View All Documents & Correspondence
A Method And System For Transmitting And Receiving Secure Emails In A Web Mailing System Using Secure Processing Device
Abstract: ABSTRACT A method and system for transmitting and receiving secure emails in a web mailing system using secure processing device The present invention mainly relates to web mailing system and particularly to a method and system for transmitting and receiving secure emails in a web mailing system. In one embodiment, the method comprising: receiving a plurality of user details at a web mail client device by at least one secure processing device, generating security credentials based on the received user details at the web mail client device, the generated security credentials including a unique mail access code for each user corresponding to the secure processing device and storing the unique mail access code at the secure processing device, prompting the user to provide their unique mail access code before sending a mail, matching the user provided mail access code with the mail access code stored at the secure processing device and allowing the user to secure the mail at the client side before it reaches the application server. Figure 6 (for publication)
Notices, Deadlines & Correspondence
Patent Information
Applicants
BHARAT ELECTRONICS LIMITED
Inventors
1. NAGASHREE KOPPA RAVINDRA
2. THIRUMAL KUMAR KANAKURTHI
3. AKILA MANICKAM
Specification
Claims:We Claim:
1. A method for transmitting and receiving secure emails in a web mailing system, the method comprising:
receiving a plurality of user details at a web mail client device by at least one secure processing device;
generating security credentials based on the received user details at the web mail client device, the generated security credentials including a unique mail access code for each user corresponding to the secure processing device and storing the unique mail access code at the secure processing device;
prompting the user to provide their unique mail access code before sending a mail;
matching the user provided mail access code with the mail access code stored at the secure processing device; and
allowing the user to perform the secure mailing operation.
2. The method as claimed in claim 1, further comprising:
notifying the user that the secure mailing operation cannot be performed, if the provided mail access code does not match with the mail access code stored at the secure processing device.
3. The method as claimed in claim 1, further including executing a client component on the web mail client device which further invokes a communication module in order to convert the user mail data into a format understandable by the secure processing device.
4. The method as claimed in claim 3, wherein the communication module sends the mail data to the secure processing device to secure the mail data.
5. The method as claimed in claim 4, wherein the secure processing device sends the secured data to the client component which constructs the secure mail packet and forward the same to an application server and further to a mail server.
6. The method as claimed in claim 1, wherein all mail users are provided with secure processing device consisting of their security credentials to ensure that the security credentials need not be transmitted over the network.
7. The method as claimed in claim 3, wherein the client component is executed on the web mail client device thereby ensuring that securing of mail data happens on the client device in web mailing system.
8. The method as claimed in claim 3, wherein the securing of data within the secure processing device ensures that secure data is sent out of the secure processing device to the client system. Thereby the data going out of the client system is secure.
9. A system for transmitting and receiving secure emails in a web mailing system over a network, the system comprising:
a plurality of web mail client device, each web mail client device coupled to at least one secure processing device; at least one application server, at least one mail server and at least one directory server, wherein the web mail client device including the secure processing device, the application server, the mail server and the directory server are configured for:
receiving a plurality of user details at the web mail client device by the corresponding users’ secure processing device;
generating security credentials based on the received user details at the web mail client device, the generated security credentials including a unique mail access code for each user corresponding to the secure processing device and storing the unique mail access code at the secure processing device;
prompting the user to provide their unique mail access code before sending a mail;
matching the user provided mail access code with the mail access code stored at the secure processing device;
if the mail access code of the user matches with the mail access code stored at the secure processing device of the corresponding user, the user is allowed to perform the secure mailing operation, else the user is notified that the secure mailing operation cannot be performed.
10. The system as claimed in claim 9, wherein the secure operation on the data happen within the secure processing device connected to the web mail client device, and wherein the storage of security credentials within the secure processing device ensures that credentials need not be stored on any client or server.
