagffig pOlk;y ooMpliance .sy5teni 130 to'IicIp pr.bc.ess the. c:o,*rmunica:tions frar~i -an ariginkting systetn. 120. 'I'lae.taessaging-pcilicy .25 Co.t3:3pl'E.ikt1C.#'. ~ysteI73. 130 t:xaM1:1l#:S GbaaKiC$o1'ist'iCS
as'StJClated With t1iC7= cClt'Il3-nlu31cat1ol1.s tzcstn:#:tae and based upozi the-exarziiiiateon, an a.otion. . is * tak-en wi:tli respect to -tlie communications. For mample; a eor.an-iunicatiali lvaa-y lie tietexx-iyiiYud. to be leggyfirna:te Z;nei tliu s' ffi.e t omxnqnicafion.
shoa.ld. za.ot be fiItei=etl by i1i-e .xn;essa.girtg-pÃilicy compliance sys~era 13i) and iiia#..oaÃ1 prcj%iicled to a rÃ.e-oi~~~l-t4" systpfti.
S{J 1.40 fo.r del:iv.Ã;ry to the iritend.iPd. rÃ.~zpkzt.
Th:ls dis6losure xelates to the r36ttiyor)' bwsed tipoai a cl:~~sz~s~~~x~-.~x..as~~G~a.~~d w1tla the wmi-nafticatiÃ?n.. It shkfulcl ~:.
that siwh conmuriii atzt>n4 can include e-~i-iaii, voic.c over izitemc;t prot0iol (vc7ii') pach:its, itxstaiit niessagiixg (M), file trfuzsfer protocoil FTl') pa~kcts, izypertext trauuibt protocol (14T'Ti') paLiwets, -GaPliez= paek:ets..
and tuly other rnethiad. whereby protecteci or 4~axsitivc~ =cc~nt~ zxt. ~~ :~., trade soc.rpÃs, pri vil~gqcj infOrmatifan, etc.) cmi, i7c iTa.nsf=ed over a n4tvuorkto another user.
It slipi.ii.d, be Azt Ãiiex= uncierstoccl tliat an organization cift-eu includes several d~partmonts wiaich operaw, to soi~e. degree, ind-c}ae=ider3.flv of onc dtiotiicr. Ilowc-vcrs ~~.3-z Organization may wish =to iare--,relittt~cft or disclosure es=fiia{brmation.bascd upon the pprson acccssina the ii.iforrrfation, ~.~T ba.s-cd Ãipon tl-ie persan to whcjrn tbe infvrna~it_ion isbezngsent. i~ci.t example, an orga.nizatiora ana.y not waiYt ezl gÃzie-er#_ng content disclosed to persc~i-is outside of the or.g<.aniÃzation. TI-itts; the or~:=~~izatioz~ desires to Cirnit tht rLvipients of nies.sages tb.a.t iiidi.ucic content related to l:lowl~.vt;Y, traditional tilteri,ng systcnls ~D-not pr+o'visisbap0U~urate ci.a:ssii'ica.tiotz of cox3wat beiug-sctzt to/#:roiai cxscrs within an vr~~zatioii.
1:5 '110 incrc:~.e the co-nteiit associateel Nvith mcssages, -Prop4rty (e.g., cng~~eerinn files, eiiarki;:ting fil=~;, legal files, etc., including te:x1 doc~urr~en.is, voice rc-cor.dings, images, rir.avvings,,mong otliers), a n.xessaging.pciicy co.miitianceayste:ri 200,c:an be contigLrod wiÃh a message wfiterii classification p,mgr.am. 2:tl a5 vhowix in FiU. 2. Am-iessagc ccinteqt -can tis.e: one or imre n3cssa.ge classification techniques or filters to eiiwqsi:ty message content;
The iniossage cOZitciit ~lassi~'~cati.6n priogram. 210 anai.ytcs the= cotitent of a cotunzrmic=ation (intended to travel acros$ the network tt-)a. recipient) in order to cl:assif~ the content of ti}e comm-iYnicat:ic,}o.. Hokvex-cr,, it slxould'ixe understood that..ii3e ?:S niesgagiug pCx.iz.cY cornpitaaicc sys-te.tx3 can also inspect incvniing communacabt3.rzs be.ttsxe di; tnb-uti.xx&~ the eon-m-4u.ttications:to a receiving sy-stem. The messaging policy con-lpliance :sy,stem 200 compares at 2.20 the class-ification ~imduc;ed by the rn.ossttge content classification prograrri 210 ta a'yvt. c,foiiÃ: or rnore nules= to detenni.iw wfictb&
the message is. in rQmialiat3ce witlz poliicy.
'30 Ii: the in cmxptiaucG with tlhc vrgn;iiization's -poiicies, ti-ke comn-iuriira.tio-ii is -fo r',prdod tn a.r~;t;ipieut via t~e'ne'#.ulcarik.
'2..'~Ø HoNvimYer, if~the cc?~an~~~nii~~~ir~~a is nnt i~i cca~n~i~.~~.ue= wi.tb thc.Or-ga.tJ:izabOn'spci=rcie,= the.
3 ComÃnuniCatI.l7n is q'~~taritineiI,'kirOppeci, .nOtify'an ~ti~~.~r~zstrat:Or Oz' ~ ~~ndexh7ec:=ipi~.~tY
or t~~,kx spme:.Otbcr actir,n, as. illustratedb244. Offi& aainns uwmincibde, for cxamplo- stri~~pizig cOi-it~iit-ailcl/aÃ~ ~-i attaehrnci3.t of tlie 3ne;ssage bc:d-bre i'or~~arsii.n&.
automatically eiicnpting fihe mc5sage h~~~~~~ forwarding, <10ay dolivcry oi''the messaw; ux other ~pI?ropnaie tions in respcrn.ec to a wrziptiaac~e NdoI,afie}n. I.t shouid.
h~.~'w:idersÃood that automatic encryption cwi incittd.ere~.-iÃ.iosl7zag a User :o.r aclz-nin'is(TaÃcrr's appraval to eacxypt. &tc~~~ovor, automatic encrypÃion c~~
furt~~er"
dvc;isipu to etivqpt cantmt at thc:sc.rver or client level, i.n:ac:corclanc:e Wit},~ polic.y aod without u.sor or adn-firt.zMtrat&
app~ova l.
i 4i If orzlya portion of tlio :rominu.nica.ti.on is iaoÃ: in. Wr1xfA.iarzce witi:) the organizatioza'~ PAc;.icNs (G.g., a mes~~gmc;ontaina two attdci-a-nents where one-.oompI.i;;~s uriitz the ixolicykies) and the Wher does not), ~:h.e corn.iiiuzyication r~iay be biot~ked (e.g.z dropped, qu~raiiiiiÃed; etc.). A.Itcmativoiy, such a eon~i-ixr.iii3etitir+1l eou1d hf autr~inatic.al:ty r~~:iac:ted by the me5sagng Iaohey compliapce sy::teni.200, suvhthat it Moreover, in thc~ ~vent Ãhat.amessage cazurot be traiderrei to a recipient bei;.auwe ofi apt3licy violation, a notification can be It should be noted tii.at Ãh~-or s.ginafirag system can -ndtify a sy,-,ten-iadtniiiisi;rator. Alternatively, a ~~yst:(;m adrninzsfi-ator t<an,be notified directly bytiiemessag.en; p6fioy eoz-npi'iarice:s--y5te.m. :It Sh(x~(i l~~'cr~lc~ers#x7c~ci.'ih~t there are nurnurous ways to manage a response to poi3'cy ~iolations; caeh of Nvl-xich i.s.
irifeaideel to be included wiÃhin the scope of this diycloatire.
pvlic:y conipliarzc~esyMeib as shown izr :FIG.
3. For.exmnple} thE'messaging poIic~y.iwnplian.ce agent 260 is loea.tei on a user's.
:compu.ter 265. in acici:ition.'to Ãlie.nxessagi.ng policy compliance agent 260, tiic Icxt:al cuniputer 165, can inc:lWc an. wnrxnrzzrkataan clAent..270. Ii:sl-ivu~d be .uÃidorstoozi ~iat the,: comxnur3kal.~ion client 270 coolti be int.cgrated. with the naes,.~aging icy compliiazzce-agcnt.260, in sc~i-i3e exaii-il>Iies:
U-gon receiving a naessag,,c fxOrn the. et3rzunwaioation, client-27t}, t~ic mess;~gir~g pot.icy.ccrirrol%ixicse, agent 260 wPulci:u.st' t.he nic:,ssa.gp content classification prcigrun 275 to deteerai.rxe a cia.~sifica.ticsn assoe:ia.tedwith tl-te contcrit of tlz.e cn'ini3ittrzipation.
ming policy exnpiiance agept 2t~it) 4t 220 compares th:c-cla-ssi.fication The u-iessa With the-Content of tl-io eoin.inunicaÃion with'a c cinÃern-I~-ased xn~;4saging,
or t~~,kx spme:.Otbcr actir,n, as. illustratedb244. Offi& aainns uwmincibde, for cxamplo- stri~~pizig cOi-it~iit-ailcl/aÃ~ ~-i attaehrnci3.t of tlie 3ne;ssage bc:d-bre i'or~~arsii.n&.
automatically eiicnpting fihe mc5sage h~~~~~~ forwarding, <10ay dolivcry oi''the messaw; ux other ~pI?ropnaie tions in respcrn.ec to a wrziptiaac~e NdoI,afie}n. I.t shouid.
h~.~'w:idersÃood that automatic encryption cwi incittd.ere~.-iÃ.iosl7zag a User :o.r aclz-nin'is(TaÃcrr's appraval to eacxypt. &tc~~~ovor, automatic encrypÃion c~~
furt~~er"
dvc;isipu to etivqpt cantmt at thc:sc.rver or client level, i.n:ac:corclanc:e Wit},~ polic.y aod without u.sor or adn-firt.zMtrat&
app~ova l.
i 4i If orzlya portion of tlio :rominu.nica.ti.on is iaoÃ: in. Wr1xfA.iarzce witi:) the organizatioza'~ PAc;.icNs (G.g., a mes~~gmc;ontaina two attdci-a-nents where one-.oompI.i;;~s uriitz the ixolicykies) and the Wher does not), ~:h.e corn.iiiuzyication r~iay be biot~ked (e.g.z dropped, qu~raiiiiiÃed; etc.). A.Itcmativoiy, such a eon~i-ixr.iii3etitir+1l eou1d hf autr~inatic.al:ty r~~:iac:ted by the me5sagng Iaohey compliapce sy::teni.200, suvhthat it Moreover, in thc~ ~vent Ãhat.amessage cazurot be traiderrei to a recipient bei;.auwe ofi apt3licy violation, a notification can be It should be noted tii.at Ãh~-or s.ginafirag system can -ndtify a sy,-,ten-iadtniiiisi;rator. Alternatively, a ~~yst:(;m adrninzsfi-ator t<an,be notified directly bytiiemessag.en; p6fioy eoz-npi'iarice:s--y5te.m. :It Sh(x~(i l~~'cr~lc~ers#x7c~ci.'ih~t there are nurnurous ways to manage a response to poi3'cy ~iolations; caeh of Nvl-xich i.s.
irifeaideel to be included wiÃhin the scope of this diycloatire.
pvlic:y conipliarzc~esyMeib as shown izr :FIG.
3. For.exmnple} thE'messaging poIic~y.iwnplian.ce agent 260 is loea.tei on a user's.
:compu.ter 265. in acici:ition.'to Ãlie.nxessagi.ng policy compliance agent 260, tiic Icxt:al cuniputer 165, can inc:lWc an. wnrxnrzzrkataan clAent..270. Ii:sl-ivu~d be .uÃidorstoozi ~iat the,: comxnur3kal.~ion client 270 coolti be int.cgrated. with the naes,.~aging icy compliiazzce-agcnt.260, in sc~i-i3e exaii-il>Iies:
U-gon receiving a naessag,,c fxOrn the. et3rzunwaioation, client-27t}, t~ic mess;~gir~g pot.icy.ccrirrol%ixicse, agent 260 wPulci:u.st' t.he nic:,ssa.gp content classification prcigrun 275 to deteerai.rxe a cia.~sifica.ticsn assoe:ia.tedwith tl-te contcrit of tlz.e cn'ini3ittrzipation.
ming policy exnpiiance agept 2t~it) 4t 220 compares th:c-cla-ssi.fication The u-iessa With the-Content of tl-io eoin.inunicaÃion with'a c cinÃern-I~-ased xn~;4saging,
-4 policy. t.vliivia cmld, be -set by the us.ex, or by a sySte4=
<ldlninistxxtox,. U%hcre the communication does TliOt comply with a.content-b:.asod: me:ssagihg pi)livy, fihe-agent., can clrop q.uaranti.nes tl-ie conutuauGation; c:to, as s:#xawn by bl.ocli. 285, I't shooic~ be understood that 4ttdi ftm~l.i.unatity- c:iauicl be int~&-ated wi.th the -coniniuiiioatioii clien.t. Hbwc;zTer, it.shoWdzlso be xiiitcd. t3:iat: the functians.iity of block 285 coEil.d k~e-prov-idc d by the agent: ilseli:.
If the communication. com.ptze& rhith t.lao, cotrent-Mscd laUffi*r(ics), tlie 19 syst~~n 290. 1t shoi~ld be-under.siood that the func,timv~.lity of ftxe.origimtxngsyH#em 290 :1,0 could bo includod. on; the 7ocal *corn.putor 265 itsei.f.. '>r'hc;
dr!ginaticigsvstean 290 tllexx a recipi:etit. system via hetmvc~rk(s) 295, It.slioulti b~; iiOted that the zmessagi~~g policy compliance ageait c:-0-1 b~
used in 'c.an.;j:t3ncticn with amessagizig policy c{7mpliance survur: tisin.g. such ttt~ ~r6hitcdture' .could provide mtiItiple lev~clsof conteiiLt coinptianc.c chec~.11;. "['~e agcrii>'sunrer architecture could allow ths; mc;ssa;;~ng policy coniplianc:e -agc;nt.to m-ccxrd -t~ut- user's acti~~ixy~ ~~itOr Varlc~u~;. ek~~;nts t1a~3~~~ c~cc.~.~~r- oza. t~a.c cor~~pi~t~ ~~c ..~., poiic~r t~+~~~t~s~ns~, ~~
period.i.calty pxovide:iipdates of the usor's nr..th#y to Ej fti.
OmOng.:poiicy cOnIp}.italce scnYer. ne agetat/s:cmer archktect.urc cauld: ffi.rdxer a[lo~.~ the messagIng-pc1iLy.server upflatecl con.teni-liaseel. ~.xo:ticy(jes)-to the It slic3tzld.
bt!fi~.~rth~t ~notecl..that a mcssagin.g.policy corAplianc:e a~ent 260, ~.~;her+e practzcabIes:can.
ixacliide any of the i3:uiati6nality trf.a zncssagzz~~ polit;.y-corrzpliancesystem a.s 4esczibed, in the- present disclosure: As su,6h,. ~ly' of tl-ie functtQzi-alit;r Gle.scri~ed -with respec t to a ma;~ag7ng 'policy conipli ancc system eat be used. on a mesisagin-g.po1.iiry t:ri1-hpl.iaocc ~~;ent inaE:corcimmf:. wxth the-,pr~sont disclosur.ev 2.5 'I'he messasi~gpolicy cdmp)iance aggcnil. could: ftzrdiex allow a m6r to iequest ~I~~ ~s~cliti~~i caf ~c~~t~~t-~i~s~ p~l~~ ;~{~es) ~t #Iac ~~?ca~ ~sr sc~rva r I.~vc~I. ~&%-crc; thc riay~x~ ~~~tl t,:c)niont:_b~3~cc~. ~c~li~~(i~s} d~r~ ~~tOt ,~t~ii~ict u~=ith ~.ch~zaini.~tratOr cc~nt~;nt-b~~.h~;~.
pol .i~ ~#ics), ~~c ltrcal ancla.lorsm.ez= coulcl aplaly--the user rcqpisted ccant.en:t-baised poli.cy. Iju.rflicr, tlae.messaghig policy cmipIzar~oc agent could allow the user to request encryption on a.. c;ornnTEinica.t~ion 3Tia=the comn-ieinicatiOn client:inter..facc.
Wliera the encTyptioxi request. e.ainplzes ixfit~ contcnt-'based palicy(ies) at tlie agent ~
ax3d/ot server ler-el, the rc:quested'encryption can-kio per#~anned by iitliea= flis; server or By W4:y'.of c;xaxaple, amcssa.ge contczit clwiftcation pz=c?graixz 310; as shcvc%n in:P:tG, 4, cc-m izzcludo .a number of c;.laswi:tioat.icn toc:hniques 360, 37:0,_380. Example
<ldlninistxxtox,. U%hcre the communication does TliOt comply with a.content-b:.asod: me:ssagihg pi)livy, fihe-agent., can clrop q.uaranti.nes tl-ie conutuauGation; c:to, as s:#xawn by bl.ocli. 285, I't shooic~ be understood that 4ttdi ftm~l.i.unatity- c:iauicl be int~&-ated wi.th the -coniniuiiioatioii clien.t. Hbwc;zTer, it.shoWdzlso be xiiitcd. t3:iat: the functians.iity of block 285 coEil.d k~e-prov-idc d by the agent: ilseli:.
If the communication. com.ptze& rhith t.lao, cotrent-Mscd laUffi*r(ics), tlie 19 syst~~n 290. 1t shoi~ld be-under.siood that the func,timv~.lity of ftxe.origimtxngsyH#em 290 :1,0 could bo includod. on; the 7ocal *corn.putor 265 itsei.f.. '>r'hc;
dr!ginaticigsvstean 290 tllexx a recipi:etit. system via hetmvc~rk(s) 295, It.slioulti b~; iiOted that the zmessagi~~g policy compliance ageait c:-0-1 b~
used in 'c.an.;j:t3ncticn with amessagizig policy c{7mpliance survur: tisin.g. such ttt~ ~r6hitcdture' .could provide mtiItiple lev~clsof conteiiLt coinptianc.c chec~.11;. "['~e agcrii>'sunrer architecture could allow ths; mc;ssa;;~ng policy coniplianc:e -agc;nt.to m-ccxrd -t~ut- user's acti~~ixy~ ~~itOr Varlc~u~;. ek~~;nts t1a~3~~~ c~cc.~.~~r- oza. t~a.c cor~~pi~t~ ~~c ..~., poiic~r t~+~~~t~s~ns~, ~~
period.i.calty pxovide:iipdates of the usor's nr..th#y to Ej fti.
OmOng.:poiicy cOnIp}.italce scnYer. ne agetat/s:cmer archktect.urc cauld: ffi.rdxer a[lo~.~ the messagIng-pc1iLy.server upflatecl con.teni-liaseel. ~.xo:ticy(jes)-to the It slic3tzld.
bt!fi~.~rth~t ~notecl..that a mcssagin.g.policy corAplianc:e a~ent 260, ~.~;her+e practzcabIes:can.
ixacliide any of the i3:uiati6nality trf.a zncssagzz~~ polit;.y-corrzpliancesystem a.s 4esczibed, in the- present disclosure: As su,6h,. ~ly' of tl-ie functtQzi-alit;r Gle.scri~ed -with respec t to a ma;~ag7ng 'policy conipli ancc system eat be used. on a mesisagin-g.po1.iiry t:ri1-hpl.iaocc ~~;ent inaE:corcimmf:. wxth the-,pr~sont disclosur.ev 2.5 'I'he messasi~gpolicy cdmp)iance aggcnil. could: ftzrdiex allow a m6r to iequest ~I~~ ~s~cliti~~i caf ~c~~t~~t-~i~s~ p~l~~ ;~{~es) ~t #Iac ~~?ca~ ~sr sc~rva r I.~vc~I. ~&%-crc; thc riay~x~ ~~~tl t,:c)niont:_b~3~cc~. ~c~li~~(i~s} d~r~ ~~tOt ,~t~ii~ict u~=ith ~.ch~zaini.~tratOr cc~nt~;nt-b~~.h~;~.
pol .i~ ~#ics), ~~c ltrcal ancla.lorsm.ez= coulcl aplaly--the user rcqpisted ccant.en:t-baised poli.cy. Iju.rflicr, tlae.messaghig policy cmipIzar~oc agent could allow the user to request encryption on a.. c;ornnTEinica.t~ion 3Tia=the comn-ieinicatiOn client:inter..facc.
Wliera the encTyptioxi request. e.ainplzes ixfit~ contcnt-'based palicy(ies) at tlie agent ~
ax3d/ot server ler-el, the rc:quested'encryption can-kio per#~anned by iitliea= flis; server or By W4:y'.of c;xaxaple, amcssa.ge contczit clwiftcation pz=c?graixz 310; as shcvc%n in:P:tG, 4, cc-m izzcludo .a number of c;.laswi:tioat.icn toc:hniques 360, 37:0,_380. Example
5- message contcnt: classification tcel-miqucs~ or f3l#.ers 350, 370; 380 xhat.:a message, coaitent s:=?as;~~-fica-tion progropa 310 caii. use: Y.n.clude, = Cr~rt~~:~tc~~l~~~;~~'~i,~ ~~ c~a~~~~ica.tf~r~. ~~a;s1~~i~c~~v t.~a~
pcr#~rnas a~~~z~ovi~x anqI'vsis,flf fi~e,~ to ide~n#.zfiy ~hrk3ses mid vvYords, wbieh ,ar~ -w-iique trs a pla:>sificaticazz of fi1c, wbich cata bc dozic by wialyzing Ow rarity Ot'a word or -.phr'~aso to a pGirt:iculai t)Te of fiic;~ and treatirzg such -ivords or phrases as indicative cjf-ti goup of files v4ritti some pemientagp of m-taizny:
Ling.gr~rrint:An-txly-sis --- alechnique to.~ xcie-ntify c:opying.betNNreen mw.O:ectronic k t~xis at.,ul-uItap~~~ letrcls (p,g, whriie file, para~.~a-Ph, scntcncc, or ma.4tructu.red ~ilpba.nuf77erit s;oMponerits) bvx 'fo~ exarnpIe: .f.).Applying a..ncmaalizatzon :taycr.
Is' to renitivo vdiiteapacv axid other noisc; .mid, 2) utilizing a Wirnowing.
aI gc~~~ith-a-i to gentMte'a minimi=x.ed, y'ot qptinxa.i.number of hashes.for each addixag an ambigui#rr fa&tor toidentify lile;s-Nvitb veTy rzkiii.imal, but szViifisant dupli cwitzUns of Ar{ta>
iCIusterAFZalsa,s - aclas.sificaticin -tectinique fhai partztiozis O-w, data into ?O -related subsetssharing a c~.~m.rrion. trait that can.be dofined as a hiracfiori of a.
dc,fine:d distanGc.~twasum(e:g., Euclidian distanc~Z) thot ma&si 4.point as a part of ti.i. Iwast oi-ie cluster.
g~2tixle Leri~~l'Anaky;~is a Oassificatit?n tcchn'rque wWch ca~~ be PerfbrHied M A.d c.*rIcicc:tronic Wxt br data WhMcb. adapt.~iveiy leami st.ructtir.cs of sparse aiid ?S 11orisparsc pattoms by, fur exwn~ls;: 1).Insta.ntlat:ing' a s~tics of M~~o Vv cha3ixs using cnznponertts, of the presented classificat%on zxzediuru as rnmubprs, miti, 2) ,AppIying.a ser3os of w~igl3ts bued on the eoxnpl~oxity. of the chain, :actt~r.ecl~
with th~ lea.riicci appLwance- vectors of each cliain -to. d cditee -a.
t~rtxI~- A i.ty.
