EP1133854A1 - Method and system for securing data objects - Google Patents

Method and system for securing data objects

Info

Publication number
EP1133854A1
EP1133854A1 EP99958570A EP99958570A EP1133854A1 EP 1133854 A1 EP1133854 A1 EP 1133854A1 EP 99958570 A EP99958570 A EP 99958570A EP 99958570 A EP99958570 A EP 99958570A EP 1133854 A1 EP1133854 A1 EP 1133854A1
Authority
EP
European Patent Office
Prior art keywords
server
user
mail
data object
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP99958570A
Other languages
German (de)
French (fr)
Inventor
Christian Gehrmann
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Telefonaktiebolaget LM Ericsson AB
Original Assignee
Telefonaktiebolaget LM Ericsson AB
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget LM Ericsson AB filed Critical Telefonaktiebolaget LM Ericsson AB
Publication of EP1133854A1 publication Critical patent/EP1133854A1/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/21Monitoring or handling of messages
    • H04L51/214Monitoring or handling of messages using selective forwarding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/58Message adaptation for wireless communication

Definitions

  • the present invention relates generally to the telecommunications field and, in particular, to a method and system for securing data objects such as electronic mail (e-mail).
  • e-mail electronic mail
  • IP Internet Protocol
  • Low level information protection can be beneficial because the services can be provided without requiring any changes to the applications involved.
  • low level protection protocols e.g., IPSEC protocol
  • IPSEC protocol require substantial modifications to the operating systems involved.
  • information that is protected only during transport requires additional protection when the information is ultimately stored at the clients' locations and servers.
  • the S/MIME Standard should be able to provide adequate protection for e-mail messages while they are stored at a user's terminal and/or mail server.
  • the S/MIME protection approach should make it possible to provide e-mail services that are totally open at the Internet and extremely easy to access. As such, it is expected that this model of open but protected information will be one of the more important security models in the future.
  • the standard Netscape ® and Microsoft ® e-mail tools support the S/MIME protocol.
  • the S/MIME Standard should provide a way to encrypt MIME information in a way that is flexible and secure.
  • the S/MIME standard will be a combination of public key encryption and symmetric encryption.
  • the symmetric key encryption will be used to encrypt the actual information content in the MIME messages, and the public keys will be used to encrypt the symmetric key used for encryption of the MIME content, or for digitally signing the MIME message.
  • S/MBVIE approach will use digital certificates to check the validity of the public keys used.
  • Secure e-mail approaches such as S/MIME, are based on a point-to-point communication model.
  • an arbitrary user in a network communicates with another user in the network, and the communication between the two users is secure.
  • a point-to-point security model does not fit well in a conventional co ⁇ orate network architecture.
  • a co ⁇ orate network e.g., LAN
  • LAN is an IP-based private network, and its only access to the Internet is through a firewall. Consequently, it is intentionally made difficult to access information in the co ⁇ orate network from the other side of the firewall.
  • a method and system are provided for securing private e-mail that can be conveyed to and from a user via an open network such as the Internet.
  • the e-mail messages are encrypted with a secure digital envelope type protocol which can be based on the use of digital certificates.
  • An example of such a digital envelope encryption protocol is the S/MIME protocol.
  • a domain-to-user security relationship is used instead of a user-to-user or domain-to-domain security relationship.
  • a mobile radiotelephone user of a co ⁇ orate network can have certain incoming e-mail forwarded to an external mail server (e.g., in the Internet).
  • the mail to be forwarded is first encrypted into a secure digital envelope format (e.g.,S/MIME format) with the user's secret key. Consequently, the protected e-mail from the co ⁇ orate network can be forwarded to the user via the external mail server (e.g., in the Internet) without compromising security.
  • a secure digital envelope format e.g.,S/MIME format
  • An important technical advantage of the present invention is that a mobile user can receive and view secure e-mail via an open network such as the Internet.
  • Another important technical advantage of the present invention is that a co ⁇ orate network user's e-mail can be secured with a maximum of two digital certificates required to obtain such protection.
  • Still another important technical advantage of the present invention is that the security of a user's e-mail is independent of the mail server used.
  • FIGURE 1 is a diagram that illustrates a secure e-mail system and method that can be implemented in accordance with a preferred embodiment of the present invention.
  • FIGURE 2 is a flow diagram of a method that can be used for encryption and decryption of e-mail using the S/MEVIE standard in accordance with the preferred embodiment of the present invention.
  • FIGURES 1 -2 of the drawings like numerals being used for like and corresponding parts of the various drawings.
  • the e-mail messages are encrypted with a secure digital envelope type protocol which can be based on the use of digital certificates.
  • a secure digital envelope type protocol is the S/MIME protocol.
