CLIENT SERVER DISTRIBUTED SYSTEM, SERVER APPARATUS, CLIENT APPARATUS, AND INTER-CLIENT RTP ENCRYPTING METHOD USED FOR THEM

US 20080025516A1
Filed: 07/23/2007
Published: 01/31/2008
Est. Priority Date: 07/28/2006
Status: Active Grant

First Claim

Patent Images

1. A client-server type distributed system corresponding to the SIP (Session Initiation Protocol) connected to the Internet/intranet/LAN (Local Area Network), wherein when authentification between SIP-protocol-coping client apparatuses and an SIP-protocol-coping server apparatus is completed, and an RTP (Real-time Transport Protocol) connection between the client apparatuses is an SIP call connection through the server apparatus,the server apparatus comprises:

means for setting at least one type of RTP encrypting information used in an RTP packet transmission/reception to each unit of the client apparatuses and managing the RTP encrypting information as the encrypting capability information of the client apparatuses;

means for determining one type of RTP encrypting information used between the client apparatuses each time an RTP communication occurs between the client apparatuses; and

means for notifying the client apparatuses of the RTP encrypting information, andeach of the client apparatuses comprises;

means for receiving and setting RTP encrypting information used in an RTP packet transmission/reception to other client apparatus; and

a function for encrypting an RTP packet and transmitting the RTP packet to confronting client apparatuses in the P2P (Peer-to-Peer) between the client apparatuses in the RTP communication according to the RTP encrypting information received from the server apparatus as well as for receiving the encrypted RTP packet from the confronting client apparatuses and decrypting the encrypted RTP.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

When an SIP interface unit of a server apparatus receives an SIP message for call connection from a client apparatus and an SIP message analyzing unit can confirm that the SIP message is normal, a call controller recognizes that an RTP communication is carried out between the client apparatus and another client apparatus and instructs an encrypting capability management unit to determine RTP encrypting information which is used between the client apparatuses. The encrypting capability management unit determines the RTP encrypting information between these client apparatuses based on the instruction. With this arrangement, there can be provided a client-server distributed system that can realize an encrypting security function without requiring a certificate authentification function at a low cost in order to deliver an encrypting key as well as without necessity of holding or managing a certificate and preparing an authenticating server in a system.

30 Citations

View as Search Results

42 Claims

1. A client-server type distributed system corresponding to the SIP (Session Initiation Protocol) connected to the Internet/intranet/LAN (Local Area Network), wherein when authentification between SIP-protocol-coping client apparatuses and an SIP-protocol-coping server apparatus is completed, and an RTP (Real-time Transport Protocol) connection between the client apparatuses is an SIP call connection through the server apparatus,the server apparatus comprises:
- means for setting at least one type of RTP encrypting information used in an RTP packet transmission/reception to each unit of the client apparatuses and managing the RTP encrypting information as the encrypting capability information of the client apparatuses;
  
  means for determining one type of RTP encrypting information used between the client apparatuses each time an RTP communication occurs between the client apparatuses; and
  
  means for notifying the client apparatuses of the RTP encrypting information, andeach of the client apparatuses comprises;
  
  means for receiving and setting RTP encrypting information used in an RTP packet transmission/reception to other client apparatus; and
  
  a function for encrypting an RTP packet and transmitting the RTP packet to confronting client apparatuses in the P2P (Peer-to-Peer) between the client apparatuses in the RTP communication according to the RTP encrypting information received from the server apparatus as well as for receiving the encrypted RTP packet from the confronting client apparatuses and decrypting the encrypted RTP.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 2. A client-server type distributed system according to claim 1 in the RTP communication encrypting system between the client apparatuses, wherein:
    - the RTP encrypting information includes at least the presence or absence of encrypting and the encrypting rule of an RTP packet that can be input from the outside and the encrypting key of an RTP packet that cannot be input from the outside; and
      
      the encrypting capability information includes at least the presence or absence of the RTP packet that can be input from the outside and an encrypting rule list having the priority order information of at least the presence or absence of encrypting and a plurality of encrypting rules that can be used in the RTP communication.
  - 3. A client-server type distributed system according to claim 1 or 2 in the RTP communication encrypting system between the client apparatuses, wherein,each of the client apparatuses comprises:
    - means for managing the presence or absence of encrypting and the priority order of the encrypting rules used in the RTP communication as RTP encrypting capability information; and
      
      means for previously notifying the server apparatus of the RTP encrypting capability information of the client apparatus, andthe server apparatus comprises;
      