!'his p.~~~ces-s. za.iloW8 lbr the learning md. idcntifita.-~i.~~i~ of's.parse pdttenvs; exaet 30 phrases, wpr4,, .O.r bi~.~ary pattc.uxs'Whic,1i hav!- a probability of One cii4puisititan ~'>
based on their hisiorict31 oimmrrerzce across a~c3~at#~xu~Ãl~r.bu~~c#z~~;
the Origzritd mecia'tz~i as ~a.Pzrzcess of conth1uhl;
It s}iou1d bc tjncicrstood that diose miaiyszs too}zniques c;an. be ia-iodifieci (.snrz7ctimes signitioantl}r) based zap, Oz7 khiu dc;sir&d -z=esifItg; azid that all implementations o#'tizese az~~lysis teehrzitiizes are intended to be includ:cd WWiizi fl-i~ present di5closurc. Por example, tiio cl-L7ster analysis Mter 380 cin3.'use ai:urrzNe=r of diff6mat W-c~rithms -ta idezzti:ty, Ousters,> such a~r~zial~~e tcolz~~~~~z~s can.i;3ciudo, fpr~~xarrz~le, bu#.hoi Iimit,or3 to: k-xn~~~~s clustiring,. c#tialif y tbreshey#d. (Q-T).clu9terin& fuz..~r r.;zraea.zx~ ~ci,istc:rikgv wi.ds~i~ara.i cl'zzstoring, amozig oihe.rs.
:i:t} 'i hazs, i# s ~o~.~lti bi .rt~cognized t2iat x~sing :~.
z;~tz~~z~~aiz~~.t~.E~: of classification.
algori:iiun4 Unthe a'}nteait passa~~g th.ro~g~i the n-zess4ging policy compliance -systen-i 300 em-z providc a classification 394 associated with #iie contew, md zaxakzs a determinati rsn, as ~hown by d:ecisi-orz block 31.0, wheft--r tii.e captent of ti-ie -zn~c.~sage coniplies witla cantertt #,~oiicy, Where the coxiterzt crzr:npliz;s with content policy il-ie a.r=xpzeftt systoincriaa network 3ai3.. 1klaez=e-#ht: QvntcnÃ_ ~does nc~t campiy with o,ontent.poiicy. thv uomen# (;;wi bc droppeci, ciuaraniÃncd, .etc. as shown by bluck 34ti. Whe;re the message is not for<vardeci tb #l-ie re.c;ipi,ezit system, the irze;8*mb*ing pv#xc.Y compi:iarzee systein 300 can: zaoÃifyr a sendor, an t3fl.ginatilig systean.
3$4 wid./or an atirzaini~tz=zs.tor (hot glioWn).
'20 As an e:~a~~le, a pWiey t.s3uid~ lii=ziit trwisanitter1 by human: r.esoaxrczws sta-ff or to andi-visiuAls outside of t.he eomparz:yr. 1713.e nacssage cu~te-zit- classification cotild identify pn ~iz~ce~-'ib,~wt~~:
xnf?rzi~atioi~, Ã::c.aznpIe, by the incl'fz.sioa3 of equations or wbzris'or piit=a.,e5 tizat are Most Cezmmonly tisseciated with engineering doouments, presentations iar- dxawiogs - ~ndk)r, by ozxo o'f":
idorztit~od w, zneludirigcbtaacterisfi -o in crsinanon. With c~nginoe~.i~.;
doouments., prc:sentations or .dza~~ritags: would bU tekid detezx-aiza~Whetber the soxzftr was a 1ati~a-zmi resdurGes employee, or w}zet#ier the z'eespiorzt c#oanain ivas not associateEi.wd.t'ii #h.e corn.pany:
It sixould be uzidcrstoad -t}iax usiiag-tiiis methrzd., ap aeiminigtratc~r roWd it~enfi;lu mi itidividual suspectec#."oi'leaking in#'omiatzori. !"Iiis ittdividuai coulffb.c: inr}n4omd;
ibr conipii-ance ~~ith,=npmy policy. N_4oxeovor, the 'tn~~sago Qc}nfient t lassifcafiqn ~
program 110 Cas), d%ec:#. situatiom; whexp the wscr is Selld.ingstabsets of fzle::, pr urh(IO
the htdividua.1. i5 summaijxang-tsr.'xmotcling documezzt to .avofd detectiom As shown in:E11G, . 5, a messago con3laliance sysle~n 400 could be cox3f=zgare l. to examine aia existing set of.i=eIatcd ffl~~492; as sp cified by;an atlministratOr.4-94,. to -ereaie associat.ici Witb the set of xplated files 492. ThG.
files 492 could ~esupplfcd tn ffie me.Gsa.ge content cIassi-tioatimi prograxt'~ 41Ø Tli.c tnessa,5e, ountant ~~~ssifzcatznn p~~~r~~~ 416 cntil.d use eac'.13 of Mi:
tuohniquz;s 460, 470, ~~~ ob tlxe set 6t re1af.ed i'ilc:s tp dotermzno vvhAt featuae ar diaracter' izatioiis, mark thoir reta#:inxislliP. :1inr ea.ainplo.~ legal doci3mmits migft o~en i-ncliide Latin .phrases such as in Siich an izat=l'asion ccatlcl'be discuverable by a anessage. conient e>la,.~sili.catÃon prcrgrr~ 410.
A message ctXiTt83~~ olasskfic:~.~tFon prt3grw7i~ 41Ø can gtJneTti.tz a sot d3f iiienti&inga characteristics fc?r a i;lass cit enritciit. '.f'he 5ane tcalariique8 460, 470,480 arc ttletx Uscd oja con1mumcati~,~ris. cnter..iqg 'the nicssagiAag poIxpyeoiript.i4noe 5yste.m U 400. '1Thc~ of the.cmmmnic:atio zI~.raa~r .tlZembezc?mpared tii the.
i:~entii'yir~~ ~~iarame?.sti.cs for a class of cnntenf. tc3 determihe ih WIaxch c;lass. (if ahy") th~.? cnntent o:l'thc coinnitinica.t-inn bclorzgs, thereby producing a content classi-fication 490 -fnr the communication. The messaging policy conipliance sy-stem 460 tlieix appl:i:es amr f3oi:Ec1es xel-ated to "fl'ie e-eratent: ~lasS~lx~tz~~t. sis shown by deeisxU.n. b1oc1C
4201 to cfetermY_r~e wb:e#;her tbe., cnrrarn.unitialliOn wil1 be cl0livered via nemoxk 430, or d:rnliped, quamntiiiedõ Otc.,as showia liy.$lt3ck 440'. In the event that aoommmiicataon does not s4tisf~ polfcy, tlie.nrigÃziating systezn. 450 s;aii bia. alerted'tc~
~e.la~al%cgr .failuriF
Tlae..mi:ssagi'hg. coutent: c.ompli,anoe syst.ety could ~ilscs notif'y a systeiii administrator and!~,t s6nci:er oftlie policy.fai'lure.
It sh6oItl be recog.~~W ffiat. con#6xt policy can be created..ixi. a ni:yrzad o.l: sv.ay:+:
For cxaiz3ple, as showa in FIG. 6, the mossaging policy cunnpliancc systeni ow-i accept Q-)iitca.it based. poIi:i~.ie5 596-fxom. a:sy~~tcirt adnninistr,ito.r $94.
TlaU admi.ni%ratar S94 cai3 supply:a content po]icY by supplying bcAb tl-ic related content 592 for the rrlessage~
p,ili.~
content classification prngram 510, and s:app~yi~nga sc t, c~f '30 t.c~ b.e lamsed by a pofiLy c-cin-ipliance depision blonl;: :~2flf.
It should alsv b~,, ;recqgiiizocl'Yhat a iaxessagzng p(ilicy cciitpli4iice s~raen cati be, set up to-jnsp~.~trt: access ec-i?:tz=ol tights of users imthorized to access a. set of Ma.t:ed fijes:. 'S'llesz~ ac>.cess c0111tTvf r.i)gtht~y c;.an 1Se wi.i to a~tr.x~atic~l:~;> .~za~]~c a~zx~c~t b~sed.
pc?~icy"Whcre- the usetq-(wtzn a7o -autboxi.-wd) vzov and'orrziodi-ty tbe set O# retatwd fiies a1so havd t:(ic 417'Ifity to send and/orreceive such- siiniiar cOntexzi:
as. i1iey- are ailowedto. access.
F Lzr.ihenxzoze, it. 4hotzlel be:rccognized tha~ a.. z~~essagiz~g policy coi.z}.p'liance svstern-caax be trained. for:-z-ccogniz4ig wit:h the crsicxs of thw s.ys:Gom. For cxarziple, a zxzessqging-poIicy Omptfatiee sy.~Wrn tirzri observealI s~:x1l:throuWx -thc ~~Y~A~.~z-rt ovQ1r a i}erAbd ot'taha!z~. Thcn, u}iczii detWi.b.g that a, Usez is ,~nd;~~g -comm-OTz:zcat1ons that incttzde iozaten#. ibat is 1.~O abn6nnaI ~*ath.xespÃ.ac:t to fZ-ic his"tori:cal. izsage pattern:s of that u:5er, ttzc xnessagir.zg pOlic.y corz-ipliance. system can be eonfz~,~red to dropr'quarantir~e;t1le: c xitxnunieatiozz and/or ncitify a 4yste zn admxnistz~dtor. In arz adapti~~e mmuii~r, a~z~~ssaging pt~licy pompli.anoe. wystern can gvueratv-contezit4sased po1iq(ies.) based. upot lxistori c,al usago of cczrzt!ant.
1 5 FIG. 1 Ãlt~pie:t.s a fl.za.v+rchart i:Uustwtbi,<g an operational scezi-afia 600 fbr a mossaging policy c;Onipliar#ce system, -wIiereb'v asysion3 ~dtrator can d (,.
t"~nc.
.c oaiÃ4izi-bas~.~cl. policy. At step 610, a s~stezt adzn.'inistnztor crs;atcs a eldssificati.un.of cozitezit. For exazrzpls, classit%catiott~ could ityclude; engineering content, meds~cal records ce,3Ytcnt; hummi resources contezZ~. l.~YaI coz-zt:en.t, Maxkcti~g contetit, 20 accounting curii~ ~t, :~ctr~c~s#~zz~ c-c~ntent, etc.
A messaging pcili.cy c:oznP)iarzec s~}r-ste.ni cn:uild thcwrec>e1:ve-a,,w of characteristics assooiated with the orca:ted i~Iassification; as~shoWrz at..stv~.~ 626. It should be ncsted that these 'e+uulti be i:zzternAl.~~ ge.fierate;d; or re;ceiv~_-,d fto;n atictbersystem. At step. 631), the operationscenarto.Who~~r-s an adrrxin:Ãstrator to '?:.~ dvfino a.rule ok ~olicy for c:onnnurzzcations that izieludo awiteizt that xrzatclies the chAracteri'stic5 associatcd Nvitiz. the created c1assificai.xUn, whereby a message filtering systen7 could be ganfiVred to block.inessagcs that do not comply vvith #hw cizviined ruIf;lpolicy:
FIG. S dÃ~~icts aflcrW~hari illustra.6118 an OperatiOnajsc~narir, 70*0 for a 3.{} messagii3.9 policy whor~by a syste-zn. ~dTWiiistrator can dofzaia eoiltorzt: based p6l:icy fbr cornrnzaaiii atii?riw by:,suppl~ f ~'~~ftt.~cc~
~.~r~s. At.stc~~a '710, thG~:23iG5ga ~;1.ng poliCy G:@ln~JIW'lCC.
aLlniiziistrator. ,At -step 720, fhosysfep) a.c3iiainistrator,provides-a set 0-f related t:ile.y wtii,cb exemplify the nevv :c1.assifl catia1i..
gc:nc~rates a 5e:t: c~f.ihar~cr4t istic~ assaciatcd, mrith thc set ol'1=6ia:t4d -files, as shown by stL='~a 73'6, At step 740, the riiessagin -pol . icy. Gcompliance s;yatcin:
rece.rve.s a rule tvr ~S conitaiui-xications identz#a4ci as belonging to the'zx~.~w cla..~5z~'i~ation.:
Avother cxam.ptc. of an opera:tic~nal'scenarxn 800 for a..tne4~agilxg Pcfflcy .cOmpliance sys#ecn i*s shown. i:n F1~"x. 9> At s=.tep 810;
a.tz..adxndrzrstratoi= proVide..s: a nc--v clas~~~icakic~~~. At:st~i 82Ãl, the t3dn7izai.st.rator.providc:s ast;t ofrclate4. -tiles wble.b corri:spond to -ffie.~~~vv classification I{~ p~~ti~i{lecl a:t ~k~:}~ ~~~= ~i~ ~~~ ss~~~in~. ic~ p~iazice ~~~t,~rn ttie~i ge~ze rati~ a set O# ehlaac;.tez:istics that distinguish tt-ie set of :related files ft-oin other ~peslctasses of -fl1L-S; as shovn-i by stcp, 8,10. The r~iessa.ging Nlicy c;o~.~.=+~iwice sy5tem thei.i texmni:ne;s' thc access cokitrol r.i_Wi.~ oft;ach of l-he related f1~.~s in order to develop eonteiit-bas:ed .poliey, tt-ictebv a.llo-win; uscrs. vvith a.cpess to the~ set of related ~les tg .sund con#:eM
1.5 Prb.is%h. sharc=s disti~~goiMdit,g, charae~otisfi(:~,5 tvith -Ãhe reIatcd f ih4s.
A r~~~s~~~Ã~~ :t~oIlev:eorz~piiance system can -1~It.er n~ess~.~;~.~, ibr example, as sho-w,n by thr.: opem t:ic.aiial sc4hado 900. in.Fl:G. 10. At .sts~p,910, acozamunzca.tioni is received. At steli-910, the content afthe communication is compared to existing class,ttic:atit1ng-. This is d.oiic; fof: exa.tnpl:e, by using one nr. more lcc:l3xaiques that 20 a.ttempt to ixaa.t_c}i clements vfthe c:ontcnt. to sets of characteristics assr3clated iv:ith tb:e At decision bIpck 930, tbc: inessagiiig loii.6y con-iplia ncv -systenvdeterminc>> Wliel.tie.r a thr.eshcild. tnatch'ha.s beezi inacle to identify tlie cc+mm.u.tYxcatitan coi}terat as bein',p, related to the existing.classific;ations.
Where th~,~.messa.,,Dzng poli ey c.oinpliane.e s ys$om is iin able t.o,di.siowc~ .a.
thtesht?td rnatdh betwecn tlic czonteat and 6e. exisltti O'a.5sificationse the -coiiu-num-cdd 6zi is 4eterniiri~d. to. contain no -prtltec#~.~ corztexit as shown by s:tep 9441.
Con,mwnii~a.tians tivhich contain rzo protected cctxitcn.t..e;an be ibrwarded to. the ~ccil~.ier~tts~, as shown by stip 950.
Hovv:Gver, =tvhere:fhernes'sagirg-pcilicy compliance syst~~n.i cl.e#eivinds.
tliez:e is 30 a tlxresheilri n-iatch between the -contciit ot fhe comm:unicati.vn ancl the existztig tbp ccarzummicatioii is e::ainint:d to d~t,~-..ri:rijnc 1f: ~nj~~avvba~.0d policy i~:
satisfied,.:a;; s-"hovv.n by Ziooi:~Jon block %0. Where 1h0.ct~~~ent-ba,soci poll.iy :js n(it 1~l satisfiud, fliÃ;: aommmi'eiitim as.c}p;4rwtitied,, dropped, or otheilvis.e bjookod by' the susterix, 4..~; 5he3Wn..'zn stc:p.970. Wlis.=e the wntent-based. policy ls'satisfied, ilie wnu-nuxzieatiofi is tbrwardr;ci io= the or ziic)re. systems associateci ~wi'th the intended t'f: CTpie1.'1 t(S ).
.5 FIG. 11 depicts ma aitumative operationai scenarit~.980 used tO paxs~e cOimnEanicat~ions privr-ta faru=arding the mess~~~ to. a recipie.ra.t. At st~p.982, a c.csmmuriicatiou is received. At step 984, thi; con-Ln-i-Lttiicatiozl:is normaH2~,ed.
Norxziali:ratkm in v~.~rieYus ~am:Wes,= c;an imiud-C.cmv~rtzng ihe c6riu~~.u~~.ie~~tion.tci a -a-i.im-non protr,3GVi. Ft~~ exwrn.pli:~, %Yhorc: fli.e syste~ zooei3-e:s a VolP packet, ~~
.10 conituiuidcatisai; could be couverted to a:~zothc..r.-#bri:nat (c.g., a text based'f'6rmat) fl6r exain.insfioii. It should be uiitierstood ti-tat communications in any torniat call be wnvert.e.d to any other ibrnrn~.at 'ibr pirsing? ~md: that the presczYt discloslare i;s n. ot l%m.it.ecl to conv~.trting, a1l. var3.eii protL3CS)l:s to ariy- parii.cutar protc~c:oi, but tiiaf th:e Oloice ,oi'a comawn eoYnpariOon protocoi. is rnereIv. a~~~ig;a ohoic~-to- bc :madeiIft iightoi Ã~h.e 15 6FCtlinS1:a31Ces Caf'si P,~f~ioiJ.laT sohItieIl(e.g.s wh'iõ'r~,, fl1c, pnini3ry K:C9mm1:lniGat:ffln tneollfmd'm is VOIR, tile coznn-lon comp ~isc~in ~rt~toe t~l xrzaY be chosen to be ~alP to reciuecAhe resOurces used for iycitocoi trans:lation).
In various exam}:iIes; norzxra.lization. ean ai:w include transtat#ng a communir,afir>n :ti cam a variGt.y~< of languages into awa-iinon wril.pzirÃ.sOn lan:gtÃago.
.20 "For exarnplez Where Ei comxnunica.tiorz is in ~em-mu., comp.an:som techniques wouid not detict a ciassific0ion miiteh -whe.rethe~classiii=cation has been..d~fined by'L-11,Ã;IiGla ~~~ng4age dcas:umeakts. Tfzus,.for'a-rnore ~w-npiete analysis of all c;onimuni~miii.~ns, uaniiniiziae-at:ioiis cmi be traitslat'tyci. to a. corzaint~~~ wmp~aris~ii iaragraÃige.. It shoalti be.
tir..id~~st~aael tla~:t =~his r3i:~elc~s~i:~~ is::~~c~t 'Iixnited ~~~ a pa~ic wa.r con3inon. eot~parison 25 Im3guage. Nio-xeover, -it ylio-t-ild be Wxdersto-ici th~t -the eominan.,c:OZnpa.risozx langiia~~
u-iav not. even be aiaxwficed lang~mg~,.bui.may mereJy be.a.4anguage.diatis created-by a user rvhic:h has spmial.-czlia~actenstics th.al:-aiti in classification of -aie, communieatiop. Fu:idi~.~z; the eoznmoq coinpmn5ozi language in vanc)us c:xample.q may -irzclutie acon-ibi~iati'on. of sÃ:verald.iffe.rtni 1miguages, such. as Iaere aiserete cc}ncei7ts ~(3 used in dstTt=rexif iian~;~.agc s.am- r,n~ adeqTiatolY c~es.crikied by a~.ingle 1an~,~aExe.
In step 986; the opentfianai scenario M generates metadata related to tlie c:ommc74pation: Tlxemetadata. .candis:tili 1~h<-.-fi1es. itito iden~~~-igc~iaractexisti.csaaa,d.
~I
r.c~luc~> suli~rtl ~c~us langu4be whicb may A% be b-Op~ul in ,;VsSQuja0~IgCj, tljl~, c0tnmunt:eatictIl'wttki atiy of thc clm47hcat.tozis. Fi3r=eA=4rlzp.le,, de;tinitc:anddnkqefiniti!~.
t~rtic~c~; pt~ohouns, Atzd various offir;r llngpiafi.c; clevic;c.s are often irrelav-iwt to .classific:atzcanO:f aBIc:. At :ste=p 958; tlie.nietiddta..associat~;d wi:filr t:hC; cvrziniuai ca.tion is CÃ?ITIp#!I "L'd to LA:x5ti7",ti~.x xTletadaa 'W:gagf3m .to detcT'S1l.i-ne, c.l. dEkSS';1fic:c3tiC)na=SsiJt3iat.~.'~d '4k lth the eOmzn=auicatiorz. .A:t.dccisi.ora block 990; tl:ae messaging policy Lomplhuicc syst+:m detetm:izl.es-whether a threshold znatch has been r#m~c:-to ideixr:ify tt-ic communication ,mctarla.ta as bortngrelatedtci the xYieta.ci.ata.
Whorc: tlic =,5sa.gitig pcilicy. (zoznpli.anc.c systm is -unablc; to tli:e~~~~cr.a.
thkesbold: match lietwecn tlia c:axxtent and the Ox:isting c Iassifi:catfons, the c:ciz~n---iunic:ati.orz is determixied tci contaiii no protectc:d content asshsawzi bv .stcp 992.
Conzmun7 c:at.ions 44rhi.ch cc3t3tain nc) protccticd'wnten.t. ean bc:
f6rwarded to the rccipiczit(s), a.s. s}You=:rz by step 9_34;
However, W herc tI.ic messaging pnlie,y con-ipl:imice s~y-,tem dctermlncs:
thet=c is 1S a tbr=~bold:-matc;h .bctw'eeji tlx~ Lon:tent of the-cOmmmlicatio=~~ Mid.
O3c: exl.tir~g classi~lcatioos, tlie. con~,minication is- exawined. todet~nnine if contezit-basÃ;d polic:y is~
satisi=ied, as shc3-wn by'docxslon bIock- 996. Whcrc the oont.c.~nt-based polic.y .is not sati.sfied, the communi:cation is quarmitined, dropped, or othefivf4e blockcd.
ar delayed by the systezn, as. ;~~own. iRstep 998;. Whum tbe. eo-n:~ent-t}ased policy is satisfied, the communicaticrin is fbmva:rded to the ono c3r.naore systcms associa.tecl uitl-i the in:tenÃ.ied.
The systezns and mcthc?ds disclosed 1-ierciu arc presented only 1?y way of c,xampIc anc.i axe zic}t n-ic:.ant: to Iiznit the sccsl,e. of i.b.e in'Vc.-ntion. O therv'aniations of the.
;;ystems, a.tid metlYUds describ+ed above will bc= apparent'to tl~~se. skilled in the-art and ?5 as sii01i are consid.er..>d to .bc wl.fihiii the scope offihe invention.
Fa:r vx~mplc, 'a syl."'tcni aiYd rrietlivd can be configur.cd, to hwidleraany different tYpes safcommunicatic>n5, suoh a..R legit.E771ate .1ne5sak.~~eS or uit~~'J'at~ted G(}llilY?:IIiCat#.f3Y1S ol #. %Ol2lIXliI1]iGi1tiot3S
viOlati,~,e. ofa,pre-selected polzcy. As ttzi illus-Eraticin, a.co~.~muriicafion could lnc:ludea type ofoontt;nva.5 rtc:os~tize~ by the-systein, arid a. policy could include a corporate cummunica.tion.polic:y, a snessaging laoIity, a ltigislation ar regulatory pÃalicy, Or an .12 As aii cxan~Flc of a~ axchiteviiaÃre the equld t~c iised isi ~t~cc~rcia~~c~
witlx.
systomas and mtrthosls di,~-clOSudh erciq, an oz~g:inating, systern.10043, a r6ceiving.sysf.~ x~
1010, aixci.;a fucs.s4gir~g policy cozni>iiano.c s.ysiena 1020 caii cach.be connected 'v.ia one or znor~ -uc:=t~x()rk4, a5- shoWn by FIG. 12. The Oii ginatihg.systein 1.000 cmi send a :5 caniniutiic:atiozitotlzercccivixigsysf:em, systeaxi and:nctu:ork{g} vcOmpliance sysiein 1030Nvould then be operable to fnnvarct the message to, Ã1ie ;~~~~iVf_ng .sy;;tefn. 10.10 -,ia'..netNvO~r.l<(S)...
