US2023208822A1PendingUtilityA1

Method and system for secure communications

Assignee: SDSE NETWORKS INCPriority: Feb 21, 2020Filed: Mar 6, 2023Published: Jun 29, 2023
Est. expiryFeb 21, 2040(~13.6 yrs left)· nominal 20-yr term from priority
H04L 63/067H04L 9/3268H04L 63/0435H04L 63/062H04L 9/0819H04L 9/0894H04L 63/0263H04L 63/0823H04L 63/10H04L 63/0442
52
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A system/method for secure communication between client devices includes receiving a request, at a secure communication platform, from a from a first client device to communicate with a second client device; determining, by the secure communication platform, whether the first client device is permitted to communicate with the second client device; if communication is permitted: generating, by the secure communication platform, a one-time use ephemeral key; transmitting, by the secure communication platform, the generated one-time use ephemeral key to the first and second client devices; establishing, by the secure communication platform, a secure communication session directly between the first and second client devices, wherein communications between the first and second client devices are encrypted and decrypted using the one-time use ephemeral key; and destroying, by the secure communication platform, the one-time use ephemeral key upon termination of the secure communication session between the first and second client devices.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A method of providing secure communication between client devices, the method comprising:
 receiving a request, at a processing server of a secure communication platform, from a first client device to communicate with a second client device;   in response to a determination that the first client device is permitted to communicate with the second client device:
 generating, by the processing server of the secure communication platform, a one-time use ephemeral key; 
 transmitting, by the processing server of the secure communication platform, the generated one-time use ephemeral key to both the first client device and the second client device; and 
 establishing, by the processing server of the secure communication platform, a peer-to-peer secure enclave communication session directly between the first client device and the second client device. 
   
     
     
         2 . The method of  claim 1 , further comprising:
 destroying, by the processing server, the one-time use ephemeral key upon termination of the peer-to-peer secure enclave communication session.   
     
     
         3 . The method of  claim 1 , further comprising generating, by the secure communication platform, a new one-time use ephemeral key for each subsequent secure communication session between the first and second client devices. 
     
     
         4 . The method of  claim 1 , wherein the one-time use ephemeral key comprises a public-private key pair. 
     
     
         5 . The method of  claim 1 , further comprising:
 receiving, by the secure communication platform, control session information from the first and second client devices; and   determining, by the secure communication platform, termination of the peer-to-peer secure enclave communication session using the received control session information.   
     
     
         6 . The method of  claim 5 , further comprising:
 ceasing, by the secure communication platform, all information traffic between the first client device and the second client device when termination of the peer-to-peer secure enclave communication session is determined.   
     
     
         7 . The method of  claim 1 , further comprising:
 denying, by the secure communication platform, the request by the first client device if it is determined that communication is not permitted.   
     
     
         8 . The method of  claim 1 , further comprising:
 removing the secure communication platform from the peer-to-peer secure enclave communication session so that the peer-to-peer secure enclave communication session is directly between the first and second client devices.   
     
     
         9 . The method of  claim 1 , further comprising:
 establishing a management infrastructure via control of the secure communication platform, the management infrastructure being deployed as a Virtual Private Cloud.   
     
     
         10 . The method of  claim 9 , further comprising:
 providing on-demand elastic scalability via a Docker-based microservices architecture.   
     
     
         11 . The method of  claim 1 , further comprising:
 verifying authenticity of at least one of the first client device and the second client device via a Single Packet Authorization security layer.   
     
     
         12 . A system for providing secure communication between client devices, comprising:
 a secure communication platform including a hardware processing server configured to:
 receive a request from the first client device to communicate with the second client device; 
 in response to a determination that the first client device is permitted to communicate with the second client device:
 generate a one-time use ephemeral key; 
 transmit the generated one-time use ephemeral key to both the first client device and the second client device; and 
 establish a peer-to-peer secure enclave communication session directly between the first client device and the second client device. 
 
   
     
     
         13 . The system of  claim 12 , wherein the hardware processing server is further configured to destroy the one-time use ephemeral key upon termination of the pee-to-peer secure enclave communication session. 
     
     
         14 . The system of  claim 12 , wherein the hardware processing server is further configured to generate a new one-time use ephemeral key for each subsequent secure communication session between the first and second client devices. 
     
     
         15 . The system of  claim 12 , wherein the one-time use ephemeral key comprises a public-private key pair. 
     
     
         16 . The system of  claim 12 , wherein the hardware processing server is further configured to:
 receive control session information from the first and second client devices; and   determine termination of the peer-to-peer secure enclave communication session using the received control session information.   
     
     
         17 . The system of  claim 16 , wherein the hardware processing server is further configured to cease all information traffic between the first client device and the second client device when termination of the peer-to-peer secure enclave communication session is determined. 
     
     
         18 . The system of  claim 12 , wherein the hardware processing server is further configured to deny the request by the first client device if it is determined that communication is not permitted. 
     
     
         19 . The system of  claim 12 , wherein the hardware processing server is further configured to remove the secure communication platform from the peer-to-peer secure enclave communication session so that the peer-to-peer secure enclave communication session is directly between the first and second client devices. 
     
     
         20 . The system of  claim 12 , wherein the secure communication platform is deployed as a Virtual Private Cloud. 
     
     
         21 . The system of  claim 20 , wherein the Virtual Private Cloud comprises a Docker-based microservices architecture. 
     
     
         22 . The system of  claim 12 , further comprising a Single Packet Authorization security layer configured to verify authenticity of at least one of the first client device and the second client device. 
     
     
         23 . A method of providing secure communication between client devices, the method comprising:
 receiving a request, at a secure communication platform, from a first client device to communicate with a second client device;   in response to a determination that communication is permitted:
 generating, by the secure communication platform, a one-time use ephemeral key; and 
 transmitting, by the secure communication platform, the generated one-time use ephemeral key to the first and second client devices; 
   establishing, by the secure communication platform, a secure communication session between the first and second client devices;   receiving, by the secure communication platform, control session information from the first and second client devices; and   determining, by the secure communication platform, termination of the secure communication session using the received control session information.

Join the waitlist — get patent alerts

Track US2023208822A1 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.