      a function for comparing the RTP encrypting capability information received from the client apparatus with the RTP encrypting information held by the server apparatus and editing the RTP encrypting capability information; and
      
      a function for selecting the presence or absence of encrypting of an RTP packet and an encrypting rule to be used to encrypting from the RTP encrypting capability information of each of the confronting client apparatuses when an RTP call connection is carried out, determining the RTP encrypting information by creating encrypting key at random, and notifying the client apparatus of the determined RTP encrypting information.
  - 4. A client-server type distributed system according to claim 1 or 2, wherein when the transmission/reception of an SIP message between the server apparatus and the client apparatuses in the RTP communication encrypting system between the client apparatuses can be carried out as a bi-directional communication by encrypting the SIP message according to the SIP message encrypting information set to both the server apparatus and the client apparatuses,the server apparatus comprises a function for encrypting at least the encrypting keys of the RTP encrypting information in call control SIP message data including the RTP encrypting information to be notified to the client apparatuses, andeach of the client apparatuses comprises means for reading out and decrypting the RTP encrypting information that is encrypted from the SIP message received from the server apparatus and setting the decrypted RTP encrypting information.
  - 5. A client-server type distributed system according to claim 1 or 2 in the RTP communication encrypting system between the client apparatuses, wherein,the SIP message encrypting information includes at least the encrypting rule and the encrypting keys;
    - andthe RTP encrypting information set to the client apparatuses and the server apparatus is set independently of the SIP message encrypting information.
  - 6. A client-server type distributed system according to claim 1 or 2 in the RTP communication encrypting system between the client apparatuses, wherein,the RTP encrypting information from the server apparatus to the client apparatuses can be set to each call.
  - 7. A client-server type distributed system according to claim 1 or 2 in the RTP communication encrypting system between the client apparatuses, wherein,the RTP encrypting information from the server apparatus to the client apparatuses can be set and changed at a predetermined cycle.
  - 8. A client-server type distributed system according to claim 1 or 2 in the RTP communication encrypting system between the client apparatuses, wherein,the RTP encrypting information from the server apparatus to the client apparatuses can be set and changed at an arbitrary timing by any of an input from a maintenance console connected to any of the server apparatus and the client apparatuses and an input made by manipulating the external interface buttons of the client apparatuses.
  - 9. A client-server type distributed system according to claim 1 or 2 in the RTP communication encrypting system between the client apparatuses, wherein,the server apparatus comprises means for inputting and setting the presence or absence of encrypting and the priority order of the encrypting rules to be used for encrypting of each of the client apparatuses from the outside as RTP encrypting capability information.
  - 10. A client-server type distributed system according to claim 1 or 2 in the RTP communication encrypting system between the client apparatuses, wherein,each of the client apparatuses comprises:
    - means for displaying an encrypting rule that can be used for encrypting to the outside; and
      
      means for inputting and setting the presence or absence of encrypting and the priority order of the encrypting rules used for encrypting from the outside as the RTP encrypting capability information.
  - 11. A client-server type distributed system according to claim 1 or 2 in the RTP communication encrypting system between the client apparatuses, wherein,each of the client apparatuses includes a plurality of encrypting rules that can be used by the client apparatuses.
  - 12. A client-server type distributed system according to any one of claims 1 to 3 in the RTP communication encrypting system between the client apparatuses, wherein,the server apparatus comprises a function for selecting, when there are a plurality of encrypting rules that can be selected to determine the RTP encrypting information, the encrypting rules according to a priority order previously set to the server apparatus or at random.
  - 13. A client-server type distributed system according to any one of claims 1 to 3 in the RTP communication encrypting system between the client apparatuses, wherein,the server apparatus comprises a function for causing, when a communication without RTP encrypting is selected between the client apparatuses as a result of determination of the RTP encrypting information, an RTP call connection to fail so that an RTP communication is not carried out between the client apparatuses.
  - 14. A client-server type distributed system according to claim 13 in the RTP communication encrypting system between the client apparatuses, wherein,the server apparatus comprises a function for setting, when the communication without RTP encrypting is selected between the client apparatuses as a result of determination of the RTP encrypting information, any of execution of the RTP communication without RTP encrypting and unexecution of the RTP communication resulting from that the RTP call connection is caused to fail to the server apparatus from the outside.
  - 15. A client-server type distributed system according to claim 1 or 2 in the RTP communication encrypting system between the client apparatuses, wherein,each of the client apparatuses comprises:
    - an encrypting state display function for displaying an encrypting state; and
      
