Selective Encryption in Broker-Based Messaging Systems and Methods

US 20110040973A1
Filed: 08/13/2009
Published: 02/17/2011
Est. Priority Date: 08/13/2009
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

transmitting, by a software application subsystem, a request to an encryption services subsystem to route a message generated by an originating software application to a recipient software application through a message broker subsystem;

acquiring, by the software application subsystem, data representative of a current encryption configuration of the message broker subsystem from the encryption services subsystem in response to the request; and

determining, by the software application subsystem, during a run time of the originating software application whether to encrypt the message before the message is transmitted to the message broker subsystem for routing to the recipient software application, the determination based at least in part on the current encryption configuration of the message broker subsystem.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An exemplary method includes transmitting, by a software application subsystem, a request to an encryption services subsystem to route a message generated by an originating software application to a recipient software application through a message broker subsystem, acquiring, by the software application subsystem, data representative of a current encryption configuration of the message broker subsystem from the encryption services subsystem in response to the request, and determining, by the software application subsystem, during a run time of the originating software application whether to encrypt the message before the message is transmitted to the message broker subsystem for routing to the recipient software application, the determination based at least in part on the current encryption configuration of the message broker subsystem. Corresponding methods and systems are also disclosed.

24 Citations

View as Search Results

25 Claims

1. A method comprising:
- transmitting, by a software application subsystem, a request to an encryption services subsystem to route a message generated by an originating software application to a recipient software application through a message broker subsystem;
  
  acquiring, by the software application subsystem, data representative of a current encryption configuration of the message broker subsystem from the encryption services subsystem in response to the request; and
  
  determining, by the software application subsystem, during a run time of the originating software application whether to encrypt the message before the message is transmitted to the message broker subsystem for routing to the recipient software application, the determination based at least in part on the current encryption configuration of the message broker subsystem.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising encrypting and transmitting, by the software application subsystem, the message to the message broker subsystem if the data representative of the current encryption configuration indicates that the message broker subsystem is currently configured to accept encrypted messages.
  - 3. The method of claim 1, further comprising transmitting, by the software application subsystem, the message in cleartext to the message broker subsystem if the data representative of the current encryption configuration indicates that the message broker subsystem is not currently configured to accept encrypted messages.
  - 4. The method of claim 1, further comprising:
    - transmitting, by the software application subsystem, the message to the message broker subsystem;
      
      decrypting, by the message broker subsystem, the message if the message is in encrypted form;
      
      acquiring, by the message broker subsystem, data representative of a current encryption configuration of the recipient software application;
      
      determining, by the message broker subsystem, whether to encrypt the message before the message is routed to the recipient software application, the determination by the message broker subsystem based at least in part on the current encryption configuration of the recipient software application.
  - 5. The method of claim 4, further comprising:
    - encrypting and routing, by the message broker subsystem, the message to the recipient software application if the data representative of the current encryption configuration of the recipient software application indicates that the recipient software application is currently configured to accept encrypted messages.
  - 6. The method of claim 4, further comprising routing, by the message broker subsystem, the message in cleartext to the recipient software application if the data representative of the current encryption configuration of the recipient software application indicates that the recipient software application is not currently configured to accept encrypted messages.
  - 7. The method of claim 1, further comprising establishing, by the software application subsystem, a secure connection between the software application subsystem and the message broker subsystem if the data representative of the current encryption configuration indicates that the message broker subsystem is currently configured to accept encrypted messages.
  - 8. The method of claim 1, further comprising establishing, by the software application subsystem, a non-secure connection between the software application subsystem and the message broker subsystem if the data representative of the current encryption configuration indicates that the message broker subsystem is not currently configured to accept encrypted messages.
  - 9. The method of claim 1, further comprising determining, by the software application subsystem, to bypass encryption of the message if the software application subsystem and message broker subsystem are in the same subnet.
  - 10. The method of claim 1, further comprising updating, by the encryption services subsystem, the data representative of the current encryption configuration of the message broker subsystem in response to a change in the current encryption configuration of the message broker subsystem.

