Enterprise instant message aggregator
First Claim
1. A mobile communication network, comprising:
- a wireless data network; and
an enterprise instant messaging (IM) service aggregator, the aggregator comprising;
at least one enterprise gateway aggregating secure connections to and from secure links coupled to IM servers of a plurality of enterprise communities, for enterprises subscribing to mobile IM service through the communication network;
at least one mobile station gateway coupled to the wireless data network of the communication network serving a plurality of mobile stations, the at least one mobile station gateway aggregating sessions for mobile stations of users affiliated with the enterprise communities; and
a service control connected to the enterprise and mobile gateways to control IM sessions between mobile stations and the IM servers of the enterprise communities through the mobile communication network, wherein the service control is configured to;
validate authorization of one mobile station attempting to access enterprise IM service of the mobile communication network;
for the validly authorized one mobile station, encrypt login information of a user of the authorized mobile station and forward the encrypted login information to an identified one of the IM servers for enterprise validation of user authentication for access to the identified IM server;
responsive to the user of the one mobile station being successfully validated by the identified IM server, provide a key of the aggregator to the one mobile station for use in communication of a security key of the one mobile station to the identified IM server, the security key of the one mobile station being for use in encrypted communications of one or more IM messages at least through the mobile communication network between the one mobile station and the identified IM server; and
receive a message from an IM server of one of the enterprises indicating that service to an identified mobile station should be terminated, and in response, transmit an instruction through the wireless data network to the identified mobile station instructing the identified mobile station to remove all IM messages and/or enterprise IM credentials from the identified mobile station.
2 Assignments
0 Petitions
Accused Products
Abstract
A disclosed enterprise instant messaging (IM) service aggregator enables validation of mobile stations and/or users for enterprise IM service through a wireless communication network; and in the examples, the enterprise IM service provides a secure messaging environment that allows IM traffic to/from wireless mobile stations. The security offered may be unique to and controlled by each enterprise, for example, by enabling each enterprise to generate its own encryption key for distribution through the aggregator and by allowing mobile stations to generate their own keys for distribution back through the aggregator to the enterprise IM servers. As disclosed, the login credentials are encrypted from the mobile station to the enterprise IM server. The use of standard encryption methods within the call flows allows a simple method of ensuring that only authorized users can access the enterprise servers and that the messages will be encrypted by the strongest possible means.
289 Citations
8 Claims
-
1. A mobile communication network, comprising:
-
a wireless data network; and an enterprise instant messaging (IM) service aggregator, the aggregator comprising; at least one enterprise gateway aggregating secure connections to and from secure links coupled to IM servers of a plurality of enterprise communities, for enterprises subscribing to mobile IM service through the communication network; at least one mobile station gateway coupled to the wireless data network of the communication network serving a plurality of mobile stations, the at least one mobile station gateway aggregating sessions for mobile stations of users affiliated with the enterprise communities; and a service control connected to the enterprise and mobile gateways to control IM sessions between mobile stations and the IM servers of the enterprise communities through the mobile communication network, wherein the service control is configured to; validate authorization of one mobile station attempting to access enterprise IM service of the mobile communication network; for the validly authorized one mobile station, encrypt login information of a user of the authorized mobile station and forward the encrypted login information to an identified one of the IM servers for enterprise validation of user authentication for access to the identified IM server; responsive to the user of the one mobile station being successfully validated by the identified IM server, provide a key of the aggregator to the one mobile station for use in communication of a security key of the one mobile station to the identified IM server, the security key of the one mobile station being for use in encrypted communications of one or more IM messages at least through the mobile communication network between the one mobile station and the identified IM server; and receive a message from an IM server of one of the enterprises indicating that service to an identified mobile station should be terminated, and in response, transmit an instruction through the wireless data network to the identified mobile station instructing the identified mobile station to remove all IM messages and/or enterprise IM credentials from the identified mobile station. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A mobile communication network for a carrier, comprising
a wireless data network; -
a provisioning system of the carrier; and an enterprise instant messaging (IM) service aggregator, the aggregator comprising; at least one enterprise gateway aggregating secure connections to and from secure links coupled to IM servers of a plurality of enterprise communities, for enterprises subscribing to mobile IM service through the communication network; at least one mobile station gateway coupled to the wireless data network of the communication network serving a plurality of mobile stations, the at least one mobile station gateway aggregating sessions for mobile stations of users affiliated with the enterprise communities; and a service control connected to the enterprise and mobile gateways to control IM sessions between mobile stations and the IM servers of the enterprise communities through the mobile communication network, wherein the service control is configured to; receive a first request for enterprise service from a requesting mobile station, in the service control; determine whether or not the requesting mobile station is authorized to utilize the enterprise IM service through the mobile communication network; in response to a determination that the requesting mobile station is not authorized to utilize the enterprise IM service through the mobile communication network, initiate a communication between the requesting mobile station and the provisioning system of the carrier providing the IM service through the mobile wireless communication network, to provision the requesting mobile station for enterprise IM service through the mobile communication network; and after successful completion of communication to provision of the requesting mobile station for enterprise IM service, establish a two-way encrypted secure communication link through the mobile communication network, between an IM server of an identified one of a plurality of enterprise IM communities served by the network and the requesting mobile station for exchange of encrypted IM message payload data; wherein to establish the two-way encrypted secure communication link, the service control is further configured to provide a key of the aggregator to the requesting mobile station for use in communication of a security key of the requesting mobile station to the IM server of the identified IM community, the security key of the requesting mobile station being for use in encrypted communications of one or more IM messages at least through the mobile communication network between the requesting mobile station and the IM server of the identified enterprise IM community and wherein the service control is further configured to receive a message from an IM server of one of the enterprises indicating that service to an identified mobile station should be terminated, and in response, transmit an instruction through the wireless data network to the identified mobile station instructing the identified mobile station to remove all IM messages and/or enterprise IM credentials from the identified mobile station. - View Dependent Claims (8)
-
Specification