      a function for displaying that an RTP encrypting communication is being carried out while the RTP encrypting communication is being carried out.
  - 16. A client-server type distributed system according to claim 1 or 2 in the RTP communication encrypting system between the client apparatuses, wherein,each of the client apparatuses comprises:
    - an encrypting state display function for displaying an encrypting state; and
      
      a function for displaying an alarm for warning that an RTP communication without encrypting is being carried out while the RTP communication without encrypting is being carried out.
  - 17. A client-server type distributed system according to claim 15 or 16 in the RTP communication encrypting system between the client apparatuses, wherein,each of the client apparatuses comprises a function for carrying out, when the server apparatus determines a communication without RTP encrypting and instructs the RTP communication without encrypting to the client apparatus at the start of an RTP communication, a display for requesting permission of start of the RTP communication without encrypting to the client apparatus;
    - anda function for inputting a permission of start of the RTP communication from the outside and notifying the server apparatus of the permission of start of the RTP communication, andthe server apparatus comprises a function for causing, when all the client apparatuses, which are in an RTP connection in response to a received permission for start of the RTP communication, are permitted to carry out the RTP communication, the server apparatus to start the RTP communication as well as, when any of the client apparatuses, which are in RTP connection, is not permitted to carry out the RTP communication, for causing the client apparatus to fail an RTP call connection so that the client apparatus does not carry out the RTP communication.
  - 18. A client-server type distributed system according to claim 1 or 2 in the RTP communication encrypting system between the client apparatuses, wherein when the client apparatus simultaneously carries out an RTP communication to a plurality of RTP communication confronting apparatuses, a different type of RTP encrypting information can be set to each of the RTP communication confronting apparatuses.
  - 19. A client-server type distributed system according to any one of claims 1, 2, and 4 in the RTP communication encrypting system between the client apparatuses, wherein the RTP encrypting information and the SIP message encrypting information, which are set to the client apparatuses and the server apparatus, can be set and changed at an independent timing.
  - 20. A server apparatus according to any one of claims 1 to 19.
  - 21. An client apparatus according to any one of claims 1 to 19.

22. An inter-client RTP (Real-time Transport Protocol) encrypting method used for a client-server type distributed system corresponding to the SIP (Session Initiation Protocol) connected to the Internet/intranet/LAN (Local Area Network), wherein when authentification between SIP-protocol-coping client apparatuses and an SIP-protocol-coping server apparatus is completed, and an RTP (Real-time Transport Protocol) connection between the client apparatuses is an SIP call connection through the server apparatus,the server apparatus carries out:
- a processing for setting at least one type of RTP encrypting information used in an RTP packet transmission/reception to each unit of the client apparatuses and managing said at least one type of RTP encrypting information as the encrypting capability information of the client apparatuses;
  
  a processing for determining one type of RTP encrypting information used between the client apparatuses each time an RTP communication occurs between the client apparatuses; and
  
  means for notifying the client apparatuses of the RTP encrypting information, andeach of the client apparatuses carries out;
  
  a processing for receiving and setting RTP encrypting information used in an RTP packet transmission/reception to other client apparatus; and
  
  a processing for encrypting an RTP packet and transmitting the RTP packet to confronting client apparatuses in the P2P (Peer-to-Peer) between the client apparatuses in the RTP communication according to the RTP encrypting information received from the server apparatus as well as for receiving the encrypted RTP packet from the confronting client apparatuses and decrypting the encrypted RTP packet.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 23. An inter-client RTP encrypting method according to claim 22 in the RTP communication encrypting system between the client apparatuses, wherein:
    - the RTP encrypting information includes at least the presence or absence of encrypting and the encrypting rule of an RTP packet that can be input from the outside and the encrypting key of an RTP packet that cannot be input from the outside; and
      
      the encrypting capability information includes at least the presence or absence of the RTP packet that can be input from the outside and an encrypting rule list having the priority order information of at least the presence or absence of encrypting and a plurality of encrypting rules that can be used in the RTP communication.
  - 24. An inter-client RTP encrypting method according to claim 22 or 23 in the RTP communication encrypting system between the client apparatuses, wherein,each of the client apparatuses carries out:
    - a processing for managing the presence or absence of encrypting and the priority order of the encrypting rules used in the RTP communication as RTP encrypting capability information; and
      
      a processing for previously notifying the server apparatus of the RTP encrypting capability information of the client apparatus, andthe server apparatus carries out;
      
      a processing for comparing the RTP encrypting capability information received from the client apparatus with the RTP encrypting information held by the server apparatus and editing the RTP encrypting capability information; and
      