  • S/MIME protocol a domain-to-user security relationship is used instead of a user-to-user or domain-to-domain security relationship.
  • a mobile radiotelephone user of a co ⁇ orate network can have certain incoming e-mail forwarded to an external mail server (e.g., in the Internet).
  • the mail to be forwarded is first encrypted into a secure digital envelope format (e.g., S/MIME format) with the user's secret key. Consequently, the protected e-mail from the co ⁇ orate network can be forwarded to the user via the external mail server (e.g., in the Internet) without compromising security.
  • a secure digital envelope format e.g., S/MIME format
  • the present invention is described herein primarily with respect to the protection of e-mail, the present invention can also apply to the protection of any data object, such as, for example, data programs, JAVA programs, or mobile code.
  • FIGURE 1 is a diagram that illustrates a secure e-mail system and method that can be implemented in accordance with a preferred embodiment of the present invention.
  • an exemplary system 10 includes an open or public-access network (e.g., the Internet) and a private network (e.g., a co ⁇ orate intranet or LAN).
  • the two networks are typically separated by a firewall 12, which functions primarily to protect and maintain the confidentiality of the information stored in the private network.
  • the open network includes a mail server 16 (external to the private network).
  • a user e.g., user of the private network
  • the user is preferably a mobile radiotelephone user who can gain access to the mail server 16 over a conventional wireless connection 18.
  • the user's PC (or PDA) 14 can include a speech/data connection to a mobile radiotelephone, such as, for example, a cellular phone.
  • the user's PC (or PDA) 14 can utilize a conventional e-mail application such as Netscape ® mail or Microsoft Outlook Express ® to forward or receive e-mail to or from the mail server 16 via the connection 18.
  • a wireless connection 18 is shown, the scope of the present invention is not intended to be so limited, and can include the use of, for example, a wireline connection, fiber optic connection, etc. However, the use of a wireless connection 18 via a mobile phone is more convenient for a user who is periodically on the move (e.g., in an automobile, train, aircraft, etc.).
  • the user's PC (or PDA) 14 is also connected to the co ⁇ orate network (generally denoted as 22) via a wireless (or any other appropriate) connection 20.
  • the user' s PC (or PDA) 14 can transfer data via a cellular phone over the wireless connection 20 to a dial-up modem at the co ⁇ orate network 22.
  • the user's PC 14 can be connected to the co ⁇ orate network's
  • WWW World-Wide Web
  • the primary pu ⁇ ose for this secure connection 32 in the context of FIGURE 1 is to enable the user to formulate and convey an e-mail forwarding policy to the co ⁇ orate network 22.
  • the co ⁇ orate network 22 includes a mail server 24 (e.g., on a co ⁇ orate LAN).
  • the Web interface 26 can be a conventional
  • the co ⁇ orate network 22 also includes a decryption unit 28 for decrypting an incoming e-mail message that has been encrypted using a packet or digital envelope cryptographic protocol (e.g., S/MIME).
  • the decryption unit 28 preferably includes a software application that can decrypt a secure digital envelope-formatted (e.g., S/MIME-protected) e-mail message conveyed via the connection 20 from the user's PC 14.
  • An encryption unit 30 preferably includes a software application that functions to encrypt an outgoing e-mail message with a secure digital envelope format (e.g., from a MIME format to S/MIME format).
  • the encrypted e-mail messages are coupled from the co ⁇ orate network 22 to the external mail server 16 via a conventional data connection 34.
  • the co ⁇ orate network 22 can be connected to an Internet mail server (16) via a Public Switched Telephone Network (PSTN) Tl line (34).
  • PSTN Public Switched Telephone Network
  • a mobile phone user employs the PC (or PDA) 14 to send a message including e-mail forwarding policy instructions to the Web interface 26.
  • the e-mail forwarding policy message is transported via a secure connection 32 (e.g., using TLS, IPSEC or any other appropriate secure transport protocol) to the Web interface 26.
  • This mail forwarding policy predetermines which e-mail messages are to be transported from the co ⁇ orate network 22, and to what address (e.g., to the external mail server 16).
  • the user's e-mail forwarding policy can include instructions to forward all incoming e-mail messages from the co ⁇ orate LAN to the external mail server, or just to forward certain e-mail messages only (e.g., just those arriving from a specific set of addresses, or having a certain priority).
  • the user's e-mail forwarding policy actually selected can be a matter of personal (or co ⁇ orate) choice.
  • a secure digital envelope format is a message, or information string, packed into a certain format to provide confidentiality, and/or integrity, and/or non-repudiation.
  • a combination of symmetric and asymmetric cryptographic functions can be used. Unlike most secure data transport protocols, a digital envelope can be used for off-line decryption and integrity-checking. Once transformed into a secure cryptographic envelope format, a secure message can be decrypted and checked at any time by anyone who possesses a correct secret key. As mentioned earlier, the S/MIME standard is an example of a secure digital envelope format.
