System, device and method for dynamically securing instant messages
First Claim
Patent Images
1. An instant messaging security device configured for intercepting and encrypting unencrypted instant messages routed for transmission from a first user device to an instant message server through a network and being further configured for intercepting and decrypting encrypted instant messages routed for transmission from the instant message server to the first user device through the network, the instant messaging security device comprising:
- a network interface configured to communicate with the first user device and the network to intercept unencrypted instant messages routed for transmission from the first user device to the instant message server through the network, to transmit discovery instant messages, and to intercept encrypted instant messages routed for transmission from the instant message server to the first user device through the network;
a memory storing instructions; and
a processing component coupled to the network interface and the memory, the processing component, according to the stored instructions, configured to;
intercept an unencrypted instant message from the first user device addressed to a second user device through an instant message server;
transmit, in response to intercepting the unencrypted instant message, a discovery instant message addressed to the second user device, the discovery instant message including data indicating that the instant messaging security device is capable of encrypting instant message data according to a security protocol;
determine, in response to the discovery instant message, whether a response to the discovery instant message is received from a responding instant messaging security device;
in response to determining a response to the discovery instant message is not received, allow transmission of the unencrypted instant message to the second user device and allow transmission of an unencrypted instant message from the second user device to the first user device;
in response to determining a response to the discovery instant message is received;
transmit a first negotiation instant message to the responding instant messaging security device, the first negotiation instant message including data for negotiating an encryption technique with the responding instant messaging security device to encrypt unencrypted instant messages from the first user device to the second user device and to decrypt encrypted instant messages from the second user device to the first user device;
receive a second negotiation instant message from the responding instant messaging security device, the second negotiation instant message including data specifying the encryption technique;
encrypt the unencrypted instant message from the first user device using the encryption technique;
transmit the encrypted instant message to the second user device;
decrypt encrypted instant messages received from the responding instant messaging security device and addressed to the first user device; and
transmit the unencrypted instant message from the second user device to the first user device.
15 Assignments
0 Petitions
Accused Products
Abstract
An Instant Messaging security system that encrypts Instant Messages sent by a Instant Messaging user to an Instant Messaging server by intercepting the messages, negotiating a preferred security algorithm and forwarding the encrypted messages to the server. The security system intercepts and decrypts encrypted messages sent by the server to the user. The security system is able to determine whether a receiving user is equipped with a similar security system without prior knowledge of network addresses, configuration or capability. The security system is transparent to the Instant Message service provider and may provide one or more indicators to users that messages are encrypted during forwarding.
50 Citations
15 Claims
-
1. An instant messaging security device configured for intercepting and encrypting unencrypted instant messages routed for transmission from a first user device to an instant message server through a network and being further configured for intercepting and decrypting encrypted instant messages routed for transmission from the instant message server to the first user device through the network, the instant messaging security device comprising:
-
a network interface configured to communicate with the first user device and the network to intercept unencrypted instant messages routed for transmission from the first user device to the instant message server through the network, to transmit discovery instant messages, and to intercept encrypted instant messages routed for transmission from the instant message server to the first user device through the network; a memory storing instructions; and a processing component coupled to the network interface and the memory, the processing component, according to the stored instructions, configured to; intercept an unencrypted instant message from the first user device addressed to a second user device through an instant message server; transmit, in response to intercepting the unencrypted instant message, a discovery instant message addressed to the second user device, the discovery instant message including data indicating that the instant messaging security device is capable of encrypting instant message data according to a security protocol; determine, in response to the discovery instant message, whether a response to the discovery instant message is received from a responding instant messaging security device; in response to determining a response to the discovery instant message is not received, allow transmission of the unencrypted instant message to the second user device and allow transmission of an unencrypted instant message from the second user device to the first user device; in response to determining a response to the discovery instant message is received; transmit a first negotiation instant message to the responding instant messaging security device, the first negotiation instant message including data for negotiating an encryption technique with the responding instant messaging security device to encrypt unencrypted instant messages from the first user device to the second user device and to decrypt encrypted instant messages from the second user device to the first user device; receive a second negotiation instant message from the responding instant messaging security device, the second negotiation instant message including data specifying the encryption technique; encrypt the unencrypted instant message from the first user device using the encryption technique; transmit the encrypted instant message to the second user device; decrypt encrypted instant messages received from the responding instant messaging security device and addressed to the first user device; and transmit the unencrypted instant message from the second user device to the first user device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for intercepting and encrypting unencrypted instant messages directed to a receiving user device and routed for transmission from a transmitting user device to an instant message server through a network, the method comprising:
-
intercepting an unencrypted instant message from a first user device addressed to a second user device through an instant message server; transmitting, in response to intercepting the unencrypted instant message, a discovery instant message including data indicating that an instant messaging security device is capable of encrypting instant message data according to a security protocol; determining, in response to the discovery instant message, whether a response to the discovery instant message is received from a responding instant messaging security device; in response to determining that a response to the discovery instant message is not received, allowing transmission of the unencrypted instant message to the second user device and allowing transmission of unencrypted instant messages from the second user device to the first user device; in response to determining that a response to the discovery instant message is received; transmitting a first negotiation instant message to the responding instant messaging security device, the first negotiation instant message including data for negotiating an encryption technique with the responding instant messaging security device to encrypt unencrypted instant messages from the first user device to the second user device and to decrypt encrypted instant messages from the second user device to the first user device; receiving a second negotiation instant message from the responding instant messaging security device, the second negotiation instant message including data specifying the encryption technique; encrypting the unencrypted instant message from the first user device using the encryption technique; and transmitting the encrypted instant message to the second user device, wherein the encrypted instant message is decrypted by the responding instant messaging security device. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeMcAfee, LLC
-
Original AssigneeMcAfee, Inc. (McAfee, LLC)
-
InventorsMathur, Saroop, Venkatraman, Rajamadam C., Kim, Charlie, Warty, Ashish, Liao, Yih-Ming M.
-
Primary Examiner(s)Dalencourt, Yves
-
Assistant Examiner(s)Lai, Michael C
-
Application NumberUS10/890,394Time in Patent Office2,773 DaysField of Search709/207, 709/206, 713/150, 713/153, 713/168, 713/171, 713/175US Class Current709/207CPC Class CodesH04L 51/04 Real-time or near real-time...H04L 63/0428 wherein the data content is...H04L 63/20 for managing network securi...H04L 63/205 involving negotiation or de...