.I:t Si'tould:be'r.Mdersiood that ntt"xTork(s) 1030 can .iriCtudc Inaalyqu;'mets ins ,Iudii;sg b-ut Iisnitcd to wirdliiet~~ork-s, l~.-~.ca!l aÃea ivhvorks, ~-Oric area;nonvorks.
I.O zne#rOlaolytan area uotkorks, cozpcira.v: imranets; ai-id coinbi:nations therec)-l:
it sliuu.ld alst) be noted that. cariginatingy swstem 1000 aixd!or receiving system 1f Y! Il can 'rnelude an eles:.troiiic xiaail aenYer and: 0r. client; an iaistaixt. rn.ess~igiqg server and/or e:lient; avoicc over internct protocol (VolP) server a3-zdi'c-s.r c1i~.~t, ot goptior .;,crvcr anti,'or -c7icxit, -.3 fle tr;~nsii;r protocol (i' 1 P) scrvcr.madlor client, a h3Jpcrtext 15 t.r-atisfer i?mtoc:ol (li:TTl;':) set've.~ranrl/or c:lient, mici c~nibliiia.t:ivns-dkcreaf, ainotig.maxiy ot1ier existing neiw4rl; c:oma~~unications protocola.
:~.~. a.nother eaa,mFle of the wide scoj*a.ucl Vari.a.taons-o.i' ;sy.stczns =ci i~~~~~hWs di~cIosed. ii.creii, thc s}Jster.i-is and methods niay iae< implemented on.
various tvpc.s of r.nz-npttter a.rchitectLtr es, sucl.-i as N7 example on ciiffare-iit types of netwo~rked.
.20 cnvironzn-mits. As arz ill-ustratiori,:~IG, 1~3 -dcpicts a servq aczcss.
architect~tre.Nvld-un sy:+temss and methods naay - be useei (e~.g., as sho-,.,,m at 1tOil in l:;-IG, 4.). 'i"h~.~ areliteeturc in f4is exampieynctudcs a corparatioWs local zYeft-orl<: 1190ans~
a vasiety of cc7mputt,-r systeois miding withiti thv local network 1190.
'I;'hcsc sysÃcms.
-can inc1utie application servery .1.120 suill.as We:b :spryers m.d. L-n-iail servers, user Nvorkstaiiolis x=i.atg local -clitiits 1:130 sutb as rea.~~rs-atid. Web bro%Fsvrs, wid datrt gorage devic:~:s: 1110 suph as, r>aabases arzci'z~~Aw-rrfk counectedc#isk~.
*,~Siern.s communicate ui.th cael-A. rsthcr via a local communication netvcro.rk such as ft}icmet 1150e Fircwali syste-m 1140 re-sicles between tktelccal communication networld: and Cnt.emc1: 1160. ConnGC:ted to the Inttrnet. 1160 =are a hOst of.extcrnal 3O 54rveis 1170 a-nd exterzYal clients 1180, It should ~~ itticierstood tlat.
tli-e present disciosure. cari any -varsehy Qf mtwork-., in~juding,. b-tit wn IzTilitcd t(.}
an izitxanet, wide ~are~ neisvarf~s, 'loc~~ area networks, and .ct+mbina.tii;?ns Ãticreo't;
in ordt;r, to thcslli:tato- oninYUti.icatinii laettvtvn i:ompo.izezits.
Loc-41 c;hents 1130cana:ec.ess applicat'ican's~rv~~~~ 1120' micl slXared data stc7ra&
1.1.10 vi4 gie local e>or.rm:rrxunica'tion nc#~}iork: External clzents 1180 can a.cc~.~ss exter~ial i application senrers,4170 viathc: Xr3teraaet 11.64l. it znstanc:es where -a'Ioca1 serY~e.~r 1120 -or a local clie.nt.I'130 requires aceess. to azi ext~.~xial server 1470 or tiv-}rcre an external c1ient 4.t80 or a~l exten;al oer.cTer 1170-roqviz=es:a.ceess to a l~r;~~
:~ercrer 1120, in the :appropfi4te proto~wl fox agiv<:ti appliv;iiion serV or tlc~~~v through "aIWa:ys qpen" pcirts oS fuewall 'Vstem 1140.
A- syst~rn .z I00 as disclosed iae-tein may ba; located -in..a -hardware devi~:~e. or on -one or ~~a0r.e si~rvcrs cci~~~~ ctc~c~ tcj tbe iocal .e0numm:ica.tion rzetw~~rk-soch as Ethernet A180 and.1ogicaiSy iii-terposed betwm-i the -firewalI Vstem 1140 an~.i. tiie-iocaI sereem _1120 and att:ernpi:itkg-to inte:.r or lcavs ihe, looal cc?nununications nÃ;twork- tllrou,glz t.he frrcwall systom 1140 are 1.5 routal to 't~-ie syMtcm 11 - 00.
System TI Ã30 coulA be used to bandlc:-.En:any- differer3i t~T.es: oI'e-rnail a:e~d its vawzc:ty of protocols that are used.i'or e-z-nai:i a.ndprocessing MCI-tzding. SMTP and POPI These protoco.N.refer, resiaectivei}r} to stara.da'ds for cornn-iiihi~:~at-irsg e-inaiI rhcssÃages betwzen sewers. and for sorver-olicrlt:cc~na-mx3nica.tion 20 related to e-mail messir.ges. These p:rotot: oIs are dfffi:nedre~pecizveI.jy in particular R'F'C:'''s (Reciue4t xc3rC{?m.~nimt~) pr.c~miilgateci by the.:tEW (hyterneÃ
Bngine~.~ng TzLsk:
Force): The ~SMTP iar.ota.col is defined in. VWC 1211, and the POP3 protocol is -defiiZad in Rr'C 1939.
5'irzce the inception of these siar<d.axds; various needs 13~ve. evolved iti the. Reid.
-2.5 of c~-mail lea.dinb to t1ic-.eIt:velop.n*nt of fuuth.er stwidard.
inclxidina ~hancements or ocidit'zoxial protocols. For iri.stancc., vaaious: erihancoz-t~~~is have etvotved -to t1v $N4711 standards yE:.a.slin'g. to the evolr.ition of extended SNI'~.'1? . Exasnlxles o.fexten5ions- nAdy be 4ee Yn:(1) RFC. 1869 tha:t. cle-iines a framework flor extending the SMTP
service by de;finitig a:.m.eans whereby a servcr 'SM_I:I' can in.form a.cIient SM'IP as to ttie-se.rvice,~
30 extensions it supports mYd ii-i (2) RFC 1891 that &i';zies an ex,tcAsion.
~n thp SW.I'I' sendce~t tyhieh allows an.SM't'F client to s:pcc,~i~'~.Y (a) #hai ~~li~t~ ry -st'qt)s :notMtsaÃisa.ns (L?-S~:~Is).shc.;uld be ~~ne.rafecl uude:r certazll candi.tiot7s; (b) ~,,Fhefhex sucii notiii.catiiins sho-ald retupi the iwnfonis of themcssage, and. (c) additiDlxal jzxfoft~r.atj37n, to be vturn.ud with a DWy tb4t -a.Ãiows='t'hc:'sendor to'dentit~,' both the keeipient(s) 'for. Whi~:h the DS'Nwas issuc~~ci, and the transaoticsia= in-whicix the ori~~~al message Ir:. adciition, the. IMAP prc3tocol:bsas evfiIved as <ill , 6fternatiirc to PQP3 dutt sc3pports morc;. advanced inte-raet.iozis beturmv e-mailsmers kaxd e.liirzi;!~. Tbis prntocoI:
is' ilcscribcd in.1ZFC. 2060:
Other cc~~i-tn.LUU'c,atic~~ 'mech.aiiisrz-~.s aze a.Iqo vvz&lX used &i er raetvvork,s. T'how C~x~~ix~tuxieatzc~~~ sz~~~~3a7~i.sx~s i,ncba~jc.~, Wt arc: not limitcd:to, Voice OcFer IP (ti+'o:Ã:Ã') and.
Instar.lt N40s,,5agi.n&
rixw-ikging the deI.avery -of,v6icc iriiorrna.tioxa using thet.xrtemc:t Protocol (IP). Tmtarzt Messaging is a type of +:;c~ammunica.tioxt. involving a client which hooks-tap to an izastmit messaging sereiccthat &Aiver; xealtit~:me.
.(t-is further noted that the systems acid meti3ods dispi.c?sed ma~y'daU
signals cJÃxxvcyed via zip-tworks (i~:,g, Ãa;cata.rva:aitwork, wide,area.xz~tNvc3rk, internet, etc), fiber qptie. medium, c~a.m."er -ctc. foi, co-mmunicatzon w1rh one:or inore data processing -dovioes. "i'be~:,data..signals wzn .carry atty ot. aii of the dam i.li, ciosed herein that: is ~~~,vided to or from.a dovice.
!kcit3.it#onaIly, metiiods and systems ciescrih.ed,he-rein mwy be impleznenteci Oix many rlifferent~types of processi.ixg-dey~iccs by -pr.ogram code ~~omprisiuy pr:o~ax~z znstruetiozxs -tliat ar.~e:eecutabieby one or rnpre:procc=s8ors, I"i.xesoftwaz epro~;~anx instructions.ma.y,h)clude sOurc~- c-od-a, object c~de., ma.chir.io c~.~i~4, or any officr sl:ored, data thatis o~.rtcrahh,- to cause a~rcicess~z~~ to p~bt-tbrrxi rriethods, descr:ibed herein.
.'i'hG 5ysteins' Kindmethods'= da.ta. (e.g., "sociations, inap,pings,..6tc.) xnay he -15 stored and inlpldmcrite.in ab~~ nx ihor6 diffez=tixt types oft-ed wa:ys,. such as d:ifferent types. of stoxagc devices and prognmuninb consi-mcts (p:&, data stOres, R>h:M;: ROM,. FÃash-xnemory; flat fiies: databases, prograaxinii~~g data' structtuesx..~r~~;rar~xF~~~ia variab~es, I~~-7Y~E?~ (Or-sixni.lat t3pe-) statem.eri:t. congtnie:ts,.
e-tc.). .It isnoted th4t data stru.etures describ.e fbxniaÃ, ior us~ irx.
orgaxoi zibgand storing st~ data:.in database.s, programs, n~emorv, or otlier caanptftei~te.a6ble -m,~d%a Fc?r use by a.
1,~
'1:lYe ~s}rst.eixl4 anci.znefhorl.s ma.Ybaprovi cled, on ix3ar~y tiiffemn:ttypes of ~ot~ ~~z~tt~z'-z ~a~b1 ~ mr/d.~~ .~z~c 1~~diÃ~~ i;oxx~pute.r swz a ;~
nwckzarii;,tivy (e.g., C.D-:~W*.M, dzsIti.utte,.Ii,AM, flash r.rxemoryA ~t7ziap-uter'shat=d drive,'ete.) that contain insLructi.'Eilis fckx use in execution bya. 11rocessc3r. Ão- petform the-zr~ethc3ds' operations a.ztzi irz3:ple merzt the. sysieans descz=.ibcd.hezein.
'1'lie computer ~,oznpozients, suftare znOC3.ules, functions atid data s#a-ezcturcs d.4s'tJribQd hracin may be eomwtod.dzrcctly or itd.ir44tl:y to each other in ordo.r to all.o.-wf the: PoW trf data itee-cied'Ibr their cipdidtio~Tis.
.izis=tauutions i3r;~ rtnodu1.G;.can be impiex-neated for Oxaxt~,Oie as aa6bro'4finc; u-r3it"z?f cocie, of A.4 ti sofiware iurictÃoai. unit of co.de, txr as i'azl 017jcc# (as in. an 0'~jea-o~entcd paradigi~ni)> or as an apialet..-or in. a :con-kpLiter script lan&mage, or as arzz3tl-ier type of ccx.znput.er code or firrn-wx3rc;. TI-ie Softaro components and/or fu:iietiona3.ii:y mtiw b~
'lueattd. on a sijnk1e dc;vice: or distr.i~buted.aeros5 inz3:Itiplc; tievlc:es z:tepcnrIfixg:rzporz the, Situ<a.i7ori AÃ liand.
It t;}io uld be under.5.t:cx)cT t:~iat ati~: 'ustxI in ttie, dewcdp t;iot.t herein axxcl i,hrc?~gjlout tlie cla.irtis that foll~,,v, itio meaniag of '.a~~..,~~x., es plEirii1 erene~
urzless the context c1carly dictates otherwise. Alscs,. w used in.#he di~:scription hLre-in and thrtou6ihcaut%the cla:ixas.that follow, the ineanÃx3g Oi'"W'inol:udes "in"
and. 'YO11 uzalessl.he.t(3ntex.t clearly didatc;s otherwise. Finai~y7 as used mAhe ~.-esc,ri.pt:ion herein and thuoughoO. the ela.i-ms tbat f:'ollaw, :the. meaafings czf "and"and "or"
include baffi thc conj~~~~~ive mici disjimc~ive at~d. may be ciseci interchmagpably unless tiu context oZearlyr clivt.ates oÃbc~misei thQ. or" may be used to zndieaxe situation wkt.et'e only the di4junet,zve txieanziig inayap:~ly.
'16
pcr#~rnas a~~~z~ovi~x anqI'vsis,flf fi~e,~ to ide~n#.zfiy ~hrk3ses mid vvYords, wbieh ,ar~ -w-iique trs a pla:>sificaticazz of fi1c, wbich cata bc dozic by wialyzing Ow rarity Ot'a word or -.phr'~aso to a pGirt:iculai t)Te of fiic;~ and treatirzg such -ivords or phrases as indicative cjf-ti goup of files v4ritti some pemientagp of m-taizny:
Ling.gr~rrint:An-txly-sis --- alechnique to.~ xcie-ntify c:opying.betNNreen mw.O:ectronic k t~xis at.,ul-uItap~~~ letrcls (p,g, whriie file, para~.~a-Ph, scntcncc, or ma.4tructu.red ~ilpba.nuf77erit s;oMponerits) bvx 'fo~ exarnpIe: .f.).Applying a..ncmaalizatzon :taycr.
Is' to renitivo vdiiteapacv axid other noisc; .mid, 2) utilizing a Wirnowing.
aI gc~~~ith-a-i to gentMte'a minimi=x.ed, y'ot qptinxa.i.number of hashes.for each addixag an ambigui#rr fa&tor toidentify lile;s-Nvitb veTy rzkiii.imal, but szViifisant dupli cwitzUns of Ar{ta>
iCIusterAFZalsa,s - aclas.sificaticin -tectinique fhai partztiozis O-w, data into ?O -related subsetssharing a c~.~m.rrion. trait that can.be dofined as a hiracfiori of a.
dc,fine:d distanGc.~twasum(e:g., Euclidian distanc~Z) thot ma&si 4.point as a part of ti.i. Iwast oi-ie cluster.
g~2tixle Leri~~l'Anaky;~is a Oassificatit?n tcchn'rque wWch ca~~ be PerfbrHied M A.d c.*rIcicc:tronic Wxt br data WhMcb. adapt.~iveiy leami st.ructtir.cs of sparse aiid ?S 11orisparsc pattoms by, fur exwn~ls;: 1).Insta.ntlat:ing' a s~tics of M~~o Vv cha3ixs using cnznponertts, of the presented classificat%on zxzediuru as rnmubprs, miti, 2) ,AppIying.a ser3os of w~igl3ts bued on the eoxnpl~oxity. of the chain, :actt~r.ecl~
with th~ lea.riicci appLwance- vectors of each cliain -to. d cditee -a.
t~rtxI~- A i.ty.
!'his p.~~~ces-s. za.iloW8 lbr the learning md. idcntifita.-~i.~~i~ of's.parse pdttenvs; exaet 30 phrases, wpr4,, .O.r bi~.~ary pattc.uxs'Whic,1i hav!- a probability of One cii4puisititan ~'>
based on their hisiorict31 oimmrrerzce across a~c3~at#~xu~Ãl~r.bu~~c#z~~;
the Origzritd mecia'tz~i as ~a.Pzrzcess of conth1uhl;
It s}iou1d bc tjncicrstood that diose miaiyszs too}zniques c;an. be ia-iodifieci (.snrz7ctimes signitioantl}r) based zap, Oz7 khiu dc;sir&d -z=esifItg; azid that all implementations o#'tizese az~~lysis teehrzitiizes are intended to be includ:cd WWiizi fl-i~ present di5closurc. Por example, tiio cl-L7ster analysis Mter 380 cin3.'use ai:urrzNe=r of diff6mat W-c~rithms -ta idezzti:ty, Ousters,> such a~r~zial~~e tcolz~~~~~z~s can.i;3ciudo, fpr~~xarrz~le, bu#.hoi Iimit,or3 to: k-xn~~~~s clustiring,. c#tialif y tbreshey#d. (Q-T).clu9terin& fuz..~r r.;zraea.zx~ ~ci,istc:rikgv wi.ds~i~ara.i cl'zzstoring, amozig oihe.rs.
:i:t} 'i hazs, i# s ~o~.~lti bi .rt~cognized t2iat x~sing :~.
z;~tz~~z~~aiz~~.t~.E~: of classification.
algori:iiun4 Unthe a'}nteait passa~~g th.ro~g~i the n-zess4ging policy compliance -systen-i 300 em-z providc a classification 394 associated with #iie contew, md zaxakzs a determinati rsn, as ~hown by d:ecisi-orz block 31.0, wheft--r tii.e captent of ti-ie -zn~c.~sage coniplies witla cantertt #,~oiicy, Where the coxiterzt crzr:npliz;s with content policy il-ie a.r=xpzeftt systoincriaa network 3ai3.. 1klaez=e-#ht: QvntcnÃ_ ~does nc~t campiy with o,ontent.poiicy. thv uomen# (;;wi bc droppeci, ciuaraniÃncd, .etc. as shown by bluck 34ti. Whe;re the message is not for<vardeci tb #l-ie re.c;ipi,ezit system, the irze;8*mb*ing pv#xc.Y compi:iarzee systein 300 can: zaoÃifyr a sendor, an t3fl.ginatilig systean.
3$4 wid./or an atirzaini~tz=zs.tor (hot glioWn).
'20 As an e:~a~~le, a pWiey t.s3uid~ lii=ziit trwisanitter1 by human: r.esoaxrczws sta-ff or to andi-visiuAls outside of t.he eomparz:yr. 1713.e nacssage cu~te-zit- classification cotild identify pn ~iz~ce~-'ib,~wt~~:
xnf?rzi~atioi~, Ã::c.aznpIe, by the incl'fz.sioa3 of equations or wbzris'or piit=a.,e5 tizat are Most Cezmmonly tisseciated with engineering doouments, presentations iar- dxawiogs - ~ndk)r, by ozxo o'f":
idorztit~od w, zneludirigcbtaacterisfi -o in crsinanon. With c~nginoe~.i~.;
doouments., prc:sentations or .dza~~ritags: would bU tekid detezx-aiza~Whetber the soxzftr was a 1ati~a-zmi resdurGes employee, or w}zet#ier the z'eespiorzt c#oanain ivas not associateEi.wd.t'ii #h.e corn.pany:
It sixould be uzidcrstoad -t}iax usiiag-tiiis methrzd., ap aeiminigtratc~r roWd it~enfi;lu mi itidividual suspectec#."oi'leaking in#'omiatzori. !"Iiis ittdividuai coulffb.c: inr}n4omd;
ibr conipii-ance ~~ith,=npmy policy. N_4oxeovor, the 'tn~~sago Qc}nfient t lassifcafiqn ~
program 110 Cas), d%ec:#. situatiom; whexp the wscr is Selld.ingstabsets of fzle::, pr urh(IO
the htdividua.1. i5 summaijxang-tsr.'xmotcling documezzt to .avofd detectiom As shown in:E11G, . 5, a messago con3laliance sysle~n 400 could be cox3f=zgare l. to examine aia existing set of.i=eIatcd ffl~~492; as sp cified by;an atlministratOr.4-94,. to -ereaie associat.ici Witb the set of xplated files 492. ThG.
files 492 could ~esupplfcd tn ffie me.Gsa.ge content cIassi-tioatimi prograxt'~ 41Ø Tli.c tnessa,5e, ountant ~~~ssifzcatznn p~~~r~~~ 416 cntil.d use eac'.13 of Mi:
tuohniquz;s 460, 470, ~~~ ob tlxe set 6t re1af.ed i'ilc:s tp dotermzno vvhAt featuae ar diaracter' izatioiis, mark thoir reta#:inxislliP. :1inr ea.ainplo.~ legal doci3mmits migft o~en i-ncliide Latin .phrases such as in Siich an izat=l'asion ccatlcl'be discuverable by a anessage. conient e>la,.~sili.catÃon prcrgrr~ 410.
A message ctXiTt83~~ olasskfic:~.~tFon prt3grw7i~ 41Ø can gtJneTti.tz a sot d3f iiienti&inga characteristics fc?r a i;lass cit enritciit. '.f'he 5ane tcalariique8 460, 470,480 arc ttletx Uscd oja con1mumcati~,~ris. cnter..iqg 'the nicssagiAag poIxpyeoiript.i4noe 5yste.m U 400. '1Thc~ of the.cmmmnic:atio zI~.raa~r .tlZembezc?mpared tii the.
i:~entii'yir~~ ~~iarame?.sti.cs for a class of cnntenf. tc3 determihe ih WIaxch c;lass. (if ahy") th~.? cnntent o:l'thc coinnitinica.t-inn bclorzgs, thereby producing a content classi-fication 490 -fnr the communication. The messaging policy conipliance sy-stem 460 tlieix appl:i:es amr f3oi:Ec1es xel-ated to "fl'ie e-eratent: ~lasS~lx~tz~~t. sis shown by deeisxU.n. b1oc1C
4201 to cfetermY_r~e wb:e#;her tbe., cnrrarn.unitialliOn wil1 be cl0livered via nemoxk 430, or d:rnliped, quamntiiiedõ Otc.,as showia liy.$lt3ck 440'. In the event that aoommmiicataon does not s4tisf~ polfcy, tlie.nrigÃziating systezn. 450 s;aii bia. alerted'tc~
~e.la~al%cgr .failuriF
Tlae..mi:ssagi'hg. coutent: c.ompli,anoe syst.ety could ~ilscs notif'y a systeiii administrator and!~,t s6nci:er oftlie policy.fai'lure.
It sh6oItl be recog.~~W ffiat. con#6xt policy can be created..ixi. a ni:yrzad o.l: sv.ay:+:
For cxaiz3ple, as showa in FIG. 6, the mossaging policy cunnpliancc systeni ow-i accept Q-)iitca.it based. poIi:i~.ie5 596-fxom. a:sy~~tcirt adnninistr,ito.r $94.
TlaU admi.ni%ratar S94 cai3 supply:a content po]icY by supplying bcAb tl-ic related content 592 for the rrlessage~
p,ili.~
content classification prngram 510, and s:app~yi~nga sc t, c~f '30 t.c~ b.e lamsed by a pofiLy c-cin-ipliance depision blonl;: :~2flf.
It should alsv b~,, ;recqgiiizocl'Yhat a iaxessagzng p(ilicy cciitpli4iice s~raen cati be, set up to-jnsp~.~trt: access ec-i?:tz=ol tights of users imthorized to access a. set of Ma.t:ed fijes:. 'S'llesz~ ac>.cess c0111tTvf r.i)gtht~y c;.an 1Se wi.i to a~tr.x~atic~l:~;> .~za~]~c a~zx~c~t b~sed.
pc?~icy"Whcre- the usetq-(wtzn a7o -autboxi.-wd) vzov and'orrziodi-ty tbe set O# retatwd fiies a1so havd t:(ic 417'Ifity to send and/orreceive such- siiniiar cOntexzi:
as. i1iey- are ailowedto. access.
