• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    method, storage device and computer system for classifying electronic correspondence messages. embodiment of the present invention refer to techniques for classifying incoming and outgoing emails. in some modalities, a set of e-mail zones can be defined and e-mails can be classified into one zone among a plurality of zones. the indication of the zone in which the e-mail was classified can be shown visually in the visual representation of the e-mail.
    公开号:BR112012022659B1
    申请号:R112012022659-2
    申请日:2011-03-04
    公开日:2020-09-29
    发明作者:Krishna Kumar Parthasarathy;Anatoliy Panasyuk
    申请人:Microsoft Technology Licensing, Llc;
    IPC主号:
    专利说明:

    [0001] The electronic correspondence system (e-mail) is a well-known system for exchanging electronic messages. Although the use of e-mail as a method of communication has been growing rapidly, there are a number of phenomena that can limit the usefulness of e-mail.
    [0002] One of these phenomena is called "Spam", which are messages sent in large quantities in the form of unsolicited commercial e-mails. A recipient email can receive a large number of "Spam" emails, which is a challenge to users with respect to discerning the really important emails from the huge amount of Spam emails.
    [0003] Another phenomenon is the "bombardment" of e-mails, motivated by the sending of a large number of messages to a single e-mail address, with deleterious purposes, in order to render it inoperative and / or cause the email server to fail. email
    [0004] A third phenomenon is the transmission of viruses or worms (worms) via e-mail, which performs a malicious action on the recipient computer, and can cause data loss, system unavailability, and among other harmful consequences.
    [0005] In addition to the phenomena described above, the use of e-mail also poses the risk of confidential information contained in a message being forwarded and received by an undesirable recipient. For example, when confidential information is sent via e-mail, the issuer may accidentally send the e-mail to a different person, allowing an unauthorized person to have access to that information. Additionally, when confidential non-encrypted information is sent via e-mail, there is a risk that the confidential information will be intercepted by unauthorized people, who can then gain access to that information. SUMMARY
    [0006] The inventors recognized that the classification of emails received and emails to be sent using a classification scheme across the company provides a number of advantages. First, this classification allows e-mail recipients to easily distinguish trusted e-mails from e-mails that pose a threat, and to easily determine when a person unintentionally forwards an e-mail to an unintended recipient -wanted. Second, such a classification of e-mails allows us to provide a uniform security policy for e-mails, which must be applied throughout the company.
    [0007] Thus, some modalities are directed to an email classification in one of a predefined plurality of email zones. When an e-mail is received, this e-mail must be classified in one of a plurality of zones, and the information must be added to the e-mail header, identifying the zone in which the e-mail was classified. In the presentation of the email, the information that the zone (symbol, legend, or any type of information) can be seen, so that the zone in which the email was classified, is notified to the user.
    [0008] In some modalities, when an email is being composed to be sent, the email can be classified based on the recipient email address in the email, and the information can be presented in the email indicating the zone in which the email was classified.
    [0009] A modality is directed to a method executed by an electronic mail client application program (email) executed on a computer, having at least one tangible memory, which stores executable instructions per processor for the client application program, and at least one processor, which executes executable instructions per processor. The method comprises: receiving an e-mail message from an e-mail server, which identifies the e-mail address associated with the client application program as the intended recipient, the e-mail message includes classification information identifying the plurality zone predefined e-mail zones, in which the e-mail message was classified, access the classification information from the e-mail message; determine, from the classification information, the zone of the plurality of predefined zones, in which the email message was classified, access the policy information stored in at least one tangible memory, to determine whether a policy action should be carried out in connection with the e-mail message; when it is determined that a policy action should be taken, in connection with the e-mail message, perform that policy action; and visually representing the email message, the visual representation of the email message having to include at least the zone indication of the plurality of predefined zones in which the email message has been classified.
    [00010] Another modality targets at least one computer-readable medium, encoded with instructions executable by a processor for an email server application program, which, when run on a computer having at least a tangible memory and at least a processor, executes the method which comprises: receiving the e-mail message; access a set of classification rules; based on the set of classification rules to classify the email message in one of the predefined email zones; add to the e-mail message the information that identifies the zone of the plurality of predefined zones; and transferring the email message to an email client associated with the intended recipient of the email message.
    [00011] An additional modality is directed to a computer, having at least one tangible memory, which stores executable instructions per processor, for an email client application program, and at least one processor, which executes executable instructions per processor for : receiving a user entry specifying at least one recipient email address for an email message to be sent; send at least the recipient email address to at least one email server; and in response to sending at least one recipient email address, receiving at least one zone classification, indicating a zone from a plurality of predefined zones, in which the email message has been classified.
    [00012] The above is a non-limiting summary of the present invention, which will be defined only by the appended claims. BRIEF DESCRIPTION OF THE DRAWINGS
    [00013] The attached devices are not necessarily represented in scale. In the drawings, each identical or almost identical component, illustrated in several figures, is represented by the same number. For the sake of clarity, not every component is numbered in the drawings. In which:
    [00014] figure 1 is a block diagram of a computer system, in which system some modalities of the invention can be implemented;
    [00015] figure 2 is a block diagram of a computer system in which the e-mail messages to be sent and the messages received can be classified, according to some modalities;
    [00016] figure 3 is a flow chart of a process to classify an e-mail received and apply a policy in response to the classification, according to some modalities;
    [00017] figure 4 is a flow chart of a process to classify an e-mail to be sent, and to apply a policy in response to the classification, according to some modalities; and
    [00018] Figure 5 is a block diagram of a computer, in which some processes related to the classification of an e-mail message and the application of a policy in response to the classification can be implemented. DETAILED DESCRIPTION
    [00019] The inventors of the present invention recognized that, because some emails are undesirable (spam) and / or malicious and / or include confidential information, it would be desirable to identify them and apply a specific policy to them, in order to treat them appropriately.
    [00020] The inventors recognized that by defining a zone classification scheme for email, in which a number of mutually exclusive zones is defined, and each email is received and classified in exactly one of these zones, a policy can be associated to each email zone that is applied to each email classified in that zone.
    [00021] Although existing systems also perform an e-mail classification, the classification under which e-mail messages are classified are abstract and difficult for users and administrators to understand. The inventors recognized that defining zones related to real-world buildings (i.e. "Trusted Partners" zone and "Intracompany" zone) allows users and administrators to more easily understand the classification of emails.
