System and method for accessing private digital content

US 8,739,306 B2
Filed: 11/23/2010
Issued: 05/27/2014
Est. Priority Date: 12/04/2009
Status: Active Grant

First Claim

Patent Images

1. A method for providing access to private digital content installed on a content server, wherein a content manager server has a number of clients potentially interested in the private digital content, the method comprising the steps of:

establishing, via the content management server, a first communication channel with a client of the number of clients;

receiving, via the content management server, a query for private digital content from the client and sending an appropriate response, causing the client to establish a second communication channel with the content server;

establishing, via the content management server, a secure session via a Transport Layer Security (TLS) tunnel with the content server over the first communication channel and the second communication channel; and

establishing, via the content management server, a new session key for the secure session and transmitting the new session key to the client, so that the client can obtain the queried private digital content from the content server as if the client is the content management server.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method for providing access to private digital content installed on a content server C(s), wherein a content manager server C(a) has a number of clients potentially interested in the private content; the method comprising the following steps performed at the content management server C(a):

- establishing a first communication channel with a client C(b) of the number of clients;
- receiving a query for private digital content from the client C(b) and sending an appropriate response, causing the client to establish a second communication channel with the content server;
- establishing a secure session with the content server C(s) over the first and second communication channel;
- establishing a new session key for the secure session and transmitting said new session key to the client C(b), so that the client can obtain the queried private digital content from the content server as if the client is the content management server.

6 Citations

20 Claims

1. A method for providing access to private digital content installed on a content server, wherein a content manager server has a number of clients potentially interested in the private digital content, the method comprising the steps of:
- establishing, via the content management server, a first communication channel with a client of the number of clients;
  
  receiving, via the content management server, a query for private digital content from the client and sending an appropriate response, causing the client to establish a second communication channel with the content server;
  
  establishing, via the content management server, a secure session via a Transport Layer Security (TLS) tunnel with the content server over the first communication channel and the second communication channel; and
  
  establishing, via the content management server, a new session key for the secure session and transmitting the new session key to the client, so that the client can obtain the queried private digital content from the content server as if the client is the content management server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 12, 13, 14, 15, 16, 20)
- - 2. The method of claim 1, further comprising the step of sending, via the content management server, a data request to the content server through the secure session established over the first communication channel and the second communication channel.
  - 3. The method of claim 1, wherein the establishing of the secure session further comprises establishing one of the following secure tunnels:
    - the Transport Layer Security (TLS) tunnel or an Encapsulating Security Payload (ESP) tunnel.
  - 4. The method of claim 1, wherein the establishing of the first communication channel and/or the second communication channel further comprises establishing a first and/or a second TCP/IP session.
  - 5. The method of claim 1, wherein the content server maintains a client authentication mechanism enabled for the Transport Layer Security (TLS), and wherein the establishing of the secure session with the content server further comprises authenticating a client node.
  - 6. The method of claim 5, wherein the authenticating of the client node is made possible by re-using the client'"'"'s certificate when requested by the content server by requesting the client to sign the final TLS protocol message before transmitting the final TLS protocol message to the content server.
  - 7. The method of claim 5, wherein the authenticating of the client node is made possible by using a new certificate signed by the client and held by the content management server, such that the content server can verify the authenticity of the new certificate.
  - 12. The method of claim 1 wherein the appropriate response comprises a set of URLs that match the query to the client.
  - 13. The method of claim 1 wherein the private digital content is selected from the group consisting of documents, pictures and video.
  - 14. The method of claim 1 wherein the private digital content is stored at a remote location.
  - 15. The method of claim 1 wherein the client is selected from the group consisting of a web client, a desktop client and a client on a PDA.
  - 16. The method of claim 1, further comprising the step of transmitting, via the content management server, cipher/decipher parameters to the client to enable the client to maintain the TLS tunnel.
  - 20. A non-transitory computer-readable medium having computer-executable instructions for performing the method of claim 1.

8. A method for obtaining private digital content by a client of a content management server, where the private digital content is installed on a content server, comprising the steps of:
- establishing, via the client, a first communication channel with the content management server;
  
  sending, via the client, a query for the private digital content to the content management server;
  
  establishing, via the client, a second communication channel with the content server, the query causing the content management server to set up with the content server a secure session via a Transport Layer Security (TLS) tunnel over the first communication channel and the second communication channel;
  
  receiving, via the client, a new session key established for the second secure session; and
  
  obtaining, via the client, the queried private digital content from the content server using the new session key as if the client is the content management server.
- View Dependent Claims (9, 10, 11)
- - 9. The method of claim 8, wherein the query further causes the content management server to send a data request to the content server through the secure session.
  - 10. The method of claim 8, wherein a first secure session is established between the client and the content management server, and the new session key is received through the first secure session.
  - 11. The method of claim 10, wherein the secure session over the first communication channel and the second communication channel uses the first secure session.

17. A content management server for organizing private digital content of a plurality of clients, adapted to establish a secure session with a content server via a Transport Layer Security (TLS) tunnel after having received a query for private digital content from a client, wherein the client is adapted to establish a second communication channel with the content server, andestablish a new session key for the secure session and transmit the new session key to the client, so that the client can obtain the queried private digital content from the content server as if the client is the content management server.
- View Dependent Claims (18, 19)
- - 18. The content management server of claim 17, wherein the content management server is a content aggregator.
  - 19. A system for accessing private digital content, comprising:
    - the content management server according to claim 17;
      
      a content server with the private digital content; and
      
      a number of clients, wherein a client is adapted to receive the new session key and to use the new session key to obtain the private digital content from the content server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Alcatel-Lucent SA (Nokia Corporation)
Original Assignee
Alcatel-Lucent SA (Nokia Corporation)
Inventors
Bosch, Hendrikus G.P., Kolesnikov, Vladimir Y., Mullender, Sape, Daenen, Koen, Theeten, Bart Antoon Rika
Primary Examiner(s)
Barron, Jr., Gilberto
Assistant Examiner(s)
ALMEIDA, DEVIN E

Application Number

US13/508,559
Publication Number

US 20120246743A1
Time in Patent Office

1,281 Days
Field of Search

726/29
US Class Current

726/29
CPC Class Codes

H04L 2209/60   Digital content management,...

H04L 63/06   for supporting key manageme...

H04L 63/0823   using certificates cryptogr...

H04L 63/166   at the transport layer

H04L 9/0838   Key agreement, i.e. key est...

H04L 9/3215   using a plurality of channe...

H04L 9/3263   involving certificates, e.g...

System and method for accessing private digital content

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

6 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for accessing private digital content

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

6 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links