The present invention relates to systems and methods for providing electronic messages and other communications using the Internet or World Wide Web (xe2x80x9cWebxe2x80x9d) and a variety of personal and other computers available to different subscribers and users.
Most all persons that are engaged in commerce and/or in any sort of interpersonal relations are, by 1999, very well familiar with xe2x80x9ce-mailxe2x80x9d as a form of virtually-instant, written communication using the Internet and the World Wide Web. Many millions of people in the US and abroad now have access to computers they may use at home, at work, at school (from grade-school to college), at public libraries, at xe2x80x9ccyber-cafxc3xa9sxe2x80x9d, at office services centers or stores, at colleagues"" offices and homes, and at myriad other places. On such computers they can compose and send or receive e-mail messages using a modem, an Internet Service Provider (xe2x80x9cISPxe2x80x9d), and an e-mail program either loaded into the computer or provided, often free, by the ISP or another Web host. Eudora(copyright) is a commercial e-mail program loaded onto a user""s computer (i.e., xe2x80x9cclient-sidexe2x80x9d) for composing and sending and receiving e-mail. Client-side programs are often required for use at colleges, allowing students to work off-line and then dial in to the central server just to upload and download their messages. Hotmail(copyright) and many other e-mail systems reside on servers accessed form the Internet, such as those at msn.com, and can be accessed only while on-line with the e-mail system server via the Internet. However, a user must be at his or her own computer to use the client-side application, and has no access to such e-mail otherwise, as while travelling without the computer. Further, a user relying on Web-based e-mail can work on the e-mail system from any computer with an Internet connection, but only while connected to the Internet and incurring telephone and other charges.
No commercial e-mail service is known to provide both on-line and client-side services that are similar to one another in use. A need exists for a subscriber to be able to work selectively either (1) from his or her own computer using personal settings, information, and files, or alternatively and equally well, (2) from any other computer through a server that can access the user""s xe2x80x9chomexe2x80x9d server and still have available the user""s personal settings, information, and files.
Security is also a need for electronic messaging. Messages and attachments are typically sent between computers and servers and between servers over non-secure lines, and stored on intermediate servers as they are routed to their destinations. Messages are sent in multiple xe2x80x9cpacketsxe2x80x9d, so that not all of a message will go the same route to its destination server, thus providing some inherent security in the Internet system. However, messages and attachments stored on the origin and destination servers are vulnerable to snooping by persons with knowledge of computer intrusion tactics. Encryption techniques are known, whereby a subscriber may encrypt his or her text before it goes to the origin server and the text stays encrypted until it reaches the recipient""s computer, where it is displayed as plain text without further action by the user. Complete security systems for electronic messaging require also, however, additional features of authentication of the sender""s identity, integrity of the message and attachments as against modifications in transit, and assurance against repudiation by the sender. None of these three added security features is available on any known Web-based e-mail system, although some client-side systems provide them.
Many security standards and algorithms are available for use in secure messaging. S/MIME, SSL, and X.509 standards are used in some secure client-side systems but not in any known Web-based system, except that SSL (Secure Socket Layer) is used in two recently released commercial products, noted below. Many security algorithms are known and used in secure client-side e-mail systems, including 3-DES, Diffie-Hellman, DSS, MD5, RC2/40, RSA, and SHA-1; none of these is used in any Web-based application, save one of the recent commercial products. That product uses Diffie-Hellman and a further algorithm called Blowfish.
Useful e-mail systems provide additional features, besides simple messaging, that are helpful and desirable. Permitting address book(s), attachments, downloading of messages, and filing of messages into separate folders are typically allowed on some Web-based and most client-side systems. Features of checking multiple e-mail accounts and affording universal access from any computer are provided by Web-based systems but not by client-side systems. Typically, when users want help on a particular subject or action, they must obtain assistance from a menu or sub-menu, then search the help listing for the appropriate subject. Often, these help menus are inadequate or confusing or don""t even try to offer the information the user requires. Virus warnings and dual naming procedures for log-in are known but not commonly used.
