Secure method of termination of service notification

US 20070208942A1
Filed: 02/13/2006
Published: 09/06/2007
Est. Priority Date: 02/13/2006
Status: Active Grant

First Claim

Patent Images

1. A method for notifying a wireless client device of termination of at least one service provided to the client device by a server system through a wireless network, the server system being disposed within an enterprise network having access to the wireless network, the method comprising the steps of:

during a provisioning operation carried out between the server system and the client device over a secure private channel, establishing authentication data and notification data, sending the authentication data to the client device for storage in non-volatile memory within the client device, and storing the notification data at the server system, wherein the notification data is related to the authentication data;

establishing said service provided to said client device by said server system;

identifying termination of said service provided to said client device by said server system; and

transmitting said notification data to said client device when said termination of said service is identified, wherein said client device may authenticate said notification data received from the sever system on the basis of the stored authentication data and the relationship between the notification data and the authentication data, and wherein said provisioning operation includes establishing an encryption process for communications between the client device and the server system, and wherein the service is carried out at least substantially through encrypted communications, and wherein said step of identifying includes receiving an encrypted packet from the client device, attempting decryption of the encrypted packet at said server system, and determining that said decryption failed.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for notifying a client device of termination of at least one service provided to the client device by a server system within an enterprise network is disclosed. The method includes the step of establishing authentication data and notification data, where the authentication data is related to the notification data, and sending the authentication data to the client device for storage during a provisioning operation. When the server system identifies a termination of service, it sends the notification data to the client device, which may then authenticate the received notification data using the authentication data.

41 Citations

View as Search Results

20 Claims

1. A method for notifying a wireless client device of termination of at least one service provided to the client device by a server system through a wireless network, the server system being disposed within an enterprise network having access to the wireless network, the method comprising the steps of:
- during a provisioning operation carried out between the server system and the client device over a secure private channel, establishing authentication data and notification data, sending the authentication data to the client device for storage in non-volatile memory within the client device, and storing the notification data at the server system, wherein the notification data is related to the authentication data;
  
  establishing said service provided to said client device by said server system;
  
  identifying termination of said service provided to said client device by said server system; and
  
  transmitting said notification data to said client device when said termination of said service is identified, wherein said client device may authenticate said notification data received from the sever system on the basis of the stored authentication data and the relationship between the notification data and the authentication data, and wherein said provisioning operation includes establishing an encryption process for communications between the client device and the server system, and wherein the service is carried out at least substantially through encrypted communications, and wherein said step of identifying includes receiving an encrypted packet from the client device, attempting decryption of the encrypted packet at said server system, and determining that said decryption failed.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method as claimed in claim 1, wherein said secure private channel includes a wired connection between said client device and said enterprise network.
  - 3. The method as claimed in claim 1 wherein said notification data is transmitted over a non-encrypted channel.
  - 4. The method as claimed in claim 1 wherein the step of obtaining said information is carried out within said enterprise network.
  - 5. The method as claimed in claim 1 wherein said notification data includes a termination of service packet, and wherein said authentication data includes one or more termination of service packets to be compared to said notification data.
  - 6. The method as claimed in claim 1, wherein said notification data includes an encoded termination of service packet that may be decoded using said authentication data.
  - 7. The method as claimed in claim 1 wherein said step of identifying termination of said service includes identifying that said client device has been disassociated with said server system and has been registered with another server system.
  - 8. The method as claimed in claim 1 wherein said notification data is specific to both said service and said client device.
  - 9. The method as claimed in claim 1, wherein the service includes an email forwarding service, and wherein the client device is associated with the server system.
  - 10. The method as claimed in claim 1, further including the step of authenticating said notification data by deriving authentication data from said notification data and comparing said derived authentication data with said stored authentication data.

