System and method for protecting privacy and anonymity of parties of network communications

US 7,669,049 B2
Filed: 03/04/2005
Issued: 02/23/2010
Est. Priority Date: 03/20/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method for a Web server, the method comprising:

receiving a cryptographic key from a routing control server for use inrouting messages passed during a communication session between a client and a target server;

receiving a message associated with the communication session from an upstream node of a routing chain for the communication session in which the Web server is a node;

decrypting the message from the upstream Web server with the cryptographic key; and

forwarding the decrypted message to a downstream node of the routing chain.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method is provided for handling network communications between a client and a target server on the Internet to protect the privacy and anonymity of the client.

For a session between the client and the target server, a routing control server sets up a routing chain using a plurality of Web servers randomly selected from a pool of participating Web servers as routers for routing messages between the client and the target server. To prevent traffic analysis, an “onion encryption” scheme is applied to the messages as they are forwarded along the routing chain.

A payment service cooperating with the routing control server allows a user to pay for the privacy protection service without revealing her real identity.

Citations

10 Claims

1. A method for a Web server, the method comprising:
- receiving a cryptographic key from a routing control server for use inrouting messages passed during a communication session between a client and a target server;
  
  receiving a message associated with the communication session from an upstream node of a routing chain for the communication session in which the Web server is a node;
  
  decrypting the message from the upstream Web server with the cryptographic key; and
  
  forwarding the decrypted message to a downstream node of the routing chain.
- View Dependent Claims (2)
- - 2. The method of claim 1 further comprising:
    - receiving a message associated with the communication session from the downstream node;
      
      encrypting the message received from the downstream node with the cryptographic key; and
      
      forwarding the encrypted message to the upstream node.

3. A computer-readable medium having stored thereon a secure message data structure, the secure message data structure comprising:
- a first data field containing data representing an ordered chain of Web servers, the ordered chain comprising identifications of a plurality of Web servers;
  
  a second data field containing data representing a plurality of cryptographic keys;
  
  a third data field containing data representing a message; and
  
  a fourth data field containing data representing an encrypted version of the message, the encrypted message formed by encrypting the message with the plurality of cryptographic keys according to an order of the Web servers in the ordered chain of Web servers.

4. A system for protecting a message sent from a client over the Internet to a target server, the system comprising:
- the message;
  
  the client configured for sending a request to a routing control server for a secure routing chain of Web servers, for receiving from the routing control server routing information identifying a plurality of Web servers in the secure routing chain, for receiving from the routing control server a plurality of cryptographic keys each corresponding to a Web server in the secure routing chain, for formatting the message according to a protocol for accessing Web services, for encrypting the message with the plurality of cryptographic keys according to an order of the Web servers in the secure routing chain, and for forwarding the encrypted message to a first Web server in the secure routing chain; and
  
  the routing control server.
- View Dependent Claims (5, 6, 7, 8)
- - 5. The system of claim 4 wherein the client is further configured for receiving a message from the target server, and for decrypting the received message with the plurality of cryptographic keys according to the order of the Web servers in the secure routing chain.
  - 6. The system of claim 4 wherein the client is further configured for sending to an account service an authentication request containing a user account ID for payment for service.
  - 7. The system of claim 6 wherein the account ID is an anonymous account ID.
  - 8. The system of claim 6 wherein the authentication request is sent to the account service through the secure routing chain of Web servers.

9. A system for securely transmitting a message sent from a client over the Internet to a target server, the system comprising:
- a Web server configured for receiving a cryptographic key from a routing control server for use in routing the message, for receiving an encrypted version of the message from an upstream node of a secure routing chain, for decrypting the message received from the upstream node with the cryptographic key, and for forwarding the decrypted message to a downstream node of the secure routing chain; and
  
  the routing control server.
- View Dependent Claims (10)
- - 10. The system of claim 9 wherein the Web server is further configured for receiving a message from the downstream node, for encrypting the message received from the downstream node with the cryptographic key, and for forwarding the encrypted message to the upstream node.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Russell, Wilfred, Sun, Qixiang, Simon, Daniel R., Wang, Yi-Min
Primary Examiner(s)
PEESO, THOMAS R

Application Number

US11/072,143
Publication Number

US 20050172120A1
Time in Patent Office

1,817 Days
Field of Search

713/161, 713/164, 713/168
US Class Current

713/161
CPC Class Codes

G06Q 20/3821   Electronic credentials

H04L 63/0442   wherein the sending and rec...

H04L 63/062   for key distribution, e.g. ...

H04L 67/02   based on web technology, e....

H04L 67/63   Routing a service request d...

H04L 69/329   in the application layer [O...

H04L 9/40   Network security protocols

System and method for protecting privacy and anonymity of parties of network communications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for protecting privacy and anonymity of parties of network communications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links