    [00022] The inventors additionally recognized benefits with respect to the application of the same classification scheme by zone in any company or organization, so that the same email zones, classification rules, and policy are applied to each user of- mail in the organization or company. In this way, information regarding the e-mail zones in which e-mails can be classified, regarding the reason why a certain e-mail has been classified in a certain zone, and regarding the reason for a particular policy action taken with respect to an email, may be shared and / or made available to users.
    [00023] Figure 1 shows a company 100 comprising an email server 103 and a plurality of clients 105a, 105b,, 105n. The e-mail server 103 receives e-mail messages sent from outside the company via Internet 101 and receives messages from inside the Company (clients 105). E-mail server 103 sends e-mails received from external issuers to the intended internal recipients and sends e-mails received from internal issuers to the intended recipients or to the intended external recipients via the Internet 101.
    [00024] As discussed above, the modalities of the present invention employ a classification scheme by zone to classify emails sent and received by a Company in one of a plurality of email zones, if justified to take policy action with based on this classification. As discussed in detail below, e-mail classification in zones and policy action can be performed by the e-mail server (e-mail server 103 on device 1) by an e-mail client (105 in the figure 1) or email server and email client in combination.
    [00025] Any suitable set of email zones can be used to classify emails. In some embodiments, the default set of zones can be provided, and a network administrator can be provided with the ability to modify and / or customize the default set of zones. In some modalities, a default set of zones includes the "Trusted Partner" zone; "intra-Organization" zone; Restricted zone; and the "Internet" zone.
    [00026] Email messages received or sent to / from domains listed as a trusted partner are classified in the "Trusted Partner" zone. Thus, for example, an organization having a trusted relationship with another organization treats emails from that organization's domain as trustworthy. In a possible example, if the trusted organization has the name "contoso.com", then all emails sent from "contoso.com" can be classified in the "Trusted Partner" zone.
    [00027] The inventors recognized that the classification of emails in a zone based on the issuer's email address and / or email address domain can be useful to verify that the email was actually sent from that email- mail or domain. That is, the inventors appreciated that it is possible to "forge" an issuer's email address, so that it appears to have been sent from the trusted domain when it actually comes from a different untrusted and / or malicious party. Thus, in some modalities, an email that appears to have been sent from a trusted partner can be treated as coming from a trusted domain, if it is verified that this email was indeed sent from that domain (based on a certificate from a trusted certification authority, digital signature, or any other verification technique).
    [00028] E-mails from the "intra-Organization" zone (i.e. e-mails between users within the Company itself) can be classified in the "Intra-Organization" zone. E-mails identified as Spam or containing viruses or worms or identified by e-mail address, IP address, or restricted domain can be classified in the "Restricted" zone. E-mails belonging to any of the above zones can be listed in the "Internet" zone.
    [00029] In the illustrative classification scheme by zone, as discussed above, emails received from or sent to trusted partners can be classified in the "Trusted Partner" zone, and, as should be appreciated from this example, an e- mail can be classified into a zone based on the issuer or recipient of the email. In such cases, it should be appreciated that when an e-mail message is sent to multiple recipients, the message can be treated as a separate e-mail message with respect to each of those recipients. That is, for example, if an e-mail message is being sent to three different recipients, each one is sent to one of the three recipients, and each of them can be classified separately in an e-mail zone.
    [00030] To classify an email based on the issuer and / or recipient, it is often useful to define groups of issuers and recipients. For example, as discussed above, the "Trusted Partner" zone can be used for emails received or sent with respect to trusted partners. In this regard, it may be useful to define a group of e-mail addresses or domain names of trusted partners. Thus, in some embodiments, a directory service such as, for example, Active Directory® from Microsoft Corporation, Redmond, Washington, can be used to define groups of issuers and / or recipients that can be used to classify emails and / or apply policy to emails.
    [00031] As discussed above, each zone can be associated with any policy or set of policies, so that when an email is classified in a zone, the policy or set of policies associated with that zone is applied to and -mail. Any policy or set of policies can be applied to emails classified in each zone. For example, information protection policies regarding whether an encryption should be applied to an email, filtering policies related to Spam filtering or Virus scanning, should be applied to an email, email flow policies e-mails that define sending or receiving an e-mail and / or any other type of policy may apply. In addition, the policy can be applied and policy actions can be taken on the email server, email client, or both email server and email client.
    [00032] Figure 2 shows an illustrative computer system 200 comprising email server 201, directory server 203, and plurality of email clients 205a, 205b,, 205n. As shown in figure 2, server 201 comprises a classification engine 209 and policy engine 211. Server 201 also stores information (i.e. zones 213) that define the zones that are to be used to classify emails. Thus, the information stored in zone 213 defines the basket in which emails are to be classified. The 203 server also stores classification rules 215, which are rules used by the classification engine to classify an email in one of the defined zones, and policies 217, which define the policies that the policy engine must apply to emails, with emails classified in the zones.
    [00033] Each of the 205 clients has a 221 classification engine, for classifying emails, and a policy engine 219 for applying a policy to email messages. Each client 205 also stores policy information 223 that policy engine 219 uses to determine the policy to apply to emails.
    [00034] The directory server stores 203 group information, which indicates which users, email addresses, or domain belong to a certain group. Server 201 and clients 205 can communicate with the directory server and obtain group information 207 and use this information to determine which zone the e-mail should be classified in, or the political action that should be taken.
    [00035] Figure 3 shows that a process that can be used in a computer system 200, in some modalities, to classify incoming emails and to take policy actions with respect to them. The process starts at step 301, where email server 201 receives an email message from either an external (via the Internet) or internal issuer. The process then proceeds to step 303, where the classification engine 209 of server 201 uses classification rules 215 and zone information 213 to classify e-mail in a zone. In some embodiments, depending on the classification rules, server 201 may obtain group information 207 from directory server 203 to determine the zone into which e-mail should be classified.
    [00036] After step 303, the process proceeds to step 305, where server 201 adds information to the email header, indicating the zone in which the email was classified in step 303. The process, below , proceeds to step 307, where policy engine 211 performs justified policy action, based on policy information 217. In some modalities, depending on the content of policy information 217, server 201 can obtain group information 207 to from directory server 203 to determine the policy to be applied to e-mail.