11. A method comprising:
- receiving, by a message broker subsystem, a message generated by an originating software application, the message comprising routing instructions directing the message broker subsystem to route the message to a recipient software application;
  
  acquiring, by the message broker subsystem, data representative of a current encryption configuration of the recipient software application from an encryption services subsystem; and
  
  determining, by the message broker subsystem, whether to encrypt the message before the message is routed to the recipient software application, the determination based at least in part on the current encryption configuration of the recipient software application.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The method of claim 11, further comprising encrypting and routing, by the message broker subsystem, the message to the recipient software application if the data representative of the current encryption configuration of the recipient software application indicates that the recipient software application is currently configured to accept encrypted messages.
  - 13. The method of claim 11, further comprising routing, by the message broker subsystem, the message in cleartext to the recipient software application if the data representative of the current encryption configuration indicates that the recipient software application is not currently configured to accept encrypted messages.
  - 14. The method of claim 11, further comprising:
    - updating, by the encryption services subsystem, the data representative of the current encryption configuration of the recipient software application in response to a change in the current encryption configuration of the recipient software application.
  - 15. The method of claim 11, wherein the message received by the message broker subsystem is encrypted, and wherein the method further comprises decrypting, by the message broker subsystem, the message to obtain routing information corresponding to the message.

16. A system comprising:
- a communication facility configured to communicate with a message broker subsystem and an encryption services subsystem; and
  
  a messaging facility selectively and communicatively coupled to the communication facility and configured todirect the communication facility to transmit a request to the encryption services subsystem to route a message generated by an originating software application to a recipient software application through the message broker subsystem,acquire data representative of a current encryption configuration of the message broker subsystem from the encryption services subsystem in response to the request, anddetermine during a run time of the originating software application whether to encrypt the message before the message is transmitted to the message broker subsystem for routing to the recipient software application, the determination based at least in part on the current encryption configuration of the message broker subsystem.

17. The system of 16, wherein the messaging facility is further configured to encrypt the message and direct the communication facility to transmit the encrypted message to the message broker subsystem if the data representative of the current encryption configuration indicates that the message broker subsystem is currently configured to accept encrypted messages.

18. The system of 16, wherein the messaging facility is further configured to direct the communication facility to transmit the message to the message broker subsystem as cleartext.

19. A system comprising:
- a routing facility configured to receive a message generated by an originating software application, the message comprising routing instructions directing the routing facility to route the message to a recipient software application;
  
  a messaging facility selectively and communicatively coupled to the routing facility and configured toacquire data representative of a current encryption configuration of the recipient software application from an encryption services subsystem, anddetermine whether to encrypt the message before the message is routed to the recipient software application, the determination based at least in part on the current encryption configuration of the recipient software application.

20. The system of 19, wherein the messaging facility is further configured to encrypt the message and direct the routing facility to route the encrypted message to the recipient software application if the data representative of the current encryption configuration indicates that the recipient software application is currently configured to accept encrypted messages.

21. The system of 19, wherein the messaging facility is further configured to direct the routing facility to route the message to the recipient software application as cleartext if the data representative of the current encryption configuration indicates that the recipient software application is not currently configured to accept encrypted messages.

22. A system comprising:
- a client having an originating software application residing thereon that generates a message to be routed to a recipient software application residing on another client;
  
  a message broker selectively and communicatively coupled to the client and configured to facilitate the routing of the message from the originating software application to the recipient software application; and
  
  an encryption services server selectively and communicatively coupled to the client and to the message broker, the encryption services server configured to maintain data representative of a current encryption configuration of the recipient software application and data representative of a current encryption configuration of the message broker;
  
  wherein the client is further configured toacquire the data representative of the current encryption configuration of the message broker from the encryption services server, anddetermine during a run time of the originating software application whether to encrypt the message before the message is transmitted to the message broker for routing to the recipient software application, the determination based at least in part on the current encryption configuration of the message broker.
- View Dependent Claims (23, 24, 25)
- - 23. The system of claim 22, wherein the client is further configured to encrypt and transmit the message to the message broker for routing to the recipient software application if the data representative of the current encryption configuration of the message broker indicates that the message broker is currently configured to accept encrypted messages.
  - 24. The system of claim 22, wherein the message broker comprises:
    - a first message broker corresponding to the originating software application; and
      
      a second message broker corresponding to the recipient software application;
      
      wherein the first message broker is configured to transmit the message to the second message broker; and
      
      wherein the second message broker is configured to route the message to the recipient software application.
  - 25. The system of claim 24, wherein the first message broker is configured to selectively encrypt the message before transmitting the message to the second message broker in accordance with a current encryption configuration of the second message broker.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Inventors
Nham, Ha Tam, Jonnagadla, Suresh, Gola, Shailender, Taylor, Lawrence, Daugherty, Robert

Granted Patent

US 8,788,824 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/170
CPC Class Codes

H04L 63/0428 wherein the data content is...

H04L 67/561 Adding application-function...

Selective Encryption in Broker-Based Messaging Systems and Methods

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

24 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Selective Encryption in Broker-Based Messaging Systems and Methods

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links