  • the S/MIME standard can provide confidentiality and/or integrity and non-repudiation protection for MIME messages. Encrypting a MIME message with a secret symmetric key provides confidentiality for the message, while using a digital signature provides integrity and non-repudiation for the message.
  • a message can just be encrypted, just signed, or both encrypted and signed. The following description illustrates an exemplary method that can be used with the S/MIME standard to provide confidentiality, integrity and non-repudiation protection for a MIME message to be sent from one user to another.
  • a user, A wants to send a MIME message, M, to an arbitrary user, B, using the S/MEVIE standard.
  • S ' e'(K_public,S).
  • user A e.g., A's terminal
  • K_publicB public encryption key
  • user B For example, such a key can be contained in a digital certificate signed by a trusted third party.
  • K_s a public encryption key
  • user A generates a random value for a key, K_s.
  • user A holds the public key pair, K_publicA,K_secretA, to be used for signing messages.
  • user A e.g., A's terminal
  • step 207 user B (e.g., B's terminal) receives the message, (K',S,C), together with a certificate which contains the public key, K_publicA.
  • user B checks the signature of the certificate with the key, K_publicA.
  • step 209 if user B determines that the signature is correct, user B accepts the key, K_publicA, as the public signing key of user A. Otherwise, if the signature is incorrect, then user B considers the message (K',S,C) as invalid and can disregard the communication.
  • user B accepts the message (K'S,C) as a valid message from A. Otherwise, user B considers the message as invalid.
  • the e-mail to be forwarded (in accordance with the user's predetermined mail forwarding policy) from the co ⁇ orate network (LAN) 22 to the external network's (Internet) mail server 16 is first encrypted.
  • the e-mail messages stored in the co ⁇ orate network's mail server 24 are maintained in the MEVIE format.
  • the encryption unit 30 can encrypt each e-mail message to be forwarded to the external mail server into an S/MEVIE format.
  • the encryption unit 30 can encrypt the e-mail to be forwarded into the S/MEVIE format using symmetric keys shared between the network mail server 24 and the user's PDA 14.
  • a digital certificate can be used to assure the integrity and non-repudiation of the message.
  • the S/MEVIE encrypted e-mail messages are transmitted from the network 22 to the external mail server 16 via the conventional connection 34.
  • the encrypted e- mail is then maintained in the user's mailbox at the external mail server, until the user requests the mail for delivery to the PC (or PDA) 14.
  • a conventional mail tool e.g., Netscape mail or Microsoft's Outlook Express
  • the user's PC (or PDA) 14 can retrieve the encrypted mail from the external mail server 16 via the connection 18.
  • the user's PC 14 can check the signature of the certificate and decrypt the mail from the S/MEVIE format to the MIME format. If a PDA (14) is used, it decrypts the received mail.
  • the mobile user can also transmit encrypted e-mail messages from the PC (or PDA) 14 to the network 22.
  • the user's PC (or PDA) 14 encrypts the e-mail to be forwarded to the network 22 from the MEVIE format to an S/MEVIE format, mail server 22.
  • the encrypted e-mail message (and a digital certificate associated with the mail server 22) is transmitted from the PC 14 to the decryption unit 28 via connection 20.
  • the decryption unit 28 checks the digital certificate and then decrypts the received e-mail message from the S/MEVIE format to the MEVIE format.
  • the present invention requires the use of only two digital certificates for authentication: the user's certificate for encrypted mail forwarded to the external mail server; and the co ⁇ orate mail server's certificate for encrypted mail forwarded to the co ⁇ orate network's mail server.
  • a conventional Certificate
  • Management System can be used in the co ⁇ orate network's mail server 24 to handle both the issuance of digital certificates and the publication of the revocation of such certificates, if so required.
  • one or more e-mail mailing lists can be implemented and secured.
  • mailing lists currently are useful for large groups of people having some common interests in communicating by e-mail.
  • a person can send certain subscription e-mail containing the e-mail messages intended for communication to a mailing list e-mail server.
  • the subscription e-mail can contain the e-mail address where the subscriber desires to receive e-mail from the mailing list. All mail received by the mailing list server is forwarded to all mail addresses of subscribers to the list.
  • anyone who wishes to subscribe to an e-mail list may do so. As such, the only identity related to a subscriber is that subscriber's e-mail address.
  • e-mail address could be an anonymous address.
  • a mailing list administrator it is currently not possible for a mailing list administrator to prevent malicious use of the list by certain subscribers.
  • all e-mail messages currently being sent to and from mailing list servers are sent in clear text.
  • the secure e-mail gateway provided by the present invention can be used to prevent such problems.
  • the MEVIE to S/MEVIE (or S/MEVIE to MEVIE) e-mail gateway (e.g., units
  • the gateway 22 can be used as a mailing list server.
  • S/MEVIE Secure Digital
  • the identity of the subscriber can be determined before allowing the subscriber to enter the mailing list in the server.
  • the confidentiality and integrity of the mail received by the gateway 22 can be ensured.
  • the gateway 22 can encrypt the e-mail by using the receiver's certificate. Consequently, all messages sent to and from the mailing list (server) will be protected.