F Lzr.ihenxzoze, it. 4hotzlel be:rccognized tha~ a.. z~~essagiz~g policy coi.z}.p'liance svstern-caax be trained. for:-z-ccogniz4ig wit:h the crsicxs of thw s.ys:Gom. For cxarziple, a zxzessqging-poIicy Omptfatiee sy.~Wrn tirzri observealI s~:x1l:throuWx -thc ~~Y~A~.~z-rt ovQ1r a i}erAbd ot'taha!z~. Thcn, u}iczii detWi.b.g that a, Usez is ,~nd;~~g -comm-OTz:zcat1ons that incttzde iozaten#. ibat is 1.~O abn6nnaI ~*ath.xespÃ.ac:t to fZ-ic his"tori:cal. izsage pattern:s of that u:5er, ttzc xnessagir.zg pOlic.y corz-ipliance. system can be eonfz~,~red to dropr'quarantir~e;t1le: c xitxnunieatiozz and/or ncitify a 4yste zn admxnistz~dtor. In arz adapti~~e mmuii~r, a~z~~ssaging pt~licy pompli.anoe. wystern can gvueratv-contezit4sased po1iq(ies.) based. upot lxistori c,al usago of cczrzt!ant.
1 5 FIG. 1 Ãlt~pie:t.s a fl.za.v+rchart i:Uustwtbi,<g an operational scezi-afia 600 fbr a mossaging policy c;Onipliar#ce system, -wIiereb'v asysion3 ~dtrator can d (,.
t"~nc.
.c oaiÃ4izi-bas~.~cl. policy. At step 610, a s~stezt adzn.'inistnztor crs;atcs a eldssificati.un.of cozitezit. For exazrzpls, classit%catiott~ could ityclude; engineering content, meds~cal records ce,3Ytcnt; hummi resources contezZ~. l.~YaI coz-zt:en.t, Maxkcti~g contetit, 20 accounting curii~ ~t, :~ctr~c~s#~zz~ c-c~ntent, etc.
A messaging pcili.cy c:oznP)iarzec s~}r-ste.ni cn:uild thcwrec>e1:ve-a,,w of characteristics assooiated with the orca:ted i~Iassification; as~shoWrz at..stv~.~ 626. It should be ncsted that these 'e+uulti be i:zzternAl.~~ ge.fierate;d; or re;ceiv~_-,d fto;n atictbersystem. At step. 631), the operationscenarto.Who~~r-s an adrrxin:Ãstrator to '?:.~ dvfino a.rule ok ~olicy for c:onnnurzzcations that izieludo awiteizt that xrzatclies the chAracteri'stic5 associatcd Nvitiz. the created c1assificai.xUn, whereby a message filtering systen7 could be ganfiVred to block.inessagcs that do not comply vvith #hw cizviined ruIf;lpolicy:
FIG. S dÃ~~icts aflcrW~hari illustra.6118 an OperatiOnajsc~narir, 70*0 for a 3.{} messagii3.9 policy whor~by a syste-zn. ~dTWiiistrator can dofzaia eoiltorzt: based p6l:icy fbr cornrnzaaiii atii?riw by:,suppl~ f ~'~~ftt.~cc~
~.~r~s. At.stc~~a '710, thG~:23iG5ga ~;1.ng poliCy G:@ln~JIW'lCC.
aLlniiziistrator. ,At -step 720, fhosysfep) a.c3iiainistrator,provides-a set 0-f related t:ile.y wtii,cb exemplify the nevv :c1.assifl catia1i..
gc:nc~rates a 5e:t: c~f.ihar~cr4t istic~ assaciatcd, mrith thc set ol'1=6ia:t4d -files, as shown by stL='~a 73'6, At step 740, the riiessagin -pol . icy. Gcompliance s;yatcin:
rece.rve.s a rule tvr ~S conitaiui-xications identz#a4ci as belonging to the'zx~.~w cla..~5z~'i~ation.:
Avother cxam.ptc. of an opera:tic~nal'scenarxn 800 for a..tne4~agilxg Pcfflcy .cOmpliance sys#ecn i*s shown. i:n F1~"x. 9> At s=.tep 810;
a.tz..adxndrzrstratoi= proVide..s: a nc--v clas~~~icakic~~~. At:st~i 82Ãl, the t3dn7izai.st.rator.providc:s ast;t ofrclate4. -tiles wble.b corri:spond to -ffie.~~~vv classification I{~ p~~ti~i{lecl a:t ~k~:}~ ~~~= ~i~ ~~~ ss~~~in~. ic~ p~iazice ~~~t,~rn ttie~i ge~ze rati~ a set O# ehlaac;.tez:istics that distinguish tt-ie set of :related files ft-oin other ~peslctasses of -fl1L-S; as shovn-i by stcp, 8,10. The r~iessa.ging Nlicy c;o~.~.=+~iwice sy5tem thei.i texmni:ne;s' thc access cokitrol r.i_Wi.~ oft;ach of l-he related f1~.~s in order to develop eonteiit-bas:ed .poliey, tt-ictebv a.llo-win; uscrs. vvith a.cpess to the~ set of related ~les tg .sund con#:eM
1.5 Prb.is%h. sharc=s disti~~goiMdit,g, charae~otisfi(:~,5 tvith -Ãhe reIatcd f ih4s.
A r~~~s~~~Ã~~ :t~oIlev:eorz~piiance system can -1~It.er n~ess~.~;~.~, ibr example, as sho-w,n by thr.: opem t:ic.aiial sc4hado 900. in.Fl:G. 10. At .sts~p,910, acozamunzca.tioni is received. At steli-910, the content afthe communication is compared to existing class,ttic:atit1ng-. This is d.oiic; fof: exa.tnpl:e, by using one nr. more lcc:l3xaiques that 20 a.ttempt to ixaa.t_c}i clements vfthe c:ontcnt. to sets of characteristics assr3clated iv:ith tb:e At decision bIpck 930, tbc: inessagiiig loii.6y con-iplia ncv -systenvdeterminc>> Wliel.tie.r a thr.eshcild. tnatch'ha.s beezi inacle to identify tlie cc+mm.u.tYxcatitan coi}terat as bein',p, related to the existing.classific;ations.
Where th~,~.messa.,,Dzng poli ey c.oinpliane.e s ys$om is iin able t.o,di.siowc~ .a.
thtesht?td rnatdh betwecn tlic czonteat and 6e. exisltti O'a.5sificationse the -coiiu-num-cdd 6zi is 4eterniiri~d. to. contain no -prtltec#~.~ corztexit as shown by s:tep 9441.
Con,mwnii~a.tians tivhich contain rzo protected cctxitcn.t..e;an be ibrwarded to. the ~ccil~.ier~tts~, as shown by stip 950.
Hovv:Gver, =tvhere:fhernes'sagirg-pcilicy compliance syst~~n.i cl.e#eivinds.
tliez:e is 30 a tlxresheilri n-iatch between the -contciit ot fhe comm:unicati.vn ancl the existztig tbp ccarzummicatioii is e::ainint:d to d~t,~-..ri:rijnc 1f: ~nj~~avvba~.0d policy i~:
satisfied,.:a;; s-"hovv.n by Ziooi:~Jon block %0. Where 1h0.ct~~~ent-ba,soci poll.iy :js n(it 1~l satisfiud, fliÃ;: aommmi'eiitim as.c}p;4rwtitied,, dropped, or otheilvis.e bjookod by' the susterix, 4..~; 5he3Wn..'zn stc:p.970. Wlis.=e the wntent-based. policy ls'satisfied, ilie wnu-nuxzieatiofi is tbrwardr;ci io= the or ziic)re. systems associateci ~wi'th the intended t'f: CTpie1.'1 t(S ).
.5 FIG. 11 depicts ma aitumative operationai scenarit~.980 used tO paxs~e cOimnEanicat~ions privr-ta faru=arding the mess~~~ to. a recipie.ra.t. At st~p.982, a c.csmmuriicatiou is received. At step 984, thi; con-Ln-i-Lttiicatiozl:is normaH2~,ed.
Norxziali:ratkm in v~.~rieYus ~am:Wes,= c;an imiud-C.cmv~rtzng ihe c6riu~~.u~~.ie~~tion.tci a -a-i.im-non protr,3GVi. Ft~~ exwrn.pli:~, %Yhorc: fli.e syste~ zooei3-e:s a VolP packet, ~~
.10 conituiuidcatisai; could be couverted to a:~zothc..r.-#bri:nat (c.g., a text based'f'6rmat) fl6r exain.insfioii. It should be uiitierstood ti-tat communications in any torniat call be wnvert.e.d to any other ibrnrn~.at 'ibr pirsing? ~md: that the presczYt discloslare i;s n. ot l%m.it.ecl to conv~.trting, a1l. var3.eii protL3CS)l:s to ariy- parii.cutar protc~c:oi, but tiiaf th:e Oloice ,oi'a comawn eoYnpariOon protocoi. is rnereIv. a~~~ig;a ohoic~-to- bc :madeiIft iightoi Ã~h.e 15 6FCtlinS1:a31Ces Caf'si P,~f~ioiJ.laT sohItieIl(e.g.s wh'iõ'r~,, fl1c, pnini3ry K:C9mm1:lniGat:ffln tneollfmd'm is VOIR, tile coznn-lon comp ~isc~in ~rt~toe t~l xrzaY be chosen to be ~alP to reciuecAhe resOurces used for iycitocoi trans:lation).
In various exam}:iIes; norzxra.lization. ean ai:w include transtat#ng a communir,afir>n :ti cam a variGt.y~< of languages into awa-iinon wril.pzirÃ.sOn lan:gtÃago.
.20 "For exarnplez Where Ei comxnunica.tiorz is in ~em-mu., comp.an:som techniques wouid not detict a ciassific0ion miiteh -whe.rethe~classiii=cation has been..d~fined by'L-11,Ã;IiGla ~~~ng4age dcas:umeakts. Tfzus,.for'a-rnore ~w-npiete analysis of all c;onimuni~miii.~ns, uaniiniiziae-at:ioiis cmi be traitslat'tyci. to a. corzaint~~~ wmp~aris~ii iaragraÃige.. It shoalti be.
tir..id~~st~aael tla~:t =~his r3i:~elc~s~i:~~ is::~~c~t 'Iixnited ~~~ a pa~ic wa.r con3inon. eot~parison 25 Im3guage. Nio-xeover, -it ylio-t-ild be Wxdersto-ici th~t -the eominan.,c:OZnpa.risozx langiia~~
u-iav not. even be aiaxwficed lang~mg~,.bui.may mereJy be.a.4anguage.diatis created-by a user rvhic:h has spmial.-czlia~actenstics th.al:-aiti in classification of -aie, communieatiop. Fu:idi~.~z; the eoznmoq coinpmn5ozi language in vanc)us c:xample.q may -irzclutie acon-ibi~iati'on. of sÃ:verald.iffe.rtni 1miguages, such. as Iaere aiserete cc}ncei7ts ~(3 used in dstTt=rexif iian~;~.agc s.am- r,n~ adeqTiatolY c~es.crikied by a~.ingle 1an~,~aExe.
In step 986; the opentfianai scenario M generates metadata related to tlie c:ommc74pation: Tlxemetadata. .candis:tili 1~h<-.-fi1es. itito iden~~~-igc~iaractexisti.csaaa,d.
~I
r.c~luc~> suli~rtl ~c~us langu4be whicb may A% be b-Op~ul in ,;VsSQuja0~IgCj, tljl~, c0tnmunt:eatictIl'wttki atiy of thc clm47hcat.tozis. Fi3r=eA=4rlzp.le,, de;tinitc:anddnkqefiniti!~.
t~rtic~c~; pt~ohouns, Atzd various offir;r llngpiafi.c; clevic;c.s are often irrelav-iwt to .classific:atzcanO:f aBIc:. At :ste=p 958; tlie.nietiddta..associat~;d wi:filr t:hC; cvrziniuai ca.tion is CÃ?ITIp#!I "L'd to LA:x5ti7",ti~.x xTletadaa 'W:gagf3m .to detcT'S1l.i-ne, c.l. dEkSS';1fic:c3tiC)na=SsiJt3iat.~.'~d '4k lth the eOmzn=auicatiorz. .A:t.dccisi.ora block 990; tl:ae messaging policy Lomplhuicc syst+:m detetm:izl.es-whether a threshold znatch has been r#m~c:-to ideixr:ify tt-ic communication ,mctarla.ta as bortngrelatedtci the xYieta.ci.ata.
Whorc: tlic =,5sa.gitig pcilicy. (zoznpli.anc.c systm is -unablc; to tli:e~~~~cr.a.
thkesbold: match lietwecn tlia c:axxtent and the Ox:isting c Iassifi:catfons, the c:ciz~n---iunic:ati.orz is determixied tci contaiii no protectc:d content asshsawzi bv .stcp 992.
Conzmun7 c:at.ions 44rhi.ch cc3t3tain nc) protccticd'wnten.t. ean bc:
f6rwarded to the rccipiczit(s), a.s. s}You=:rz by step 9_34;
However, W herc tI.ic messaging pnlie,y con-ipl:imice s~y-,tem dctermlncs:
thet=c is 1S a tbr=~bold:-matc;h .bctw'eeji tlx~ Lon:tent of the-cOmmmlicatio=~~ Mid.
O3c: exl.tir~g classi~lcatioos, tlie. con~,minication is- exawined. todet~nnine if contezit-basÃ;d polic:y is~
satisi=ied, as shc3-wn by'docxslon bIock- 996. Whcrc the oont.c.~nt-based polic.y .is not sati.sfied, the communi:cation is quarmitined, dropped, or othefivf4e blockcd.
ar delayed by the systezn, as. ;~~own. iRstep 998;. Whum tbe. eo-n:~ent-t}ased policy is satisfied, the communicaticrin is fbmva:rded to the ono c3r.naore systcms associa.tecl uitl-i the in:tenÃ.ied.
The systezns and mcthc?ds disclosed 1-ierciu arc presented only 1?y way of c,xampIc anc.i axe zic}t n-ic:.ant: to Iiznit the sccsl,e. of i.b.e in'Vc.-ntion. O therv'aniations of the.
;;ystems, a.tid metlYUds describ+ed above will bc= apparent'to tl~~se. skilled in the-art and ?5 as sii01i are consid.er..>d to .bc wl.fihiii the scope offihe invention.
Fa:r vx~mplc, 'a syl."'tcni aiYd rrietlivd can be configur.cd, to hwidleraany different tYpes safcommunicatic>n5, suoh a..R legit.E771ate .1ne5sak.~~eS or uit~~'J'at~ted G(}llilY?:IIiCat#.f3Y1S ol #. %Ol2lIXliI1]iGi1tiot3S
viOlati,~,e. ofa,pre-selected polzcy. As ttzi illus-Eraticin, a.co~.~muriicafion could lnc:ludea type ofoontt;nva.5 rtc:os~tize~ by the-systein, arid a. policy could include a corporate cummunica.tion.polic:y, a snessaging laoIity, a ltigislation ar regulatory pÃalicy, Or an .12 As aii cxan~Flc of a~ axchiteviiaÃre the equld t~c iised isi ~t~cc~rcia~~c~
witlx.
systomas and mtrthosls di,~-clOSudh erciq, an oz~g:inating, systern.10043, a r6ceiving.sysf.~ x~
1010, aixci.;a fucs.s4gir~g policy cozni>iiano.c s.ysiena 1020 caii cach.be connected 'v.ia one or znor~ -uc:=t~x()rk4, a5- shoWn by FIG. 12. The Oii ginatihg.systein 1.000 cmi send a :5 caniniutiic:atiozitotlzercccivixigsysf:em, systeaxi and:nctu:ork{g} vcOmpliance sysiein 1030Nvould then be operable to fnnvarct the message to, Ã1ie ;~~~~iVf_ng .sy;;tefn. 10.10 -,ia'..netNvO~r.l<(S)...
.I:t Si'tould:be'r.Mdersiood that ntt"xTork(s) 1030 can .iriCtudc Inaalyqu;'mets ins ,Iudii;sg b-ut Iisnitcd to wirdliiet~~ork-s, l~.-~.ca!l aÃea ivhvorks, ~-Oric area;nonvorks.
I.O zne#rOlaolytan area uotkorks, cozpcira.v: imranets; ai-id coinbi:nations therec)-l:
it sliuu.ld alst) be noted that. cariginatingy swstem 1000 aixd!or receiving system 1f Y! Il can 'rnelude an eles:.troiiic xiaail aenYer and: 0r. client; an iaistaixt. rn.ess~igiqg server and/or e:lient; avoicc over internct protocol (VolP) server a3-zdi'c-s.r c1i~.~t, ot goptior .;,crvcr anti,'or -c7icxit, -.3 fle tr;~nsii;r protocol (i' 1 P) scrvcr.madlor client, a h3Jpcrtext 15 t.r-atisfer i?mtoc:ol (li:TTl;':) set've.~ranrl/or c:lient, mici c~nibliiia.t:ivns-dkcreaf, ainotig.maxiy ot1ier existing neiw4rl; c:oma~~unications protocola.
:~.~. a.nother eaa,mFle of the wide scoj*a.ucl Vari.a.taons-o.i' ;sy.stczns =ci i~~~~~hWs di~cIosed. ii.creii, thc s}Jster.i-is and methods niay iae< implemented on.
various tvpc.s of r.nz-npttter a.rchitectLtr es, sucl.-i as N7 example on ciiffare-iit types of netwo~rked.
.20 cnvironzn-mits. As arz ill-ustratiori,:~IG, 1~3 -dcpicts a servq aczcss.
architect~tre.Nvld-un sy:+temss and methods naay - be useei (e~.g., as sho-,.,,m at 1tOil in l:;-IG, 4.). 'i"h~.~ areliteeturc in f4is exampieynctudcs a corparatioWs local zYeft-orl<: 1190ans~
a vasiety of cc7mputt,-r systeois miding withiti thv local network 1190.
'I;'hcsc sysÃcms.
-can inc1utie application servery .1.120 suill.as We:b :spryers m.d. L-n-iail servers, user Nvorkstaiiolis x=i.atg local -clitiits 1:130 sutb as rea.~~rs-atid. Web bro%Fsvrs, wid datrt gorage devic:~:s: 1110 suph as, r>aabases arzci'z~~Aw-rrfk counectedc#isk~.
*,~Siern.s communicate ui.th cael-A. rsthcr via a local communication netvcro.rk such as ft}icmet 1150e Fircwali syste-m 1140 re-sicles between tktelccal communication networld: and Cnt.emc1: 1160. ConnGC:ted to the Inttrnet. 1160 =are a hOst of.extcrnal 3O 54rveis 1170 a-nd exterzYal clients 1180, It should ~~ itticierstood tlat.
tli-e present disciosure. cari any -varsehy Qf mtwork-., in~juding,. b-tit wn IzTilitcd t(.}
an izitxanet, wide ~are~ neisvarf~s, 'loc~~ area networks, and .ct+mbina.tii;?ns Ãticreo't;
in ordt;r, to thcslli:tato- oninYUti.icatinii laettvtvn i:ompo.izezits.
Loc-41 c;hents 1130cana:ec.ess applicat'ican's~rv~~~~ 1120' micl slXared data stc7ra&
1.1.10 vi4 gie local e>or.rm:rrxunica'tion nc#~}iork: External clzents 1180 can a.cc~.~ss exter~ial i application senrers,4170 viathc: Xr3teraaet 11.64l. it znstanc:es where -a'Ioca1 serY~e.~r 1120 -or a local clie.nt.I'130 requires aceess. to azi ext~.~xial server 1470 or tiv-}rcre an external c1ient 4.t80 or a~l exten;al oer.cTer 1170-roqviz=es:a.ceess to a l~r;~~
:~ercrer 1120, in the :appropfi4te proto~wl fox agiv<:ti appliv;iiion serV or tlc~~~v through "aIWa:ys qpen" pcirts oS fuewall 'Vstem 1140.
A- syst~rn .z I00 as disclosed iae-tein may ba; located -in..a -hardware devi~:~e. or on -one or ~~a0r.e si~rvcrs cci~~~~ ctc~c~ tcj tbe iocal .e0numm:ica.tion rzetw~~rk-soch as Ethernet A180 and.1ogicaiSy iii-terposed betwm-i the -firewalI Vstem 1140 an~.i. tiie-iocaI sereem _1120 and att:ernpi:itkg-to inte:.r or lcavs ihe, looal cc?nununications nÃ;twork- tllrou,glz t.he frrcwall systom 1140 are 1.5 routal to 't~-ie syMtcm 11 - 00.
System TI Ã30 coulA be used to bandlc:-.En:any- differer3i t~T.es: oI'e-rnail a:e~d its vawzc:ty of protocols that are used.i'or e-z-nai:i a.ndprocessing MCI-tzding. SMTP and POPI These protoco.N.refer, resiaectivei}r} to stara.da'ds for cornn-iiihi~:~at-irsg e-inaiI rhcssÃages betwzen sewers. and for sorver-olicrlt:cc~na-mx3nica.tion 20 related to e-mail messir.ges. These p:rotot: oIs are dfffi:nedre~pecizveI.jy in particular R'F'C:'''s (Reciue4t xc3rC{?m.~nimt~) pr.c~miilgateci by the.:tEW (hyterneÃ
Bngine~.~ng TzLsk:
Force): The ~SMTP iar.ota.col is defined in. VWC 1211, and the POP3 protocol is -defiiZad in Rr'C 1939.
5'irzce the inception of these siar<d.axds; various needs 13~ve. evolved iti the. Reid.
-2.5 of c~-mail lea.dinb to t1ic-.eIt:velop.n*nt of fuuth.er stwidard.
inclxidina ~hancements or ocidit'zoxial protocols. For iri.stancc., vaaious: erihancoz-t~~~is have etvotved -to t1v $N4711 standards yE:.a.slin'g. to the evolr.ition of extended SNI'~.'1? . Exasnlxles o.fexten5ions- nAdy be 4ee Yn:(1) RFC. 1869 tha:t. cle-iines a framework flor extending the SMTP
service by de;finitig a:.m.eans whereby a servcr 'SM_I:I' can in.form a.cIient SM'IP as to ttie-se.rvice,~
30 extensions it supports mYd ii-i (2) RFC 1891 that &i';zies an ex,tcAsion.
~n thp SW.I'I' sendce~t tyhieh allows an.SM't'F client to s:pcc,~i~'~.Y (a) #hai ~~li~t~ ry -st'qt)s :notMtsaÃisa.ns (L?-S~:~Is).shc.;uld be ~~ne.rafecl uude:r certazll candi.tiot7s; (b) ~,,Fhefhex sucii notiii.catiiins sho-ald retupi the iwnfonis of themcssage, and. (c) additiDlxal jzxfoft~r.atj37n, to be vturn.ud with a DWy tb4t -a.Ãiows='t'hc:'sendor to'dentit~,' both the keeipient(s) 'for. Whi~:h the DS'Nwas issuc~~ci, and the transaoticsia= in-whicix the ori~~~al message Ir:. adciition, the. IMAP prc3tocol:bsas evfiIved as <ill , 6fternatiirc to PQP3 dutt sc3pports morc;. advanced inte-raet.iozis beturmv e-mailsmers kaxd e.liirzi;!~. Tbis prntocoI:
is' ilcscribcd in.1ZFC. 2060:
Other cc~~i-tn.LUU'c,atic~~ 'mech.aiiisrz-~.s aze a.Iqo vvz&lX used &i er raetvvork,s. T'how C~x~~ix~tuxieatzc~~~ sz~~~~3a7~i.sx~s i,ncba~jc.~, Wt arc: not limitcd:to, Voice OcFer IP (ti+'o:Ã:Ã') and.
Instar.lt N40s,,5agi.n&
rixw-ikging the deI.avery -of,v6icc iriiorrna.tioxa using thet.xrtemc:t Protocol (IP). Tmtarzt Messaging is a type of +:;c~ammunica.tioxt. involving a client which hooks-tap to an izastmit messaging sereiccthat &Aiver; xealtit~:me.