11. The system as claimed in claim 9, wherein the secure processing device including a credential generation and storage system in which mail user’s security credentials are generated. , Description:FORM 2
THE PATENTS ACT, 1970
(39 of 1970)
&
THE PATENTS RULES, 2003
COMPLETE SPECIFICATION
(See section 10, rule 13)
“A method and system for transmitting and receiving secure emails in a web mailing system using secure processing device”
By
BHARAT ELECTRONICS LIMITED
Nationality: Indian
M/s. Bharat Electronics Limited, Corporate Office, Outer Ring Road, Nagavara, Bangalore-560045, Karnataka, India
The following specification particularly describes the invention and the manner in which it is to be performed.
Field of the invention
The present invention mainly relates to web mailing system and more particularly to a method and system for effectively using secure features in web client by performing secure functionalities within the secure processing device coupled to client system.
Background of the invention
Webmail (or web-based email) is well known in the art which is an email available for use online and stored in an Internet server mailbox. These are usually free email accounts that are operated from a website based on a store-and-forward model. Emails may contain text, audio, video and graphics. Examples of webmail software are Roundcube and SquirrelMail. Examples of webmail providers are AOL Mail, Gmail, Outlook.com and Yahoo! Mail. As with any web application, webmail's main advantage over the use of a desktop email client is the ability to send and receive email anywhere from a web browser. Its main disadvantage is the need to be connected to the internet while using it.
In an office, users may exchange emails with other users on various topics such as project specific information, strategic plans, company confidential information, sensitive data apart from routine meetings, schedules etc. When sensitive/classified information is exchanged over email, the security of information becomes the prime concern in any organization and hence it is very crucial to secure mails.
However in the currently existing mailing systems, emails are prone to disclosure of information due to cyber-attacks, persons other than the designated recipients can read the email contents.
Email protection is securing of email messages to protect the content from being read by other entities than the intended recipients. To protect the email it may also include authentication. It can rely on public-key infrastructure, in which users can each publish a certificate that others can use to secure messages, while keeping secret credential they can use to verify such messages or to digitally secure and verify messages they send. Protocols for email securing include: Bit message, OpenPGP, S/MIME, and TLS.
Another way to provide protection is by securing Mail sessions. The STARTTLS SMTP extension is a TLS (SSL) layer on top of the SMTP connection. While it protects traffic from being sniffed during transmission, it is technically not securing of emails because the content of messages is revealed to, and can be altered by, intermediate email relays. In other words, the securing takes place between individual SMTP relays, not between the sender and the recipient. When both relays support STARTTLS, it may be used regardless of whether the email's contents are secured using another protocol.
For example, document US7401356B2 describes an e-mail firewall for screening e-mail messages originating in, or entering into a computer network. Embodiments employing the principles of the present invention advantageously take the form of an e-mail control system that controls e-mail messages transmitted from and received by a computing site. The e-mail control system includes a message encryptor, which encrypts, in accordance with at least a first stored encryption key, a first designated type of message transmitted from the computing site. A message decryptor decrypts, in accordance with at least a second stored encryption key, a second designated type of message, which is received by the computing site. A filter monitors messages, after decryption by the decryptor and before encryption by the encryptor, in accordance with changeable filter information.
Another, document US 6584564 B2 describes a secure email system permitting a sender to send a secure email to one or more receivers. The sender employs a sending unit having a software module to compose the secure email, to send data about it to a security server, to receive back from that security server a message key for encrypting the secure email and for sending it conventionally to an email server. The receivers employ receiving units also having software module to receive the secure email to send data about it to the security server and to receive back from the security server the message key for decrypting the secure email.
Further, documentUS20060053280A1 describes a method and a system for securely transmitting email messages between registered users of the system. Each registered user has a personal key and a server key, which are a complementary pair of keys that may be used to encrypt data. The personal key is transmitted to the registered user, possibly as part of a security certificate. Each registered user’s email client operating on the registered user’s communication device, such as a personal computer, digital cell phone, personal digital assistant or other device, is configured to encrypt secure email messages using the registered user’s personal key and to transmit them through the secure email server. The email client is also configured to decrypt secure email messages received from the secure email server using the registered user’s personal key. The user maintains the personal key securely as a private key, so that it is not available to third parties.