    [00037] Any policy action can be taken. For example, for e-mails in the "Trusted Partners" or "intra-Organization" zones, server 201 may disregard "Spam" filtering or virus scanning, but for e-mails classified in the Internet zone, the policy may specify a "Spam" filtering and virus scanning. In another example, an attachment size limit can be adopted for e-mails classified in the Internet zone, to return e-mails with attachments that exceed the size limit, and no size limit is adopted for attachments of email or at least adopting a less restrictive limit for emails classified as "Trusted Partners" or "intra-organization". In another example, emails in the "Restricted" zone can be discarded or quarantined.
    [00038] The policies described above are merely exemplary with respect to the policies that can be applied based on the zone in which emails are classified. Many other types of policies are also possible, and the present invention is not limited to any particular policy. In this regard, it must be appreciated that the policies applied to emails can be configured by a network administrator, and that any policy suitable can be used.
    [00039] The process then proceeds to step 309, where server 201 sends the email to client 205 of the intended recipient. In some modalities, this can be accomplished using the "pull" technique, where each client 205 is configured to periodically access server 201. When accessed by client 205, if server 201 received any e-mail messages to the that customer's user, then these emails are downloaded to the customer. It should be appreciated that the present invention is not limited to using the "on-demand" technique, in some embodiments, the 201 email server may also be using the "push" technique, whereby, unlike to be accessed by clients 205, server 201 contacts client 205 who received one or more email messages intended for that client's user.
    [00040] After step 309, the process moves to step 311, where policy engine 219 for client 205, which downloaded the email, accesses the stored policy information and zone information added to the email header by server 201, and determines whether policy action should be taken. If it is determined that a political action should be taken, the policy engine takes the action (or actions) or causes it (s) to be (or are) taken.
    [00041] Policy actions can be performed by the client. For example, based on the classification zone, the email can be stored in an email file. In another example, the policy information may specify, based on the zone information, that those tasks must be generated and / or other local actions on the client computer must be performed.
    [00042] The policies described above are merely exemplary of the policies that can be applied to an email, based on the zone in which the email was classified. Many other types of policies are possible, and the present invention is not limited to the use of any particular policy or type of policy. In this regard, it should be appreciated that the policies applied to emails on the client can be configured by a client user and / or network administrator, and that any suitable policy can be used.
    [00043] The process then proceeds to step 313, where customer 205 presents the email to the customer's user. In some modalities, this step can be performed, for example, for a user action, which indicates the user's desire to present the email. For example, the user selects an email with a mouse, and takes an action indicating the desire to present the email.
    [00044] The customer can present the e-mail including the information of the zone in which the e-mail was classified for the user. For example, the e-mail displayed may contain a zone symbol and / or associated text, indicating the zone in which the e-mail was classified. Any of a variety of techniques can be used to include zone information, for example, including colored portions of the e-mail (ie status bar at the top of the displayed e-mail message) whose color depends on the zone in which the e- mail has been classified, providing audible notification indicating the zone, and / or any other suitable technique for displaying zone information.
    [00045] In the exemplary process in Figure 3, the policy is applied to both the email server and the client server. However, the present invention is not limited to this, and in some embodiments, the policy can be applied only to the client, and in others, the policy can be applied only to the server.
    [00046] Figure 4 shows an illustrative process, which can be used in a computer system 200, in some modalities, to classify e-mail that is being composed to be sent to one or more recipients, and to carry out policy actions on the same. The container can include one or more containers external to and / or one or more internal containers. The process starts at step 401 m, where a user composing an email via an email client (i.e. one of the 205 clients) inserts one or more recipient email addresses into the email. The process then proceeds to step 403, where the client sends the recipient email address to server 201 to provide its classification. In response, in step 405, the server classifies the email in a zone, based on the recipient's email address.
    [00047] As discussed above, when there are multiple recipient email addresses, the email message can be treated as multiple recipient email messages, each sent to one of the multiple recipients. Thus, in step 405, server 201 can perform a separate zone classification for each addressed recipient email received in step 403. For example, if there are three recipients, the first recipient is a trusted partner, the second recipient is a recipient internal, and the third recipient an external recipient, which is not a trusted partner, server 201 can classify the email message to the first recipient, as a trusted partner, to the second recipient as an internal recipient, and to the third recipient as an untrusted external recipient, and server 201 can classify the email message for the first recipient as belonging to the "Trusted Partner" zone, for the second recipient as belonging to the "intra-Organization" zone, and for the third container as belonging to the "Internet" zone.
    [00048] After step 405, the process goes to step 407, where the server returns the zone classification of each container to the client 205. In some modalities, the client can apply zone classification indication for e- email in the displayed email message. In a situation, when there are multiple containers, and different zones for different containers, the zone classification for each container can be shown in the email message.
    [00049] The process then proceeds to step 409, where based on the received zone classification, the customer's policy engine determines, using information 223, whether a policy action is justified, and if justified, performs the action of policy.
    [00050] Client 205 can take any appropriate policy action based on the rating. For example, if it is determined that one of the recipients is in the Internet zone, then the customer can scan the email (using password scanning technique) to determine if the email contains confidential information, and if it is determined that the email contains confidential information, you can block the email from being sent. In another example, if one of the recipients is in the Internet zone, and if the email includes an attachment, the policy information can specify to the customer to make the user verify that the user really wants to send that attachment. This reduces the risk of the user inadvertently sending a confidential attachment to an unwanted recipient.
    [00051] The policies described above are merely exemplary of policies that can be applied to e-mails based on the zone in which it is classified. Many other types of policies are possible, and the present invention is not limited to the use of any particular policy or type of policy. In this regard, it should be appreciated that the policies applied to emails on the client can be configured by a client user and / or network administrator, and any suitable policy can be used.
    [00052] The process then proceeds to step 411, where the email client sends the email message to server 201, to be transmitted to the recipient. It should be appreciated that when server 201 receives email messages for transmission, server 201 can perform the process discussed above in connection with figure 3, associated with sending an email message.
    [00053] Figure 5 shows a schematic block diagram of an illustrative computer 500, in which aspects of the present invention can be implemented. Only illustrative portions of the computer 500 will be identified for clarity, and not to limit the present invention. For example, computer 500 may include one or more volatile or non-volatile memories (called storage media), one or more additional processors, any other user input devices, and any appropriate software or other instructions that are performed by the computer 500 to perform the desired function.
