System, terminal, network object, method and computer software for authorising communication messages

FIELD: physics; communication.

SUBSTANCE: invention relates to exchange of messages. A system, terminal, method and carrier use a certificate of authorisation to grant a sender the authority to send a communication message to a recipient. The system for controlling reception of the message by the recipient includes a transmission terminal and reception terminal. The transmission terminal can send a communication message to the sender. The reception terminal can determine whether the communication message is cryptographically linked to the certificate of authorisation. Determination of whether a communication message is cryptographically linked to the certificate of authorisation can include determination of whether a communication message has been signed by the sender using a private encryption key.

EFFECT: receiver can quickly and easily determine whether to receive a message.

21 cl, 9 dwg

 

The technical FIELD

Embodiments of the invention in General relate to messaging, and more particularly to an authorization message to prevent spam.

The LEVEL of TECHNOLOGY

Many devices, such as mobile phones, personal computers (PC), handheld computers, and personal digital assistants (PDAs), allow users of such devices to send and receive communication messages using a variety of methods of electronic communication. For example, the communication messages can be sent and received using e-mail, instant messaging (IM), text messages (also known as short message service or SMS), and voice over Internet Protocol (VOIP).

To be able to communicate using these methods of communication, it is very convenient and efficient. However, the usefulness and effectiveness of such methods of communication are often reduced because of unnecessary and unwanted messages. (These messages can be called "spam". Although the term "spam" is usually used in relation to unnecessary and unwanted e-mail messages, here the term "spam" is used to refer to unwanted and unsolicited messages sent by any means of communication.) Users can get a large number of the pam. Users can spend a lot of time sorting the received message and deleting unwanted messages. In addition, some communication messages may contain content inappropriate for younger users.

Users may wish to prevent the delivery of spam users. Or users may wish to select messages that may be spam in a separate category or folder to facilitate the destruction of the messages that are spam. There are some methods that try to prevent spam to the user. One way is to view each incoming message at a pre-defined list of words or phrases that may be indicative of spam. This method can be called the method of "keywords". If the word or phrase from a predefined list found in the communication message, the communication message may not be delivered to the user. However, this method of keywords can not prevent all spam, because spam senders can bypass this method. One of the ways traversal method key words - excluding the use of any words or phrases from a predefined list in the message. Senders of spam can, for example, deliberately in the message write error word that is in the predefined list. is what misspellings of words can be the reason that way the keywords will not work and will allow you to deliver messages to the user.

Another way to prevent spam - comparison of link ID (for example, e-mail addresses, nick IM, phone number) of the sender with a pre-defined list of authorized senders. This list can be called "white list", and the method can be called by way of a "white list". If the link ID of the sender is not defined in advance in the white list, the communication message may not be delivered to the user. However, one disadvantage of the "white list" is that the list of authorized senders should be frequently updated to ensure that the desired message will be delivered. In addition, the white list consumes space in memory, usually either in the user communication device or a network device, such as your e-mail server.

The INVENTION

System, terminal, method and computer program product presented here, based on the above use a certificate authority to authenticate the sender to send communication messages to the recipient so that the recipient can quickly and easily determine whether to accept the message when the presence or absence of the certificate authority. This systems is to manage the reception of message communication by the recipient includes transmitting terminal and the receiving terminal. The transmitting terminal may transmit a communication message from the sender. The receiving terminal may determine whether a cryptographically communication message to a certificate authority, resulting in the receiving terminal receives the communication message if the communication message is cryptographically associated with the certificate authority. Determining whether a cryptographically communication message to a certificate authority, may include determining whether the communication message by the sender using the private encryption key of the sender.

In one of the embodiments of the invention the receiving terminal, in addition, can determine whether the certificate authority using a private key encoding at least or recipient, or a relying party, resulting in the receiving terminal will receive the communication message if the certificate of authority signed using the private key encoding at least or receiver or Trustee.

The certificate of authority may be the first certificate authority. The receiving terminal may be able to determine whether the message is cryptographically with the second certificate authority. The receiving terminal may also be capable of determining whether there is an unbroken chain between the second certificate authority and the first certificate authority, signed by at least or recipient, or a relying party. At the same time the receiving terminal can receive the communication message if the communication message is cryptographically associated with the second certificate authority, and if there is an unbroken chain between the second certificate authority and the first certificate of authority signed by at least or recipient, or a relying party.

In one embodiment, the implementation of the receiving terminal, in addition, can determine whether there is in the black list of signatories to any certificate authority in the communication message.

In another embodiment, the receiving terminal, in addition, you may receive the authorization request from the transmitting terminal, where the request for authorization shall be signed by the sender using a private encryption key of the sender, and to determine the link ID of the message, the link ID of the sender and the sender's public key. The receiving terminal can also send the transmitting terminal certificate authority in response to the authorization request, where the certificate of authority signed by the recipient using the private encryption key of the recipient, and to determine the link ID of the recipient and the link ID of the sender.

The certificate authority may, in addition, to determine AB is Orizari forwarding which indicates whether the sender is authorized to sign the certificate of authority of the second sender so that the recipient will receive a communication message sent from the second sender.

In addition to the system for admission control, communication messages, described above, other aspects of the invention relate to the respective terminals, network objects, methods and computer program products for controlling reception of the communication message.

LIST of DRAWINGS

Having described the invention in General terms, give reference to the accompanying drawings, which are not necessarily made to scale, where:

Figure 1 - block diagram of one type of system, which can be used in the invention;

Figure 2 is a schematic block diagram of an object capable of operating as a mobile station, a terminal and/or network object in accordance with an implementation of the invention;

Figure 3 is a schematic block diagram partially illustrating a mobile station in accordance with one embodiments of the invention;

4 is a functional block diagram illustrating the operation of the admission control communication message by the recipient in accordance with one embodiments of the invention;

5 is a functional block diagram illustrating the operation of the control ol the reception of the communication message to the recipient via a gateway in accordance with one embodiments of the invention;

6 is a functional block diagram illustrating the use of the Trustee to manage the reception of a communication message by the recipient in accordance with one embodiments of the invention;

7 to 9 illustrate authorized communication message in accordance with a variant embodiment of the invention.

DETAILED description of the INVENTION

Embodiments of the invention will be described below more fully with reference to the accompanying drawings showing preferred embodiments of the invention. This invention, however, can be implemented in many different forms, and it should not be interpreted in a limited implementation formulated in this document; rather, these implementation presents to this disclosure was exhaustive and complete, and fully convey the possibilities of the invention to specialists. Similar numbers everywhere refer to similar elements.

Embodiments of the invention will be primarily described in relation to e-mail. However, it should be understood that embodiments of the invention can be applied to many other communication applications such as instant messaging (IM), short message service (SMS)service multimedijalni (MMS) and voice over Internet Protocol (VOIP). In addition, embodiments of the invention will be primarily described in relation to the application of mobile communications and, in particular, mobile phones. However, it should be understood that embodiments of the invention can be applied to many other applications in the field of mobile communications, both on and off the field of mobile communications. For example, embodiments of the invention can be applied to wired and/or wireless network applications (e.g., Internet). In addition, embodiments of the invention can be used for any other devices that can run applications, including personal computers, handheld computers, and personal digital assistants, but not limited to.

