What technology area does this patent fall under?

Primary CPC classification H04L63/08. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Oct 15 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Systems and methods for controlling email access

US12120077B2 · US · B2

Patent metadata
Field	Value
Publication number	US-12120077-B2
Application number	US-202016867780-A
Country	US
Kind code	B2
Filing date	May 6, 2020
Priority date	Dec 6, 2012
Publication date	Oct 15, 2024
Grant date	Oct 15, 2024

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Embodiments of the disclosure relate to proxying at least one email resource from at least one email service to at least one client device, determining whether the email resources are accessible to the client devices via at least one unauthorized application on the client devices, and modifying the email resources to be inaccessible via the unauthorized applications on the client devices in response to a determination that the email resources are accessible via the unauthorized applications on the client devices.

First claim

Opening claim text (preview).

The invention claimed is: 1. A method performed by an access control server to manage a client device's access to content associated with email messages provided by an email server, the access control server being configured to execute as a proxy between the email server and the client device for the email messages, the method comprising: obtaining from the email server, an email message for transmission to the client device; determining according to at least one resource rule including an access-type resource rule, to restrict the client device's access to the obtained email message based on a presence of an unauthorized application running on the client device that can access email messages transmitted to the client device; in response to determining to restrict the client device's access, encrypting at least a portion of the obtained email message to generate a modified email message, the at least a portion of the obtained email message comprising a body of the obtained email message, wherein an authorized application on the client device has a cryptographic key for decrypting the modified email message, the cryptographic key being inaccessible to the unauthorized application; and transmitting the modified email message to the client device. 2. The method of claim 1 , further comprising: transmitting the cryptographic key to the authorized application to enable the authorized application to decrypt the modified email message. 3. The method of claim 1 , wherein the at least one resource rule includes a content-type resource rule, the method further comprising: determining that text specified by the content-type resource rule is included in the obtained email message; and based on determining that the specified text is included, transmitting the modified email message to the client device using a secure transmission protocol. 4. The method of claim 1 , wherein the at least one resource rule specifies as a credential for accessing the modified email message: a domain, a username, or an email address. 5. The method of claim 1 , wherein the at least a portion of the obtained email message further comprises an email attachment, the method further comprising: encrypting the email attachment from the obtained email message to generate a modified attachment; and including the modified attachment as an attachment to the modified email message transmitted to the client device. 6. The method of claim 1 , wherein the at least one resource rule includes a format-type resource rule specifying an encoding format, and wherein based on the format-type resource rule, the at least a portion of the obtained email message is encrypted according to the encoding format. 7. The method of claim 1 , wherein the at least one resource rule includes an attachment-type resource rule, the method further comprising: based on the attachment-type resource rule, stripping an attachment from the obtained email message before generating the modified email message from the obtained email message. 8. A non-transitory computer-readable medium comprising a program which, when executed by a processor of an access control server that is configured to execute as a proxy between an email server and a client device that accesses content associated with email messages provided by the email server, causes the processor to at least: obtain from the email server, an email message for transmission to the client device; determine according to at least one resource rule including an access-type resource rule, to restrict the client device's access to the obtained email message based on a presence of an unauthorized application running on the client device that can access email messages transmitted to the client device; in response to determining to restrict the client device's access, encrypt at least a portion of the obtained email message to generate a modified email message, the at least a portion of the obtained email message comprising a body of the obtained email message, wherein an authorized application on the client device has a cryptographic key for decrypting the modified email message, the cryptographic key being inaccessible to the unauthorized application; and transmit the modified email message to the client device. 9. The non-transitory computer-readable medium of claim 8 , wherein the program, when executed by the processor, further causes the processor to at least: transmit the cryptographic key to the authorized application to enable the authorized application to decrypt the modified email message. 10. The non-transitory computer-readable medium of claim 8 , wherein the at least one resource rule includes a content-type resource rule, and wherein the program, when executed by the processor, further causes the processor to at least: determine that text specified by the content-type resource rule is included in the obtained email message; and based on determining that the specified text is included, transmit the modified email message to the client device using a secure transmission protocol. 11. The non-transitory computer-readable medium of claim 8 , wherein the at least one resource rule specifies as a credential for accessing the modified email message: a domain, a username, or an email address. 12. The non-transitory computer-readable medium of claim 8 , wherein the at least a portion of the obtained email message further comprises an email attachment, and wherein the program, when executed by the processor, further causes the processor to at least: encrypt the email attachment from the obtained email message to generate a modified attachment; and include the modified attachment as an attachment to the modified email message transmitted to the client device. 13. The non-transitory computer-readable medium of claim 8 , wherein the at least one resource rule includes a format-type resource rule specifying an encoding format, and wherein based on the format-type resource rule, the at least a portion of the obtained email message is encrypted according to the encoding format. 14. The non-transitory computer-readable medium of claim 8 , wherein the at least one resource rule includes an attachment-type resource rule, and wherein the program, when executed by the processor, further causes the processor to at least: based on the attachment-type resource rule, strip an attachment from the obtained email message before generating the modified email message from the obtained email message. 15. An access control server configured to execute as a proxy between an email server and a client device that accesses content associated with email messages provided by the email server, wherein the access control server includes a processor configured to execute instructions from a non-transitory computer-readable medium to at least: obtain from the email server, an email message for transmission to the client device; determine according to at least one resource rule including an access-type resource rule, to restrict the client device's access to the obtained email message based on a presence of an unauthorized application running on the client device that can access email messages transmitted to the client device; in response to determining to restrict the client device's access, encrypt at least a portion of the obtained email message to generate a modified email message, the at least a portion of the obtained email message comprising a body of the obtained email message, wherein an authorized application on the client device has a cryptographic key for decrypting the modified email message, the cryptographic key being inaccessible to the un

Assignees

Inventors

Stuntebeck Erich

Classifications

H04L63/0428
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
G06Q10/107
Computer-aided management of electronic mailing [e-mailing] · CPC title
H04L63/101
Access control lists [ACL] · CPC title
H04L63/08Primary
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
H04L63/10
for controlling access to devices or network resources · CPC title

Patent family

Related publications grouped by family.

View patent family 50882572

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US12120077B2 cover?: Embodiments of the disclosure relate to proxying at least one email resource from at least one email service to at least one client device, determining whether the email resources are accessible to the client devices via at least one unauthorized application on the client devices, and modifying the email resources to be inaccessible via the unauthorized applications on the client devices in res…
Who is the assignee on this patent?: Airwatch Llc, Omnissa Llc
What technology area does this patent fall under?: Primary CPC classification H04L63/08. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Oct 15 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).