Browse Prior Art Database

Highly Secure Emails

IP.com Disclosure Number: IPCOM000241534D
Publication Date: 2015-May-08
Document File: 5 page(s) / 64K

Publishing Venue

The IP.com Prior Art Database

Abstract

Abstract This paper describes the enhancement of corporate email system to secure highly confidential emails by mandating a dynamic password in addition to the existing email client level password. The method enables the sender to indicate an email as highly secure email and henceforth could be accessed by the designated recipients only through an additional dynamic password sent via their registered mobile number. This also allows the sender to designate the email as a highly secure one either to all the recipients or to apply rules at recipient level. These rules are easily customizable and the method also depicts how the high secure email restriction and associated attributes can be easily modified and maintained even after the email is sent. The security and confidentiality concerns of the sender is addressed by ensuring that the highly secure email rule doesn’t end with the single email transaction and would be carried along when the email gets forwarded, replied etc. as defined by the sender.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 30% of the total text.

Page 01 of 5

Highly Secure Emails

Back Ground

    In the current corporate email systems, each subscriber is provided with a mail client installed in their workstation. Each of the mail client is secured by a password. Every individual unlocks their mail client with their unique password. Once the mail client is unlocked, each individual can then send emails / read their received emails.

    A lot of emails shared across the corporate environment would be of classified and business critical information, which should be secured from unauthorized access. Currently few of the mail clients consider the need for securing the critical emails and allow the sender to mark such emails as 'highly confidential' and assign rules like 'prevent copying', 'do not forward'. But none of these features ensures the complete security for such confidential emails, as the only

protection is through the mail client password. The mail client password can be hacked or compromised unintentionally, there by exposing all the confidential emails. Also mail client

passwords are relatively static as they are enforced to be changed in the interval range of anywhere from 90 days to 180 days.

Problems in Current Model

The shortcomings associated with the current corporate mail systems are well-known.


 Security is via the mail client password


 Mail client passwords are relatively static


 Mail client passwords can be easily hacked


 The subscribers usually have passwords which could be easily guessed


 No support to add additional security to specific emails

Contemporary Advances

    Large volume of work is done in this area to enhance the corporate email functionalities to secure confidential emails efficiently. For instance like self-destruction of confidential emails in all the recipient systems beyond a specified date [1], a method for authenticating electronic communications between a sender and a recipient via an email authentication server [2], system and method for securely providing email through double key infrastructure cryptography [3] and securing emails with Office 365 Message Encryption (OME) using One Time Passcode [4].

    Though the current enhancements aims to secure the emails using various encryption techniques to ensure that emails are not readable in unauthorized systems or cannot be hacked in between the transmission. But there is still a need for a fool proof secure system which would

prevent confidential emails from being compromised once the sender or intended recipient mail client is hacked. This is by associating an additional dynamic password to confidential emails apart from the mail client level password and various encryption/ decryption.

Highly Secure Email

    There are various real time scenarios which would require the sender to send business critical and confidential information via email to selected few recipients. Such email should not be copied or forwarded outside that intended group as well as should be prevented from being

1


Page 02 of 5

vie...