In addition, embodiments of the invention use a certificate authority to specify authorized to whether a particular communication message to a specific sender and if it is to be received by the recipient. The certificate of authority is usually tamper-proof means of identification, which entitles the holder of the certificate (e.g., the sender) to use the resource or the right of access to the resource. The certificate authority typically contains the resource and the specific rights granted to its owner. Certificate floor is omochi may contain identification information of the owner. The certificate of authority usually contains the public key of the owner. The owner can use the public key to verify the rights of the owner to use the certificate by providing evidence that the owner possesses the corresponding private key. The certificate of authority usually contains the ID and the public key of the object, giving the right to the resource.

The owner of the link ID to which the communication message should be sent (for example, the recipient may send a certificate of authority to those senders that the recipient is authorized to send communications to the recipient. The certificate authority may also include permission to the sender permission to send communication messages to the recipient. The owner of the link ID may also maintain a black list of senders that are abusing the link ID of the recipient, by sending unsolicited email or give permissions to other senders that send unwanted messages.

The invention will be primarily described in relation to asymmetric encryption algorithms, such as public key infrastructure (PKI). However, it should be understood that embodiments of the invention can be used in Rel is to many other encryption algorithms.

Figure 1 shows the purpose of the example illustration of one type of system that receives the effect of the invention. The system may include one or more mobile stations 10, each of which has an antenna 12 for transmitting signals and receiving signals from one or more base stations (BS) 14. The base station is part of one or more cellular or mobile networks, each of which includes elements required to operate the network, such as one or more centers mobile switching (MSC) 16. As is well known in the art, the mobile network may also be referred to by the abbreviation from the base station/ MSC/Function internetworking (BMI). When the work of the MSC is able to route calls, data or the like to and from the mobile stations when the mobile stations send or receive calls, data, or similar.

MSC can also provide the connection to the mains ground lines of communication, when the mobile station involved in the call.

MSC 16 may be connected to the data network, such as a local data network (LAN), a regional data network (MAN) and/or wide area data network (WAN). MSC can be directly connected to the data network. In one typical embodiment, however, the MSC is connected to the gateway (GTW) 18, and GTW is connected to a WAN such as the Internet 20. In turn, the device is such as processing elements (e.g., personal computers, servers or the like), can be connected to mobile station 10 via the Internet. For example, as explained below, the processing elements can include one or more processing elements, connected to one or more servers 24, 26 personal computers (PC) or the like, one of which is shown in figure 1 and described below. It should be understood that the processing elements can include any number of processing devices, systems or the like capable of operating in accordance with a variant embodiment of the invention.

BS 14 may also be connected to the support node signaling GPRS (SGSN) 30 (GPRS - General packet radio service). Experts know that the SGSN is usually able to perform a function, like the MSC 16, for services packet switching. SGSN, like the MSC may be connected to a data network such as the Internet 20. SGSN may be connected to the data network directly. In a more typical implementation, however, the SGSN is connected to the underlying network packet switching, such as basic network 32 GPRS. Basic network of packet switching is further connected with another GTW, such as GTW secondary node GPRS (GGSN) 34, and the GGSN connects to the Internet.

Although not every element of every possible network is shown and described herein, it should be understood that the mobile station 10 can be tie is on with one or more in any number of different networks. In this sense, the mobile network can be connected to the auxiliary communications in accordance with either one, or with a large number of mobile communication protocols of the first generation (1G), second generation(2G), 2.5G and/or third generation(3G) or similar.

More specifically, one or more mobile stations can be connected to one or more networks capable of supporting communication in accordance with 2G wireless protocols IS-136 (TDMA), GSM and is-95 (CDMA). Also, for example, one or more networks may be capable of supporting communication in accordance with the 2.5G wireless protocols GPRS, GSM evolution with increased transmission speed data (EDGE) and the like. In addition, for example, one or more networks may be capable of supporting communication in accordance with 3G wireless protocols, such as universal mobile telecommunications system (UMTS)networks, where the network uses a radio access technology for broadband multiple access code division multiple access (WCDMA). Some narrowband network AMPS (NAMPS), as well as army fans the leather, may also benefit from the implementation of the invention, as in the case of two or more of the mode mobile stations (e.g., digital/analog or TDMA/CDMA/analog phones).

One or more mobile stations 10 may also be larger connecting apertures who ineni to one or more access points (AP) 36. AR can be configured to communicate with the mobile station in accordance with technologies such as radio frequency (RF), Bluetooth (BT), infrared (IrDA) or any of a number of different wireless network technologies, including WLAN. AR can be connected to the Internet 20. As with the MSC 14, the AR can be connected to the Internet directly. In one of the embodiments, however, AR indirectly connected to the Internet through a gateway GTW 18. It should be understood that when directly or indirectly connecting the mobile stations and processing elements (e.g., servers 24, 26 personal computers (PC)and/or any number of other devices to the Internet via AR or a mobile network, the mobile stations and processing elements can communicate with each other, so as to transmit various functions of the corresponding object, for example, transmit and/or receive data, content and the like. Used herein, the terms "data", "content", "information" and similar terms may be used interchangeably, however, they correspond to data that is transmitted, received and/or stored in accordance with implementations of the invention. Thus, the use of any of such terms does not limit the nature and scope of the invention.

Communication between mobile stations and other devices, the communication can be routed through a communication gateway or router such as a mail gateway 38. This gateway can function as a single point of reception of the communication messages sent to many devices, such as an email device 40, so that the gateway can perform certain operations on each message and then route each message to the appropriate communication device. For example, the mail gateway 38 may scan incoming email for viruses before sending mail to the appropriate mailbox device.

Although it is not shown in figure 1, in addition to or instead of connecting the mobile stations 10 to the servers 24, 26 personal computers (PC) and the like via the Internet 20, one or more of these objects can be directly connected to one another. As such, one or more network objects can communicate with one another through, for example, RF, BT, IrDA or any other wired or wireless communication techniques, including LAN and/or WLAN technology.

It should be understood that the several objects of the system in figure 1 can be configured in any number of different architectures to perform any number of functions. For example, the objects in the system in figure 1 can be configured in a centralized architecture client-server, peer-to-peer architecture, and/or proxy architecture. In addition or alternatively, for example, bhakti system in figure 1 can be configured in architecture, installed in the Package Scalable Network Applications (SNAP) (formerly the Packet Network Applications Sega)provided by Nokia Corporation for applications in the context of the game.