    [00054] In the illustrated embodiment, computer 500 includes a system bus system 510 to allow communication between a central processing unit 502 (including one or more general purpose hardware programmable computer processors), a tangible memory 504, video interface 506, user input interface 508, and network interface 512. Network interface 512 can be connected, via network 520, to at least one remote device 518. Peripherals, such as monitor 522, keyboard 514, and mouse 516, in addition to other input / output devices, can also be included in the computer system, since the present invention is not limited in this regard.
    [00055] As can be seen from the discussion above, the email server 201 can be an application program running on a computer, such as computer 500. Thus, the central processing unit 502 can perform the process steps of the figures 3 and 4 described, executed by server 201, classification engine 209 of server 201, and / or policy engine 211 of server 201, and memory 504 can store computer program instructions (accessed and executed by the central processing unit ) to perform such processing steps. Memory 504 can also be used to store information 213, 215, 217.
    [00056] Similarly, each of the clients 205 can be an application program to run on a computer, such as computer 500. In this regard, the central processing unit 502 can perform process steps of figures 3 and 4, described performed by a client 205, and memory 504 can store computer program instructions (accessed and executed by the central processing unit) to perform such processing steps. Memory 504 can also be used to store information 223.
    [00057] Thus, having described several aspects of at least one embodiment of the present invention, it should be appreciated that various changes, modifications, and improvements may be made to the present invention by those skilled in the art.
    [00058] Such changes, modifications, and improvements are an integral part of the present invention, and therefore, fall within the spirit and scope of the present invention. Consequently, the above description and related drawings have been presented as merely exemplary.
    [00059] The above described modalities of the present invention can be implemented in several ways. For example, modalities can be implemented using hardware, software, or a combination of these. When implemented using software, the software code can be run on any suitable processor or on a collection of processors, either provided on a single computer or distributed over multiple computers.
    [00060] Furthermore, it should be appreciated that the computer can be configured in several ways, such as a desktop computer, a desktop computer, a laptop computer, or a tablet computer. In addition, a computer can be incorporated into a device not generally recognized as a computer, but with adequate processing capacity, including Digital Assistants (PDAs), SmartPhones, or any portable or non-portable electronic device.
    [00061] In addition, a computer can have one or more input and output devices, which can be used among many things, to present a user interface. Examples of output devices that can be used to provide a user interface include printers or video screens for visual presentation, and speakers and other sound generating devices for sound presentation. Examples of input devices include a keyboard, pointing devices, such as a mouse, touch pad, or digitized tablets. In other examples, a computer can receive information by voice or in any format by sound.
    [00062] Such computers can be interconnected by one or more networks, in any suitable way, including Local Area Network or Extended Area Network in a company or on the Internet itself. Such networks can be based on any suitable technology, operate according to any suitable protocol, and include wireless networks, wired networks, or fiber optic networks.
    [00063] Furthermore, several methods and processes described in this document can be coded as executable software on one or more processors, which employ a variety of platforms or operating systems. In addition, the software can be written using any of a number of programming languages and / or programming or writing tools, and also compiled as machine-executable language code or intermediate code executed in a framework or virtual machine .
    [00064] In this regard, the present invention can be configured as computer-readable media (or computer-readable multiple media) (ie computer memory, one or more floppy disks, compact discs (CDs), digital video discs (DVDs ), magnetic tapes, Flash memories, circuit modalities in Field Programmable Gate Arrays or other semiconductor devices, or other tangible computer storage media) encoded with one or more programs, which, when run on one or more computers or other processors, perform methods that implement the various modalities of the invention discussed above. In addition, computer-readable media can be transportable, so that stored programs can be loaded onto one or more different computers or other processors, to implement the various aspects of the present invention, as discussed above.
    [00065] The terms "Program" or "Software" are used in the present invention, in general, referring to any type of computer code or set of instructions executable by computer, which can be used to program a computer or a processor to implement various aspects of the present invention, as discussed above. Furthermore, it should be appreciated that, according to one aspect of the present modality, one or more computer programs that, when executed, execute methods of the present invention, do not need to be arranged on a single computer or processor, but, instead, can be distributed, in a modular way, in a number of different computers, to implement the various aspects of the present invention.
    [00066] Computer executable instructions can take various forms, such as program modules, executed by one or more computers or other devices. Program modules generally include routines, programs, objects, components, data structures, etc. that perform particular tasks or particular types of abstract data. Typically, the functionality of the program modules can be combined or distributed, as desired, in various modalities.
    [00067] In addition, data structures can be stored on computer-readable media in any suitable way. To simplify the illustration, data structures can be shown having fields correlated by location in the data structure. The correlation can be achieved, similarly, by designating the storage location for the fields with locations on a computer-readable medium, providing a correlation between the data. However, any suitable mechanism can be used to correlate information in the fields of a data structure, including pointers, labels, and other mechanisms to establish the correlation between data elements.
    [00068] Various aspects of the present invention may be used alone, in combination, or in an arrangement not specifically discussed in the described modalities, and therefore the invention is not limited to this application or to the details and arrangements of components set out in the description or illustrated in the drawings. For example, aspects described in one modality can be combined in any way with aspects described in other modalities.
    [00069] Furthermore, the present invention can be configured as a method, an example of which has been provided. The steps performed as part of the method can be ordered in any suitable sequence. Therefore, the modalities can be constructed so that the steps are performed in a different order than the one illustrated, where some steps can be performed simultaneously, even if they have been shown in sequential order in the illustrative modalities.
    [00070] The use of ordinal terms first, second, third, etc. in claims to modify a claim element, per se do not denote any priority, precedence, or order of one claim element over another, or a time order in which the steps of the method are performed, but are used merely as identifiers, to distinguish an element of the claim having a certain name from another of the same name (for use in ordinal term) to distinguish the elements of the claim.
    [00071] Furthermore, the phraseology / terminology used in this has only a descriptive character and should not be considered as limiting. The use of the terms "including", "comprising", "having", "containing", "involving", and variations thereof, includes the items listed and their equivalents, as well as additional items.
