Method and apparatus for secure group communications
First Claim
Patent Images
1. A method for secure group communications, the method comprises the steps of:
- a) initiating a secured group communication, wherein the secured group communication is secured based on a group public encryption key of security credentials of the group;
b) providing the secured group communication to at least one member of the group; and
c) obtaining, by the at least one member, at least a portion of the security credentials of the group that include a private key of the group to decrypt the secured group communication.
7 Assignments
0 Petitions
Accused Products
Abstract
A method for securing group communications with reduced message overhead begins by initiating a secure group communication, where a group communication is secured based on security credentials of the group. The secured group communication is then provided to members of the group, where the secured group communication includes a secured message portion and an overhead portion based on the group, not each member. Each member of the group that receives the message determines that the secured message is group communication for its particular group. Each member then obtains at least a portion of the security credentials (e.g., the private decryption key) of the group to decrypt the secured group communication.
-
Citations
31 Claims
-
1. A method for secure group communications, the method comprises the steps of:
-
a) initiating a secured group communication, wherein the secured group communication is secured based on a group public encryption key of security credentials of the group;
b) providing the secured group communication to at least one member of the group; and
c) obtaining, by the at least one member, at least a portion of the security credentials of the group that include a private key of the group to decrypt the secured group communication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
identifying the group based on a group identity independent of members'"'"' identities.
-
-
3. The method of claim 1, wherein step (b) further comprises:
-
providing the secured group communication to a public entity; and
obtaining the secured group communication by the at least one member via the public entity.
-
-
4. The method of claim 3 further comprises:
-
adding a new member to the group subsequent to providing the secured group communication to the public entity;
obtaining the security credentials of the group by the new member; and
obtaining the secured group communication by the new member via the public entity.
-
-
5. The method of claim 1, wherein step (c) further comprises obtaining the at least a portion of the security credentials of the group by:
accessing security credentials of the at least one member, which include the at least a portion of the security credentials of the group, wherein the at least a portion of the security credentials include a private key for the group.
-
6. The method of claim 5 further comprises:
-
receiving the at least a portion of the security credentials of the group as a secured message, wherein the secured message was secured via at least a portion of accumulated security credentials of the at least one member; and
merging the at least a portion of the security credentials of the group into the security credentials of the at least one member.
-
-
7. The method of claim 6 further comprises:
-
receiving the at least a portion of the security credentials in response to at least one of;
requesting, independent of the secured group communication, the at least a portion of the security credentials; and
requesting the at least a portion of the security credentials in response to receiving the secured group communication.
-
-
8. The method of claim 6 further comprises receiving the at least a portion of the security credentials via a group administrator.
-
9. The method of claim 1 further comprises:
-
decrypting the secured group communication using the at least a portion of the security credentials to recapture a group communication;
encrypting the group communication using the security credentials of the at least one member to produce a resecured group communication; and
storing the resecured group communication.
-
-
10. The method of claim 1, wherein step (a) further comprises obtaining the group public key of the group by accessing a directory.
-
11. A method for an administrator to facilitate secured group communications, the method comprises the steps of:
-
a) maintaining security credentials of a group that include a private key of the group;
b) maintaining membership status of the group; and
c) providing at least a portion of the security credentials for the group including a group public encryption key to at least some members of the group. - View Dependent Claims (12, 13, 14, 15, 16)
securing the at least a portion of private security credentials for the group with at least one key corresponding to at least a portion of accumulated security credentials of the at least some members.
-
-
13. The method of claim 11, wherein step (c) further comprises:
-
receiving a request for the at least a portion of the security credentials from a member of the at least some of the members;
authenticating the member; and
when the member is authenticated, securing the at least a portion of the security credentials with at least a portion of accumulated security credentials of the member.
-
-
14. The method of claim 11, wherein step (c) further comprises:
-
receiving a request for the at least a portion of the security credentials from a member of the at least some of the members when the member receives a secured group communication;
authenticating the member; and
when the member is authenticated, providing, for the secured group communication, the at least a portion of the group security credentials.
-
-
15. The method of claim 11 further comprises:
updating the security credentials of the group when the membership status changes.
-
16. The method of claim 15 further comprises at least one of:
-
providing an indication of the updating of the security credentials to the at least some members; and
providing at least a portion of updated security credentials to the at least some of the members.
-
-
17. A method for participating in a secure group communication, the method comprises the steps of:
-
a) receiving a secured group communication, wherein the secured group communication is secured based on a group public encryption key of security credentials of a group;
b) determining that the secured group communication is a group communication of the group; and
c) obtaining at least a portion of the security credentials of the group that include a private key of the group to decrypt the secured group communication. - View Dependent Claims (18, 19, 20, 21)
accessing an individual'"'"'s accumulated security credentials, which include the at least a portion of the security credentials of the group.