Abstract

A method and system are disclosed for securing primarily private e-mail that can be conveyed to and from a user via an open network such as the Internet. Essentially, the e-mail messages are encrypted with a secure digital envelope type protocol which can be based on the use of digital certificates. An example of such a digital envelope encryption protocol is the S/MIME protocol. As such, a domain-to-user security relationship is used instead of a user-to-user or domain-to-domain security relationship. For example, a mobile radiotelephone user of a corporate network (22) can have certain incoming e-mail forwarded to an external mail server (16) (e.g., in the Internet). The mail to be forwarded is first encrypted into a secure digital envelope format (e.g., S/MIME format) with the user's secret key. Consequently, the protected e-mail from the corporate network (22) can be forwarded to the user via the external mail server (16) (e.g., in the Internet) without compromising security.

Description

METHOD AND SYSTEM FOR SECURING DATA OBJECTS
BACKGROUND OF THE INVENTION Technical Field of the Invention
The present invention relates generally to the telecommunications field and, in particular, to a method and system for securing data objects such as electronic mail (e-mail).
Description of Related Art Mobile radiotelephone users have a significant problem gaining access to corporate information when they are on travel or at home. Today, most remote access solutions for gaining access to corporate information for such mobile users are based on the use of dial-up connections to dedicated modem pools. Another solution for obtaining the desired coφorate information is to route the information to or from the user using an arbitrary Internet connection and an encrypted "tunnel" to a gateway at the border between the Internet and the coφorate Local Area Network (LAN). However, the problem with such a solution is that the user's equipment is located outside the coφorate network, and consequently, that equipment can be quite vulnerable to security attacks and breaches. It is expected that, in the near future, numerous high-speed Internet connections will become available. Consequently, it is currently desirable to design solutions for gaining access to coφorate network information that will work for any Internet Protocol (IP) connection. In particular, it is currently desirable to provide a secure and flexible solution for a specific type of coφorate information service: e-mail.
There are numerous ways to provide secure access to coφorate information over an IP connection. As such, different protocols for providing secure access to such information have been, or are being, standardized by the Internet Engineering Task Force (IETF). The security protection can be placed at a number of different levels in the communications stack. However, there are essentially two basic protection approaches that can be used: application protection and transport protection. The Secure Multi-puφose Internet Mail Extension (S/MIME) Standard currently being developed in the IETF is an example of an application protection approach, while the Transport Layer Security (TLS), SSH, and Internet Protocol Security (IPSEC) protocols are for transport protection.
Low level information protection can be beneficial because the services can be provided without requiring any changes to the applications involved. On the other hand, low level protection protocols (e.g., IPSEC protocol) require substantial modifications to the operating systems involved. Furthermore, information that is protected only during transport requires additional protection when the information is ultimately stored at the clients' locations and servers.
In that regard, the S/MIME Standard should be able to provide adequate protection for e-mail messages while they are stored at a user's terminal and/or mail server. For example, the S/MIME protection approach should make it possible to provide e-mail services that are totally open at the Internet and extremely easy to access. As such, it is expected that this model of open but protected information will be one of the more important security models in the future.
The standard Netscape® and Microsoft® e-mail tools support the S/MIME protocol. As such, the S/MIME Standard should provide a way to encrypt MIME information in a way that is flexible and secure. The S/MIME standard will be a combination of public key encryption and symmetric encryption. The symmetric key encryption will be used to encrypt the actual information content in the MIME messages, and the public keys will be used to encrypt the symmetric key used for encryption of the MIME content, or for digitally signing the MIME message. The
S/MBVIE approach will use digital certificates to check the validity of the public keys used.
Secure e-mail approaches such as S/MIME, are based on a point-to-point communication model. In other words, an arbitrary user in a network communicates with another user in the network, and the communication between the two users is secure. Unfortunately, however, such a point-to-point security model does not fit well in a conventional coφorate network architecture. Typically, a coφorate network (e.g., LAN) is an IP-based private network, and its only access to the Internet is through a firewall. Consequently, it is intentionally made difficult to access information in the coφorate network from the other side of the firewall. Furthermore, many users of the coφorate network are not interested in maintaining encryption key information, or to have to look up such key information every time an e-mail message is to be sent to another user in the network. Simply put, it is a relatively difficult problem to implement a point-to- point security model for protecting e-mail in such large organizations as coφorations. However, as described in detail below, the present invention successfully resolves the above-described problems.
SUMMARY OF THE INVENTION
In accordance with the present invention, a method and system are provided for securing private e-mail that can be conveyed to and from a user via an open network such as the Internet. Essentially, the e-mail messages are encrypted with a secure digital envelope type protocol which can be based on the use of digital certificates. An example of such a digital envelope encryption protocol is the S/MIME protocol. As such, a domain-to-user security relationship is used instead of a user-to-user or domain-to-domain security relationship. For example, in a preferred embodiment of the present invention, a mobile radiotelephone user of a coφorate network can have certain incoming e-mail forwarded to an external mail server (e.g., in the Internet). The mail to be forwarded is first encrypted into a secure digital envelope format (e.g.,S/MIME format) with the user's secret key. Consequently, the protected e-mail from the coφorate network can be forwarded to the user via the external mail server (e.g., in the Internet) without compromising security.
An important technical advantage of the present invention is that a mobile user can receive and view secure e-mail via an open network such as the Internet.
Another important technical advantage of the present invention is that a coφorate network user's e-mail can be secured with a maximum of two digital certificates required to obtain such protection.
Still another important technical advantage of the present invention is that the security of a user's e-mail is independent of the mail server used.
BRIEF DESCRIPTION OF THE DRAWINGS A more complete understanding of the method and apparatus of the present invention may be had by reference to the following detailed description when taken in conjunction with the accompanying drawings wherein:
FIGURE 1 is a diagram that illustrates a secure e-mail system and method that can be implemented in accordance with a preferred embodiment of the present invention; and
