Secure push and status communication between client and server

US 9,003,491 B2
Filed: 12/13/2011
Issued: 04/07/2015
Est. Priority Date: 12/17/2007
Status: Active Grant

First Claim

Patent Images

1. A method of authentication between a client and a server to facilitate communication of a message between the client and the server through a gateway, the method comprising:

requesting, by the server, a token from the client;

receiving, by the server, the token from the client, the token identifying the client and the gateway and authorizing the server to push messages to the client through the gateway as long as the token has not revoked, wherein the token may be revoked by the client with or without notice to the server; and

sending, by the server, the message along with the token to the gateway, the gateway forwarding the message to the client after the token is validated by the gateway.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods of authentication and authorization between a client, a server, and a gateway to facilitate communicating a message between a client and a server through a gateway. The client has a trusted relationship with each of the gateway and the server. A method includes registering the client with the gateway. The client also constructs the address space identifying the gateway and the client. The client communicates the address space to the server. The client receives an identity identifying the server. If the client authorizes to receive a message from the server through the gateway, the client informs the authorization to the gateway. The client puts the identity identifying the server on a list of servers which are authorized to send messages to the client. In addition, the client communicates the list of servers to the gateway.

30 Citations

View as Search Results

20 Claims

1. A method of authentication between a client and a server to facilitate communication of a message between the client and the server through a gateway, the method comprising:
- requesting, by the server, a token from the client;
  
  receiving, by the server, the token from the client, the token identifying the client and the gateway and authorizing the server to push messages to the client through the gateway as long as the token has not revoked, wherein the token may be revoked by the client with or without notice to the server; and
  
  sending, by the server, the message along with the token to the gateway, the gateway forwarding the message to the client after the token is validated by the gateway.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the client issues the token to the server.
  - 3. The method of claim 2, the method further comprising:
    - using an ad hoc security mechanism to communicate between the client and the server, the ad hoc security mechanism working securely over non-secure networks.
  - 4. The method of claim 1, the method further comprising:
    - using an ad hoc security mechanism to communicate between the client and the server, the ad hoc security mechanism working securely over non-secure networks.
  - 5. The method of claim 4, wherein using the ad hoc security mechanism includes providing a public key to the client.
  - 6. The method of claim 5, wherein using the ad hoc security mechanism includes decrypting random information encrypted by the gateway using the public key.
  - 7. The method of claim 1, wherein the token specifies usage restrictions authorized by the token, the usage restrictions including a range of start and expiration dates and a maximum number of messages to be sent.

8. A system for authenticating and authorizing a client and a server through a gateway to facilitate message communication, the system comprising:
- a processing unit; and
  
  a memory encoding instructions that, when executed by the processing unit, cause the processing unit to;
  
  request, by the server, a token from the client;
  
  receive, by the server, the token from the client, the token identifying the client and the gateway and authorizing the server to push messages to the client through the gateway as long as the token has not revoked, wherein the token may be revoked by the client with or without notice to the server; and
  
  send, by the server, a message along with the token to the gateway, the gateway forwarding the message to the client after the token is validated by the gateway.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the processing unit issues the token to the server.
  - 10. The system of claim 9, wherein the processing unit uses an ad hoc security mechanism to communicate between the client and the server, the ad hoc security mechanism working securely over non-secure networks.
  - 11. The system of claim 8, wherein the processing unit uses an ad hoc security mechanism to communicate between the client and the server, the ad hoc security mechanism working securely over non-secure networks.
  - 12. The system of claim 11, wherein using the ad hoc security mechanism includes providing a public key to the client.
  - 13. The system of claim 12, wherein using the ad hoc security mechanism includes decrypting random information encrypted by the gateway using the public key.
  - 14. The system of claim 8, wherein the token specifies usage restrictions authorized by the token, the usage restrictions including a range of start and expiration dates and a maximum number of messages to be sent.

15. A computer readable storage device including instructions that, when executed by a processing unit, cause the processing unit to perform steps comprising:
- requesting, by the server, a token from a client;
  
  receiving, by the server, the token from the client, the token identifying the client and a gateway and authorizing a server to push messages to the client through the gateway as long as the token has not revoked, wherein the token may be revoked by the client with or without notice to the server; and
  
  sending, by the server, a message along with the token to the gateway, the gateway forwarding the message to the client after the token is validated by the gateway.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer readable storage device of claim 15, wherein the client issues the token to the server.
  - 17. The computer readable storage device of claim 15, the method further comprising:
    - using an ad hoc security mechanism to communicate between the client and the server, the ad hoc security mechanism working securely over non-secure networks.
  - 18. The computer readable storage device of claim 17, wherein using the ad hoc security mechanism includes providing a public key to the client.
  - 19. The computer readable storage device of claim 18, wherein using the ad hoc security mechanism includes decrypting random information encrypted by the gateway using the public key.
  - 20. The computer readable storage device of claim 15, wherein the token specifies usage restrictions authorized by the token, the usage restrictions including a range of start and expiration dates and a maximum number of messages to be sent.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Herzog, Shai, Klein, Johannes, Gavrilescu, Alexandru
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Pan, Peiliang

Application Number

US13/324,723
Publication Number

US 20120090017A1
Time in Patent Office

1,211 Days
Field of Search

713/155, 713/168, 713/170, 726/4, 726/21, 709/206, 709/227, 380/229, 380/247
US Class Current

726/4
CPC Class Codes

H04L 12/1859   adapted to provide push ser...

H04L 51/58   Message adaptation for wire...

H04L 63/08   for authentication of entit...

H04L 63/101   Access control lists [ACL]

H04L 63/102   Entity profiles

H04L 63/166   at the transport layer

H04L 67/01   Protocols

H04L 67/04   specially adapted for termi...

H04L 67/303   Terminal profiles

H04L 67/55   Push-based network services

H04W 12/082   using revocation of authori...

H04W 4/12   Messaging; Mailboxes; Annou...

Secure push and status communication between client and server

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

30 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure push and status communication between client and server

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links