TECHNIQUES FOR PROVIDING SECURE COMMUNICATIONS AMONG CLIENTS WITH EFFICIENT CREDENTIALS MANAGEMENT

US 20110041167A1
Filed: 08/13/2010
Published: 02/17/2011
Est. Priority Date: 08/17/2009
Status: Abandoned Application

First Claim

Patent Images

1. A method for protecting communications among a plurality of clients, for use in a networked communication system comprising a server and the plurality of clients, the plurality of clients comprising at least a first client and a second client, the method comprising:

communicating, from the first client to the server, a request for a credential token for a communication between the first client and the second client;

selecting, by the server, the credential token for the communication between the first client and the second client;

communicating, from the server to each of the first client and the second client, the selected credential token; and

communicating, between the first client and the second client using security algorithms and information contained in the credential token received from the server.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, server and client for protecting communications among a plurality of clients, for use in a networked communication system comprising a server and the plurality of clients, the plurality of clients comprising at least a first client and a second client, are provided. The method includes communicating, from the first client to the server, a request for a credential token for a communication between the first client and the second client, selecting, by the server, the credential token for the communication between the first client and the second client, communicating, from the server to each of the first client and the second client, the selected credential token, and communicating, between the first client and the second client using security algorithms and information contained in the credential token received from the server.

28 Citations

View as Search Results

24 Claims

1. A method for protecting communications among a plurality of clients, for use in a networked communication system comprising a server and the plurality of clients, the plurality of clients comprising at least a first client and a second client, the method comprising:
- communicating, from the first client to the server, a request for a credential token for a communication between the first client and the second client;
  
  selecting, by the server, the credential token for the communication between the first client and the second client;
  
  communicating, from the server to each of the first client and the second client, the selected credential token; and
  
  communicating, between the first client and the second client using security algorithms and information contained in the credential token received from the server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the request for the credential token for the communication between the first client and the second client includes a real IDentifier (ID) of each of the first client and the second client.
  - 3. The method of claim 2, wherein the request for the credential token for the communication between the first client and the second client further includes a usage mode for the credential token.
  - 4. The method of claim 1, further comprising:
    - assigning, by the server, a temporary IDentifier (ID) to each the first client and the second client,wherein the selected credential token includes the temporary ID.
  - 5. The method of claim 1, wherein the credential token comprises at least one of a temporary IDentifier (ID) of the first client, a temporary ID of the second client, an encryption key, an encryption algorithm ID, an authentication key, an authentication algorithm ID, a token usage mode, a number of uses allowed, and a time limit.
  - 6. The method of claim 1, wherein if the credential token is compromised or if new security mechanisms are to be used, instructions to invalidate the credential token and request a new credential token is communicated from the server to each of the first client and the second client.
  - 7. The method of claim 1, wherein the server selects the credential token for the communication between the first client and the second client from a pool of credential tokens.
  - 8. The method of claim 7, further comprising:
    - generating, by the server, credential tokens for the pool of credential tokens.
  - 9. The method of claim 8, wherein credential tokens are generated for the pool of credential tokens on demand when a threshold of available tokens is reached, or during off-peak hours.

10. A server apparatus for protecting communications among a plurality of clients, for use in a networked communication system comprising the server and the plurality of clients, the plurality of clients comprising at least a first client and a second client, the apparatus comprising:
- a token server for receiving a request from a first client for a credential token for a communication between the first client and the second client, for selecting the credential token for the communication between the first client and the second client, and for transmitting the selected credential token to each of the first client and the second client.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The apparatus of claim 10, wherein the request for the credential token for the communication between the first client and the second client includes a real IDentifier (ID) of each of the first client and the second client.
  - 12. The apparatus of claim 11, wherein the request for the credential token for the communication between the first client and the second client further includes a usage mode for the credential token.
  - 13. The apparatus of claim 10, wherein the token server assigns a temporary IDentifier (ID) to each the first client and the second client, and wherein the selected credential token includes the temporary ID.
  - 14. The apparatus of claim 10, wherein the credential token comprises at least one of a temporary IDentifier (ID) of the first client, a temporary ID of the second client, an encryption key, an encryption algorithm ID, an authentication key, an authentication algorithm ID, a token usage mode, a number of uses allowed, and a time limit.
  - 15. The apparatus of claim 10, wherein the token server determines if the selected credential token is compromised or if new security mechanisms are to be used, and if the token server determines the selected credential token is compromised or if new security mechanisms are to be used, the token server transmits, to each of the first client and the second client, instructions to invalidate the credential token and request a new credential token.
  - 16. The apparatus of claim 10, further comprising a token pool for storing a plurality of credential tokens,wherein the token server selects the credential token for the communication between the first client and the second client from the pool of credential tokens.
  - 17. The apparatus of claim 10, further comprising a token generator for generating credential tokens.
  - 18. The apparatus of claim 17, wherein token generator is activated on demand when a threshold of available tokens is reached, or during off-peak hours.

19. A client apparatus for protecting communications between the client and at least one counterpart client, for use in a networked communication system comprising the server, the client, and at least one counterpart client, the apparatus comprising:
- a token client for receiving a credential token from a server for a communication between the client and the counterpart client;
  
  a credential table for storing the received credential token from the server and the associations with communicating clients; and
  
  a communication unit for communicating between the client and the counterpart client using security algorithms and information contained in the received credential token.
- View Dependent Claims (20, 21, 22, 23, 24)
- - 20. The apparatus of claim 19, wherein the token client transmits a request to the server for the credential token for the communication between the client and the counterpart client.
  - 21. The apparatus of claim 20, wherein the request for the credential token for the communication between the client and the counterpart client includes a real IDentifier (ID) of each of the client and the counterpart client.
  - 22. The apparatus of claim 21, wherein the request for the credential token for the communication between the client and the counterpart client further includes a usage mode for the credential token.
  - 23. The apparatus of claim 19, wherein the credential token comprises at least one of a temporary IDentifier (ID) of the client, a temporary ID of the counterpart client, an encryption key, an encryption algorithm ID, an authentication key, an authentication algorithm ID, a token usage mode, a number of uses allowed, and a time limit.
  - 24. The apparatus of claim 19, wherein the token client receives instructions to invalidate the credential token and request a new credential token.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
NGUYEN, Nhut

Application Number

US12/856,406
Publication Number

US 20110041167A1
Time in Patent Office

Days
Field of Search
US Class Current

726/6
CPC Class Codes

H04L 63/062 for key distribution, e.g. ...

TECHNIQUES FOR PROVIDING SECURE COMMUNICATIONS AMONG CLIENTS WITH EFFICIENT CREDENTIALS MANAGEMENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

28 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

TECHNIQUES FOR PROVIDING SECURE COMMUNICATIONS AMONG CLIENTS WITH EFFICIENT CREDENTIALS MANAGEMENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links