Figure 2 shows a block diagram of an object capable of operating as a mobile station, a terminal and/or network object (e.g., server, mail gateway, in accordance with one embodiments of the invention. The object is capable of operating as a mobile station, a terminal and/or network object includes various means for performing one or more functions in accordance with typical choices of the invention, including more private, shown and described here. However, it should be understood that one or more objects may include alternative means for performing one or more like functions, without affecting the nature and scope of the invention. More specifically, for example, as shown in figure 2, the object can generally include means, such as a processor 42, a controller or the like, is connected to a memory 44 for performing or controlling the various functions of the object. The memory may include volatile and non-volatile memory, and typically stores content, data or the like. For example, the memory typically stores content transmitted from the object and/or received by the object. Also, for example, the memory typically stores CL the Agency application instructions or the like for performing the steps of the processor associated with the operation of the facility in accordance with implementations of the invention. As explained below, for example, the memory may store a client application, including the configuration utility, content Manager and/or display Manager. During the execution of the configuration tool can configure a content source to retrieve or otherwise, to provide content. Content Manager in the performance may manage your receipt of content from the source and/or use of the content received from the source. The display Manager can control the presentation of content received from a source. As described here, the client application may include software for the corresponding objects. However, it should be understood that one or more client applications described herein may alternatively include firmware or hardware, without departing from the essence and scope of the invention.

In addition to the memory 44, the processor 42 may also be connected to at least one interface 46 or other means for displaying, transmitting and/or receiving data, content or the like. In this regard, the interfaces may include at least one communication interface or other means is for transmitting and/or receiving data, content or the like, as well as at least one user interface that may include a display and/or interface user input. Interface for user input, in turn, may include any number of devices allowing the entity to receive data from a user, such as a keyboard, touch screen, joystick, or other input device.

Figure 3 illustrates one type of terminal or mobile station 10 to the mobile phone. However, it should be understood that the mobile station depicted and described below only illustrates one type of mobile station, receiving the effect of the invention, and, therefore, is not limited to the nature and scope of the invention. Although some embodiments of the invention shown and hereinafter described as an example, other types of mobile stations, such as personal digital assistants (PDAs), two-way pagers, portable computers, handheld computers, and other types of electronic systems, can easily apply the invention. In addition, it should be understood that the terminal or other mobile stations, such as personal computers, can easily apply the invention.

The terminal 10 includes various means for performing one or more functions in accordance with typical choices assests the tion of the invention, including more specific, as shown and described here. However, it should be understood that the terminal may include alternative means for performing one or more like functions, without affecting the nature and scope of the invention. More specifically, for example, as shown in figure 3, in addition to the antenna 12, the mobile station 10 may include a transmitter 48 and receiver 50 and tools, such as processing device, such as a controller 52, a CPU or the like, which produces a signal at the transmitter and receive the signal from the receiver, respectively. The signals include information of an alarm in accordance with the standard radio interface applicable cellular system, and the speech of the user and/or user generated data. In this regard, the mobile station may be able to operate with one or more radio interface standards, communication protocols, modulation types, and access types. More specifically, the mobile station can operate with any number of communication protocols of the first generation (1G), second generation (2G), (2.5G) and third generation (3G) and the like. For example, a mobile station may operate in accordance with 2G wireless communication protocols IS-136 (TDMA), GSM and is-95 (CDMA). Also, for example, a mobile station may operate in accordance with 2.5G wireless Internet throughout the water communication protocols GPRS, EDGE and the like. In addition, for example, a mobile station may operate in accordance with 3G wireless communication protocols such as the UMTS network that uses a radio access technology WCDMA. Some mobile station NAMPS, as well as army fans the leather, too, can benefit from this invention, when using two or more of the mode phones (e.g., analog or TDMA/CDMA/analog phones).

It is clear that the controller 52 includes a circuit required to execute the audio and logic functions of the mobile station 10. For example, the controller can be formed by a digital signal processor device, a microprocessor device, and various analog-to-digital converters, digital to analog converters, and other support schemes. Control functions and signal processing mobile station is allocated between these devices according to their respective capacities. The controller can also include a voice encoder (VC) 52a and may include an internal modem data (DM) 52b. In addition, the controller may include functionality to operate one or more programs, such as above, which can be stored in memory (described below).

Mobile station 10 also includes a user interface, on the expectation of the traditional headset or speaker 54, call 56, the display 60 and the interface for user input, all from this list connected to the controller 52. Although not shown, a mobile station may include a battery for powering the various circuits that are required for the mobile station, as well as optional mechanical vibrator as output device. Interface for user input, which allows the mobile station to receive data, may include any number of devices allowing the mobile station to receive data, such as a keyboard 62, a touch screen (not shown), a joystick (not shown) or other input device. In embodiments including a keypad, the keypad includes the conventional numeric (0-9) and related (#, *) keys, and other keys used for operating the mobile station. For applications with instant messaging keyboard 62 may include a full QWERTY keyboard or other alphanumeric keyboard.

Mobile station 10 may also include one or more means for sharing and/or obtaining data. For example, a mobile station may include a radio frequency (RF) transceiver small range or the transmitter 64, so that the data can be shared and/or obtained from electronic devices in accordance with RF techniques. The mobile station may, in addition, Il the alternative, include other transceivers small range, such as, for example, infrared (IR) transceiver 66 and/or Bluetooth (BT) transceiver 68, using Bluetooth wireless technology developed by the Bluetooth Special Interest Group. Mobile station, therefore, may additionally or alternatively be capable of transmitting and/or receiving data from electronic devices in accordance with such technologies.

Although not shown, the mobile station may additionally or alternatively be capable of transmitting and/or receiving data from electronic devices in accordance with a number of different wireless networking techniques, including WLAN technologies such as IEEE 802.11 technology, and the like.

Mobile station, in addition, may include memory, such as a subscriber identity module (SIM) 70, remanufactured subscriber identity module (R-UIM) or the like, which typically contains cells with information related to a mobile subscriber. In addition to the SIM, the mobile station may include other replaceable and/or fixed memory. In this regard, the mobile station may include volatile memory 72, such as a volatile memory (RAM)including a cache for temporary storage of data. The mobile station may also include other non-volatile memory 74, to ora can be embedded and/or may be removable. Non-volatile memory may additionally or alternatively include EEPROM, flash memory or similar. The memory device can store any number of software applications, instructions, pieces of information and data used by the mobile station to perform the functions of the mobile station.

Figure 4 illustrates the operation of the admission control communication message by the recipient, in accordance with one embodiments of the invention. When the sender, such as sender 82 or 86 sender wants to send a "reliable" communication message to the recipient 80 having a personal link ID, the sender typically requests the certificate authority corresponding to the link ID. The request can be sent to the owner of this link ID (for example, the receiver 80, as shown by line 88, or someone who has the right to grant permission for this link ID (the person or entity who has the right to grant permission to someone else, may be called by the authorizer 84), as shown by line 98. The person or the grantor (for example, the receiver 80 or authorizer 84) normally authenticate the sender before granting permission. Authentication typically involves determining whether the sender to send unwanted communication messages. autentifikacia is usually performed manually, so the sender can be authenticated, if the sender is a friend or business partner of the recipient or the authorizer, but can be used any applicable authentication method. If the sender is authenticated, the recipient or the authorizer then usually send the certificate of authority, attached to or embedded in the communication message, sprinkle the sender/requestor. Line 90 indicates that the recipient 80 sends the certificate to the sender 82, and a line 100 indicates that the authorizer 84 sends the certificate to the sender 86 (as discussed below). If the recipient authorizes the sender, the recipient usually sends the certificate authority (see, for example, 126 figure 7), which includes a link ID of the sender (134 figure 7), the sender's public key (132 figure 7) and the link ID of the recipient (130 figure 7). The certificate is usually signed by the recipient using the private encryption key of the recipient (128 figure 7).