In the conventional web mailing systems, security credentials are stored on the application server. Usually in web based email system, emails are composed at the client and transmitted to the application server via TLS/SSL channel. This addresses only session level encryption and not mail security for which sender/receiver security credentials are required. Since in web based e-mailing system the sender/receiver security credentials are most often stored in application server, an attacker can get access to these security credentials and can read the message.
Therefore there is a need in the art with method and system for providing secure functionalities within the secure processing device at the web client.
Summary of the Invention
An aspect of the present invention is to address at least the above-mentioned problems and/or disadvantages and to provide at least the advantages described below.
Accordingly, in one aspect the present invention relates to a method for transmitting and receiving secure emails in a web mailing system, the method comprising: receiving a plurality of user details at a web mail client device by at least one secure processing device, generating security credentials based on the received user details at the web mail client device, the generated security credentials including a unique mail access code for each user corresponding to the secure processing device and storing the unique mail access code at the secure processing device, prompting the user to provide their unique mail access code before sending a mail, matching the user provided mail access code with the mail access code stored at the secure processing device and allowing the user to perform the secure mailing operation.
In another aspect, the present invention relates to a system for transmitting and receiving secure emails in a web mailing system over a network, the system comprising: a plurality of web mail client device, each web mail client device coupled to at least one secure processing device; at least one application server, at least one mail server and at least one directory server, wherein the web mail client device including the secure processing device, the application server, the mail server and the directory server are configured for receiving a plurality of user details at the web mail client device by the corresponding user’s secure processing device, generating security credentials based on the received user details at the web mail client device, the generated security credentials including a unique mail access code for each user corresponding to the secure processing device and storing the unique mail access code at the secure processing device, prompting the user to provide their unique mail access code before sending a mail, matching the user provided mail access code with the mail access code stored at the secure processing device, if the mail access code of the user matches with the mail access code stored at the secure processing device of the corresponding user, the user is allowed to perform the secure mailing operation, else the user is notified that the secure mailing operation cannot be performed.
Other aspects, advantages, and salient features of the invention will become apparent to those skilled in the art from the following detailed description, which, taken in conjunction with the annexed drawings, discloses exemplary embodiments of the invention.
Brief description of the drawings
The above and other aspects, features, and advantages of certain exemplary embodiments of the present invention will be more apparent from the following description taken in conjunction with the accompanying drawings in which:
Figure 1 shows a prior art scheme of web mailing system.
Figure 2 shows an arrangement of web mailing system according to one embodiment of the present invention.
Figure 3 shows a block diagram of a mail processing system implemented on a web based server setup according to one embodiment of the present invention.
Figure 4 shows a block diagram illustrating the complete mailing process using secure processing device according to one embodiment of the present invention.
Figure 5 shows the flow diagram of Credential generation and storage system according to one embodiment of the present invention.
Figure 6 shows the flow diagram of sending secure mails from the mail client according to one embodiment of the present invention.
Persons skilled in the art will appreciate that elements in the figures are illustrated for simplicity and clarity and may have not been drawn to scale. For example, the dimensions of some of the elements in the figure may be exaggerated relative to other elements to help to improve understanding of various exemplary embodiments of the present disclosure. Throughout the drawings, it should be noted that like reference numbers are used to depict the same or similar elements, features, and structures.
Detailed description of the invention
The following description with reference to the accompanying drawings is provided to assist in a comprehensive understanding of exemplary embodiments of the invention as defined by the claims and their equivalents. It includes various specific details to assist in that understanding but these are to be regarded as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. In addition, descriptions of well-known functions and constructions are omitted for clarity and conciseness.
The terms and words used in the following description and claims are not limited to the bibliographical meanings, but, are merely used by the inventor to enable a clear and consistent understanding of the invention. Accordingly, it should be apparent to those skilled in the art that the following description of exemplary embodiments of the present invention are provided for illustration purpose only and not for the purpose of limiting the invention as defined by the appended claims and their equivalents.
It is to be understood that the singular forms “a,” “an,” and “the” include plural referents unless the context clearly dictates otherwise. Thus, for example, reference to “a component surface” includes reference to one or more of such surfaces.