    权利要求:
    Claims (20)
    [0001]
    1. Method characterized by the fact that it comprises the steps of: displaying an electronic correspondence message (e-mail) through an e-mail client application program running on a computer, the displayed e-mail message to be sent to from an email address domain that is internal to the organization to a plurality of recipient email addresses, including: a first recipient email address that is external to the organization, a second recipient email address that is internal to the organization, and a third recipient email address that is external to the organization; send, through the email client application program, the plurality of recipient email addresses to an organization's email server, where the organization's email server is configured to determine: the first email address recipient email that is external to the organization includes an email address domain that has been listed by the organization as a trusted partner domain, the second recipient email address that is internal to the organization includes an email address domain email that is internal to the organization, and the third recipient email address that is external to the organization includes an email address domain that was not listed by the organization as a trusted partner domain and that was not listed by the organization as a restricted domain; receive, by the email client application program from the organization's email server, different classifications of email zone, including: a zone of trusted partners for the first recipient email address that is external to the organization, an intra-organizational zone for the second recipient email address that is internal to the organization, and a general Internet zone for the third recipient email address that is external to the organization; add zone information through the email client application program indicating the different email zone classifications in a header of the displayed email message; visually display, by the e-mail client application program, an indication of each different e-mail zone classification in the displayed e-mail message; process, by the email client application program, the email message displayed as several separate email messages that are classified based on the zone information, the multiple separate email messages, including: a first e-mail message that is addressed only to the first recipient e-mail address and is classified in the trusted partner zone, a second e-mail message that is addressed only to the second recipient e-mail address and which is classified in the inter-organization zone, and a third e-mail message that is addressed only to the third recipient e-mail address and is classified in the general Internet zone; access, through a policy engine of the email client application program, policy information stored in the computer's memory; determine, through the policy engine, policy actions specified by the policy information to be performed on the third email message based on the classification of the third email message in the general Internet zone, where the policy actions include at least scanning the contents of the third email message for confidential information and preventing the sending of the third email message when confidential information is contained in the third email message; send, by the email client application program, to the organization's email server, the first email message without policy actions being performed on the first email message; send, via the email client application program to the organization's email server, the second email message without policy actions being performed on the second email message; and execute, through the policy engine, the policy actions in the third email message.
    [0002]
    2. Method, according to claim 1, characterized by the fact that the indication comprises an icon for each different e-mail zone classification.
    [0003]
    3. Method, according to claim 1, characterized by the fact that the indication comprises a text label for each different e-mail zone classification.
    [0004]
    4. Method, according to claim 1, characterized by the fact that it still comprises: sending, by the e-mail client application program to the organization's e-mail server, the third e-mail message when scanning indicate that no confidential information is contained in the third email message.
    [0005]
    5. Method, according to claim 1, characterized by the fact that: the displayed email message comprises an attachment, and policy actions include asking a user of the email client application program to verify that the attachment must be sent to the third recipient email address.
    [0006]
    6. Method, according to claim 1, characterized by the fact that: the policy's actions include encrypting the third email message when the scan indicates that no confidential information is contained in the third email message.
    [0007]
    7. Computer-readable storage device, having a method characterized by the fact that it comprises: displaying an electronic correspondence message (e-mail) through an e-mail client application program, the e-mail message displayed to be sent from an email address domain that is internal to the organization to a plurality of recipient email addresses, including: a first recipient email address that is external to the organization, a second email address recipient email that is internal to the organization, and a third recipient email address that is external to the organization; send, through the email client application program, the plurality of recipient email addresses to an organization's email server, where the organization's email server is configured to determine: the first email address recipient email that is external to the organization includes an email address domain that has been listed by the organization as a trusted partner domain, the second recipient email address that is internal to the organization includes an email address domain email that is internal to the organization, and the third recipient email address that is external to the organization includes an email address domain that was not listed by the organization as a trusted partner domain and that was not listed by the organization as a restricted domain; receive, by the email client application program from the organization's email server, different classifications of email zone, including: a zone of trusted partners for the first recipient email address that is external to the organization, an intra-organizational zone for the second recipient email address that is internal to the organization, and a general Internet zone for the third recipient email address that is external to the organization; add zone information through the email client application program indicating the different email zone classifications in a header of the displayed email message; visually display, by the e-mail client application program, an indication of each different e-mail zone classification in the displayed e-mail message; process, by the email client application program, the email message displayed as several separate email messages that are classified based on the zone information, the multiple separate email messages, including: a first e-mail message that is addressed only to the first recipient e-mail address and is classified in the trusted partner zone, a second e-mail message that is addressed only to the second recipient e-mail address and which is classified in the inter-organization zone, and a third e-mail message that is addressed only to the third recipient e-mail address and is classified in the general Internet zone; access, through an e-mail client application program policy engine, policy information stored in the computing device's memory; determine, through the policy engine, policy actions specified by the policy information to be performed on the third email message based on the classification of the third email message in the general Internet zone, where the policy actions include at least scanning the contents of the third email message for confidential information and preventing the sending of the third email message when confidential information is contained in the third email message; send, by the email client application program, to the organization's email server, the first email message without policy actions being performed on the first email message; send, via the email client application program to the organization's email server, the second email message without policy actions being performed on the second email message; and execute, through the policy engine, the policy actions in the third email message.
    [0008]
    8. Computer-readable storage device, according to claim 7, characterized by the fact that it still comprises: sending, by the e-mail client application program to the organization's e-mail server, the third e-mail message -mail when the scan indicates that no confidential information is contained in the third email message.
    [0009]
    9. Computer-readable storage device according to claim 7, characterized by the fact that: the displayed email message comprises an attachment, and policy actions include requesting a user of the client application program from and -mail verify that the attachment should be sent to the third recipient email address.
    [0010]
    10. Computer-readable storage device according to claim 7, characterized by the fact that the policy information is configurable by a user of the computing device.
    [0011]
    11. Computer readable storage device according to claim 7, characterized by the fact that the indication comprises an icon for each different e-mail zone classification.
    [0012]
    12. Computer-readable storage device according to claim 7, characterized in that the indication comprises a text label for each different e-mail zone classification.
    [0013]
    13. Computer-readable storage device according to claim 7, characterized by the fact that: policy actions include encrypting the third email message when scanning indicates that no confidential information is contained in the third email message -mail.
