Browse Prior Art Database

Method to Deliver Mail Using Role Based Access Control

IP.com Disclosure Number: IPCOM000199940D
Publication Date: 2010-Sep-21
Document File: 8 page(s) / 386K

Publishing Venue

The IP.com Prior Art Database

Abstract

Currently, use of email has become so wide-spread that email communicators can become inundated with messages. In most large organizations, the staff will receive and send emails between pluralities of colleagues. When using an email system, there is the possibility to include several destination addresses, whether as primary recipients (To :-) or as carbon copy (CC :-) or as blind carbon copy (BCC :). Common problem seen in the current email delivery mechanism are like sender sending mail to unintended persons, this could happen in situations like change in the role of the person addressed in the mail. Other major problem seen is the security threats due to information leakage via mail sent to unintended persons.This disclosed suggest a way to utilize the enterprise organizational information to implement role based access control for email message distribution and addressing the common problem mentioned.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 25% of the total text.

Page 1 of 8

Method to Deliver Mail Using Role Based Access Control

In order to achieve strict delivery of mail in a system, the mail composer must validate the identity of the person to whom he/she intends to send the mail.

One can achieve this by:

Querying their respective database to get more granular details of the person to whom the mail will be addressed such as current role, organization etc. This approach will work only when the person to whom the mail is addressed and the composer of the mail is in same organization, which could allow the composer to query the central repository for more granular details.

From above description we could see that existing solution is not adapted to changes of both the role of recipient or organizational hierarchy. It is highly needed to validate the recipient address by using role based access control mechanism to avoid sending confidential mails to unintended persons and also to minimize the security threats. This can also avoid getting junk mails in recipient's mailbox.

Generally once the email composer identifies the correct point of contact for communication, he/she will not search for the same person again and again. He will keep practice of sending mails to him as he was the point of contact in that department. However when that person leaves the department or changed the role, it will not be good to send him mails which are not a part of his work. Especially in security domains this approach might be prove as risky, as emails contains sensitive information.

This disclosure ensures that email will be sent to the correct recipient using enterprise organizational information.

Proposed idea disclosed here is to utilize the enterprise organizational information to implement role based access control for email message distribution.

The propose idea in this disclosure overcomes some of the commonly observed problems by:

1) Providing option in e-mail client system to create a rule based on organization hierarchy on the email that needs to be delivered to list of people addressed in the mail.
2) Mail server on receiving the email, processes the email to check if any setting exists.
3) Mail server on detecting the setting, evaluates the rule based on the data available with the server.
4) Mail server delivers the mail to all people addressed in the e-mail for which the evaluation of the rule stands true.

Advantages:

1. Ensures that email will be sent to the correct recipient using enterprise organizational information.
2. Sender will get notification for the failure of mail delivery with the reason of incorrect

1

Page 2 of 8

contact. . e.g. "abc@app.com does not match the rule criteria". So sender can rectify the his mailing list
3. Sender can customize the rule for validating recipients email id in the context of recipient's roles and responsibilities.
4. The Job responsibilities/role changes are sensitive. Any changes within the organization structure (including changes of the recipient) will be cached by th...