Creating and using secure communications channels for virtual universes

US 8,291,218 B2
Filed: 12/02/2008
Issued: 10/16/2012
Est. Priority Date: 12/02/2008
Status: Expired due to Fees

First Claim

Patent Images

1. A method for providing secure communication for a virtual universe client of a virtual universe, said method comprising:

monitoring a communication stream to and from the virtual universe client by a proxy component between the virtual universe client and a hosting network hosting the virtual universe, the communication stream comprising communication between avatars in the virtual universe, in which the virtual universe simulates one or more real world rules including at least one of gravity, topography, or locomotion, and in which users of the virtual universe interact with the simulated one or more real world rules thereof via the avatars, wherein the communication stream comprises at least one data packet selected for encryption and at least one data packet not selected for encryption, wherein the at least one data packet not selected for encryption passes to the virtual universe absent encryption;

selecting the at least one data packet of the communication stream for encryption, the selected data packet being sent by the virtual universe client to a destination;

intercepting the selected data packet being sent by said virtual universe client, the intercepting comprising removing data from the selected data packet of the communication stream;

determining a network data path for transmission of the selected data packet, the network data path comprising a plurality of servers of the hosting network and through which the selected data packet is to be transmitted to the destination;

sequentially encrypting said data with public keys of the plurality of servers in said network data path;

injecting the sequentially encrypted data back into the selected data packet of the communication stream to form a sequentially encrypted data packet; and

transmitting said sequentially encrypted data packet to a first server of the plurality of servers.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method provides secure channels for communication in a virtual universe by employing a packet interception layer for incoming and outgoing data packets. A data path is defined and is sequentially encrypted with the public keys of servers in the path. Decryption and identification of the next server occurs in a sequential manner in which the path is known only to the sender.

Citations

16 Claims

1. A method for providing secure communication for a virtual universe client of a virtual universe, said method comprising:
- monitoring a communication stream to and from the virtual universe client by a proxy component between the virtual universe client and a hosting network hosting the virtual universe, the communication stream comprising communication between avatars in the virtual universe, in which the virtual universe simulates one or more real world rules including at least one of gravity, topography, or locomotion, and in which users of the virtual universe interact with the simulated one or more real world rules thereof via the avatars, wherein the communication stream comprises at least one data packet selected for encryption and at least one data packet not selected for encryption, wherein the at least one data packet not selected for encryption passes to the virtual universe absent encryption;
  
  selecting the at least one data packet of the communication stream for encryption, the selected data packet being sent by the virtual universe client to a destination;
  
  intercepting the selected data packet being sent by said virtual universe client, the intercepting comprising removing data from the selected data packet of the communication stream;
  
  determining a network data path for transmission of the selected data packet, the network data path comprising a plurality of servers of the hosting network and through which the selected data packet is to be transmitted to the destination;
  
  sequentially encrypting said data with public keys of the plurality of servers in said network data path;
  
  injecting the sequentially encrypted data back into the selected data packet of the communication stream to form a sequentially encrypted data packet; and
  
  transmitting said sequentially encrypted data packet to a first server of the plurality of servers.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1 in which said virtual universe client is provided with a window through which said secure communication is to be provided.
  - 3. The method of claim 2 in which said window is dedicated to providing secure communications.
  - 4. The method of claim 1 further including:
    - receiving said sequentially encrypted data packet at said first server;
      
      decrypting said data packet with said first server'"'"'s private key;
      
      removing client and first server identifying information from said data packet;
      
      encrypting said packet from said removing step using public key information for a second server in said data path; and
      
      transmitting said data packet from the first server to said second server.
  - 5. The method of claim 4 in which said public key information for said second server is used by said first recipient to identify said second server.
  - 6. The method of claim 4 in which a random delay is introduced prior to transmission.
  - 7. The method of claim 4 in which said public key information for said second server is already available to said first server.
  - 8. The method of claim 4 in which said public key information for said second server is retrieved from a public source.
  - 9. The method of claim 4 in which said public key information for said second server is sent with said sequentially encrypted data packet.
  - 10. The method of claim 4 in which said second server is an intended recipient.
  - 11. The method of claim 4 in which a last server in said data path carries out the steps of:
    - decrypting the data packet that said last server receives;
      
      removing identifying information from said data packet; and
      
      transmitting said packet to said destination, the destination comprising an intended client.
  - 12. The method of claim 11 in which said intended client decrypts said packet and displays said decrypted data in a window.
  - 13. The method of claim 1 in which said plurality of servers in the data path comprise more than three servers.