By the term “substantially” it is meant that the recited characteristic, parameter, or value need not be achieved exactly, but that deviations or variations, including for example, tolerances, measurement error, measurement accuracy limitations and other factors known to those of skill in the art, may occur in amounts that do not preclude the effect the characteristic is intended to provide.
Figs. 1 through 6, discussed below, and the various embodiments used to describe the principles of the present disclosure in this patent document are by way of illustration only and should not be construed in any way that would limit the scope of the disclosure. Those skilled in the art will understand that the principles of the present disclosure may be implemented in any suitably arranged communications system. The terms used to describe various embodiments are exemplary. It should be understood that these are provided to merely aid the understanding of the description, and that their use and definitions, in no way limit the scope of the invention. Terms first, second, and the like are used to differentiate between objects having the same terminology and are in no way intended to represent a chronological order, unless where explicitly stated otherwise. A set is defined as a non-empty set including at least one element.
The present invention is a method and system for transmitting and receiving secure e-mails in a web mailing systemusing a secure processing device.A secure processing device connected to the client system stores security credentials for performing secure functionalities on the mailing application.E-mails are sent from a web based email client application to an e-mail server. The secure processing device secures the data on the client side, before it reaches the application server. The secure data is then sent to the mail server.
Typically, sender/receiver security credentials are used to secure the mails at the client side. Hence it is of utmost importance to safely manage and store the security credentials. Unprotected security credentials can cause a plethora of attacks on the emails that are being transmitted. It is even more important to secure data at the client side in a web mailing system to prevent mails from being transmitted in plain to the application server or having a limited security at session level, since data that is transmitted over the network is susceptible to interception or altering by attackers.
An approach to safeguard the sender/receiver security credentials is to store them on a secure processing device. Only the user of the email system will have access to the device which would be protected with authentication. This prevents the need to store security credentials on the application server or client system thereby reducing the exposure to attacks. Likewise, the approach to ensure that data is secured at the web client is to perform secure operations of the mail within the secure processing device by invoking a client component on the client side. This ensures mail security at the client side even before it is sent to the application server in a web based emailing system.
Figure 1 shows the basic scheme of existing web mailing systems used worldwide. The figure depicts information processing system network 100. Information processing system network 100 consists of a network of computers and network devices connected via communication links. Mail Client 101 is connected to the web server 102 which is connected to mail server 103. Mail server is connected to directory server 104. Network 100 uses TCP/IP (Transmission Control Protocol/Internet Protocol) suite to communicate.
In the existing scenario, security credentials are stored on the web server or on the local system of client. Secure operations are performed on the web server.
In contrast, in the present invention, credentials are stored in the secure processing device coupled to the client system. Whenever a user needs to send a secure mail, user logs onto a web client. After successful authentication to the server, the client composes the mail by choosing the secure option. On sending the mail, a client component gets executed on the client system, which invokes a communication module, also present on the client system. The communication module sends the mail data to the secure processing device which secures the mail data. This method and system ensures that both the credentials and plain data will not travel to application server.
Figure 2 shows an arrangement of web mailing system according to one embodiment of the present invention. The figure depicts a mail processing system network 200 in which the current invention may be implemented. Web mail Clients 201 and 206 are connected to the application server 203 via network 200 which is in turn connected to mail server 204. Secure processing device 202 is connected to the mail client system 201 and secure processing device 207 is connected to mail client system 206. Application server 203 and Mail server 204 are connected to directory server 205 via network 200. Network 200 uses TCP/IP (Transmission Control Protocol/Internet Protocol) suite to communicate.
Mail client is a web-based application that enables users to receive and send emails from any system via web browser. Typically, email client requires an email address to be setup and configured before user can start using email service. These configuration and settings generally include email address, password, POP3/IMAP and SMTP address, port number, email aliases and other related preferences. A mail server is a server that handles and delivers e-mail over a network, usually over the Internet. A mail server can receive e-mails from client computers and deliver them to other mail servers. A mail server can also deliver e-mails to client computers. The mail server used in the present invention may be a SMTP, POP3, IMAP server, etc.