.(t-is further noted that the systems acid meti3ods dispi.c?sed ma~y'daU
signals cJÃxxvcyed via zip-tworks (i~:,g, Ãa;cata.rva:aitwork, wide,area.xz~tNvc3rk, internet, etc), fiber qptie. medium, c~a.m."er -ctc. foi, co-mmunicatzon w1rh one:or inore data processing -dovioes. "i'be~:,data..signals wzn .carry atty ot. aii of the dam i.li, ciosed herein that: is ~~~,vided to or from.a dovice.
!kcit3.it#onaIly, metiiods and systems ciescrih.ed,he-rein mwy be impleznenteci Oix many rlifferent~types of processi.ixg-dey~iccs by -pr.ogram code ~~omprisiuy pr:o~ax~z znstruetiozxs -tliat ar.~e:eecutabieby one or rnpre:procc=s8ors, I"i.xesoftwaz epro~;~anx instructions.ma.y,h)clude sOurc~- c-od-a, object c~de., ma.chir.io c~.~i~4, or any officr sl:ored, data thatis o~.rtcrahh,- to cause a~rcicess~z~~ to p~bt-tbrrxi rriethods, descr:ibed herein.
.'i'hG 5ysteins' Kindmethods'= da.ta. (e.g., "sociations, inap,pings,..6tc.) xnay he -15 stored and inlpldmcrite.in ab~~ nx ihor6 diffez=tixt types oft-ed wa:ys,. such as d:ifferent types. of stoxagc devices and prognmuninb consi-mcts (p:&, data stOres, R>h:M;: ROM,. FÃash-xnemory; flat fiies: databases, prograaxinii~~g data' structtuesx..~r~~;rar~xF~~~ia variab~es, I~~-7Y~E?~ (Or-sixni.lat t3pe-) statem.eri:t. congtnie:ts,.
e-tc.). .It isnoted th4t data stru.etures describ.e fbxniaÃ, ior us~ irx.
orgaxoi zibgand storing st~ data:.in database.s, programs, n~emorv, or otlier caanptftei~te.a6ble -m,~d%a Fc?r use by a.
1,~
'1:lYe ~s}rst.eixl4 anci.znefhorl.s ma.Ybaprovi cled, on ix3ar~y tiiffemn:ttypes of ~ot~ ~~z~tt~z'-z ~a~b1 ~ mr/d.~~ .~z~c 1~~diÃ~~ i;oxx~pute.r swz a ;~
nwckzarii;,tivy (e.g., C.D-:~W*.M, dzsIti.utte,.Ii,AM, flash r.rxemoryA ~t7ziap-uter'shat=d drive,'ete.) that contain insLructi.'Eilis fckx use in execution bya. 11rocessc3r. Ão- petform the-zr~ethc3ds' operations a.ztzi irz3:ple merzt the. sysieans descz=.ibcd.hezein.
'1'lie computer ~,oznpozients, suftare znOC3.ules, functions atid data s#a-ezcturcs d.4s'tJribQd hracin may be eomwtod.dzrcctly or itd.ir44tl:y to each other in ordo.r to all.o.-wf the: PoW trf data itee-cied'Ibr their cipdidtio~Tis.
.izis=tauutions i3r;~ rtnodu1.G;.can be impiex-neated for Oxaxt~,Oie as aa6bro'4finc; u-r3it"z?f cocie, of A.4 ti sofiware iurictÃoai. unit of co.de, txr as i'azl 017jcc# (as in. an 0'~jea-o~entcd paradigi~ni)> or as an apialet..-or in. a :con-kpLiter script lan&mage, or as arzz3tl-ier type of ccx.znput.er code or firrn-wx3rc;. TI-ie Softaro components and/or fu:iietiona3.ii:y mtiw b~
'lueattd. on a sijnk1e dc;vice: or distr.i~buted.aeros5 inz3:Itiplc; tievlc:es z:tepcnrIfixg:rzporz the, Situ<a.i7ori AÃ liand.
It t;}io uld be under.5.t:cx)cT t:~iat ati~: 'ustxI in ttie, dewcdp t;iot.t herein axxcl i,hrc?~gjlout tlie cla.irtis that foll~,,v, itio meaniag of '.a~~..,~~x., es plEirii1 erene~
urzless the context c1carly dictates otherwise. Alscs,. w used in.#he di~:scription hLre-in and thrtou6ihcaut%the cla:ixas.that follow, the ineanÃx3g Oi'"W'inol:udes "in"
and. 'YO11 uzalessl.he.t(3ntex.t clearly didatc;s otherwise. Finai~y7 as used mAhe ~.-esc,ri.pt:ion herein and thuoughoO. the ela.i-ms tbat f:'ollaw, :the. meaafings czf "and"and "or"
include baffi thc conj~~~~~ive mici disjimc~ive at~d. may be ciseci interchmagpably unless tiu context oZearlyr clivt.ates oÃbc~misei thQ. or" may be used to zndieaxe situation wkt.et'e only the di4junet,zve txieanziig inayap:~ly.
'16
Claims (31)
1.A method for operation upon one or more data processors to filter communications based upon content based policy compliance, comprising defining a classification to be associated with a set of files the classification generally classifying content of the set of documents as being associated with one of a plurality of business activities;
receiving a set of known identifying characteristics with respect to the classification;
wherein the set of known identifying chraracteristics has been derived upon the set of files;
receiving a rule specifying treatment of content identified as associated with the set of known identifying characteristics;
receiving a set of known identifying characteristics with respect to the classification;
wherein the set of known identifying chraracteristics has been derived upon the set of files;
receiving a rule specifying treatment of content identified as associated with the set of known identifying characteristics;
2.The method of claim 1, wherein the received set of known identifying characteristics associated with the set of files are generated by examining the content of the set of files for triggering characteristics included in the files.
3.The method of claim 2, wherein the examination of the files includes at least one of a fingerprinting analysis, a cluster analysis, a contextual analysis, and an adaptive lexical analysis.
4.The method of claim 1, wherein the rule is generated according to access control rights associated with at least one of the sender or the recipient, wherein the access control rights are derived from access control rights associated with the set of files.
5. The method of claim 1, wherein the rule is generated based upon access control rights associated with at least one of the sender or the recipient, content contained in a communication, usage of the content contained in a communication, or combinations thereof.
6. The method of claim 5, wherein access control rights are provided to groups of users, wherein the sender and the recipient are included in at least one group of users.
7. The method of claim 1, further comprising the steps of:
receiving a communication from an originating system;
extracting identifying characteristics associated with the communication;
comparing the communication's identifying characteristics with the set of known identifying characteristic to identify a determined classification to be associated with the communication;
applying a rule associated with the determined classification, the rule specifying whether the communication should be forwarded to its intended recipient.
receiving a communication from an originating system;
extracting identifying characteristics associated with the communication;
comparing the communication's identifying characteristics with the set of known identifying characteristic to identify a determined classification to be associated with the communication;
applying a rule associated with the determined classification, the rule specifying whether the communication should be forwarded to its intended recipient.
8. The method of claim 7, further comprising the step of forwarding the communication based upon application of the rule.
4. The method of claim 7, further comprising the step of forwarding the communication responsive to the communication not being associated with any known identifying characteristics.
10. The method of claim 7, further comprising the step of automatically generating a rule responsive to learning communications patterns associated with groups of users and based on types of content being distributed among the groups of users.
11. The method of claim 7, further comprising delaying delivery of the communication based upon application of the rule.
12. The method of claim 11, further comprising notifying an originator of the communication responsive to delivery of the communication being delayed.
13. The method of claim 12, wherein the delay is at least one of storing the communication in a quarantine folder, dropping the communication, temporarily rejecting the communication, storing the communication until approval is received from an administrator to forward the communication, automatically encrypting the communication, notifying an administrator, notifying a recipient, or combinations thereof.
14. The method of claim 7, further comprising converting a communication from one of a plurality of mismatched formats to a comparison format to extracting identifying characteristics from the communications.
15. The method of claim 7, further comprising translating a file or communication into a common language or format prior to extracting identifying characteristics or generating the known identifying characteristics.
10. The method of claim 15, wherein the translating step creates metadata to be used in extracting identifying characteristics.
17. The method of claim 7, further comprising the steps of:
observing communication traffic;
identifying one or more patterns exhibited by observed communication traffic;
generating a rule based upon the identified one or more patterns.
observing communication traffic;
identifying one or more patterns exhibited by observed communication traffic;
generating a rule based upon the identified one or more patterns.
18. The method of claim 17, wherein a communication falling outside of one or more identified traffic patterns is sent to a quarantine folder, dropped, temporarily rejected, stored until approval is received from a administrator to forward the communication, automatically encrypted, a recipient is notified, a sender is notified, or combinations thereof.
19. The method of claim 1, wherein the defined classifications are at least one of:
management files, legal files, technical files, marketing files, financial files, information technology files, proprietary files, strategy files, sensitive files, or government classified files.
management files, legal files, technical files, marketing files, financial files, information technology files, proprietary files, strategy files, sensitive files, or government classified files.
20. The method of claim 1, wherein a system administrator specifies the rule by selecting a classification of files for application of the rule, selecting a class of users who are permitted to send the selected classification of files, and selecting a class of users who are permitted to receive the selected classification of files.
21. The method of claim 1, wherein the steps of selecting a class of users comprises selecting individual users who have permission to send or receive the selected classification of files.
22. A content-based policy compliance system configured to filter messages based upon content and at least one of the senders or recipients associated with the messages, the system comprising:
a messaging content classifier configured to receive a message and classify the message as associated with at least one of a plurality of content classifications based upon the content of the message and upon known identifying characteristics of the plurality of content classifications;
a messaging filter configured to receive the at least one content classification from the messaging content classifier and to apply a rule to the message based upon the at least one content classification and upon at least one of a sender or recipient of the message; and forwarding logic configured to transmit the message responsive to the output from the messaging filter.
a messaging content classifier configured to receive a message and classify the message as associated with at least one of a plurality of content classifications based upon the content of the message and upon known identifying characteristics of the plurality of content classifications;
a messaging filter configured to receive the at least one content classification from the messaging content classifier and to apply a rule to the message based upon the at least one content classification and upon at least one of a sender or recipient of the message; and forwarding logic configured to transmit the message responsive to the output from the messaging filter.
23. The system of claim 22, wherein the messaging content classifier is further configured to receive a plurality of files associated with a specified class, and extract any identifying characteristics from the message to generate the known identifying characteristics and associate the known identifying characteristics with the specified class of the plurality of content classifications.
24. The system of claim 23, further comprising a user interface configured to receive the plurality of files and the specified class from a user and provide the plurality of files and the specified class to the messaging content classifier.
25. The system of claim 24, wherein the user interface is further configured to allow a user to specify rules for the messaging filter.
26. The system of claim 25, wherein the rules specify which class of individuals are permitted to send and receive a specified content class associated with the rule.
27. The system of claim 26, wherein the messaging content classifier is configured to use one or more of the following identification techniques to identify commonalities between the plurality of files as well as to classify messages with one of the plurality of classes: a fingerprinting analysis, a cluster analysis, a contextual analysis, and an adaptive lexical analysis.
28.The system of claim 22, wherein the fowarding logic is operable to forward the message to a recipient, quarantine the message, drop the message, or encrypt the message before forwarding the message to a recipient.
29.The system of claim 22, wherein the system is a messaging client, wherein the messaging client periodically receives updates from a messaging server comprising at least one of update rules, updated content classifications, or updated identifying characteristics for the content classifications.
30.The system of claim 22, wherein the message comprises an e-mail communication, an instant messaging communication, an HTTP communication, an FTP communication, a WAIS communication, a telnet communication,a Gopher communication, or a voice over internet protocol communication.
31. Computer readable storage media storing instructions that upon execution by a system processor cause the system processor to filter communications transmitted over a communication network based upon the content of a communication and upon the sender and recipient(s) of the communication, the media having stored instruction that cause the system processor to perform the steps comprising:
receiving sets of known identifying characteristics with respect to a plurality determining whether the content of the communication substantially matches any of the plurality of the content classifications based upon te sets of known identifying characteristics associated with the content classifications, respectively;
fowarding the communication responsive to the rule associated with the substantially matched content classification, wherein the rule specifies an action to perform on the communication based upon the content classification of the communication and upon the originating address and the receiving address of the communication.
receiving sets of known identifying characteristics with respect to a plurality determining whether the content of the communication substantially matches any of the plurality of the content classifications based upon te sets of known identifying characteristics associated with the content classifications, respectively;
fowarding the communication responsive to the rule associated with the substantially matched content classification, wherein the rule specifies an action to perform on the communication based upon the content classification of the communication and upon the originating address and the receiving address of the communication.
Applications Claiming Priority (5)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US73612105P | 2005-11-10 | 2005-11-10 | |
| US60/736,121 | 2005-11-10 | ||
| US11/383,347 | 2006-05-15 | ||
| US11/383,347 US7903549B2 (en) | 2002-03-08 | 2006-05-15 | Content-based policy compliance systems and methods |
| PCT/US2006/060771 WO2007059428A2 (en) | 2005-11-10 | 2006-11-10 | Content-based policy compliance systems and methods |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CA2628189A1 true CA2628189A1 (en) | 2007-05-24 |
| CA2628189C CA2628189C (en) | 2015-05-19 |
Family
ID=38049357
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA2628189A Active CA2628189C (en) | 2005-11-10 | 2006-11-10 | Content-based policy compliance systems and methods |
Country Status (7)
| Country | Link |
|---|---|
| US (1) | US7903549B2 (en) |
| EP (1) | EP1982540A4 (en) |
| JP (1) | JP5046128B2 (en) |
| CN (1) | CN101401466B (en) |
| AU (1) | AU2006315184B2 (en) |
| CA (1) | CA2628189C (en) |
| WO (1) | WO2007059428A2 (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8549611B2 (en) | 2002-03-08 | 2013-10-01 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
| US8561167B2 (en) | 2002-03-08 | 2013-10-15 | Mcafee, Inc. | Web reputation scoring |
| US8578480B2 (en) | 2002-03-08 | 2013-11-05 | Mcafee, Inc. | Systems and methods for identifying potentially malicious messages |
| US8589503B2 (en) | 2008-04-04 | 2013-11-19 | Mcafee, Inc. | Prioritizing network traffic |
| US8621559B2 (en) | 2007-11-06 | 2013-12-31 | Mcafee, Inc. | Adjusting filter or classification control settings |
| US8621638B2 (en) | 2010-05-14 | 2013-12-31 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
| US8635690B2 (en) | 2004-11-05 | 2014-01-21 | Mcafee, Inc. | Reputation based message processing |
| US8763114B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Detecting image spam |
| US8762537B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Multi-dimensional reputation scoring |
Families Citing this family (108)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9118708B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Multi-path remediation |
| US9118711B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
| US8984644B2 (en) | 2003-07-01 | 2015-03-17 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
| US9118710B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | System, method, and computer program product for reporting an occurrence in different manners |
| US9100431B2 (en) | 2003-07-01 | 2015-08-04 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
| US20070113272A2 (en) | 2003-07-01 | 2007-05-17 | Securityprofiling, Inc. | Real-time vulnerability monitoring |
| US9350752B2 (en) | 2003-07-01 | 2016-05-24 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
| US9118709B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
| US7526792B2 (en) * | 2004-06-09 | 2009-04-28 | Intel Corporation | Integration of policy compliance enforcement and device authentication |
| US7774824B2 (en) * | 2004-06-09 | 2010-08-10 | Intel Corporation | Multifactor device authentication |
| US7870265B2 (en) | 2005-06-30 | 2011-01-11 | Oracle International Corporation | System and method for managing communications sessions in a network |
| CN101346634B (en) | 2005-11-04 | 2012-10-24 | 甲骨文国际公司 | System and method for a gatekeeper in a communications network |
| US8171466B2 (en) | 2006-05-16 | 2012-05-01 | Oracle International Corporation | Hitless application upgrade for SIP server architecture |
| US8112525B2 (en) | 2006-05-16 | 2012-02-07 | Oracle International Corporation | Engine near cache for reducing latency in a telecommunications environment |
| US8001250B2 (en) | 2006-05-16 | 2011-08-16 | Oracle International Corporation | SIP and HTTP convergence in network computing environments |
| US8219697B2 (en) | 2006-05-17 | 2012-07-10 | Oracle International Corporation | Diameter protocol and SH interface support for SIP server architecture |
| US8020206B2 (en) | 2006-07-10 | 2011-09-13 | Websense, Inc. | System and method of analyzing web content |
| US8615800B2 (en) | 2006-07-10 | 2013-12-24 | Websense, Inc. | System and method for analyzing web content |
| US20080037583A1 (en) * | 2006-08-09 | 2008-02-14 | Postini, Inc. | Unified management policy for multiple format electronic communications |
| US8341405B2 (en) * | 2006-09-28 | 2012-12-25 | Microsoft Corporation | Access management in an off-premise environment |
| US20080104393A1 (en) * | 2006-09-28 | 2008-05-01 | Microsoft Corporation | Cloud-based access control list |
| US20080086555A1 (en) * | 2006-10-09 | 2008-04-10 | David Alexander Feinleib | System and Method for Search and Web Spam Filtering |
| US7661027B2 (en) * | 2006-10-10 | 2010-02-09 | Bea Systems, Inc. | SIP server architecture fault tolerance and failover |
| US9654495B2 (en) | 2006-12-01 | 2017-05-16 | Websense, Llc | System and method of analyzing web addresses |
| GB2458094A (en) | 2007-01-09 | 2009-09-09 | Surfcontrol On Demand Ltd | URL interception and categorization in firewalls |
| US7779156B2 (en) * | 2007-01-24 | 2010-08-17 | Mcafee, Inc. | Reputation based load balancing |
| CN101622849B (en) * | 2007-02-02 | 2014-06-11 | 网圣公司 | System and method for adding context to prevent data leakage over a computer network |
| GB0709527D0 (en) | 2007-05-18 | 2007-06-27 | Surfcontrol Plc | Electronic messaging system, message processing apparatus and message processing method |
| US8068588B2 (en) * | 2007-06-26 | 2011-11-29 | Microsoft Corporation | Unified rules for voice and messaging |
| US8849909B2 (en) * | 2007-07-06 | 2014-09-30 | Yahoo! Inc. | Real-time asynchronous event aggregation systems |
| US8199965B1 (en) | 2007-08-17 | 2012-06-12 | Mcafee, Inc. | System, method, and computer program product for preventing image-related data loss |
| US8074162B1 (en) * | 2007-10-23 | 2011-12-06 | Google Inc. | Method and system for verifying the appropriateness of shared content |
| US9686087B2 (en) * | 2007-11-02 | 2017-06-20 | International Business Machines Corporation | Synchronization of questions and answers in a collaborative messaging environment |
| US8171388B2 (en) | 2007-11-15 | 2012-05-01 | Yahoo! Inc. | Trust based moderation |
| US20090196529A1 (en) * | 2008-02-06 | 2009-08-06 | William Su | System and method for content sensitive document processing |
| US8893285B2 (en) * | 2008-03-14 | 2014-11-18 | Mcafee, Inc. | Securing data using integrated host-based data loss agent with encryption detection |
| JP5094487B2 (en) * | 2008-03-17 | 2012-12-12 | 三菱電機株式会社 | Information leakage inspection apparatus, computer program, and information leakage inspection method |
| US9130986B2 (en) | 2008-03-19 | 2015-09-08 | Websense, Inc. | Method and system for protection against information stealing software |
| US8370948B2 (en) * | 2008-03-19 | 2013-02-05 | Websense, Inc. | System and method for analysis of electronic information dissemination events |
| US8407784B2 (en) | 2008-03-19 | 2013-03-26 | Websense, Inc. | Method and system for protection against information stealing software |
| US9015842B2 (en) | 2008-03-19 | 2015-04-21 | Websense, Inc. | Method and system for protection against information stealing software |
| EP2318955A1 (en) | 2008-06-30 | 2011-05-11 | Websense, Inc. | System and method for dynamic and real-time categorization of webpages |
| CN101364999B (en) | 2008-09-18 | 2012-07-04 | 华为技术有限公司 | QoS processing method, apparatus and system based on stream |
| US9178842B2 (en) * | 2008-11-05 | 2015-11-03 | Commvault Systems, Inc. | Systems and methods for monitoring messaging applications for compliance with a policy |
| CN101741818B (en) * | 2008-11-05 | 2013-01-02 | 南京理工大学 | Independent network safety encryption isolator arranged on network cable and isolation method thereof |
| US8713173B2 (en) | 2008-12-19 | 2014-04-29 | Openpeak Inc. | System and method for ensuring compliance with organizational policies |
| WO2010138466A1 (en) | 2009-05-26 | 2010-12-02 | Wabsense, Inc. | Systems and methods for efficeint detection of fingerprinted data and information |
| US20110002369A1 (en) * | 2009-07-06 | 2011-01-06 | Multitech Systems, Inc. | Ip to analog converter |
| US8918856B2 (en) | 2010-06-24 | 2014-12-23 | Microsoft Corporation | Trusted intermediary for network layer claims-enabled access control |
| US8528069B2 (en) * | 2010-09-30 | 2013-09-03 | Microsoft Corporation | Trustworthy device claims for enterprise applications |
