Systems and methods for enabling trusted communications between entities

US 10,404,472 B2
Filed: 05/05/2017
Issued: 09/03/2019
Est. Priority Date: 05/05/2016
Status: Active Grant

First Claim

Patent Images

1. A server for communicating with a device, comprising:

one or more hardware-based processors configured to;

receive an electronic communication from the device, the electronic communication being destined for the server and including data and a device signature, wherein the device signature is generated based on at least a first portion of the data using a private key associated with the device;

transmit the data and the device signature to a second server, wherein the second server, in response to receiving the data and the device signature;

(i) retrieves a public key associated with the device,(ii) verifies the device signature using the retrieved public key,(iii) causes generation of a second server signature based on at least a second portion of the data, and(iv) after verifying the device signature, transmits the data received from the server and the generated second server signature, and wherein the second server is different from the server and the device;

receive the data and the second server signature from the second server;

verify the second server signature using a public key associated with the second server; and

process the data received from the second server after verifying the second server signature.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are described that enable trusted communications between two entities. In one implementation, a server for communicating with a device may include one or more processors configured to receive data and a device signature from the device. The device signature may be generated based on at least a first portion of the data. One or more processors may be further configured to transmit the data and the device signature to a second server and receive a second server signature from the second server. The second server signature may be generated based on at least a second portion of the data and transmitted to the server after the second server verified the device signature. Further, one or more processors may be configured to verify the second server signature and process the data.

Citations

20 Claims

1. A server for communicating with a device, comprising:
- one or more hardware-based processors configured to;
  
  receive an electronic communication from the device, the electronic communication being destined for the server and including data and a device signature, wherein the device signature is generated based on at least a first portion of the data using a private key associated with the device;
  
  transmit the data and the device signature to a second server, wherein the second server, in response to receiving the data and the device signature;
  
  (i) retrieves a public key associated with the device,(ii) verifies the device signature using the retrieved public key,(iii) causes generation of a second server signature based on at least a second portion of the data, and(iv) after verifying the device signature, transmits the data received from the server and the generated second server signature, and wherein the second server is different from the server and the device;
  
  receive the data and the second server signature from the second server;
  
  verify the second server signature using a public key associated with the second server; and
  
  process the data received from the second server after verifying the second server signature.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The server of claim 1, wherein the second server signature is generated further based on the device signature.
  - 3. The server of claim 1, wherein the device signature is generated by the device and the second server signature is generated by the second server.
  - 4. The server of claim 1, wherein the second server, in response to receiving the device signature, verifies that the device and the server are active entities, and wherein the second server signature is transmitted destined for the server after verifying that the device and the server are active entities.
  - 5. The server of claim 1, wherein the second server, in response to receiving the device signature, verifies that the device is authorized to communicate with the server, and wherein the second server signature is transmitted destined for the server after verifying that the device is authorized to communicate with the server.
  - 6. The server of claim 1, wherein the one or more processors are further configured to:
    - obtain a server signature that is generated based on at least a third portion of the data; and
      
      transmit the server signature to the second server,wherein the second server, in response to receiving the server signature;
      
      verifies the server signature, andtransmits the second server signature after verifying the server signature.
  - 7. The server of claim 1, wherein the one or more processors are further configured to:
    - transmit the device signature and the data to a third server, wherein the third server, in response to receiving the device signature and the data;
      
      verifies the device signature,obtains a third server signature that is generated based on at least a third portion of the data, andtransmits the third server signature to the second server, andwherein the second server;
      
      verifies the third server signature, andtransmits the second server signature after verifying the third server signature.
  - 8. The server of claim 1, wherein the one or more processors are further configured to:
    - transmit the device signature and the data to a third server, wherein the third server, in response to receiving the device signature and the data;
      
      verifies the device signature,obtains a third server signature that is generated based on at least a third portion of the data, andtransmits the third server signature to the server;
      
      verify the third server signature; and
      
      process the data after verifying the third server signature.
  - 9. The server of claim 1, wherein the one or more processors are further configured to:
    - retrieve a second public key associated with the device; and
      
      verify the device signature using the second public key associated with the device, wherein the data is process after verifying the device signature.
  - 10. The server of claim 1, wherein the public key associated with the device is retrieved by the server from a first repository and by the second server from a second repository different from the first repository.

