[go: up one dir, main page]

WO2009021532A1 - Procédé et appareil de communication sécurisée entre au moins deux ordinateurs - Google Patents

Procédé et appareil de communication sécurisée entre au moins deux ordinateurs Download PDF

Info

Publication number
WO2009021532A1
WO2009021532A1 PCT/EP2007/007145 EP2007007145W WO2009021532A1 WO 2009021532 A1 WO2009021532 A1 WO 2009021532A1 EP 2007007145 W EP2007007145 W EP 2007007145W WO 2009021532 A1 WO2009021532 A1 WO 2009021532A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
sender
addressee
automatically
reply
Prior art date
Application number
PCT/EP2007/007145
Other languages
English (en)
Inventor
Mikhail Kolobov
Original Assignee
Mikhail Kolobov
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mikhail Kolobov filed Critical Mikhail Kolobov
Priority to PCT/EP2007/007145 priority Critical patent/WO2009021532A1/fr
Priority to PCT/EP2008/000417 priority patent/WO2009021567A1/fr
Publication of WO2009021532A1 publication Critical patent/WO2009021532A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/107Computer-aided management of electronic mailing [e-mailing]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/21Monitoring or handling of messages
    • H04L51/212Monitoring or handling of messages using filtering or selective blocking
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic

Definitions

  • the invention concerns a method for safe communication between two or more computers with avoidance of unwanted data of third parties.
  • the invention also concerns a device for safe communication between two or more computers with avoidance of unwanted data of third parties.
  • the invention further concerns a computer program product including one or more computer-readable media with computer-readable instructions for conducting the necessary steps for a safe communication between two or more computers with avoidance of unwanted data of third parties.
  • Business and private correspondence by means of email are widely known in modern society. A lot of communication, be it business related or private, is conducted with the use of computers. Such business-related and private correspondence include any kind of electronic messages and/or message services, e.g. plain emails, emails with attached data, sms (short message service), mms (multimedia message service), ire (internet rely chat) and/or VoIP (voice over ip).
  • message services e.g. plain emails, emails with attached data, sms (short message service), mms (multimedia message service), ire (internet rely chat) and/or VoIP (voice over ip).
  • Spam is defined as data which is unwanted by the recipients. Such spam includes emails by third parties sent in high quantity to random addresses of potential recipients.
  • the United States patent application US 2003/009698 A1 discloses a possible solution for this problem.
  • the method and system for filtering spam is discloses in this document. Whenever a message is initially received from an unapproved sender, a confirmation request email is sent to the sender's email address, requesting the sender to confirm his existence and identity. Spammers, i.e. the senders of spam data, such as spam emails, typically do not receive reply emails and cannot handle these if they happen to arrive. Therefore, until the unapproved sender replies to the confirmation request email, electronic messages received from unapproved senders are treated as spam.
  • a list of approved senders is maintained by the spam filter. Electronic messages from those approved senders are not treated as spam and are immediately delivered to the user. Generally, a list of valid source addresses for one user is maintained either on the user's computing device or on a mail server, depending upon their specific application.
  • the US document US 2003/009698 A1 also discloses the use of a "tunnel password" and a "CZID".
  • a user A sends for instance an email to B.
  • This email is received in a quarantine part of an inbox of B.
  • An automatic reply including the "CZID" is sent to A by B. If A is having the same spam filter as B according to US 2003/009698 A1 , this new email is then again quarantined by A. A newly generated response upon the receipt of the reply will then again be quarantined by B.
  • the resulting eternal loop iteration can only be penetrated by manual interference by the users A and/or B.
  • the monetary and time related resources of B shall be preserved. Only A shall have to interfere manually, so that his original message comes to the attention of B, without B's manual, i.e. direct interference, so that unwanted data, such as spam, does not come to B's attention.
  • KR 1020040095008 A Therein another method for filtering spam messages is disclosed.
  • a system for blocking spam emails and a method for blocking spam emails is further disclosed in WO 2006/129962 A1.
  • any sort of ID is comprised.
  • the e-mail address of the sender of an email may be such an ID.
  • the automatic reply is brought to the attention of the sender of the initial email, so that after a very short time the originally sent email may be brought to the attention of the original recipient in the later process, as intended by the original sender.
  • the originally sent email will not be brought to the attention of the original recipient.
  • the first recipient does not have to waste time or resources on spam.
  • the original sender exerts influence on the receipt of the original email due to his manually created response, so that it comes to attention of the originally intended recipient, unless this is explicitly not wanted by the recipient.
  • the quarantined data e.g. the email
  • the quarantined data is deleted during such an intermediate step. It is thereby avoided that the quarantined part of the inbox is stuffed by to much unwanted data.
  • the quarantined data is deleted depending on the storage time in this part of the inbox and/or the amount of data in this inbox. Any emails which are too old are therefore deleted after a certain time period, preferably if no response or wrong response is received.
  • step d It is advantageously avoided that the originally sent data is irrevocably lost, if a request to resend the data of step a) is included in the automatic response of step d).
  • step j If 1 upon step j), the ID of the sender of data is automatically entered in a so called "white list", future emails can be directly brought to the attention of the recipient without the need for a prior test procedure with the automated reply and non- automated response.
  • step d) can be repeatedly sent. Repeated sending of the automated response of step d), such as the test message, can be conducted in reply to the incorrect answer to the test message and/or after a set time interval after non-receipt of a response on the test message.
  • a device for safe communication between two or more computers with avoidance of unwanted data of third parties can also be solved by a device for safe communication between two or more computers with avoidance of unwanted data of third parties.
  • a device for sending data such as an email, from a first computer to a second computer; a device for automatically entering the ID of the addressee in a "white list" of a sender if the ID of the sender of the original data is not listed in the "white list" of the addressee; a device for quarantining the received data, such as an email, in a part of an inbox on the addressee-side; a device for sending an automated response to the sender with a non-automatically readable code; a device for automatically identifying the response by the sender of the original data and informing the original sender; a device for manually creating a new code based on the code in the response; a device for creating a reply to the original addressee including the new code; a device for sending the reply to the original addressee; a
  • Such a device includes the necessary means to integrate the necessary steps in a technical entity, such as a computer.
  • the object of the invention is also solved by a computer program product including one or more computer readable-media with computer-readable instructions for conducting their steps according to the previously described method, if run on a computer.
