Method and system for secure communications
Abstract
A system/method for secure communication between client devices includes receiving a request, at a secure communication platform, from a from a first client device to communicate with a second client device; determining, by the secure communication platform, whether the first client device is permitted to communicate with the second client device; if communication is permitted: generating, by the secure communication platform, a one-time use ephemeral key; transmitting, by the secure communication platform, the generated one-time use ephemeral key to the first and second client devices; establishing, by the secure communication platform, a secure communication session directly between the first and second client devices, wherein communications between the first and second client devices are encrypted and decrypted using the one-time use ephemeral key; and destroying, by the secure communication platform, the one-time use ephemeral key upon termination of the secure communication session between the first and second client devices.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method of providing secure communication between client devices, the method comprising:
receiving a request, at a processing server of a secure communication platform, from a first client device to communicate with a second client device; in response to a determination that the first client device is permitted to communicate with the second client device:
generating, by the processing server of the secure communication platform, a one-time use ephemeral key;
transmitting, by the processing server of the secure communication platform, the generated one-time use ephemeral key to both the first client device and the second client device; and
establishing, by the processing server of the secure communication platform, a peer-to-peer secure enclave communication session directly between the first client device and the second client device.
2 . The method of claim 1 , further comprising:
destroying, by the processing server, the one-time use ephemeral key upon termination of the peer-to-peer secure enclave communication session.
3 . The method of claim 1 , further comprising generating, by the secure communication platform, a new one-time use ephemeral key for each subsequent secure communication session between the first and second client devices.
4 . The method of claim 1 , wherein the one-time use ephemeral key comprises a public-private key pair.
5 . The method of claim 1 , further comprising:
receiving, by the secure communication platform, control session information from the first and second client devices; and determining, by the secure communication platform, termination of the peer-to-peer secure enclave communication session using the received control session information.
6 . The method of claim 5 , further comprising:
ceasing, by the secure communication platform, all information traffic between the first client device and the second client device when termination of the peer-to-peer secure enclave communication session is determined.
7 . The method of claim 1 , further comprising:
denying, by the secure communication platform, the request by the first client device if it is determined that communication is not permitted.
8 . The method of claim 1 , further comprising:
removing the secure communication platform from the peer-to-peer secure enclave communication session so that the peer-to-peer secure enclave communication session is directly between the first and second client devices.
9 . The method of claim 1 , further comprising:
establishing a management infrastructure via control of the secure communication platform, the management infrastructure being deployed as a Virtual Private Cloud.
10 . The method of claim 9 , further comprising:
providing on-demand elastic scalability via a Docker-based microservices architecture.
11 . The method of claim 1 , further comprising:
verifying authenticity of at least one of the first client device and the second client device via a Single Packet Authorization security layer.
12 . A system for providing secure communication between client devices, comprising:
a secure communication platform including a hardware processing server configured to:
receive a request from the first client device to communicate with the second client device;
in response to a determination that the first client device is permitted to communicate with the second client device:
generate a one-time use ephemeral key;
transmit the generated one-time use ephemeral key to both the first client device and the second client device; and
establish a peer-to-peer secure enclave communication session directly between the first client device and the second client device.
13 . The system of claim 12 , wherein the hardware processing server is further configured to destroy the one-time use ephemeral key upon termination of the pee-to-peer secure enclave communication session.
14 . The system of claim 12 , wherein the hardware processing server is further configured to generate a new one-time use ephemeral key for each subsequent secure communication session between the first and second client devices.
15 . The system of claim 12 , wherein the one-time use ephemeral key comprises a public-private key pair.
16 . The system of claim 12 , wherein the hardware processing server is further configured to:
receive control session information from the first and second client devices; and determine termination of the peer-to-peer secure enclave communication session using the received control session information.
17 . The system of claim 16 , wherein the hardware processing server is further configured to cease all information traffic between the first client device and the second client device when termination of the peer-to-peer secure enclave communication session is determined.
18 . The system of claim 12 , wherein the hardware processing server is further configured to deny the request by the first client device if it is determined that communication is not permitted.
19 . The system of claim 12 , wherein the hardware processing server is further configured to remove the secure communication platform from the peer-to-peer secure enclave communication session so that the peer-to-peer secure enclave communication session is directly between the first and second client devices.
20 . The system of claim 12 , wherein the secure communication platform is deployed as a Virtual Private Cloud.
21 . The system of claim 20 , wherein the Virtual Private Cloud comprises a Docker-based microservices architecture.
22 . The system of claim 12 , further comprising a Single Packet Authorization security layer configured to verify authenticity of at least one of the first client device and the second client device.
23 . A method of providing secure communication between client devices, the method comprising:
receiving a request, at a secure communication platform, from a first client device to communicate with a second client device; in response to a determination that communication is permitted:
generating, by the secure communication platform, a one-time use ephemeral key; and
transmitting, by the secure communication platform, the generated one-time use ephemeral key to the first and second client devices;
establishing, by the secure communication platform, a secure communication session between the first and second client devices; receiving, by the secure communication platform, control session information from the first and second client devices; and determining, by the secure communication platform, termination of the secure communication session using the received control session information.Join the waitlist — get patent alerts
Track US2023208822A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.