11. A method for communicating with a device by a server, comprising:
- receiving an electronic communication from the device, the electronic communication being destined for the server and including data and a device signature from the device, wherein the device signature is generated based on at least a first portion of the data using a private key associated with the device;
  
  transmitting the data and the device signature to a second server, wherein the second server, in response to receiving the data and the device signature;
  
  (i) retrieves a public key associated with the device,(ii) verifies the device signature using the retrieved public key,(iii) causes generation of a second server signature based on at least a second portion of the data, and(iv) after verifying the device signature, transmits the data received from the server and the generated second server signature, and wherein the second server is different from the server and the device;
  
  receiving the data and the second server signature from the second server;
  
  verifying the second server signature using a public key associated with the second server; and
  
  processing the data received from the second server after verifying the second server signature.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The method of claim 11, wherein the second server signature is generated further based on the device signature.
  - 13. The method of claim 11, wherein the device signature is generated by the device and the second server signature is generated by the second server.
  - 14. The method of claim 11, wherein the second server, in response to receiving the device signature, verifies that the device and the server are active entities, and wherein the second server signature is transmitted destined for the server after verifying that the device and the server are active entities.
  - 15. The method of claim 11, wherein the second server, in response to receiving the device signature, verifies that the device is authorized to communicate with the server, and wherein the second server signature is transmitted destined for the server after verifying that the device is authorized to communicate with the server.
  - 16. The method of claim 11, further comprising:
    - transmitting the device signature and the data to a third server, wherein the third server, in response to receiving the device signature and the data;
      
      verifies the device signature,obtains a third server signature that is generated based on at least a third portion of the data, andtransmits the third server signature to the second server; and
      
      the second server;
      
      verifies the third server signature, andtransmits the second server signature after verifying the third server signature.
  - 17. The method of claim 11, further comprising:
    - transmitting the device signature and the data to a third server, wherein the third server, in response to receiving the device signature and the data;
      
      verifies the device signature,obtains a third server signature that is generated based on at least a third portion of the data, andtransmits the third server signature to the server;
      
      verifying the third server signature; and
      
      processing the data after verifying the third server signature.
  - 18. The method of claim 11, further comprising:
    - retrieving the public key associated with the device; and
      
      verifying the device signature using the public key associated with the device, wherein the data is process after verifying the device signature.
  - 19. The method of claim 18, wherein the public key associated with the device is retrieved by the server from a first repository and by the second server from a second repository different from the first repository.

20. A non-transitory computer-readable storage medium storing instructions that when executed by a server cause the server to perform a method for communicating with a device, the method comprising:
- receiving an electronic communication from the device, the electronic communication being destined for the server and including data and a device signature from the device, wherein the device signature is generated based on at least a first portion of the data using a private key associated with the device;
  
  transmitting the data and the device signature to a second server, wherein the second server, in response to receiving the data and the device signature;
  
  (i) retrieves a public key associated with the device,(ii) verifies the device signature using the retrieved public key,(iii) causes generation of a second server signature based on at least a second portion of the data, and(iv) after verifying the device signature, transmits the data received from the server and the generated second server signature, and wherein the second server is different from the server and the device;
  
  receiving the data and the second server signature from the second server;
  
  verifying the second server signature using a public key associated with the second server; and
  
  processing the data received from the second server after verifying the second server signature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Neustar Incorporated
Original Assignee
Neustar Incorporated
Inventors
Knopf, Brian R.
Primary Examiner(s)
Abyaneh, Ali S

Application Number

US15/588,533
Publication Number

US 20170324564A1
Time in Patent Office

851 Days
Field of Search
US Class Current
CPC Class Codes

H04L 9/088   Usage controlling of secret...

H04L 9/14   using a plurality of keys o...

H04L 9/321   involving a third party or ...

H04L 9/3247   involving digital signatures

Systems and methods for enabling trusted communications between entities

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for enabling trusted communications between entities

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links