11. A system comprising:
- at least one client device, including non-volatile memory storing authentication data;
  
  an enterprise network including a server system in communication with said client device through a wireless network to provide at least one service to the client device, said server system including a termination of service (ToS) notifier for identifying termination of said service; and
  
  a provisioning component within said server system for establishing said authentication data and notification data, sending said authentication data to the client device, and storing the notification data within the server system, wherein said ToS notifier transmits said notification data to said client device if said ToS notifier identifies that said service has been terminated, and wherein the notification data is related to the authentication data and said client device includes an authentication component for authenticating the received notification data on the basis of the stored authentication data and the relationship between the notification data and the authentication data, and wherein said authentication data and said notification data are established during a communications provisioning process between said client device and said server system managed by said provisioning component, and wherein said provisioning component sends said authentication data to the client device over a secure private channel, and wherein said provisioning component establishes encryption keys for use in encrypting service-related communications between the client device and the server system, and wherein the service is carried out at least substantially through encrypted communications, and wherein said server system receives an encrypted packet from the client device, attempts decryption of the encrypted packet at said server system, and informs the ToS notifier that said decryption failed.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The system as claimed in claim 11 wherein said service is a messaging-related service and said client device includes a processor configured to implement a messaging client.
  - 13. The system as claimed in claim 12 wherein said client device further includes a storage storing service interface code accessible to said messaging client and providing information concerning said messaging related service, and wherein said service interface code contains an association with said server system.
  - 14. The system as claimed in claim 11 wherein said notification data is encoded, and wherein said client device includes a decoder for decoding said notification data to derive said authentication data.
  - 15. The system as claimed in claim 14, wherein said notification data includes an encoded termination of service packet and wherein said encoded termination of service packet may be decoded using said authentication data.
  - 16. The system as claimed in claim 11 wherein said ToS notifier identifies termination of said service based upon a determination that said client device has been disassociated with said server system and has been registered with another server system.

17. A computer program product comprising a computer readable medium storing computer executable instructions method for notifying a wireless client device of termination of at least one service provided to the client device by a server system through a wireless network, the server system being disposed within an enterprise network having access to the wireless network, the computer executable instructions comprising:
- computer executable code for establishing authentication data and notification data, sending the authentication data to the client device over a secure private channel during a provisioning operation for storage in non-volatile memory within the client device, and storing the notification data at the server system, wherein the notification data is related to the authentication data;
  
  computer executable code for establishing said service provided to said client device by said server system;
  
  computer executable code for identifying termination of said service provided to said client device by said server system; and
  
  computer executable code for transmitting said notification data to said client device when said termination of said service is identified, wherein said client device may authenticate said notification data received from the sever system on the basis of the stored authentication data and the relationship between the notification data and the authentication data, and wherein said provisioning operation includes establishing an encryption process for communications between the client device and the server system, and wherein the service is carried out at least substantially through encrypted communications, and wherein said code for identifying includes code for receiving an encrypted packet from the client device, attempting decryption of the encrypted packet at said server system, and determining that said decryption failed.
- View Dependent Claims (18, 19, 20)
- - 18. The computer program product claimed in claim 17, wherein said secure private channel includes a wired connection between said client device and said enterprise network.
  - 19. The computer program product as claimed in claim 17, wherein said notification data includes an encoded termination of service packet that may be decoded using said authentication data.
  - 20. The computer program product claimed in claim 17, wherein the service includes an email forwarding service, and wherein the client device is associated with the server system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
May, Darrell

Granted Patent

US 7,802,097 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/171
CPC Class Codes

H04L 12/1859   adapted to provide push ser...

H04L 51/58   Message adaptation for wire...

H04L 63/0428   wherein the data content is...

H04L 63/062   for key distribution, e.g. ...

H04L 63/08   for authentication of entit...

H04L 63/126   the source of the received ...

H04L 63/18   using different networks or...

H04L 69/329   in the application layer [O...

H04L 9/08   Key distribution or managem...

H04L 9/32   including means for verifyi...

H04W 12/04   Key management, e.g. using ...

H04W 12/10   Integrity

H04W 12/35   Protecting application or s...

H04W 4/00   Services specially adapted ...

H04W 68/00   User notification, e.g. ale...

H04W 76/30   Connection release

Secure method of termination of service notification

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

41 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure method of termination of service notification

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

41 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links