Enhancing messaging services using translation gateways

US 20040165603A1
Filed: 10/15/2003
Published: 08/26/2004
Est. Priority Date: 10/16/2002
Status: Active Grant

First Claim

Patent Images

1. A system for supporting a messaging service, comprising:

a first translation gateway for use between (a) a customer data network that is accessed, by those authorized by a customer of the messaging service, to receive a message via a client process, and (b) a hostile data network, the gateway having translation functionality that is applied to a plurality of inbound messages, arriving via a hostile network, in a manner that is transparent to recipients of said inbound messages who experience the messages via a plurality of client processes running in the customer network; and

a second translation gateway for use between (a) the hostile data network and (b) a network of a provider of said messaging service, wherein said service provider network implements a distributed interface to a telephony network from which the inbound messages originate, the second gateway to forward the inbound messages to the first gateway through the hostile network in a manner that precludes unauthorized access to the content of the inbound messages.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, a translation gateway is for use between a network of a messaging service provider and a hostile data network. The gateway is to forward messages using a secure connection through the hostile network, to a customer'"'"'s network. Different types of inbound messages (e.g., voice; fax) can be delivered to a single client process running on a customer machine on the customer network. In addition, the translation gateway may be used to securely forward different types of outbound messages originating from the client process to the service provider'"'"'s network (where the messages are retransmitted as voice calls or facsimiles into a telephone network). Other embodiments are also described and claimed.

98 Citations

View as Search Results

35 Claims

1. A system for supporting a messaging service, comprising:
- a first translation gateway for use between (a) a customer data network that is accessed, by those authorized by a customer of the messaging service, to receive a message via a client process, and (b) a hostile data network, the gateway having translation functionality that is applied to a plurality of inbound messages, arriving via a hostile network, in a manner that is transparent to recipients of said inbound messages who experience the messages via a plurality of client processes running in the customer network; and
  
  a second translation gateway for use between (a) the hostile data network and (b) a network of a provider of said messaging service, wherein said service provider network implements a distributed interface to a telephony network from which the inbound messages originate, the second gateway to forward the inbound messages to the first gateway through the hostile network in a manner that precludes unauthorized access to the content of the inbound messages.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The system of claim 1 wherein the first translation gateway is administered by the customer.
  - 3. The system of claim 2 wherein the second translation gateway is administered by the customer.
  - 4. The system of claim 3 wherein the intermediate network is the Internet.
  - 5. The system of claim 4 wherein the inbound messages originate as facsimile messages.
  - 6. The system of claim 4 wherein the inbound messages originate as voice messages.
  - 7. The system of claim 2 wherein the first translation gateway and the second translation gateway are nodes of a virtual private network (VPN) so that the inbound messages can be passed between the first and second gateways through a VPN tunnel.
  - 8. The system of claim 2 wherein the second gateway is to use public keys to encrypt the inbound messages before sending them to the first gateway via the hostile network, and the first gateway is to use private keys to decrypt the inbound messages prior to forwarding them to the plurality of client processes.
  - 9. The system of claim 2 wherein the first gateway includes further translation functionality that is applied to outbound messages, originating with the plurality of client processes in the customer network and addressed to the service provider network, in a manner that is transparent to users of the plurality of client processes, and wherein the first translation gateway is designed to then forward the outbound messages to the second translation gateway through the hostile data network.
  - 10. The system of claim 9 wherein the outbound messages are addressed to outbound, circuit switched network addresses, and contain one of voice and facsimile data, the service provider network implements a distributed interface to a telephony network for transmitting the outbound messages to the their outbound, circuit switched network addresses.
  - 11. The system of claim 2 wherein Internet Protocol (IP) addresses for nodes in the service provider network are assigned by the service provider and not by the customer, and IP addresses for nodes in the customer data network are assigned by the customer and not by the service provider.
  - 12. The system of claim 1 wherein the first and second translation gateways are to exchange a set of security certificates, wherein all of the plurality of inbound messages, received on behalf of a given corporate customer over a plurality of different circuit-switched network addresses, respectively, are encrypted by the second translation gateway using the set of certificates.