      a processing for selecting the presence or absence of encrypting of an RTP packet and an encrypting rule to be used to encrypting from the RTP encrypting capability information of each of the confronting client apparatuses when an RTP call connection is carried out, determining the RTP encrypting information by creating encrypting key at random, and notifying the client apparatus of the determined RTP encrypting information.
  - 25. An inter-client RTP encrypting method according to claim 22 or 23, wherein when the transmission/reception of an SIP message between the server apparatus and the client apparatuses in the RTP communication encrypting system between the client apparatuses can be carried out as a bi-directional communication by encrypting the SIP message according to the SIP message encrypting information set to both the server apparatus and the client apparatuses,the server apparatus carries out a processing for encrypting at least the encrypting keys of the RTP encrypting information in call control SIP message data including the RTP encrypting information to be notified to the client apparatuses, andeach of the client apparatuses carries out a processing for reading out and decrypting the RTP encrypting information that is encrypted from the SIP message received from the server apparatus and setting the decrypted RTP encrypting information.
  - 26. An inter-client RTP encrypting method according to claim 22 or 23 in the RTP communication encrypting system between the client apparatuses, wherein,the SIP message encrypting information includes at least the encrypting rule and the encrypting keys;
    - andthe RTP encrypting information set to the client apparatuses and the server apparatus is set independently of the SIP message encrypting information.
  - 27. An inter-client RTP encrypting method according to claim 22 or 23 in the RTP communication encrypting system between the client apparatuses, wherein,the RTP encrypting information from the server apparatus to the client apparatuses can be set to each call.
  - 28. An inter-client RTP encrypting method according to claim 22 or 23 in the RTP communication encrypting system between the client apparatuses, wherein,the RTP encrypting information from the server apparatus to the client apparatuses can be set and changed at a predetermined cycle.
  - 29. An inter-client RTP encrypting method according to claim 22 or 23 in the RTP communication encrypting system between the client apparatuses, wherein,the RTP encrypting information from the server apparatus to the client apparatuses can be set and changed at an arbitrary timing by any of an input from a maintenance console connected to any of the server apparatus and the client apparatuses and an input made by manipulating the external interface buttons of the client apparatuses.
  - 30. An inter-client RTP encrypting method according to claim 22 or 23 in the RTP communication encrypting system between the client apparatuses, wherein,the server apparatus carries out a processing for inputting and setting the presence or absence of encrypting and the priority order of the encrypting rules to be used for encrypting of each of the client apparatuses from the outside as RTP encrypting capability information.
  - 31. An inter-client RTP encrypting method according to claim 22 or 23 in the RTP communication encrypting system between the client apparatuses, wherein,each of the client apparatuses carries out:
    - a processing for displaying an encrypting rule that can be used for encrypting to the outside; and
      
      a processing for inputting and setting the presence or absence of encrypting and the priority order of the encrypting rules used for encrypting from the outside as the RTP encrypting capability information.
  - 32. An inter-client RTP encrypting method according to claim 22 or 23 in the RTP communication encrypting system between the client apparatuses, wherein,each of the client apparatuses includes a plurality of encrypting rules that can be used by the client apparatus.
  - 33. An inter-client RTP encrypting method according to any one of claims 22 to 24 in the RTP communication encrypting system between the client apparatuses, wherein,the server apparatus carries out a processing for selecting, when there are a plurality of encrypting rules that can be selected to determine the RTP encrypting information, the encrypting rules according to a priority order previously set to the server apparatus or at random.
  - 34. An inter-client RTP encrypting method according to any one of claims 22 to 24 in the RTP communication encrypting system between the client apparatuses, wherein,the server apparatus carries out a processing for causing, when a communication without RTP encrypting is selected between the client apparatuses as a result of determination of the RTP encrypting information, an RTP call connection to fail so that an RTP communication is not carried out between the client apparatuses.
  - 35. An inter-client RTP encrypting method according to claim 34 in the RTP communication encrypting system between the client apparatuses, wherein,the server apparatus carries out a processing for setting, when the communication without RTP encrypting is selected between the client apparatuses as a result of determination of the RTP encrypting information, any of execution of the RTP communication without RTP encrypting and unexecution of the RTP communication resulting from that the RTP call connection is caused to fail to the server apparatus from the outside.
  - 36. An inter-client RTP encrypting method according to claim 22 or 23 in the RTP communication encrypting system between the client apparatuses, wherein,each of the client apparatuses carries out:
    - an encrypting state display processing for displaying an encrypting state; and
      