  • Fig. 1 discloses a schematic flow of operation during sending, responding and replying between the two users, namely user A and user B,
  • Fig. 2 discloses a schematic flow of operation between a sender of spam, namely user C, and user B.
  • Fig. 1 discloses a schematic view of a computer of a sender of data, namely user A and a schematic view of a computer of a user receiving data, namely user B.
  • A will be referred therefore to as a sender and B will be referred to as addressee or recipient.
  • the computers of A and B comprise the necessary programs for exchange of data, especially programs to send, receive and manage emails with or without attachments, such as data clusters.
  • Both computers comprise an entity, in which the data, such as emails, is received. This entity will be referred to as "inbox".
  • the "inbox" the entity in which emails are received, is partitioned in a "quarantine inbox", a "trash inbox” and a "user-direct accessible inbox". Only messages in the "user-direct accessible inbox" can be seen by the user A or B in the respective inbox of the respective computer.
  • Both computers store and manage a so called “white list” and a so called “black list”.
  • Both users A and B employ the system according to the invention, especially a method according to the invention, the device and the computer program product, to avoid the receipt of spam emails and to be notified of emails of some importance, sent by non-spammers.
  • a spammer such a user is defined, who sends so-called spam emails to other users.
  • Fig. 1 a special case is shown, where A, being the sender of information, is not a spammer, but intends to reach B, also being a non-spammer.
  • A sends an email to B with a certain content.
  • Emails and data of senders having their ID listed in the "black list” of B, will be led directly to the "trash inbox" and they are there either deleted directly, deleted after a certain period of time or deleted when the data reaches a certain threshold. Due to the ID of A not being listed in any of the lists of B 1 the email of A is entered in the "quarantine inbox” as a step c). Before step c) or parallel to it, the ID of B is entered in the "white list" of the user A in a step b).
  • step d an automated response is generated and sent per email to A in the next step, namely step d).
  • a code is included in this response.
  • the code is, in the current embodiment, a picture showing a symbol or showing letters.
  • the code namely the picture, is created automatically by the system of B upon receipt of the email of a still unknown sender.
  • step d) The response email of step d) is entered in the "user-direct accessible inbox" of A in a step e). This is due to the fact that the ID of the sender of the response, namely the ID of B, was entered in the "white list" before step d), namely in step b).
  • the automatically created code cannot be identified and further processed by means of a machine alone, but needs human mental abilities to be deciphered.
  • the reply of the embodiment of Fig. 1 sent in step d) also has a request included, to either resend the original email of step a) together with a response to B or either respond to B without resending the original email.
  • the code of the reply have to be integrated in the response.
  • step f) a new code is generated by the user A, by manual means. This may be such that the symbol is now described in a word or the letters included in the picture, possibly a .gif or a .jpg, and now entered in plain text.
  • step g the response email is created and the code of the reply email of step d) is entered.
  • step h the response is forwarded to B.
  • step i the new code is then compared to the code included in the response email. If they correspond to each as expected, a positive output value is created.
  • step j the response email is now entered in the "user-direct accessible inbox", so that the user B can see it and access it directly. Therefore, only emails of senders of human nature can be entered in the "user-direct accessible inbox", as automated sending machinery cannot decipher the response and cannot generate automatically a reply, which meets the criteria of step d). This is especially efficient in such cases, where spammers use automated programs with no inbox at all.
  • the original email sent in step a) is deleted after being saved in the "quarantine inbox” for a certain time or until the "quarantine inbox” reaches a data amount above a pre-defined threshold.
  • Fig. 2 shows the fate of an email sent by a spammer, namely user C, to the user B.
  • the ID of C is already listed in the "black list”.
  • the spammer sends an email to B.
  • This email is automatically entered in the "trash inbox” during step b).
  • the deletion of the spam email follows. This deletion can be done manually or automatically. An automated deletion can depend on the factor time or on the factor data content in the "trash inbox".
  • this message is analysed on the basis of information step 2, if the ID of the sender can be found in the "white list", which can be the answer of user B or the test message of the user B, whereupon it is shown to the user A, whereby the user A answers the message now manually, whereby the information about this new message is also kept in a temporary folder; or
  • step 4) if the analysis of step 4) is negative, the incoming messages analysed on the basis of the information of step 3), whereupon the user A is informed by any means of the non-delivery of the message to the user B, whereby no automatic information is sent to the user B, as this would be useless as the user B cannot receive messages of the user A, be it temporarily or not; and/or
  • steps 4) and 5) if the analysis of steps 4) and 5) is negative, a message from an unknown person C is quarantined and the response (test mail ) is sent automatically,
  • step 6) information about response step 6) also are kept in temporary folder of user A; 8) next incoming message is again analysed, if the ID is present in the "white list", whereby the "white list” contains the ID of the user B, but does not contain the ID of the user C and if the analysis is positive, it is the reply is identified as answer or the test message of the user B, which is then presented to the user A, whereby this step is similar to the step 4); and/or
  • step 8) if the result of the analysis of step 8) is negative, the incoming message, i.e. the reply is analysed on the basis of the information of step 3) and the user A is informed by a means concerning the non-delivery of the message to the user B, whereby this step is similar to the step 5);
  • step 9 whereby additionally upon a negative result of the analysis of step 9), the incoming reply is analysed on the basis of the information of step 7), to the effect that the user C is defined as a spammer, whereby it is not necessary to inform the user A about it, as it is one of the purposes of the invention to protect the user A from spam messages, whereupon the spam message of user C is then deleted from the quarantine inbox;
  • step 11 whereupon additionally if a negative result of the analysis of step 10) results, the incoming message is analysed on the basis of the information of step 6), so that a response of the user C on the test message can be generated, if a correct answer is received, so that a message of user C, which is kept in the quarantine inbox is shown to the user A 1 or, if the answer is incorrect, it is concluded that the user C is a spammer, whereupon the message is deleted.
  • a comparable process is conducted for user B.
  • An automatic response defined as a test message, can be repeatedly sent. Repeated sending of the test message can be conducted in reply to the incorrect answer to the test message and/or after a set time interval after non-receipt of a response on the test message.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Human Resources & Organizations (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Strategic Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Computing Systems (AREA)
  • Quality & Reliability (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Operations Research (AREA)
  • Data Mining & Analysis (AREA)
  • Tourism & Hospitality (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