To the authorizer 84 had the opportunity to authorize the sender 86 to send messages to the receiver 80, the authorizer usually sends a request (shown by line 94 in figure 4) to the recipient requesting the certificate, giving the authorizer is able to authorize other senders to send messages. Ecopolitical wants to give the authorizer such permission, the receiver normally sends the authorizer certificate authority, as shown by line 96. The certificate that the authorizer receives from the receiver typically includes a link ID of the authorizer, the public key of the authorizer and the link ID of the recipient. The certificate is usually signed by the recipient using the private encryption key of the recipient. The certificate is usually an indication that the authorizer has the permission of the recipient to authorize another person (i.e. the sender in this example) to send a communication message to the recipient. The certificate authority also generally authorizes the authorizer to send messages to the recipient.

If the sender authorizes the authorizer, the authorizer usually sends (as shown by line 100) to the sender 86 certificate authority created by the authorizer that includes a link ID of the sender, the sender's public key, and the link ID of the authorizer. The certificate authority created by the authorizer, usually attached to or embedded in a communication message sent from the authorizer to the sender. The certificate is usually signed by the authorizer using the private encryption key of the authorizer. In addition, the authorizer sends to the sender of the certificate authority that the authorizer has received from the recipient. Certification is ikat powers the authorizer has received from the recipient, may be separately attached to or incorporated into a communication message of the authorizer to the sender, or alternatively may be attached to or embedded together with the certificate authority created by the authorizer, the communication message of the authorizer to the sender.

After the sender has received the certificate of authority, the sender may send a communication message to the recipient. The sender 82, which received a certificate authority directly from the receiver 80, usually cryptographically binds the certificate to the message, as shown by line 92. It should be understood that a reliable message (i.e. the message from the sender to the recipient is usually a certificate authority that is cryptographically associated with the message, whereas in the original transfer certificate of authority from the recipient or the authorizer to the sender certificate is usually attached to or embedded in the message. The sender 86 receiving a certificate of authority from the authorizer 84, usually cryptographically binds the certificate created by the authorizer, with the message and attaches or embeds the certificate created by the recipient in the message, as shown by line 102. The certificate authority may be cryptographically bound to a reliable communication message is tion, using any known technology. For example, if the communication message is an email message can be used a standard Secure/Multipurpose Mail Extensions (S/MIME). Can be used other encryption technology, including public key encryption, such as Public Key Infrastructure (DC1) and the encryption program PGP (PGP is a trademark of PGP Corporation). Essentially, the sender can cryptographically bind the certificate, by signing the message using the private encryption key of the sender. Binding the certificate to the communication message using cryptographic technology allows the recipient to verify that the message was sent from an authorized sender. If the sender knows that the recipient already has one or more certificates, the amount of communication messages can be reduced by inclusion of one or more certificates of the authorizer. Before the communication message sender accepted by the recipient, the recipient usually checks that the communication message comes from an authorized sender, as discussed in detail below.

Although it is not shown in figure 4, except for authorized senders, the authorizer may authorize other authorization. That is, the authority is ATOR, having the permission of the recipient to authorize another person to send a communication message to the recipient may be entitled to provide the same solution to others. This can be accomplished by creating and sending the first authorizer (i.e. the authorizer, received the certificate from the recipient of the certificate with the indication of the resolution, which was in the certificate received by the first authorizer, thereby indicating that the second authorizer has permission from the recipient to authorize another person to send communication messages to the recipient. Alternatively, the attribute certificate generated by the recipient, can mean one of three different levels of resolution: (1) the certificate may be used only to send messages to the recipient and cannot be used to grant permission to other parties to send messages to the recipient; (2) the certificate may be used to grant permission to other parties, provided that the other parties could send messages to the recipient, but could not authorize other parties to authorize additional parties; and (3) the certificate may be used to grant permission to other parties, provided that the other parties could authorize additional parties to send communications with the communication to the recipient. Certificate with a permission level (1) are typically sent from the recipient to the sender.

Certificate with a permission level (2) are typically sent from the recipient to the authorizer, which can then send the certificate to the sender. Certificate with a permission level (3) are typically sent from the recipient to the authorizer, which can then send the certificate to another authorizer.

Figure 5 illustrates the operation of the admission control communication of a message to the recipient via a gateway in accordance with one embodiments of the invention. The operation in the embodiment shown in figure 5, similar to that shown in figure 4, however, in the embodiment of figure 5 communication messages 92, 102 from senders usually routed via the gateway 104. The gateway 104 typically checks that the communication messages came from authenticated senders, unlike the receiver, the validation message in the embodiment of figure 4. So the gateway can verify that the communication messages come from authenticated senders, the receiver normally sends to the gateway certificate authority, which includes a link ID of the recipient and the public key. The certificate of authority should normally be sent once from the recipient to the gateway to allow the gateway to verify communication messages for konkretnej the recipient. In one example embodiment of the invention, the certificate authority may have an end date, so that the recipient usually need to send to the gateway new, unexpired, certificate, when the action previously sent certificate ended. The receiver normally sends the certificate to the gateway before or at about the same time that the recipient sends the certificate authority to the sender or the authorizer in response to the request. For example, before the receiver 80 sends the certificate authority, as shown by line 90, the sender 82, the recipient usually also sprinkles the certificate authority, as shown by a line 91 to the gateway 104. Similarly, before the receiver 80 sends the certificate authority, as shown by line 96, the authorizer 84, the recipient usually also sprinkles the certificate authority, as shown by a line 91 to the gateway 104. As discussed above, the certificate of authority 91 are typically sent once from the recipient to the gateway to allow the gateway to verify communication to the recipient 80 from any sender. When the gateway receives messages 92, 102 from senders 82, 86, respectively, the gateway typically uses the information in the certificate authority 91 to verify that messages 92, 102 come from authorized users. If the gateway is able to verify the message, 92, 102, gateway then usually Dostal is no message to the recipient, as shown by lines 92A, 102A. Although this is not shown in figure 5, the gateway can receive and verify incoming messages to many different recipients.