-
-
19. The method of claim 18 further comprises:
-
receiving the at least a portion of the security credentials of the group as a secured message, wherein the secured message was secured via at least a portion of the individual'"'"'s accumulated security credentials; and
merging the individual security credentials with the at least a portion of the security credentials of the group.
-
-
20. The method of claim 19 further comprises:
-
receiving the at least a portion of the security credentials in response to at least one of;
requesting, independent of the secured group communication, the at least a portion of the security credentials;
requesting the at least a portion of the security credentials in response to receiving the secured group communication; and
changing at least one of;
the security credentials and the membership status of the group.
-
-
21. The method of claim 17 further comprises:
-
decrypting the secured group communication using the at least a portion of the accumulated security credentials;
encrypting the group communication using the individual security credentials to produce a resecured group communication; and
storing the resecured group communication.
-
-
22. A digital storage medium that stores programming instructions that, when read by a processing module, cause the processing module to facilitate a secured group communication, the digital storage medium comprises;
-
a first digital storage means for storing programming instructions that cause the processing module to maintain security credentials of a group that includes a private key of the group;
a second digital storage means for storing programming instructions that cause the processing module to maintain membership status of the group; and
a third digital storage means for storing programming instructions that cause the processing module to provide at least a portion of the security credentials for the group including a group public encryption key to at least some members of the group. - View Dependent Claims (23, 24, 25, 26)
securing the at least a portion of the security credentials with at least one key corresponding to at least a portion of accumulated security credentials of the at least some members.
-
-
24. The digital storage medium of claim 22 further comprises programming instructions that cause the processing module to:
-
receive a request for the at least a portion of the security credentials from a member of the at least some of the members;
authenticate the member; and
secure the at least a portion of the security credentials with at least a portion of accumulated security credentials of the member when the member is authenticated.
-
-
25. The digital storage medium of claim 22 further comprises programming instructions that cause the processing module to:
-
receive a request for the at least a portion of the security credentials from a member of the at least some of the members when the member receives a secured group communication;
authenticate the member; and
provide, for the secured group communication, the at least a portion of the group security credentials when the member is authenticated.
-
-
26. The digital storage medium of claim 22 further comprises programming instructions that cause the processing module to:
-
update the security credentials of the group when the membership status changes; and
at least one of;
providing an indication of the updating of the security credentials to the at least some members; and
providing at least a portion of updated security credentials to the at least some of the members.
-
-
27. A digital storage medium that stores programming instructions that, when read by a processing module, cause the processing module to facilitate a secured group communication, the digital storage medium comprises:
-
a first digital storage means for storing programming instructions that cause the processing module to receive a secured group communication, wherein the secured group communication is secured based on a group public encryption key of security credentials of a group;
a second digital storage means for storing programming instructions that cause the processing module to determine that the secured group communication is a group communication of the group; and
a third digital storage means for storing programming instructions that cause the processing module to obtain at least a portion of the security credentials of the group that include a private key of the group to decrypt the secured group communication. - View Dependent Claims (28, 29, 30, 31)
accessing an individual'"'"'s accumulated security credentials, which include the at least a portion of the security credentials of the group.
-
-
29. The digital storage medium of claim 27 further comprises programming instructions that cause the processing module to:
-
receive the at least a portion of the security credentials of the group as a secured message, wherein the secured message was secured via at least a portion of the individual'"'"'s accumulated security credentials; and
merge the individual security credentials with the at least a portion of the security credentials of the group.
-
-
30. The digital storage medium of claim 27 further comprises programming instructions that cause the processing module to:
-
receive the at least a portion of the security credentials in response to at least one of;
request, independent of the secured group communication, the at least a portion of the security credentials;
request the at least a portion of the security credentials in response to receiving the secured group communication; and
changing at least one of the security credentials and the membership status of the group.
-
-
31. The digital storage medium of claim 27 further comprises programming instructions that cause the processing module to:
-
decrypt the secured group communication using the at least a portion of the security accumulated credentials to recapture a group communication;
encrypt the group communication using the individual security credentials to produce a resecured group communication; and
store the resecured group communication.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeEntrust Corp.
-
Original AssigneeEntrust Technologies Limited
-
InventorsCurry, Ian H., Langford, Glenn C.
-
Primary Examiner(s)Swann, Tod
-
Assistant Examiner(s)Darrow, Justin T.
-
Application NumberUS09/169,242Time in Patent Office1,020 DaysField of Search380/277, 380/278, 380/279, 380/281, 380/286, 713/155, 713/156, 713/157, 713/150, 713/175, 713/158US Class Current380/282CPC Class CodesH04L 2463/102 applying security measure f...H04L 63/0428 wherein the data content is...H04L 63/104 Grouping of entitiesH04L 9/0825 using asymmetric-key encryp...H04L 9/0833 involving conference or gro...H04L 9/0891 Revocation or update of sec...
