Privacy and security mechanism for presence systems with tuple spaces
First Claim
Patent Images
1. A communication system for privately and securely exchanging information about a first entity with at least one further entity, comprising:
- a presence memory to store tuples that contain said information;
a presentity to publish encrypted information about said first entity to said presence memory, wherein said information comprises a unique identifier of said presentity, said unique identifier comprising a random string concatenated to an identifier key, and wherein said presentity is enabled to;
encrypt said information with a unique key provided by said presentity to create said encrypted information;
post said encrypted information to said presence memory;
change said unique key to a new unique key at random intervals;
re-encrypt said encrypted information with said new unique key to create re-encrypted information; and
re-post said re-encrypted information to said presence memory at said random intervals, and wherein said re-encrypt and said re-post are repeated when presence information changes in presence information comprising changes in location of a user;
sensors for detecting presence of the first entity, said presentity connected to said sensors;
a watcher agent associated with said at least one further entity to post a subscribe tuple to said presence memory to initiate a subscription to said information published by said presentity via said post and said re-post;
a presentity agent associated with said first entity to return subscribe-reply messages, a first subscribe-reply message containing said unique key to subscribe said further entity to said encrypted information published by said presentity, and a second subscribe-reply message containing said new unique key to subscribe said further entity to said re-encrypted information published by said presentity; and
a watcher associated with said further entity to monitor said presence memory and decrypt said encrypted information and said re-encrypted information using said encryption key and said new unique key, respectively, and provide said information to said further entity.
28 Assignments
0 Petitions
Accused Products
Abstract
A system is provided for cycling encryption keys to prevent the guessing of encrypted presence information in a shared information space. The system of the invention prevents malicious publication of presence information and ensures that only valid presence information is published to the shared information space. A malicious subscriber is prevented from knowing that he/she has been detected while a search is underway to determine his/her identity. During such a search, authorized subscribers are shifted to a new source of presence information while the malicious subscriber remains at the previous source.
30 Citations
2 Claims
-
1. A communication system for privately and securely exchanging information about a first entity with at least one further entity, comprising:
-
a presence memory to store tuples that contain said information; a presentity to publish encrypted information about said first entity to said presence memory, wherein said information comprises a unique identifier of said presentity, said unique identifier comprising a random string concatenated to an identifier key, and wherein said presentity is enabled to; encrypt said information with a unique key provided by said presentity to create said encrypted information; post said encrypted information to said presence memory; change said unique key to a new unique key at random intervals; re-encrypt said encrypted information with said new unique key to create re-encrypted information; and re-post said re-encrypted information to said presence memory at said random intervals, and wherein said re-encrypt and said re-post are repeated when presence information changes in presence information comprising changes in location of a user; sensors for detecting presence of the first entity, said presentity connected to said sensors; a watcher agent associated with said at least one further entity to post a subscribe tuple to said presence memory to initiate a subscription to said information published by said presentity via said post and said re-post; a presentity agent associated with said first entity to return subscribe-reply messages, a first subscribe-reply message containing said unique key to subscribe said further entity to said encrypted information published by said presentity, and a second subscribe-reply message containing said new unique key to subscribe said further entity to said re-encrypted information published by said presentity; and a watcher associated with said further entity to monitor said presence memory and decrypt said encrypted information and said re-encrypted information using said encryption key and said new unique key, respectively, and provide said information to said further entity. - View Dependent Claims (2)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeRingCentral Incorporated
-
Original AssigneeMitel Networks Corporation
-
InventorsGray, Thomas A.
-
Primary Examiner(s)Vu; KimYen
-
Assistant Examiner(s)Shan; April Y
-
Application NumberUS10/638,416Publication NumberTime in Patent Office1,967 DaysField of Search726/2, 726/4, 726/14, 379/188, 713/150, 713/171, 380/259, 380/277, 380/278, 705/71US Class Current713/150CPC Class CodesG06Q 20/3829 involving key managementH04L 61/45 Network directories; Name-t...H04L 63/0464 using hop-by-hop encryption...H04L 63/062 for key distribution, e.g. ...H04L 63/068 using time-dependent keys, ...H04L 67/54 Presence management, e.g. m...H04L 69/329 in the application layer [O...H04M 3/42 Systems providing special s...H04M 3/42093 Notifying the calling party...H04M 3/42365 Presence services providing...