FIGURE 2 is a flow diagram of a method that can be used for encryption and decryption of e-mail using the S/MEVIE standard in accordance with the preferred embodiment of the present invention.
DETAILED DESCRIPTION OF THE DRAWINGS The preferred embodiment of the present invention and its advantages are best understood by referring to FIGURES 1 -2 of the drawings, like numerals being used for like and corresponding parts of the various drawings. Essentially, in accordance with the present invention, a method and system are provided for securing private e-mail that can be conveyed to and from a user via an open network such as the Internet. The e-mail messages are encrypted with a secure digital envelope type protocol which can be based on the use of digital certificates. An example of such a digital envelope encryption protocol is the S/MIME protocol. As such, a domain-to-user security relationship is used instead of a user-to-user or domain-to-domain security relationship. For example, in a preferred embodiment of the present invention, a mobile radiotelephone user of a coφorate network can have certain incoming e-mail forwarded to an external mail server (e.g., in the Internet). The mail to be forwarded is first encrypted into a secure digital envelope format (e.g., S/MIME format) with the user's secret key. Consequently, the protected e-mail from the coφorate network can be forwarded to the user via the external mail server (e.g., in the Internet) without compromising security. As such, although the present invention is described herein primarily with respect to the protection of e-mail, the present invention can also apply to the protection of any data object, such as, for example, data programs, JAVA programs, or mobile code. Specifically, FIGURE 1 is a diagram that illustrates a secure e-mail system and method that can be implemented in accordance with a preferred embodiment of the present invention. For this embodiment, an exemplary system 10 includes an open or public-access network (e.g., the Internet) and a private network (e.g., a coφorate intranet or LAN). The two networks are typically separated by a firewall 12, which functions primarily to protect and maintain the confidentiality of the information stored in the private network.
The open network includes a mail server 16 (external to the private network). A user (e.g., user of the private network) can access the mail server 16 to receive and view e-mail with a personal computer (PC) or Personal Digital Assistant (PDA) 14. For this exemplary embodiment, the user is preferably a mobile radiotelephone user who can gain access to the mail server 16 over a conventional wireless connection 18. For example, the user's PC (or PDA) 14 can include a speech/data connection to a mobile radiotelephone, such as, for example, a cellular phone. The user's PC (or PDA) 14 can utilize a conventional e-mail application such as Netscape® mail or Microsoft Outlook Express® to forward or receive e-mail to or from the mail server 16 via the connection 18. Nevertheless, although a wireless connection 18 is shown, the scope of the present invention is not intended to be so limited, and can include the use of, for example, a wireline connection, fiber optic connection, etc. However, the use of a wireless connection 18 via a mobile phone is more convenient for a user who is periodically on the move (e.g., in an automobile, train, aircraft, etc.).
For this embodiment, the user's PC (or PDA) 14 is also connected to the coφorate network (generally denoted as 22) via a wireless (or any other appropriate) connection 20. For example, the user' s PC (or PDA) 14 can transfer data via a cellular phone over the wireless connection 20 to a dial-up modem at the coφorate network 22. Additionally, the user's PC 14 can be connected to the coφorate network's
World-Wide Web (WWW) interface 26 via a secure connection 32 (e.g., using the TLS protocol). The primary puφose for this secure connection 32 in the context of FIGURE 1 is to enable the user to formulate and convey an e-mail forwarding policy to the coφorate network 22.
For this exemplary embodiment, the coφorate network 22 includes a mail server 24 (e.g., on a coφorate LAN). The Web interface 26 can be a conventional
Web interface typically used for, among other things, maintaining e-mail forwarding policies responsive to users' directions. The coφorate network 22 also includes a decryption unit 28 for decrypting an incoming e-mail message that has been encrypted using a packet or digital envelope cryptographic protocol (e.g., S/MIME). In this embodiment, the decryption unit 28 preferably includes a software application that can decrypt a secure digital envelope-formatted (e.g., S/MIME-protected) e-mail message conveyed via the connection 20 from the user's PC 14. An encryption unit 30 preferably includes a software application that functions to encrypt an outgoing e-mail message with a secure digital envelope format (e.g., from a MIME format to S/MIME format). The encrypted e-mail messages are coupled from the coφorate network 22 to the external mail server 16 via a conventional data connection 34. For example, the coφorate network 22 can be connected to an Internet mail server (16) via a Public Switched Telephone Network (PSTN) Tl line (34).
In operation (referring to the exemplary embodiment illustrated in FIGURE 1 ), a mobile phone user employs the PC (or PDA) 14 to send a message including e-mail forwarding policy instructions to the Web interface 26. Preferably, the e-mail forwarding policy message is transported via a secure connection 32 (e.g., using TLS, IPSEC or any other appropriate secure transport protocol) to the Web interface 26. This mail forwarding policy predetermines which e-mail messages are to be transported from the coφorate network 22, and to what address (e.g., to the external mail server 16). For example, the user's e-mail forwarding policy can include instructions to forward all incoming e-mail messages from the coφorate LAN to the external mail server, or just to forward certain e-mail messages only (e.g., just those arriving from a specific set of addresses, or having a certain priority). As such, the user's e-mail forwarding policy actually selected can be a matter of personal (or coφorate) choice. At this point, it is useful to describe in general how a secure digital envelope format can be used to implement the present invention. A secure digital envelope is a message, or information string, packed into a certain format to provide confidentiality, and/or integrity, and/or non-repudiation. In order to transform any clear-text message into a protected digital envelope format, a combination of symmetric and asymmetric cryptographic functions can be used. Unlike most secure data transport protocols, a digital envelope can be used for off-line decryption and integrity-checking. Once transformed into a secure cryptographic envelope format, a secure message can be decrypted and checked at any time by anyone who possesses a correct secret key. As mentioned earlier, the S/MIME standard is an example of a secure digital envelope format.
As an exemplary type of secure digital envelope format that can be used to implement the present invention, the S/MIME standard can provide confidentiality and/or integrity and non-repudiation protection for MIME messages. Encrypting a MIME message with a secret symmetric key provides confidentiality for the message, while using a digital signature provides integrity and non-repudiation for the message. In accordance with the S/MEVIE standard, a message can just be encrypted, just signed, or both encrypted and signed. The following description illustrates an exemplary method that can be used with the S/MIME standard to provide confidentiality, integrity and non-repudiation protection for a MIME message to be sent from one user to another.