Figure 6 shows a functional diagram illustrating the use of the Trustee to manage the reception of a communication message by a recipient, in accordance with one example embodiment of the invention. In this embodiment, the trusted party 106, such as the owner of the e-mail domain, may authorize senders to send communication messages to a number of recipients, such as all recipients in a mail domain owner. For example, the Department of information technology (IT) can be the owner of the mail domain of the Corporation (for example, xyzcorp.com), and all e-mails sent to any recipient in the domain (for example, employee@xyzcorp.com), may require the authorisation of the IT Department. In this embodiment of the invention, the certificate of the first authentication level is usually not a self-signed certificate from the recipient, as in the implementation of the invention in figure 4 and 5, and signed by a trusted party or the owner of the domain. This certificate typically contains the e-mail domain, and not the email address of the recipient. This certificate should normally be loaded from the Trustee each poluchatel the domain. As shown in Fig.6, the trusted party 106 receives the request, shown by line 112, from the sender 82, requesting authorization to send communication messages to recipients in your domain. The sender 82 typically does not request authorization to send messages to specific recipients, and requests permission to send messages to any recipient in the domain. In response to the request, and after authentication of the sender's trusted side usually sends to the sender of the certificate authority, as shown by line 114. The Trustee also usually sends the same certificate to the recipient 80A, as shown by line 108 and the receiver 80, as shown by line 110. Each recipient in the domain that can receive messages from the sender, usually must obtain a certificate that was sent to the sender to allow the recipient to verify the authorization of the sender. After obtaining a certificate from a trusted party 106, the sender 82 sends a communication message to a recipient 80A, as shown by line 116, and/or the receiver 80, as shown by line 118. An authorized sender can usually send a message to any recipient in the domain by the cryptographic binding of the certificate with the message. Alternatively, the trusted party 106 may also perform the function of a gateway in figure 5. As a result, in the new Jerusalem. to authorize senders to send communication messages to a number of recipients, the Trustee may, before delivering the message to the appropriate recipient to verify that the message came from an authorized sender.

As described above, before the communication message sender accepted by the recipient, the recipient usually checks that the communication message received from an authorized sender. The recipient can verify that the communication message received from an authorized sender by determining whether a cryptographically communication message to a certificate authority, which was created by the recipient and which contains the link ID of the sender. The certificate may also contain the public key of the sender that the recipient can use to verify that the sender created the message. 7 shows a communication message, which can be verified, in accordance with one variant of implementation. Fig.7 shows the e-mail message 120 is sent from the sender, which will receive a certificate authority directly from the recipient. The certificate of authority 126 cryptographically bound to the message. The message also contains the post content 122, such as text, and is signed with the private key 124 of the sender. As discussed above, the receiver can verify that tocommunication the message came from an authorized sender, by definition, whether cryptographically message with the certificate authority, which was created by the recipient and which contains the link ID of the sender. The certificate of authority 126, cryptographically bound to the e-mail message 120 shows a certificate authority generated by the receiver to authenticate the sender. The certificate of authority 126 contains the address 130 e-mail address of the recipient and the address 134 e-mail address of the sender. The certificate of authority 126 also contains the public key 132 of the sender that the recipient can use to verify an encrypted signature 124 of the sender. The certificate of authority 126 also contains an encrypted signature 128 of the recipient so that the recipient can verify that the certificate is created by the recipient.

On Fig shows a communication message, which can be verified in accordance with one embodiments of the invention. Fig shows the message 121 e-mail sent by a sender who has received a certificate of authority from the Trustee, as shown and described in figure 7. The certificate of authority 156 cryptographically bound to the message 121. The message also contains the e-mail content, such as text, and has the signature 124 private key of the sender. The recipient can verify that the communication within the communication received from an authorized sender by determining, is there a cryptographically message with the certificate authority, which was created by a trusted party and contains the link ID of the sender. The certificate of authority 156, cryptographically bound to the message 121 e-mail, illustrates the certificate authority created by a trusted party to authenticate the sender.

The certificate of authority 156 contains the address 160 domain and e-mail address 134 e-mail address of the sender. The certificate of authority 156 also contains the public key 132 of the sender that the recipient can use to verify an encrypted signature 124 of the sender. The certificate of authority 156 also contains an encrypted signature 157 of the Trustee, so that the recipient can verify that the certificate is created the trusted side.

Alternatively, the recipient can verify that the communication message received from an authorized sender, by determining whether a message contains the certificate authority created by the authorizer and contains the link ID of the sender. The recipient also usually determines whether a message contains the certificate authority created by the recipient and contains the link ID of the authorizer. The recipient is then typically determines that there is an unbroken chain of certificates of authorization from the recipient to whom privitely. An unbroken chain of certificates of authorization usually means that the authorization of the recipient can be traced from the receiver through any authorization to the sender, regardless of how many times the authorization was made before receipt by the sender of the original certificate. The shipment can be tracked by checking that the link IDs of the recipient and first authorizer (i.e. the authorizer, which receives the original certificate, referred to as "the Authorizer And is in the original certificate that the link IDs of the Authorizer and the second authorizer (i.e. the authorizer who receives the certificate from the Authorizer And referred to as the "Authorizer") is a certificate created by the Authorizer And that the link IDs of the Authorizer and the next authorizer (i.e. the authorizer who receives the certificate from the Authorizer, referred to as the "Authorizer") is a certificate created by the Authorizer In and so on, until the end authorizer (i.e. the authorizer, which authorizes the sender, referred to as "the Authorizer X") will be identified, and will be verified that the final certificate contains the link ID of the Authorizer's and sender. As mentioned above, the certificate may also contain the public key of the sender that the recipient can use the to use to check that message is actually created by the sender.

Figure 9 shows a communication message, which can be verified in accordance with one embodiments of the invention. Figure 9 shows the message 123 e-mail sent from the sender, received a certificate of authority from the authorizer (the"Authorizer"), which, in turn, took the certificate from another authorizer the Authorizer And"), which, in turn, received a certificate from the recipient. The certificate of authority 137 represents a certificate authority created and sent to the Authorizer A. the Certificate of authority 137 such certificate of authority 126 figure 7, except that the certificate 137 has an address 142 e-mail address and the public key of the Authorizer, Rather than the sender. Because the certificate 137 was created by the recipient, certificate 137 has an address 130 e-mail address of the recipient and the signature 128 private key. The certificate of authority 137 also has the characteristic of a level of resolution, which, as discussed above, allows the recipient to notify the Authorizer And has or not, the Authorizer And the resolution to authorize other senders and/or to authorize other authorization.

The certificate of authority 136 represents the certificate authority created by the Authorizer and sent to the Authorizer Century When Authorization is the PR And sends the certificate 136 the Authorizer, The authorizer And usually also sends a certificate 137 Authorizer Century, the Certificate authority 136 has an address 150 e-mail address and the public key 148 of the Authorizer Century because the certificate 136 was created by the Authorizer And the certificate 136 has an address 146 e-mail address of the Authorizer and the signature 144 private key. The certificate of authority 136 also has the characteristic (indicator) 135 level permissions, which, as discussed above, allows the Authorizer And to notify the Authorizer In, or has no Authorizer In the resolution to authorise other senders and/or authorize others authorization.