13. A system for supporting a messaging service, comprising:
- a first translation gateway for use between a) a customer data network that is administered by a customer of the messaging service and not by a provider of the messaging service and b) a hostile data network; and
  
  a second translation gateway for use between a) the hostile data network and b) a service provider network that is administered by the provider and not by the customer, wherein the service provider network implements a distributed interface to a telephony network into which a message, that originates in the customer data network and arrives via the first translation gateway and the hostile network, is transmitted by the interface, the first gateway having translation functionality that is applied to a plurality of outbound messages originating from a plurality of client processes in the customer network, in a manner that is transparent to users of said plurality of client processes, the plurality of outbound messages being addressed to the service provider network, and the first gateway being designed to then forward the plurality of outbound messages to the second translation gateway through the hostile data network.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The system of claim 13 wherein the first and second gateways are administered by the customer and not by the service provider.
  - 15. The system of claim 13 wherein the first gateway is administered by the customer and not the service provider, while the second gateway is administered by the service provider and not the customer.
  - 16. The system of claim 14 wherein the message that is to be transmitted by the interface is a facsimile message.
  - 17. The system of claim 15 wherein the message that is to be transmitted by the interface a facsimile message.
  - 18. The system of claim 13 wherein the plurality of client processes are associated with a plurality of different, customer-authorized users of said processes, respectively, and wherein the translation functionality applied to the outbound messages by the first gateway includes an encryption key that is used to encrypt every one of the plurality of outbound messages which are addressed to the service provider network.
  - 19. The system of claim 13 wherein the plurality of outbound messages have been addressed to circuit-switched network addresses of the telephony network, before they arrive at the first gateway.

20. A method for providing a secure messaging service, comprising:
- assigning a separate set of circuit switched network addresses to each of a plurality of corporate subscribers of the messaging service, some of the sets of circuit switched network addresses being in different countries;
  
  associating the set of circuit switched network addresses for each subscriber with an internet domain of said subscriber;
  
  receiving one of a) an inbound fax message and b) an inbound voice message that has been addressed to one of the set of circuit switched network addresses of a given subscriber; and
  
  transferring the inbound message to a first translation gateway that is configured to service the given subscriber, wherein the inbound message is addressed to the internet domain of the given subscriber; and
  
  sending from the first translation gateway the inbound message to a predefined port of a second translation gateway in a privacy-maintaining manner over a hostile data network of which the first and second translation gateways are separate nodes, wherein the second translation gateway is administered by the given subscriber and is to forward the inbound message to an affiliate of the given subscriber over an internal data network of the given subscriber of which the second translation gateway is a node.
- View Dependent Claims (21, 22, 23)
- - 21. The method of claim 20 wherein the receipt of the inbound message and the transfer of the inbound message occur in an internal data network of a provider of the messaging system.
  - 22. The method of claim 21 wherein the second translation gateway is to forward the inbound message to the affiliate via an email server that is a node of the given subscriber'"'"'s data network.
  - 23. The method of claim 20 further comprising:
    - obtaining an outbound message at the first translation gateway, wherein the outbound message originated with an affiliate of the given subscriber and was addressed to an internet domain of a provider of the messaging service with whom the given subscriber has a service contract for secure messaging services, the outbound message having been transferred by the second translation gateway to the first translation gateway in a privacy-maintaining manner over the hostile data network;
      
      verifying that an account of the given subscriber is current, in response to obtaining the outbound message; and
      
      forwarding the outbound message by the first translation gateway to an outbound resource of the service provider over an internal data network of the service provider of which the first translation gateway and the outbound resource are separate nodes, wherein the outbound resource is capable of translating the outbound message into a format that can be transmitted to one of a) a facsimile machine and b) a telephone unit, over a telephony network.