For example, assume that a user, A, wants to send a MIME message, M, to an arbitrary user, B, using the S/MEVIE standard. Let "g" represent a public key encryption algorithm used for encryption so that for a public key pair, Kjpublic and K_secret, an arbitrary message, L, will be encrypted as, L'=g(K_public,L), and decrypted as, L=g'(K_secret,L'). Let "e" represent a public key algorithm used for signing so that for a public key pair, K_public and K_secret, a short message, L, will be signed as S=e(K_secret,L). Let S '=e'(K_public,S). As such, an arbitrary signature, S, for the message, L, is valid if and only if S '=S. Let "h" represent a one-way hash function so that for any message, M, the function h(M) equals a 128 bit value, and that given M and h(M), it is computationally infeasible to find any other message, M ' , such that h(M')=h(M). Given these exemplary conditions, a method that can be used for encryption and decryption using the S/MEVIE standard in accordance with the preferred embodiment of the present invention, is shown in FIGURE 2.
Referring to the assumptions and conditions described above and the exemplary method 200 shown in FIGURE 2, at step 201 , user A (e.g., A's terminal) searches for a public encryption key, K_publicB, for user B. For example, such a key can be contained in a digital certificate signed by a trusted third party. At step 202, user A generates a random value for a key, K_s. At step 203, user A encrypts the message, M, using the key, K_s, and a symmetric encryption algorithm f, as C=f(K_s,M). At step 104, user A encrypts the key, K_s as K'=g(K_publicB,K_s). At step 105, user A holds the public key pair, K_publicA,K_secretA, to be used for signing messages. User A then computes a digital hash for the cipher text C, as C ' =h(C), and uses the key, K_secretA, to sign C ' as, S=e(K_secretA,C')=e(K_secretA,h(C)). At step 206, user A (e.g., A's terminal) sends the message, (K',S,C), to user
B together with a digital certificate (e.g., signed by a trusted third party) which contains the key, K_publicA. At step 207, user B (e.g., B's terminal) receives the message, (K',S,C), together with a certificate which contains the public key, K_publicA. At step 208, user B checks the signature of the certificate with the key, K_publicA. At step 209, if user B determines that the signature is correct, user B accepts the key, K_publicA, as the public signing key of user A. Otherwise, if the signature is incorrect, then user B considers the message (K',S,C) as invalid and can disregard the communication.
At step 210, user B calculates S'=e'(K_publicA,h(C)). At step 211, if user B determines that S'=S, then user B accepts the message (K'S,C) as a valid message from A. Otherwise, user B considers the message as invalid. At step 212, user B calculates K_s=(K_secretB,K'). At step 213, user B decrypts C as M=f (K_s,C), and thus obtains the message, M, originally from user A.
Returning to FIGURE 1 , and in the context of the preferred embodiment of the present invention, the e-mail to be forwarded (in accordance with the user's predetermined mail forwarding policy) from the coφorate network (LAN) 22 to the external network's (Internet) mail server 16 is first encrypted. For example, in this exemplary embodiment, the e-mail messages stored in the coφorate network's mail server 24 are maintained in the MEVIE format. As such, using the exemplary method 200 described above, the encryption unit 30 can encrypt each e-mail message to be forwarded to the external mail server into an S/MEVIE format. If the user is employing a PDA (14) instead of a PC, the encryption unit 30 can encrypt the e-mail to be forwarded into the S/MEVIE format using symmetric keys shared between the network mail server 24 and the user's PDA 14. A digital certificate can be used to assure the integrity and non-repudiation of the message. The S/MEVIE encrypted e-mail messages are transmitted from the network 22 to the external mail server 16 via the conventional connection 34. The encrypted e- mail is then maintained in the user's mailbox at the external mail server, until the user requests the mail for delivery to the PC (or PDA) 14. Using a conventional mail tool (e.g., Netscape mail or Microsoft's Outlook Express), the user's PC (or PDA) 14 can retrieve the encrypted mail from the external mail server 16 via the connection 18.
Using the exemplary method 200 described above, the user's PC 14 can check the signature of the certificate and decrypt the mail from the S/MEVIE format to the MIME format. If a PDA (14) is used, it decrypts the received mail.
The mobile user can also transmit encrypted e-mail messages from the PC (or PDA) 14 to the network 22. For this embodiment, using the same method 200, the user's PC (or PDA) 14 encrypts the e-mail to be forwarded to the network 22 from the MEVIE format to an S/MEVIE format, mail server 22. The encrypted e-mail message (and a digital certificate associated with the mail server 22) is transmitted from the PC 14 to the decryption unit 28 via connection 20. The decryption unit 28 checks the digital certificate and then decrypts the received e-mail message from the S/MEVIE format to the MEVIE format. Notably, as opposed to the S/MEVIE approaches now under consideration, the present invention requires the use of only two digital certificates for authentication: the user's certificate for encrypted mail forwarded to the external mail server; and the coφorate mail server's certificate for encrypted mail forwarded to the coφorate network's mail server. A conventional Certificate
Management System can be used in the coφorate network's mail server 24 to handle both the issuance of digital certificates and the publication of the revocation of such certificates, if so required.
In accordance with a second embodiment of the present invention, one or more e-mail mailing lists can be implemented and secured. For example, mailing lists currently are useful for large groups of people having some common interests in communicating by e-mail. In order to subscribe to a mailing list, a person can send certain subscription e-mail containing the e-mail messages intended for communication to a mailing list e-mail server. The subscription e-mail can contain the e-mail address where the subscriber desires to receive e-mail from the mailing list. All mail received by the mailing list server is forwarded to all mail addresses of subscribers to the list. At present, anyone who wishes to subscribe to an e-mail list may do so. As such, the only identity related to a subscriber is that subscriber's e-mail address. However, a problem is that e-mail address could be an anonymous address. In other words, it is currently not possible for a mailing list administrator to prevent malicious use of the list by certain subscribers. Moreover, all e-mail messages currently being sent to and from mailing list servers are sent in clear text. However, the secure e-mail gateway provided by the present invention can be used to prevent such problems.
For example, in accordance with the preferred embodiment of the present invention, the MEVIE to S/MEVIE (or S/MEVIE to MEVIE) e-mail gateway (e.g., units
24-30) can be used as a mailing list server. By requiring that all subscription messages be sent in S/MEVIE, for example, and be signed with a valid signature and certificate, the identity of the subscriber can be determined before allowing the subscriber to enter the mailing list in the server. By requiring that all messages sent to the mailing list server be encrypted with the gateway' s key and signed by the user, the confidentiality and integrity of the mail received by the gateway 22 can be ensured. Before forwarding mail, the gateway 22 can encrypt the e-mail by using the receiver's certificate. Consequently, all messages sent to and from the mailing list (server) will be protected. A preferred embodiment of the method and apparatus of the present invention has been illustrated in the accompanying Drawings and described in the foregoing Detailed Description, it will be understood that the invention is not limited to the embodiment disclosed, but is capable of numerous rearrangements, modifications and substitutions without departing from the spirit of the invention as set forth and defined by the following claims.