The certificate of authority 138 represents a certificate authority, created by the Authorizer In and sent to the sender. When the Authorizer passes In the certificate 138 to the sender, the Authorizer In typically also sends a certificate 137 and certificate 136 to the sender. Certificate 138 has an address 134 e-mail address of the sender and the public key 132. Because the certificate 138 was established by the Authorizer, the certificate 138 has an address 154 e-mail address of the Authorizer and the signature 152 private key. The certificate of authority 138 also has a sign 135 level permissions, which, as discussed above, allows the Authorizer to inform the sender has not sent the resolution to authorize other senders and/or to authorize other author is congestion.

The certificate of authority 138 usually cryptographically bound to the communication message 123, while the certificate authority 137, 136 can be simply attached to or embedded in the message. In addition, the message also contains the post content 122, such as text, and has the signature 124 private key of the sender. The recipient can verify that the communication message received from an authorized sender by determining whether a message contains the certificate authority created by the recipient, and whether it contains the link ID of the authorizer. Message 123 contains the certificate 137, created by the recipient, and contains the link ID of the Authorizer A. the Recipient is also usually determines whether the message with the certificate authority, which was established by the authorizer and which contains the link ID of the sender. Message 123 is also connected with a certificate 138, which was established by the Authorizer In and contains the link ID of the sender. The receiver also typically verifies that there is a continuous chain of certificates of authority from the recipient to the sender. The arrows on figure 9 show a continuous chain of certificates of authority from the sender (certificate 138) through the certificate 136 to the recipient (certificate 137)

The recipient can also be compared to a "black list" link IDs of the ruler and each of authorization in the certificate chain. The black list can determine the connection identifiers of senders that were previously sent spam messages to the recipient, as well as the link IDs of authorization previously authorized senders, which are then sprinkled unwanted messages to the recipient. The recipient may not accept delivery of the communication message if the link ID of the sender or one of authorization is in the black list. In explaining the diagram in Fig.9, the recipient usually determines whether blacklisted address 134 e-mail sender address 150 e-mail Authorizer or address 142 e-mail address of the Authorizer and if there is, does not accept the message 123.

The method of controlling communication of a message recipient may be implemented in computer software. The computer program product includes a computer readable storage medium, such as non-volatile storage medium, and computer readable code part programs, such as the series of computer commands that are implemented in computer-readable data carrier. Usually a computer program stored in the memory device and executed interactive processing device, such as the processing unit of the server.

In this respect, figure 4-6 and the corresponding description above show the methods and software products in accordance with a variant embodiment of the invention. It is clear that each step or combination of steps, shown in figure 4-6 and described above may be performed by teams of computer programs. These commands are computer programs may be loaded into one or more computers or other programmable devices to create such a mechanism, in which commands to be executed by the computer or other programmable devices provide the means to perform the functions depicted in figure 4-6 and described above. These commands are computer programs can also be stored in computer readable memory that allows you to control a computer or other programmable devices directly, so the commands stored in computer readable memory, create the product, including command-line tools that perform the function shown in figure 4-6 and above.

Thus, the steps shown in figure 4-6 and described above, provide a combination of means for performing the specified functions, combinations of steps for performing the specified functions and mechanism of the software for performing the specified functions. It is also clear that each step shown in Fig 4-6 and described above, and combinations of steps, shown in figure 4-6 and described above, can be performed with the use of special hardware-based computer systems which perform the specified the functions or steps, or special hardware and computer commands.

Professionals related to this field of technology can be offered to many modifications and other embodiments of the invention the ideas presented in the foregoing description and the drawings. Therefore, it should be understood that the invention is not limited to the shown variants of its implementation and modifications and other embodiments of within the attached claims. Although used here, in concrete terms, they are used only in a General and descriptive sense and not for purposes of limitation.

1. System for controlling reception of a communication message by a recipient, including:
the transmitting terminal capable of sending a communication message from the sender, and
the receiving terminal is able to determine whether the communication message is cryptographically with the certificate authority, by determining whether the message sender using the private encryption key of the sender,
moreover, the receiving terminal can also determine whether the certificate authority using the private encryption key of the recipient and/or relying party.
so that the receiving terminal receives the communication message, if it is cryptographically with Asano with certificate authority and if the certificate of authority signed using the private encryption key of the recipient and/or relying party.

2. The system according to claim 1, where the certificate of authority is the first certificate authority and the receiving terminal, in addition, is able to determine whether a cryptographically communication message with the second certificate authority, and the receiving terminal, in addition, is able to determine whether there is an unbroken chain between the second certificate authority and the first certificate of authority signed by the recipient and/or a trusted party, and the receiving terminal receives the communication message if the communication message is cryptographically associated with the second certificate authority, and if there is an unbroken chain between the second certificate authority and the first certificate of authority signed by the recipient and/or trusted party.

3. The system according to claim 1, where the receiving terminal, in addition, is able to determine whether those who signed any of the certificates, powers of communication messages in the black list.

4. The system according to claim 1, where the receiving terminal, in addition, is capable of receiving the authorization request from the transmitting terminal, where the request for authorization signed by the sender using the private encryption key of the sender, and set the te link ID of the recipient, the link ID of the sender and the sender's public key, and the receiving terminal may also send a certificate of authority to the transmitting terminal in response to the authorization request, the certificate authority signed using the private encryption key of the recipient, and to determine the link ID of the recipient and the link ID of the sender.

5. The system according to claim 4, where the certificate of authority, in addition, specifies the authorization of the shipment, which indicates whether the sender is authorized to sign the certificate authority second sender, then the receiver will receive the message sent by the second sender.

6. The system according to claim 1, additionally including:
network object capable of receiving the authorization request from the transmitting terminal, where the request for authorization signed by the sender using the private encryption key of the sender, and to determine the identifier for the communication domain, the link ID of the sender and the public key of the sender, and the network object may also send the certificate to the authority of the transmitting terminal in response to the authorization request, where the certificate of authority signed by the recipient using the private encryption key of the recipient, and to determine the link ID of the recipient and the link ID of the domain and the network object in addition, is able to send the certificate of authority of the receiving terminal.

7. Terminal for admission control message communication by the recipient, which includes:
the processor is able to determine whether a cryptographically communication message to a certificate authority, by determining whether the communication message by the sender using the private encryption key of the sender,
moreover, the processor can also determine whether the certificate authority using the private encryption key of the recipient and/or relying party.
causing the processor receives the communication message if the communication message is cryptographically associated with the certificate authority, and if the certificate of authority signed using the private encryption key of the recipient and/or relying party.

8. The terminal according to claim 7, where the certificate of authority is the first certificate authority, and the processor may also determine whether a cryptographically communication message with the second certificate authority, and the processor may also determine whether there is an unbroken chain between the second certificate authority and the first certificate of authority signed by the recipient and/or a trusted party, this is processor receives the communication message, if the communication message is cryptographically associated with the second certificate authority, and if there is an unbroken chain between the second certificate authority and the first certificate of authority signed by the recipient and/or relying party.

9. The terminal according to claim 7, where the processor is also capable of determining whether the person who has signed any of the certificates, powers of communication messages in the black list.