14. A method for deploying an application providing secure communication for a virtual universe client of a virtual universe in a virtual universe environment, said method comprising:
- providing between the virtual universe client and a hosting network hosting the virtual universe a computer infrastructure operable to;
  
  monitor a communication stream to and from the virtual universe client, the communication stream comprising communication between avatars in the virtual universe, in which the virtual universe simulates one or more real world rules including at least one of gravity, topography, or locomotion, and in which users of the virtual universe interact with the simulated one or more real world rules thereof via the avatars, wherein the communication stream comprises at least one data packet selected for encryption and at least one data packet not selected for encryption, wherein the at least one data packet not selected for encryption passes to the virtual universe absent encryption;
  
  select the at least one data packet of the communication stream for encryption, the selected data packet being sent by the virtual universe client to a destination;
  
  intercept the selected data packet being sent by said virtual universe client, the intercepting comprising removing data from the selected data packet of the communication stream;
  
  determine a network data path for transmission of the selected data packet, the network data path comprising a plurality of servers of the hosting network and through which the selected data packet is to be transmitted to the destination;
  
  sequentially encrypt said data with public keys of the plurality of servers in said network data path;
  
  inject the sequentially encrypted data back into the selected data packet of the communication stream to form a sequentially encrypted data packet; and
  
  transmit said sequentially encrypted data packet to a first server of the plurality of servers.

15. A computer program product for providing secure communication for a virtual universe client of a virtual universe, the computer program product comprising:
- a non-transitory storage medium readable by a processor and storing instructions for execution by the processor to perform a method comprising;
  
  monitoring a communication stream to and from the virtual universe client, the communication stream comprising communication between avatars in the virtual universe, in which the virtual universe simulates one or more real world rules including at least one of gravity, topography, or locomotion, and in which users of the virtual universe interact with the simulated one or more real world rules thereof via the avatars, wherein the communication stream comprises at least one data packet selected for encryption and at least one data packet not selected for encryption, wherein the at least one data packet not selected for encryption passes to the virtual universe absent encryption;
  
  selecting the at least one a data packet of the communication stream for encryption, the selected data packet being sent by the virtual universe client to a destination;
  
  intercepting the selected data packet being sent by said virtual universe client, the intercepting comprising removing the data from the selected data packet of the communication stream;
  
  determining a network data path for transmission of the selected data packet, the network data path comprising a plurality of servers of the hosting network and through which the selected data packet is to be transmitted to the destination;
  
  sequentially encrypting said data with public keys of the plurality of servers in said network data path;
  
  injecting the sequentially encrypted data back into the selected data packet communication stream to form a sequentially encrypted data packet; and
  
  transmitting said sequentially encrypted data packet to a first server of the plurality of servers.

16. A computer system for providing secure communication for a virtual universe client of a virtual universe, the computer system comprising:
- a memory; and
  
  a processor in communications with the memory, wherein the computer system is configured to perform;
  
  monitoring a communication stream to and from the virtual universe client, the communication stream comprising communication between avatars in the virtual universe, in which the virtual universe simulates one or more real world rules including at least one of gravity, topography, or locomotion, and in which users of the virtual universe interact with the simulated one or more real world rules thereof via the avatars, wherein the communication stream comprises at least one data packet selected for encryption and at least one data packet not selected for encryption, wherein the at least one data packet not selected for encryption passes to the virtual universe absent encryption;
  
  selecting the at least one a data packet of the communication stream for encryption, the selected data packet being sent by the virtual universe client to a destination;
  
  intercepting the selected data packet being sent by said virtual universe client, the intercepting comprising removing data from the selected data packet of the communication stream;
  
  determining a network data path for transmission of the selected data packet, the network data path comprising a plurality of servers of the hosting network and through which the selected data packet is to be transmitted to the destination;
  
  sequentially encrypting said data with public keys of the plurality of servers in said network data path;
  
  injecting the sequentially encrypted data back into the selected data packet of the communication stream to form a sequentially encrypted data packet; and
  
  transmitting said sequentially encrypted data packet to a first server of the plurality of servers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Garcia, Kelley K., Hamilton, Rick A. II, Newhook, Richard J., Ramsey, Martin S., Rangel, Raull, Seaman, James W.
Primary Examiner(s)
KOSOWSKI, CAROLYN M

Application Number

US12/326,477
Publication Number

US 20100332827A1
Time in Patent Office

1,414 Days
Field of Search

713/160
US Class Current

713/160
CPC Class Codes

H04L 63/0442   wherein the sending and rec...

H04L 63/0478   applying multiple layers of...

H04L 67/131   Protocols for games, networ...

H04L 9/30   Public key, i.e. encryption...

Creating and using secure communications channels for virtual universes

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Creating and using secure communications channels for virtual universes

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links