Claims

WHNT IS CLAIMED IS:
1. A system for protecting a data object to be delivered to a user of a private network via an open network, comprising: a first server associated with said private network; an encryption unit coupled to said first server, for encrypting said data object intended for said user; and a second server associated with said open network, said second server coupled to said encryption unit and said first server, said second server including means for delivering said encrypted data object to said user.
2. The system of Claim 1 , wherein said data object comprises an e-mail message.
3. The system of Claim 1 , wherein said first server comprises a first mail server.
4. The system of Claim 3, wherein said second server comprises a second mail server.
5. The system of Claim 1, wherein said private network comprises a coφorate LAN.
6. The system of Claim 1, wherein said open network comprises the Internet.
7. The system of Claim 1 , wherein said encryption unit includes means for encrypting said data object to an S/MEVIE format.
8. The system of Claim 7, wherein said data object is encrypted with a secret symmetric key associated with said user.
9. The system of Claim 1, wherein said encryption unit includes means for encrypting said data object using a packet or digital envelope cryptographic protocol.
10. The system of Claim 1 , further comprising: a decryption unit coupled to said first server, for decrypting a data object received from said user.
11. The system of Claim 10, wherein said data object comprises an e-mail message.
12. The system of Claim 11 , wherein said decryption unit includes means for decrypting said e-mail message from an S/MIME format to a MEVIE format.
13. The system of Claim 11, wherein said e-mail message is decrypted using a secret key associated with said first mail server.
14. The system of Claim 1, further comprising means for formulating a policy for forwarding an e-mail message from said first server to said second server.
15. The system of Claim 1 , wherein said first server comprises a mailing list server.
16. A method for protecting a data object to be delivered to a user of a private network via an open network, comprising the steps of: in said private network, encrypting said data obj ect with a secret key associated with said user; in accordance with a predetermined forwarding policy, forwarding said encrypted data object to a server in said open network; said server delivering said encrypted data object to said user; and decrypting said encrypted data object using said secret key.
17. The method of Claim 16, wherein said data object comprises an e-mail message.
18. The method of Claim 16, wherein said server comprises a mail server.
19. The method of Claim 16, wherein said private network comprises a coφorate LAN.
20. The method of Claim 16, wherein said open network comprises the Internet.
21. The method of Claim 16, wherein said encrypting step comprises encrypting said data object to an S/MEVIE format.
22. The method of Claim 16, wherein said encrypting step comprises encrypting said data object using a packet or digital envelope cryptographic protocol.
23. The method of Claim 16, further comprising the step of decrypting a data object received from said user.
24. The method of Claim 23, wherein said data object comprises an e-mail message.
25. The method of Claim 24, wherein said decrypting step comprises decrypting said e-mail message from an S/MEVIE format to a MEVIE format.
26. The method of Claim 25, wherein said decrypting step comprises decrypting said e-mail message with a secret key associated with a mail server in said private network.
27. The method of Claim 16, further comprising the step of formulating a policy for forwarding said data object from a first mail server in said private network to a second mail server in said open network.
28. The method of Claim 16, wherein said private network comprises a mailing list server.
29. A system for providing secure access to a data object intended for a user of a private network via an open network, said system comprising: a gateway associated with said private network, said gateway configured to forward said data object intended for said user in accordance with a forwarding policy of said user; an encryption unit coupled to said gateway for encrypting said data object to be forwarded; and an external server associated with said open network for storing said encrypted data object forwarded from said private network, said external server enabling access to said encrypted data object by said user via said open network.
EP99958570A 1998-11-24 1999-11-08 Method and system for securing data objects Withdrawn EP1133854A1 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US19882298A 1998-11-24 1998-11-24
US198822 1998-11-24
PCT/SE1999/002021 WO2000031931A1 (en) 1998-11-24 1999-11-08 Method and system for securing data objects

Publications (1)

Publication Number Publication Date
EP1133854A1 true EP1133854A1 (en) 2001-09-19

Family

ID=22735007

Family Applications (1)

Application Number Title Priority Date Filing Date
EP99958570A Withdrawn EP1133854A1 (en) 1998-11-24 1999-11-08 Method and system for securing data objects

Country Status (4)

Country Link
EP (1) EP1133854A1 (en)
CN (1) CN1328735A (en)
AU (1) AU1590900A (en)
WO (1) WO2000031931A1 (en)