La présente invention concerne un appareil et un procédé de communication sécurisée entre au moins deux ordinateurs permettant d'éviter de données indésirables de tiers. Le procédé consiste à envoyer de données, telles qu'un courrier électronique, d'un premier ordinateur à un second ordinateur; introduire automatiquement l'identifiant du destinataire dans une « liste blanche » de l'expéditeur; mettre en quarantaine des données reçues, telles que le courrier électronique, dans une partie d'une boîte de réception du côté destinataire si l'identifiant de l'expéditeur des données de la première étape ne figure pas sur la « liste blanche » du destinataire; envoyer une réponse automatique à l'expéditeur assortie d'un code lisible de façon non automatique; identifier la réponse par l'expéditeur des données de la première étape et informer l'expéditeur des données de la première étape; créer manuellement un nouveau code sur la base du code de la quatrième étape par l'expéditeur de la première étape; créer une réponse au destinataire de la première étape par l'expéditeur de la première étape comprenant un nouveau code sur la base de la sixième étape; envoyer la réponse de la septième étape au destinataire de la première étape; identifier automatiquement la réponse de la septième étape par le destinataire de la première étape; et informer automatiquement le destinataire de la première étape de la réponse de la septième étape.
PCT/EP2007/007145 2007-08-13 2007-08-13 Procédé et appareil de communication sécurisée entre au moins deux ordinateurs WO2009021532A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/EP2007/007145 WO2009021532A1 (fr) 2007-08-13 2007-08-13 Procédé et appareil de communication sécurisée entre au moins deux ordinateurs
PCT/EP2008/000417 WO2009021567A1 (fr) 2007-08-13 2008-01-21 Procédé et appareil pour une communication sûre entre deux ou plusieurs ordinateurs

