Federated Messaging

US 20190068614A1
Filed: 08/29/2017
Published: 02/28/2019
Est. Priority Date: 08/29/2017
Status: Active Grant

First Claim

Patent Images

1. A method for federated messaging, the method comprising:

receiving, at a first server from a first device belonging to a first secure communication network, a first communication for a second device belonging to a second secure communication network, wherein the first communication includes a first security group identifier associated with the first device and a second security group identifier associated with the second device;

determining, by the first server, whether a first set of permissions associated with the first security group identifier permit the first device to communicate with the second secure communication network; and

determining, by the first server, whether a second set of permissions associated with the second security group identifier permit the second device to communicate with the first secure communication network; and

providing, by the first server, the first communication to the second device on the second secure communication network when the first device and the second device are permitted to communicate.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure describes a method, system, and non-transitory computer readable medium that includes instructions that permit users of different secure communication networks to exchange secure communications. A secure communication platform includes a user database that allows users from different secure communication networks to access keys for recipients outside of their network. Additionally, the secure communication platform provides a high degree of trust regarding the sender'"'"'s identity, allowing the receiving network to trust the sender.

Citations

18 Claims

1. A method for federated messaging, the method comprising:
- receiving, at a first server from a first device belonging to a first secure communication network, a first communication for a second device belonging to a second secure communication network, wherein the first communication includes a first security group identifier associated with the first device and a second security group identifier associated with the second device;
  
  determining, by the first server, whether a first set of permissions associated with the first security group identifier permit the first device to communicate with the second secure communication network; and
  
  determining, by the first server, whether a second set of permissions associated with the second security group identifier permit the second device to communicate with the first secure communication network; and
  
  providing, by the first server, the first communication to the second device on the second secure communication network when the first device and the second device are permitted to communicate.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, comprising:
    - discarding, by the first server, the first communication when at least one of the first set of permissions do not permit the first device to communicate with the second secure communication network and the second set of permissions do not permit the second device to communicate with the first secure communication network.
  - 3. The method of claim 1, wherein the first communication includes encrypted routing data and an encrypted payload.
  - 4. The method of claim 3, comprising:
    - decrypting, by the first server, the encrypted routing data using a first key to obtain the first security group identifier and the second security group identifier.
  - 5. The method of claim 4, wherein the first key is a private key belonging to the first server.
  - 6. The method of claim 1, comprising:
    - determining, by the first server, whether the first secure communication network and the second secure communication network are the same network; and
      
      providing, by the first server, the first communication to the second device when the first secure communication network is the same network as the second secure communication network.

7. A system for federated messaging, the system comprising:
- an interface configured to receive a first communication from a first device belonging to a first secure communication network for a second device belonging to a second secure communication network, wherein the first communication includes a first security group identifier associated with the first device and a second security group identifier associated with the second device;
  
  a processor configured to determine whether a first set of permissions associated with the first security group identifier permit the first device to communicate with the second secure communication network, determine whether a second set of permissions associated with the second security group identifier permit the second device to communicate with the first secure communication network, and provide the first communication to the second device on the second secure communication network when the first device and the second device are permitted to communicate; and
  
  a memory coupled to the processor and configured to store the first set of permissions and second set of permissions and to provide the processor with instructions for determining whether the first device and the second device are permitted to communicate.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, wherein the processor is further configured to discard the first communication when at least one of the first set of permissions do not permit the first device to communicate with the second secure communication network and the second set of permissions do not permit the second device to communicate with the first secure communication network.
  - 9. The system of claim 7, wherein the first communication includes encrypted routing data and an encrypted payload.
  - 10. The system of claim 9, wherein the processor is configured to decrypt the encrypted routing data using a first key to obtain the first security group identifier and the second security group identifier.
  - 11. The system of claim 10, wherein the first key is a private key belonging to the first server.
  - 12. The system of claim 7, wherein the processor is further configured to determine whether the first secure communication network and the second secure communication network are the same network and provide the first communication to the second device when the first secure communication network is the same network as the second secure communication network.

13. A non-transitory computer-readable medium comprising instructions that when, executed by at least one processor, perform the steps of:
- receiving a first communication from a first device belonging to a first secure communication network for a second device belonging to a second secure communication network, wherein the first communication includes a first security group identifier associated with the first device and a second security group identifier associated with the second device;
  
  determining whether a first set of permissions associated with the first security group identifier permit the first device to communicate with the second secure communication network; and
  
  determining whether a second set of permissions associated with the second security group identifier permit the second device to communicate with the first secure communication network; and
  
  providing the first communication to the second device on the second secure communication network when the first device and the second device are permitted to communicate.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The non-transitory computer-readable medium of claim 13, comprising instructions for:
    - discarding the first communication when at least one of the first set of permissions do not permit the first device to communicate with the second secure communication network and the second set of permissions do not permit the second device to communicate with the first secure communication network.
  - 15. The non-transitory computer-readable medium of claim 13, wherein the first communication includes encrypted routing data and an encrypted payload.
  - 16. The non-transitory computer-readable medium of claim 15, comprising instructions for:
    - decrypting the encrypted routing data using a first key to obtain the first security group identifier and the second security group identifier.
  - 17. The non-transitory computer-readable medium of claim 16, wherein the first key is a private key belonging to the first server.
  - 18. The non-transitory computer-readable medium of claim 13, comprising instructions for:
    - determining whether the first secure communication network and the second secure communication network are the same network; and
      
      providing the first communication to the second device when the first secure communication network is the same network as the second secure communication network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Wickr Inc. (Amazon.com, Inc.)
Inventors
Bhatnagar, Arjun, Howell, Christopher

Granted Patent

US 11,095,662 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06Q 10/107   Computer-aided management o...

H04L 2463/061   applying further key deriva...

H04L 2463/062   applying encryption of the ...

H04L 51/212   using filtering or selectiv...

H04L 51/214   using selective forwarding

H04L 51/56   Unified messaging, e.g. int...

H04L 63/0428   wherein the data content is...

H04L 63/062   for key distribution, e.g. ...

H04L 63/102   Entity profiles

H04L 63/104   Grouping of entities

H04L 63/12   Applying verification of th...

H04L 9/08   Key distribution or managem...

H04W 12/02   Protecting privacy or anony...

H04W 12/10   Integrity

Federated Messaging

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Federated Messaging

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links