10. The terminal according to claim 7, where the processor, in addition, is capable of receiving the authorization request from the sender, where the authorization request signed by the sender using the private encryption key of the sender, and to determine the link ID of the recipient, the link ID of the sender and the private key of the sender, and the processor may also send a certificate of authority to the sender in response to the authorization request, where the certificate of authority signed by the recipient using the private encryption key of the recipient, and to determine the link ID of the recipient and the link ID of the sender.

11. The terminal of claim 10, where the certificate authority also determines the authorization of the shipment, which indicates whether the sender is authorized to sign the certificate authority second to the sender, causing the recipient to receive messages, last is by the second sender.

12. The method of controlling the reception of a communication message by a recipient, the method includes:
determining whether a cryptographically communication message with the certificate authority by determining whether the message sender using the private encryption key of the sender,
determining whether the certificate authority using the private encryption key of the recipient and/or a trusted party, and
receiving the communication message if the communication message is cryptographically associated with the certificate authority, and if the certificate of authority signed using the private encryption key of the recipient and/or relying party.

13. The method according to item 12, where the certificate of authority is the first certificate authority, and the method also includes:
determining whether a cryptographically communication message with the second certificate authority;
determining whether there is an unbroken chain between the second certificate authority and the first certificate of authority signed by the recipient and/or the trusted party; and
receiving the communication message if the communication message is cryptographically associated with the second certificate authority, and if there is an unbroken chain between the second authorization certificate and the first certificate authority, signed by the recipient and/or relying party.

14. The method according to item 12, where the method also includes
determining whether the one who signed any of the certificates, powers of communication messages in the black list.

15. The method according to item 12, where the method also includes:
receiving the authorization request from the sender, where the authorization request signed by the sender using a private key of the sender, and the definition of the link ID of the recipient, the link ID of the sender and the public key of the sender, and
sending a certificate of authority to the recipient in response to the authorization request, where the certificate of authority signed by the recipient using the private key of the recipient, and the definition of the link ID of the recipient and the link ID of the sender.

16. The method according to clause 15, where the certificate of authority, in addition, specifies the authorization of the shipment, which indicates that the sender is authorized to sign the certificate of authority the second sender, then the receiver will receive a communication message from a second sender.

17. The method according to item 12, which, in addition, includes:
receiving the authorization request from the sender, where the authorization request signed by the sender using the private encryption key of the sender, and determining what their ID communication domain, the link ID of the sender and the public key of the sender, and
the sending of the certificate of authority of the recipient and the sender in response to the authorization request, where the certificate specifies the identifier of the communication domain and the link ID of the sender.

18. A data carrier having computer readable code part programs stored therein for implementing a method of controlling the reception of the communication message to the recipient according to any one of p-17.

19. The network object to control the reception of the communication of the message recipient, which includes:
the processor is able to determine whether the communication message is cryptographically with the certificate authority, by determining whether the message sender using the private encryption key of the sender,
moreover, the processor can also determine whether the certificate authority using the private encryption key of the recipient and/or a trusted party,
so the processor transmits the communication message to a recipient, if the communication message is cryptographically associated with the certificate authority, and if the certificate of authority signed using the private encryption key of the recipient and/or relying party.

20. Network object according to claim 19, where the certificate of authority is the first certification is the ikat powers while the processor may also determine whether the communication message is cryptographically with the second certificate authority; and the processor may also determine whether there is an unbroken chain between the second certificate authority and the first certificate of authority signed by the recipient and/or the trusted party; and the processor transmits the communication message to a recipient, if the communication message is cryptographically associated with the second certificate authority, and if there is an unbroken chain between the second certificate authority and the first certificate of authority signed by the recipient and/or relying party.

21. Network object according to claim 19, where the processor is also capable of determining whether the person who has signed any of the certificates, powers of communication messages in the black list.



 

Same patents:

FIELD: physics; computer engineering.

SUBSTANCE: present invention includes an e-mail component and an identification request component. The e-mail component can receive e-mail messages and calculate associated probability that data of the e-mail message are spam. The identification request component sends an identification request to the e-mail message sender having the said probability greater than the first received value. The identification request component corrects the probability that the given e-mail message is spam at least partially based on the response to the identification request. The identification request can be an embedded code, a calculated identification request, an identification request requiring participation of a person, and/or micro-payment requirement.

EFFECT: invention provides detection of spam through identification requests.

31 cl, 13 dwg

FIELD: information technologies.

SUBSTANCE: radio communication method in code division multiple access system features the following: usage of the first code by user station is temporarily interrupted, and usage of the second code only is introduced, further usage of the first code is resumed depending on available transmission power which is at disposal for usage of the first code by user station. Network device for radio communications system contains facilities to receive messages transmitted using both the first and the second code, facility for determination of available transmission power.

EFFECT: keeping track of transmission conditions, using the first or the second transmission code depending on transmission power.

11 cl, 2 dwg

Message processing // 2369029

FIELD: information technology.

SUBSTANCE: invention relates to processing a message addressed to a client terminal. The method comprises stages on which a message, which is addressed to a client terminal, is received. The message contains information meant for a high level application, where the high level application is an application which is separate from a message exchange client. Option information, associated with the client terminal, is received and checked if it contains information on high level applications, which are supported by the client terminal, and action is taken in response to the checking stage.

EFFECT: client terminal contains a message exchange client, meant for processing messages.

33 cl, 6 dwg

FIELD: physics; computer engineering.

SUBSTANCE: present invention pertains to the method and system of preventing malicious use of electronic mail messages. The method involves breaking up the electronic mail message into its components, altering the structural component form (for example, structure, format and content) so as to conform it with general rules, every time the structural form of a component does not comply with the rules, and repeated composition of an electronic mail message from its components (in their last state). The rules pertain to the structure of electronic mail messages for preventing incorrectly formed structure of electronic mail messages, for preventing malicious use of electronic mail messages etc. If the structural form of a component cannot be identified, the component may not be included in repeated composition of the electronic mail message or may be included as it is.

EFFECT: prevention of malicious use of electronic mail messages using an unusual structure.

14 cl, 6 dwg

FIELD: physics; computer technology.

SUBSTANCE: invention relates to data exchange between client and server applications in computer networks, in particular, e-mail applications. E-mail server is capable to keep tabulated record of changes, which occur in folders stored in corresponding data storage device and to send notifications on the table contents change to e-mail client, which is a subscriber for this service. In return, the client sends a request to synchronise modified folders only.

EFFECT: improved efficiency of synchronisation of e-mail folders of client and server.

4 cl, 31 dwg

FIELD: information technologies.

SUBSTANCE: cooperative server-based invocation is run by e-mail. When user creates e-mail message with attachments, web-site for cooperative invocation is provided. Web-site for cooperative invocation allows to message receivers for cooperative attachment invocation. Thus user scores both advantage of cooperative e-mail attachment invocation usability, and advantages of server for cooperative invocation.

EFFECT: simplified system and cooperative server control method.