    [0014]
    14. Computer system, characterized by the fact that it comprises: a processor configured to execute instructions executable by the processor; and memory that stores instructions executable by the processor to cause a client e-mail client application program to: display an e-mail message to be sent from an e-mail address domain that is internal to an organization for a plurality of recipient email addresses, including: a first recipient email address that is external to the organization, a second recipient email address that is internal to the organization, and a third email address -mail container that is external to the organization; send the plurality of recipient email addresses to an organization's email server, where the organization's email server is configured to determine: the first recipient email address that is external to the organization includes a email address domain that has been listed by the organization as a trusted partner domain, the second recipient email address that is internal to the organization includes an email address domain that is internal to the organization, and the third recipient email address that is external to the organization includes an email address domain that was not listed by the organization as a trusted partner domain and that was not listed by the organization as a restricted domain; receive different email zone classifications from the organization's email server, including: a zone of trusted partners for the first recipient email address that is external to the organization, an intra-organizational zone for the second recipient email address that is internal to the organization, and a general Internet zone for the third recipient email address that is external to the organization; add zone information through the email client application program indicating the different email zone classifications in a header of the displayed email message; visually display an indication of each different email zone classification in the displayed email message; process the displayed email message as several separate email messages that are classified based on zone information, the multiple separate email messages, including: a first email message that is addressed only to the first recipient email address and that is classified in the trusted partner zone, a second email message that is addressed only to the second recipient email address and that is classified in the zone between organizations, and a third email message -mail that is addressed only to the third recipient email address and is classified in the general Internet zone; access, through a policy engine of the email client application program, the policy information stored in memory; determine, through the policy engine, policy actions specified by the policy information to be performed on the third email message based on the classification of the third email message in the general Internet zone, where the policy actions include at least scanning the contents of the third email message for confidential information and preventing the sending of the third email message when confidential information is contained in the third email message; send, by the email client application program, to the organization's email server, the first email message without policy actions being performed on the first email message; send, via the email client application program to the organization's email server, the second email message without policy actions being performed on the second email message; and execute, through the policy engine, the policy actions in the third email message.
    [0015]
    15. Computer system according to claim 14, characterized by the fact that: policy actions include encrypting the third email message when the scan indicates that no confidential information is contained in the third email message.
    [0016]
    16. Computer system according to claim 14, characterized by the fact that the indication comprises an icon for each different e-mail zone classification.
    [0017]
    17. Computer system according to claim 14, characterized by the fact that: the displayed email message comprises an attachment, and policy actions include requesting a user of the email client application program check if the attachment should be sent to the third recipient email address.
    [0018]
    18. Computer system according to claim 14, characterized by the fact that the indication comprises a text label for each different e-mail zone classification.
    [0019]
    19. Computer system, according to claim 14, characterized by the fact that the memory still stores instructions executable by the processor to make the e-mail client application program: send to the organization's e-mail server the third email message when the scan indicates that no confidential information is contained in the third email message.
    [0020]
    20. Computer system according to claim 17, characterized by the fact that: policy actions include preventing the sending of the third email message when the attachment exceeds a threshold size limit.
    类似技术:
    公开号 | 公开日 | 专利标题
    BR112012022659B1|2020-09-29|METHOD FOR DISPLAYING ELECTRONIC CORRESPONDENCE MESSAGES, LEGIBLE STORAGE DEVICE BY COMPUTER AND COMPUTER SYSTEM
    US10924517B2|2021-02-16|Processing network traffic based on assessed security weaknesses
    US11132461B2|2021-09-28|Detecting, notifying and remediating noisy security policies
    US20190268302A1|2019-08-29|Event-driven malware detection for mobile devices
    US11044267B2|2021-06-22|Using a measure of influence of sender in determining a security risk associated with an electronic message
    US9917864B2|2018-03-13|Security policy deployment and enforcement system for the detection and control of polymorphic and targeted malware
    Sittig et al.2016|A socio-technical approach to preventing, mitigating, and recovering from ransomware attacks
    US8645478B2|2014-02-04|System and method for monitoring social engineering in a computer network environment
    Lau et al.2014|Mimesis Aegis: A Mimicry Privacy {Shield–A}{System’s} Approach to Data Privacy on Public Cloud
    US8667581B2|2014-03-04|Resource indicator trap doors for detecting and stopping malware propagation
    US10523609B1|2019-12-31|Multi-vector malware detection and analysis
    US10540637B2|2020-01-21|Intelligent, context-based delivery of sensitive email content to mobile devices
    US10673878B2|2020-06-02|Computer security apparatus
    US8281405B1|2012-10-02|System, method, and computer program product for securing data on a server based on a heuristic analysis
    Simpson et al.2012|Enterprise high assurance scale-up