| US9237155B1 (en) * | 2010-12-06 | 2016-01-12 | Amazon Technologies, Inc. | Distributed policy enforcement with optimizing policy transformations |
| US20120158819A1 (en) * | 2010-12-21 | 2012-06-21 | Microsoft Corporation | Policy-based application delivery |
| US9369433B1 (en) * | 2011-03-18 | 2016-06-14 | Zscaler, Inc. | Cloud based social networking policy and compliance systems and methods |
| US9119017B2 (en) | 2011-03-18 | 2015-08-25 | Zscaler, Inc. | Cloud based mobile device security and policy enforcement |
| US9519682B1 (en) | 2011-05-26 | 2016-12-13 | Yahoo! Inc. | User trustworthiness |
| US8769642B1 (en) | 2011-05-31 | 2014-07-01 | Amazon Technologies, Inc. | Techniques for delegation of access privileges |
| EP2729877A4 (en) | 2011-07-08 | 2015-06-17 | Box Inc | Desktop application for access and interaction with workspaces in a cloud-based content management system and synchronization mechanisms thereof |
| US8689279B2 (en) | 2011-08-30 | 2014-04-01 | Microsoft Corporation | Encrypted chunk-based rapid data encryption policy compliance |
| US8874935B2 (en) | 2011-08-30 | 2014-10-28 | Microsoft Corporation | Sector map-based rapid data encryption policy compliance |
| US9773051B2 (en) | 2011-11-29 | 2017-09-26 | Box, Inc. | Mobile platform file and folder selection functionalities for offline access and synchronization |
| US8762406B2 (en) | 2011-12-01 | 2014-06-24 | Oracle International Corporation | Real-time data redaction in a database management system |
| US8880989B2 (en) * | 2012-01-30 | 2014-11-04 | Microsoft Corporation | Educating users and enforcing data dissemination policies |
| US9087039B2 (en) | 2012-02-07 | 2015-07-21 | Microsoft Technology Licensing, Llc | Language independent probabilistic content matching |
| US9575981B2 (en) | 2012-04-11 | 2017-02-21 | Box, Inc. | Cloud service enabled to handle a set of files depicted to a user as a single file in a native operating system |
| US8972511B2 (en) | 2012-06-18 | 2015-03-03 | OpenQ, Inc. | Methods and apparatus for analyzing social media for enterprise compliance issues |
| US9794256B2 (en) * | 2012-07-30 | 2017-10-17 | Box, Inc. | System and method for advanced control tools for administrators in a cloud-based service |
| EP2880583A4 (en) * | 2012-08-02 | 2016-03-23 | Openpeak Inc | System and method for ensuring compliance with organizational policies |
| US9241259B2 (en) | 2012-11-30 | 2016-01-19 | Websense, Inc. | Method and apparatus for managing the transfer of sensitive information to mobile devices |
| US10235383B2 (en) | 2012-12-19 | 2019-03-19 | Box, Inc. | Method and apparatus for synchronization of items with read-only permissions in a cloud-based environment |
| US9953036B2 (en) | 2013-01-09 | 2018-04-24 | Box, Inc. | File system monitoring in a system which incrementally updates clients with events that occurred in a cloud-based collaboration platform |
| EP2757491A1 (en) | 2013-01-17 | 2014-07-23 | Box, Inc. | Conflict resolution, retry condition management, and handling of problem files for the synchronization client to a cloud-based platform |
| CN103209174B (en) * | 2013-03-12 | 2016-03-30 | 华为技术有限公司 | A kind of data prevention method, Apparatus and system |
| US10846074B2 (en) | 2013-05-10 | 2020-11-24 | Box, Inc. | Identification and handling of items to be ignored for synchronization with a cloud-based platform by a synchronization client |
| US10725968B2 (en) | 2013-05-10 | 2020-07-28 | Box, Inc. | Top down delete or unsynchronization on delete of and depiction of item synchronization with a synchronization client to a cloud-based platform |
| US20140344570A1 (en) | 2013-05-20 | 2014-11-20 | Microsoft Corporation | Data Protection For Organizations On Computing Devices |
| GB2515192B (en) | 2013-06-13 | 2016-12-14 | Box Inc | Systems and methods for synchronization event building and/or collapsing by a synchronization component of a cloud-based platform |
| US9805050B2 (en) | 2013-06-21 | 2017-10-31 | Box, Inc. | Maintaining and updating file system shadows on a local device by a synchronization client of a cloud-based platform |
| US20140379598A1 (en) * | 2013-06-25 | 2014-12-25 | Harvest Exchange Corporation | Method and system for regulating content posted on social media sites |
| JP6191290B2 (en) * | 2013-07-09 | 2017-09-06 | 富士通株式会社 | File evaluation program, file identification device, and file evaluation method |
| US10615967B2 (en) | 2014-03-20 | 2020-04-07 | Microsoft Technology Licensing, Llc | Rapid data protection for storage devices |
| US10530854B2 (en) | 2014-05-30 | 2020-01-07 | Box, Inc. | Synchronization of permissioned content in cloud-based environments |
| US9825945B2 (en) | 2014-09-09 | 2017-11-21 | Microsoft Technology Licensing, Llc | Preserving data protection with policy |
| US9853812B2 (en) | 2014-09-17 | 2017-12-26 | Microsoft Technology Licensing, Llc | Secure key management for roaming protected content |
| US10275396B1 (en) * | 2014-09-23 | 2019-04-30 | Symantec Corporation | Techniques for data classification based on sensitive data |
| WO2016068995A1 (en) * | 2014-10-31 | 2016-05-06 | Hewlett-Packard Development Company, L.P. | Controlled content delivery |
| US9900295B2 (en) | 2014-11-05 | 2018-02-20 | Microsoft Technology Licensing, Llc | Roaming content wipe actions across devices |
| WO2016113911A1 (en) | 2015-01-16 | 2016-07-21 | 三菱電機株式会社 | Data assessment device, data assessment method, and program |
| US11350254B1 (en) | 2015-05-05 | 2022-05-31 | F5, Inc. | Methods for enforcing compliance policies and devices thereof |
| US9853820B2 (en) | 2015-06-30 | 2017-12-26 | Microsoft Technology Licensing, Llc | Intelligent deletion of revoked data |
| US9900325B2 (en) | 2015-10-09 | 2018-02-20 | Microsoft Technology Licensing, Llc | Passive encryption of organization data |
| US20170270535A1 (en) * | 2015-10-09 | 2017-09-21 | Leadtrain, Inc. | Systems and Methods for Engineering and Publishing Compliant Content |
| WO2017089481A1 (en) * | 2015-11-25 | 2017-06-01 | Wire I.P. Limited | Network architecture for controlling data signalling |
| US11757946B1 (en) | 2015-12-22 | 2023-09-12 | F5, Inc. | Methods for analyzing network traffic and enforcing network policies and devices thereof |
| US11178150B1 (en) | 2016-01-20 | 2021-11-16 | F5 Networks, Inc. | Methods for enforcing access control list based on managed application and devices thereof |
| US10491632B1 (en) * | 2016-01-21 | 2019-11-26 | F5 Networks, Inc. | Methods for reducing compliance violations in mobile application management environments and devices thereof |
| US10044719B2 (en) | 2016-01-29 | 2018-08-07 | Zscaler, Inc. | Client application based access control in cloud security systems for mobile devices |
| US11297058B2 (en) | 2016-03-28 | 2022-04-05 | Zscaler, Inc. | Systems and methods using a cloud proxy for mobile device management and policy |
| CN109074453B (en) | 2016-04-26 | 2021-10-26 | 三菱电机株式会社 | Intrusion detection device, intrusion detection method, and computer-readable storage medium |
| US10498605B2 (en) | 2016-06-02 | 2019-12-03 | Zscaler, Inc. | Cloud based systems and methods for determining and visualizing security risks of companies, users, and groups |
| US10142362B2 (en) | 2016-06-02 | 2018-11-27 | Zscaler, Inc. | Cloud based systems and methods for determining security risks of users and groups |
| WO2018098760A1 (en) * | 2016-11-30 | 2018-06-07 | 华为技术有限公司 | Rapid access method, device, and electronic apparatus for financial transaction |
| US10389612B1 (en) * | 2017-01-25 | 2019-08-20 | Amazon Technologies, Inc. | Product agnostic pattern detection and management |
| US11122042B1 (en) | 2017-05-12 | 2021-09-14 | F5 Networks, Inc. | Methods for dynamically managing user access control and devices thereof |
| US11343237B1 (en) | 2017-05-12 | 2022-05-24 | F5, Inc. | Methods for managing a federated identity environment using security and access control data and devices thereof |
| US10733572B2 (en) * | 2017-12-22 | 2020-08-04 | Microsoft Technology Licensing, Llc | Data protection using alerts to delay transmission |
| US10476936B1 (en) | 2018-12-13 | 2019-11-12 | Software Ag | Plugin-based file transfer systems and/or methods |
| JP2022179229A (en) * | 2021-05-21 | 2022-12-02 | 株式会社日立製作所 | Sentence data management method, and sentence data management system |
| US11348071B1 (en) * | 2021-07-22 | 2022-05-31 | Dell Products L.P. | Role-based access control enabled corporate email |
Family Cites Families (401)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4289930A (en) | 1978-11-30 | 1981-09-15 | The General Electric Company Limited | Electronic apparatus for the display of information received over a line |
| US4386416A (en) | 1980-06-02 | 1983-05-31 | Mostek Corporation | Data compression, encryption, and in-line transmission system |
| US4384325A (en) | 1980-06-23 | 1983-05-17 | Sperry Corporation | Apparatus and method for searching a data base using variable search criteria |
| US4532588A (en) | 1982-11-09 | 1985-07-30 | International Business Machines Corporation | Electronic document distribution network with uniform data stream |
| US4713780A (en) | 1985-04-15 | 1987-12-15 | Express Communications, Inc. | Electronic mail |
| US4754428A (en) | 1985-04-15 | 1988-06-28 | Express Communications, Inc. | Apparatus and method of distributing documents to remote terminals with different formats |
| US4837798A (en) | 1986-06-02 | 1989-06-06 | American Telephone And Telegraph Company | Communication system having unified messaging |
| NL8602418A (en) | 1986-09-25 | 1988-04-18 | Philips Nv | DEVICE FOR DISPLAYING A PCM MODULATED SIGNAL WITH A MUTE CIRCUIT. |
| JP2702927B2 (en) | 1987-06-15 | 1998-01-26 | 株式会社日立製作所 | String search device |
| DE3851724T2 (en) | 1987-07-08 | 1995-05-04 | Matsushita Electric Ind Co Ltd | Method and device for protecting copy signals. |
| US4853961A (en) | 1987-12-18 | 1989-08-01 | Pitney Bowes Inc. | Reliable document authentication system |
| US4951196A (en) | 1988-05-04 | 1990-08-21 | Supply Tech, Inc. | Method and apparatus for electronic data interchange |
| US5008814A (en) * | 1988-08-15 | 1991-04-16 | Network Equipment Technologies, Inc. | Method and apparatus for updating system software for a plurality of data processing units in a communication network |
| GB2222899B (en) | 1988-08-31 | 1993-04-14 | Anthony Morris Rose | Securing a computer against undesired write operations or from a mass storage device |
| US5054096A (en) | 1988-10-24 | 1991-10-01 | Empire Blue Cross/Blue Shield | Method and apparatus for converting documents into electronic data for transaction processing |
| US4975950A (en) | 1988-11-03 | 1990-12-04 | Lentz Stephen A | System and method of protecting integrity of computer data and software |
| CA1321656C (en) | 1988-12-22 | 1993-08-24 | Chander Kasiraj | Method for restricting delivery and receipt of electronic message |
| US5167011A (en) | 1989-02-15 | 1992-11-24 | W. H. Morris | Method for coodinating information storage and retrieval |
| US5210824A (en) | 1989-03-03 | 1993-05-11 | Xerox Corporation | Encoding-format-desensitized methods and means for interchanging electronic document as appearances |
| US5020059A (en) | 1989-03-31 | 1991-05-28 | At&T Bell Laboratories | Reconfigurable signal processor |
| US5144659A (en) | 1989-04-19 | 1992-09-01 | Richard P. Jones | Computer file protection system |
| US5119465A (en) | 1989-06-19 | 1992-06-02 | Digital Equipment Corporation | System for selectively converting plurality of source data structures through corresponding source intermediate structures, and target intermediate structures into selected target structure |
| GB8918553D0 (en) | 1989-08-15 | 1989-09-27 | Digital Equipment Int | Message control system |
| JPH03117940A (en) | 1989-09-25 | 1991-05-20 | Internatl Business Mach Corp <Ibm> | Method of managing electronic mail |
| US5105184B1 (en) * | 1989-11-09 | 1997-06-17 | Noorali Pirani | Methods for displaying and integrating commercial advertisements with computer software |
| US5495610A (en) * | 1989-11-30 | 1996-02-27 | Seer Technologies, Inc. | Software distribution system to build and distribute a software release |
| EP0451384B1 (en) | 1990-04-10 | 1997-09-24 | International Business Machines Corporation | Hypertext data processing system and method |
| US5319776A (en) | 1990-04-19 | 1994-06-07 | Hilgraeve Corporation | In transit detection of computer virus with safeguard |
| US5210825A (en) | 1990-04-26 | 1993-05-11 | Teknekron Communications Systems, Inc. | Method and an apparatus for displaying graphical data received from a remote computer by a local computer |
| US5822527A (en) | 1990-05-04 | 1998-10-13 | Digital Equipment Corporation | Method and apparatus for information stream filtration using tagged information access and action registration |
| US5144557A (en) | 1990-08-13 | 1992-09-01 | International Business Machines Corporation | Method and system for document distribution by reference to a first group and particular document to a second group of user in a data processing system |
| US5247661A (en) | 1990-09-10 | 1993-09-21 | International Business Machines Corporation | Method and apparatus for automated document distribution in a data processing system |
| US5276869A (en) * | 1990-09-10 | 1994-01-04 | International Business Machines Corporation | System for selecting document recipients as determined by technical content of document and for electronically corroborating receipt of document |
| US5239466A (en) | 1990-10-04 | 1993-08-24 | Motorola, Inc. | System for selectively routing and merging independent annotations to a document at remote locations |
| JP3161725B2 (en) * | 1990-11-21 | 2001-04-25 | 株式会社日立製作所 | Workstations and collaborative information processing systems |
| US5283887A (en) * | 1990-12-19 | 1994-02-01 | Bull Hn Information Systems Inc. | Automatic document format conversion in an electronic mail system based upon user preference |
| JP3177684B2 (en) * | 1991-03-14 | 2001-06-18 | 株式会社日立製作所 | Email system |
| US5424724A (en) | 1991-03-27 | 1995-06-13 | International Business Machines Corporation | Method and apparatus for enhanced electronic mail distribution |
| US5513323A (en) * | 1991-06-14 | 1996-04-30 | International Business Machines Corporation | Method and apparatus for multistage document format transformation in a data processing system |
| US5577209A (en) | 1991-07-11 | 1996-11-19 | Itt Corporation | Apparatus and method for providing multi-level security for communication among computers and terminals on a network |
| US5379340A (en) * | 1991-08-02 | 1995-01-03 | Betterprize Limited | Text communication system |
| US5367621A (en) | 1991-09-06 | 1994-11-22 | International Business Machines Corporation | Data processing method to provide a generalized link from a reference point in an on-line book to an arbitrary multimedia object which can be dynamically updated |
| US5313521A (en) | 1992-04-15 | 1994-05-17 | Fujitsu Limited | Key distribution protocol for file transfer in the local area network |
| US5485409A (en) * | 1992-04-30 | 1996-01-16 | International Business Machines Corporation | Automated penetration analysis system and method |
| US5278901A (en) * | 1992-04-30 | 1994-01-11 | International Business Machines Corporation | Pattern-oriented intrusion-detection system and method |
| US5235642A (en) | 1992-07-21 | 1993-08-10 | Digital Equipment Corporation | Access control subsystem and method for distributed computer system using locally cached authentication credentials |
| GB2271002B (en) | 1992-09-26 | 1995-12-06 | Digital Equipment Int | Data processing system |
| US5418908A (en) | 1992-10-15 | 1995-05-23 | International Business Machines Corporation | System for automatically establishing a link between an electronic mail item and a remotely stored reference through a place mark inserted into the item |
| JP3553987B2 (en) * | 1992-11-13 | 2004-08-11 | 株式会社日立製作所 | Client server system |
| US5675733A (en) | 1992-11-30 | 1997-10-07 | International Business Machines Corporation | Statistical analysis and display of reception status of electronic messages |
| US5544320A (en) | 1993-01-08 | 1996-08-06 | Konrad; Allan M. | Remote information service access system based on a client-server-service model |
| US5406557A (en) * | 1993-02-01 | 1995-04-11 | National Semiconductor Corporation | Interenterprise electronic mail hub |
| US5479411A (en) | 1993-03-10 | 1995-12-26 | At&T Corp. | Multi-media integrated message arrangement |
| US5404231A (en) * | 1993-05-24 | 1995-04-04 | Audiofax, Inc. | Sender-based facsimile store and forward facility |
| JPH0764788A (en) | 1993-06-14 | 1995-03-10 | Mitsubishi Electric Corp | Microcomputer |
| JPH0737087A (en) * | 1993-07-19 | 1995-02-07 | Matsushita Electric Ind Co Ltd | Picture processor |
| JPH0779298A (en) | 1993-09-08 | 1995-03-20 | Hitachi Ltd | Facsimile server system |
| US5657461A (en) | 1993-10-04 | 1997-08-12 | Xerox Corporation | User interface for defining and automatically transmitting data according to preferred communication channels |
| US5513126A (en) * | 1993-10-04 | 1996-04-30 | Xerox Corporation | Network having selectively accessible recipient prioritized communication channel profiles |
| US5414833A (en) | 1993-10-27 | 1995-05-09 | International Business Machines Corporation | Network security system and method using a parallel finite state machine adaptive active monitor and responder |
| US5771354A (en) * | 1993-11-04 | 1998-06-23 | Crawford; Christopher M. | Internet online backup system provides remote storage for customers using IDs and passwords which were interactively established when signing up for backup services |
| US5606668A (en) | 1993-12-15 | 1997-02-25 | Checkpoint Software Technologies Ltd. | System for securing inbound and outbound data packet flow in a computer network |
| US5509074A (en) * | 1994-01-27 | 1996-04-16 | At&T Corp. | Method of protecting electronically published materials using cryptographic protocols |
| US5557742A (en) | 1994-03-07 | 1996-09-17 | Haystack Labs, Inc. | Method and system for detecting intrusion into and misuse of a data processing system |
| US5541993A (en) | 1994-05-10 | 1996-07-30 | Fan; Eric | Structure and method for secure image transmission |
| US5675507A (en) | 1995-04-28 | 1997-10-07 | Bobo, Ii; Charles R. | Message storage and delivery system |
| US5511122A (en) * | 1994-06-03 | 1996-04-23 | The United States Of America As Represented By The Secretary Of The Navy | Intermediate network authentication |
| US5416842A (en) | 1994-06-10 | 1995-05-16 | Sun Microsystems, Inc. | Method and apparatus for key-management scheme for use with internet protocols at site firewalls |
| US5535276A (en) | 1994-11-09 | 1996-07-09 | Bell Atlantic Network Services, Inc. | Yaksha, an improved system and method for securing communications using split private key asymmetric cryptography |
| US5481312A (en) * | 1994-09-12 | 1996-01-02 | At&T Corp. | Method of and apparatus for the transmission of high and low priority segments of a video bitstream over packet networks |
| US5740231A (en) * | 1994-09-16 | 1998-04-14 | Octel Communications Corporation | Network-based multimedia communications and directory system and method of operation |
| US5933478A (en) | 1994-09-28 | 1999-08-03 | Hitachi, Ltd. | Data transfer system and handheld terminal device used therefor |
| US5805719A (en) | 1994-11-28 | 1998-09-08 | Smarttouch | Tokenless identification of individuals |
| US5758257A (en) | 1994-11-29 | 1998-05-26 | Herz; Frederick | System and method for scheduling broadcast of and access to video programs and other data using customer profiles |
| US5619648A (en) | 1994-11-30 | 1997-04-08 | Lucent Technologies Inc. | Message filtering techniques |
| US5608874A (en) * | 1994-12-02 | 1997-03-04 | Autoentry Online, Inc. | System and method for automatic data file format translation and transmission having advanced features |
| US5550984A (en) | 1994-12-07 | 1996-08-27 | Matsushita Electric Corporation Of America | Security system for preventing unauthorized communications between networks by translating communications received in ip protocol to non-ip protocol to remove address and routing services information |
| US5530852A (en) | 1994-12-20 | 1996-06-25 | Sun Microsystems, Inc. | Method for extracting profiles and topics from a first file written in a first markup language and generating files in different markup languages containing the profiles and topics for use in accessing data described by the profiles and topics |
| US5638487A (en) | 1994-12-30 | 1997-06-10 | Purespeech, Inc. | Automatic speech recognition |
| US5694616A (en) | 1994-12-30 | 1997-12-02 | International Business Machines Corporation | Method and system for prioritization of email items by selectively associating priority attribute with at least one and fewer than all of the recipients |
| US5878230A (en) * | 1995-01-05 | 1999-03-02 | International Business Machines Corporation | System for email messages wherein the sender designates whether the recipient replies or forwards to addresses also designated by the sender |
| US5710883A (en) * | 1995-03-10 | 1998-01-20 | Stanford University | Hypertext document transport mechanism for firewall-compatible distributed world-wide web publishing |
| US5790793A (en) | 1995-04-04 | 1998-08-04 | Higley; Thomas | Method and system to create, transmit, receive and process information, including an address to further information |
| US5677955A (en) | 1995-04-07 | 1997-10-14 | Financial Services Technology Consortium | Electronic funds transfer instruments |
| DE69628882T2 (en) | 1995-04-25 | 2004-05-27 | Canon K.K. | Data transmission device and method |
| WO1996035994A1 (en) | 1995-05-08 | 1996-11-14 | Compuserve Incorporated | Rules based electronic message management system |
| JP3338585B2 (en) * | 1995-05-16 | 2002-10-28 | 富士通株式会社 | Apparatus and method for converting presentation data |
| US5632011A (en) | 1995-05-22 | 1997-05-20 | Sterling Commerce, Inc. | Electronic mail management system for operation on a host computer system |
| US5708780A (en) * | 1995-06-07 | 1998-01-13 | Open Market, Inc. | Internet server access control and monitoring systems |
| US5812776A (en) | 1995-06-07 | 1998-09-22 | Open Market, Inc. | Method of providing internet pages by mapping telephone number provided by client to URL and returning the same in a redirect command by server |
| US5742759A (en) * | 1995-08-18 | 1998-04-21 | Sun Microsystems, Inc. | Method and system for facilitating access control to system resources in a distributed computer system |
| EP0762337A3 (en) | 1995-09-08 | 2000-01-19 | Francotyp-Postalia Aktiengesellschaft & Co. | Method and device for enhancing manipulation-proof of critical data |
| US5826013A (en) | 1995-09-28 | 1998-10-20 | Symantec Corporation | Polymorphic virus detection module |
| US5696822A (en) | 1995-09-28 | 1997-12-09 | Symantec Corporation | Polymorphic virus detection module |
| US5572643A (en) | 1995-10-19 | 1996-11-05 | Judson; David H. | Web browser with dynamic display of information objects during linking |
| US5948062A (en) | 1995-10-27 | 1999-09-07 | Emc Corporation | Network file server using a cached disk array storing a network file directory including file locking information and data mover computers each having file system software for shared read-write file access |
| US5826029A (en) | 1995-10-31 | 1998-10-20 | International Business Machines Corporation | Secured gateway interface |
| US5793763A (en) | 1995-11-03 | 1998-08-11 | Cisco Technology, Inc. | Security system for network address translation systems |
| US5923846A (en) | 1995-11-06 | 1999-07-13 | Microsoft Corporation | Method of uploading a message containing a file reference to a server and downloading a file from the server using the file reference |
