公开(公告)号：WO0175651A2

公开(公告)日：2001-10-11

申请号：PCT/US0110519

申请日：2001-03-30

Applicant: SUN MICROSYSTEMS INC

Inventor： HANNA STEPHEN ,  DOUGLAS DAVID ,  ELLEY YASSIR ,  PERLMAN RADIA ,  MULLAN SEAN ,  ANDERSON ANNE

IPC: G06Q10/10 ,  H04L12/58 ,  G06F17/00

CPC classification number: H04L51/08 ,  G06Q10/107 ,  H04L51/30

Abstract: One embodiment of the present invention provides a system that replaces an attachment to an email message with a reference to a location where the attachment is stored. Upon receiving the email message, the system examines the email message to determine if the email message includes an attachment. If the email message includes the attachment, the system stores the attachment at a location on a communication network from which the attachment can be retrieved. The system also modifies the email message by replacing the attachment with a reference specifying the location of the attachment, and sends the modified email message to a recipient of the email message. In one embodiment of the present invention, the recipient receives the modified email message and uses the reference specifying the location of the attachment to retrieve the attachment across the communication network.

Abstract translation: 本发明的一个实施例提供一种系统，该系统用参考存储附件的位置替代对电子邮件消息的附件。 在接收到电子邮件消息后，系统检查电子邮件消息以确定电子邮件消息是否包括附件。 如果电子邮件消息包括附件，则系统将附件存储在可从中检索附件的通信网络上的位置。 该系统还通过使用指定附件的位置的引用替换附件来修改电子邮件消息，并将修改的电子邮件消息发送给电子邮件的收件人。 在本发明的一个实施例中，接收者接收经修改的电子邮件消息，并使用指定附件位置的引用来检索通过通信网络的附件。

公开(公告)号：WO0141353A3

公开(公告)日：2002-02-21

申请号：PCT/US0041995

申请日：2000-11-07

Applicant: SUN MICROSYSTEMS INC

Inventor： PERLMAN RADIA ,  HANNA STEPHEN

IPC: H04L9/08 ,  H04L9/30 ,  H04L12/56 ,  H04L12/58 ,  H04L29/06

CPC classification number: H04L9/0833 ,  H04L9/0825 ,  H04L45/16 ,  H04L51/00 ,  H04L63/0428 ,  H04L63/0464 ,  H04L63/104 ,  H04L2463/102

Abstract: One embodiment of the present invention provides a system for sending an encrypted message through a distribution list exploder in order to forward the encrypted message to recipients on a distribution list. The system operates by encrypting the message at a sender using a message key to form an encrypted message. The system also encrypts the message key with a group public key to form an encrypted message key. The group public key is associated with a group private key to form a public key-private key pair associated with a group of valid recipients for the message. Next, the system sends the encrypted message and the encrypted message key to the distribution list exploder, and the distribution list exploder forwards the encrypted message to a plurality of recipients specified in the distribution list. After receiving the encrypted message and the encrypted message key, the recipient decrypts the encrypted message key to restore the message key. Next, the recipient decrypts the encrypted message using the message key to restore the message. In a variation on the above embodiment, the recipient decrypts the encrypted message key by sending the encrypted message key from the recipient to a group server, which holds the group private key. The group server decrypts the encrypted message key using the group private key to restore the message key, and returns the message key to the recipient in a secure manner.

Abstract translation: 本发明的一个实施例提供了一种用于通过分发列表破解器发送加密消息以便将加密消息转发到分发列表上的收件人的系统。 该系统通过使用消息密钥在发送者处加密消息来形成加密消息来进行操作。 系统还使用组公钥对消息密钥进行加密，形成加密的消息密钥。 组公钥与组私钥相关联，以形成与消息的一组有效接收者相关联的公钥 - 私钥对。 接下来，系统将加密的消息和加密的消息密钥发送到分发列表扩展，并且分发列表将加密的消息转发到分发列表中指定的多个收件人。 收到加密消息和加密消息密钥后，收件人解密加密消息密钥以恢复消息密钥。 接下来，收件人使用消息密钥解密加密消息以恢复消息。 在上述实施例的变型中，接收者通过将加密的消息密钥从接收者发送到保存组私钥的组服务器来解密加密的消息密钥。 组服务器使用组私钥对加密的消息密钥进行解密，以恢复消息密钥，并以安全的方式将消息密钥返回给收件人。

公开(公告)号：WO0233884A3

公开(公告)日：2002-11-28

申请号：PCT/US0132307

申请日：2001-10-17

Applicant: SUN MICROSYSTEMS INC

Inventor： PERLMAN RADIA ,  HANNA STEPHEN

IPC: H04L9/08

CPC classification number: H04L9/083 ,  H04L9/0825 ,  H04L9/3213 ,  H04L9/3265

Abstract: One embodiment of the present invention provides a system for operating a key distribution center (KDC) that provides keys to facilitate secure communications between clients and servers across a computer network, wherein the system operates without having to store long-term server secrets. The system operates by receiving a communication from a server at the KDC. This communication includes an identifier for the server, as well as a temporary secret key to be used in communications between a client and the server for a limited time period. In response the communication, the system attempts to authenticate the server. If the server is successfully authenticated, the system stores the temporary secret key at the KDC, so that the temporary secret key can be subsequently used to facilitate communications with the server.

Abstract translation: 本发明的一个实施例提供了一种用于操作密钥分发中心（KDC）的系统，其提供密钥以促进跨越计算机网络的客户端和服务器之间的安全通信，其中系统在不必存储长期服务器秘密的情况下操作。 系统通过从KDC的服务器接收通信来进行操作。 该通信包括用于服务器的标识符，以及在有限时间段内在客户端和服务器之间的通信中使用的临时秘密密钥。 为响应通信，系统尝试对服务器进行身份验证。 如果服务器成功认证，则系统将临时秘密密钥存储在KDC，以便随后可以使用临时秘密密钥来促进与服务器的通信。