    US9967242B2|2018-05-08|Rich content scanning for non-service accounts for email delivery
    Simpson et al.2014|Cloud forensics issues
    US11269994B2|2022-03-08|Systems and methods for providing configurable responses to threat identification
    US20220014543A1|2022-01-13|Using a measure of influence of sender in determining a security risk associated with an electronic message
    US20210390510A1|2021-12-16|Dynamically Providing Cybersecurity Training Based on User-Specific Threat Information
    Simpson et al.2014|High Assurance Enterprise Scaling Issues
    Chandersekaran et al.2012|Enterprise High Assurance Scale-up
    Liao et al.0|Research in Analysis IT Security Policy and Security Solution
    Stephanchick2003|Expanding outcomes assessment using input from students, accreditation commissions, and industry
    Duncan2008|Basic computer security strategies and models
    同族专利:
    公开号 | 公开日
    BR112012022659A2|2016-07-19|
    AU2011224637B2|2014-06-12|
    JP5778189B2|2015-09-16|
    EP2545519A4|2014-01-08|
    US9838349B2|2017-12-05|
    US20110219081A1|2011-09-08|
    RU2582063C2|2016-04-20|
    CA2789255A1|2011-09-15|
    RU2012138356A|2014-03-20|
    EP2545519A2|2013-01-16|
    KR101853980B1|2018-05-02|
    CN108833640A|2018-11-16|
    CN102792324A|2012-11-21|
    KR20130045841A|2013-05-06|
    CA2789255C|2017-09-05|
    WO2011112460A2|2011-09-15|
    WO2011112460A3|2011-12-15|
    AU2011224637A1|2012-08-09|
    JP2013522725A|2013-06-13|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    US6829613B1|1996-02-09|2004-12-07|Technology Innovations, Llc|Techniques for controlling distribution of information from a secure domain|
    US6226745B1|1997-03-21|2001-05-01|Gio Wiederhold|Information sharing system and method with requester dependent sharing and security rules|
    US6073142A|1997-06-23|2000-06-06|Park City Group|Automated post office based rule analysis of e-mail messages and other data objects for controlled distribution in network environments|
    US7127741B2|1998-11-03|2006-10-24|Tumbleweed Communications Corp.|Method and system for e-mail message transmission|
    US6366912B1|1998-04-06|2002-04-02|Microsoft Corporation|Network security zones|
    CN1332881A|1998-08-04|2002-01-23|机密保护公司|Systems and methods for securing electronic message|
    US6826609B1|2000-03-31|2004-11-30|Tumbleweed Communications Corp.|Policy enforcement in a secure data file delivery system|
    GB0027280D0|2000-11-08|2000-12-27|Malcolm Peter|An information management system|
    GB2374689B|2001-04-20|2005-11-23|Eldama Systems Ip Ltd|Communications system|
    JP2003008651A|2001-06-21|2003-01-10|Mitsubishi Electric Corp|Packet communication method and packet communication system|
    JP4051924B2|2001-12-05|2008-02-27|株式会社日立製作所|Network system capable of transmission control|
    US7380120B1|2001-12-12|2008-05-27|Guardian Data Storage, Llc|Secured data format for access control|
    US8478824B2|2002-02-05|2013-07-02|Portauthority Technologies Inc.|Apparatus and method for controlling unauthorized dissemination of electronic mail|
    US7673344B1|2002-09-18|2010-03-02|Symantec Corporation|Mechanism to search information content for preselected data|
    US8352535B2|2002-10-30|2013-01-08|Portauthority Technologies Inc.|Method and system for managing confidential information|
    US7304982B2|2002-12-31|2007-12-04|International Business Machines Corporation|Method and system for message routing based on privacy policies|
    US7152244B2|2002-12-31|2006-12-19|American Online, Inc.|Techniques for detecting and preventing unintentional disclosures of sensitive data|
    JP2004302569A|2003-03-28|2004-10-28|Honda Motor Co Ltd|Electronic mail management system|
    EP1629382A4|2003-06-02|2011-12-21|Liquid Machines Inc|Managing data objects in dynamic, distributed and collaborative contexts|
    US7272853B2|2003-06-04|2007-09-18|Microsoft Corporation|Origination/destination features and lists for spam prevention|
    US7263607B2|2003-06-12|2007-08-28|Microsoft Corporation|Categorizing electronic messages based on trust between electronic messaging entities|
    US7493650B2|2003-07-01|2009-02-17|Portauthority Technologies Inc.|Apparatus and method for ensuring compliance with a distribution policy|
    US7515717B2|2003-07-31|2009-04-07|International Business Machines Corporation|Security containers for document components|
    US7814327B2|2003-12-10|2010-10-12|Mcafee, Inc.|Document registration|
    EP1551146B1|2004-01-05|2011-08-24|Ricoh Company, Ltd.|Document security management for repeatedly reproduced hardcopy and electronic documents|
    JP2005209106A|2004-01-26|2005-08-04|Nec Corp|Portable communication terminal, received e-mail management method, program and recording medium|
    US8250150B2|2004-01-26|2012-08-21|Forte Internet Software, Inc.|Methods and apparatus for identifying and facilitating a social interaction structure over a data packet network|
    US10257164B2|2004-02-27|2019-04-09|International Business Machines Corporation|Classifying e-mail connections for policy enforcement|
    US9819624B2|2004-03-31|2017-11-14|Google Inc.|Displaying conversations in a conversation-based email system|
    US7467399B2|2004-03-31|2008-12-16|International Business Machines Corporation|Context-sensitive confidentiality within federated environments|
    US7743425B2|2004-04-29|2010-06-22|Microsoft Corporation|Security restrictions on binary behaviors|
    US7523498B2|2004-05-20|2009-04-21|International Business Machines Corporation|Method and system for monitoring personal computer documents for sensitive data|
    GB2418110B|2004-09-14|2006-09-06|3Com Corp|Method and apparatus for controlling traffic between different entities on a network|
    US7454778B2|2004-09-30|2008-11-18|Microsoft Corporation|Enforcing rights management through edge email servers|
    US20060168057A1|2004-10-06|2006-07-27|Habeas, Inc.|Method and system for enhanced electronic mail processing|
    US7574409B2|2004-11-04|2009-08-11|Vericept Corporation|Method, apparatus, and system for clustering and classification|
    US7493359B2|2004-12-17|2009-02-17|International Business Machines Corporation|E-mail role templates for classifying e-mail|
    US7496634B1|2005-01-07|2009-02-24|Symantec Corporation|Determining whether e-mail messages originate from recognized domains|
    US20070005702A1|2005-03-03|2007-01-04|Tokuda Lance A|User interface for email inbox to call attention differently to different classes of email|
    US7797245B2|2005-03-18|2010-09-14|Black Duck Software, Inc.|Methods and systems for identifying an area of interest in protectable content|