| US5764906A (en) | 1995-11-07 | 1998-06-09 | Netword Llc | Universal electronic resource denotation, request and delivery system |
| JPH09153050A (en) * | 1995-11-29 | 1997-06-10 | Hitachi Ltd | Method and device for gathering document information |
| US5892825A (en) * | 1996-05-15 | 1999-04-06 | Hyperlock Technologies Inc | Method of secure server control of local media via a trigger through a network for instant local access of encrypted data on local media |
| US5937164A (en) | 1995-12-07 | 1999-08-10 | Hyperlock Technologies, Inc. | Method and apparatus of secure server control of local media via a trigger through a network for instant local access of encrypted data on local media within a platform independent networking system |
| US5758343A (en) | 1995-12-08 | 1998-05-26 | Ncr Corporation | Apparatus and method for integrating multiple delegate directory service agents |
| US5745574A (en) * | 1995-12-15 | 1998-04-28 | Entegrity Solutions Corporation | Security infrastructure for electronic transactions |
| US5706442A (en) * | 1995-12-20 | 1998-01-06 | Block Financial Corporation | System for on-line financial services using distributed objects |
| US5903723A (en) | 1995-12-21 | 1999-05-11 | Intel Corporation | Method and apparatus for transmitting electronic mail attachments with attachment references |
| US5781901A (en) | 1995-12-21 | 1998-07-14 | Intel Corporation | Transmitting electronic mail attachment over a network using a e-mail page |
| US5602918A (en) * | 1995-12-22 | 1997-02-11 | Virtual Open Network Environment Corp. | Application level security system and method |
| US5796951A (en) | 1995-12-22 | 1998-08-18 | Intel Corporation | System for displaying information relating to a computer network including association devices with tasks performable on those devices |
| JP2000503154A (en) | 1996-01-11 | 2000-03-14 | エムアールジェイ インコーポレイテッド | System for controlling access and distribution of digital ownership |
| US5801700A (en) | 1996-01-19 | 1998-09-01 | Silicon Graphics Incorporated | System and method for an iconic drag and drop interface for electronic file transfer |
| US5826014A (en) | 1996-02-06 | 1998-10-20 | Network Engineering Software | Firewall system for protecting network elements connected to a public network |
| US5751956A (en) | 1996-02-21 | 1998-05-12 | Infoseek Corporation | Method and apparatus for redirection of server external hyper-link references |
| US5963915A (en) | 1996-02-21 | 1999-10-05 | Infoseek Corporation | Secure, convenient and efficient system and method of performing trans-internet purchase transactions |
| US5855020A (en) | 1996-02-21 | 1998-12-29 | Infoseek Corporation | Web scan process |
| US5862325A (en) * | 1996-02-29 | 1999-01-19 | Intermind Corporation | Computer-based communication system and method using metadata defining a control structure |
| US5673322A (en) | 1996-03-22 | 1997-09-30 | Bell Communications Research, Inc. | System and method for providing protocol translation and filtering to access the world wide web from wireless or low-bandwidth networks |
| US5850442A (en) | 1996-03-26 | 1998-12-15 | Entegrity Solutions Corporation | Secure world wide electronic commerce over an open network |
| US5826022A (en) | 1996-04-05 | 1998-10-20 | Sun Microsystems, Inc. | Method and apparatus for receiving electronic mail |
| US5727156A (en) * | 1996-04-10 | 1998-03-10 | Hotoffice Technologies, Inc. | Internet-based automatic publishing system |
| US5845084A (en) | 1996-04-18 | 1998-12-01 | Microsoft Corporation | Automatic data display formatting with a networking application |
| US5778372A (en) | 1996-04-18 | 1998-07-07 | Microsoft Corporation | Remote retrieval and display management of electronic document with incorporated images |
| US5864852A (en) * | 1996-04-26 | 1999-01-26 | Netscape Communications Corporation | Proxy server caching mechanism that provides a file directory structure and a mapping mechanism within the file directory structure |
| US5793972A (en) | 1996-05-03 | 1998-08-11 | Westminster International Computers Inc. | System and method providing an interactive response to direct mail by creating personalized web page based on URL provided on mail piece |
| US5742769A (en) * | 1996-05-06 | 1998-04-21 | Banyan Systems, Inc. | Directory with options for access to and display of email addresses |
| US5884033A (en) * | 1996-05-15 | 1999-03-16 | Spyglass, Inc. | Internet filtering system for filtering data transferred over the internet utilizing immediate and deferred filtering actions |
| US5768528A (en) | 1996-05-24 | 1998-06-16 | V-Cast, Inc. | Client-server system for delivery of online information |
| US5918013A (en) | 1996-06-03 | 1999-06-29 | Webtv Networks, Inc. | Method of transcoding documents in a network environment using a proxy server |
| US5822526A (en) | 1996-06-03 | 1998-10-13 | Microsoft Corporation | System and method for maintaining and administering email address names in a network |
| US5812398A (en) | 1996-06-10 | 1998-09-22 | Sun Microsystems, Inc. | Method and system for escrowed backup of hotelled world wide web sites |
| US6108688A (en) | 1996-06-12 | 2000-08-22 | Sun Microsystems, Inc. | System for reminding a sender of an email if recipient of the email does not respond by a selected time set by the sender |
| US6373950B1 (en) | 1996-06-17 | 2002-04-16 | Hewlett-Packard Company | System, method and article of manufacture for transmitting messages within messages utilizing an extensible, flexible architecture |
| US5781857A (en) | 1996-06-28 | 1998-07-14 | Motorola, Inc. | Method of establishing an email monitor responsive to a wireless communications system user |
| US5790789A (en) | 1996-08-02 | 1998-08-04 | Suarez; Larry | Method and architecture for the creation, control and deployment of services within a distributed computer environment |
| US6072942A (en) | 1996-09-18 | 2000-06-06 | Secure Computing Corporation | System and method of electronic mail filtering using interconnected nodes |
| JPH10111727A (en) | 1996-10-03 | 1998-04-28 | Toshiba Corp | Information equipment having telephone function and security rearising method therefor |
| US6119236A (en) | 1996-10-07 | 2000-09-12 | Shipley; Peter M. | Intelligent network security device and method |
| US6012144A (en) * | 1996-10-08 | 2000-01-04 | Pickett; Thomas E. | Transaction security method and apparatus |
| US5930479A (en) | 1996-10-21 | 1999-07-27 | At&T Corp | Communications addressing system |
| US6385655B1 (en) | 1996-10-24 | 2002-05-07 | Tumbleweed Communications Corp. | Method and apparatus for delivering documents over an electronic network |
| US5790790A (en) | 1996-10-24 | 1998-08-04 | Tumbleweed Software Corporation | Electronic document delivery system in which notification of said electronic document is sent to a recipient thereof |
| US6192407B1 (en) * | 1996-10-24 | 2001-02-20 | Tumbleweed Communications Corp. | Private, trackable URLs for directed document delivery |
| TW400487B (en) | 1996-10-24 | 2000-08-01 | Tumbleweed Software Corp | Electronic document delivery system |
| US6119137A (en) | 1997-01-30 | 2000-09-12 | Tumbleweed Communications Corp. | Distributed dynamic document conversion server |
| US6502191B1 (en) | 1997-02-14 | 2002-12-31 | Tumbleweed Communications Corp. | Method and system for binary data firewall delivery |
| US6058381A (en) | 1996-10-30 | 2000-05-02 | Nelson; Theodor Holm | Many-to-many payments system for network content materials |
| US6453345B2 (en) | 1996-11-06 | 2002-09-17 | Datadirect Networks, Inc. | Network security and surveillance system |
| US5991881A (en) | 1996-11-08 | 1999-11-23 | Harris Corporation | Network surveillance system |
| US6167520A (en) | 1996-11-08 | 2000-12-26 | Finjan Software, Inc. | System and method for protecting a client during runtime from hostile downloadables |
| US5796948A (en) | 1996-11-12 | 1998-08-18 | Cohen; Elliot D. | Offensive message interceptor for computers |
| US5796942A (en) | 1996-11-21 | 1998-08-18 | Computer Associates International, Inc. | Method and apparatus for automated network-wide surveillance and security breach intervention |
| JPH10164124A (en) | 1996-12-04 | 1998-06-19 | Canon Inc | Communication device |
| US5968119A (en) | 1996-12-09 | 1999-10-19 | Wall Data Incorporated | Method of accessing information of an SNA host computer from a client computer using a specific terminal emulation |
| US6285991B1 (en) | 1996-12-13 | 2001-09-04 | Visa International Service Association | Secure interactive electronic account statement delivery system |
| RU2144270C1 (en) | 1996-12-16 | 2000-01-10 | Самсунг Электроникс Ко., Лтд. | Method for transmission of e-mail messages in local-area network and device which implements said method |
| US5911776A (en) | 1996-12-18 | 1999-06-15 | Unisys Corporation | Automatic format conversion system and publishing methodology for multi-user network |
| US6061722A (en) | 1996-12-23 | 2000-05-09 | T E Network, Inc. | Assessing network performance without interference with normal network operations |
| US5898836A (en) | 1997-01-14 | 1999-04-27 | Netmind Services, Inc. | Change-detection tool indicating degree and location of change of internet documents by comparison of cyclic-redundancy-check(CRC) signatures |
| US5978799A (en) | 1997-01-30 | 1999-11-02 | Hirsch; G. Scott | Search engine including query database, user profile database, information templates and email facility |
| US5896499A (en) | 1997-02-21 | 1999-04-20 | International Business Machines Corporation | Embedded security processor |
| US6539430B1 (en) * | 1997-03-25 | 2003-03-25 | Symantec Corporation | System and method for filtering data received by a computer system |
| US6061448A (en) | 1997-04-01 | 2000-05-09 | Tumbleweed Communications Corp. | Method and system for dynamic server document encryption |
| TW396308B (en) | 1997-04-01 | 2000-07-01 | Tumbleweed Software Corp | Document delivery system |
| US6108786A (en) | 1997-04-25 | 2000-08-22 | Intel Corporation | Monitor network bindings for computer security |
| US5958005A (en) | 1997-07-17 | 1999-09-28 | Bell Atlantic Network Services, Inc. | Electronic mail security |
| US7162738B2 (en) * | 1998-11-03 | 2007-01-09 | Tumbleweed Communications Corp. | E-mail firewall with stored key encryption/decryption |
| US6609196B1 (en) | 1997-07-24 | 2003-08-19 | Tumbleweed Communications Corp. | E-mail firewall with stored key encryption/decryption |
| US7127741B2 (en) | 1998-11-03 | 2006-10-24 | Tumbleweed Communications Corp. | Method and system for e-mail message transmission |
| US7117358B2 (en) | 1997-07-24 | 2006-10-03 | Tumbleweed Communications Corp. | Method and system for filtering communication |
| US6006329A (en) | 1997-08-11 | 1999-12-21 | Symantec Corporation | Detection of computer viruses spanning multiple data streams |
| US6199102B1 (en) | 1997-08-26 | 2001-03-06 | Christopher Alan Cobb | Method and system for filtering electronic messages |
| US6119230A (en) | 1997-10-01 | 2000-09-12 | Novell, Inc. | Distributed dynamic security capabilities |
| EP0907120A3 (en) | 1997-10-02 | 2004-03-24 | Tumbleweed Software Corporation | Method amd apparatus for delivering documents over an electronic network |
| US6393568B1 (en) | 1997-10-23 | 2002-05-21 | Entrust Technologies Limited | Encryption and decryption system and method with content analysis provision |
| US6003027A (en) | 1997-11-21 | 1999-12-14 | International Business Machines Corporation | System and method for determining confidence levels for the results of a categorization system |
| US6094731A (en) | 1997-11-24 | 2000-07-25 | Symantec Corporation | Antivirus accelerator for computer networks |
| US6393465B2 (en) | 1997-11-25 | 2002-05-21 | Nixmail Corporation | Junk electronic mail detector and eliminator |
| US5860068A (en) * | 1997-12-04 | 1999-01-12 | Petabyte Corporation | Method and system for custom manufacture and delivery of a data product |
| US6202157B1 (en) * | 1997-12-08 | 2001-03-13 | Entrust Technologies Limited | Computer network security system and method having unilateral enforceable security policy provision |
| US6023723A (en) * | 1997-12-22 | 2000-02-08 | Accepted Marketing, Inc. | Method and system for filtering unwanted junk e-mail utilizing a plurality of filtering mechanisms |
| US6052709A (en) | 1997-12-23 | 2000-04-18 | Bright Light Technologies, Inc. | Apparatus and method for controlling delivery of unsolicited electronic mail |
| US6029256A (en) * | 1997-12-31 | 2000-02-22 | Network Associates, Inc. | Method and system for allowing computer programs easy access to features of a virus scanning engine |
| US6035423A (en) | 1997-12-31 | 2000-03-07 | Network Associates, Inc. | Method and system for providing automated updating and upgrading of antivirus applications using a computer network |
| US6279133B1 (en) | 1997-12-31 | 2001-08-21 | Kawasaki Steel Corporation | Method and apparatus for significantly improving the reliability of multilevel memory architecture |
| US5999932A (en) | 1998-01-13 | 1999-12-07 | Bright Light Technologies, Inc. | System and method for filtering unsolicited electronic mail messages using data matching and heuristic processing |
| CA2228687A1 (en) * | 1998-02-04 | 1999-08-04 | Brett Howard | Secured virtual private networks |
| US20040058873A1 (en) * | 1998-03-12 | 2004-03-25 | Esmond Robert W. | Method for treating or preventing Alzheimer's disease |
| US6279113B1 (en) | 1998-03-16 | 2001-08-21 | Internet Tools, Inc. | Dynamic signature inspection-based network intrusion detection |
| US6092114A (en) | 1998-04-17 | 2000-07-18 | Siemens Information And Communication Networks, Inc. | Method and system for determining the location for performing file-format conversions of electronics message attachments |
| US6145083A (en) | 1998-04-23 | 2000-11-07 | Siemens Information And Communication Networks, Inc. | Methods and system for providing data and telephony security |
| US6104500A (en) | 1998-04-29 | 2000-08-15 | Bcl, Computer Inc. | Networked fax routing via email |
| US6298445B1 (en) | 1998-04-30 | 2001-10-02 | Netect, Ltd. | Computer security |
| JP3017712B2 (en) | 1998-05-15 | 2000-03-13 | 松下電送システム株式会社 | Internet facsimile |
| US6275942B1 (en) | 1998-05-20 | 2001-08-14 | Network Associates, Inc. | System, method and computer program product for automatic response to computer system misuse using active response modules |
| US6058482A (en) | 1998-05-22 | 2000-05-02 | Sun Microsystems, Inc. | Apparatus, method and system for providing network security for executable code in computer and communications networks |
| US6330589B1 (en) | 1998-05-26 | 2001-12-11 | Microsoft Corporation | System and method for using a client database to manage conversation threads generated from email or news messages |
| US6289214B1 (en) | 1998-05-29 | 2001-09-11 | Ericsson Inc. | Systems and methods for deactivating a cellular radiotelephone system using an ANSI-41 short message service email |
| US6347374B1 (en) * | 1998-06-05 | 2002-02-12 | Intrusion.Com, Inc. | Event detection |
| WO1999066383A2 (en) * | 1998-06-15 | 1999-12-23 | Dmw Worldwide, Inc. | Method and apparatus for assessing the security of a computer system |
| US6317829B1 (en) | 1998-06-19 | 2001-11-13 | Entrust Technologies Limited | Public key cryptography based security system to facilitate secure roaming of users |
| US6192360B1 (en) * | 1998-06-23 | 2001-02-20 | Microsoft Corporation | Methods and apparatus for classifying text and for building a text classifier |
| US6161130A (en) | 1998-06-23 | 2000-12-12 | Microsoft Corporation | Technique which utilizes a probabilistic classifier to detect "junk" e-mail by automatically updating a training and re-training the classifier based on the updated training set |
| US6185689B1 (en) * | 1998-06-24 | 2001-02-06 | Richard S. Carson & Assoc., Inc. | Method for network self security assessment |
| US6141778A (en) | 1998-06-29 | 2000-10-31 | Mci Communications Corporation | Method and apparatus for automating security functions in a computer system |
| US6324656B1 (en) | 1998-06-30 | 2001-11-27 | Cisco Technology, Inc. | System and method for rules-driven multi-phase network vulnerability assessment |
| US6442686B1 (en) | 1998-07-02 | 2002-08-27 | Networks Associates Technology, Inc. | System and methodology for messaging server-based management and enforcement of crypto policies |
| US6269447B1 (en) | 1998-07-21 | 2001-07-31 | Raytheon Company | Information security analysis system |
| US6151675A (en) | 1998-07-23 | 2000-11-21 | Tumbleweed Software Corporation | Method and apparatus for effecting secure document format conversion |
| US6711127B1 (en) * | 1998-07-31 | 2004-03-23 | General Dynamics Government Systems Corporation | System for intrusion detection and vulnerability analysis in a telecommunications signaling network |
| US6223213B1 (en) | 1998-07-31 | 2001-04-24 | Webtv Networks, Inc. | Browser-based email system with user interface for audio/video capture |
| US6304973B1 (en) | 1998-08-06 | 2001-10-16 | Cryptek Secure Communications, Llc | Multi-level security network system |
| US6442588B1 (en) | 1998-08-20 | 2002-08-27 | At&T Corp. | Method of administering a dynamic filtering firewall |
| US6324569B1 (en) | 1998-09-23 | 2001-11-27 | John W. L. Ogilvie | Self-removing email verified or designated as such by a message distributor for the convenience of a recipient |
| US6460141B1 (en) | 1998-10-28 | 2002-10-01 | Rsa Security Inc. | Security and access management system for web-enabled and non-web-enabled applications and content on a computer network |
| IT1305152B1 (en) * | 1998-11-02 | 2001-04-10 | Skf Ind Spa | PRISONER SCREWS OF THE PERFECT TYPE FOR THE CONNECTION OF A WHEEL AND A BRAKING ELEMENT TO THE HUB OF THE WHEEL OF A VEHICLE |
| US6260043B1 (en) | 1998-11-06 | 2001-07-10 | Microsoft Corporation | Automatic file format converter |
| US6321338B1 (en) * | 1998-11-09 | 2001-11-20 | Sri International | Network surveillance |
| US6249807B1 (en) | 1998-11-17 | 2001-06-19 | Kana Communications, Inc. | Method and apparatus for performing enterprise email management |
| US6282565B1 (en) | 1998-11-17 | 2001-08-28 | Kana Communications, Inc. | Method and apparatus for performing enterprise email management |
| US6272532B1 (en) | 1998-12-02 | 2001-08-07 | Harold F. Feinleib | Electronic reminder system with universal email input |
| US6370648B1 (en) | 1998-12-08 | 2002-04-09 | Visa International Service Association | Computer network intrusion detection |
| US6546416B1 (en) | 1998-12-09 | 2003-04-08 | Infoseek Corporation | Method and system for selectively blocking delivery of bulk electronic mail |
| US6550012B1 (en) | 1998-12-11 | 2003-04-15 | Network Associates, Inc. | Active firewall system and methodology |
| US6249575B1 (en) | 1998-12-11 | 2001-06-19 | Securelogix Corporation | Telephony security system |
| US6574737B1 (en) | 1998-12-23 | 2003-06-03 | Symantec Corporation | System for penetrating computer or computer network |
| US6118856A (en) | 1998-12-28 | 2000-09-12 | Nortel Networks Corporation | Method and apparatus for automatically forwarding an email message or portion thereof to a remote device |
| US6301668B1 (en) | 1998-12-29 | 2001-10-09 | Cisco Technology, Inc. | Method and system for adaptive network security using network vulnerability assessment |
| US6654787B1 (en) | 1998-12-31 | 2003-11-25 | Brightmail, Incorporated | Method and apparatus for filtering e-mail |
| CA2357016A1 (en) | 1999-01-14 | 2000-07-20 | Tumbleweed Communications Corp. | Web-based delivery of secure e-mail messages |
| US6487666B1 (en) | 1999-01-15 | 2002-11-26 | Cisco Technology, Inc. | Intrusion detection signature analysis using regular expressions and logical operators |
| US20030023695A1 (en) * | 1999-02-26 | 2003-01-30 | Atabok Japan, Inc. | Modifying an electronic mail system to produce a secure delivery system |
| US6725377B1 (en) | 1999-03-12 | 2004-04-20 | Networks Associates Technology, Inc. | Method and system for updating anti-intrusion software |
| US6405318B1 (en) | 1999-03-12 | 2002-06-11 | Psionic Software, Inc. | Intrusion detection system |
| US6681331B1 (en) * | 1999-05-11 | 2004-01-20 | Cylant, Inc. | Dynamic software system intrusion detection |
| US6988199B2 (en) * | 2000-07-07 | 2006-01-17 | Message Secure | Secure and reliable document delivery |
| US6578025B1 (en) | 1999-06-11 | 2003-06-10 | Abuzz Technologies, Inc. | Method and apparatus for distributing information to users |
| US6675153B1 (en) * | 1999-07-06 | 2004-01-06 | Zix Corporation | Transaction authorization system |
| US6910135B1 (en) | 1999-07-07 | 2005-06-21 | Verizon Corporate Services Group Inc. | Method and apparatus for an intruder detection reporting and response system |
| US6725381B1 (en) | 1999-08-31 | 2004-04-20 | Tumbleweed Communications Corp. | Solicited authentication of a specific user |
| US6324647B1 (en) | 1999-08-31 | 2001-11-27 | Michel K. Bowman-Amuah | System, method and article of manufacture for security management in a development architecture framework |
| US6304898B1 (en) | 1999-10-13 | 2001-10-16 | Datahouse, Inc. | Method and system for creating and sending graphical email |
| US7363361B2 (en) | 2000-08-18 | 2008-04-22 | Akamai Technologies, Inc. | Secure content delivery system |
| US6321267B1 (en) | 1999-11-23 | 2001-11-20 | Escom Corporation | Method and apparatus for filtering junk email |
| US6363489B1 (en) * | 1999-11-29 | 2002-03-26 | Forescout Technologies Inc. | Method for automatic intrusion detection and deflection in a network |
| US6775657B1 (en) | 1999-12-22 | 2004-08-10 | Cisco Technology, Inc. | Multilayered intrusion detection system and method |
| US6343290B1 (en) | 1999-12-22 | 2002-01-29 | Celeritas Technologies, L.L.C. | Geographic network management system |
| US6697950B1 (en) * | 1999-12-22 | 2004-02-24 | Networks Associates Technology, Inc. | Method and apparatus for detecting a macro computer virus using static analysis |
| AU2293601A (en) | 1999-12-30 | 2001-07-16 | Tumbleweed Communications Corp. | Sender-controlled post delivery handling of digitally delivered documents |
| US6701440B1 (en) * | 2000-01-06 | 2004-03-02 | Networks Associates Technology, Inc. | Method and system for protecting a computer using a remote e-mail scanning device |
| IL134066A (en) | 2000-01-16 | 2004-07-25 | Eluv Holdings Ltd | Key encrypted e-mail system |
| US20020016910A1 (en) * | 2000-02-11 | 2002-02-07 | Wright Robert P. | Method for secure distribution of documents over electronic networks |
| US7159237B2 (en) | 2000-03-16 | 2007-01-02 | Counterpane Internet Security, Inc. | Method and system for dynamic network intrusion monitoring, detection and response |
| US6892237B1 (en) | 2000-03-28 | 2005-05-10 | Cisco Technology, Inc. | Method and apparatus for high-speed parsing of network messages |
| US6826609B1 (en) | 2000-03-31 | 2004-11-30 | Tumbleweed Communications Corp. | Policy enforcement in a secure data file delivery system |
| US6519703B1 (en) * | 2000-04-14 | 2003-02-11 | James B. Joyce | Methods and apparatus for heuristic firewall |
| US6742124B1 (en) | 2000-05-08 | 2004-05-25 | Networks Associates Technology, Inc. | Sequence-based anomaly detection using a distance matrix |
| US6735703B1 (en) | 2000-05-08 | 2004-05-11 | Networks Associates Technology, Inc. | Multi-platform sequence-based anomaly detection wrapper |
| US20030159070A1 (en) | 2001-05-28 | 2003-08-21 | Yaron Mayer | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages |
| JP2002056176A (en) | 2000-06-01 | 2002-02-20 | Asgent Inc | Method and device for structuring security policy and method and device for supporting security policy structuring |
| US6892178B1 (en) | 2000-06-02 | 2005-05-10 | Open Ratings Inc. | Method and system for ascribing a reputation to an entity from the perspective of another entity |