An application server is a component-based product that resides in the middle-tier of a server centric architecture. It provides middleware services for security and state maintenance, along with data access and persistence. The application server acts as a set of components accessible to the software developer through an API defined by the platform itself. For Web applications, these components are usually performed in the same running environment as their web server(s), and their main job is to support the construction of dynamic pages. However, many application servers target much more than just Web page generation services like clustering, fail-over, and load-balancing, so developers can focus on implementing the business logic. The present invention may use any one of the application servers like Weblogic, Websphhere, Jboss, Glassfish, etc.
A network is a collection of servers, mainframes, network devices, peripherals, or other devices connected to one another to allow the sharing of data. An excellent example of a network is the Internet, which connects millions of people all over the world. Usually, the networked computing devices exchange data with each other using a data link. The connections between nodes are established using either cable media or wireless media. The present invention may use anyone of the network which includes local area network (LAN), wide area network (WAN), wireless local area network(WLAN), Metropolitan Area Network(MAN), Storage area network (SAN), personal area network(PAN), enterprise private network (EPN), virtual private network(VPN),etc.The network configurations of the present invention may include any one of bus topology, mesh topology, ring topology, star topology, tree topology, hybrid topology, etc. The secure processing device stores user’s security credentials and performs secure functionalities on the mail. The directory server is a server which maps the names of network resources to their respective network addresses. Each resource on the network is considered an object by the directory server. Information about a particular resource is stored as a collection of attributes associated with that resource or object.
In the present invention, the client system performs secure operations on the mails within the secure processing device connected at the client side. Security credentials are stored inside the secure processing device connected to the client system. In the present invention, web mail user composes the mail and sends it. On sending the mail, a client component gets executed on the client system, which invokes a communication module, also present on the client system. The communication module sends the mail data to the secure processing device which secures the mail data.
Figure 3 shows a block diagram of a mail processing system implemented on a web based server setup according to one embodiment of the present invention. The figure shows a block diagram illustrating the components of a Web Mailing system. A secure processing device 302 is connected to web mail client 301. The secure processing device stores user’s security credentials and performs secure functionalities on the mail. Web mail client 301 composes and sends mails to application server 303 which sends the mail to mail server 304. Authentication of users happens by means of directory server 305 which stores user details.
Figure 4 shows the complete mail processing using secure processing device in the web mailing system according to one embodiment of the present invention. The figure depicts the client setup 401 comprising of the secure processing device 402 and a web mail client 403. After the user composes a mail at the web client 403, a client component 406 is invoked which is executed on the client side. This application invokes communication module 407 present on the client system. The communication module converts the mail data which was composed by the user into a format understandable by the secure processing device. This formatted data is then sent to secure processing device by process 408. Accessing of security credentials stored on the secure processing device happens by process 404 and the data is made secure by the secure processing module 405 using the security credentials stored on the device. The secure data is then sent from the secure processing device to the client component 406 which constructs the secure mail packet and further sends it to application server 412 by the process 411. The application server further forwards the secure mail to the mail server 413.
Figure 5 shows the flow diagram of Credential generation and storage system. Secure processing device receives user details from the client component by process 501. Credential generation and storage system generates the mail user security credentials by process 502. It also generates a unique mail access code for each mail user owning the secure processing device by process 503. User security credentials and mail access code is stored in the device by process 504.
Figure 6 shows the flow diagram of sending secure mails from the mail client. Mail user connects the secure processing device to the client system by process 601 prior to performing mailing operations. User logs in to the mailing system, composes a secure mail by selecting the security option and sends it by process 602. User is then prompted for his mail access code by process 603.User enters his mail access code by process 604. This ensures that before performing any secure mail operations, the user is authenticated by means of his mail access code. The code entered by the mail user is checked with the mail access code stored in the device by process 605. If it matches, secure operations are allowed to be performed and mail will be sent by process 606. If it does not match, mail user will be notified, secure operations will not be performed and mail will not be sent by process 607.