42 cl, 3 dwg

FIELD: information technology.

SUBSTANCE: this invention refers to the system and connection improvement method between the client and the server, particularly improved protocol that can be used for connection between the client and the server in email environment. The email server can provide the best message body available for the email message; transfer the data object in whole, if the requested property or properties are not completely defined in the data object; provide data considering loading process; send error info for the error containing data object. The email changes can be optimised on the email server component even if these changes appeared on the other email server component. The email server can support the table of changes appearing in the folders of the corresponding data bank and can notify the client email component about changes that appear in the table.

EFFECT: connection improvement between the client and the server.

14 cl, 31 dwg

FIELD: communication system, possible use for routing a message to a temporarily inaccessible network user.

SUBSTANCE: in accordance to the invention, subscription is imitated for network user registration status, if network user is listed as inaccessible. Then notification is generated, when network user registration status changes, to list condition, when network user is accessible again or when network user is registered again, and message is routed to network user in response to receipt of notification.

EFFECT: ensured awareness of subscriber about condition of connection or registration of network user.

4 cl, 4 dwg

FIELD: electronic mailing technologies.

SUBSTANCE: method for notification of user about receipt of electronic mail message by mail center, wherein information is stored, related to mail accounts, assigned to identifiers of decoder receivers, enables transfer of notification message in broadcast signal, while notification message includes at least additional portion of text of electronic mail message and identifier of decoder receiver targeted as destination for current notification message. Described transmission is realized by appropriate devices and decoder receivers.

EFFECT: decreased load of addressed transmission channel.

3 cl, 7 dwg

The invention relates to a device and method for providing service with a guaranteed frame rate (GSPC) ARP-switch

FIELD: electronic mailing technologies.

SUBSTANCE: method for notification of user about receipt of electronic mail message by mail center, wherein information is stored, related to mail accounts, assigned to identifiers of decoder receivers, enables transfer of notification message in broadcast signal, while notification message includes at least additional portion of text of electronic mail message and identifier of decoder receiver targeted as destination for current notification message. Described transmission is realized by appropriate devices and decoder receivers.

EFFECT: decreased load of addressed transmission channel.

3 cl, 7 dwg

FIELD: communication system, possible use for routing a message to a temporarily inaccessible network user.

SUBSTANCE: in accordance to the invention, subscription is imitated for network user registration status, if network user is listed as inaccessible. Then notification is generated, when network user registration status changes, to list condition, when network user is accessible again or when network user is registered again, and message is routed to network user in response to receipt of notification.

EFFECT: ensured awareness of subscriber about condition of connection or registration of network user.

4 cl, 4 dwg

FIELD: information technology.

SUBSTANCE: this invention refers to the system and connection improvement method between the client and the server, particularly improved protocol that can be used for connection between the client and the server in email environment. The email server can provide the best message body available for the email message; transfer the data object in whole, if the requested property or properties are not completely defined in the data object; provide data considering loading process; send error info for the error containing data object. The email changes can be optimised on the email server component even if these changes appeared on the other email server component. The email server can support the table of changes appearing in the folders of the corresponding data bank and can notify the client email component about changes that appear in the table.

EFFECT: connection improvement between the client and the server.

14 cl, 31 dwg

FIELD: information technologies.

SUBSTANCE: cooperative server-based invocation is run by e-mail. When user creates e-mail message with attachments, web-site for cooperative invocation is provided. Web-site for cooperative invocation allows to message receivers for cooperative attachment invocation. Thus user scores both advantage of cooperative e-mail attachment invocation usability, and advantages of server for cooperative invocation.

EFFECT: simplified system and cooperative server control method.

42 cl, 3 dwg

FIELD: physics; computer technology.

SUBSTANCE: invention relates to data exchange between client and server applications in computer networks, in particular, e-mail applications. E-mail server is capable to keep tabulated record of changes, which occur in folders stored in corresponding data storage device and to send notifications on the table contents change to e-mail client, which is a subscriber for this service. In return, the client sends a request to synchronise modified folders only.

EFFECT: improved efficiency of synchronisation of e-mail folders of client and server.

4 cl, 31 dwg

FIELD: physics; computer engineering.

SUBSTANCE: present invention pertains to the method and system of preventing malicious use of electronic mail messages. The method involves breaking up the electronic mail message into its components, altering the structural component form (for example, structure, format and content) so as to conform it with general rules, every time the structural form of a component does not comply with the rules, and repeated composition of an electronic mail message from its components (in their last state). The rules pertain to the structure of electronic mail messages for preventing incorrectly formed structure of electronic mail messages, for preventing malicious use of electronic mail messages etc. If the structural form of a component cannot be identified, the component may not be included in repeated composition of the electronic mail message or may be included as it is.

EFFECT: prevention of malicious use of electronic mail messages using an unusual structure.

14 cl, 6 dwg

Message processing // 2369029

FIELD: information technology.

SUBSTANCE: invention relates to processing a message addressed to a client terminal. The method comprises stages on which a message, which is addressed to a client terminal, is received. The message contains information meant for a high level application, where the high level application is an application which is separate from a message exchange client. Option information, associated with the client terminal, is received and checked if it contains information on high level applications, which are supported by the client terminal, and action is taken in response to the checking stage.

EFFECT: client terminal contains a message exchange client, meant for processing messages.

33 cl, 6 dwg

FIELD: information technologies.

SUBSTANCE: radio communication method in code division multiple access system features the following: usage of the first code by user station is temporarily interrupted, and usage of the second code only is introduced, further usage of the first code is resumed depending on available transmission power which is at disposal for usage of the first code by user station. Network device for radio communications system contains facilities to receive messages transmitted using both the first and the second code, facility for determination of available transmission power.

EFFECT: keeping track of transmission conditions, using the first or the second transmission code depending on transmission power.

11 cl, 2 dwg

FIELD: physics; computer engineering.

SUBSTANCE: present invention includes an e-mail component and an identification request component. The e-mail component can receive e-mail messages and calculate associated probability that data of the e-mail message are spam. The identification request component sends an identification request to the e-mail message sender having the said probability greater than the first received value. The identification request component corrects the probability that the given e-mail message is spam at least partially based on the response to the identification request. The identification request can be an embedded code, a calculated identification request, an identification request requiring participation of a person, and/or micro-payment requirement.

EFFECT: invention provides detection of spam through identification requests.

31 cl, 13 dwg

FIELD: physics; communication.

SUBSTANCE: invention relates to exchange of messages. A system, terminal, method and carrier use a certificate of authorisation to grant a sender the authority to send a communication message to a recipient. The system for controlling reception of the message by the recipient includes a transmission terminal and reception terminal. The transmission terminal can send a communication message to the sender. The reception terminal can determine whether the communication message is cryptographically linked to the certificate of authorisation. Determination of whether a communication message is cryptographically linked to the certificate of authorisation can include determination of whether a communication message has been signed by the sender using a private encryption key.

EFFECT: receiver can quickly and easily determine whether to receive a message.

21 cl, 9 dwg

Up!