24. A method for operating a message delivery service, comprising:
- associating a separate set of data network source address names to each of a plurality of different, group subscribers of the message delivery service, wherein each group subscriber has entered into a service contract with a provider of the message delivery service;
  
  instructing a given one of the plurality of group subscribers to configure a first translation gateway administered by the given group subscriber, so that the first gateway applies a translation function to any outbound message that originates in an internal data network of the given group subscriber and that is addressed to a specified, internet domain of the service provider, the translation function being designed to ensure privacy of an outbound message as it travels through a hostile data network;
  
  verifying that an account of the given group subscriber is current in response to receiving an outbound message that originated in the internal data network of the given group subscriber and that traveled through the hostile data network before arriving at a second translation gateway; and
  
  forwarding the received outbound message from the second translation gateway to an outbound resource, wherein the second translation gateway and the outbound resource are different nodes of an internal data network of the service provider, and wherein the outbound resource is to transmit the received outbound message to a circuit-switched network address of a recipient.
- View Dependent Claims (25)
- - 25. The method of claim 24 further comprising:
    - instructing the given group subscriber to further address any outbound message that originates in its internal data network and that is addressed to the specified, internet domain of the service provider, to a circuit-switched network address of a recipient.

26. A system for providing a messaging service, comprising:
- a media server to capture an inbound message that has been addressed to a circuit switched network address assigned to a subscriber of the service, the server being a node of a private data network of a provider of the service;
  
  a storage device within the private data network, to store the captured inbound message for the subscriber; and
  
  a messaging application server being a further node of the private data network, to send a resource locator link over a hostile data network to a data network address of the subscriber, wherein the stored inbound message is then sent to a client process, used by the subscriber, in response to the link being invoked by the subscriber, and wherein the stored inbound message is sent, under the direction of the messaging application server, over the hostile data network and in a manner that maintains the privacy of the message.
- View Dependent Claims (27, 28, 29, 30)
- - 27. The system of claim 26 wherein the link is a Secure Sockets Layer (SSL) Universal Resource Locator (URL) link.
  - 28. The system of claim 26 wherein the messaging application server is to authenticate the subscriber via the client process in response to the link being invoked by the subscriber, prior to sending the stored inbound message to the client process in accordance with a Secure Socket Layer (SSL) protocol, and wherein security certificates are not exchanged between the messaging application server and the client process.
  - 29. The system of claim 26 wherein the data network address is an email address of the subscriber, and the client process is a Web browser being executed in a notebook computer.
  - 30. The system of claim 26 wherein the circuit switched network address assigned to the subscriber is a landline telephone number.

31. An article of manufacture, comprising:
- a machine-readable medium having data stored therein that when accessed by a processor receives an indication, over a private data network of a messaging service provider, that an inbound message, addressed to a circuit switched network address assigned by the service provider to a subscriber who pays the service provider for a secure messaging service, has been received for the subscriber, and in response sends a resource locator link over a hostile data network to a client process of the subscriber, and then sends the inbound message from storage in the private data network to a data network address of the subscriber in response to the link being invoked by the subscriber, wherein the inbound message is encrypted before being sent over the hostile data network to the subscriber'"'"'s data network address.
- View Dependent Claims (32, 33, 34, 35)
- - 32. The article of manufacture of claim 31 wherein the data is to treat the link as being a Secure Sockets Layer (SSL) Universal Resource Locator (URL) link.
  - 33. The article of manufacture of claim 31 wherein the medium has further data that authenticates the subscriber, without exchanging security certificates with a client process of the subscriber, in response to the link being invoked by the subscriber, prior to sending the stored inbound message in accordance with a Secure Socket Layer (SSL) protocol.
  - 34. The article of manufacture of claim 31 wherein the data is to treat the client process that receives the link as an email client, and the data network address as that of a Web browser of the subscriber.
  - 35. The article of manufacture of claim 31 wherein the circuit switched network address assigned to the subscriber is a landline telephone number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
j2 Cloud Services, LLC (Consensus Cloud Solutions, Inc.)
Original Assignee
J2 Global, Inc.
Inventors
DʼAngelo, Leo A., Izadpanah, Kamran, Bell, John J.

Granted Patent

US 7,539,291 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/401
CPC Class Codes

H04L 51/066   Format adaptation, e.g. for...

H04L 51/56   Unified messaging, e.g. int...

H04L 63/0272   Virtual private networks

H04L 69/08   Protocols for interworking;...

H04M 2203/253   where a visual mode is used...

H04M 3/533   Voice mail systems

Enhancing messaging services using translation gateways

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

98 Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

Enhancing messaging services using translation gateways

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

98 Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links