Security and support for flexible conferencing topologies spanning proxies, firewalls and gateways

US 8,631,074 B2
Filed: 12/06/2012
Issued: 01/14/2014
Est. Priority Date: 03/02/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method for setting up a dynamic-secure-conference over a computer network wherein said method comprises:

communicating with a potential new node from an existing-trusted-conference node;

authenticating a potential new-entrant-to-the-conference by examining a certificate corresponding to the new node;

permitting the potential new-entrant-to-the-conference to become an additional conference node if the certificate is valid; and

recalculating a dynamic-secure-conference topology to minimize network traffic.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for setting up and managing secure data/audio/video conferences with a wide range of topologies is described. The disclosed method and system allow extending the range of topologies possible with the H.323 conferencing standards while overcoming T.120 negotiating constraints. Security in such conferences may be based on a trusted node system or on more complex security procedures. Furthermore, the taught conference topologies fully utilize the T.120 standards while also permitting the reach of the conferences to the extent enabled by the H.323 standards by implementing additional modules to manage the setting up and tearing down of one or more conference connections. In addition, the method and system allow for dynamically adjusting conference connections to improve bandwidth usage and utilize H.323 support for gatekeepers.

40 Citations

20 Claims

1. A method for setting up a dynamic-secure-conference over a computer network wherein said method comprises:
- communicating with a potential new node from an existing-trusted-conference node;
  
  authenticating a potential new-entrant-to-the-conference by examining a certificate corresponding to the new node;
  
  permitting the potential new-entrant-to-the-conference to become an additional conference node if the certificate is valid; and
  
  recalculating a dynamic-secure-conference topology to minimize network traffic.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the dynamic-secure-conference topology is adjusted by a gatekeeper-software-module to reduce the number of hops between a top-provider and the new-entrant-to-the-conference.
  - 3. The method of claim 1, wherein the dynamic-secure-conference topology is adjusted by a gatekeeper.
  - 4. The method of claim 1, wherein the dynamic-secure-conference uses a common key for encryption/decryption.
  - 5. The method of claim 1, wherein the dynamic-secure-conference has a common identifier.
  - 6. The method of claim 1, wherein the dynamic-secure-conference members are identified by a smart gatekeeper.
  - 7. The method of claim 1, wherein a gateway may handle connections for more than one conference path.
  - 8. The method of claim 7, wherein the gateway encapsulates connections from each other within the dynamic-secure-conference.

9. A computer storage device comprising computer executable instructions that, when executed by at least one processor, perform a method for setting up a dynamic-secure-conference over a computer network wherein said method comprises:
- communicating with a potential new node from an existing-trusted-conference node;
  
  authenticating a potential new-entrant-to-the-conference by examining a certificate corresponding to the new node;
  
  permitting the potential new-entrant-to-the-conference to become an additional conference node if the certificate is valid; and
  
  recalculating a dynamic-secure-conference topology to minimize network traffic.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The computer storage device of claim 9, wherein the dynamic-secure-conference topology is adjusted by a gatekeeper-software-module to reduce the number of hops between a top-provider and the new-entrant-to-the-conference.
  - 11. The computer storage device of claim 9, wherein the dynamic-secure-conference topology is adjusted by a gatekeeper.
  - 12. The computer storage device of claim 9, wherein the dynamic-secure-conference uses a common key for encryption/decryption.
  - 13. The computer storage device of claim 9, wherein the dynamic-secure-conference has a common identifier.
  - 14. The computer storage device of claim 9, wherein the dynamic-secure-conference members are identified by a smart gatekeeper.
  - 15. The computer storage device of claim 9, wherein a gateway may handle connections for more than one conference path.
  - 16. The computer storage device of claim 15, wherein the gateway encapsulates connections from each other within the dynamic-secure-conference.

17. A system comprising:
- at least one processor; and
  
  a computer readable medium comprising computer executable instructions that, when executed by at least one processor, perform a method for setting up a dynamic-secure-conference over a computer network wherein said method comprises;
  
  communicating with a potential new node from an existing-trusted-conference node;
  
  authenticating a potential new-entrant-to-the-conference by examining a certificate corresponding to the new node;
  
  permitting the potential new-entrant-to-the-conference to become an additional conference node if the certificate is valid; and
  
  recalculating a dynamic-secure-conference topology to minimize network traffic.
- View Dependent Claims (18, 19, 20)
- - 18. The system of claim 17, wherein the dynamic-secure-conference topology is adjusted by a gatekeeper-software-module to reduce the number of hops between a top-provider and the new-entrant-to-the-conference.
  - 19. The system of claim 17, wherein the dynamic-secure-conference has a common identifier.
  - 20. The system of claim 17, wherein the dynamic-secure-conference members are identified by a smart gatekeeper.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Giloi, Claus T., MacLin, Markham, Morris, Max G.
Primary Examiner(s)
Maung, Zarni

Application Number

US13/706,998
Publication Number

US 20130097690A1
Time in Patent Office

404 Days
Field of Search

709203-207, 709223-229, 709/250
US Class Current

709/204
CPC Class Codes

G06F 2203/04804   Transparency, e.g. transpar...

G06F 3/038   Control and interface arran...

G06F 3/0481   based on specific propertie...

H04L 12/1822   Conducting the conference, ...

H04L 63/02   for separating internal fro...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0823   using certificates cryptogr...

H04L 63/104   Grouping of entities

H04L 63/166   at the transport layer

H04L 63/168   above the transport layer

H04L 65/1101   Session protocols

H04L 65/1106   Call signalling protocols; ...

H04L 65/403   Arrangements for multi-part...

H04L 65/4038   with floor control

H04L 67/131   Protocols for games, networ...

H04L 9/40   Network security protocols

H04M 2203/609   Secret communication

H04M 3/567   Multimedia conference systems

H04M 7/006   Networks other than PSTN/IS...

Security and support for flexible conferencing topologies spanning proxies, firewalls and gateways

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

40 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Security and support for flexible conferencing topologies spanning proxies, firewalls and gateways

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others