    JP2006313434A|2005-05-06|2006-11-16|Canon Inc|Mail transmitter, its control method, program and storage medium|
    GB2430771A|2005-09-30|2007-04-04|Motorola Inc|Content access rights management|
    JP2007102334A|2005-09-30|2007-04-19|Ntt Data Corp|System, method and computer program for preventing information leakage by e-mail|
    CN1746916A|2005-10-25|2006-03-15|二六三网络通信股份有限公司|Network IP address credit assessment and use in electronic mail system|
    CN1760901A|2005-11-03|2006-04-19|上海交通大学|System for filtering E-mails|
    US7814165B2|2005-12-29|2010-10-12|Sap Ag|Message classification system and method|
    JP2007214979A|2006-02-10|2007-08-23|Konica Minolta Business Technologies Inc|Image processor, transfer device, data transmission method, program and recording medium|
    CN100486232C|2006-03-06|2009-05-06|华为技术有限公司|Method and system for processing electronic mails|
    JP4157890B2|2006-03-29|2008-10-01|東日本電信電話株式会社|E-mail delivery system and e-mail delivery program|
    JP4817952B2|2006-04-25|2011-11-16|エヌ・ティ・ティ・コミュニケーションズ株式会社|E-mail mistransmission prevention system, e-mail mistransmission prevention method, and e-mail mistransmission prevention program|
    AU2006235845A1|2006-10-13|2008-05-01|Titus Inc|Method of and system for message classification of web email|
    US8484296B2|2006-11-17|2013-07-09|At&T Intellectual Property I, L.P.|Systems and methods for displaying electronic mail messages|
    CN101201911A|2006-12-14|2008-06-18|英业达股份有限公司|Method for document specification and sending mail|
    US8468244B2|2007-01-05|2013-06-18|Digital Doors, Inc.|Digital information infrastructure and method for security designated data and with granular data stores|
    US8793801B2|2007-05-18|2014-07-29|Goldman, Sachs & Co.|Systems and methods to secure restricted information in electronic mail messages|
    US8171540B2|2007-06-08|2012-05-01|Titus, Inc.|Method and system for E-mail management of E-mail having embedded classification metadata|
    US8073912B2|2007-07-13|2011-12-06|Michael Gregor Kaplan|Sender authentication for difficult to classify email|
    US8130951B2|2007-08-08|2012-03-06|Ricoh Company, Ltd.|Intelligent electronic document content processing|
    US8539029B2|2007-10-29|2013-09-17|Microsoft Corporation|Pre-send evaluation of E-mail communications|
    US8635285B2|2007-12-22|2014-01-21|Paul D'Amato|Email categorization methods, coding, and tools|
    US20090228560A1|2008-03-07|2009-09-10|Intuit Inc.|Method and apparatus for classifying electronic mail messages|
    JP2009258852A|2008-04-14|2009-11-05|Hitachi Ltd|Information management system, information management method, and network device|
    EP2318944A4|2008-06-23|2013-12-11|Cloudmark Inc|Systems and methods for re-evaluating data|
    US8843566B2|2008-08-20|2014-09-23|First Data Corporation|Securing outbound mail|
    US8126837B2|2008-09-23|2012-02-28|Stollman Jeff|Methods and apparatus related to document processing based on a document type|
    US8275798B2|2008-12-23|2012-09-25|At&T Intellectual Property I, L.P.|Messaging personalization|
    US8407805B2|2009-03-04|2013-03-26|Titus Inc.|Method and system for classifying and redacting segments of electronic documents|
    US20110219424A1|2010-03-05|2011-09-08|Microsoft Corporation|Information protection using zones|
    CA2704344C|2010-05-18|2020-09-08|Christopher A. Mchenry|Electronic document classification|US20110219424A1|2010-03-05|2011-09-08|Microsoft Corporation|Information protection using zones|
    US9363088B2|2010-07-22|2016-06-07|Zixcorp Systems, Inc.|Automated provisioning of a network appliance|
    JP5488379B2|2010-09-29|2014-05-14|富士通株式会社|Mail monitoring system, mail monitoring program, mail monitoring apparatus and mail monitoring method|
    US8566319B2|2010-12-30|2013-10-22|International Business Machines Corporation|Selectively organizing a recipient list based on external group data|
    CN104219134B|2013-05-31|2018-09-18|腾讯科技(深圳)有限公司|E-mail processing method and email disposal device|
    US9426007B1|2013-07-22|2016-08-23|The United States Of America, As Represented By The Secretary Of The Army|Alignment of signal copies from an asynchronous sensor network|
    US10187340B2|2014-02-21|2019-01-22|Titus, Inc.|Reducing inadvertent data loss in email|
    US9237426B2|2014-03-25|2016-01-12|Location Labs, Inc.|Device messaging attack detection and control system and method|
    US9652530B1|2014-08-27|2017-05-16|Google Inc.|Generating and applying event data extraction templates|
    US9563689B1|2014-08-27|2017-02-07|Google Inc.|Generating and applying data extraction templates|
    US9571435B2|2014-09-04|2017-02-14|International Business Machines Corporation|Automated spam filter updating by tracking user navigation|
    JP6395540B2|2014-09-25|2018-09-26|株式会社東芝|Cooperation system, program|
    US9785705B1|2014-10-16|2017-10-10|Google Inc.|Generating and applying data extraction templates|
    US10216837B1|2014-12-29|2019-02-26|Google Llc|Selecting pattern matching segments for electronic communication clustering|
    US9684798B2|2015-05-01|2017-06-20|International Business Machines Corporation|Audience-based sensitive information handling for shared collaborative documents|
    CN104883296A|2015-06-26|2015-09-02|北京奇虎科技有限公司|E-mail forwarding mode and related system|
    US10250546B2|2015-09-14|2019-04-02|International Business Machines Corporation|Managing an E-mail response|
    US10387559B1|2016-11-22|2019-08-20|Google Llc|Template-based identification of user interest|
    US10419448B2|2017-01-09|2019-09-17|Microsoft Technology Licensing, Llc|Enhanced email service|
    US20200162480A1|2018-11-19|2020-05-21|Zixcorp Systems, Inc.|Delivery of an Electronic Message Using a Machine Learning Policy|
    法律状态:
    2017-07-25| B25A| Requested transfer of rights approved|Owner name: MICROSOFT TECHNOLOGY LICENSING, LLC (US) |
    2019-01-08| B06F| Objections, documents and/or translations needed after an examination request according [chapter 6.6 patent gazette]|
    2019-09-17| B06U| Preliminary requirement: requests with searches performed by other patent offices: procedure suspended [chapter 6.21 patent gazette]|
    2020-07-07| B09A| Decision: intention to grant [chapter 9.1 patent gazette]|
    2020-09-29| B16A| Patent or certificate of addition of invention granted|Free format text: PRAZO DE VALIDADE: 20 (VINTE) ANOS CONTADOS A PARTIR DE 04/03/2011, OBSERVADAS AS CONDICOES LEGAIS. |
    优先权:
    申请号 | 申请日 | 专利标题
    US12/719,801|2010-03-08|
    US12/719,801|US9838349B2|2010-03-08|2010-03-08|Zone classification of electronic mail messages|
    PCT/US2011/027235|WO2011112460A2|2010-03-08|2011-03-04|Zone classification of electronic mail messages|
    [返回顶部]