UNAUTHORIZED PARTICIPANT DETECTION IN MULTIPARTY CONFERENCING

US 20180351757A1
Filed: 06/06/2017
Published: 12/06/2018
Est. Priority Date: 06/06/2017
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

joining a conferencing session;

obtaining a roster for the conferencing session via a Session Initiation Protocol (SIP) channel;

receiving a reference hash value from a key management server, wherein the reference hash value is based on a participant list generated by the key management server;

generating a roster hash value based on the roster;

comparing the reference hash value with the roster hash value; and

determining that the roster is invalid when the reference hash value does not match the roster hash value.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The disclosed technology addresses the need in the art for a detecting an unauthorized participant in a multiparty conferencing session. A system is configured to join a conferencing session, obtain a roster for the conferencing session via a Session Initiation Protocol (SIP) channel, and generate a roster hash value based on the roster. The system may further receive a reference hash value from a key management server and compare the reference hash value with the roster hash value. The system may determine that the roster is invalid when the reference hash value does not match the roster hash value.

3 Citations

20 Claims

1. A computer-implemented method comprising:
- joining a conferencing session;
  
  obtaining a roster for the conferencing session via a Session Initiation Protocol (SIP) channel;
  
  receiving a reference hash value from a key management server, wherein the reference hash value is based on a participant list generated by the key management server;
  
  generating a roster hash value based on the roster;
  
  comparing the reference hash value with the roster hash value; and
  
  determining that the roster is invalid when the reference hash value does not match the roster hash value.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The computer-implemented method of claim 1, wherein the reference hash value is received via a media distribution server configured to establish a transport layer security (TLS) tunnel with the key management server.
  - 3. The computer-implemented method of claim 1, wherein generating the roster hash value comprises:
    - sorting the roster in alphabetical order; and
      
      applying a SHA-2 hash function on the roster after the roster is sorted.
  - 4. The computer-implemented method of claim 1, wherein joining the conferencing session comprises:
    - transmitting an invite for the conferencing session to a conference controller; and
      
      obtaining key information from the key management server via a media distribution server configured to establish a transport layer security (TLS) tunnel with the key management server.
  - 5. The computer-implemented method of claim 1, wherein obtaining the roster for the conferencing session comprises:
    - receiving, from a conference controller, at least one SIP signaling message specifying a change in a state of the conferencing session.
  - 6. The computer-implemented method of claim 5, wherein the change in the state of the conferencing session comprises an addition of a participant in the conferencing session.
  - 7. The computer-implemented method of claim 5, wherein the change in the state of the conferencing session comprises a participant leaving the conferencing session.
  - 8. The computer-implemented method of claim 1, further comprising:
    - notifying a user that there is a possible unknown listener on the conferencing session.
  - 9. The computer-implemented method of claim 8, further comprising:
    - obtaining a new roster for the conferencing session;
      
      generating a new roster hash value based on the new roster;
      
      receiving a new reference hash value from the key management server; and
      
      attempting to validate the new roster based on a comparison of the new roster hash value and the new reference hash value.
  - 10. The computer-implemented method of claim 1, further comprising:
    - validating the roster when the reference hash value matches the roster hash value.

11. A system comprising:
- a processor; and
  
  a non-transitory computer-readable medium storing instructions for;
  
  joining a conferencing session;
  
  obtaining a roster for the conferencing session via a first communications channel;
  
  receiving a reference hash value via a second communications channel, wherein the reference hash value is based on a participant list;
  
  generating a roster hash value based on the roster;
  
  comparing the reference hash value with the roster hash value; and
  
  determining that the roster is invalid if the reference hash value does not match the roster hash value.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The system of claim 11, wherein the first communications channel is a Session Initiation Protocol (SIP) channel and wherein the second communications channel includes a transport layer security (TLS) tunnel between a key management server and a media distribution server.
  - 13. The system of claim 11, wherein obtaining the roster for the conferencing session comprises receiving, from a conference controller, at least one SIP signaling message specifying a change in a state of the conferencing session.
  - 14. The system of claim 11, wherein obtaining the roster for the conferencing session comprises receiving, from at least one endpoint participating in the conferencing session, a SIP signaling message specifying a change in a state of the conferencing session.
  - 15. The system of claim 11, wherein generating the roster hash value comprises:
    - sorting the roster in alphabetical order; and
      
      applying a SHA-2 hash function on the roster after the roster is sorted.
  - 16. The system of claim 11, wherein the non-transitory computer-readable medium further stores instructions for:
    - notifying a user that there is a possible unknown listener on the conferencing session.
  - 17. The system of claim 11, wherein:
    - the system, based on a determination that a total number of participants of a conferencing session exceeds a threshold number, is selected by a key management server to validate the roster for the conferencing session; and
      
      wherein the non-transitory computer-readable medium further stores instructions for receiving instructions from the key management server to validate the roster.
  - 18. The system of claim 11, wherein the system is an endpoint device participating in the conferencing session.

19. A non-transitory computer-readable medium comprising instructions, the instructions, when executed by a computing system, cause the computing system to:
- obtain a roster for a conferencing session via a Session Initiation Protocol (SIP) channel;
  
  receive a reference code from a key management server, wherein the reference code is based on a participant list generated by the key management server;
  
  generating a roster code by encoding the roster;
  
  comparing the reference code with the roster code; and
  
  determining that the roster is invalid when the reference code does not match the roster code.
- View Dependent Claims (20)
- - 20. The non-transitory computer-readable medium of claim 19, wherein the instructions further cause the computing system to notify a user that there is a possible unknown listener on the conferencing session.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Reddy, K Tirumaleswar, Ravindranath, Ram Mohan, Inamdar, Kaustubh, Salgueiro, Gonzalo

Granted Patent

US 10,404,481 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

H04L 12/1818   Conference organisation arr...

H04L 12/1822   Conducting the conference, ...

H04L 63/0457   wherein the sending and rec...

H04L 63/062   for key distribution, e.g. ...

H04L 63/166   at the transport layer

UNAUTHORIZED PARTICIPANT DETECTION IN MULTIPARTY CONFERENCING

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

3 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

UNAUTHORIZED PARTICIPANT DETECTION IN MULTIPARTY CONFERENCING

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

3 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links