Families Citing this family (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020049818A1 (en) * 1998-05-29 2002-04-25 Gilhuly Barry J. System and method for pushing encrypted information between a host system and a mobile data communication device
US6463463B1 (en) 1998-05-29 2002-10-08 Research In Motion Limited System and method for pushing calendar event messages from a host system to a mobile data communication device
US6219694B1 (en) 1998-05-29 2001-04-17 Research In Motion Limited System and method for pushing information from a host system to a mobile data communication device having a shared electronic address
WO2002052798A2 (en) 2000-12-22 2002-07-04 Research In Motion Limited Wireless router system and method
GB2372413A (en) * 2001-02-20 2002-08-21 Hewlett Packard Co Digital credential exchange
US8406389B2 (en) 2001-03-09 2013-03-26 Research In Motion Limited Advanced voice and data operations in a mobile data communication device
CA2641610C (en) 2001-03-09 2010-09-14 Research In Motion Limited Advanced voice and data operations in a mobile data communication device
WO2002093849A2 (en) * 2001-05-16 2002-11-21 Kasten Chase Applied Research Limited System for secure electronic information transmission
US7546453B2 (en) 2001-06-12 2009-06-09 Research In Motion Limited Certificate management and transfer system and method
EP1410293A2 (en) 2001-06-12 2004-04-21 Research In Motion Limited System and method for compressing secure e-mail for exchange with a mobile data communication device
CN1653459B (en) 2001-06-12 2010-12-15 捷讯研究有限公司 System and method for processing encoded messages for exchange with a mobile data communication device
KR20020094782A (en) * 2001-06-13 2002-12-18 엘지전자 주식회사 Multiple e-mail account management method using mobile communication device
US20040205248A1 (en) 2001-07-10 2004-10-14 Herbert A Little System and method for secure message key caching in a mobile communication device
ES2315379T3 (en) * 2001-08-06 2009-04-01 Research In Motion Limited SYSTEM AND METHOD FOR THE TREATMENT OF CODED MESSAGES.
EP1633094B1 (en) * 2001-10-25 2007-03-28 Research In Motion Limited Multiple-stage system and method for processing encoded messages
EP1438814B1 (en) 2001-10-25 2005-12-14 Research In Motion Limited Multiple-stage system and method for processing encoded messages
CA2642320A1 (en) * 2002-03-20 2003-09-25 Research In Motion Limited System and method for supporting multiple certificate status providers on a mobile communication device
US7272716B2 (en) * 2002-08-30 2007-09-18 Sap Aktiengesellschaft Enterprise secure messaging architecture
US7836131B2 (en) 2002-10-25 2010-11-16 Sierra Wireless, Inc. Redirection of notifications to a wireless user device
US7251823B2 (en) * 2002-12-17 2007-07-31 Sierra Wireless, Inc. Enterprise access configuration
EP1478143B1 (en) * 2003-08-07 2005-10-05 Onaras AG Method and device for secure e-mail transmission
CN1323508C (en) * 2003-12-17 2007-06-27 上海市高级人民法院 A Single Sign On method based on digital certificate
US9094429B2 (en) 2004-08-10 2015-07-28 Blackberry Limited Server verification of secure electronic messages
JP2006319702A (en) * 2005-05-13 2006-11-24 Murata Mach Ltd Electronic mail server apparatus
US7953971B2 (en) 2005-10-27 2011-05-31 Research In Motion Limited Synchronizing certificates between a device and server
US8355701B2 (en) 2005-11-30 2013-01-15 Research In Motion Limited Display of secure messages on a mobile communication device
US8135645B2 (en) 2005-12-06 2012-03-13 Microsoft Corporation Key distribution for secure messaging
CN101072093B (en) * 2006-05-12 2010-11-24 中兴通讯股份有限公司 Short message content protection system and method
US7814161B2 (en) 2006-06-23 2010-10-12 Research In Motion Limited System and method for handling electronic mail mismatches
WO2008046246A1 (en) * 2006-10-18 2008-04-24 Kamfu Wong System and method for preventing spam by using pay-charge-contribution and authentication means
US8179872B2 (en) 2007-05-09 2012-05-15 Research In Motion Limited Wireless router system and method
US7949355B2 (en) 2007-09-04 2011-05-24 Research In Motion Limited System and method for processing attachments to messages sent to a mobile device
CN103428077B (en) * 2013-08-22 2016-08-17 北京明朝万达科技股份有限公司 A kind of method and system being safely receiving and sending mails

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1997000471A2 (en) * 1993-12-15 1997-01-03 Check Point Software Technologies Ltd. A system for securing the flow of and selectively modifying packets in a computer network
US5864683A (en) * 1994-10-12 1999-01-26 Secure Computing Corporartion System for providing secure internetwork by connecting type enforcing secure computers to external network for limiting access to data based on user and process access rights
US5862220A (en) * 1996-06-03 1999-01-19 Webtv Networks, Inc. Method and apparatus for using network address information to improve the performance of network transactions
US6104716A (en) * 1997-03-28 2000-08-15 International Business Machines Corporation Method and apparatus for lightweight secure communication tunneling over the internet

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO0031931A1 *

Also Published As

Publication number Publication date
CN1328735A (en) 2001-12-26
WO2000031931A1 (en) 2000-06-02
AU1590900A (en) 2000-06-13

Similar Documents

Publication Publication Date Title
WO2000031931A1 (en) Method and system for securing data objects
US10313135B2 (en) Secure instant messaging system
US6904521B1 (en) Non-repudiation of e-mail messages
EP1410601B1 (en) System and method for secure message key caching in a mobile communication device
ES2315379T3 (en) SYSTEM AND METHOD FOR THE TREATMENT OF CODED MESSAGES.
US7325127B2 (en) Security server system
US6988199B2 (en) Secure and reliable document delivery
US7277549B2 (en) System for implementing business processes using key server events
US7376835B2 (en) Implementing nonrepudiation and audit using authentication assertions and key servers
US7196807B2 (en) Encrypted e-mail message retrieval system
US6084969A (en) Key encryption system and method, pager unit, and pager proxy for a two-way alphanumeric pager network
EP1536601B1 (en) Encryption method and system for emails
US20030115448A1 (en) Methods and apparatus for securely communicating a message
US20060020799A1 (en) Secure messaging
JP2003503901A (en) User information security apparatus and method in mobile communication system in Internet environment
EP1387239B1 (en) Secure messaging
Gabber et al. On secure and pseudonymous client-relationships with multiple servers
JPH07170280A (en) Local area network
EP1437024B1 (en) Method and arrangement in a communications network
JP3803522B2 (en) E-mail server system
US20070079114A1 (en) Method and system for the communication of a message as well as a suitable key generator for this
CA2649100C (en) Systems and methods for server aided processing of a signed receipt
JP2001094600A (en) Message transfer node and network

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20010530

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

AX Request for extension of the european patent

Free format text: AL;LT;LV;MK;RO;SI

RIN1 Information on inventor provided before grant (corrected)

Inventor name: GEHRMANN, CHRISTIAN

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)

RBV Designated contracting states (corrected)

Designated state(s): DE FR GB

17Q First examination report despatched

Effective date: 20060922

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20070203