One embodiment of the present invention relates to a method for transmitting and receiving secure emails in a web mailing system. The method including receiving a plurality of user details at a web mail client device by at least one secure processing device 601, 602, generating security credentials based on the received user details at the web mail client device, the generated security credentials including a unique mail access code for each user corresponding to the secure processing device and storing the unique mail access code at the secure processing device, prompting the user to provide their unique mail access code before sending a mail 603, matching the user provided mail access code with the mail access code stored at the secure processing device and allowing the user to perform the secure mailing operation 606.The method notifies the user that the secure mailing operation cannot be performed 607, if the provided mail access code does not match with the mail access code stored at the secure processing device.
The method further includes executing a client component on the web mail client device which further invokes a communication module in order to convert the user mail data into a format understandable by the secure processing device. The communication module sends the mail data to the secure processing device to secure the mail data. The secure processing device sends the secured data to the client component which constructs the secure mail packet and forwards the same to an application server and further to a mail server. The mail users are provided with secure processing device consisting of their security credentials to ensure that the security credentials need not be transmitted over the network. The client component is executed on the web mail client device thereby ensuring that securing of mail data happens on the client device in web mailing system.
Another embodiment of the present invention relates to a system for transmitting and receiving secure emails in a web mailing system over a network, the system comprising: a plurality of web mail client device, each web mail client device coupled to at least one secure processing device; at least one application server, at least one mail server and at least one directory server, wherein the web mail client device including the secure processing device, the application server, the mail server and the directory server are configured for receiving a plurality of user details at the web mail client device by the corresponding users’ secure processing device, generating security credentials based on the received user details at the web mail client device, the generated security credentials including a unique mail access code for each user corresponding to the secure processing device and storing the unique mail access code at the secure processing device, prompting the user to provide their unique mail access code before sending a mail, matching the user provided mail access code with the mail access code stored at the secure processing device, if the mail access code of the user matches with the mail access code stored at the secure processing device of the corresponding user, the user is allowed to perform the secure mailing operation, else the user is notified that the secure mailing operation cannot be performed. The secure operation on the data happens within the secure processing device connected to the web mail client device, and wherein the storage of security credentials within the secure processing device ensures that credentials need not be stored on any client or server. The secure processing device including a credential generation and storage system in which mail user’s security credentials are generated.
Those skilled in this technology can make various alterations and modifications without departing from the scope and spirit of the invention. Therefore, the scope of the invention shall be defined and protected by the following claims and their equivalents.
FIGS. 1-6 are merely representational and are not drawn to scale. Certain portions thereof may be exaggerated, while others may be minimized. FIGS. 1-6 illustrate various embodiments of the invention that can be understood and appropriately carried out by those of ordinary skill in the art.
In the foregoing detailed description of embodiments of the invention, various features are grouped together in a single embodiment for the purpose of streamlining the disclosure. This method of disclosure is not to be interpreted as reflecting an intention that the claimed embodiments of the invention require more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive subject matter lies in less than all features of a single disclosed embodiment. Thus, the following claims are hereby incorporated into the detailed description of embodiments of the invention, with each claim standing on its own as a separate embodiment.
It is understood that the above description is intended to be illustrative, and not restrictive. It is intended to cover all alternatives, modifications and equivalents as may be included within the spirit and scope of the invention as defined in the appended claims. Many other embodiments will be apparent to those of skill in the art upon reviewing the above description. The scope of the invention should, therefore, be determined with reference to the appended claims, along with the full scope of equivalents to which such claims are entitled. In the appended claims, the terms “including” and “in which” are used as the plain-English equivalents of the respective terms “comprising” and “wherein,” respectively.
We Claim:
1. A method for transmitting and receiving secure emails in a web mailing system, the method comprising:
receiving a plurality of user details at a web mail client device by at least one secure processing device;
generating security credentials based on the received user details at the web mail client device, the generated security credentials including a unique mail access code for each user corresponding to the secure processing device and storing the unique mail access code at the secure processing device;
prompting the user to provide their unique mail access code before sending a mail;
matching the user provided mail access code with the mail access code stored at the secure processing device; and
allowing the user to perform the secure mailing operation.
2. The method as claimed in claim 1, further comprising:
notifying the user that the secure mailing operation cannot be performed, if the provided mail access code does not match with the mail access code stored at the secure processing device.