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2007/007145 WO2009021532A1 (fr) 2007-08-13 2007-08-13 Procédé et appareil de communication sécurisée entre au moins deux ordinateurs

Publications (1)

Publication Number Publication Date
WO2009021532A1 true WO2009021532A1 (fr) 2009-02-19

Family

ID=39402741

Family Applications (2)

Application Number Title Priority Date Filing Date
PCT/EP2007/007145 WO2009021532A1 (fr) 2007-08-13 2007-08-13 Procédé et appareil de communication sécurisée entre au moins deux ordinateurs
PCT/EP2008/000417 WO2009021567A1 (fr) 2007-08-13 2008-01-21 Procédé et appareil pour une communication sûre entre deux ou plusieurs ordinateurs

Family Applications After (1)

Application Number Title Priority Date Filing Date
PCT/EP2008/000417 WO2009021567A1 (fr) 2007-08-13 2008-01-21 Procédé et appareil pour une communication sûre entre deux ou plusieurs ordinateurs

Country Status (1)

Country Link
WO (2) WO2009021532A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004088943A2 (fr) * 2003-03-26 2004-10-14 America Online, Inc. Identification et utilisation d'identites censees etre connues par un utilisateur
WO2005096572A1 (fr) * 2004-03-26 2005-10-13 Hisham Arnold El-Emam Procede pour surveiller la transmission de messages electroniques
WO2005096584A1 (fr) * 2004-03-30 2005-10-13 Imencro Software Sa Filtre et technique de filtrage de messages electroniques
WO2006129962A1 (fr) * 2005-05-31 2006-12-07 Nurivision Co., Ltd. Systeme et procede permettant de bloquer des messages non sollicites

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004088943A2 (fr) * 2003-03-26 2004-10-14 America Online, Inc. Identification et utilisation d'identites censees etre connues par un utilisateur
WO2005096572A1 (fr) * 2004-03-26 2005-10-13 Hisham Arnold El-Emam Procede pour surveiller la transmission de messages electroniques
WO2005096584A1 (fr) * 2004-03-30 2005-10-13 Imencro Software Sa Filtre et technique de filtrage de messages electroniques
WO2006129962A1 (fr) * 2005-05-31 2006-12-07 Nurivision Co., Ltd. Systeme et procede permettant de bloquer des messages non sollicites

Also Published As

Publication number Publication date
WO2009021567A1 (fr) 2009-02-19

Similar Documents

Publication Publication Date Title
US8285804B2 (en) Declassifying of suspicious messages
US8751808B2 (en) Method and system for sharing trusted contact information
JP4976678B2 (ja) インバウンドメッセージを検証すること
US8112483B1 (en) Enhanced challenge-response
CN100476852C (zh) 一种反垃圾电子邮件的方法
US20030212791A1 (en) Method and system for authorising electronic mail
US20080313704A1 (en) Electronic Message Authentication
JP2007528686A (ja) 迷惑メール遮断システム及び方法
AU2009299539B2 (en) Electronic communication control
US20100287244A1 (en) Data communication using disposable contact information
KR102176564B1 (ko) 사칭 또는 위변조 메일 관리 방법 및 시스템
Moore Recommendations for automatic responses to electronic mail
CN110324231A (zh) 非熟识电子邮件的提醒方法
WO2009021532A1 (fr) Procédé et appareil de communication sécurisée entre au moins deux ordinateurs
GB2474661A (en) Electronic mail system and method
Jamnekar et al. Review on effective email classification for spam and non spam detection on various machine learning techniques
JP2004523012A (ja) 権限が与えられていない電子メールを排除するシステム
US10374997B2 (en) System and method for spam prevention with generalized email address
US20070180034A1 (en) Method and system for filtering communication
Valeeva SPAM AND ANTI-SPAM METHODS
WO2013097329A1 (fr) Procédé de sauvegarde d'informations de filtrage de courrier, serveur de courrier et système de courrier électronique
CN105898752A (zh) 消息过滤方法
Kaur et al. A Hybrid approach for enhancing the capability of Spam Filter
Gulhane et al. Spam filtering methods for email filtering
Luo et al. Using E-mail Authentication and Disposable E-mail Addressing for Filtering Spam

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07801634

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07801634

Country of ref document: EP

Kind code of ref document: A1