System and method of filtering unsolicited messages
First Claim
1. A method in a subscriber device for filtering unsolicited notification messages, the method comprising:
- generating, at a subscriber device, a subscriber secure correlation identifier (SCID) associated with a subscription to a subscribed event source, wherein the subscriber SCID comprises a randomized correlation identifier and a secure tag, wherein the secure tag is generated using the randomized correlation identifier and a device encryption key associated with the subscriber device; and
providing the subscriber SCID to the subscribed event source in a subscription message;
receiving, at the subscriber device, a notification message upon occurrence of an event, the notification message having an event-source SCID comprising a first portion and a second portion;
verifying, in the subscriber device, that the notification message is from the subscribed event source if the second portion of the event-source SCID is equal to a secure hash of the first portion of the event-source SCID, wherein the secure hash is generated using the first portion and the device encryption key; and
accepting the notification message if the notification message is verified as being from the subscribed event source.
4 Assignments
0 Petitions
Accused Products
Abstract
A secure correlation identifier (SCID) for authentically correlating notifications received from event sources with subscriptions, a SCID authentication system and method of filtering unsolicited messages are provided. The SCID comprises a correlation identifier for making the SCID unique, a sequence of bits concatenated with the correlation identifier and a secure tag concatenated with the concatenation of the correlation identifier and the sequence of bits. The system comprises a SCID generator for generating a SCID to be used in a message and a SCID authenticator for authenticating the SCID. The method comprises the steps of receiving a notification message having a SCID, verifying that that SCID is authentic, accepting the message if the SCID is authentic and rejecting the message if the SCID is not authentic.
21 Citations
17 Claims
-
1. A method in a subscriber device for filtering unsolicited notification messages, the method comprising:
-
generating, at a subscriber device, a subscriber secure correlation identifier (SCID) associated with a subscription to a subscribed event source, wherein the subscriber SCID comprises a randomized correlation identifier and a secure tag, wherein the secure tag is generated using the randomized correlation identifier and a device encryption key associated with the subscriber device; and providing the subscriber SCID to the subscribed event source in a subscription message; receiving, at the subscriber device, a notification message upon occurrence of an event, the notification message having an event-source SCID comprising a first portion and a second portion; verifying, in the subscriber device, that the notification message is from the subscribed event source if the second portion of the event-source SCID is equal to a secure hash of the first portion of the event-source SCID, wherein the secure hash is generated using the first portion and the device encryption key; and accepting the notification message if the notification message is verified as being from the subscribed event source. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A secure correlation identifier (SCID) authentication system in a subscriber device for filtering unsolicited notification messages, the SCID authentication system comprising:
-
a message listener configured to receive a notification message upon occurrence of an event, the notification message having an event-source SCID comprising a first portion and a second portion; and a SCID authenticator configured to; generate a subscriber SCID associated with a subscription to a subscribed event source, wherein the subscriber SCID comprises a randomized correlation identifier and a secure tag, wherein the secure tag is generated using the randomized correlation identifier and a device encryption key associated with the subscriber device; and provide the subscriber SCID to the subscribed event source in a subscription message; upon the message listener receiving the notification message, verify that the notification message is from the subscribed event source if the second portion of the event-source SCID is equal to a secure hash of the first portion of the event-source SCID, wherein the secure hash of the first portion is generated using the first portion and the device encryption key; and accept the notification message if the notification message is verified as being from the subscribed event source. - View Dependent Claims (15, 16)
-
-
17. A computer program product for filtering unsolicited messages, the computer program product comprising a non-transitory computer readable medium embodying program code means for implementing a method in a subscriber device for filtering unsolicited notification messages, the method comprising:
-
generating, at a subscriber device, a subscriber secure correlation identifier (SCID) associated with a subscription to a subscribed event source, wherein the subscriber SCID comprises a randomized correlation identifier and a secure tag, wherein the secure tag is generated using the randomized correlation identifier and a device encryption key associated with the subscriber device; and providing the subscriber SCID to the subscribed event source in a subscription message; receiving a notification message upon an occurrence of an event, the notification message having an event-source SCID comprising a first portion and a second portion; verifying that the notification message is from the subscribed event source if the second portion of the event-source SCID is equal to a secure hash of the first portion of the event-source SCID, wherein the secure hash is generated using the first portion and the device encryption key; accepting the notification message if the notification message is verified as being from the subscribed event source.
-
Specification