3. The method as claimed in claim 1, further including executing a client component on the web mail client device which further invokes a communication module in order to convert the user mail data into a format understandable by the secure processing device.
4. The method as claimed in claim 3, wherein the communication module sends the mail data to the secure processing device to secure the mail data.
5. The method as claimed in claim 4, wherein the secure processing device sends the secured data to the client component which constructs the secure mail packet and forward the same to an application server and further to a mail server.
6. The method as claimed in claim 1, wherein all mail users are provided with secure processing device consisting of their security credentials to ensure that the security credentials need not be transmitted over the network.
7. The method as claimed in claim 3, wherein the client component is executed on the web mail client device thereby ensuring that securing of mail data happens on the client device in web mailing system.
8. The method as claimed in claim 3, wherein the securing of data within the secure processing device ensures that secure data is sent out of the secure processing device to the client system. Thereby the data going out of the client system is secure.
9. A system for transmitting and receiving secure emails in a web mailing system over a network, the system comprising:
a plurality of web mail client device, each web mail client device coupled to at least one secure processing device; at least one application server, at least one mail server and at least one directory server, wherein the web mail client device including the secure processing device, the application server, the mail server and the directory server are configured for:
receiving a plurality of user details at the web mail client device by the corresponding users’ secure processing device;
generating security credentials based on the received user details at the web mail client device, the generated security credentials including a unique mail access code for each user corresponding to the secure processing device and storing the unique mail access code at the secure processing device;
prompting the user to provide their unique mail access code before sending a mail;
matching the user provided mail access code with the mail access code stored at the secure processing device;
if the mail access code of the user matches with the mail access code stored at the secure processing device of the corresponding user, the user is allowed to perform the secure mailing operation, else the user is notified that the secure mailing operation cannot be performed.
10. The system as claimed in claim 9, wherein the secure operation on the data happen within the secure processing device connected to the web mail client device, and wherein the storage of security credentials within the secure processing device ensures that credentials need not be stored on any client or server.
11. The system as claimed in claim 9, wherein the secure processing device including a credential generation and storage system in which mail user’s security credentials are generated.
Date: 18/02/2017 S AFSAR
Place: Bangalore IN/PA-1073
Agent for the applicant
ABSTRACT
A method and system for transmitting and receiving secure emails in a web mailing system using secure processing device
The present invention mainly relates to web mailing system and particularly to a method and system for transmitting and receiving secure emails in a web mailing system. In one embodiment, the method comprising: receiving a plurality of user details at a web mail client device by at least one secure processing device, generating security credentials based on the received user details at the web mail client device, the generated security credentials including a unique mail access code for each user corresponding to the secure processing device and storing the unique mail access code at the secure processing device, prompting the user to provide their unique mail access code before sending a mail, matching the user provided mail access code with the mail access code stored at the secure processing device and allowing the user to secure the mail at the client side before it reaches the application server.