Very recently, two secure, Web-based e-mail systems have appeared commercially, under names of ZipLip and HushMail. Both of these systems provide concealment or privacy features, but neither includes the three other data security features of authentication, integrity, and non-repudiation. They use Secure Socket Layer (SSL) security standards for encrypting messages in transit. HushMail uses the Diffie-Hellman algorithm (which is recognized in the S/MIME standard) as well as the Blowfish algorithm (which is not); ZipLip uses none. Neither system permits message download or multiple e-mail account checking, but both permit universal access from any computer with Internet access. ZipLip permits attachments, while HushMail does not. HushMail has address book and message folder features not in ZipLip, and ZipLip permits attachments whereas HushMail does not. Neither system is interoperable with other systems, but one must use the ZipLip or the HushMail systems to access messages developed within those systems.
Microsoft has recently offered a Web-based tool referred to as Outlook Web Access (xe2x80x9cOWAxe2x80x9d), as a part of the Microsoft Exchange server. Included already in Microsoft Exchange has been xe2x80x9cOutlook Clientxe2x80x9d (xe2x80x9cOCxe2x80x9d), a full-featured, client-side e-mail software application, which supports the S/MIME standard. The OWA program permits a subscriber to access his or her messages residing on an OC server for sending or receiving same from over the web, but there is no access while on OWA to a subscriber""s personal information, files, or settings. OWA is not S/MIME compatible, so the client-side and Web-based capabilities and experiences are very different.
Thus, no known e-mail system or service, Web-based or client-side, offers features of compression of attachments on demand, an integrated certificate authority and service provider, both Web-based and client-side access, an interactive help system, a virus warning system, and dual-naming log-ins, built into the system. Rather, such features and functions must be accessed and accomplished if possible by going to other programs, slowing a user""s electronic messaging procedure greatly.
The present invention provides a robust, full-featured electronic messaging system with combined Web-based and client-side access that works equally well both from a subscriber""s own computer with proprietary software or from any other computer connected to the Internet, with only very small differences in appearance and operation. Either way of access allows use of all features of the invention, including all security features noted below if the Internet connection is suitable.
The present invention provides both a basic form of service, both Web-based and client-side, and also a premium, secure level of service with all four of the security features of authentication, concealment, integrity, and non-repudiation, when used from the subscriber""s computer or with a suitable Internet access.
The present invention permits inter-exchange of electronic messages with others that are not subscribers to the present system. For a subscriber to send a secure message to a person not a subscriber, the user need only be sure that the user""s server and computer are set up to use the S/MIME protocol.
The present invention provides additional important features of multiple account checking, universal access, attachment compression on demand and automatic decompression, integrated certificate authority and e-mail service, interactive help, a uniform hierarchy for books of messages, e-mail accounts, and certificates, a virus warning system, and dual-naming log-in protections. All are useable from the subscriber""s own computer, using the software system of the invention, and alternatively from any computer with suitable Internet access, using a password or -phrase to access the subscriber""s own information, files, and setup.
The method of the present invention provides for programming both a Web-based server and a personal computer application with an e-mail messaging service configured to interact with and to shadow each other as to personal information, settings, and files of an individual one of said subscribers. The method includes steps of storing the personal information, settings, and files of a subscriber both on the Web-based server and on a personal computer running the application. Then the subscriber may access his or her files off-line solely through the personal computer and may alternatively access the files on-line through any computer able to communicate with the server. Access is then allowed to the messaging service via the server for a subscriber""s sending and receiving electronic messages.
The present invention further provides for a digital certificate service with the messaging service. The Web-based form of messaging service is made secure against interception of messages. A subscriber can access the server of the messaging service from a personal computer using the Web-based form of service through an S/MIME compliant application to connect between the computer and the server. In a Web-based environment, a digital signature is provided to an authorized recipient, the signature verifying the identity of the sender, the integrity of the message, and the fact of the sending by the sender. The user is given control over whether or not to compress the file size of each outgoing attachment to a message; for subscribers, the decompression of each compressed attachment happens automatically when a subscriber opens it. Interactive help screens are provided on each subscriber""s computer, both on-line through any computer and off-line if used through the subscriber""s computer. Each of these help screens is displayed as it becomes pertinent to the task being then executed by the subscriber. The subscriber may turn any of these help screens on and off, however. A substantially uniform book hierarchy is provided for messages received and messages sent, e-mail accounts, and certificates available to the subscriber. A warning of possible virus contamination of attachments to a message is provided. Dual naming capability is available in the invention for more secure log-in, by requiring a log-in name as well as a user name upon log-in.