| US6895385B1 (en) | 2000-06-02 | 2005-05-17 | Open Ratings | Method and system for ascribing a reputation to an entity as a rater of other entities |
| US6892179B1 (en) | 2000-06-02 | 2005-05-10 | Open Ratings Inc. | System and method for ascribing a reputation to an entity |
| US20020023140A1 (en) * | 2000-06-08 | 2002-02-21 | Hile John K. | Electronic document delivery system |
| US6732101B1 (en) | 2000-06-15 | 2004-05-04 | Zix Corporation | Secure message forwarding system detecting user's preferences including security preferences |
| US20030061506A1 (en) * | 2001-04-05 | 2003-03-27 | Geoffrey Cooper | System and method for security policy |
| US7328349B2 (en) | 2001-12-14 | 2008-02-05 | Bbn Technologies Corp. | Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses |
| US20020046041A1 (en) | 2000-06-23 | 2002-04-18 | Ken Lang | Automated reputation/trust service |
| AU2001266174A1 (en) | 2000-06-30 | 2002-01-14 | British Telecommunications Public Limited Company | Packet data communications |
| US8661539B2 (en) | 2000-07-10 | 2014-02-25 | Oracle International Corporation | Intrusion threat detection |
| US6738462B1 (en) | 2000-07-19 | 2004-05-18 | Avaya Technology Corp. | Unified communications automated personal name addressing |
| US6687687B1 (en) * | 2000-07-26 | 2004-02-03 | Zix Scm, Inc. | Dynamic indexing information retrieval or filtering system |
| WO2002013489A2 (en) | 2000-08-08 | 2002-02-14 | Tumbleweed Communications Corp. | Recipient-specified automated processing in a secure data file delivery system |
| WO2002013469A2 (en) | 2000-08-08 | 2002-02-14 | Tumbleweed Communications Corp. | Recipient-specified automated processing in a secure data file delivery system |
| EP1312193A2 (en) | 2000-08-16 | 2003-05-21 | Filestream, Inc. | End-to-end secure file transfer method and system |
| US7043759B2 (en) * | 2000-09-07 | 2006-05-09 | Mazu Networks, Inc. | Architecture to thwart denial of service attacks |
| US7278159B2 (en) | 2000-09-07 | 2007-10-02 | Mazu Networks, Inc. | Coordinated thwarting of denial of service attacks |
| US20020032871A1 (en) * | 2000-09-08 | 2002-03-14 | The Regents Of The University Of Michigan | Method and system for detecting, tracking and blocking denial of service attacks over a computer network |
| US6650890B1 (en) | 2000-09-29 | 2003-11-18 | Postini, Inc. | Value-added electronic messaging services and transparent implementation thereof using intermediate server |
| US6968461B1 (en) | 2000-10-03 | 2005-11-22 | Networks Associates Technology, Inc. | Providing break points in a malware scanning operation |
| US6757830B1 (en) | 2000-10-03 | 2004-06-29 | Networks Associates Technology, Inc. | Detecting unwanted properties in received email messages |
| US20030097439A1 (en) | 2000-10-23 | 2003-05-22 | Strayer William Timothy | Systems and methods for identifying anomalies in network data streams |
| US20020078382A1 (en) | 2000-11-29 | 2002-06-20 | Ali Sheikh | Scalable system for monitoring network system and components and methodology therefore |
| AU2002230541B2 (en) | 2000-11-30 | 2007-08-23 | Cisco Technology, Inc. | Flow-based detection of network intrusions |
| CA2327211A1 (en) | 2000-12-01 | 2002-06-01 | Nortel Networks Limited | Management of log archival and reporting for data network security systems |
| WO2002054325A2 (en) | 2001-01-02 | 2002-07-11 | Trusecure Corporation | Object-oriented method, system and medium for risk management by creating inter-dependency between objects, criteria and metrics |
| GB2371125A (en) | 2001-01-13 | 2002-07-17 | Secr Defence | Computer protection system |
| US20030051026A1 (en) * | 2001-01-19 | 2003-03-13 | Carter Ernst B. | Network surveillance and security system |
| US7168093B2 (en) | 2001-01-25 | 2007-01-23 | Solutionary, Inc. | Method and apparatus for verifying the integrity and security of computer networks and implementation of counter measures |
| US6983380B2 (en) | 2001-02-06 | 2006-01-03 | Networks Associates Technology, Inc. | Automatically generating valid behavior specifications for intrusion detection |
| US7281267B2 (en) | 2001-02-20 | 2007-10-09 | Mcafee, Inc. | Software audit system |
| US20020120853A1 (en) | 2001-02-27 | 2002-08-29 | Networks Associates Technology, Inc. | Scripted distributed denial-of-service (DDoS) attack discrimination using turing tests |
| US7681032B2 (en) * | 2001-03-12 | 2010-03-16 | Portauthority Technologies Inc. | System and method for monitoring unauthorized transport of digital content |
| US20020143963A1 (en) | 2001-03-15 | 2002-10-03 | International Business Machines Corporation | Web server intrusion detection method and apparatus |
| US7313822B2 (en) | 2001-03-16 | 2007-12-25 | Protegrity Corporation | Application-layer security method and system |
| US20020133365A1 (en) | 2001-03-19 | 2002-09-19 | William Grey | System and method for aggregating reputational information |
| US7287280B2 (en) | 2002-02-12 | 2007-10-23 | Goldman Sachs & Co. | Automated security management |
| US20020138759A1 (en) | 2001-03-26 | 2002-09-26 | International Business Machines Corporation | System and method for secure delivery of a parcel or document |
| US8438465B2 (en) * | 2001-04-03 | 2013-05-07 | Purdue Pharma L.P. | Privileged communication system with routing controls |
| US20020147734A1 (en) | 2001-04-06 | 2002-10-10 | Shoup Randall Scott | Archiving method and system |
| US6941478B2 (en) | 2001-04-13 | 2005-09-06 | Nokia, Inc. | System and method for providing exploit protection with message tracking |
| EP1388068B1 (en) | 2001-04-13 | 2015-08-12 | Nokia Technologies Oy | System and method for providing exploit protection for networks |
| US7603709B2 (en) | 2001-05-03 | 2009-10-13 | Computer Associates Think, Inc. | Method and apparatus for predicting and preventing attacks in communications networks |
| US7769845B2 (en) | 2001-05-04 | 2010-08-03 | Whale Communications Ltd | Method and system for terminating an authentication session upon user sign-off |
| US20030055931A1 (en) * | 2001-09-18 | 2003-03-20 | Cravo De Almeida Marcio | Managing a remote device |
| US6768991B2 (en) | 2001-05-15 | 2004-07-27 | Networks Associates Technology, Inc. | Searching for sequences of character data |
| CA2386491A1 (en) | 2001-05-16 | 2002-11-16 | Kasten Chase Applied Research Limited | System for secure electronic information transmission |
| US6904420B2 (en) * | 2001-05-17 | 2005-06-07 | Honeywell International Inc. | Neuro/fuzzy hybrid approach to clustering data |
| US7325252B2 (en) * | 2001-05-18 | 2008-01-29 | Achilles Guard Inc. | Network security testing |
| US20030028803A1 (en) * | 2001-05-18 | 2003-02-06 | Bunker Nelson Waldo | Network vulnerability assessment system and method |
| US20020178227A1 (en) | 2001-05-25 | 2002-11-28 | International Business Machines Corporation | Routing instant messages using configurable, pluggable delivery managers |
| US7458094B2 (en) | 2001-06-06 | 2008-11-25 | Science Applications International Corporation | Intrusion prevention system |
| US7350234B2 (en) * | 2001-06-11 | 2008-03-25 | Research Triangle Institute | Intrusion tolerant communication networks and associated methods |
| AU2002322109A1 (en) * | 2001-06-13 | 2002-12-23 | Intruvert Networks, Inc. | Method and apparatus for distributed network security |
| ATE406026T1 (en) | 2001-06-14 | 2008-09-15 | Ibm | INTRUSION DETECTION IN DATA PROCESSING SYSTEMS |
| US20030005326A1 (en) * | 2001-06-29 | 2003-01-02 | Todd Flemming | Method and system for implementing a security application services provider |
| DE60220214T2 (en) * | 2001-06-29 | 2008-01-24 | Stonesoft Corp. | Method and system for detecting intruders |
| US7356689B2 (en) * | 2001-07-09 | 2008-04-08 | Lucent Technologies Inc. | Method and apparatus for tracing packets in a communications network |
| US6928549B2 (en) * | 2001-07-09 | 2005-08-09 | International Business Machines Corporation | Dynamic intrusion detection for computer systems |
| US20030023736A1 (en) * | 2001-07-12 | 2003-01-30 | Kurt Abkemeier | Method and system for filtering messages |
| US7380279B2 (en) * | 2001-07-16 | 2008-05-27 | Lenel Systems International, Inc. | System for integrating security and access for facilities and information systems |
| US20030015486A1 (en) * | 2001-07-23 | 2003-01-23 | Shin Tai Spurt Water Of The Garden Tools Co., Ltd. | Pistol nozzle rack rotatable and adjustable in height |
| US6769016B2 (en) | 2001-07-26 | 2004-07-27 | Networks Associates Technology, Inc. | Intelligent SPAM detection system using an updateable neural analysis engine |
| US7673342B2 (en) * | 2001-07-26 | 2010-03-02 | Mcafee, Inc. | Detecting e-mail propagated malware |
| JP2003046576A (en) * | 2001-07-27 | 2003-02-14 | Fujitsu Ltd | Message delivery system, message delivery management server, message distribution management program, and computer-readable recording medium with the program recorded thereon |
| US7243374B2 (en) * | 2001-08-08 | 2007-07-10 | Microsoft Corporation | Rapid application security threat analysis |
| US7245632B2 (en) * | 2001-08-10 | 2007-07-17 | Sun Microsystems, Inc. | External storage for modular computer systems |
| US7278160B2 (en) * | 2001-08-16 | 2007-10-02 | International Business Machines Corporation | Presentation of correlated events as situation classes |
| US7657935B2 (en) | 2001-08-16 | 2010-02-02 | The Trustees Of Columbia University In The City Of New York | System and methods for detecting malicious email transmission |
| US6928556B2 (en) | 2001-08-30 | 2005-08-09 | International Business Machines Corporation | Method and apparatus in a data processing system for managing situations from correlated events |
| US20030051163A1 (en) * | 2001-09-13 | 2003-03-13 | Olivier Bidaud | Distributed network architecture security system |
| US20030065943A1 (en) | 2001-09-28 | 2003-04-03 | Christoph Geis | Method and apparatus for recognizing and reacting to denial of service attacks on a computerized network |
| US6907430B2 (en) | 2001-10-04 | 2005-06-14 | Booz-Allen Hamilton, Inc. | Method and system for assessing attacks on computer networks using Bayesian networks |
| US8261059B2 (en) | 2001-10-25 | 2012-09-04 | Verizon Business Global Llc | Secure file transfer and secure file transfer protocol |
| US7444679B2 (en) | 2001-10-31 | 2008-10-28 | Hewlett-Packard Development Company, L.P. | Network, method and computer readable medium for distributing security updates to select nodes on a network |
| US20030084323A1 (en) | 2001-10-31 | 2003-05-01 | Gales George S. | Network intrusion detection system and method |
| US20030135749A1 (en) | 2001-10-31 | 2003-07-17 | Gales George S. | System and method of defining the security vulnerabilities of a computer system |
| JP2003150748A (en) | 2001-11-09 | 2003-05-23 | Asgent Inc | Risk evaluation method |
| JP3886362B2 (en) * | 2001-11-13 | 2007-02-28 | 富士通株式会社 | Content filtering method, content filtering apparatus, and content filtering program |
| US20030093695A1 (en) | 2001-11-13 | 2003-05-15 | Santanu Dutta | Secure handling of stored-value data objects |
| US7315944B2 (en) | 2001-11-13 | 2008-01-01 | Ericsson Inc. | Secure handling of stored-value data objects |
| US20030095555A1 (en) | 2001-11-16 | 2003-05-22 | Mcnamara Justin | System for the validation and routing of messages |
| US7487262B2 (en) | 2001-11-16 | 2009-02-03 | At & T Mobility Ii, Llc | Methods and systems for routing messages through a communications network based on message content |
| US6546493B1 (en) | 2001-11-30 | 2003-04-08 | Networks Associates Technology, Inc. | System, method and computer program product for risk assessment scanning based on detected anomalous events |
| US20030126464A1 (en) | 2001-12-04 | 2003-07-03 | Mcdaniel Patrick D. | Method and system for determining and enforcing security policy in a communication session |
| US20030110392A1 (en) | 2001-12-06 | 2003-06-12 | Aucsmith David W. | Detecting intrusions |
| KR100427449B1 (en) | 2001-12-14 | 2004-04-14 | 한국전자통신연구원 | Intrusion detection method using adaptive rule estimation in nids |
| US6754705B2 (en) | 2001-12-21 | 2004-06-22 | Networks Associates Technology, Inc. | Enterprise network analyzer architecture framework |
| US7096500B2 (en) | 2001-12-21 | 2006-08-22 | Mcafee, Inc. | Predictive malware scanning of internet data |
| US7400729B2 (en) | 2001-12-28 | 2008-07-15 | Intel Corporation | Secure delivery of encrypted digital content |
| WO2003058457A1 (en) | 2001-12-31 | 2003-07-17 | Citadel Security Software Inc. | Automated computer vulnerability resolution system |
| JP4152108B2 (en) | 2002-01-18 | 2008-09-17 | 株式会社コムスクエア | Vulnerability monitoring method and system |
| US7076803B2 (en) | 2002-01-28 | 2006-07-11 | International Business Machines Corporation | Integrated intrusion detection services |
| US7222366B2 (en) | 2002-01-28 | 2007-05-22 | International Business Machines Corporation | Intrusion event filtering |
| US7268899B2 (en) | 2002-01-31 | 2007-09-11 | Hewlett-Packard Development Company, L.P. | Secure system for delivery of a fax to a remote user |
| US20030149887A1 (en) | 2002-02-01 | 2003-08-07 | Satyendra Yadav | Application-specific network intrusion detection |
| US7174566B2 (en) | 2002-02-01 | 2007-02-06 | Intel Corporation | Integrated network intrusion detection |
| US8370936B2 (en) | 2002-02-08 | 2013-02-05 | Juniper Networks, Inc. | Multi-method gateway-based network security systems and methods |
| US7073074B2 (en) | 2002-02-13 | 2006-07-04 | Microsoft Corporation | System and method for storing events to enhance intrusion detection |
| JP4593926B2 (en) | 2002-02-19 | 2010-12-08 | ポスティーニ インク | Email management service |
| KR100468232B1 (en) | 2002-02-19 | 2005-01-26 | 한국전자통신연구원 | Network-based Attack Tracing System and Method Using Distributed Agent and Manager Systems |
| US7694128B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for secure communication delivery |
| US7124438B2 (en) | 2002-03-08 | 2006-10-17 | Ciphertrust, Inc. | Systems and methods for anomaly detection in patterns of monitored communications |
| US6941467B2 (en) | 2002-03-08 | 2005-09-06 | Ciphertrust, Inc. | Systems and methods for adaptive message interrogation through multiple queues |
| US20030172291A1 (en) | 2002-03-08 | 2003-09-11 | Paul Judge | Systems and methods for automated whitelisting in monitored communications |
| US7458098B2 (en) | 2002-03-08 | 2008-11-25 | Secure Computing Corporation | Systems and methods for enhancing electronic communication security |
| US20030233328A1 (en) | 2002-04-23 | 2003-12-18 | Scott David A. | Method and system for securely communicating data in a communications network |
| AUPS193202A0 (en) | 2002-04-23 | 2002-05-30 | Pickup, Robert Barkley Mr | A method and system for authorising electronic mail |
| US20040203589A1 (en) | 2002-07-11 | 2004-10-14 | Wang Jiwei R. | Method and system for controlling messages in a communication network |
| US8924484B2 (en) * | 2002-07-16 | 2014-12-30 | Sonicwall, Inc. | Active e-mail filter with challenge-response |
| US7017186B2 (en) * | 2002-07-30 | 2006-03-21 | Steelcloud, Inc. | Intrusion detection system using self-organizing clusters |
| US6742128B1 (en) | 2002-08-28 | 2004-05-25 | Networks Associates Technology | Threat assessment orchestrator system and method |
| JP3831696B2 (en) * | 2002-09-20 | 2006-10-11 | 株式会社日立製作所 | Network management apparatus and network management method |
| AU2003264841A1 (en) | 2002-09-30 | 2004-04-19 | Corposoft Ltd. | Method and devices for prioritizing electronic messages |
| US7200658B2 (en) * | 2002-11-12 | 2007-04-03 | Movielink, Llc | Network geo-location system |
| US20040111531A1 (en) | 2002-12-06 | 2004-06-10 | Stuart Staniford | Method and system for reducing the rate of infection of a communications network by a software worm |
| US6732157B1 (en) | 2002-12-13 | 2004-05-04 | Networks Associates Technology, Inc. | Comprehensive anti-spam system, method, and computer program product for filtering unwanted e-mail messages |
| AU2003300083A1 (en) | 2002-12-30 | 2004-07-29 | Activestate Corporation | Method and system for feature extraction from outgoing messages for use in categorization of incoming messages |
| US7171450B2 (en) | 2003-01-09 | 2007-01-30 | Microsoft Corporation | Framework to enable integration of anti-spam technologies |
| US20040177120A1 (en) | 2003-03-07 | 2004-09-09 | Kirsch Steven T. | Method for filtering e-mail messages |
| US7676546B2 (en) | 2003-03-25 | 2010-03-09 | Verisign, Inc. | Control and management of electronic messaging |
| GB0307913D0 (en) | 2003-04-05 | 2003-05-14 | Hewlett Packard Development Co | Management of peer-to-peer network using reputation services |
| US7051077B2 (en) | 2003-06-30 | 2006-05-23 | Mx Logic, Inc. | Fuzzy logic voting method and system for classifying e-mail using inputs from multiple spam classifiers |
| US20050060643A1 (en) * | 2003-08-25 | 2005-03-17 | Miavia, Inc. | Document similarity detection and classification system |
| US7769594B2 (en) * | 2003-09-05 | 2010-08-03 | France Telecom | Evaluation of reputation of an entity by a primary evaluation centre |
| US20050102366A1 (en) | 2003-11-07 | 2005-05-12 | Kirsch Steven T. | E-mail filter employing adaptive ruleset |
| US7590694B2 (en) | 2004-01-16 | 2009-09-15 | Gozoom.Com, Inc. | System for determining degrees of similarity in email message information |
| WO2005086437A1 (en) | 2004-02-27 | 2005-09-15 | Koninklijke Kpn N.V. | A method and system for blocking unwanted unsolicited information |
| US7644127B2 (en) | 2004-03-09 | 2010-01-05 | Gozoom.Com, Inc. | Email analysis using fuzzy matching of text |
| US8918466B2 (en) | 2004-03-09 | 2014-12-23 | Tonny Yu | System for email processing and analysis |
| WO2005116851A2 (en) | 2004-05-25 | 2005-12-08 | Postini, Inc. | Electronic message source information reputation system |
| WO2006002076A2 (en) * | 2004-06-15 | 2006-01-05 | Tekelec | Methods, systems, and computer program products for content-based screening of messaging service messages |
| KR100628623B1 (en) | 2004-08-02 | 2006-09-26 | 포스데이타 주식회사 | Spam mail filtering system and method capable of recognizing and filtering spam mail in real time |
| US7933985B2 (en) * | 2004-08-13 | 2011-04-26 | Sipera Systems, Inc. | System and method for detecting and preventing denial of service attacks in a communications system |
| US8010460B2 (en) | 2004-09-02 | 2011-08-30 | Linkedin Corporation | Method and system for reputation evaluation of online users in a social networking scheme |
| CN100359889C (en) * | 2004-10-29 | 2008-01-02 | 江苏南大苏富特软件股份有限公司 | Policy tree based packet filtering and management method |
| US20060095404A1 (en) | 2004-10-29 | 2006-05-04 | The Go Daddy Group, Inc | Presenting search engine results based on domain name related reputation |
| US20060123083A1 (en) | 2004-12-03 | 2006-06-08 | Xerox Corporation | Adaptive spam message detector |
| US20060230039A1 (en) | 2005-01-25 | 2006-10-12 | Markmonitor, Inc. | Online identity tracking |
| CA2600344A1 (en) | 2005-03-02 | 2006-09-08 | Markmonitor Inc. | Distribution of trust data |
| US7822620B2 (en) | 2005-05-03 | 2010-10-26 | Mcafee, Inc. | Determining website reputations using automatic testing |
-
2006
- 2006-05-15 US US11/383,347 patent/US7903549B2/en not_active Expired - Lifetime
- 2006-11-10 WO PCT/US2006/060771 patent/WO2007059428A2/en active Application Filing
- 2006-11-10 CA CA2628189A patent/CA2628189C/en active Active
- 2006-11-10 AU AU2006315184A patent/AU2006315184B2/en active Active
- 2006-11-10 CN CN2006800507077A patent/CN101401466B/en active Active
- 2006-11-10 EP EP06839820A patent/EP1982540A4/en not_active Ceased
- 2006-11-10 JP JP2008540356A patent/JP5046128B2/en active Active
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8549611B2 (en) | 2002-03-08 | 2013-10-01 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
| US8561167B2 (en) | 2002-03-08 | 2013-10-15 | Mcafee, Inc. | Web reputation scoring |
| US8578480B2 (en) | 2002-03-08 | 2013-11-05 | Mcafee, Inc. | Systems and methods for identifying potentially malicious messages |
| US8635690B2 (en) | 2004-11-05 | 2014-01-21 | Mcafee, Inc. | Reputation based message processing |
| US8763114B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Detecting image spam |
| US8762537B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Multi-dimensional reputation scoring |
| US9009321B2 (en) | 2007-01-24 | 2015-04-14 | Mcafee, Inc. | Multi-dimensional reputation scoring |
| US10050917B2 (en) | 2007-01-24 | 2018-08-14 | Mcafee, Llc | Multi-dimensional reputation scoring |
| US8621559B2 (en) | 2007-11-06 | 2013-12-31 | Mcafee, Inc. | Adjusting filter or classification control settings |
| US8589503B2 (en) | 2008-04-04 | 2013-11-19 | Mcafee, Inc. | Prioritizing network traffic |
| US8606910B2 (en) | 2008-04-04 | 2013-12-10 | Mcafee, Inc. | Prioritizing network traffic |
| US8621638B2 (en) | 2010-05-14 | 2013-12-31 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
Also Published As
| Publication number | Publication date |
|---|---|
| AU2006315184B2 (en) | 2011-10-20 |
| JP5046128B2 (en) | 2012-10-10 |
| JP2009516269A (en) | 2009-04-16 |
| WO2007059428A2 (en) | 2007-05-24 |
| US20070195779A1 (en) | 2007-08-23 |
| EP1982540A2 (en) | 2008-10-22 |
| CA2628189C (en) | 2015-05-19 |
| AU2006315184A1 (en) | 2007-05-24 |
| EP1982540A4 (en) | 2011-01-05 |
| US7903549B2 (en) | 2011-03-08 |
| CN101401466A (en) | 2009-04-01 |
| WO2007059428A3 (en) | 2008-04-17 |
| CN101401466B (en) | 2012-04-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA2628189A1 (en) | Content-based policy compliance systems and methods | |
| DE60316809T2 (en) | METHOD AND DEVICE FOR PROCESSING MESSAGES IN A COMMUNICATION NETWORK | |
| US20180054441A1 (en) | Methods and systems for remotely removing metadata from electronic documents | |
| EP1300997B1 (en) | System and method for preventing unsolicited e-mail | |
| US7543053B2 (en) | Intelligent quarantining for spam prevention | |
| US8285804B2 (en) | Declassifying of suspicious messages | |
| US8234371B2 (en) | Federated challenge credit system | |
| DK1825387T3 (en) | System and approach for disaster recovery data recovery and management of a mail system | |
| Rushe | Google: don't expect privacy when sending to Gmail | |
| US20080034042A1 (en) | Access limited emm distribution lists | |
| Agwu et al. | Framing of climate change news in four national daily newspapers in Southern Nigeria | |
| GB2430336A (en) | System which converts, forwards and/or stores messages in accordance with user defined criteria | |
| US20050021644A1 (en) | Systems and methods for validating electronic communications | |
| JP2005135404A (en) | Delivery of document accompanying electronic mail | |
| CA2379464A1 (en) | Method, device and e-mail server for detecting an undesired e-mail | |
| KR20080037605A (en) | System, method and device for trapping mass-delivery electronic messages | |
| US20110282950A1 (en) | Reverse message classification | |
| EP1733521B1 (en) | A method and an apparatus to classify electronic communication | |
| McElligott | A Security pass for messages: message keys | |
| Hansell | Internet is losing ground in battle against spam | |
| TWI224447B (en) | Method of self-adjusting sensitivity for filtering documents | |
| WO2012149374A2 (en) | System and method for preventing unwanted electronic communications | |
| Reid | Nemx offers anti-spam solution to SMEs | |
| DE102010020621A1 (en) | Automatic unwanted email i.e. spam mail, processing method for telecommunications network, involves communicating authorized electronic mail addresses or electronic mail sender domains between sender and receiver | |
| Leonding et al. | Integration of a protection system from undesirable and dangerous content into mail servers |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request |