Figure 6 (for publication)
Documents
Orders
| Section | Controller | Decision Date |
|---|---|---|
Application Documents
| # | Name | Date |
|---|---|---|
| 1 | 201741005827-Response to office action [01-11-2024(online)].pdf | 2024-11-01 |
| 1 | PROOF OF RIGHT [18-02-2017(online)].pdf | 2017-02-18 |
| 2 | 201741005827-PROOF OF ALTERATION [04-10-2024(online)].pdf | 2024-10-04 |
| 2 | Form 5 [18-02-2017(online)].pdf | 2017-02-18 |
| 3 | Form 3 [18-02-2017(online)].pdf | 2017-02-18 |
| 3 | 201741005827-IntimationOfGrant02-04-2024.pdf | 2024-04-02 |
| 4 | Drawing [18-02-2017(online)].pdf | 2017-02-18 |
| 4 | 201741005827-PatentCertificate02-04-2024.pdf | 2024-04-02 |
| 5 | Description(Complete) [18-02-2017(online)].pdf_409.pdf | 2017-02-18 |
| 5 | 201741005827-Written submissions and relevant documents [27-03-2024(online)].pdf | 2024-03-27 |
| 6 | Description(Complete) [18-02-2017(online)].pdf | 2017-02-18 |
| 6 | 201741005827-Correspondence to notify the Controller [08-03-2024(online)].pdf | 2024-03-08 |
| 7 | Form 26 [05-07-2017(online)].pdf | 2017-07-05 |
| 7 | 201741005827-US(14)-HearingNotice-(HearingDate-13-03-2024).pdf | 2024-02-01 |
| 8 | Correspondence by Agent_Power of Attorney_14-07-2017.pdf | 2017-07-14 |
| 8 | 201741005827-Response to office action [27-10-2022(online)].pdf | 2022-10-27 |
| 9 | 201741005827-CLAIMS [12-01-2021(online)].pdf | 2021-01-12 |
| 9 | Correspondence by Agent_Power of Attorney_14-07-2017...pdf | 2017-07-14 |
| 10 | 201741005827-COMPLETE SPECIFICATION [12-01-2021(online)].pdf | 2021-01-12 |
| 10 | Abstract 201741005827.jpg | 2017-07-18 |
| 11 | 201741005827-FER_SER_REPLY [12-01-2021(online)].pdf | 2021-01-12 |
| 11 | 201741005827-FORM 18 [19-12-2017(online)].pdf | 2017-12-19 |
| 12 | 201741005827-FER.pdf | 2020-07-14 |
| 12 | 201741005827-OTHERS [12-01-2021(online)].pdf | 2021-01-12 |
| 13 | 201741005827-FER.pdf | 2020-07-14 |
| 13 | 201741005827-OTHERS [12-01-2021(online)].pdf | 2021-01-12 |
| 14 | 201741005827-FER_SER_REPLY [12-01-2021(online)].pdf | 2021-01-12 |
| 14 | 201741005827-FORM 18 [19-12-2017(online)].pdf | 2017-12-19 |
| 15 | 201741005827-COMPLETE SPECIFICATION [12-01-2021(online)].pdf | 2021-01-12 |
| 15 | Abstract 201741005827.jpg | 2017-07-18 |
| 16 | 201741005827-CLAIMS [12-01-2021(online)].pdf | 2021-01-12 |
| 16 | Correspondence by Agent_Power of Attorney_14-07-2017...pdf | 2017-07-14 |
| 17 | Correspondence by Agent_Power of Attorney_14-07-2017.pdf | 2017-07-14 |
| 17 | 201741005827-Response to office action [27-10-2022(online)].pdf | 2022-10-27 |
| 18 | Form 26 [05-07-2017(online)].pdf | 2017-07-05 |
| 18 | 201741005827-US(14)-HearingNotice-(HearingDate-13-03-2024).pdf | 2024-02-01 |
| 19 | Description(Complete) [18-02-2017(online)].pdf | 2017-02-18 |
| 19 | 201741005827-Correspondence to notify the Controller [08-03-2024(online)].pdf | 2024-03-08 |
| 20 | Description(Complete) [18-02-2017(online)].pdf_409.pdf | 2017-02-18 |
| 20 | 201741005827-Written submissions and relevant documents [27-03-2024(online)].pdf | 2024-03-27 |
| 21 | Drawing [18-02-2017(online)].pdf | 2017-02-18 |
| 21 | 201741005827-PatentCertificate02-04-2024.pdf | 2024-04-02 |
| 22 | Form 3 [18-02-2017(online)].pdf | 2017-02-18 |
| 22 | 201741005827-IntimationOfGrant02-04-2024.pdf | 2024-04-02 |
| 23 | Form 5 [18-02-2017(online)].pdf | 2017-02-18 |
| 23 | 201741005827-PROOF OF ALTERATION [04-10-2024(online)].pdf | 2024-10-04 |
| 24 | PROOF OF RIGHT [18-02-2017(online)].pdf | 2017-02-18 |
| 24 | 201741005827-Response to office action [01-11-2024(online)].pdf | 2024-11-01 |
Search Strategy
| 1 | SEARCHSTRATEGY_201741005827_21-02-2020.pdf |