      a processing for displaying that an RTP encrypting communication is being carried out while the RTP encrypting communication is being carried out.
  - 37. An inter-client RTP encrypting method according to claim 22 or 23 in the RTP communication encrypting system between the client apparatuses, wherein,each of the client apparatuses carries out:
    - an encrypting state display processing for displaying an encrypting state; and
      
      a processing for displaying an alarm for warning that an RTP communication without encrypting is being carried out while the RTP communication without encrypting is being carried out.
  - 38. An inter-client RTP encrypting method according to claim 36 or 37 in the RTP communication encrypting system between the client apparatuses, wherein,each of the client apparatuses carries out a display processing, when the server apparatus determines a communication without RTP encrypting and instructs the RTP communication without encrypting to the client apparatus at the start of an RTP communication, to request permission of start of the RTP communication without encrypting to the client apparatus;
    - anda processing for inputting a permission of start of the RTP communication from the outside and notifying the server apparatus of the permission of start of the RTP communication, andthe server apparatus carries out a processing for causing, when all the client apparatuses, which are in an RTP connection in response to a received permission for start of the RTP communication, are permitted to carry out the RTP communication, the server apparatus to start the RTP communication as well as, when any of the client apparatuses, which are in RTP connection, is not permitted to carry out the RTP communication, for causing the client apparatus to fail an RTP call connection so that the client apparatus does not carry out the RTP communication.
  - 39. An inter-client RTP encrypting method according to claim 22 or 23 in the RTP communication encrypting system between the client apparatuses, wherein when the client apparatus simultaneously carries out an RTP communication to a plurality of RTP communication confronting apparatuses, a different type of RTP encrypting information can be set to each of the RTP communication confronting apparatuses.
  - 40. An inter-client RTP encrypting method according to any one of claims 22, 23, and 25 in the RTP communication encrypting system between the client apparatuses, wherein the RTP encrypting information and the SIP message encrypting information, which are set to the client apparatuses and the server apparatus, can be set and changed at an independent timing.

41. A computer program product carried out by an SIP-protocol-coping server apparatus (Session Initiation Protocol) in a client-server type distributed system corresponding to the SIP connected to The Internet/intranet/LAN (Local Area Network), wherein when authentification between SIP-protocol-coping client apparatuses and the SIP-protocol-coping server apparatus is completed, and an RTP (Real-time Transport Protocol) connection between the client apparatuses is an SIP call connection through the server apparatus, wherein the computer program product causes a central processing unit of the server apparatus to carry out:
- a processing for setting at least one type of RTP encrypting information used in an RTP packet transmission/reception to each unit of the client apparatuses and managing the client aparatus as the encrypting capability information of the client apparatuses;
  
  a processing for determining one type of RTP encrypting information used between the client apparatuses each time an RTP communication occurs between the client apparatuses; and
  
  a processing for notifying the client apparatuses of the RTP encrypting information.

42. A computer program product carried out by SIP-protocol-coping client apparatuses (Session Initiation Protocol) in a client-server type distributed system corresponding to the SIP connected to the Internet/intranet/LAN (Local Area Network), wherein when authentification between the SIP-protocol-coping client apparatuses and an SIP-protocol-coping server apparatus is completed, and an RTP (Real-time Transport Protocol) connection between the client apparatuses is an SIP call connection through the server apparatus, wherein the computer program product causes a central processing unit of each of the client apparatuses to carry outa processing for receiving and setting RTP encrypting information used in an RTP packet transmission/reception to other client apparatus;
- anda processing for encrypting an RTP packet and transmitting the RTP packet to confronting client apparatuses in the P2P (Peer-to-Peer) between the client apparatuses in the RTP communication according to the RTP encrypting information received from the server apparatus as well as for receiving the encrypted RTP packet from the confronting client apparatuses and decrypting the encrypted RTP packet.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NEC Platforms, Ltd. (NEC Corporation)
Original Assignee
NEC Infrontia Corporation (NEC Corporation)
Inventors
WATANABE, Yasuhiro, MASUHIRO, Mao

Granted Patent

US 7,965,846 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/279
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/0823   using certificates cryptogr...

H04L 63/166   at the transport layer

H04L 65/1104   Session initiation protocol...

H04L 65/65   Network streaming protocols...

CLIENT SERVER DISTRIBUTED SYSTEM, SERVER APPARATUS, CLIENT APPARATUS, AND INTER-CLIENT RTP ENCRYPTING METHOD USED FOR THEM

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

30 Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

CLIENT SERVER DISTRIBUTED SYSTEM, SERVER APPARATUS, CLIENT APPARATUS, AND INTER-CLIENT RTP ENCRYPTING METHOD USED FOR THEM

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links